public function getDatabaseRow()
{
$sanitizer = new Sanitizer();
$stmt = DatabaseFactory::getInstance()->prepareSelectById('finance_accounts', $sanitizer->filterUint('id'), 'title', 'assigned_to');
$stmt->execute();
return $stmt->fetchRowNotNull();
}
public function __construct()
{
parent::__construct('formCreateFinanceEntry', 'Create Finance Entry');
$sanitizer = new Sanitizer();
$this->addElement(new ElementInput('description', 'Description'));
$this->addElement(new ElementNumeric('amount', 'Amount'));
$this->addElement(new ElementHidden('account', 'Account', $sanitizer->filterUint('account')));
$this->addDefaultButtons();
}
private function getPermission()
{
$sql = 'SELECT p.key, p.description FROM permissions p WHERE p.key = :key';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':key', Sanitizer::getInstance()->filterString('id'));
$stmt->execute();
return $stmt->fetchRow();
}
public function __construct()
{
parent::__construct('formSeatingPlanMoveUser', 'Move user');
$eventId = Sanitizer::getInstance()->filterUint('event');
$this->addElement(new ElementInput('username', 'Username'));
$this->addElement(new ElementNumeric('seat', 'New seat number'));
$this->addElementHidden('event', $eventId);
$this->addDefaultButtons();
}
public function __construct()
{
parent::__construct('swapSeats', 'Swap Seats');
requirePrivOrRedirect('SWAP_USERS_SEATS');
$this->eventId = Sanitizer::getInstance()->filterUint('event');
$this->addElement(new ElementInput('username1', 'First username'));
$this->addElement(new ElementInput('username2', 'Second username'));
$this->addElementHidden('event', $this->eventId);
$this->addDefaultButtons();
}
public function __construct()
{
parent::__construct('formGroupEdit', 'Edit Group');
$id = Sanitizer::getInstance()->filterUint('id');
$group = new Group($id);
$this->addElement(new ElementHidden('id', null, $group->getId()));
$this->addElement(new ElementInput('title', 'Title', $group->getTitle()));
$this->addElement(new ElementInput('css', 'CSS', $group->getAttribute('css'), 'Additional styles to be applied to this group title (eg: color: red) '));
$this->getElement('css')->setMinMaxLengths(0, 128);
$this->addDefaultButtons();
}
public function __construct($gallery, $filename)
{
parent::__construct('editImageForm');
$sanitizer = new Sanitizer();
$gallery = $sanitizer->filterUint('gallery');
$filename = $sanitizer->filterString('filename');
$sql = 'SELECT i.filename, i.gallery, i.caption, i.promo, i.published, g.title FROM images i, galleries g WHERE i.gallery = g.id AND g.id = :gallery AND i.filename = :filename LIMIT 1';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':gallery', $gallery);
$stmt->bindValue(':filename', $filename);
$stmt->execute();
if ($stmt->numRows() == 0) {
throw new Exception('Image entry not found in the database. The image may exist on the filesystem.');
}
$current = $stmt->fetchRow();
$this->addElement(new ElementHidden('mode', null, 'editImage'));
$this->addElement(new ElementHidden('gallery', null, $gallery));
$this->addElement(new ElementHidden('filename', null, $filename));
$this->addElement(new ElementInput('caption', 'Caption', $current['caption']));
$this->addElement(new ElementCheckbox('promo', 'Promotional image', $current['promo'], 'Is this image a promotional image? Promotional images are used on the homepage.'));
$this->addElement(new ElementCheckbox('published', 'Published', $current['published']));
$this->addButtons(Form::BTN_SUBMIT);
$this->setTitle('<a href = "gallery.php">Galleries</a> » Gallery: <a href = "viewGallery.php?id=' . $gallery . '">' . $current['title'] . '</a> » Edit image');
}
public function __construct()
{
parent::__construct('updateSeatingPlan', 'Update Seating Plan');
$id = Sanitizer::getInstance()->filterUint('id');
