/** * Process the query * @param $user the user to look for * @param $password the user password * @param $id the id in the hatting table */ function processLoad($user, $password, $id) { // Connect to the database $pdo = pdo_connect(); getUser($pdo, $user, $password); $idQ = $pdo->quote($id); $query = "SELECT name, uri, type, x, y, rotation, scale, color, feather from hatting where id={$idQ}"; $rows = $pdo->query($query); if ($row = $rows->fetch()) { // We found the record in the database echo "<hatter status=\"yes\">"; $uri = $row['uri']; $x = $row['x']; $y = $row['y']; $angle = $row['rotation']; $scale = $row['scale']; $color = $row['color']; $hat = $row['type']; $feather = $row['feather'] == 1 ? "yes" : "no"; echo "<hatting uri=\"{$uri}\" x=\"{$x}\" y=\"{$y}\" angle=\"{$angle}\" scale=\"{$scale}\" color=\"{$color}\" type=\"{$hat}\" feather=\"{$feather}\" />\r\n"; echo "</hatter>"; exit; } echo '<hatter status="no" msg="image" />'; }
public static function checkState() { if (session_status() != PHP_SESSION_ACTIVE) { session_start(); } if (!isset($_SESSION[userNo])) { return false; } $_userNo = $_SESSION[userNo]; if ($_userNo == 'null') { return false; } $row = getUser($_userNo); if (isset($row[adminNo])) { return true; } $query = "SELECT " . loginSession . " FROM " . " User " . "WHERE " . userNo . " = '" . $_userNo . "'"; $result = DB::query($query); if (!$result) { return false; } $row = $result->fetch_array(); if (isset($row[0]) && $row[0] == $_COOKIE["PHPSESSID"]) { return true; } else { return false; } }
protected function saveHelpStatus() { $user = getUser(); $config = PageConfigs::where('page', $this->id)->where('user_id', $user['id'])->first(); $config->help = !$config->help; $config->save(); }
function testResettingPassword() { $email = '*****@*****.**'; $u = getUser($email); $this->followRedirects(false); # XXX: Hack to avoid being redirected to homepage upon logout. $this->logout(); $this->followRedirects(); $this->get('/account/signin'); $this->clickLink("//a[contains(text(), 'Forget your password')]"); # We specify the address using different cAsINg to make sure things aren't case-sensitive. $this->submitForm($this->getForm('lost-pass'), array('email' => '*****@*****.**')); /* TODO: Make this test more comprehensive -- but first we need a properly "stubbed-out" email for test framework... $sentEmails = $this->getSentEmails(); assertTrue(count($sentEmails) == 1); $matches = array(); preg_match('@https?://[-.a-z]+(/[^\\s]+)@', $sentEmails[0]->message, $matches); $relativeURI = $matches[1]; $this->get($relativeURI); $this->submitForm($this->getForm(), array('password' => 'nu3vo', 'confirmPassword' => 'nu3vo')); $this->logout(); $this->assertNotLoggedIn(); $this->login($email, 'nu3vo'); $this->assertLoggedIn($u->email); */ $row = DB\selectExactlyOne('confirmation_codes', 'user_id = ?', array($u->id)); $this->get('/account/pass-reset?c=' . $row['code']); $this->submitForm($this->getForm('change-password-form'), array('password' => 'n00p@ss', 'confirm-password' => 'n00p@ss')); }
function login() { $app = \Slim\Slim::getInstance(); $json = decodeJsonOrFail($app->request->getBody()); $user = User::where('username', '=', $json['username'])->where('password', '=', $json['password'])->firstOrFail(); getUser($user->id); }
function getPermissions(&$record) { if (getUser()) { return Dataface_PermissionsTool::ALL(); } return null; }
/** * This function must check the user session to be sure that he/she is * authorized to upload and access files in the File Browser. * * @return boolean */ function CheckAuthentication() { // WARNING : DO NOT simply return "true". By doing so, you are allowing // "anyone" to upload and list the files in your server. You must implement // some kind of session validation here. Even something very simple as... // return isset($_SESSION['IsAuthorized']) && $_SESSION['IsAuthorized']; // ... where $_SESSION['IsAuthorized'] is set to "true" as soon as the // user logs in your system. To be able to use session variables don't // forget to add session_start() at the top of this file. if (!class_exists("User")) { //Check if Orongo was loaded require "../../startOrongo.php"; startOrongo(); } //ORONGOCMS AUTHENTICATION: if (!function_exists('getUser')) { return false; } if (getUser() == null) { return false; } if (getUser()->getRank() < RANK_WRITER) { return false; } return true; }
