public function index()
 {
     $this->load->library('pagination');
     $data_table = $this->input->get("data_table");
     //$class_table = $this->input->get("class_table");
     $page = $this->input->get('page', TRUE);
     if (!$page) {
         $page = '1';
     }
     //先取得總共有多少資料
     $config['total_rows'] = $this->Message_model->get_classes_count($data_table, $keyword);
     //該頁的網址
     $config['base_url'] = base_url() . 'message/index';
     //幾筆為一頁
     $config['per_page'] = 15;
     $start = $config['per_page'] * ($page - 1);
     //開始撈資料
     $query = $this->Message_model->get_classes($table_name, $keyword, $config['per_page'], $start);
     $data['classes'] = $query;
     $data['table_name'] = xss_clean($table_name);
     $data['subject'] = xss_clean($keyword);
     $this->pagination->initialize($config);
     $this->load->view('public_program/message/message', $data);
     // $this->load->view('public_program/ckeditor');
 }
Exemple #2
0
 function appLogin()
 {
     $result['success'] = true;
     // read request body and decode into array
     $requestBody = json_decode(file_get_contents('php://input'), true);
     // check that username/password exists in request
     if (array_key_exists("username", $requestBody) && array_key_exists("password", $requestBody)) {
         // clean data
         $this->load->helper('security');
         $username = trim(xss_clean($requestBody["username"]));
         $password = trim(xss_clean($requestBody["password"]));
         // send password reset email
         $this->load->model('User');
         if ($this->User->login($username, $password)) {
             // success, return userID hash
             $result['userID'] = "1234";
             // TODO: hash UserID
         } else {
             // failed, return error
             $result['success'] = false;
             $result['errorMessage'] = "Sorry duder, that seems to be the wrong username or password. Please try again.";
         }
     } else {
         // something has gone very wrong here
         $result['success'] = false;
         $result['errorMessage'] = "This request doesn't look right.";
     }
     // return json response
     $this->output->set_content_type('application/json')->set_output(json_encode($result));
 }
 public function __construct()
 {
     parent::__construct();
     $this->_service_url = C('service.s');
     $this->data['base_url'] = C('config.base_url');
     $this->data['img_url'] = C('config.img_url');
     $this->data['api_url'] = C('config.api_url');
     $this->data['web_url'] = C('config.web_url');
     $this->data['css_version'] = C('version.version.css');
     $this->data['js_version'] = C('version.version.js');
     $this->load->library(array('UserAuth', 'Http'));
     $this->data['user_info'] = $this->userauth->current(FALSE);
     if (empty($this->data['user_info'])) {
         header("location:" . $this->data['base_url'] . '/user');
         exit;
     }
     $this->post = json_decode(file_get_contents("php://input"), TRUE);
     // 从post中json字符串中解析出变量并合并到$_POST
     if (!empty($this->post)) {
         $this->post = xss_clean($this->post);
         $_POST = array_merge($_POST, $this->post);
     }
     $this->data['left_nav'] = $this->create_left_nav();
     $this->data['top_nav'] = $this->create_top_nav();
     $this->data['city_map'] = $this->create_cities_map();
     // 激活分析器以调试程序
     // $this->output->enable_profiler(TRUE);
 }
Exemple #4
0
 public function index()
 {
     //get the posted values
     $username = $this->input->post("username");
     $password = $this->input->post("password");
     // validate
     $this->load->library('form_validation');
     $this->form_validation->set_rules('username', 'Username', 'trim|required');
     $this->form_validation->set_rules('password', 'Password', 'trim|required');
     if ($this->form_validation->run() === FALSE) {
         $this->load->view('template/login');
     } else {
         if ($this->input->post('btnlogin') == 'login') {
             $result = $this->login_check->get_user(xss_clean($username), $password);
