function create_session($request) { $raw_input = $request->getBody(); $content_type = explode(';', $request->type)[0]; switch ($content_type) { case 'application/json': $input_data = json_decode($raw_input, true); break; case 'application/x-www-form-urlencoded': $input_data = array(); parse_str($raw_input, $input_data); break; default: Util::output_errors_and_die('', 415); } if ($input_data === null) { Util::output_errors_and_die('', 400); } set_empty_if_undefined($input_data['username_or_email']); set_empty_if_undefined($input_data['password']); $msg = new Messages($GLOBALS['locale'], '/signin'); try { $model = new Model(); $user_data = $model->is_valid_user($input_data['username_or_email'], $input_data['password']); if (!$user_data) { Util::output_errors_and_die($msg->_('invalid-username-pw'), 403); } switch ($user_data['status']) { case 'pending-activation': Util::output_errors_and_die($msg->_('pending-activation'), 403); break; case 'pending-approval': Util::output_errors_and_die($msg->_('pending-approval'), 403); break; case 'banned': Util::output_errors_and_die($msg->_('banned'), 403); break; case 'active': $token = generate_token($user_data); $now = new DateTime('now'); $expires_at = clone $now; $expires_at->add(new DateInterval('P7D')); $model->insert_auth_token($user_data['user_id'], $token, $now, $expires_at); http_response_code(201); $output = array('token' => $token, 'expires_at' => $expires_at->format('Y-m-d H:i:s')); setcookie('authToken', $token, $expires_at->getTimestamp(), '/', '', $secure = true, $httponly = true); header('Content-Type: application/json'); echo my_json_encode($output); die; break; } } catch (DatabaseException $e) { Util::output_errors_and_die($e->getMessage(), 503); } catch (Exception $e) { Util::output_errors_and_die($e->getMessage(), 400); } }
private function createToken($app) { try { $randToken = generate_token(); return Token::create(array('app_id' => $app->id, 'token' => $randToken)); } catch (\Exception $e) { return $this->createToken($app); } }
function cobalt_password_hash($mode, $password, $username, &$salt = '', &$iteration = '', &$method = '') { require_once 'subclasses/system_settings.php'; $obj_settings = new system_settings(); if ($mode == 'RECREATE') { $dbh = new data_abstraction(); $mysqli = $dbh->connect_db()->mysqli; $clean_username = $mysqli->real_escape_string($username); $dbh->set_table('user'); $dbh->set_fields('`salt`,`iteration`,`method`'); $dbh->set_where("`username`='{$clean_username}'"); $dbh->exec_fetch('single'); if ($dbh->num_rows == 1) { extract($dbh->dump); } else { //No result found. We should produce fake data, so that the hashing process still takes place, //mitigating probing / timing attacks $salt = generate_token(); $method = cobalt_password_set_method(); if ($method == 'blowfish') { $iteration = AUTH_BLOWFISH_COST_FACTOR; } else { $min = constant('AUTH_' . strtoupper($method) . '_MIN_ROUNDS'); $max = constant('AUTH_' . strtoupper($method) . '_MAX_ROUNDS'); if ($max < $min) { $max = $min; } $iteration = mt_rand($min, $max); echo $iteration . ' ' . $method . ' ' . $salt; } } $dbh->close_db(); } elseif ($mode == 'NEW') { $salt = generate_token(); $method = cobalt_password_set_method(); if ($method == 'blowfish') { $iteration = AUTH_BLOWFISH_COST_FACTOR; } else { $min = constant('AUTH_' . strtoupper($method) . '_MIN_ROUNDS'); $max = constant('AUTH_' . strtoupper($method) . '_MAX_ROUNDS'); if ($max < $min) { $max = $min; } $iteration = mt_rand($min, $max); } } else { error_handler("Cobalt encountered an error during password processing.", "Cobalt Password Hash Error: Invalid mode specified."); } if ($method == 'blowfish') { $digest = cobalt_password_hash_bcrypt($password, $salt, $iteration); } elseif (in_array($method, cobalt_password_methods())) { $digest = cobalt_password_hash_process($password, $salt, $iteration, $method); } else { error_handler("Cobalt encountered an error during password processing.", "Cobalt Password Hash Error: Invalid hash method specified."); } return $digest; }
public function output() { $this->smarty->display("header.tpl"); $content = $this->smarty->fetch($this->template . ".tpl"); $content = preg_replace('/(<form\\W[^>]*\\bmethod=(\'|"|)POST(\'|"|)\\b[^>]*>)/i', '$1' . "\n" . generate_token(), $content); if ($this->exitmsg) { $content = $this->exitmsg; } echo $content; $this->smarty->display("footer.tpl"); }
function start_token_session($userid) { global $mysqli; invalidate_users_token($userid); $token = generate_token(); $_SESSION["ip"] = $_SERVER["REMOTE_ADDR"]; $_SESSION["client"] = $_SERVER["HTTP_USER_AGENT"]; $_SESSION["token"] = $token; $_SESSION["userid"] = $userid; $mysqli->query("INSERT INTO `Sessions` (`Token`, `User-ID`, `IP`) VALUES ('{$token}', {$userid}, '" . $_SERVER['REMOTE_ADDR'] . "')"); }
