function onPost()
{
if (!isset($_POST['method'])) {
http_response_code(HTTP_BAD_REQUEST);
echo 'method field reuired';
return;
}
switch ($_POST['method']) {
case METHOD_LOGIN:
login();
break;
case METHOD_LOGOUT:
logout();
break;
case METHOD_CREATE_ACCOUNT:
createAccount();
break;
case METHOD_USER_INFO:
userInfo();
break;
default:
http_response_code(HTTP_BAD_REQUEST);
echo 'invalid method name: ' . $_POST['method'];
return;
}
}
function userAvatar($size = "64")
{
$CI =& get_instance();
$userid = userInfo('user_id');
$s = array('user_id' => $userid, 'taxo_key' => 'avatar_user');
if ($CI->m_database->isBOF('usertaxonomy', $s) == TRUE) {
return noPhoto($size);
} else {
$ava = $CI->m_database->fieldRow('usertaxonomy', $s, 'taxo_val');
if (!empty($ava)) {
return $ava;
} else {
return noPhoto($size);
}
}
}
function addGallery($judul, $keterangan)
{
$d = array('gallery_title' => $judul, 'gallery_description' => $keterangan, 'gallery_date' => dateNow(TRUE), 'gallery_user' => userInfo('user_id'));
$output = array();
$slug = stringCreateSlug($judul);
if ($this->m_database->addRow('gallery', $d) == TRUE) {
$galeriid = $this->m_database->lastInsertID();
fileDirCreate(locationUpload('path') . 'gallery/' . $judul);
$output['galleryid'] = $galeriid;
$output['status'] = true;
} else {
$output['galleryid'] = '';
$output['status'] = false;
}
return $output;
}
function viewdata()
{
$rolename = roleURIUser();
$role = "";
$userid = userInfo('user_id');
$arr = array();
$prefix = $this->db->dbprefix;
$status = $this->input->get('post_status');
$this->load->library('Datatables');
if (roleUser() == "op") {
$arr = array($prefix . 'posts.post_status' => $status, $prefix . 'posts.post_type' => 'post', $prefix . 'posts.post_user' => $userid);
} else {
$arr = array($prefix . 'posts.post_status' => $status, $prefix . 'posts.post_type' => 'post');
}
$this->datatables->select($prefix . 'posts.post_id as ii, ' . $prefix . 'posts.post_title as judul,' . $prefix . 'posts.post_date as tanggal')->unset_column('post_id')->add_column('aksi', $this->buttonAksi('$1', $rolename), "ii")->edit_column('penulis', '$1', 'postAuthor(ii)')->edit_column('kategori', '$1', 'postCategory(ii)')->edit_column('tags', '$1', 'postTags(ii)')->from($prefix . 'posts')->where($arr);
echo $this->datatables->generate();
}
function update()
{
$this->m_security->filterPost('username', 'required');
$this->m_security->filterPost('nama', 'required');
$this->m_security->filterPost('email', 'required');
if ($this->m_security->startPost() == TRUE) {
$username = $this->input->post('username', TRUE);
$nama = $this->input->post('nama', TRUE);
$email = $this->input->post('email', TRUE);
$hp = $this->input->post('hp', TRUE);
$pwold = $this->input->post('pwold', TRUE);
$pwnew = $this->input->post('pwnew', TRUE);
$d = array();
$pesan = '';
if ($pwold != "" and $pwnew != "") {
$pwdb = userInfo('password');
if ($this->m_security->validationPassword($pwold, $pwdb) == TRUE) {
$d = array('nama' => $nama, 'email' => $email, 'hp' => $hp, 'password' => $this->m_security->createPassword($pwnew));
$pesan = "Update profil dan password berhasil";
} else {
redirect(base_url(roleURIUser() . 'profil'), 'refresh');
}
} else {
$d = array('nama' => $nama, 'email' => $email, 'hp' => $hp);
}
$sUser = array('user_id' => userInfo('user_id'));
$this->m_database->editRow('userlogin', $d, $sUser);
$img = $this->input->post('featureimage');
if (!empty($img)) {
$sT = array('user_id' => userInfo('user_id'), 'taxo_key' => 'avatar_user');
$dT = array('taxo_val' => $img);