protected static function newTempDir() { $tmp['tok'] = getUser() . time() . rand(5, 20); $tmp['dir'] = addslash(self::$config['tempdir']) . '.rutorrent/.fman/' . $tmp['tok'] . '/'; Filesystem::get()->mkdir($tmp['dir'], true, 777); return $tmp; }
/** * Returns the rank of the currently logged in user. * * @return string */ function getUserRank() { if (getUser()->id === 1) { return 'admin'; } return 'user'; }
public function __set($name, $value) { if (getUser()->data->id != $this->data->owner && getUser()->data->access_level != 0) { return; } switch ($name) { case 'name': case 'mime': getDB()->query('setFile', array('id' => $this->fid, 'field' => $name, 'value' => $value)); $this->data->{$name} = $value; break; case 'list': getDB()->query('setFile', array('id' => $this->fid, 'field' => $name, 'value' => $value)); $this->data = getDB()->query('refreshData', array('pid' => $this->pid)); $this->data = $this->data->dataObj; break; case 'file': if (!is_file(SYS_TMP . $file)) { $this->throwError('$value isn`t a file', $value); } getRAR()->execute('moveFile', array('source' => SYS_TMP . $value, 'destination' => SYS_SHARE_PROJECTS . $this->fid)); break; default: return; } }
function checkLogin() { global $database; /* Check if user has been remembered */ if (isset($_SESSION['usertype']) && isset($_SESSION['userID']) && $_SESSION['usertype'] == 1) { if ($database->confirmUserID($_SESSION['userID']) != 0) { unset($_SESSION['userID']); unset($_SESSION['username']); unset($_SESSION['classID']); unset($_SESSION['userBranchID']); unset($_SESSION['usertype']); unset($_SESSION['databasename']); unset($_SESSION['permissions']); return false; } $temp = getUser($_SESSION['userID']); $this->userID = $temp->getID(); $this->username = $temp->getUsername(); $this->classID = $temp->getClassID(); $this->userBranchID = $temp->getUserBranchID(); $this->name = $temp->getName(); $this->userlevel = $temp->getLevel(); $this->databasename = $temp->getInstituteObj()->getDatabaseName(); $this->usertype = 1; $this->permissions = $temp->getPermissions(); // unsetDatabaseName(); // setDatabaseName($this->databasename,$this->classID); return true; } else { return false; } }
function get($lastmodified, $api) { $sync = new Sync(); $output = array(); if ($lastmodified < $sync->get(Sync::USER)) { $output[Sync::USER] = getUser($api); } if ($lastmodified < $sync->get(Sync::SCENARIOS)) { $output[Sync::SCENARIOS] = getScenarios(); } if ($lastmodified < $sync->get(Sync::LIGHTS)) { $output[Sync::LIGHTS] = getLights(); } if ($lastmodified < $sync->get(Sync::ROOMS)) { $output[Sync::ROOMS] = getRooms(); } if ($lastmodified < $sync->get(Sync::PLANTS)) { $output[Sync::PLANTS] = getPlants(); } if ($lastmodified < $sync->get(Sync::DEVICES)) { $output[Sync::DEVICES] = getDevices(); } if ($lastmodified < $sync->get(Sync::SENSORS)) { $output[Sync::SENSORS] = getSensors(); } if ($lastmodified < $sync->get(Sync::EAN)) { $output[Sync::EAN] = getEan(); } return $output; }
public function actionEmployeeSchedulle() { header('Content-type: application/json'); $schedulles = AttendanceSchedulles::model()->findAllByAttributes(array('employee_id' => getUser()->id)); $data = array(); foreach ($schedulles as $schedulle) { for ($i = 1; $i <= 31; $i++) { if (strlen($i) == 1) { $date = 'date_0' . $i; } else { $date = 'date_' . $i; } $day = $schedulle->year . '-' . $schedulle->month . '-' . $i; $day = strtotime($day) + 2678400; $day = date('Y-m-d', $day); if ($schedulle->{$date} != '') { $shift = ReferenceAttendanceShifts::model()->findByPk($schedulle->{$date})->name; $data[] = array('title' => $shift, 'start' => $day, 'allDay' => true); } } } // $c = new CDbCriteria(); // $c->compare('employee_id', getUser()->id); // $schedulles = AttendanceSchedulle::model()->findAll($c); // $data = array(); // foreach($schedulles as $schedulle) // { // $data[] = array('title'=>$schedulle->shift->name, 'start'=>$schedulle->schedulle_date, 'allDay'=>true); // } echo CJSON::encode($data); }