$sql = 'SELECT sp.id, sp.layout, sp.seatCount FROM seatingplans sp WHERE sp.id = :id';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':id', $id);
$stmt->execute();
$seatingPlan = $stmt->fetchRow();
$this->addElementHidden('id', $id);
$this->addElement(new ElementTextbox('layout', 'Layout', $seatingPlan['layout']));
$this->getElement('layout')->classes = "codeEditor";
$this->addElement(new ElementNumeric('seatCount', 'Seat Count', $seatingPlan['seatCount']));
$this->addDefaultButtons();
}
public function __construct()
{
parent::__construct('editGallery', 'Edit Gallery');
$gallery = Galleries::getById(Sanitizer::getInstance()->filterUint('id'));
$this->addElement(new ElementHidden('mode', null, 'edit'));
$this->addElement(new ElementHidden('id', null, $gallery['id']));
$this->addElement(new ElementInput('title', 'Title', $gallery['title']));
$this->addElement(new ElementInput('folderName', 'Folder Name', $gallery['folderName']));
$this->addElement(new ElementInput('coverImage', 'Cover Image', $gallery['coverImage'], 'The filename of the THUMBNAIL already in the gallery that will be the cover image.'));
$this->addElement(new ElementNumeric('ordinal', 'Ordinal', $gallery['ordinal'], 'Used for organizing the gallery.'));
$this->addElement(new ElementAlphaNumeric('description', 'Description', $gallery['description'], 'A description that is shown when people view the gallery.'));
$this->getElement('description')->setPunctuationAllowed(true);
$this->getElement('description')->setMinMaxLengths(0, 64);
$elStatus = new ElementSelect('status', 'Status', $gallery['status']);
$elStatus->addOption('Open');
$elStatus->addOption('Closed');
$elStatus->addOption('Staff');
$this->addElement($elStatus);
$this->addDefaultButtons();
}
if (!$f instanceof \libAllure\Form) {
require_once 'includes/widgets/header.php';
echo 'No settings for that plugin.';
return;
}
if ($f->validate()) {
$f->process();
redirect('plugins.php', 'Plugin settings saved.');
}
require_once 'includes/widgets/header.php';
$tpl->assignForm($f);
$tpl->display('form.tpl');
require_once 'includes/widgets/footer.php';
break;
case 'toggle':
$id = Sanitizer::getInstance()->filterUint('id');
$sql = 'UPDATE plugins SET enabled = !enabled WHERE id = :id';
$stmt = $db->prepare($sql);
$stmt->bindValue(':id', $id);
$stmt->execute();
redirect('plugins.php', 'Plugin status toggled. ');
break;
default:
require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
$sql = 'SELECT id, title, enabled FROM plugins';
$result = $db->query($sql);
$tpl->assign('listPlugins', $result->fetchAll());
$tpl->display('listPlugins.tpl');
}
require_once 'includes/widgets/footer.php';
protected function processUpdate()
{
global $db;
if ($this->getElementValue('status') == "DELETE") {
$this->processDelete();
}
$sanitizer = Sanitizer::getInstance();
$sql = 'UPDATE signups SET status = :status, numberMachinesAllowed = :machinesAllowed, comments = concat(comments, "\\n", now(), " (", :staffUsername, ") - ", :comments, :changeMetadata), gigabit = :gigabit, ticketCost = :ticketCost WHERE id = :id';
$stmt = $db->prepare($sql);
$stmt->bindValue(':id', $this->getElementValue('id'));
$stmt->bindValue(':status', $this->getElementValue('status'));
$stmt->bindValue(':comments', $sanitizer->formatString($this->getElementValue('comments')));
$stmt->bindValue(':gigabit', $sanitizer->formatBool($this->getElementValue('gigabit')));
$stmt->bindValue(':ticketCost', $this->getElementValue('ticketCost'));
$stmt->bindValue(':staffUsername', Session::getUser()->getUsername());
$stmt->bindValue(':changeMetadata', $this->getChangeMetadata());
$stmt->bindValue(':machinesAllowed', $this->getElementValue('numberMachinesAllowed'));
$stmt->execute();
$this->signup = $this->getSignup();
if ($this->getElementValue('status') == 'CANCELLED') {
require_once 'includes/functions.seatingPlan.php';