if ($this->m_database->isBOF('usertaxonomy', $sT) == TRUE) {
$sT = array('user_id' => userInfo('user_id'), 'taxo_key' => 'avatar_user', 'taxo_val' => $img);
$this->m_database->addRow('usertaxonomy', $sT);
} else {
$this->m_database->editRow('usertaxonomy', $dT, $sT);
}
}
redirect(base_url(roleURIUser() . 'profil'), 'refresh');
} else {
redirect(base_url(roleURIUser() . 'profil'), 'refresh');
}
}
function langGet($file, $key, $nullValue = '')
{
$CI =& get_instance();
$setlang = taxonomyRead(userInfo('user_id'), 'language_user');
$lang = '';
if (!empty($setlang)) {
$lang = $setlang;
} else {
$lang = "indonesia";
}
$CI->lang->load($file, $lang);
$item = $CI->lang->line($key);
if (!empty($item)) {
return $item;
} else {
if (!empty($nullValue)) {
return $nullValue;
} else {
return "";
}
}
}
});
}
});
});
</script>
<div class="comment-entry">
<?php
echo "<h3>{$count}</h3>";
$no = 1;
while ($com = mysql_fetch_array($sql)) {
$autmail = strtolower($com['email']);
$autmail = md5($autmail);
$img = "<span class='cmn-gravatar' data-gravatar-hash='{$autmail}'></span>";
$uid = $com['user_id'];
$level = userInfo('level', $uid);
if ($level == 1 and $uid > 0) {
$s = " admin-comment";
} else {
$s = "";
}
$com['website'] = str_replace("http://", "", "{$com['website']}");
if (empty($com['website'])) {
$name = "{$com['name']}";
} else {
$name = "<a href='http://{$com['website']}'>{$com['name']}</a>";
}
$comment = str_replace("<", "<", $com['comment']);
$comment = str_replace(">", ">", $comment);
$comment = str_replace("\n", "<br>", $comment);
$comment = str_replace("[b]", "<b>", $comment);
<table class="table tools">
<tbody>
<?php
$db = new FQuery();
$db->connect();
$sql = $db->select(FDBPrefix . "article", "*,DATE_FORMAT(date,'%W, %b %d %Y') as dates", "", 'date DESC LIMIT 10');
$no = 1;
while ($qr = mysql_fetch_array($sql)) {
$read = check_permalink("link", "?app=article&view=item&id={$qr['id']}", "permalink");
if ($read) {
$read = $_POST['url'] . $read;
} else {
$read = $_POST['url'] . "?app=article&view=item&id={$qr['id']}";
}
$edit = "?app=article&act=edit&id={$qr['id']}";
$auth = userInfo("name", "{$qr['author_id']}");
$info = "{$qr['date']}";
$read_article = Read;
$edit_article = Edit;
if ($no % 2 == 0) {
$class = 'clr';
} else {
$class = 'cln';
}
echo "<tr><td class='no-tabs'>#{$no}</td><td width='100%'>{$qr['title']}\n\t\t\t<div class='tool-box'>\n\t\t\t\t<a href='{$read}' target='_blank' class='btn btn-tools tips' title='{$read_article}'>{$read_article}</a>";
$editor_level = mod_param('editor_level', $qr['parameter']);
if ($editor_level >= USER_LEVEL or empty($editor_level)) {
echo "<a href='{$edit}' class='btn btn-tools tips' title='{$edit_article}'>{$edit_article}</a>";
}
echo "</div>\t\t\t\n\t\t\t</td></tr>";
$no++;
$sql = $db->select(FDBPrefix . "session_login", "*,DATE_FORMAT(time,'%Y-%m-%d') as date", "", 'time DESC LIMIT 5');
$no = 1;
while ($qr = mysql_fetch_array($sql)) {
$id = $qr['user_id'];
$edit = Edit;
$read = Read;
$kick = Kickout;
$hide = Set_disable;
$delete = Delete;
$approve = Set_enable;
$ledit = "?app=user&act=edit&id={$id}";
$sql2 = $db->select(FDBPrefix . "user_group", "*", "level={$qr['level']}");
$group = mysql_fetch_array($sql2);
$group = $group['group_name'];
$name = userInfo('name', $id);
$mail = userInfo('email', $id);