             if (count($result) > 0) {
                 $sessiondata = array('user' => $result->name, 'power' => $result->power, 'm_id' => $result->m_id);
                 $this->session->set_userdata($sessiondata);
                 // $this->load->view(print_r($this->session));
                 redirect('/index');
             } else {
                 redirect('/login');
             }
         }
     }
 }
 /**
  * login()
  */
 public function login()
 {
     $data['header'] = $this->load->view('system/header', NULL, TRUE);
     //Obtener y limpiar los datos
     $username = xss_clean($this->input->post('username'));
     $password = do_hash(xss_clean($this->input->post('password')), 'md5');
     //Validar los datos obtenidos
     $this->form_validation->set_rules('username', 'User Name', 'required', array('required' => $this->lang->line('error_required_username')));
     $this->form_validation->set_rules('password', 'Password', 'required', array('required' => $this->lang->line('error_required_password')));
     if ($this->form_validation->run() == FALSE) {
         //Se despliega el login con mensajes de error
         $data['content'] = $this->load->view('system/login', NULL, TRUE);
     } else {
         try {
             //Se validan las credenciales de acceso
             $this->opx_auth->auth_user($username, $password);
             //Se redirecciona al controlador del dashboard
             redirect('dashboard');
         } catch (Exception $e) {
             $data_login['error_login_message'] = $this->lang->line('error_login_message');
             $data['content'] = $this->load->view('system/login', $data_login, TRUE);
         }
     }
     $data['footer'] = $this->load->view('system/footer', NULL, TRUE);
     $this->load->view('system/layout', $data);
 }
 function addEditS1($lPID)
 {
     $this->load->helper('dl_util/verify_id');
     verifyID($this, $lPID, 'people ID');
     $displayData = array();
     $lPID = (int) $lPID;
     $params = array('enumStyle' => 'terse');
     $this->load->library('generic_rpt', $params);
     $this->load->model('people/mpeople', 'clsPeople');
     $this->load->model('admin/madmin_aco', 'clsACO');
     //      $this->load->helper('dl_util/email_web');
     $this->clsPeople->loadPeopleViaPIDs($lPID, false, false);
     $displayData['contextSummary'] = $this->clsPeople->peopleHTMLSummary(0);
     // validation rules
     $this->form_validation->set_error_delimiters('<div class="formError">', '</div>');
     $this->form_validation->set_rules('txtSearch', 'SEARCH', 'trim|required');
     $bFormValidated = $this->form_validation->run();
     $displayData['title'] = CS_PROGNAME . ' | Relationships';
     $displayData['pageTitle'] = anchor('main/menu/people', 'People', 'class="breadcrumb"') . ' | ' . anchor('people/people_record/view/' . $lPID, 'Record', 'class="breadcrumb"') . ' | Relationships';
     $displayData['nav'] = $this->mnav_brain_jar->navData();
     if (!$bFormValidated) {
         $displayData['search'] = new stdClass();
         $displayData['search']->strButtonLabel = 'Search';
         $displayData['search']->strLegendLabel = 'Create a relationship between ' . $this->clsPeople->people[0]->strSafeName . ' and another person';
         $displayData['search']->formLink = 'people/relationships/addEditS1/' . $lPID;
         $displayData['search']->lSearchTableWidth = 240;
         $displayData['search']->bBiz = false;
         $displayData['mainTemplate'] = 'util/search_people_biz_view';
         $this->load->vars($displayData);
         $this->load->view('template');
     } else {
         $this->searchSelected($displayData, $lPID, 'People Search', xss_clean(trim($_POST['txtSearch'])));
     }
 }
Exemple #7
0
 function add_details()
 {
     $try = $this->m_files->add_details();
     $tags = xss_clean(substr($_SESSION['f_tags'], 0, 255));
     $this->m_tags->add_tags($tags, 'files', $try);
     redirect("files/index", 'refresh');
 }
Exemple #8
0
 function insert()
 {
     $try = $this->m_bookmarks->add_bookmark();
     $tags = xss_clean(substr($_SESSION['b_tags'], 0, 255));