removeSeat($this->signup['event'], $this->signup['userId']);
}
$sql = 'SELECT e.id FROM events e WHERE e.id = :eventId LIMIT 1';
$stmt = $db->prepare($sql);
$stmt->bindValue(':eventId', $this->signup['event']);
$stmt->execute();
logActivity('Signup updated for _u_ to event _e_ ' . $this->getElementValue('comments') . '. ' . $this->getChangeMetadata(), null, array('user' => $this->signup['user'], 'event' => $this->signup['event']));
redirect('viewEvent.php?id=' . $this->signup['event'], 'Signup edited.');
}
<?php
require_once 'includes/common.php';
require_once 'includes/classes/News.php';
require_once 'includes/classes/FormNewsEdit.php';
require_once 'includes/classes/FormNewsCreate.php';
use libAllure\Sanitizer;
use libAllure\Session;
if (!getSiteSetting('newsFeature')) {
redirect('index.php', 'News feature is disabled.');
}
$action = Sanitizer::getInstance()->filterString('action');
switch ($action) {
case 'add':
case 'new':
if (!Session::hasPriv('NEWS_ADD')) {
throw new PermissionsException();
}
$f = new FormNewsCreate();
if ($f->validate()) {
$f->process();
logAndRedirect('news.php', 'News item added: ' . $f->getElementValue('title'));
}
require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
$tpl->displayForm($f);
break;
case 'edit':
$id = intval($_REQUEST['id']);
$f = new FormNewsEdit($id);
if ($f->validate()) {
<?php
use libAllure\HtmlLinksCollection;
use liballure\Sanitizer;
$sanitizer = new Sanitizer();
$menu = new HtmlLinksCollection('View Finance Account');
$menu->add('form.php?form=FormCreateFinanceEntry&account=' . $sanitizer->filterUint('id'), 'Create finance entry');
$menu->add('updateFinanceAccount.php?id=' . $sanitizer->filterUint('id'), 'Update');
$menu->addIf($sanitizer->filterUint('id') != 1, 'deleteFinanceAccount.php?id=' . $sanitizer->filterUint('id'), 'Delete');
$tpl->assign('links', $menu);
$tpl->display('sidebarLinks.tpl');
<?php
require_once 'includes/common.php';
require_once 'includes/classes/Group.php';
require_once 'includes/classes/FormUpdateGroupPrivileges.php';
require_once 'includes/classes/FormGroupEdit.php';
require_once 'includes/classes/FormGroupCreate.php';
use libAllure\Sanitizer;
use libAllure\Session;
use libAllure\DatabaseFactory;
use libAllure\ElementHidden;
use libAllure\User;
$sanitizer = new Sanitizer();
$action = $sanitizer->filterString('action');
switch ($action) {
case 'makePrimary':
Session::requirePriv('GROUP_PRIMARY');
$groupId = $sanitizer->filterUint('group');
$userId = $sanitizer->filterUint('user');
$sql = 'UPDATE users SET `group` = :groupId WHERE id = :userId LIMIT 1';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':groupId', $groupId);
$stmt->bindValue(':userId', $userId);
$stmt->execute();
redirect('profile.php?id=' . $userId, 'Primary group changed for user.');
break;
case 'delete':
Session::requirePriv('GROUP_DELETE');
try {
$id = $sanitizer->filterUint('id');
$group = new Group($id);
<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../../');
require_once 'includes/common.php';
require_once 'includes/functions.seatingPlan.php';
use libAllure\Sanitizer;
requirePrivOrRedirect('SUPERUSER');
$eventId = Sanitizer::getInstance()->filterUint('event');
$userId = Sanitizer::getInstance()->filterUint('user');
removeSeat($eventId, $userId);
echo 'OK';
<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../../');
require_once 'includes/common.php';
require_once 'includes/functions.seatingPlan.php';
use libAllure\Sanitizer;
use libAllure\DatabaseFactory;
use libAllure\Session;
$eventId = Sanitizer::getInstance()->filterUint('event');
$seatChanges = array();
foreach (getSeats($eventId) as $seatSelection) {
$seatChanges[] = getJsonSeatChange('set', $seatSelection['seat'], $seatSelection['username'], $seatSelection['usernameCss'], $seatSelection['seatCss']);
}
