public static function process()
{
$security = new Security();
$security->verifyPre();
$data = stream_get_contents(fopen('php://input', 'r'));
$compressedSize = strlen($data);
$security->verifyCompressedData($data, $compressedSize);
$data = @gzdecode($data);
$uncompressedSize = strlen($data);
$security->validateData($data, $uncompressedSize);
$json = json_decode($data, true);
$security->validateJson($json);
if (isset($json['icon'])) {
$img = self::getServerIcon($json['icon']);
$json['icon'] = $img;
$data = json_encode($json);
$uncompressedSize = strlen($data);
}
$key = Util::uuid(false);
$cacheFile = Cache::getFile($key);
Log::info("Uploaded {$uncompressedSize} bytes as {$key} to {$cacheFile}");
Cache::put($key, $data);
header("Location: " . BASE_URL_VIEW . "/?id={$key}");
self::error("Compressed Size: {$compressedSize}\nUncompressed Size: {$uncompressedSize}\nRaw Upload: " . BASE_URL_VIEW . "/?id={$key}&raw=1");
}
function init()
{
// Get the member configuration
$oMemberModel = getModel('member');
$this->member_config = $oMemberModel->getMemberConfig();
Context::set('member_config', $this->member_config);
$oSecurity = new Security();
$oSecurity->encodeHTML('member_config.signupForm..');
$mskin = $this->member_config->mskin;
// Set the template path
if (!$mskin) {
$mskin = 'default';
$template_path = sprintf('%sm.skins/%s', $this->module_path, $mskin);
} else {
$template_path = sprintf('%sm.skins/%s', $this->module_path, $mskin);
}
// if member_srl exists, set memberInfo
$member_srl = Context::get('member_srl');
if ($member_srl) {
$oMemberModel = getModel('member');
$this->memberInfo = $oMemberModel->getMemberInfoByMemberSrl($member_srl);
if (!$this->memberInfo) {
Context::set('member_srl', '');
} else {
Context::set('member_info', $this->memberInfo);
}
}
$this->setTemplatePath($template_path);
$oLayoutModel = getModel('layout');
$layout_info = $oLayoutModel->getLayout($this->member_config->mlayout_srl);
if ($layout_info) {
$this->module_info->mlayout_srl = $this->member_config->mlayout_srl;
$this->setLayoutPath($layout_info->path);
}
}
function dispNcenterliteAdminSkinsetting()
{
$oModuleModel = getModel('module');
$oLayoutModel = getModel('layout');
$oNcenterliteModel = getModel('ncenterlite');
$config = $oNcenterliteModel->getConfig();
Context::set('config', $config);
$layout_list = $oLayoutModel->getLayoutList();
Context::set('layout_list', $layout_list);
$mobile_layout_list = $oLayoutModel->getLayoutList(0, 'M');
Context::set('mlayout_list', $mobile_layout_list);
$skin_list = $oModuleModel->getSkins($this->module_path);
Context::set('skin_list', $skin_list);
$mskin_list = $oModuleModel->getSkins($this->module_path, "m.skins");
Context::set('mskin_list', $mskin_list);
if (!$skin_list[$config->skin]) {
$config->skin = 'default';
}
Context::set('colorset_list', $skin_list[$config->skin]->colorset);
if (!$mskin_list[$config->mskin]) {
$config->mskin = 'default';
}
Context::set('mcolorset_list', $mskin_list[$config->mskin]->colorset);
$security = new Security();
$security->encodeHTML('config..');
$security->encodeHTML('skin_list..title');
$security->encodeHTML('colorset_list..name', 'colorset_list..title');
}
/**
* the html to select colorset of the skin
* @return void
*/
function getCommunicationAdminColorset()
{
$skin = Context::get('skin');
$type = Context::get('type') == 'P' ? 'P' : 'M';
Context::set('type', $type);
if ($type == 'P') {
$dir = 'skins';
} else {
$dir = 'm.skins';
}
if (!$skin) {
$tpl = "";
} else {
$oModuleModel = getModel('module');
$skin_info = $oModuleModel->loadSkinInfo($this->module_path, $skin, $dir);
Context::set('skin_info', $skin_info);
$oModuleModel = getModel('module');
$communication_config = $oModuleModel->getModuleConfig('communication');