     $this->m_tags->add_tags($tags, 'bookmarks', $try);
     redirect("bookmarks/index", 'refresh');
 }
Exemple #9
0
 public function edit()
 {
     $this->load->helper('form');
     $this->load->library('form_validation');
     $id = $this->uri->segment(3);
     $post = $this->post->get_by_id($id);
     $this->form_validation->set_rules('title', 'Title', 'trim|required|max_length[255]');
     $this->form_validation->set_rules('body', 'Body', 'trim|required|max_length[500]');
     $data['action'] = site_url('blog/edit/' . $id);
     $data['post'] = $post;
     if ($_POST) {
         if ($this->form_validation->run() == FALSE) {
             $this->load->view('templates/header');
             $this->load->view('blog/edit', $data);
             $this->load->view('templates/footer');
         } else {
             $this->load->helper('security');
             $post = new Post_model();
             $post->id = xss_clean($this->uri->segment(3));
             $post->title = xss_clean($this->input->post('title', TRUE));
             $post->body = xss_clean($this->input->post('body', TRUE));
             $date = new DateTime();
             $post->created = $date->format('Y-m-d H:i:s');
             if ($post->save()) {
                 redirect(base_url('blog/details/' . $post->id), 'location');
             }
         }
     } else {
         $this->load->view('templates/header');
         $this->load->view('blog/edit', $data);
         $this->load->view('templates/footer');
     }
 }
Exemple #10
0
 function prepare_fields(&$var)
 {
     if (!is_array($var)) {
         $var = remove_tags(xss_clean(trim($var)));
     }
     return $var;
 }
Exemple #11
0
 function insert()
 {
     $try = $this->m_posts->add_post();
     $tags = xss_clean(substr($_SESSION['p_tags'], 0, 255));
     $this->m_tags->add_tags($tags, 'posts', $try);
     redirect("blog/index", 'refresh');
 }
 public function left()
 {
     $userid = $this->session->user_id;
     $query_level_one = $this->Manage_Template_Model->get_menu(1, 0, $userid);
     $menu = " <ul class=\"nav navbar-nav side-nav\">";
     for ($i = 0; $i < count($query_level_one); $i++) {
         $level_one_name = xss_clean($query_level_one[$i]['Name']);
         $level_one_id = xss_clean($query_level_one[$i]['Id']);
         $level_one_type = xss_clean($query_level_one[$i]['Type']);
         $level_one_promgram_url = xss_clean($query_level_one[$i]['Promgram_Url']);
         $menu = $menu . "<li>";
         $menu = $menu . "<a href=\"javascript:;\" data-toggle=\"collapse\" data-target=\"#demo" . $i . "\"><i class=\"fa fa-fw fa-folder\"></i> " . $level_one_name;
         if ($level_one_type == "folder") {
             if ($this->Manage_Template_Model->has_node($level_one_id)) {
                 $menu = $menu . " <i class=\"fa fa-fw fa-caret-down\"></i></a>";
                 $menu = $menu . "<ul id=\"demo" . $i . "\" class=\"collapse\">";
                 $query_level_two = $this->Manage_Template_Model->get_menu(2, $level_one_id, $userid);
                 for ($j = 0; $j < count($query_level_two); $j++) {
                     $level_two_name = xss_clean($query_level_two[$j]['Name']);
                     $level_two_id = xss_clean($query_level_two[$j]['Id']);
                     $level_two_type = xss_clean($query_level_two[$j]['Type']);
                     $level_two_promgram_url = xss_clean($query_level_two[$j]['Promgram_Url']);
                     $menu = $menu . "<li>";
                     if ($level_two_type == "folder") {
                         $menu = $menu . "<a href=\"javascript:;\" data-toggle=\"collapse\" data-target=\"#demo" . $i . "_" . $j . "\"> <i class=\"fa fa-fw fa-folder\"></i> " . $level_two_name;
                         if ($this->Manage_Template_Model->has_node($level_two_id)) {
                             $menu = $menu . " <i class=\"fa fa-fw fa-caret-down\"></i></a>";
                             $menu = $menu . "<ul id=\"demo" . $i . "_" . $j . "\" class=\"collapse\">";
                             $query_level_three = $this->Manage_Template_Model->get_menu(3, $level_two_id, $userid);