function send_token() { $email = validate_email(@$_POST['email']); if (email_overlap($email)) { echo "email overlap"; die; } $mail = new PHPMailer(); //实例化 $mail->IsSMTP(); // 启用SMTP $mail->Host = $GLOBALS['smtp_server']; //SMTP服务器 以163邮箱为例子 $mail->Port = $GLOBALS['smtp_server_port']; //邮件发送端口 $mail->SMTPAuth = true; //启用SMTP认证 $mail->CharSet = "UTF-8"; //字符集 $mail->Encoding = "base64"; //编码方式 $mail->Username = $GLOBALS['smtp_user_mail']; //你的邮箱 $mail->Password = $GLOBALS['smtp_user_pass']; //你的密码 $mail->Subject = "NutLab SS Token"; //邮件标题 $mail->From = $GLOBALS['smtp_user_mail']; //发件人地址(也就是你的邮箱) $mail->FromName = "NutLab"; //发件人姓名 $address = $email; //收件人email $mail->AddAddress($address, "Dear"); //添加收件人(地址,昵称) $mail->IsHTML(true); //支持html格式内容 $token = generate_token(); $mail->Body = "感谢您在我站注册了新帐号。<br/><br/>你的验证码为" . $token; //邮件主体内容 if (!$mail->Send()) { echo "token sending fail:" . $mail->ErrorInfo; echo "token sending fail"; } else { echo "token sending success"; } $count = count($GLOBALS['DB']->query("SELECT * FROM user WHERE email=? ", array($email))); if ($count > 0) { $result = $GLOBALS['DB']->query("UPDATE user SET token=? WHERE email=?", array($token, $email)); } else { $result = $GLOBALS['DB']->query("INSERT INTO user (email,pass,passwd,u,d,transfer_enable,port,enable,activated,token) VALUES (?,'','','0','0','0',?,'0','0',?)", array($email, generate_port(), $token)); } }
public static function add($first_name, $last_name, $phone, $email, $password, $zipcode, $referral_code = '', $device_token = '', $device_type = 'web', $membership_type = 'Member') { $user = new User(); $user_credit = new UserCredit(); $user->first_name = $first_name; $user->last_name = $last_name; $user->phone = $phone; $user->email = $email; $user->referred_by = 0; $user->token = generate_token(); $user->token_expiry = generate_expiry() / 10; $user->social_id = 0; if ($device_type != 'web') { $user->device_token = $device_token; } else { $user->device_token = ''; } $user->device_type = $device_type; $user->image_url = ''; $user->total_referrals = 0; $user->remember_token = ''; $user_credit->earned = 0; $user_credit->spent = 0; if ($referral_code != '') { $referrer = User::where('referral_code', $referral_code)->first(); if ($referrer) { $user->referred_by = $referrer->id; $user_credit->earned = 10; // add credits to referrer $referrer_credit = UserCredit::where('user_id', $referrer->id)->first(); $referrer_credit->earned += 5; $referrer_credit->spent = 0; $referrer_credit->save(); $temp_user = User::find($referrer->id); $temp_user->total_referrals += 1; $temp_user->save(); } } $user->password = Hash::make($password); $user->membership_type = $membership_type; $user->zipcode = $zipcode; $user->referral_code = generate_referral_code($first_name, $last_name); if ($membership_type == 'Member') { $user->membership_ends_on = "2100-01-01"; } else { $user->membership_ends_on = date('Y-m-d', strtotime('+1 years')); } $user->save(); $user_credit->user_id = $user->id; $user_credit->save(); return $user; }
function make_token() { // Temporary: purge tokens more often // Tokens are cleared on GW communication, // but there is no gateway right now clear_old_tokens(); $db = Flight::db(); $token = generate_token(); $stmt = $db->prepare('INSERT INTO tokens (token) VALUES (:token)'); $stmt->bindParam(':token', $token); $stmt->execute(); return $token; }
function replace_forms($form_data_html) { $count = preg_match_all("/<form(.*?)>(.*?)<\\/form>/is", $form_data_html, $matches, PREG_SET_ORDER); if (is_array($matches)) { foreach ($matches as $m) { if (strpos($m[1], "nocsrf") !== false) { continue; } $name = "CSRFGuard_" . mt_rand(0, mt_getrandmax()); $token = generate_token($name); $form_data_html = str_replace($m[0], "<form{$m[1]}>\n<input type='hidden' name='CSRFName' value='{$name}' />\n<input type='hidden' name='CSRFToken' value='{$token}' />{$m[2]}</form>", $form_data_html); } } return $form_data_html; }
function generate_token($username, $deep = 0) { global $db; $deep++; if ($deep > 3) { return false; } $token_string = generate_string(64); // 检测有效性 $token = $db->get('token', array('token', 'username', 'expired_time'), array('AND' => array('token' => $token_string, 'expired_time[>]' => time()))); if ($token) { return generate_token($username, $deep); } else { $result = $db->insert('token', array('token' => $token_string, 'username' => $username, 'expired_time' => time() + 3600 * 2)); $active = $db->insert('active', array('content' => "登录创建 token:{$token_string} 经过 {$deep} 次", 'username' => $username, 'time' => date('Y-m-d H:i:s', time()))); return $token_string; } }
function widget_my_notes($vars) { $title = "My Notes"; $mynotes = get_query_val("tbladmins", "notes", array("id" => $vars['adminid'])); $content = ' <script> function widgetnotessave() { $.post("index.php", { action: "savenotes", notes: $("#widgetnotesbox").val(), token: "' . generate_token('plain') . '" }); $("#widgetnotesconfirm").slideDown().delay(2000).slideUp(); } </script> <div align="center"> <div id="widgetnotesconfirm" style="display:none;margin:0 0 5px 0;padding:5px 20px;background-color:#DBF3BA;font-weight:bold;color:#6A942C;">Notes Saved Successfully!</div> <textarea id="widgetnotesbox" style="width:95%;height:100px;">' . $mynotes . '</textarea> <input type="button" value="Save Notes" onclick="widgetnotessave()" /> </div> '; return array('title' => $title, 'content' => $content); }