if (!$communication_config->colorset) {
$communication_config->colorset = "white";
}
Context::set('communication_config', $communication_config);
$security = new Security();
$security->encodeHTML('skin_info.colorset..title', 'skin_info.colorset..name');
$security->encodeHTML('skin_info.colorset..name');
$oTemplate = TemplateHandler::getInstance();
$tpl = $oTemplate->compile($this->module_path . 'tpl', 'colorset_list');
}
$this->add('tpl', $tpl);
$this->add('type', $type);
}
/**
* Display output list (administrative)
* @return void
*/
function dispTrackbackAdminList()
{
// Wanted set
$oModuleModel =& getModel('module');
$config = $oModuleModel->getModuleConfig('trackback');
Context::set('config', $config);
// Options to get a list
$args->page = Context::get('page');
// / "Page
$args->list_count = 30;
// / "One page of posts to show the
$args->page_count = 10;
// / "Number of pages that appear in the page navigation
$args->sort_index = 'list_order';
// / "Sorting values
$args->module_srl = Context::get('module_srl');
// Get a list
$oTrackbackAdminModel =& getAdminModel('trackback');
$output = $oTrackbackAdminModel->getTotalTrackbackList($args);
// To write to a template parameter settings
Context::set('total_count', $output->total_count);
Context::set('total_page', $output->total_page);
Context::set('page', $output->page);
Context::set('trackback_list', $output->data);
Context::set('page_navigation', $output->page_navigation);
//Security
$security = new Security();
$security->encodeHTML('config.');
$security->encodeHTML('trackback_list..');
// Set a template
$this->setTemplatePath($this->module_path . 'tpl');
$this->setTemplateFile('trackback_list');
}
function init()
{
$oTimelineModel = getModel('timeline');
$module_srl = Context::get('module_srl');
$timeline_info = $oTimelineModel->getTimelineInfo($module_srl);
// 타임라인 게시판 정보 유효성 검증
if ($timeline_info) {
$standard_date = sscanf($timeline_info->standard_date, '%04d%02d%02d%02d%02d%02d');
$limit_date = sscanf($timeline_info->limit_date, '%04d%02d%02d%02d%02d%02d');
Context::set('timeline_info', $timeline_info);
Context::set('attach_info', $timeline_info->attach_info);
Context::set('standard_date', $standard_date);
Context::set('limit_date', $limit_date);
} else {
Context::set('module_srl', '');
}
// 모듈 분류 불러오기
$oModuleModel = getModel('module');
$module_category = $oModuleModel->getModuleCategories();
Context::set('module_category', $module_category);
$security = new Security();
$security->encodeHTML('module_category..');
// 모듈 설치 여부 불러오기
$is_installed = !$this->checkUpdate();
Context::set('is_installed', $is_installed);
// 템플릿 경로 설정
$this->setTemplatePath($this->module_path . 'tpl');
}
function init()
{
$oSecurity = new Security();
$oSecurity->encodeHTML('document_srl', 'comment_srl', 'vid', 'mid', 'page', 'category', 'search_target', 'search_keyword', 'sort_index', 'order_type', 'trackback_srl');
if ($this->module_info->list_count) {
$this->list_count = $this->module_info->list_count;
}
if ($this->module_info->search_list_count) {
$this->search_list_count = $this->module_info->search_list_count;
}
if ($this->module_info->page_count) {
$this->page_count = $this->module_info->page_count;
}
$this->except_notice = $this->module_info->except_notice == 'N' ? false : true;
// $this->_getStatusNameListecret option backward compatibility
$oDocumentModel = getModel('document');
$statusList = $this->_getStatusNameList($oDocumentModel);
if (isset($statusList['SECRET'])) {
$this->module_info->secret = 'Y';
}
// use_category <=1.5.x, hide_category >=1.7.x
$count_category = count($oDocumentModel->getCategoryList($this->module_info->module_srl));
if ($count_category) {
if ($this->module_info->hide_category) {
