private static function _checkPermission() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } }
public function browse() { $this->_checkPermission(); $params = func_get_args(); $this->path = join('/', $params); // make sure there's a / at the end if (substr($this->path, -1, 1) != '/') { $this->path .= '/'; } //security // we dont allow back link if (strpos($this->path, '..') !== false) { if (Plugin::isEnabled('statistics_api')) { $user = null; if (AuthUser::isLoggedIn()) { $user = AuthUser::getUserName(); } $ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; $event = array('event_type' => 'hack_attempt', 'description' => __('A possible hack attempt was detected.'), 'ipaddress' => $ip, 'username' => $user); Observer::notify('stats_file_manager_hack_attempt', $event); } } $this->fullpath = FILES_DIR . '/sidebarlink/images/'; // clean up nicely $this->fullpath = preg_replace('/\\/\\//', '/', $this->fullpath); $this->display('sidebarlink/index', array('dir' => $this->path, 'files' => $this->_getListFiles(), 'sidebarlinks' => Record::findAllFrom('SidebarLink', '1=1 ORDER BY id desc'), 'pages' => Record::findAllFrom('Page', 'parent_id=1 OR parent_id=0 order by parent_id,position'))); }
public function submit_address($fields = array()) { $checkout = $this->config['checkoutPath']; $out = null; // wolf authentication if (!AuthUser::isLoggedIn() && (!isset($_SESSION['shipping_address']) || empty($_SESSION['shipping_address'])) || 1 == 1) { $out .= "<div class=\"shipping_address_form\">"; $out .= "<div id=\"form_response\"><h2 class=\"checkout-error error-message\">Please provide the following information!</h2></div>"; //$out .= "<div id=\"form_response\"><h2 class=\"checkout-error error-message\">Please provide the following information!</h2><div>"; //$this->disablePaypalCheckout = " disabled='disabled'"; $out .= " <form id=\"shipping_address\" name=\"shipping_address\" action=\"" . $_SERVER['REQUEST_URI'] . "\" method=\"post\">"; $out .= " <p><label>Delivery Address</label></p><br/><br/>"; if (!empty($fields)) { foreach ($fields['label'] as $k => $label) { $out .= $this->draw_field($k, $fields); } } //$out .= " <input onclick=\"submit_any_form('#submit_address');\" name=\"submit_address\" id=\"submit_address\" type=\"submit\" value=\"Save Addres\" />"; $out .= " <input class=\"ajaxsubmit\" name=\"submit_address\" id=\"submit_address\" type=\"submit\" value=\"Save Addres\" />"; $out .= " </form>"; $out .= "</div>"; } else { $out = ''; } // display shipping address form if ($checkout != $this->config['checkoutPath'] || 1 == 1) { return $out; } else { return null; } }
public static function _checkLog() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } }
/** * Allows a user to login. */ function login() { // already log in ? if (AuthUser::isLoggedIn()) { if (Flash::get('redirect') != null) { redirect(Flash::get('redirect')); } else { redirect(get_url()); } } if (get_request_method() == 'POST') { $data = isset($_POST['login']) ? $_POST['login'] : array('username' => '', 'password' => ''); Flash::set('username', $data['username']); if (AuthUser::login($data['username'], $data['password'], isset($data['remember']))) { Observer::notify('admin_login_success', $data['username']); $this->_checkVersion(); // redirect to defaut controller and action if ($data['redirect'] != null && $data['redirect'] != 'null') { redirect($data['redirect']); } else { redirect(get_url()); } } else { Flash::set('error', __('Login failed. Please check your login data and try again.')); Observer::notify('admin_login_failed', $data['username']); } } // not find or password is wrong if ($data['redirect'] != null && $data['redirect'] != 'null') { redirect($data['redirect']); } else { redirect(get_url('login')); } }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } $this->assignToLayout('sidebar', new View('translate/sidebar')); }
function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } $this->setLayout('backend'); }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { echo 'Please Login'; header('location:index.php?job=login'); } }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } $this->setLayout('backend'); $this->assignToLayout('sidebar', new View('../../plugins/frog_tags/views/sidebar')); }
function __construct() { if (defined('CMS_BACKEND')) { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } } }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } $this->setLayout('backend'); $this->assignToLayout('sidebar', new View('fnbgallery/sidebar')); }
function indexAction() { global $tpl; if (AuthUser::isLoggedIn()) { //echo 'You have logged in!'; header('location:index.php?job=admin_article'); } else { $tpl->display('admin/login.html'); } }
public function __construct() { // Check to make sure user is logged in. AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } $this->setLayout('backend'); $this->assignToLayout('sidebar', new View('../../plugins/tinymce/views/sidebar')); }
public function beforeSave() { $this->created_on = date("Y-m-d H:i:s"); if (!AuthUser::isLoggedIn()) { $this->username = "******"; } else { $this->username = AuthUser::getRecord()->name; } return true; }