echo "<tr><td>{$name} <span>({$qr['session_id']})</span>\n\t\t\t<a data-toggle='tooltip' data-placement='right' title='Online' class=' icon-circle blink icon-mini tooltips'></a><br/>\n\t\t\t<div class='tool-box'>\n\t\t\t\t<a class='btn-tools btn btn-danger btn-sm btn-grad kick' title='{$kick}' data-id='{$id}'>{$kick}</a>\n\t\t\t\t<a href='{$ledit}' class='btn btn-tools tips' title='{$edit}'>{$edit}</a>\n\t\t\t</div>\n\t\t\t</td>\n\t\t\t</tr>";
$no++;
}
?>
</tbody>
</table>
<script>
$(function() {
$('.kick').click(function() {
var is = $(this);
var id = $(this).data('id');
$.ajax({
url: "apps/app_user/controller/status.php",
<?php
foreach ($data as $row) {
}
echo incJS(locationPlugin('url') . 'ckeditor/ckeditor');
$token = md5(sha1(md5(userInfo('user_id'))));
?>
<textarea id="editor1" name="konten" class="form-control" placeholder="Tulis Konten berita" required="">
<?php
echo $row->post_content;
?>
</textarea>
<div id="kcfinder_div"></div>
<script>
CKEDITOR.replace( 'editor1', {
language: 'en',
filebrowserBrowseUrl: '<?php
echo locationPlugin("url") . "kcfinder/";
?>
browse.php?opener=ckeditor&type=files&token=<?php
echo $token;
?>
',
filebrowserImageBrowseUrl: '<?php
echo locationPlugin("url") . "kcfinder/";
?>
browse.php?opener=ckeditor&type=images&token=<?php
echo $token;
?>
',
filebrowserFlashBrowseUrl: '<?php
<?php include 'core/init.php'; include 'includes/overall/header.php'; $userID = $_SESSION['user_id']; $results = userInfo($userID); $name = $results['first_name'] . " " . $results['last_name']; $username = $results['username']; $email = $results['email']; $password = $results['password']; $passwordRepresentation = "***********"; ?> <html> <body> <div class="row"> <!-- left side --> <div class="col-md-3"></div> <!-- center side --> <div class = "col-md-6"> <h1>General Account Settings</h1> <form action = " " method = "POST"> <label for="inputn3" class="col-sm-4 control-label"> Name</label> <input type="text" class="form-control" id="inputfn3" placeholder="<?php echo $name; ?> " name="name"/> <br>
$go_link = FUrl . @$_REQUEST['link'] . SEF_EXT;
}
$id = pdfInfo('id');
$aid = pdfInfo('author_id');
if ($id == USER_ID) {
$sql = $db->select(FDBPrefix . 'pustaka_comment', '*', "file_id={$id}", "ID ASC");
} else {
$sql = $db->select(FDBPrefix . 'pustaka_comment', '*', "file_id={$id} AND status=1", "ID ASC");
}
$o = mysql_affected_rows();
$privatekey = pdfCOnfig('recaptcha_privatekey');
$publickey = pdfCOnfig('recaptcha_publickey');
echo "<div class='comment label'>{$o} Feedback</div>";
$no = 1;
while ($com = mysql_fetch_array($sql)) {
$email = strtolower(userInfo($com['user_id']));
$email = md5($email);
$img = "<span class='cmn-gravatar' data-gravatar-hash='{$email}'></span>";
if ($com['user_id'] == 1 or $com['user_id'] == 2) {
$s = " admin-comment";
} else {
$s = "";
}
$ulink = make_permalink('?app=pdf&view=user&id=1' . $com['user_id']);
$uname = oneQuery('user', 'id', $com['user_id'], 'name');
$name = "<a href='{$ulink}'>{$uname}</a>";
$comment = str_replace("<", "<", $com['comment']);
$comment = str_replace(">", ">", $comment);
$comment = str_replace("\n", "<br>", $comment);
$comment = str_replace("[b]", "<b>", $comment);
$comment = str_replace("[/b]", "</b>", $comment);
<!DOCTYPE html>
<html>
<head>
<title>todo list</title>
<meta name="viewport" content="width=device-width, initial-scale=1" />
<link rel="stylesheet" type="text/css" href="todo.css" />
<link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
<script src="ajax.js"></script>
<script src="todo.js"></script>
</head>
<body>
<div id="top-bar">
<a id="user-button" href="javascript:void(0);" onClick="showUserInfo()">?</a>
<div id="user-info" class="card">
<?php
userInfo();
?>
</div>
</div>
<div id="content">