function sendUserLogsViaMail($classID) { $conn = getMainConnection(); $query = "SELECT * FROM info WHERE ID = '" . $classID . "'"; $result = mysql_query($query); $numrows = mysql_affected_rows(); if ($numrows == 1) { $member = mysql_fetch_array($result); if ($member['activeflag'] != 0) { getTemporaryConnection($member['databasename']); } } $query = "SELECT * FROM login_logs WHERE lastlogin <= '" . time() . "' AND lastlogin >= '" . (time() - 86400) . "'"; $result = mysql_query($query); $mail_string = ''; while ($member = mysql_fetch_array($result)) { $time = date("F j, Y, g:i a", $member['lastlogin']); $user = getUser($member['userID'])->getName(); $mail_string .= $user . ' logged in at ' . $time . ' from the ip ' . $member['ip'] . '<br />'; } //echo $mail_string; $toEmail = '*****@*****.**'; $toName = 'Ace Chemistry'; $fromEmail = '*****@*****.**'; $fromName = 'My Class - Knowledge Portal'; $subject = 'Staff Login Logs : ' . date("d-m-Y"); $body = 'Staff Login Logs <hr /><br />' . $mail_string; $flag = sendEmail($toEmail, $toName, $fromEmail, $fromName, $subject, $body, ''); return $flag; }
function start() { if (!empty($_POST)) { if (!isset($_POST['id'])) { createUser($_POST); } else { editUser($_POST); } require '../views/list.php'; return; } if (!isset($_GET['id']) && !isset($_GET['page'])) { $people = getPeople(); require '../views/list.php'; return; } if (isset($_GET['page']) && $_GET['page'] === 'add') { require '../views/add.php'; return; } if (isset($_GET['page']) && $_GET['page'] === 'edit') { if (!isset($_GET['id'])) { die('veuillez spécifier un id d\'utilisateur'); } $id = $_GET['id']; $editable = ORM::for_table('users')->find_one($id); require '../views/edit.php'; return; } $user = getUser(); require '../views/show.php'; }
function loadByOwner($user_id, $sound_id) { $db = new SoundPlayData(); $ajaxServ = new AjaxServerBase(); $userTable = new Users(); $user = getUser(); //ユーザーチェック $res = $userTable->loadFromUserId($user_id); if ($res === false || is_null($res)) { $ajaxServ->sendErrorJson(DBERROR_USER_NOTFOUND, 'user_id invalid'); return; } //オーナーチェックチェック(なければ普通のロード) if ($user_id !== @$user['user_id']) { $db->loadFromId($sound_id); // $ajaxServ->sendErrorJson(DBERROR_USER_ID_INVALID, 'user logout'); return; } $user_id = @$user['user_id']; $res = $db->loadFromUserIdSoundId($user_id, $sound_id); if ($res === false || is_null($res)) { $ajaxServ->sendErrorJson(DBERROR_USER_PERMISSION, 'user_id invalid'); return; } $ajaxServ->sendJson($res); }
/** Erstellt ein nneues Projekt * * @param integer $pid Project ID * @author Lorze Widmer */ public function __construct($pid) { $this->pid = $pid; //Daten werden aus der Datenbank geladen $this->data = getDB()->query('refreshDataP', array('pid' => $this->pid)); if ($this->data === null) { $this->throwError('No project with given pid exists', $this->pid); } $this->data = $this->data->dataObj; //Infos werden aus der Datenbank geladen und in einen assoziativen Array geladen InfoKey => InfoValue $temp = getDB()->query('refreshDataProjectInfo', array('pid' => $this->pid)); $this->info = $temp; if ($temp !== null) { $this->info = array(); do { $this->info[$temp->dataObj->key] = $temp->dataObj->value; } while ($temp->next()); } //Infos werden aus der Datenbank geladen und in einen assoziativen Array geladen InfoKey => InfoValue $fail = ($this->data->access_level == 0 || $this->data->access_level == 1 && getUser()->access_level == 1 || $this->data->access_level <= 2 && $this->data->class == getUser()->class && getUser()->access_level == 2 || $this->data->access_level <= 2 && getUser()->access_level == null) && $this->data->owner != getUser()->id && getUser()->access_level != 0; //Ist der Benutzer berechtigt das Projekt zu bearbeiten wird $this->editable auf true gesetzt $this->editable = getUser()->data->id == $this->data->owner || getUser()->data->access_level == 0; //Im Fehlerfall wird das Skript abgebrochen und ein Fehler ausgegeben if ($fail) { $this->throwError('$user has no access to the project'); } if (getUser() === false && $this->data->access_level < 3) { $this->throwError('You aren`t logged in'); } }
public function exec() { if ($this->ci->ion_auth->logged_in()) { $user = $this->ci->ion_auth->user()->row(); setUser('username', $user->username); setUser('id', $user->id); setUser('email', $user->email); setUser('admin', $this->ci->ion_auth->is_admin()); setUser('logged', true); $groupUser = $this->ci->ion_auth->get_users_groups(getUser('id'))->result(); $group = array(); foreach ($groupUser as $tmp) { $group[] = $tmp->id; } setUser('groups', $group); } else { setUser('logged', false); } if ($this->ci->uri->segment(1) != "auth") { if (!$this->ci->acl->isAllow()) { $this->ci->session->set_flashdata('message', "Vous n'avez pas acces à cette page"); redirect("auth/login/redirect"); } } }