header('Content-Type: application/json');
echo json_encode($seatChanges);
?>
<?php
require_once 'includes/common.php';
require_once 'includes/classes/Events.php';
require_once 'includes/classes/FormPayForFriend.php';
require_once 'includes/classes/FormAddToBasket.php';
require_once 'includes/classes/Basket.php';
use libAllure\Session;
use libAllure\Sanitizer;
use libAllure\DatabaseFactory;
if (!Session::isLoggedIn()) {
redirect('login.php', 'You need to <a href = "login.php">login</a> or <a href = "register.php">register</a> to pay for events.');
}
$sanitizer = new Sanitizer();
$action = $sanitizer->filterString('action');
if (isset($_REQUEST['event'])) {
$eventId = intval($_REQUEST['event']);
$event = Events::getById($eventId);
switch ($action) {
case 'addPersonal':
Basket::addEvent($event);
redirect('basket.php', 'Ticked added', false, 1);
case 'delete':
Basket::removeEvent($event, $_REQUEST['user']);
redirect('basket.php', 'Ticket removed', false, -1);
}
}
$signupableEvents = Events::getSignupableEvents();
$tpl->assign('signupableEvents', $signupableEvents);
$formAddToBasket = new FormAddToBasket($signupableEvents);
if ($formAddToBasket->validate()) {
<?php
require_once 'includes/common.php';
require_once 'includes/classes/Basket.php';
require_once 'includes/classes/Events.php';
use libAllure\Session;
use libAllure\Sanitizer;
if (!Session::isLoggedIn()) {
redirect('login.php', 'You must login to use the checkout!');
}
if (Basket::isEmpty()) {
redirect('basket.php', 'You cannot go to the checkout with an empty basket!');
}
$sanitizer = new Sanitizer();
$cost = Basket::getTotal();
switch ($sanitizer->filterString('action')) {
case 'cash':
$f = new FormPayTicketCash();
if ($f->validate()) {
$f->process();
foreach (Basket::getContents() as $ticket) {
Events::setSignupStatus(Session::getUser()->getId(), $ticket['eventId'], 'CASH_IN_POST');
}
Basket::clear();
redirect('account.php', 'Thanks, you will be marked as PAID by an admin when they receive the cash.');
}
require_once 'includes/widgets/header.php';
$f->addElementHidden('action', 'cash');
$tpl->assignForm($f);
$tpl->display('form.tpl');
require_once 'includes/widgets/footer.php';
<?php
require_once 'includes/common.php';
require_once 'includes/classes/FormSudo.php';
require_once 'libAllure/FormHandler.php';
requirePrivOrRedirect('SUDO');
use libAllure\FormHandler;
use libAllure\Sanitizer;
$handler = new FormHandler('formSudo', $tpl);
$handler->setConstructorArgument(0, Sanitizer::getInstance()->filterString('username'));
$handler->setRedirect('index.php');
$handler->handle();
<?php
require_once 'includes/common.php';
require_once 'libAllure/Inflector.php';
use libAllure\Sanitizer;
use libAllure\FormHandler;
use libAllure\Inflector;
$sanitizer = new Sanitizer();
$gallery = $sanitizer->filterUint('gallery');
$filename = $sanitizer->filterString('filename');
$handler = new FormHandler('FormGalleryImageEdit', $tpl);
$handler->setConstructorArgument(0, $gallery);
$handler->setConstructorArgument(1, $filename);
$handler->setRedirect('viewGalleryImage.php?gallery=' . $gallery . '&filename=' . $filename, 'Gallery image edited.');
$handler->handle();
<?php
require_once 'includes/common.php';
require_once 'includes/classes/Galleries.php';
require_once 'includes/classes/FormGalleryEdit.php';
require_once 'includes/classes/ItemGallery.php';
use libAllure\Sanitizer;
use libAllure\Session;
$sanitizer = new Sanitizer();
$mode = $sanitizer->filterString('mode');
if (!getSiteSetting('galleryFeature')) {
redirect('index.php', 'Gallery feature is disabled.');
}
switch ($mode) {
case 'editImage':
requirePrivOrRedirect('GALLERY_UPDATE_IMAGE');
require_once 'updateGalleryImage.php';
break;
case 'addImage':
requirePrivOrRedirect('GALLERY_CREATE_IMAGE');
$gallery = intval($_REQUEST['gallery']);
$filename = $_REQUEST['filename'];