<div id="todo-list">
<?php
listTodo();
?>
</div>
</div>
<a href="javascript:void(0);" onClick="showAddForm()">
<div id="fab">+</div>
</a>
<div id="add-form" class="card form">
<p>Add task:</p>
$db = new FQuery();
$db->connect();
$UserLevel = userInfo('level');
$sql = $db->select(FDBPrefix . 'user', '*', "level >= {$UserLevel}", "status ASC, ID DESC");
$no = 1;
while ($qr = mysql_fetch_array($sql)) {
$checkbox = null;
$group = oneQuery("user_group", "level", $qr['level'], 'group_name');
if ($qr['status'] == 1) {
$stat1 = "selected";
$stat2 = "";
} else {
$stat2 = "selected";
$stat1 = "";
}
$UserId = userInfo('id');
if ($qr['status'] == 1) {
$stat1 = "selected";
$stat2 = "";
$enable = ' enable';
} else {
$stat2 = "selected";
$stat1 = "";
$enable = 'disable';
}
if ($qr['level'] != 1 and $_SESSION['USER_LEVEL'] < $qr['level'] or $_SESSION['USER_LEVEL'] == 1 and $qr['id'] != $_SESSION['USER_ID']) {
$status = "<span class='invisible'>{$enable}</span>\n\t\t\t\t<div class='switch s-icon activator activa'>\n\t\t\t\t\t<label class='cb-enable {$stat1} tips' data-placement='right' title='" . Disable . "'><span>\n\t\t\t\t\t<i class='icon-remove-sign'></i></span></label>\n\t\t\t\t\t<label class='cb-disable {$stat2} tips' data-placement='right' title='" . Enable . "'><span>\n\t\t\t\t\t<i class='icon-ok-sign'></i></span></label>\n\t\t\t\t\t<input type='hidden' value='{$qr['id']}' class='number invisible'>\n\t\t\t\t\t<input type='hidden' value='{$qr['status']}' class='type invisible'>\n\t\t\t\t</div>";
//checkbox
$checkbox = "<input type='checkbox' name='check[]' value='{$qr['id']}' rel='ck'>";
} else {
$status = "<span class='invisible'>{$enable}</span>\n\t\t\t\t\t<label class='{$stat2} tips icon-active' data-placement='right' title='" . Enable . "'><span>\n\t\t\t\t\t<i class='icon-ok-sign'></i></span></label>\n\t\t\t\t";
<?php
/**
* @version 2.0
* @package Fiyo CMS
* @copyright Copyright (C) 2012 Fiyo CMS.
* @license GNU/GPL, see LICENSE.txt
**/
defined('_FINDEX_') or die('Access Denied');
/****************************************************/
/* User Constants */
/****************************************************/
if (empty($_SESSION['USER_LEVEL']) or $_SESSION['USER_LEVEL'] == 0 or $_SESSION['USER_LEVEL'] == 99 or !userInfo('user_id')) {
$_SESSION['USER_LEVEL'] = 99;
$_SESSION['USER'] = null;
$_SESSION['USER_ID'] = null;
$_SESSION['USER_NAME'] = null;
$_SESSION['USER_EMAIL'] = null;
}
define('USER', userInfo('user'));
define('USER_ID', userInfo('user_id'));
define('USER_NAME', userInfo('name'));
define('USER_LEVEL', userInfo('level'));
define('USER_EMAIL', userInfo('email'));
// Quick sql access level
define('Level_Access', "AND level >= " . USER_LEVEL);
define('SQL_USER_LEVEL', "level >= " . USER_LEVEL);
$errors[] = 'You need to enter a username and password.';
} else {
if (user_exists($username) === false) {
$errors[] = 'There is no such username.';
} else {
if (user_active($username) === false) {
$errors[] = 'You have to activate your account.';
} else {
$login = login($username, $password);
if ($login === false) {
$errors[] = 'That username/password combination is incorrect.';
output_errors($errors);
} else {
$_SESSION['user_id'] = $login;
//get user data from db
$usrdata = userInfo($login);
//print_r($usrdata);
// $name = "ingrid";
// updating session variables
$_SESSION["name"] = $usrdata['first_name'];
$_SESSION["logged_in"] = "true";
// echo 'LOGGED IN!'; //testing
//redirecting to index page
// header("Location: index.php"); //ONE WAY - FIX ME