                             for ($k = 0; $k < count($query_level_three); $k++) {
                                 $level_three_name = xss_clean($query_level_three[$k]['Name']);
                                 $level_three_promgram_url = xss_clean($query_level_three[$k]['Promgram_Url']);
                                 $menu = $menu . "<a href=\"javascript:change_content('" . base_url($level_three_promgram_url) . "','" . $level_three_name . "')\"><i class=\"fa fa-fw fa-cog\"></i>" . $level_three_name . "</a>";
                             }
                             $menu = $menu . "</ul>";
                         } else {
                             $menu = $menu . "</a>";
                         }
                     } else {
                         $menu = $menu . "<a href=\"javascript:change_content('" . base_url($level_two_promgram_url) . "','" . $level_two_name . "')\"><i class=\"fa fa-fw fa-cog\"></i>" . $level_two_name . "</a>";
                     }
                     $menu = $menu . "</li>";
                 }
                 $menu = $menu . "</ul>";
             } else {
                 $menu = $menu . "</a>";
             }
         } else {
             $menu = $menu . "<a href=\"javascript:change_content('" . base_url($level_one_promgram_url) . "','" . $level_one_name . "')\"><i class=\"fa fa-fw fa-cog\"></i>" . $level_one_name . "</a>";
         }
         $menu = $menu . "</li>";
     }
     $menu = $menu . " </ul>";
     $data["menu"] = $menu;
     if ($this->input->post('node_name')) {
         $this->session->set_userdata('node_name', $this->input->post('node_name'));
     }
     $this->load->view('manage_template/template_left', $data);
 }
Exemple #13
0
 function add_post()
 {
     $userid = $_SESSION['userid'];
     $now = date("Y-m-d h:i:s");
     $data = array('title' => xss_clean(substr($this->input->post('title'), 0, 255)), 'body' => xss_clean(substr($this->input->post('body'), 0, 5000)), 'user_id' => $userid, 'created' => $now);
     $this->db->insert("posts", $data);
     $_SESSION['p_tags'] = $this->input->post('tags');
     return $this->db->insert_id();
 }
Exemple #14
0
function filter_string($string)
{
    $result = str_replace("'", "", $string);
    $result = str_replace('"', "", $result);
    $result = strip_tags($result);
    $result = trim($result);
    $result = xss_clean($result);
    return $result;
}
Exemple #15
0
 function add_bookmark()
 {
     $userid = $_SESSION['userid'];
     $now = date("Y-m-d h:i:s");
     $data = array('url' => xss_clean(substr($this->input->post('url'), 0, 255)), 'description' => xss_clean(substr($this->input->post('description'), 0, 255)), 'user_id' => $userid, 'created' => $now);
     $this->db->insert("bookmarks", $data);
     $_SESSION['b_tags'] = $this->input->post('tags');
     return $this->db->insert_id();
 }
Exemple #16
0
 function update_profile()
 {
     $id = $_SESSION['userid'];
     $try = $this->m_users->update_user($id);
     $tags = xss_clean(substr($_SESSION['tags'], 0, 255));
     $this->m_tags->add_tags($tags, 'users', $try);
     // Update the session and redirect the user
     $_SESSION['logged_in_user'] = $this->m_users->get_user($id);
     redirect("agilan/index", 'refresh');
 }
Exemple #17
0
 public function fields($fields)
 {
     $this->load->helper('security');
     $data = array();
     if (count($fields)) {
         foreach ($fields as $key => $value) {
             $data[$key] = xss_clean(strip_tags($value));
         }
     }
     return $data;
 }
 function verifyUniqueUserID($strUserName, $id)
 {
     $id = (int) $id;
     $strUserName = xss_clean(trim($strUserName));
     $this->load->model('util/mverify_unique', 'clsUnique');
     if (!$this->clsUnique->bVerifyUniqueText($strUserName, 'us_strUserName', $id, 'us_lKeyID', true, 'us_bInactive', false, null, null, false, null, null, 'admin_users')) {
         return false;
     } else {
         return true;
     }
 }
Exemple #19
0
 public function index()
 {
     // включаем библиотеку для работы с сессиями
     $this->load->library('session');