function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } $_SESSION['assets_folder'] = isset($_SESSION['assets_folder']) ? $_SESSION['assets_folder'] : assets_default_folder(); $this->setLayout('backend'); $this->assignToLayout('sidebar', new View('../../plugins/assets/views/sidebar')); }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { echo 'Please Login'; header('location:index.php?job=login'); } //首页最近文章 //$this->recent_post = Article::getPost(5, true); //侧栏分类 $this->categories = Category::findAll(); if (is_array($this->categories) && count($this->categories) > 0) { $temp = array(); foreach ($this->categories as $k => $v) { $temp[$v->id] = get_object_vars($v); } $this->cahce_categories = $temp; $temp = array(); } //Tags 后期改进为热词形式 $hot_tags = Tag::findAll(20); //mprint_r($hot_tags, '$hot_tags'); if (count($hot_tags) > 0) { $first = current($hot_tags); $last = end($hot_tags); foreach ($hot_tags as $k => $v) { $tags_list[$k]['word'] = $v->name; $tags_list[$k]['size'] = tagClouds($v->count, $first->count, $last->count); } } $this->tags_list = $tags_list; $tags = Tag::findAll(); //var_dump($tags); $content_tag = Record::findAllFrom('ContentTag'); //var_dump($content_tag); //关系表中存在的文章ID以及tag集合到一个数组中tag_cache 避免在遍历生成文章静态页时重复读取数据库 //遍历所有tag 组合出方便调用的形式 if (is_array($tags) && count($tags) > 0) { $temp_tags = array(); foreach ($tags as $k => $v) { $temp_tags[$v->id] = $v->name; } } //遍历关系表 if (is_array($content_tag) && count($content_tag) > 0) { $this->cahce_tags = array(); foreach ($content_tag as $k => $v) { if (isset($temp_tags[$v->tag_id])) { $this->cahce_tags[$v->content_id][] = $temp_tags[$v->tag_id]; } } } //清空临时数据 $tags = $content_tag = $temp_tags = array(); }
/** * Check if user is authorized * * @return boolean true is access granted, false if no access */ function auth() { // You can insert your own code over here to check if the user is authorized. // This calls credentials from Wolf CMS login AuthUser::load(); if (AuthUser::isLoggedIn()) { return true; } else { return false; } }
function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } if (!AuthUser::hasPermission('admin_view')) { redirect(URL_PUBLIC); } $this->setLayout('backend'); $this->assignToLayout('sidebar', new View('../../plugins/funky_cache/views/sidebar')); }
private static function _checkPermission() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } else { if (!AuthUser::hasPermission('administrator')) { Flash::set('error', __('You do not have permission to access the requested page!')); redirect(get_url()); } } }
function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } else { if (!AuthUser::hasPermission('administrator')) { Flash::set('error', __('You do not have permission to access the requested page!')); redirect(get_url()); } } $this->setLayout('backend'); }
/** * Used to check generic permissions for entire the controller. */ private static final function _checkPermission() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } else { if (!AuthUser::hasPermission('admin_edit')) { Flash::set('error', __('You do not have permission to access the requested page!')); if (Setting::get('default_tab') === 'setting') { redirect(get_url('page')); } else { redirect(get_url()); } } } }
function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url('login')); } else { if (!AuthUser::hasPermission('layout_view')) { Flash::set('error', __('You do not have permission to access the requested page!')); if (Setting::get('default_tab') === 'layout') { redirect(get_url('page')); } else { redirect(get_url()); } } } $this->setLayout('backend'); $this->assignToLayout('sidebar', new View('layout/sidebar')); }
function login() { // already log in ? if (AuthUser::isLoggedIn()) { redirect(get_url()); } $data = isset($_POST['login']) ? $_POST['login'] : array('username' => '', 'password' => ''); Flash::set('username', $data['username']); if (AuthUser::login($data['username'], $data['password'], isset($data['remember']))) { $this->_checkVersion(); // redirect to defaut controller and action redirect(get_url()); } else { Flash::set('error', __('Login failed. Please check your login data and try again.')); } // not find or password is wrong redirect(get_url('login')); }
/** * Allows a user to login. */ function login() { $redirect = ''; if (Flash::get('redirect') != null) { $redirect = Flash::get('redirect'); } elseif (Flash::get('HTTP_REFERER') != null) { $redirect = trim(Flash::get('HTTP_REFERER')); } // Allow plugins to handle login Observer::notify('login_requested', $redirect); // already log in ? if (AuthUser::isLoggedIn()) { if ($redirect != '') { redirect(self::sanitizeRedirect($redirect)); } else { redirect(get_url()); } } if (get_request_method() == 'POST') { $data = isset($_POST['login']) ? $_POST['login'] : array('username' => '', 'password' => ''); Flash::set('username', $data['username']); if (AuthUser::login($data['username'], $data['password'], isset($data['remember']))) { Observer::notify('admin_login_success', $data['username']); $this->_checkVersion(); // redirect to defaut controller and action if ($data['redirect'] != null && $data['redirect'] != 'null') { redirect(self::sanitizeRedirect($data['redirect'])); } else { redirect(get_url()); } } else { Flash::set('error', __('Login failed. Check your username and password.<br/>If you tried to login more than :attempts times, you will have to wait at least :delay seconds before trying again.', array(':attempts' => DELAY_FIRST_AFTER, ':delay' => DELAY_ONCE_EVERY))); Observer::notify('admin_login_failed', $data['username']); } } // not find or password is wrong if ($data['redirect'] != null && $data['redirect'] != 'null') { redirect(self::sanitizeRedirect($data['redirect'])); } else { redirect(get_url('login')); } }