function openform($form_name, $form_id, $method, $action, $array = false) { global $defender; if (!is_array($array)) { $class = ''; $enctype = ''; $downtime = 10; $notice = 1; } else { $class = array_key_exists('class', $array) && $array['class'] ? $array['class'] : ''; $enctype = array_key_exists('enctype', $array) && $array['enctype'] == 1 ? 1 : 0; $downtime = array_key_exists('downtime', $array) && isnum($array['downtime']) ? $array['downtime'] : 10; $notice = array_key_exists('notice', $array) && isnum($array['notice']) ? $array['notice'] : 1; } $html = "<form name='" . $form_name . "' id='" . $form_id . "' method='" . $method . "' action='" . $action . "' class='" . (defined('FUSION_NULL') ? 'warning' : '') . " {$class}' " . ($enctype ? "enctype='multipart/form-data'" : '') . " >\n"; $html .= generate_token($form_name, $downtime); if (defined('FUSION_NULL') && $notice) { echo $defender->showNotice(); } return $html; }
/** * Constructor. * * @param array $vars "vars" array from WHCMS. */ public function __construct($vars = array()) { global $templates_compiledir, $customadminpath, $module, $_LANG, $CONFIG; // Create smarty $this->view = new \Smarty(); $this->view->template_dir = ROOTDIR . '/modules/addons/' . $module . '/templates/'; $this->view->compile_dir = $templates_compiledir; // Assing WHMCS system params $this->view->assign('_LANG', $_LANG); $this->view->assign('_CONFIG', $CONFIG); $this->view->assign('csrfToken', generate_token('plain')); // Assing our module params $this->vars = $vars; $this->view->assign('vars', $this->vars); $this->view->assign('customadminpath', $customadminpath); $this->modulelink = '/' . $customadminpath . '/addonmodules.php?module=' . $module; $this->view->assign('modulelink', $this->modulelink); if (isset($_REQUEST['action'])) { $this->action = $_REQUEST['action']; } $this->view->assign('action', $this->action); }
function widget_my_notes($vars) { global $_ADMINLANG; $title = "My Notes"; $mynotes = get_query_val("tbladmins", "notes", array("id" => $vars['adminid'])); $content = ' <script> function widgetnotessave() { $.post("index.php", { action: "savenotes", notes: $("#widgetnotesbox").val(), token: "' . generate_token('plain') . '" }); $("#widgetnotesconfirm").slideDown().delay(2000).slideUp(); } </script> <div id="widgetnotesconfirm" style="display:none;margin:0 0 5px 0;padding:5px 20px;background-color:#DBF3BA;font-weight:bold;color:#6A942C;">Notes Saved Successfully!</div> <form> <textarea id="widgetnotesbox" style="height:100px;" class="form-control">' . $mynotes . '</textarea> <div class="widget-footer"> <input type="reset" value="' . $_ADMINLANG['global']['cancel'] . '" class="btn btn-default btn-sm" /> <input type="button" value="Save Notes" onclick="widgetnotessave()" class="btn btn-info btn-sm" /> </div> </form> '; return array('title' => $title, 'content' => $content); }
function create_session($expire_secs = NULL, $login_id = NULL, $network_address = NULL) { global $dbconn; global $auth_settings; // Check parameters // $network_address is mandatory, fail immediately if not set if (is_null($network_address)) { $network_address = $_SERVER['REMOTE_ADDR']; } if (strlen($network_address) < 4) { return FALSE; } // Login ID is mandatory if (is_numeric($login_id) === FALSE || $login_id < 0 || $login_id == NULL) { return FALSE; } if (is_null($expire_secs) || $expire_secs < $auth_settings['session_expire_default']) { $expire_secs = $auth_settings['session_expire_default']; } $session_key = generate_token(); $csrf_token = generate_token(); $create_time = time(); $expire_time = $create_time + $expire_secs; // Add or update the session in the database $sql = "INSERT INTO sessions (\n\t\t\tlogin_id,\n\t\t\tsession_key, csrf_token, network_address,\n\t\t\tcreate_time, expire_time\n\t\t) VALUES (\n\t\t\t:li, :sk, :csrf, :na,\n\t\t\t:ct, :et\n\t\t)\n\t\tON DUPLICATE KEY UPDATE\n\t\tlogin_id = :li,\n\t\tsession_key = :sk,\n\t\tcsrf_token = :csrf,\n\t\tnetwork_address = :na,\n\t\tcreate_time = :ct,\n\t\texpire_time = :et"; $stmt = $dbconn->prepare($sql); $stmt->bindParam(':li', $login_id, PDO::PARAM_INT); $stmt->bindParam(':sk', $session_key, PDO::PARAM_STR); $stmt->bindParam(':csrf', $csrf_token, PDO::PARAM_STR); $stmt->bindParam(':na', $network_address, PDO::PARAM_STR); $stmt->bindParam(':ct', $create_time, PDO::PARAM_INT); $stmt->bindParam(':et', $expire_time, PDO::PARAM_INT); // Catch any failure to create a session if ($stmt->execute() == FALSE) { return FALSE; } set_auth_cookie($session_key, $expire_time, $domain); return TRUE; }