$sql = 'INSERT INTO images (gallery, filename) VALUES (:gallery, :filename) ';
$stmt = $db->prepare($sql);
$stmt->bindValue(':gallery', $gallery);
$stmt->bindValue(':filename', $filename);
$stmt->execute();
redirect('viewGalleryImage.php?filename=' . $filename . '&gallery=' . $gallery, 'Image added to database.');
break;
case 'makeCoverImage':
requirePrivOrRedirect('GALLERY_SET_COVER_IMAGE');
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->execute();
$event = $stmt->fetchRowNotNull();
return $event;
}
function getAuthenticatedMachines($user, $event)
{
$sql = 'SELECT a.id FROM authenticated_machines a WHERE a.user = :user AND a.event = :event';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':user', $user);
$stmt->bindValue(':event', $event);
$stmt->execute();
$authenticatedMachines = $stmt->fetchAll();
return $authenticatedMachines;
}
$sanitizer = Sanitizer::getInstance();
$username = $sanitizer->filterString('username');
$password = $sanitizer->filterString('password');
$isStaff = $sanitizer->filterString('fullrequest');
try {
Session::checkCredentials($username, $password);
$user = User::getUser($username);
} catch (\libAllure\UserNotFoundException $e) {
apiReturn('reject-authentication', 'User not found');
} catch (\libAllure\IncorrectPasswordException $e) {
apiReturn('reject-authentication', 'Password is incorrect');
}
$event = getEvent();
$signupStatus = getSignupStatus($user->getId(), $event['id']);
switch ($signupStatus) {
case 'PAID':
<?php
require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
require_once 'libAllure/Sanitizer.php';
use libAllure\DatabaseFactory;
use libAllure\Sanitizer;
$sanitizer = new Sanitizer();
$sql = 'SELECT a.id, a.title FROM finance_accounts a WHERE a.id = :id ';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':id', $sanitizer->filterUint('id'));
$stmt->execute();
$tpl->assign('account', $stmt->fetchRow());
$sql = 'SELECT t.id, t.amount, t.description, t.timestamp FROM finance_transactions t WHERE t.account = :accountId';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue('accountId', $sanitizer->filterUint('id'));
$stmt->execute();
$tpl->assign('listTransactions', $stmt->fetchAll());
$tpl->display('viewFinanceAccount.tpl');
require_once 'includes/widgets/footer.php';
<?php
require_once 'jsonCommon.php';
use libAllure\DatabaseFactory;
use libAllure\Sanitizer;
$sql = 'SELECT u.username, m.ip, m.mac FROM authenticated_machines m LEFT JOIN users u ON m.user = u.id WHERE m.event = :eventId';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':eventId', Sanitizer::getInstance()->filterUint('event'));
$stmt->execute();
$ipAddresses = $stmt->fetchAll();
$ret = array();
foreach ($ipAddresses as $key => $addr) {
$ret[$addr['ip']] = $addr;
}
header('Content-Type: application/json');
echo json_encode($ret);
<?php
require_once 'includes/common.php';
require_once 'includes/classes/FormUpdateAvatar.php';
use libAllure\Session;
use libAllure\Sanitizer;
requireLogin();
if (!Session::hasPriv('CHANGE_AVATAR')) {
redirect('account.php', 'You do not have permission to change you avatar.');
}
if (isset($_REQUEST['user']) && Session::hasPriv('CHANGE_OTHERS_AVATAR')) {
$sanitizer = new Sanitizer();
$user = $sanitizer->filterUint('user');
} else {
$user = Session::getUser()->getId();
}
$f = new FormUpdateAvatar($user);
if ($f->validate()) {
$f->process();
redirect('updateAvatar.php?user='******'Avatar updated.');
}
require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
echo '<div class = "box"><h2><a href = "account.php">Account</a> » Avatar</h2>';
$avatar = 'resources/images/avatars/' . $user . '.png';
if (!file_exists($avatar)) {
$avatar = 'resources/images/defaultAvatar.png';
}
echo '<div style = "width:20%; display: inline-block; vertical-align: top;">';