$this->module_info->use_category = $this->module_info->hide_category == 'Y' ? 'N' : 'Y';
} else {
if ($this->module_info->use_category) {
$this->module_info->hide_category = $this->module_info->use_category == 'Y' ? 'N' : 'Y';
} else {
$this->module_info->hide_category = 'N';
$this->module_info->use_category = 'Y';
}
}
} else {
$this->module_info->hide_category = 'Y';
$this->module_info->use_category = 'N';
}
/**
* check the consultation function, if the user is admin then swich off consultation function
* if the user is not logged, then disppear write document/write comment./ view document
**/
if ($this->module_info->consultation == 'Y' && !$this->grant->manager) {
$this->consultation = true;
if (!Context::get('is_logged')) {
$this->grant->list = $this->grant->write_document = $this->grant->write_comment = $this->grant->view = false;
}
} else {
$this->consultation = false;
}
$oDocumentModel = getModel('document');
$extra_keys = $oDocumentModel->getExtraKeys($this->module_info->module_srl);
Context::set('extra_keys', $extra_keys);
$template_path = sprintf("%sm.skins/%s/", $this->module_path, $this->module_info->mskin);
if (!is_dir($template_path) || !$this->module_info->mskin) {
$this->module_info->mskin = 'default';
$template_path = sprintf("%sm.skins/%s/", $this->module_path, $this->module_info->mskin);
}
$this->setTemplatePath($template_path);
Context::addJsFilter($this->module_path . 'tpl/filter', 'input_password.xml');
}
/**
* Logout current user
* Since the logout doesn't throw an error, we don't throw one either
*/
public function logout($message = array())
{
if ($member = Member::currentUser()) {
$security = new Security();
$security->logout(false);
}
return true;
}
public function breakJSONObject()
{
try {
$queryCollection = "";
$shield = new Security();
$json_file = $_POST['jsonobject'];
$json_file = str_replace('{"dt_objectTable":[', '{"dt_objectTable":', $json_file);
$json_file = str_replace('{"dt_relatedTable":[', '{"dt_relatedTable":', $json_file);
$json_file = str_replace('}]}', '}}', $json_file);
if ($shield->shield($_POST['MODIFY_STATUS']) == "INS") {
$fieldtarget = '{"fieldName":"ROADOFSPK","fieldValue":"0","fieldType":"numeric","fieldKey":"0"}';
$additionalField = "";
if ($shield->shield($_POST['CARA_BAYAR']) == "KREDIT") {
$additionalField .= '{"fieldName":"SISA_BAYAR","fieldValue":"' . $_POST["DP_SYSTEM"] . '","fieldType":"numeric"}';
$additionalField .= ',{"fieldName":"STATUS_PO","fieldValue":"1. INDENT","fieldType":"string"}';
$additionalField .= ',{"fieldName":"AR_AMOUNT","fieldValue":"' . $_POST["DP_SYSTEM"] . '","fieldType":"numeric"}';
} else {
$additionalField .= '{"fieldName":"SISA_BAYAR","fieldValue":"' . $_POST["HARGA"] . '","fieldType":"numeric"}';
$additionalField .= ',{"fieldName":"AR_AMOUNT","fieldValue":"' . $_POST["HARGA"] . '","fieldType":"numeric"}';
}
$additionalField .= ',{"fieldName":"STATUS_SPK","fieldValue":"1","fieldType":"string"}';
$additionalField .= ',{"fieldName":"STATUS_JUAL","fieldValue":"1. SPK","fieldType":"string"}';
$additionalField .= ',{"fieldName":"STATUS_KIRIM","fieldValue":"N","fieldType":"string"}';
$additionalField .= ',{"fieldName":"STATUS_ARK","fieldValue":"N","fieldType":"string"}';
$additionalField .= ',{"fieldName":"CUSTOM_NO","fieldValue":"' . $shield->shield($_POST["NO_SPK"]) . '","fieldType":"string"}';
$additionalField .= ',{"fieldName":"ROADOFSPK","fieldValue":"0","fieldType":"numeric"}';
$json_file = str_replace($fieldtarget, $additionalField, $json_file);
}
//echo $json_file;
// convert the string to a json object
$jfo = json_decode($json_file);
$relField = "";
$relCount = 0;
$relTables = $jfo->dt_objectTable->dt_relatedTables;
foreach ($relTables as $relTbl) {