function register($email, $password, $passwordRe, $connection) { //test if user exists include_once 'functions.php'; $errors = check_validity($email, $password, $passwordRe, $connection); if (count($errors) > 0) { return $errors; } $k = 0; if ($stmt = mysqli_prepare($connection, "SELECT id FROM users WHERE email=?")) { $stmt->bind_param("s", $email); $stmt->execute(); $stmt->bind_result($col1); while ($stmt->fetch()) { $k++; } $stmt->close(); if ($k == 0) { include_once "functions.php"; $generatedToken = generate_token(); $sql = 'INSERT INTO users(email,password,date_registration,generated_token) VALUES(?,SHA(?),NOW(),?)'; $stmt = mysqli_prepare($connection, $sql); $stmt->bind_param("sss", $email, $password, $generatedToken); $stmt->execute(); if (mysqli_affected_rows($connection) == 0) { $errors[] = 'Unfortunately registration failed!'; return $errors; } $stmt->close(); } else { $errors[] = "E-mail already registered!"; return $errors; } } return $errors; }
function getTicketAttachmentsInfo($ticketid, $replyid, $attachment) { $attachments = array(); if ($attachment) { $attachment = explode("|", $attachment); foreach ($attachment as $num => $file) { $file = substr($file, 7); if ($replyid) { $attachments[] = array("filename" => $file, "dllink" => "dl.php?type=ar&id=" . $replyid . "&i=" . $num, "deletelink" => "" . $PHP_SELF . "?action=viewticket&id=" . $ticketid . "&removeattachment=true&type=r&idsd=" . $replyid . "&filecount=" . $num . generate_token("link")); continue; } $attachments[] = array("filename" => $file, "dllink" => "dl.php?type=a&id=" . $ticketid . "&i=" . $num, "deletelink" => "" . $PHP_SELF . "?action=viewticket&id=" . $ticketid . "&removeattachment=true&idsd=" . $ticketid . "&filecount=" . $num . generate_token("link")); } } return $attachments; }
foreach ($fraudresults as $key => $value) { ++$i; echo "<td class=\"fieldlabel\" width=\"30%\">" . $key . "</td><td class=\"fieldarea\""; if ($key == "Explanation") { echo " colspan=\"3\""; $i = 2; } else { echo " width=\"20%\""; } echo ">" . $value . "</td>"; if ($i == "2") { echo "</tr><tr>"; $i = 0; continue; } } echo "</tr></table></div>"; $jquerycode .= "\$(\"#rerunfraud\").click(function () {\n \$(\"#rerunfraud\").html(\"<img src=\\\"../images/spinner.gif\\\" align=\\\"absmiddle\\\" /> Performing Check...\");\n \$.post(\"orders.php\", { action: \"view\", rerunfraudcheck: \"true\", orderid: " . $id . ", token: \"" . generate_token("plain") . "\" },\n function(data){\n \$(\"#fraudresults\").html(data);\n \$(\"#rerunfraud\").html(\"Update Completed\");\n });\n return false;\n});"; } } echo "\n</form>\n\n"; echo $aInt->jqueryDialog("affassign", $aInt->lang("orders", "affassign"), $aInt->lang("global", "loading"), array($aInt->lang("global", "savechanges") => "\$('#affiliatefield').html(\$('#affid option:selected').text());\$(this).dialog('close');\$.post('orders.php', { action: 'affassign', orderid: " . $id . ", affid: \$('#affid').val(), token: '" . generate_token("plain") . "' });", $aInt->lang("global", "cancelchanges") => "")); $jquerycode .= "\$(\"#showaffassign\").click(\n function() {\n \$(\"#affassign\").dialog(\"open\");\n \$(\"#affassign\").load(\"orders.php?action=affassign\");\n return false;\n }\n);\n\$(\"#togglenotesbtn\").click(function() {\n\t\$(\"#notesholder\").slideToggle(\"slow\", function() {\n\t\ttoggletext = \$(\"#togglenotesbtn\").attr(\"value\");\n\t\tif(toggletext == \"Add Notes\") { \$(\"#togglenotesbtn\").fadeOut(\"fast\",function(){ \$(\"#togglenotesbtn\").attr(\"value\",\"Hide Notes\"); \$(\"#togglenotesbtn\").fadeIn(); }); }\n\t\tif(toggletext == \"Hide Notes\") { \$(\"#togglenotesbtn\").fadeOut(\"fast\",function(){ \$(\"#togglenotesbtn\").attr(\"value\",\"Add Notes\"); \$(\"#togglenotesbtn\").fadeIn(); }); }\n\t\t\$(\"#shownotesbtnholder\").slideToggle();\n\t});\n\treturn false;\n});\n\$(\"#savenotesbtn\").click(function() {\n\t\$.post(\"" . $PHP_SELF . "?action=view&id=" . $id . "\", { updatenotes: true, notes: \$('#notes').val(), token: \"" . generate_token("plain") . "\" });\n\t\$(\"#savenotesbtn\").attr(\"value\",\"Saved\");\n\treturn false;\n});\n\$(\"#notes\").keyup(function() {\n\t\$(\"#savenotesbtn\").attr(\"value\",\"Save Notes\");\n});"; $aInt->jquerycode = $jquerycode; $aInt->jscode = $jscode; } } $content = ob_get_contents(); ob_end_clean(); $aInt->content = $content; $aInt->display();
} </script> <title> <?php echo GLOBAL_PROJECT_NAME; ?> - Powered by Cobalt</title> <link href="css/login.css" rel="stylesheet" type="text/css"> <meta http-equiv="content-type" content="text/html; charset=<?php echo MULTI_BYTE_ENCODING; ?> " /> </head> <body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" onload="document.getElementById('username').focus();"> <?php echo '<form method="POST" action="' . basename($_SERVER['SCRIPT_NAME']) . '">'; $form_key = generate_token(); $form_identifier = $_SERVER['SCRIPT_NAME']; $_SESSION['cobalt_form_keys'][$form_identifier] = $form_key; echo '<input type="hidden" name="form_key" value="' . $form_key . '">'; ?> <div class="left_container"> <div class="title"> <?php //echo GLOBAL_PROJECT_NAME; echo 'Asia Pacific College </br>'; echo 'Internship Office </br>'; echo 'Communication Site'; ?> </div>