     $success_send = false;
     // если был пост запрос
     if ($this->input->server('REQUEST_METHOD') == 'POST') {
         // подключение библиотеки для валидации форм
         $this->load->library('form_validation');
         // подулючение хелпера для обработки элементов форм
         $this->load->helper('security');
         // установка правил валидации
         $this->form_validation->set_rules($this->config->item('contact_validation'));
         $this->form_validation->set_rules('captcha', 'Captcha', 'callback_validate_captcha');
         // проверка каптчи
         // если данные прошли проверку
         if ($this->form_validation->run() === TRUE) {
             // получаем данные из формы
             $email = xss_clean($this->input->post('email'));
             $subject = xss_clean($this->input->post('subject'));
             $message = xss_clean($this->input->post('message'));
             // включаем библиотеку для отправки писем
             $this->load->library('email');
             $this->email->from($this->config->item('from_email'), 'Сайт дизайн студии');
             $this->email->to($this->config->item('to_email'), 'Администратору сайта');
             $this->email->subject($subject);
             $this->email->message($message);
             $this->email->send();
             // в сессию записываем данные о том, что письмо отправлено
             $this->session->set_flashdata('success_send', true);
             redirect('/contacts');
         }
     }
     if ($this->session->flashdata('success_send')) {
         $success_send = $this->session->flashdata('success_send');
     }
     // здесь место для тебя ... передавай каптчу в массив ниже в шаблон
     $this->load->helper('captcha');
     $original_string = array_merge(range(0, 9), range('a', 'z'), range('A', 'Z'));
     $original_string = implode("", $original_string);
     $captcha = substr(str_shuffle($original_string), 0, 6);
     $vals = array('word' => $captcha, 'img_path' => './captcha/', 'img_url' => base_url() . '/captcha/', 'img_width' => 150, 'img_height' => 50, 'expiration' => 7200);
     $cap = create_captcha($vals);
     $data['image'] = $cap['image'];
     if (file_exists(BASEPATH . "../captcha/" . $this->session->userdata['image'])) {
         unlink(BASEPATH . "../captcha/" . $this->session->userdata['image']);
     }
     $this->session->set_userdata(array('captcha' => $captcha, 'image' => $cap['time'] . '.jpg'));
     $form_html = $this->renderHTML('contacts/contact_form', $data, true);
     $this->setToData('title', 'Связаться с нами');
     $this->setToData('form', $form_html);
     $this->setToData('success_send', $success_send);
     $this->display('contacts/index');
 }
Exemple #20
0
 function evote()
 {
     parent::Controller();
     $this->load->helper(array('fdcore_framework', 'office_framework', 'rf_framework_helper'));
     $this->load->helper(array('language', 'url', 'file', 'security', 'date', 'form', 'html', 'pay'));
     $this->load->library(array('session', 'table', 'parser', 'ajax', 'cache'));
     $this->lang->load('office', get_lang());
     $this->login = xss_clean($this->session->userdata('login'));
     RunFunc('connectdb|connectmydb|allow_ip|check_offline|check_sql_inject');
     $this->limit = config('vote_limit', 'core');
     $this->output->enable_profiler(config('profiler', 'core'));
 }
Exemple #21
0
 function add_comment()
 {
     if ($this->input->post('object_id') <= 0 or strlen($this->input->post('comment')) <= 0 or strlen($this->input->post('object')) <= 0) {
         return 0;
     } else {
         $userid = $_SESSION['userid'];
         $now = date("Y-m-d h:i:s");
         $data = array('comment' => xss_clean(substr($this->input->post('comment'), 0, 255)), 'object' => xss_clean($this->input->post('object')), 'object_id' => $this->input->post('object_id'), 'user_id' => $userid, 'created' => $now);
         $this->db->insert("comments", $data);
         return 1;
     }
 }
Exemple #22
0
 function do_upload($risk_id)
 {
     //                $upload_path = realpath(APPPATH . '../uploads') /var/www/shhasan.ddns.net/uploads/;