$myTable = $relTbl->dt_relatedTable;
$relTableName = $myTable->tableName;
$relautonumFormat = $myTable->autonumFormat;
$relModifyStatus = $myTable->modify_status;
$dt_relFields = $myTable->dt_relfieldCollection;
$queryCollection .= $this->generateQuery($dt_relFields, $relTableName, $relautonumFormat, $relModifyStatus, $relCount);
$relCount = $relCount + 1;
}
$tableName = $jfo->dt_objectTable->tableName;
$autonumFormat = $jfo->dt_objectTable->autonumFormat;
$modifystatus = $jfo->dt_objectTable->modify_status;
$dt_fields = $jfo->dt_objectTable->dt_fieldsCollection;
$queryCollection .= $this->generateQuery($dt_fields, $tableName, $autonumFormat, $modifystatus, 0);
//echo $queryCollection;
$model = new object_Model();
$result = $model->executeQuery($queryCollection);
$weblog = new objectupdate();
$result = $weblog->record_webaccess_log("DML : " . ${$modifystatus} . "-" . $tableName . "-" . $shield->shield($_POST["NO_SPK"]));
header("Location: entry-spk");
} catch (Exception $e) {
throw new Exception($e->getMessage());
}
}
function init()
{
$oTextyleHubModel =& getModel('textylehub');
$this->module_info = $oTextyleHubModel->getTextyleHubInfo();
Context::set('module_info', $this->module_info);
Context::set('module_srl', $this->module_info->module_srl);
$this->setTemplatePath($this->module_path . 'tpl');
$security = new Security();
$security->encodeHTML('module_info.');
}
/**
* @brief Output the list of banned words
*/
function dispSpamfilterAdminDeniedWordList()
{
// Get the list of denied IP addresses and words
$oSpamFilterModel = getModel('spamfilter');
$word_list = $oSpamFilterModel->getDeniedWordList();
Context::set('word_list', $word_list);
$security = new Security();
$security->encodeHTML('word_list..word');
// Set a template file
$this->setTemplateFile('denied_word_list');
}
/**
* Methode qui est déclenché après l'événement InteractiveLogin
* qui est l'action de login dans la sécurité
* @param InteractiveLoginEvent $event
*/
public function onAuthenticationSuccess(InteractiveLoginEvent $event)
{
$now = new \DateTime('now');
// récupére l'utilisateur courant connecté
$user = $this->tokenStorage->getToken()->getUser();
$route = 'troiswa_back_admin';
// met à jour la date de connexion de l'utilisateur
$user->setDateAuth($now);
//enregistre mon utilisateur avec sa date modifié
$this->em->persist($user);
$this->em->flush();
}
function init()
{
$init = new boot();
if (isset($_GET['app'])) {
if (empty($_GET['app'])) {
header("Location: dashboard");
}
//$sr = $_GET['sr'];
if (!isset($_SESSION['user-id'])) {
$app_get = "login";
} else {
$security = new Security();
$app_get = $security->shield($_GET['app']);
$app_get_sub = $security->shield($_GET['sub_app']);
}
switch ($app_get) {
case $app_get:
if (file_exists(LOCAL_DIR . "/apps/" . $app_get . "/" . $app_get . "_Controller.php")) {
$ldr = new autoloader($app_get);
if ($app_get_sub) {
$dynamic = "ajax_" . $app_get . "_Controller";
} else {
$dynamic = $app_get . "_Controller";
$weblog = new objectupdate();
$result = $weblog->record_webaccess_log("module : " . $app_get);
}
$object = new $dynamic();
if ($app_get == "object") {
$object->breakJSONObject();
}
if ($app_get == "ob_update") {
$object->breakJSONObject();
}
} else {
if ($app_get == "logout") {
//unset($_SESSION["user-id"]);
session_destroy();
//setcookie("user-id","", time()-3600);
header("Location: login");
} else {
$weblog = new objectupdate();
$result = $weblog->record_webaccess_log("Accessing wrong module");
header("Location: page-not-found");
}
}
break;
}
} else {
$weblog = new objectupdate();
$result = $weblog->record_webaccess_log("Accessing wrong module");
header("Location: dashboard");
}
}
public function __construct()
{
$model = new login_Model();