public function userSave() { $first_name = Input::get('first_name'); $last_name = Input::get('last_name'); $email = Input::get('email'); $phone = Input::get('phone'); $password = Input::get('password'); $referral_code = Input::get('referral_code'); if (Owner::where('email', $email)->count() == 0) { $owner = new Owner(); $owner->first_name = $first_name; $owner->last_name = $last_name; $owner->email = $email; $owner->phone = $phone; if ($password != "") { $owner->password = Hash::make($password); } $owner->token = generate_token(); $owner->token_expiry = generate_expiry(); if ($referral_code != "") { if ($ledger = Ledger::where('referral_code', $referral_code)->first()) { $referred_by = $ledger->owner_id; $settings = Settings::where('key', 'default_referral_bonus')->first(); $referral_bonus = $settings->value; $ledger = Ledger::find($ledger->id); $ledger->total_referrals = $ledger->total_referrals + 1; $ledger->amount_earned = $ledger->amount_earned + $referral_bonus; $ledger->save(); $owner->referred_by = $ledger->owner_id; $response_array = array('success' => true); $response_code = 200; } } $owner->save(); // send email $settings = Settings::where('key', 'email_owner_new_registration')->first(); $pattern = $settings->value; $pattern = str_replace('%name%', $owner->first_name, $pattern); $subject = "Welcome On Board"; email_notification($owner->id, 'owner', $pattern, $subject); return Redirect::to('user/signin')->with('success', 'Ypu have successfully registered. <br>Please Login'); } else { return Redirect::to('user/signup')->with('error', 'This email ID is already registered.'); } }
header('Access-Control-Allow-Headers: user, password'); //use files require_once 'classes/user.php'; require_once 'classes/generatetoken.php'; //read headers $headers = getallheaders(); //check if headers were received if (isset($headers['user']) & isset($headers['password'])) { try { //create object $u = new User($headers['user'], $headers['password']); //display json echo '{ "status" : 0, "user" : "' . $u->get_id() . '", "name" : "' . $u->get_name() . '", "token" : "' . generate_token($u->get_id()) . '" }'; } catch (RecordNotFoundException $ex) { echo '{ "status" : 1, "errorMessage" : "' . $ex->get_message() . '" }'; } } else { echo '{ "status" : 2, "errorMessage" : "Invalid Headers" }'; } ?>
$overagesbwprice = $data['overagesbwprice']; $affiliatepayamount = $data['affiliatepayamount']; $affiliatepaytype = $data['affiliatepaytype']; $affiliateonetime = $data['affiliateonetime']; $downloads = $data['downloads']; $retired = $data['retired']; $freedomainpaymentterms = explode(",", $freedomainpaymentterms); $freedomaintlds = explode(",", $freedomaintlds); $overagesenabled = explode(",", $overagesenabled); $upgradepackages = unserialize($upgradepackages); $downloads = unserialize($downloads); $order = $data['order']; echo "<script type=\"text/javascript\" src=\"../includes/jscript/jquerylq.js\"></script>\n<script type=\"text/javascript\" src=\"../includes/jscript/jqueryFileTree.js\"></script>\n<link href=\"../includes/jscript/css/jqueryFileTree.css\" rel=\"stylesheet\" type=\"text/css\" media=\"screen\" />\n\n<h2>Edit Product</h2>\n<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "?action=save&id=" . $id; echo "\" name=\"packagefrm\">"; $jscode = "function deletecustomfield(id) {\nif (confirm(\"Are you sure you want to delete this field and ALL DATA associated with it?\")) {\nwindow.location='" . $_SERVER['PHP_SELF'] . "?action=edit&id=" . $id . "&tab=3&sub=deletecustomfield&fid='+id+'" . generate_token("link") . "';\n}}\nfunction deleteoption(id) {\nif (confirm(\"Are you sure you want to delete this product configuration?\")) {\nwindow.location='" . $_SERVER['PHP_SELF'] . "?action=edit&id=" . $id . "&tab=4&sub=deleteoption&confid='+id+'" . generate_token("link") . "';\n}}"; $jquerycode = "\$('#productdownloadsbrowser').fileTree({ root: '0', script: 'configproducts.php?action=getdownloads" . generate_token("link") . "', folderEvent: 'click', expandSpeed: 1, collapseSpeed: 1 }, function(file) {\n \$.post(\"configproducts.php?action=managedownloads&id=" . $id . generate_token("link") . "&adddl=\"+file, function(data) {\n \$(\"#productdownloadslist\").html(data);\n });\n});\n\$(\".removedownload\").livequery(\"click\", function(event) {\n var dlid = \$(this).attr(\"rel\");\n \$.post(\"configproducts.php?action=managedownloads&id=" . $id . generate_token("link") . "&remdl=\"+dlid, function(data) {\n \$(\"#productdownloadslist\").html(data);\n });\n});\n\$(\"#showquickupload\").click(\n function() {\n \$(\"#quickupload\").dialog(\"open\");\n \$(\"#quickupload\").load(\"configproducts.php?action=quickupload&id=" . $id . generate_token("link") . "\");\n return false;\n }\n);\n\$(\"#showadddownloadcat\").click(\n function() {\n \$(\"#adddownloadcat\").dialog(\"open\");\n \$(\"#adddownloadcat\").load(\"configproducts.php?action=adddownloadcat&id=" . $id . generate_token("link") . "\");\n return false;\n }\n);\n"; if ($success) { infoBox($aInt->lang("global", "changesuccess"), $aInt->lang("global", "changesuccessdesc")); } echo $infobox; echo $aInt->Tabs(array($aInt->lang("products", "tabsdetails"), $aInt->lang("global", "pricing"), $aInt->lang("products", "tabsmodulesettings"), $aInt->lang("setup", "customfields"), $aInt->lang("setup", "configoptions"), $aInt->lang("products", "tabsupgrades"), $aInt->lang("products", "tabsfreedomain"), $aInt->lang("setup", "other"), $aInt->lang("products", "tabslinks"))); echo "\n<div id=\"tab0box\" class=\"tabbox\">\n <div id=\"tab_content\">\n\n<table class=\"form\" width=\"100%\" border=\"0\" cellspacing=\"2\" cellpadding=\"3\">\n<tr><td class=\"fieldlabel\">"; echo $aInt->lang("fields", "producttype"); echo "</td><td class=\"fieldarea\">"; echo "<s"; echo "elect name=\"type\" onChange=\"doFieldUpdate()\"><option value=\"hostingaccount\""; if ($type == "hostingaccount") { echo " SELECTED"; } echo ">"; echo $aInt->lang("products", "hostingaccount");