echo '<img src = "' . $avatar . '" alt = "avatar" />';
echo '</div>';
<?php
require_once 'includes/widgets/header.php';
use libAllure\Session;
use libAllure\Sanitizer;
use libAllure\DatabaseFactory;
Session::requirePriv('GALLERY_DELETE_IMAGE');
$filename = Sanitizer::getInstance()->filterString('filename');
$gallery = Sanitizer::getInstance()->filterUint('gallery');
$image = Galleries::getImage($filename, $gallery);
if ($image == false) {
redirect('index.php', 'Image does not exist.');
}
if (is_int($gallery) && $image['inDatabase'] && !empty($filename)) {
$sql = 'DELETE FROM images WHERE filename = :filename AND gallery = :gallery';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':filename', $filename);
$stmt->bindValue(':gallery', $gallery);
$stmt->execute();
@unlink($image['fullPath']);
@unlink($image['thumbPath']);
}
redirect('viewGallery.php?id=' . $image['galleryId'], 'Image deleted');
require_once 'includes/widgets/footer.php';
<?php
require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
use libAllure\Sanitizer;
use libAllure\Session;
$gallery = Galleries::getById(Sanitizer::getInstance()->filterUint('id'));
$files = $gallery->fetchImages();
try {
$tpl->assign('event', Events::getByGalleryId($gallery['id']));
} catch (Exception $e) {
$tpl->assign('event', null);
}
$tpl->assign('privViewUnpublished', Session::hasPriv('GALLERY_VIEW_UNPUBLISHED'));
$tpl->assign('files', $files);
$tpl->assign('gallery', $gallery);
$tpl->display('viewGallery.tpl');
require_once 'includes/widgets/footer.php';
<?php
require_once 'includes/common.php';
use libAllure\Sanitizer;
$sanitizer = new Sanitizer();
$gallery = Galleries::GetById($sanitizer->filterUint('gallery'));
$image = Galleries::getImage($sanitizer->filterString('filename'), $gallery);
require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
Galleries::getPrevNext($image['filename'], $gallery, $prev, $next, $cii, $count);
$tpl->assign('imageNumber', $cii + 1);
$tpl->assign('imageCount', $count);
$tpl->assign('prevFilename', $prev);
$tpl->assign('nextFilename', $next);
$tpl->assign('image', $image);
$tpl->assign('gallery', $gallery);
if (strpos($image['filename'], '.jpg') != null) {
$tpl->assign('exifData', \libAllure\array_flatten(@exif_read_data($gallery['fullPath'] . $image['filename'])));
} else {
$tpl->assign('exifData', null);
}
$tpl->display('viewGalleryImage.tpl');
require_once 'includes/widgets/footer.php';
<?php
require_once 'includes/common.php';
use libAllure\ElementHidden;
use libAllure\Sanitizer;
$sanitizer = new Sanitizer();
$form = $sanitizer->filterAlphaNumeric('form');
$form = new $form();
$form->addElement(new ElementHidden('form', null, get_class($form)));
$redirect = $sanitizer->filterString('redirect');
if (!empty($redirect)) {
$form->addElement(new ElementHidden('redirect', null, $redirect));
}
if ($form->validate()) {
$form->process();
if (!empty($redirect)) {
redirect($redirect, 'You are being redirected.');
}
}
require_once 'includes/widgets/header.php';
if (isset($showSidebar)) {
require_once 'includes/widgets/sidebar.php';
}
$tpl->assignForm($form);
$tpl->display('form.tpl');
require_once 'includes/widgets/footer.php';
<?php
require_once '../../includes/common.php';
use libAllure\Sanitizer;
use libAllure\DatabaseFactory;
$ipAddress = Sanitizer::getInstance()->filterString('ipAddress');
if ($ipAddress == null) {
die('ERROR:IP Address not specified');
}
$sql = 'SELECT u.username FROM authenticated_machines a JOIN events e ON a.event = e.id JOIN users u ON a.user = u.id WHERE a.ip = :ipAddress ORDER BY e.date DESC LIMIT 1';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':ipAddress', $ipAddress);
$stmt->execute();
if ($stmt->numRows() == 0) {
die('Error:IP Address not found.');
} else {
$machineAuthentication = $stmt->fetchRow();
die($machineAuthentication['username']);
}