$shield = new Security();
if ($_GET["param"] == "exec") {
$username = $_POST["username"];
$myuserid = $shield->shield($username);
$mypassword = $shield->shield($_POST["password"]);
$datauser = $model->get_userinfo($myuserid, $mypassword);
} else {
$datauser = "******";
}
require_once 'login_View.php';
}
function dispAndroidpushappAdminConfig()
{
$oModuleModel = getModel('module');
$oAndroidpushappModel = getModel('androidpushapp');
$config = $oAndroidpushappModel->getConfig();
Context::set('config', $config);
$security = new Security();
$security->encodeHTML('config..');
$androidpushapp_module_info = $oModuleModel->getModuleInfoXml('androidpushapp');
Context::set('androidpushapp_module_info', $androidpushapp_module_info);
$mid_list = $oModuleModel->getMidList(null, array('module_srl', 'mid', 'browser_title', 'module'));
Context::set('mid_list', $mid_list);
$this->setTemplateFile('Config');
}
public function init($var)
{
if (isset($_GET['sr'])) {
$sr = $_GET['sr'];
if (!isset($_GET['app'])) {
die(_GET_APP_DONT_EXIST);
}
//$class_methods = get_class_methods("appController");
$security = new Security();
$shield_var = $security->shield($_GET['app']);
$class_methods = get_class_methods($shield_var . "_Controller");
//var_dump($class_methods);
foreach ($class_methods as $method_name) {
//echo "$method_name\n";
if ($sr == $method_name) {
/**
($sr != "__construct") && _
($sr != "__call") && _
($sr != "__callStatic") && _
($sr != "__get") && _
($sr != "__set") && _
($sr != "__isset") && _
($sr != "__unset") && _
($sr != "__sleep") && _
($sr != "__get") && _
($sr != "__wakeup") && _
($sr != "__toString") && _
($sr != "__invoke") && _
($sr != "__destruct")) {
**/
switch ($sr) {
// llama staticamente
//appController::$sr();
//appModel::$sr();
//AppView::$sr();
case $sr:
$var->{$sr}();
break;
}
// switch
}
// if
}
// for each
} else {
if (!isset($_GET['sr'])) {
$var->main();
}
}
}
function dispNcenterliteAdminConfig()
{
$oModuleModel = getModel('module');
$oNcenterliteModel = getModel('ncenterlite');
$oLayoutModel = getModel('layout');
$config = $oNcenterliteModel->getConfig();
Context::set('config', $config);
$layout_list = $oLayoutModel->getLayoutList();
Context::set('layout_list', $layout_list);
$mobile_layout_list = $oLayoutModel->getLayoutList(0, 'M');
Context::set('mlayout_list', $mobile_layout_list);
$skin_list = $oModuleModel->getSkins($this->module_path);
Context::set('skin_list', $skin_list);
$mskin_list = $oModuleModel->getSkins($this->module_path, "m.skins");
Context::set('mskin_list', $mskin_list);
if (!$skin_list[$config->skin]) {
$config->skin = 'default';
}
Context::set('colorset_list', $skin_list[$config->skin]->colorset);
if (!$mskin_list[$config->mskin]) {
$config->mskin = 'default';
}
Context::set('mcolorset_list', $mskin_list[$config->mskin]->colorset);
$security = new Security();
$security->encodeHTML('config..');
$security->encodeHTML('skin_list..title');
$security->encodeHTML('colorset_list..name', 'colorset_list..title');
$mid_list = $oModuleModel->getMidList(null, array('module_srl', 'mid', 'browser_title', 'module'));
Context::set('mid_list', $mid_list);
// 사용환경정보 전송 확인
$ncenterlite_module_info = $oModuleModel->getModuleInfoXml('ncenterlite');
$agreement_file = FileHandler::getRealPath(sprintf('%s%s.txt', './files/ncenterlite/ncenterlite-', $ncenterlite_module_info->version));
$agreement_ver_file = FileHandler::getRealPath(sprintf('%s%s.txt', './files/ncenterlite/ncenterlite_ver-', $ncenterlite_module_info->version));
if (file_exists($agreement_file)) {
$agreement = FileHandler::readFile($agreement_file);
Context::set('_ncenterlite_env_agreement', $agreement);
$agreement_ver = FileHandler::readFile($agreement_ver_file);