$order = $data['order']; echo "\n<form method=\"post\" action=\""; echo $PHP_SELF; echo "?action=save\">\n<input type=\"hidden\" name=\"module\" value=\""; echo $module; echo "\">\n\n<p align=\"left\"><b>"; echo $count . ". " . $GatewayConfig[$module]['FriendlyName']['Value']; if ($numgateways != "1") { echo " <a href=\"#\" onclick=\"deactivateGW('" . $module . "','" . $GatewayConfig[$module]['FriendlyName']['Value'] . "');return false\" style=\"color:#cc0000\">(" . $aInt->lang("gateways", "deactivate") . ")</a> "; } echo "</b>"; if ($order != "1") { echo "<a href=\"" . $PHP_SELF . "?action=moveup&order=" . $order . generate_token("link") . "\"><img src=\"images/moveup.gif\" align=\"absmiddle\" width=\"16\" height=\"16\" border=\"0\" alt=\"\"></a> "; } if ($order != $lastorder) { echo "<a href=\"" . $PHP_SELF . "?action=movedown&order=" . $order . generate_token("link") . "\"><img src=\"images/movedown.gif\" align=\"absmiddle\" width=\"16\" height=\"16\" border=\"0\" alt=\"\"></a>"; } echo "</p>\n<table class=\"form\" width=\"100%\" border=\"0\" cellspacing=\"2\" cellpadding=\"3\">\n<tr><td width=\"200\" class=\"fieldlabel\">"; echo $aInt->lang("gateways", "showonorderform"); echo "</td><td class=\"fieldarea\"><input type=\"checkbox\" name=\"field[visible]\""; if ($GatewayValues[$module]['visible']) { echo " checked"; } echo " /></td></tr>\n<tr><td class=\"fieldlabel\">"; echo $aInt->lang("gateways", "displayname"); echo "</td><td class=\"fieldarea\"><input type=\"text\" name=\"field[name]\" size=\"30\" value=\""; echo $GatewayValues[$module]['name']; echo "\"></td></tr>\n"; foreach ($GatewayConfig[$module] as $confname => $values) { if ($values['Type'] != "System") { $values['Name'] = "field[" . $confname . "]";
<?php //allow access to API header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Headers: email, token'); //use files require_once 'classes/person.php'; require_once 'classes/exceptions.php'; require_once 'classes/catalogs.php'; require_once 'classes/generatetoken.php'; //get headers $headers = getallheaders(); //validate parameter and headers if (isset($headers['email']) & isset($headers['token'])) { //validate if ($headers['token'] == generate_token($headers['email'])) { try { $json = '{ "status" : 0, "tutors" : ['; //read makes $first = true; foreach (Catalogs::get_tutors() as $t) { if ($first) { $first = false; } else { $json .= ','; } $json .= '{ "id" : "' . $t->get_id() . '", "photo" : "' . $t->get_photo() . '", "firstname" : "' . $t->get_first_name() . '", "lastname" : "' . $t->get_last_name() . '", "dateofbirth" : "' . $t->get_date_of_birth() . '", "email" : "' . $t->get_email() . '",
<?php //allow access to API header('Access-Control-Allow-Origin:*'); header('Access-Control-Allow-Headers:email,password'); //use files require_once 'classes/person.php'; require_once 'classes/generatetoken.php'; //read headers $headers = getallheaders(); //check if headers were received if (isset($headers['email']) & isset($headers['password'])) { try { //create object $p = new Person($headers['email'], $headers['password']); //display j echo '{"status":0, "id":"' . $p->get_id() . '", "name":"' . $p->get_first_name() . '", "email":"' . $headers['email'] . '", "token":"' . generate_token($p->get_email()) . '" }'; } catch (RecordNotFoundException $ex) { echo '{"status": "1","errorMessage":"' . $ex->get_message() . '"}'; } } else { echo '{"status":2,"errorMessage":"invalidHeaders"}'; }
echo $aInt->lang("networkissues", "addnew"); echo "</a></p>\n\n<h2>"; echo $pagetitle; echo " Issues</h2>\n\n"; $aInt->sortableTableInit("nopagination"); if (mysql_num_rows($result)) { while ($open_row = mysql_fetch_assoc($result)) { $enddate = $open_row['enddate']; $enddate = $enddate ? fromMySQLDate($enddate, true) : "None"; if ($open_row['server']) { $open_row->type .