/** * Get current language * @return mixed String abbreviation of current language */ public static function getLanguage() { // check if cookie exist and language value in cookie is valid if (isset($_COOKIE['as_lang']) && self::isValidLanguage($_COOKIE['as_lang'])) { return $_COOKIE['as_lang']; } else { return ASSession::get('as_lang', DEFAULT_LANGUAGE); } }
/** * Get page where user should be redirected, based on user's role. * If there is no specific page set for provided role, redirect to default page. * * @return string Page where user should be redirected. */ function get_redirect_page() { $login = new ASLogin(); if ($login->isLoggedIn()) { $user = new ASUser(ASSession::get("user_id")); $role = $user->getRole(); } else { $role = 'default'; } $redirect = unserialize(SUCCESS_LOGIN_REDIRECT); if (!isset($redirect['default'])) { $redirect['default'] = 'index.php'; } return isset($redirect[$role]) ? $redirect[$role] : $redirect['default']; }
/** * Check if user is logged in. * @return boolean TRUE if user is logged in, FALSE otherwise. */ public function isLoggedIn() { //if $_SESSION['user_id'] is not set return false if (ASSession::get("user_id") == null) { return false; } //if enabled, check fingerprint if (LOGIN_FINGERPRINT == true) { $loginString = $this->_generateLoginString(); $currentString = ASSession::get("login_fingerprint"); if ($currentString != null && $currentString == $loginString) { return true; } else { //destroy session, it is probably stolen by someone $this->logout(); return false; } } //if you got to this point, user is logged in return true; }
<?php include "admin/ASEngine/AS.php"; if (!$login->isLoggedIn()) { redirect("login.php"); } $user = new ASUser(ASSession::get("user_id")); $userInfo = $user->getInfo(); require 'conf/data.php'; require 'includes/header.php'; require 'includes/nav.php'; require 'includes/modal.php'; ?> <div class="container"> <?php if (strlen($search) <= 1) { ?> <br><br><br> <h3>Search term "<?php echo $search; ?> " too short</h3><hr> <?php } else { ?> <h3>You searched for "<i><?php echo $search; ?>
function onlyAdmin() { $login = new ASLogin(); if (!$login->isLoggedIn()) { exit; } $loggedUser = new ASUser(ASSession::get("user_id")); if (!$loggedUser->isAdmin()) { exit; } }
<li> <a href="/Fed/Production/index.php?id=<?php echo $previd; ?> ">Previous</a> </li> <li> <a href="/Fed/Production/index.php?id=<?php echo $nextid; ?> ">Next</a> </li> <?php $userId = ASSession::get('user_id'); $user = new ASUser($userId); ?> <li class="dropdown"> <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false"><?php echo ASLang::get('welcome'); ?> , <?php echo e($userInfo['username']); ?> <span class="caret"></span></a> <ul class="dropdown-menu" role="menu"> <li>
<div class="control-group form-group"> <label class="control-label col-lg-4" >Course, applied for<span class="required">*</span></label> <div class="controls col-lg-8"> <input name="fr_course" id="fr_course" value="Abacus_Education" type="radio" />Abacus Education <input name="fr_course" id="fr_course" value="Vedic_Maths" type="radio" /> Vedic Maths <br> <input name="fr_course" id="fr_course" value="Abacus_Education-Vedic_Maths" type="radio" /> Both Abacus Education & Vedic Maths </div> </div> <div class="control-group form-group"> <label class="control-label col-lg-4" for="reg-bot-sum"> <?php echo ASSession::get("bot_first_number"); ?> + <?php echo ASSession::get("bot_second_number"); ?> <span class="required">*</span> </label> <div class="controls col-lg-8"> <input type="text" id="reg-bot-sum" class="input-xlarge form-control"> </div> </div> <div class="control-group form-group"> <div class="controls col-lg-offset-4 col-lg-8"> <button id="btn-register-student" class="btn btn-success"><?php echo ASLang::get('create_account'); ?> </button> </div>