$url = 'http://localhost/DynaMathVersion1.3/index.php';
echo '<META http-equiv="refresh" content="0; URL=' . $url . '">';
exit;
}
}
}
}
<td><input type="email" id="email" name="email" size="30" required class='email' <?php
echo formRefill('email', "{$qr['email']}");
?>
/></td>
</tr>
<tr>
<td class="row-title"><span class="tips" title="<?php
echo User_Group_tip;
?>
">User Group</td>
<td>
<select name="level" id="select">
<?php
$sql2 = $db->select(FDBPrefix . 'user_group');
while ($qrs = mysql_fetch_array($sql2)) {
if ($qrs['level'] >= userInfo('level')) {
if ($qrs['level'] > 3 and $_GET['act'] == 'add') {
echo "<option value='{$qrs['level']}' selected>{$qrs['group_name']}</option>";
} else {
if ($qrs['level'] == $qr['level']) {
echo "<option value='{$qrs['level']}' selected>{$qrs['group_name']}</option>";
} else {
echo "<option value='{$qrs['level']}'>{$qrs['group_name']}</option>";
}
}
}
}
?>
</select>
</td>
</tr>
$row[] = $checkbox;
} else {
if ($i == 1) {
$row[] = $name;
} else {
if ($i == 2) {
$row[] = "<div class='switch-group'>{$featured}{$status}</div>";
} else {
if ($i == 3) {
$sql2 = $db->select(FDBPrefix . "article_category", "name", "id={$aRow['category']}");
$category = mysql_fetch_array($sql2);
$category = $category['name'];
$row[] = "<div class='center'>{$category}</div>";
} else {
if ($i == 4) {
$aut = userInfo('name', $aRow['author_id']);
$author = $aut;
if (!empty($aRow['author'])) {
$author = $aRow['author'];
}
if ($aRow['author_id'] == 0) {
$author = "<span title='Original by Null' class='tips'>Anonymous</span>";
} else {
$author = "<span title='Original by {$aut}' class='tips'>{$author}</span>";
}
$row[] = "<div class='center'>{$author}</div>";
} else {
if ($i == 5) {
//creat user group values
$sql2 = $db->select(FDBPrefix . 'user_group', '*', "level={$aRow['level']}");
$level = mysql_fetch_array($sql2);
$qrs = mysql_fetch_array($sql);
$id = $qrs['id'];
$time = $qrs['time_reg'];
if (isset($_GET['key']) and !empty($_GET['key'])) {
if (!empty($id)) {
$linkLogin = make_permalink('?app=user&view=login');
$webmail = siteConfig('site_mail');
$webmail = siteConfig('site_mail');
$domain = str_replace("/", "", FUrl());
if (empty($webmail)) {
$webmail = "no-reply@{$domain}";
}
$email = userInfo('email', $id);
$user = userInfo('user', $id);
$name = userInfo('name', $id);
$pass = userInfo('password', $id);
$to = "{$email}";
if (siteConfig('lang') == 'id') {
$subject = 'Informasi Data Akun';
$message = "<font color='#333'>\n\t\t\t\t<p>Halo, {$name}</p> \n\t\t\t\t<p>Selamat, akun Anda telah aktif dan bisa digunakan.</p>\n\t\t\t\t<p>Berikut adalah detil data akun Anda :</p>\n\t\t\t\t<p> </p>\n\t\t\t\t<p>Username = {$user}</p>\n\t\t\t\t<p>Password = {$pass}</p>\n\t\t\t\t<p> </p>\n\t\t\t\t<p>URL login : {$linkLogin}</p>\n\t\t\t\t<p> </p>\n\t\t\t\t<p>Jaga selalu kerahasiaan akun Anda untuk mencegah hal yang tidak diinginkan.</p>\n\t\t\t\t<p>Terimakasih.</p>\n\t\t\t\t<p> </p>\n\t\t\t\t<p> </p>\n\t\t\t\t<p><b>" . SiteTitle . "</b>" . FUrl . "</p></font>";
} else {
$subject = 'New Account Information';
$message = "<font color='#333'>\n\t\t\t\t<p>Hello, {$name}</p> \n\t\t\t\t<p>Congratulations, your account has been activated and you can login now.</p>\n\t\t\t\t<p>Here are the details of your account data :</p>\n\t\t\t\t<p> </p>\n\t\t\t\t<p>Username = {$user}</p>\n\t\t\t\t<p>Password = {$pass}</p>\n\t\t\t\t<p> </p>\n\t\t\t\t<p>URL login : {$linkLogin}</p>\n\t\t\t\t<p> </p>\n\t\t\t\t<p>Please always keep the confidentiality of your account to prevent unwanted crimes.</p>\n\t\t\t\t<p>Thankyou.</p>\n\t\t\t\t<p> </p>\n\t\t\t\t<p> </p>\n\t\t\t\t<p><b>" . SiteTitle . "</b><br>" . FUrl . "</p></font>";