= " (" . $open_row['server'] . ")"; } if ($open_row['status'] == "Resolved") { $actions = "<a href=\"" . $_SERVER['PHP_SELF'] . "?action=reopen&id=" . $open_row['id'] . generate_token("link") . "\">Reopen</a>"; } else { $actions = "<a href=\"" . $_SERVER['PHP_SELF'] . "?action=close&id=" . $open_row['id'] . generate_token("link") . "\">Close</a>"; } $tabledata[] = array("<a href=\"" . $_SERVER['PHP_SELF'] . "?action=manage&id=" . $open_row['id'] . "\">" . $open_row['title'] . "</a>", $open_row['type'], $open_row['priority'], $open_row['status'], fromMySQLDate($open_row['startdate'], true), $enddate, $actions, "<a href=\"#\" onClick=\"doDelete('" . $open_row['id'] . "');return false\"><img src=\"images/delete.gif\" width=\"16\" height=\"16\" border=\"0\" alt=\"Delete\"></a>"); } } echo $aInt->sortableTable(array("Title", "Type", "Priority", "Status", "Start Date", "End Date", " ", ""), $tabledata); } else { if ($action == "manage") { if ($errormessage) { infoBox("Validation Failed", $errormessage); echo $infobox; } echo "<script type=\"text/javascript\" src=\"../includes/jscript/jquery-ui-timepicker-addon.js\"></script>\n<link rel=\"stylesheet\" type=\"text/css\" href=\"../includes/jscript/css/jquery-ui-timepicker-addon.css\" />\n<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "?action=save\">"; if ($id) { $pagetitle = "Modify Existing Issue"; $result = select_query("tblnetworkissues", "", array("id" => $id));
init_cobalt('View sub doc'); if (xsrf_guard()) { init_var($_POST['btn_cancel']); init_var($_POST['btn_submit']); if ($_POST['btn_cancel']) { log_action('Pressed cancel button'); redirect("listview_sub_doc.php"); } if ($_POST['btn_submit']) { log_action('Pressed submit button'); require 'subclasses/sub_doc.php'; $dbh_sub_doc = new sub_doc(); if ($message == "") { log_action('Exported table data to CSV'); $timestamp = date('Y-m-d'); $token = generate_token(0, 'fs'); $csv_name = $token . $_SESSION['user'] . '_sub_doc_' . $timestamp . '.csv'; $filename = TMP_DIRECTORY . '/' . $csv_name; $csv_contents = $dbh_sub_doc->export_to_csv(); $csv_file = fopen($filename, "wb"); fwrite($csv_file, $csv_contents); fclose($csv_file); chmod($filename, 0755); $csv_name = urlencode($csv_name); $message = 'CSV file successfully generated: <a href="/' . BASE_DIRECTORY . '/download_generic.php?filename=' . $csv_name . '">Download the CSV file.</a>'; $message_type = 'system'; } } } require 'subclasses/sub_doc_html.php'; $html = new sub_doc_html();
} echo $frmsub->dropdown("messagename", $emailarr); echo $frmsub->submit($aInt->lang("global", "sendmessage")); echo $frmsub->close(); echo "</td><td>"; $frmsub = new WHMCS_Form("frm4"); echo $frmsub->form("clientsemails.php?userid=" . $userid); echo $frmsub->hidden("action", "send"); echo $frmsub->hidden("type", "product"); echo $frmsub->hidden("id", $id); echo $frmsub->hidden("messagename", "defaultnewacc"); echo $frmsub->submit($aInt->lang("emails", "senddefaultproductwelcome")); echo $frmsub->close(); echo "</td></tr></table>\n</div>\n\n<form method=\"post\" action=\"whois.php\" target=\"_blank\" id=\"frmWhois\">\n<input type=\"hidden\" name=\"domain\" value=\"" . $domain . "\" />\n</form>\n"; $content = ob_get_contents(); ob_end_clean(); if ($whmcs->get_req_var("ajaxupdate")) { $content = preg_replace('/(<form\\W[^>]*\\bmethod=(\'|"|)POST(\'|"|)\\b[^>]*>)/i', '$1' . "\n" . generate_token(), $content); echo $content; exit; } else { $content = "<div id=\"servicecontent\">" . $content . "</div>"; $content .= $aInt->jqueryDialog("modcreate", $aInt->lang("services", "confirmcommand"), $aInt->lang("services", "createsure"), array($aInt->lang("global", "yes") => "runModuleCommand('create')", $aInt->lang("global", "no") => ""), "", "450"); $content .= $aInt->jqueryDialog("modsuspend", $aInt->lang("services", "confirmcommand"), $aInt->lang("services", "suspendsure") . "<br /><div align=\"center\">" . $aInt->lang("services", "suspendreason") . ": <input type=\"text\" id=\"suspreason\" size=\"20\" /><br /><br /><input type=\"checkbox\" id=\"suspemail\" /> " . $aInt->lang("services", "suspendsendemail") . "</div>", array($aInt->lang("global", "yes") => "runModuleCommand('suspend')", $aInt->lang("global", "no") => ""), "", "450"); $content .= $aInt->jqueryDialog("modunsuspend", $aInt->lang("services", "confirmcommand"), $aInt->lang("services", "unsuspendsure"), array($aInt->lang("global", "yes") => "runModuleCommand('unsuspend')", $aInt->lang("global", "no") => ""), "", "450"); $content .= $aInt->jqueryDialog("modterminate", $aInt->lang("services", "confirmcommand"), $aInt->lang("services", "terminatesure"), array($aInt->lang("global", "yes") => "runModuleCommand('terminate')", $aInt->lang("global", "no") => ""), "", "450"); $content .= $aInt->jqueryDialog("modchangepackage", $aInt->lang("services", "confirmcommand"), $aInt->lang("services", "chgpacksure"), array($aInt->lang("global", "yes") => "runModuleCommand('changepackage')", $aInt->lang("global", "no") => ""), "", "450"); $content .= $aInt->jqueryDialog("delete", $aInt->lang("services", "deleteproduct"), $aInt->lang("services", "proddeletesure"), array($aInt->lang("global", "yes") => "window.location='" . $PHP_SELF . "?userid=" . $userid . "&id=" . $id . "&action=delete" . generate_token("link") . "'", $aInt->lang("global", "no") => ""), "180", "450"); } $aInt->content = $content; $aInt->display();