public function __construct() { AuthUser::load(); if (!AuthUser::isLoggedIn()) { redirect(get_url("login")); die; } // GET SETTINGS $settings = array_merge(array("grid-size" => 3, "widget-position" => serialize(array("events" => array("part" => 1, "order" => 1), "rss_reader" => array("part" => 2, "order" => 1)))), Plugin::getAllSettings("dashboard")); // UNSERIALIZE SETTINGS foreach ($settings as $key => $value) { if (is_string($value)) { if (@unserialize($value) !== false) { $settings[$key] = unserialize($value); } } } $this->settings = $settings; // OBSERVER DashboardWidgets::init($settings["widget-position"]); Observer::observe("view_backend_layout_head", "DashboardController::loadFiles"); }
/** * Execute this function on page_not_found. * If the request is for an image file, * resize the image. */ function image_resize_try_resizing() { // Require that visitor be logged in and has // permission to create files if (!AuthUser::isLoggedIn()) { AuthUser::load(); } if (!AuthUser::hasPermission('administrator,developer,editor')) { return false; } // Check that gd library is available if (!ImageResize::gd_available()) { return false; } if (preg_match('#\\.(jpe?g|gif|png|wbmp)$#i', CURRENT_URI)) { // If requested file appears to be an accepted format, create the new image if (image_resize_scale(CURRENT_URI) && !DEBUG) { // If Frog isn't debugging, it writes to a file; redirect to it header('Location: ' . URL_PUBLIC . "/" . CURRENT_URI); // Exit here to prevent a page not found message exit; } } }
if (!function_exists('mysql_date_format_function')) { function mysql_function_date_format($date, $format) { return strftime($format, strtotime($date)); } } $__CMS_CONN__->sqliteCreateFunction('date_format', 'mysql_function_date_format', 2); } // DEFINED ONLY FOR BACKWARDS SUPPORT - to be taken out before 0.9.0 $__FROG_CONN__ = $__CMS_CONN__; Record::connection($__CMS_CONN__); Record::getConnection()->exec("set names 'utf8'"); Setting::init(); use_helper('I18n'); AuthUser::load(); if (AuthUser::isLoggedIn()) { I18n::setLocale(AuthUser::getRecord()->language); } else { I18n::setLocale(Setting::get('language')); } // Only add the cron web bug when necessary if (defined('USE_POORMANSCRON') && USE_POORMANSCRON && defined('POORMANSCRON_INTERVAL')) { Observer::observe('page_before_execute_layout', 'run_cron'); function run_cron() { $cron = Cron::findByIdFrom('Cron', '1'); $now = time(); $last = $cron->getLastRunTime(); if ($now - $last > POORMANSCRON_INTERVAL) { echo $cron->generateWebBug(); }
/** * Validates whether a given secure token is still valid. * * The validateToken() method validates the token is valid by checking: * - that the token is not expired (through the time), * - the token is valid for this user, * - the token is valid for this url * * It does so by reconstructing the token. If at any time during the valid * period of the token, the username, user password or the url changed, the * token is considered invalid. * * The token is also considered invalid if more than SecureToken::EXPIRES seconds * have passed. * * @param string $token The token. * @param string $url The url for which the token was generated. * @return boolean True if the token is valid, otherwise false. */ public static final function validateToken($token, $url) { use_helper('Hash'); $hash = new Crypt_Hash('sha256'); AuthUser::load(); if (AuthUser::isLoggedIn()) { $user = AuthUser::getRecord(); $target_url = str_replace('&', '&', $url); $pwd = substr(bin2hex($hash->hash($user->password)), 5, 20); $time = SecureToken::getTokenTime($user->username, $target_url); if (microtime(true) - $time > self::EXPIRES) { return false; } return bin2hex($hash->hash($user->username . $time . $target_url . $pwd . $user->salt)) === $token; } return false; }
public function browse() { $this->_checkPermission(); $params = func_get_args(); $this->path = join('/', $params); // make sure there's a / at the end if (substr($this->path, -1, 1) != '/') { $this->path .= '/'; } //security // we dont allow back link if (strpos($this->path, '..') !== false) { if (Plugin::isEnabled('statistics_api')) { $user = null; if (AuthUser::isLoggedIn()) { $user = AuthUser::getUserName(); } $ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; $event = array('event_type' => 'hack_attempt', 'description' => __('A possible hack attempt was detected.'), 'ipaddress' => $ip, 'username' => $user); Observer::notify('stats_file_manager_hack_attempt', $event); } } $this->display('testimonial/index', array('testimonials' => Record::query('select * from ' . TABLE_PREFIX . 'testimonial ORDER BY ' . TABLE_PREFIX . 'testimonial.sequence, ' . TABLE_PREFIX . 'testimonial.id desc'), 'pages' => Record::findAllFrom('Page', 'parent_id=1 order by parent_id,position'))); }