if ($agreement == 'Y') {
$_ncenterlite_iframe_url = 'http://sosifam.com/index.php?mid=ncenterlite_iframe';
if (!$agreement_ver) {
$_host_info = urlencode($_SERVER['HTTP_HOST']) . '-NC' . $ncenterlite_module_info->version . '-PHP' . phpversion() . '-XE' . __XE_VERSION__;
}
Context::set('_ncenterlite_iframe_url', $_ncenterlite_iframe_url . '&_host=' . $_host_info);
Context::set('ncenterlite_module_info', $ncenterlite_module_info);
}
FileHandler::writeFile($agreement_ver_file, 'Y');
} else {
Context::set('_ncenterlite_env_agreement', 'NULL');
}
}
/**
* Module selection and skin set
*
* @return Object
*/
function dispStore_searchAdminContent()
{
// Get a list of skins(themes)
$oModuleModel =& getModel('module');
$skin_list = $oModuleModel->getSkins($this->module_path);
Context::set('skin_list', $skin_list);
// Get a list of module categories
$module_categories = $oModuleModel->getModuleCategories();
// Generated mid Wanted list
$obj = new stdClass();
$obj->site_srl = 0;
$security = new Security();
$security->encodeHTML('skin_list..title');
$this->setTemplateFile("index");
}
public function init()
{
parent::init();
if (!Director::is_cli() && !Permission::check('ADMIN')) {
return Security::permissionFailure();
}
}
public function action_questions()
{
$list = ORM::factory('Expert_Question')->where('is_answered', '=', 1);
$search = Security::xss_clean(Arr::get($_POST, 'search', ''));
if (!empty($search)) {
$list->and_where('question', 'LIKE', '%' . $search . '%');
}
$list = $list->order_by('date', 'DESC');
$paginate = Paginate::factory($list)->paginate(NULL, NULL, 10)->render();
$list = $list->find_all();
$this->set('search', $search);
$this->set('list', $list);
$this->set('paginate', $paginate);
if ($this->request->method() == Request::POST) {
if (Auth::instance()->logged_in()) {
try {
$user_id = Auth::instance()->get_user()->id;
$question = ORM::factory('Expert_Question');
$question->user_id = $user_id;
$question->question = Arr::get($_POST, 'question', '');
$question->date = date('Y-m-d H:i:s');
$question->save();
} catch (ORM_Validation_Exception $e) {
}
} else {
Message::success(i18n::get('You have to login'));
}
}
$this->add_cumb('Question-answer', '/');
}
public function action_Department($Kid)
{
//CSRF対策
$this->data['token_key'] = Config::get('security.csrf_token_key');
$this->data['token'] = Security::fetch_token();
//カテゴリごとの投稿件数を取得
$count = Model_Post::query()->where('Kid', '=', $Kid)->count();
//ページネーションの設定(カテゴリごとの投稿表示仕様)
$config = array('pagination_url' => 'noteshare/list/' . $Kid, 'uri_segment' => 3, 'num_links' => 3, 'per_page' => $this->per_page, 'total_items' => $count, 'show_first' => true, 'show_last' => true);
$pagination = Pagination::forge('post_pagination', $config);
$this->data['posts'] = Model_Post::query()->where('Kid', '=', $Kid)->order_by('Ptime', 'desc')->limit($this->per_page)->offset($pagination->offset)->get();
$this->data['department'] = Model_Category::query()->where('Kid', '=', $Kid)->get();
$this->action_categorize();
//homeのビューオブジェクトを生成
if (!$count) {
$this->data['error'] = true;
$view = View::forge('list/DepartmentList', $this->data);
$view->set_safe('pagination', $pagination);
//メッセージの定義
} else {
$view = View::forge('list/DepartmentList', $this->data);
$view->set_safe('pagination', $pagination);
}
return $view;
}
public function RegisterOp()
{
if (!Security::checkToken()) {
showMessage('登录错误', '', '', 'error');
}
if (!checkSeccode($_POST['nchash'], $_POST['captcha'])) {
showMessage('验证码错误', '', '', 'error');
}
$model_seller = Model('seller');
$seller_info = $model_seller->getSellerInfo(array('seller_name' => $_POST['seller_name']));
if ($seller_info) {
$model_member = Model('member');