<?php require_once 'ASEngine/AS.php'; $provider = @$_GET['p']; $token = @$_GET['token']; if ($token == '' || $token == null || $token !== ASSession::get('as_social_token')) { ASSession::destroy('as_social_token'); die('Wrong social auth token!'); } if ($provider == '' || $provider == null) { die('Wrong provider.'); } switch ($provider) { case 'twitter': if (!TWITTER_ENABLED) { die('This provider is not enabled.'); } break; case 'facebook': if (!FACEBOOK_ENABLED) { die('This provider is not enabled.'); } break; case 'google': if (!GOOGLE_ENABLED) { die('This provider is not enabled.'); } break; default: die('This provider is not supported!'); }
/** * Validate user provided fields. * @param $data User provided fieds and id's of those fields that will be used for displaying error messages on client side. * @param bool $botProtection Should bot protection be validated or not * @return array Array with errors if there are some, empty array otherwise. */ public function validateUser($data, $botProtection = true) { $id = $data['fieldId']; $user = $data['userData']; $errors = array(); $validator = new ASValidator(); //check if email is not empty if ($validator->isEmpty($user['email'])) { $errors[] = array("id" => $id['email'], "msg" => ASLang::get('email_required')); } //check if username is not empty if ($validator->isEmpty($user['username'])) { $errors[] = array("id" => $id['username'], "msg" => ASLang::get('username_required')); } //check if password is not empty if ($validator->isEmpty($user['password'])) { $errors[] = array("id" => $id['password'], "msg" => ASLang::get('password_required')); } //check if password and confirm password are the same if ($user['password'] != $user['confirm_password']) { $errors[] = array("id" => $id['confirm_password'], "msg" => ASLang::get('passwords_dont_match')); } //check if email format is correct if (!$validator->emailValid($user['email'])) { $errors[] = array("id" => $id['email'], "msg" => ASLang::get('email_wrong_format')); } //check if email is available if ($validator->emailExist($user['email'])) { $errors[] = array("id" => $id['email'], "msg" => ASLang::get('email_taken')); } //check if username is available if ($validator->usernameExist($user['username'])) { $errors[] = array("id" => $id['username'], "msg" => ASLang::get('username_taken')); } if ($botProtection) { //bot protection $sum = ASSession::get("bot_first_number") + ASSession::get("bot_second_number"); if ($sum != intval($user['bot_sum'])) { $errors[] = array("id" => $id['bot_sum'], "msg" => ASLang::get('wrong_sum')); } } return $errors; }
/** * Validate user provided fields. * @param $data User provided fieds and id's of those fields that will be used for displaying error messages on client side. * @param bool $botProtection Should bot protection be validated or not * @return array Array with errors if there are some, empty array otherwise. */ public function validateUser($data, $validateFor, $botProtection = true) { $id = $data['fieldId']; $user = $data['userData']; $errors = array(); $validator = new ASValidator(); //check if email is not empty if ($validator->isEmpty($user['email'])) { $errors[] = array("id" => $id['email'], "msg" => ASLang::get('email_required')); } //check if email format is correct if (!$validator->emailValid($user['email'])) { $errors[] = array("id" => $id['email'], "msg" => ASLang::get('email_wrong_format')); } //check if email is available if ($validateFor == "student") { if ($validator->studentemailExist($user['email'])) { $errors[] = array("id" => $id['email'], "msg" => ASLang::get('student_email_taken')); } } elseif ($validateFor == "franchise") { if ($validator->franchiseemailExist($user['email'])) { $errors[] = array("id" => $id['email'], "msg" => ASLang::get('franchise_email_taken')); } } if ($botProtection) { //bot protection $sum = ASSession::get("bot_first_number") + ASSession::get("bot_second_number"); if ($sum != intval($user['bot_sum'])) { $errors[] = array("id" => $id['bot_sum'], "msg" => ASLang::get('wrong_sum')); } } return $errors; }