}
// To send HTML mail, the Content-type header must be set
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
$headers .= "To: {$name} <{$email}>" . "\r\n";
$headers .= 'From: ' . SiteTitle . "<{$webmail}>" . "\r\n";
$headers .= 'cc :' . "\r\n";
function editEvent($postid, $title, $date, $content, $status = 'publish', $tags = array(), $keywordAdd = '', $komentar, $tampilan = '', $tgl, $jam)
{
$s = array('post_id' => $postid);
$d = array('post_title' => $title, 'post_date' => $date, 'post_type' => 'event', 'post_content' => $content, 'post_user' => userInfo('user_id'), 'post_slug' => stringCreateSlug($title), 'post_status' => $status);
if ($this->m_database->editRow('posts', $d, $s) == TRUE) {
$this->insertTagPost($postid, $tags);
$this->insertTaxonomyPost($postid, "keyword_custom", $keywordAdd);
$this->insertTaxonomyPost($postid, "comment_system", $komentar);
$this->insertTaxonomyPost($postid, "view_style", $tampilan);
$this->insertTaxonomyPost($postid, "tanggal_event", $tgl);
$this->insertTaxonomyPost($postid, "jam_event", $jam);
$output['status'] = true;
$output['lastid'] = $postid;
} else {
$output['status'] = false;
$output['lastid'] = "";
}
return $output;
}
} elseif ($action == 'registerPwd') {
$message = registerPwd();
echo $message;
} elseif ($action == 'confirmPwd') {
$message = confirmPwd();
echo $message;
} else {
}
if ($action == 'register') {
echo register();
}
if ($action == 'issue') {
echo issue();
}
if ($action == 'userInfo') {
echo userInfo();
}
if ($action == 'login') {
echo login();
}
if ($action == 'logout') {
logout();
}
if ($action == 'active') {
echo active();
}
if ($action == 'forget') {
$toMail = $_POST['email'];
echo forgetPwd($toMail);
}
if ($action == 'reset') {
$key = $_POST['key'];
}
if (isset($_SESSION['USER_REMINDER']) and !empty($_SESSION['USER_REMINDER']) and $key == $_SESSION['USER_REMINDER']) {
$password_n = randomString(8);
$password_m = md5($password_n);
$id = $_SESSION['USER_REMINDER_ID'];
$qr = $db->update(FDBPrefix . 'user', array("password" => "{$password_m}"), "id={$_SESSION['USER_REMINDER_ID']}");
if ($qr) {
$webmail = siteConfig('site_mail');
$domain = substr(FUrl(), 0, strpos(FUrl(), "/"));
if (empty($webmail)) {
}
$webmail = "noreply@{$domain}";
$email = userInfo('email', $id);
$user = userInfo('user', $id);
$name = userInfo('name', $id);
$to = "{$email}";
if (siteConfig('lang') == 'id') {
$subject = 'Informasi Akun Baru';
$message = "<font color='#333'>\n\t\t\t<p>Hi, {$name}</p> \n\t\t\t<p>Password Anda telah diset ulang dan berikut adalah data login akun Anda.</p>\n\t\t\t<p>Username \t= {$user}<br>Password \t= {$password_n}</p>\n\t\t\t<p>Jaga selalu kerahasiaan akun Anda untuk mencegah hal yang tidak diinginkan.<br>Terimakasih.</p>\n\t\t\t<p> </p>\n\t\t\t<p><b>" . SiteTitle . "</b><br>" . FUrl . "</p></font>";
} else {
$subject = 'New Account Information';
$message = "<font color='#333'>\n\t\t\t<p>Hello, {$name}</p> \n\t\t\t<p>Your password has been reset and here are your data account login.</p>\n\t\t\t<p>Username \t= {$user}<br>\n\t\t\tPassword \t= {$password_n}</p>\n\t\t\t<p>Please always keep the confidentiality of your account to prevent unwanted crimes.<br>Thankyou.</p>\n\t\t\t<p> </p>\n\t\t\t<p><b>" . SiteTitle . "</b><br>" . FUrl . "</p></font>";
}
// To send HTML mail, the Content-type header must be set
$headers = 'MIME-Version: 1.0' . "\r\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