echo "</strong>"; if ($configarray['Description']['Value']) { echo "<br />" . $configarray['Description']['Value']; } echo "</td>\n\t\t<td width=\"200\" align=\"center\" "; if ($moduleactive) { echo "style=\"background-color:#EBFEE2;\""; } echo ">"; echo $moduleaction; echo "</td>\n\t</tr>\n\t<tr><td id=\""; echo $module; echo "config\" class=\"config\" style=\"display:none;padding:15px;\" colspan=\"3\"><form method=\"post\" action=\""; echo $PHP_SELF; echo "?action=save&module="; echo $module . generate_token("link"); echo "\">\n\t\t<table class=\"form\" width=\"100%\">\n "; foreach ($configarray as $key => $values) { if ($values['Type'] != "System") { if (!$values['FriendlyName']) { $values['FriendlyName'] = $key; } $values['Name'] = $key; $values['Value'] = htmlspecialchars($moduleconfigdata[$key]); echo "<tr><td class=\"fieldlabel\">" . $values['FriendlyName'] . "</td><td class=\"fieldarea\">" . moduleConfigFieldOutput($values) . "</td></tr>"; continue; } } echo "\t\t</table><br /><div align=\"center\"><input type=\"submit\" name=\"save\" value=\""; echo $aInt->lang("global", "savechanges"); echo "\" class=\"btn primary\" /></form></div><br />\n\t</td></tr>\n";
public function providerSave() { $first_name = Input::get('first_name'); $last_name = Input::get('last_name'); $email = Input::get('email'); $phone = Input::get('phone'); $password = Input::get('password'); $type = Input::get('type'); if (Input::has('type') == NULL) { /* $var = Keywords::where('id', 1)->first(); return Redirect::to('')->with('success', 'You do not have ' . $var->keyword . ' Type. Please Contact your Admin'); */ return Redirect::to('')->with('success', 'You do not have ' . Config::get('app.generic_keywords.Provider') . ' Type. Please Contact your Admin'); } $validator = Validator::make(array('first_name' => $first_name, 'last_name' => $last_name, 'email' => $email, 'type' => $type, 'password' => $password), array('password' => 'required', 'email' => 'required', 'last_name' => 'required', 'first_name' => 'required', 'type' => 'required')); $validator1 = Validator::make(array('email' => $email), array('email' => 'required|email')); $validatorPhone = Validator::make(array('phone' => $phone), array('phone' => 'phone')); if ($validator->fails()) { $error_messages = $validator->messages(); return Redirect::to('provider/signup')->with('error', 'Please Fill all the fields.'); } else { if ($validator1->fails()) { return Redirect::to('provider/signup')->with('error', 'Please Enter email correctly.'); } else { if ($validatorPhone->fails()) { return Redirect::to('user/signup')->with('error', 'Invalid Phone Number Format'); } else { if (Walker::where('email', $email)->count() == 0) { $activation_code = uniqid(); $walker = new Walker(); $walker->first_name = $first_name; $walker->last_name = $last_name; $walker->email = $email; $walker->phone = $phone; $walker->activation_code = $activation_code; $walker->is_available = 1; if ($password != "") { $walker->password = Hash::make($password); } $walker->token = generate_token(); $walker->token_expiry = generate_expiry(); $walker->type = $type; if (Input::has('timezone')) { $walker->timezone = Input::get('timezone'); } $walker->save(); if (Input::has('type') != NULL) { $ke = Input::get('type'); $proviserv = ProviderServices::where('provider_id', $walker->id)->first(); if ($proviserv != NULL) { DB::delete("delete from walker_services where provider_id = '" . $walker->id . "';"); } $base_price = Input::get('service_base_price'); $service_price_distance = Input::get('service_price_distance'); $service_price_time = Input::get('service_price_time'); Log::info('type = ' . print_r(Input::get('type'), true)); $cnkey = count(Input::get('type')); Log::info('cnkey = ' . print_r($cnkey, true)); for ($i = 1; $i <= $cnkey; $i++) { $key = Input::get('type'); $prserv = new ProviderServices(); $prserv->provider_id = $walker->id; $prserv->type = $key; Log::info('key = ' . print_r($key, true)); if (Input::has('service_base_price')) { $prserv->base_price = $base_price[$i - 1]; } else { $prserv->base_price = 0; } if (Input::has('service_price_distance')) { $prserv->price_per_unit_distance = $service_price_distance[$i - 1]; } else { $prserv->price_per_unit_distance = 0; } if (Input::has('service_price_distance')) { $prserv->price_per_unit_time = $service_price_time[$i - 1]; } else { $prserv->price_per_unit_distance = 0; } $prserv->save(); } } /* $subject = "Welcome On Board"; $email_data['name'] = $walker->first_name; $url = URL::to('/provider/activation') . '/' . $activation_code; $email_data['url'] = $url; send_email($walker->id, 'walker', $email_data, $subject, 'providerregister'); */ //$settings = Settings::where('key', 'admin_email_address')->first(); //$admin_email = $settings->value; //$pattern = array('admin_eamil' => $admin_email, 'name' => ucwords($walker->first_name . " " . $walker->last_name), 'web_url' => web_url()); //$subject = "Welcome to " . ucwords(Config::get('app.website_title')) . ", " . ucwords($walker->first_name . " " . $walker->last_name) . ""; //email_notification($walker->id, 'walker', $pattern, $subject, 'walker_register', "imp"); return Redirect::to('provider/signin')->with('success', 'You have successfully registered. <br>Please Activate your Email to Login'); } else { return Redirect::to('provider/signup')->with('error', 'This email ID is already registered.'); } } } } }