     $config['upload_path'] = '/var/www.v1.riskmp.com/public_html/assets/images/uploads/';
     $config['allowed_types'] = 'gif|jpg|png';
     $config['max_size'] = '10000KB';
     $config['max_width'] = '102400';
     $config['max_height'] = '76800';
     //$config['file_name'] = 'name';
     $confirm_member = $this->User_model->confirm_member(true, false);
     if (!$confirm_member['success']) {
         $this->print_jtable_error(self::ERROR_NOT_LOGGED_IN);
         return;
     }
     $user_id = $_SESSION['user_id'];
     $this->load->model('Risk_model');
     $permission = $this->Risk_model->initialize($risk_id, $user_id);
     if ($permission != "Admin" && $permission != "Owner" && $permission != "Write") {
         $this->print_jtable_error(self::ERROR_NO_EDIT_PERMISSION);
         return;
     }
     $this->load->library('upload', $config);
     if (!$this->upload->do_upload()) {
         $error = array('error' => $this->upload->display_errors());
         $this->load->view('upload_form', $error);
     } else {
         $data = array('upload_data' => $this->upload->data());
         // $this->load->view('upload_success', $data);
         $this->load->helper('security');
         foreach ($data as &$val) {
             xss_clean($val);
         }
         $previous_data = $this->Risk_model->get();
         $media_items = explode(',', $previous_data['img_url']);
         if (sizeof($media_items) == 3) {
             echo "<script>alert('More than 3 images for a risk are not permitted.'); window.location = '" . $_SERVER['HTTP_REFERER'] . "';</script>";
             return;
         }
         if (isset($previous_data['img_url']) && $previous_data['img_url'] != null && $previous_data['img_url'] != '') {
             $risk_data['img_url'] = $previous_data['img_url'] . ',' . $data['upload_data']['file_name'];
         } else {
             $risk_data['img_url'] = $data['upload_data']['file_name'];
         }
         if ($this->Risk_model->upload_media($risk_data) == false) {
             echo "<script>alert('An ERROR occurred while uploading your file. Please try again.'); window.location = '" . $_SERVER['HTTP_REFERER'] . "';</script>";
             return;
         } else {
             echo "<script>alert('Upload Successful!'); window.location = '" . $_SERVER['HTTP_REFERER'] . "';</script>";
             return;
         }
     }
 }
 public function __construct()
 {
     parent::__construct();
     $this->load->library(array('UserAuth'));
     $this->post = json_decode(file_get_contents("php://input"), TRUE);
     // 从post中json字符串中解析出变量并合并到$_POST
     if (!empty($this->post)) {
         $this->post = xss_clean($this->post);
         $_POST = array_merge($_POST, $this->post);
     }
     // 激活分析器以调试程序
     // $this->output->enable_profiler(TRUE);
 }
Exemple #24
0
 function topsms()
 {
     parent::Controller();
     $this->load->helper(array('fdcore_framework', 'office_framework', 'rf_framework_helper'));
     $this->load->helper(array('language', 'url', 'security', 'form', 'html', 'pay', 'date'));
     $this->load->library(array('session', 'parser', 'table', 'ajax'));
     $this->lang->load('office', get_lang());
     $this->login = xss_clean($this->session->userdata('login'));
     RunFunc('connectdb|connectmydb|check_offline|check_sql_inject');
     $this->output->enable_profiler(config('profiler', 'core'));
     if (!is_logged()) {
         redirect(base_url());
     }
 }
 public function index()
 {
     $query_level_one = $this->Maintain_menu_model->get_menu(1, 0);
     $menu = "";
     for ($i = 0; $i < count($query_level_one); $i++) {
         $level_one_name = xss_clean($query_level_one[$i]['Name']);
         $level_one_id = xss_clean($query_level_one[$i]['Id']);
         $level_one_type = xss_clean($query_level_one[$i]['Type']);
         $menu = $menu . "<li>";
         if ($level_one_type == "folder") {
             $menu = $menu . "<span class=\"badge badge-success\" onclick=\"load_folder('" . $level_one_id . "','modify')\"><i class=\"icon-folder-close\"></i> " . $level_one_name . "</span><a href=\"#\"><i class=\"icon-plus\"></i></a>";