// Additional headers
$headers .= "To: {$name} <{$mail}>" . "\r\n";
$headers .= 'From: ' . SiteName . "<{$webmail}>" . "\r\n";
$headers .= 'cc :' . "\r\n";
<?php
session_start();
//подключение конфигов
include "../include/stack.php";
$con = dataBase();
if (isset($_POST['exit'])) {
usersLog($_SESSION['idUser'], "Пользователь успешно вышел из сети", $con);
unset($_SESSION['idUser']);
}
$id = $_SESSION['idUser'];
if (empty($id)) {
header("Location: ../index.php");
exit;
}
$userInfo = userInfo($id, $con);
?>
<!DOCTYPE html>
<html lang="ru">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags -->
<title>Cake Group | Ваш профиль, <?php
echo $userInfo['login'];
?>
</title>
<!-- Bootstrap -->
</div>
</nav>
</header>
<aside class="main-sidebar">
<section class="sidebar">
<div class="user-panel" style="display: none;">
<div class="pull-left image">
<img src="<?php
echo userAvatar('64');
?>
" class="img-circle" alt="User Image" />
</div>
<div class="pull-left info">
<p><?php
echo userInfo('nama');
?>
</p>
</div>
</div>
<ul class="sidebar-menu">
<li><a href="<?php
echo base_url(roleURIUser() . 'dashboard');
?>
"><i class="fa fa-dashboard"></i> <span><?php
echo langGet("menu", "menu_dashboard");
?>
</span></a></li>
<?php
include MODPATH . "manage/views/nav/navcontainer.php";
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">Handphone</label>
<div class="col-md-3">
<input type="text" name="hp" class="form-control" required="" value="<?php
echo userInfo('hp');
?>
"/>
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">Email</label>
<div class="col-md-5">
<input type="email" name="email" class="form-control" required="" value="<?php
echo userInfo('email');
?>
"/>
</div>
</div>
<hr/>
<div class="form-group">
<label class="col-sm-2 control-label">Password Lama</label>
<div class="col-md-4">
<input type="password" name="pwold" class="form-control"/>
</div>
</div>
<div class="form-group">
<label class="col-sm-2 control-label">Ulangi Password Baru</label>
<div class="col-md-4">
<input type="password" name="pwnew" class="form-control"/>
* @copyright Copyright (C) 2014 Fiyo CMS.
* @license GNU/GPL, see LICENSE.
**/
if (!isset($_POST['user'])) {
die('Access Denied!');
}
session_start();
define('_FINDEX_', 1);
require '../../../system/jscore.php';
$db = new FQuery();
$user = mysql_real_escape_string($_POST['user']);
$sql = $db->select(FDBPrefix . "user", "*", "status=1 AND user='******' AND password='******'pass']) . "'");
$qr = mysql_fetch_array($sql);
$jml = mysql_affected_rows();
if ($jml > 0) {
$_SESSION['USER_ID'] = $qr['id'];
$_SESSION['USER'] = $qr['user'];
$_SESSION['USER_NAME'] = $qr['name'];
$_SESSION['USER_EMAIL'] = $qr['email'];
$_SESSION['USER_LEVEL'] = $qr['level'];
$_SESSION['USER_LOG'] = $qr['time_log'];
$time_log = date('Y-m-d H:i:s');
$db->update(FDBPrefix . 'user', array("time_log" => "{$time_log}"), "id={$qr['id']}");
$db->delete(FDBPrefix . "session_login", "user_id={$qr['id']}");
$qr = $db->insert(FDBPrefix . "session_login", array("{$qr['id']}", "{$qr['user']}", "{$qr['level']}", date('Y-m-d H:i:s')));
}
if ($qr or !empty($_SESSION['USER_ID']) and $_SESSION['USER_LEVEL'] <= 3 and userInfo()) {
echo "{ \"status\":\"1\" , \"alert\":\"" . alert('success', Login_Success) . "\"}";
} else {
echo "{ \"status\":\"0\" , \"alert\":\"" . alert('error', Login_Error) . "\"}";
}
$xmlRoot->appendChild(getPosts($dbConn, $xmlDoc, $_REQUEST['page'], $_REQUEST['sub'], $_REQUEST['user'], $_REQUEST['comments']));
break;
case "email":