public function __invoke($args) { if (getUser() == null) { throw new Exception("No user logged in!"); } return new OrongoVariable(getUser()->getID()); }
public function getManager(Request $request) { $user = getUser(); $data['insert'] = $request->input('insert', false); $data['from'] = $request->input('from', false); $data['access_token'] = $user['access_token']; return view('admin.files', $data); }
function get_photo_quantity() { $user = getUser(); $this->db->where('user_id', $user->id); $this->db->from('gallery'); $result = $this->db->count_all_results(); return $result; }
function getUserEmail($userid) { global $emails; if (!isset($names[$userid])) { $emails[$userid] = getUser($userid)['email']; } return $emails[$userid]; }
function checkAuth() { $user = getUser(); if ($user) { return $user; } redirectToLogin(); }
/** * validate user cookie with database. * note that base64 is an extra-step * when storing the cookie on the user client * and not an attempt to encrypt passwords. * * @return bool */ function validateUser() { // compare saved cookie with the actual credentials from the db. if (getUser()['email'] && base64_decode(getUser(true)[1]) === getUser()['pass']) { return true; } return false; }
public function getSlide() { $user = getUser(); $data['token'] = $user['access_token']; $data['active'] = 'slide'; $data['pages'] = Pages::where('status', 'open')->get(); return view('admin.widget.slide', $data); }
function login($username, $userpassword, $rememberme = false) { $usersCounter = getUser($username, $userpassword); $object = new stdClass(); $object->result = $usersCounter; $object->message = "mmm"; return $object; }
function validUser($username, $password) { $result = False; $user = getUser($username); if (isset($user) && $user["password"] == md5($password)) { $result = True; } return $result; }
function addHealth($id, $health) { $user = getUser($id); $amount = Clamp($user['health'] + $health, 0, getUsersMaxHealth($id)); $lSql = "UPDATE ip_users SET health=:hp WHERE id=:id"; $lStmt = $db->prepare($lSql); $res = $lStmt->execute(array(":hp" => $amount, ":id" => $id)); return $res; }
/** * Process the XML query * @param $xmltext the provided XML */ function processXml($xmltext) { // Load the XML $xml = new XMLReader(); if (!$xml->XML($xmltext)) { echo '<hatter status="no" msg="invalid XML" />'; exit; } // Connect to the database $pdo = pdo_connect(); // Read to the start tag while ($xml->read()) { if ($xml->nodeType == XMLReader::ELEMENT && $xml->name == "hatter") { // We have the hatter tag $magic = $xml->getAttribute("magic"); if ($magic != "NechAtHa6RuzeR8x") { echo '<hatter status="no" msg="magic" />'; exit; } $user = $xml->getAttribute("user"); $password = $xml->getAttribute("pw"); $userid = getUser($pdo, $user, $password); // Read to the hatting tag while ($xml->read()) { if ($xml->nodeType == XMLReader::ELEMENT && $xml->name == "hatting") { $name = $xml->getAttribute("name"); $uri = $xml->getAttribute("uri"); $x = $xml->getAttribute("x"); $y = $xml->getAttribute("y"); $angle = $xml->getAttribute("angle"); $scale = $xml->getAttribute("scale"); $color = $xml->getAttribute("color"); $hat = $xml->getAttribute("hat"); $feather = $xml->getAttribute("feather") == "yes" ? 1 : 0; $nameQ = $pdo->quote($name); $uriQ = $pdo->quote($uri); // Checks if (!is_numeric($x) || !is_numeric($y) || !is_numeric($angle) || !is_numeric($scale) || !is_numeric($color) || !is_numeric($hat)) { echo '<hatter status="no" msg="invalid" />'; exit; } $query = <<<QUERY REPLACE INTO hatting(name, userid, uri, type, x, y, rotation, scale, color, feather) VALUES({$nameQ}, '{$userid}', {$uriQ}, {$hat}, {$x}, {$y}, {$angle}, {$scale}, {$color}, {$feather}) QUERY; if (!$pdo->query($query)) { echo '<hatter status="no" msg="insertfail">' . $query . '</hatter>'; exit; } echo '<hatter status="yes"/>'; exit; } } } } echo '<hatter save="no" msg="invalid XML" />'; }
function hasVoted($user, $voting_id) { $voted = false; $db_user = getUser($user); if (isset($db_user)) { $voted = in_aray($voting_id, $db_user["voting"]); } return $voted; }