             $menu = $menu . "<ul>";
             if ($this->Maintain_menu_model->has_node($level_one_id)) {
                 $query_level_two = $this->Maintain_menu_model->get_menu(2, $level_one_id);
                 for ($j = 0; $j < count($query_level_two); $j++) {
                     $level_two_name = xss_clean($query_level_two[$j]['Name']);
                     $level_two_id = xss_clean($query_level_two[$j]['Id']);
                     $level_two_type = xss_clean($query_level_two[$j]['Type']);
                     $menu = $menu . "<li>";
                     if ($level_two_type == "folder") {
                         $menu = $menu . "<span class=\"badge badge-success\" onclick=\"load_folder('" . $level_two_id . "','modify')\"><i class=\"icon-folder-close\"></i> " . $level_two_name . "</span><a href=\"#\"><i class=\"icon-plus\"></i></a>";
                         $menu = $menu . "<ul>";
                         if ($this->Maintain_menu_model->has_node($level_two_id)) {
                             $query_level_three = $this->Maintain_menu_model->get_menu(3, $level_two_id);
                             for ($k = 0; $k < count($query_level_three); $k++) {
                                 $menu = $menu . "<li>";
                                 $level_three_name = xss_clean($query_level_three[$k]['Name']);
                                 $level_three_id = xss_clean($query_level_three[$k]['Id']);
                                 $menu = $menu . "<a href=\"javascript:load_function('" . $level_three_id . "','modify')\" ><span><i class=\"icon-cog\"></i> " . $level_three_name . "</span></a>";
                                 $menu = $menu . "</li>";
                             }
                         }
                         $menu = $menu . "</ul>";
                     } else {
                         $menu = $menu . "<a href=\"javascript:load_function('" . $level_two_id . "','modify')\" ><span><i class=\"icon-cog\"></i> " . $level_two_name . "</span></a>";
                     }
                     $menu = $menu . "</li>";
                 }
             }
             $menu = $menu . "</ul>";
         } else {
             $menu = $menu . "<a href=\"javascript:load_function('" . $level_one_id . "','modify')\" ><span><i class=\"icon-cog\"></i> " . $level_one_name . "</span></a>";
         }
         $menu = $menu . "</li>";
     }
     $menu = $menu . " </ul>";
     $data["menu"] = $menu;
     $this->load->view('maintain_menu/maintain_menu', $data);
 }
Exemple #26
0
 public function new_password()
 {
     $this->form_validation->set_rules('code', $this->lang->line('signin_new_pwd_code'), 'required|min_length[4]|max_length[8]');
     $this->form_validation->set_rules('usr_email', $this->lang->line('signin_new_pwd_email'), 'required|min_length[5]|max_length[125]');
     $this->form_validation->set_rules('usr_password1', $this->lang->line('signin_new_pwd_email'), 'required|min_length[5]|max_length[125]');
     $this->form_validation->set_rules('usr_password2', $this->lang->line('signin_new_pwd_email'), 'required|min_length[5]|max_length[125]|matches[usr_password1]');
     if ($this->input->post()) {
         $data['code'] = xss_clean($this->input->post('code'));
     } else {
         $data['code'] = xss_clean($this->uri->segment(3));
     }
     if ($this->form_validation->run() == FALSE) {
         $data['usr_email'] = array('name' => 'usr_email', 'class' => 'form-control', 'id' => 'usr_email', 'type' => 'text', 'value' => set_value('usr_email', ''), 'maxlength' => '100', 'size' => '35', 'placeholder' => $this->lang->line('signin_new_pwd_email'));
         $data['usr_password1'] = array('name' => 'usr_password1', 'class' => 'form-control', 'id' => 'usr_password1', 'type' => 'password', 'value' => set_value('usr_password1', ''), 'maxlength' => '100', 'size' => '35', 'placeholder' => $this->lang->line('signin_new_pwd_pwd'));
         $data['usr_password2'] = array('name' => 'usr_password2', 'class' => 'form-control', 'id' => 'usr_password2', 'type' => 'password', 'value' => set_value('usr_password2', ''), 'maxlength' => '100', 'size' => '35', 'placeholder' => $this->lang->line('signin_new_pwd_confirm'));