phpMailer($xmlDoc, $_REQUEST['name'], $_REQUEST['email'], $_REQUEST['subject'], $_REQUEST['msg']);
break;
case "doesUserExist":
$xmlRoot->appendChild(doesUserExist($dbconn, $xmlDoc, $_REQUEST['id'], $_REQUEST['user_type']));
break;
case "addGoogleUser":
$xmlRoot->appendChild(addGoogleUser($dbconn, $xmlDoc, $_REQUEST['id'], $_REQUEST['name'], $_REQUEST['email'], $_REQUEST['url']));
break;
case "addPost":
$xmlRoot->appendChild(addPost($dbconn, $xmlDoc, $_REQUEST['id'], $_REQUEST['title'], $_REQUEST['text'], $_REQUEST['url'], $_REQUEST['sub']));
break;
case "userInfo":
$xmlRoot->appendChild(userInfo($dbconn, $xmlDoc, $_REQUEST['id']));
break;
case "editUsername":
$xmlRoot->appendChild(editUsername($dbconn, $xmlDoc, $_REQUEST['id'], $_REQUEST['username']));
break;
case "castVote":
$xmlRoot->appendChild(castVote($dbconn, $xmlDoc, $_REQUEST['user_id'], $_REQUEST['post_id'], $_REQUEST['vote']));
break;
case "tallyVotes":
$xmlRoot->appendChild(tallyVotes($dbconn, $xmlDoc, $_REQUEST['post_id']));
break;
case "checkForUserVote":
$xmlRoot->appendChild(checkForUserVote($dbconn, $xmlDoc, $_REQUEST['post_id'], $_REQUEST['user_id']));
break;
case "addComment":
$xmlRoot->appendChild(addComment($dbconn, $xmlDoc, $_REQUEST['user_id'], $_REQUEST['post_id'], $_REQUEST['comment']));
?>
</h5>
</a>
</header>
<div id="publishing" class="panel-collapse collapse">
<table class="data2">
<tr>
<td class="row-title" style="width: 35%" title="<?php
echo Author_tip;
?>
"><?php
echo Author;
?>
</td>
<td><input name="author" style="min-width: 83.5%" disabled size="15" type="text"value="<?php
echo userInfo('name', $qr['author_id']);
?>
"/></td>
</tr>
<tr>
<td class="row-title" style="width: 35%" title=""><?php
echo Author_Alias;
?>
</td>
<td><input name="author" style="min-width: 83.5%" size="15" type="text"value="<?php
echo $qr['author'];
?>
"/></td>
</tr>
<tr>
<td class="row-title" style="width: 35%" title="<?php
<?php
//Session management
ini_set("session.cookie_secure", 0);
session_start();
if (empty($_SESSION['token'])) {
$_SESSION['token'] = base64_encode(mcrypt_create_iv(8, MCRYPT_DEV_URANDOM));
}
if (!empty($_POST['action']) and isEqual($_POST['action'], "login") and !empty($_POST['username']) and !empty($_POST['password']) and !empty($_POST['CRSFtoken'])) {
$user = userLogin($file_db, $_POST['username'], $_POST['password'], $_POST['CRSFtoken']);
error_log($user);
} elseif (isLoged()) {
$user = userInfo($file_db, $_SESSION['userId']);
}
<?php
global $postObj;
include_once HANDLE_DIR . 'db.class.php';
include_once HANDLE_DIR . 'tools.class.php';
//实例化数据库类并连接数据库
$db = new DB();
$db->open();
//用户表
$table = 'wx_user';
if (trim($postObj->Event) == 'subscribe') {
$access_token = O('API')->getAccessToken();
$data = array('openid' => $postObj->FromUserName, 'subscribe_time' => $postObj->CreateTime, 'belong' => $_GET['id']);
//获取用户详情
if (!empty($access_token)) {
$userInfo = userInfo($postObj->FromUserName, $access_token);
$data['nickname'] = $userInfo['nickname'];
$data['sex'] = $userInfo['sex'];
$data['language'] = $userInfo['language'];
$data['city'] = $userInfo['city'];
$data['province'] = $userInfo['province'];
$data['country'] = $userInfo['country'];
$data['headimgurl'] = $userInfo['headimgurl'];
}
//保存用户信息
$db->insert($table, $data);
//欢迎词
$contentStr = $db->get_field('wx_config', "_key='ANSWER_WELCOME' and belong='{$_GET['id']}'", '_value');
exit(Tools::answer_text($postObj->ToUserName, $postObj->FromUserName, $contentStr));
} else {
if (trim($postObj->Event) == 'unsubscribe') {