         $this->load->view('common/login_header', $data);
         $this->load->view('users/new_password', $data);
         $this->load->view('common/footer', $data);
     } else {
         // Does code from input match the code against the email
         $email = xss_clean($this->input->post('usr_email'));
         if (!$this->Users_model->does_code_match($data, $email)) {
             // Code doesn't match
             redirect('users/forgot_password');
         } else {
             // Code does match
             $hash = $this->encrypt->sha1($this->input->post('usr_password1'));
             $data = array('usr_hash' => $hash, 'usr_email' => $email);
             if ($this->Users_model->update_user_password($data)) {
                 $link = 'http://www.domain.com/signin';
                 $result = $this->Users_model->get_user_details_by_email($email);
                 foreach ($result->result() as $row) {
                     $usr_fname = $row->usr_fname;
                     $usr_lname = $row->usr_lname;
                 }
                 $path = '/path/to/codeigniter/application/controllers/../views/email_scripts/new_password.txt';
                 $file = read_file($path);
                 $file = str_replace('%usr_fname%', $usr_fname, $file);
                 $file = str_replace('%usr_lname%', $usr_lname, $file);
                 $file = str_replace('%password%', $password, $file);
                 $file = str_replace('%link%', $link, $file);
                 if (mail($email, $this->lang->line('email_subject_new_password'), $file, 'From: me@domain.com')) {
                     redirect('signin');
                 }
             }
         }
     }
 }
Exemple #27
0
 function create()
 {
     $try = $this->m_users->add_user();
     if ($try) {
         $data['title'] = 'Thanks for registering';
         $data['main_view'] = 'welcome/thanks';
         //add tags
         $tags = xss_clean(substr($_SESSION['tags'], 0, 255));
         $this->m_tags->add_tags($tags, 'users', $try);
     } else {
         $data['title'] = 'There was a problem!';
         $data['main_view'] = 'welcome/oops';
     }
     $this->load->vars($data);
     $this->load->view('template');
 }
Exemple #28
0
 function search_updates($input)
 {
     $term = xss_clean(substr($input, 0, 255));
     $this->db->select('id,user_id,udpate');
     $this->db->like('udpate', $term);
     $Q = $this->db->get("updates");
     if ($Q->num_rows() > 0) {
         foreach ($Q->result_array() as $row) {
             $data[] = $row;
         }
     } else {
         $data = array();
     }
     $Q->free_result();
     return $data;
 }
 public function create_location($client_id, $location_name, $enabled = false)
 {
     $response_messages = array();
     if (!$this->check_valid_location_name(xss_clean(base64_decode($location_name)))) {
         array_push($response_messages, 'location_name_exists');
     }
     if (!$this->check_valid_client_id($client_id)) {
         array_push($response_messages, 'client_id_invalid');
     }
     if (count($response_messages) > 0) {
         return false;
     }
     $location = array('client_id' => $client_id, 'name' => xss_clean(base64_decode($location_name)), 'enabled' => $enabled === 'true' ? 1 : 0);
     $this->db->insert('locations', $location);
     return $this->get_client_locations($client_id, true, false);
 }
 public function __construct()
 {
     parent::__construct();
     $this->load->model(['MLog']);
     $this->load->library(array('UserAuth', 'Http'));
     $this->post = json_decode(file_get_contents("php://input"), TRUE);
     // 从post中json字符串中解析出变量并合并到$_POST
     if (!empty($this->post)) {
         $this->post = xss_clean($this->post);
         $_POST = array_merge($_POST, $this->post);
     }
     $this->_service_url = C('service.s');
     // 记录系统日志
     $this->MLog->record($this->userauth->current(FALSE));
     // 激活分析器以调试程序
     // $this->output->enable_profiler(TRUE);
 }