$member_info = $model_member->infoMember(array('member_id' => $seller_info['member_id'], 'member_passwd' => md5($_POST['password'])));
if ($member_info) {
// 更新卖家登陆时间
$model_seller->editSeller(array('last_login_time' => TIMESTAMP), array('seller_id' => $seller_info['seller_id']));
$model_seller_group = Model('seller_group');
$seller_group_info = $model_seller_group->getSellerGroupInfo(array('group_id' => $seller_info['seller_group_id']));
$model_store = Model('store');
$store_info = $model_store->getStoreInfoByID($seller_info['store_id']);
$_SESSION['is_login'] = '******';
$_SESSION['member_id'] = $member_info['member_id'];
$_SESSION['member_name'] = $member_info['member_name'];
$_SESSION['member_email'] = $member_info['member_email'];
$_SESSION['is_buy'] = $member_info['is_buy'];
$_SESSION['avatar'] = $member_info['member_avatar'];
$_SESSION['grade_id'] = $store_info['grade_id'];
$_SESSION['seller_id'] = $seller_info['seller_id'];
$_SESSION['seller_name'] = $seller_info['seller_name'];
$_SESSION['seller_is_admin'] = intval($seller_info['is_admin']);
$_SESSION['store_id'] = intval($seller_info['store_id']);
$_SESSION['store_name'] = $store_info['store_name'];
$_SESSION['seller_limits'] = explode(',', $seller_group_info['limits']);
if ($seller_info['is_admin']) {
$_SESSION['seller_group_name'] = '管理员';
} else {
$_SESSION['seller_group_name'] = $seller_group_info['group_name'];
}
if (!$seller_info['last_login_time']) {
$seller_info['last_login_time'] = TIMESTAMP;
}
$_SESSION['seller_last_login_time'] = date('Y-m-d H:i', $seller_info['last_login_time']);
$seller_menu = $this->getSellerMenuList($seller_info['is_admin'], explode(',', $seller_group_info['limits']));
$_SESSION['seller_menu'] = $seller_menu['seller_menu'];
$_SESSION['seller_function_list'] = $seller_menu['seller_function_list'];
if (!empty($seller_info['seller_quicklink'])) {
$quicklink_array = explode(',', $seller_info['seller_quicklink']);
foreach ($quicklink_array as $value) {
$_SESSION['seller_quicklink'][$value] = $value;
}
}
$this->recordSellerLog('登录成功');
showMessage('登录成功', 'index.php?act=seller_center');
} else {
showMessage('用户名密码错误', '', '', 'error');
}
} else {
showMessage('用户名密码错误', '', '', 'error');
}
}
public function edit()
{
if (!$this->canEditOrganisation()) {
return Security::permissionFailure($this, "You do not have permission to edit this organisation.");
}
return array('Title' => 'Editing ' . $this->Title, 'Form' => $this->EditOrganisationForm());
}
function beforeFilter()
{
//$this->Auth->allow('index','view');
$this->Auth->allow('index', 'view');
//$this->Auth->allow('login','save');
Security::setHash('md5');
}
function init()
{
if (!Director::is_cli() && !Director::isDev() && !Permission::check("ADMIN")) {
Security::permissionFailure();
}
parent::init();
}
public function run($request)
{
$algo = Security::get_password_encryption_algorithm();
if ($algo == 'none') {
$this->debugMessage('Password encryption disabled');
return;
}
// Are there members with a clear text password?
$members = DataObject::get("Member", "\"PasswordEncryption\" = 'none' AND \"Password\" IS NOT NULL");
if (!$members) {
$this->debugMessage('No passwords to encrypt');
return;
}
// Encrypt the passwords...
$this->debugMessage('Encrypting all passwords');
$this->debugMessage(sprintf('The passwords will be encrypted using the %s algorithm', $algo));
foreach ($members as $member) {
// Force the update of the member record, as new passwords get
// automatically encrypted according to the settings, this will do all
// the work for us
$member->PasswordEncryption = $algo;
$member->forceChange();
$member->write();
$this->debugMessage(sprintf('Encrypted credentials for member #%d;', $member->ID));
}
}
public function edit()
{
if (!$this->canEditProfile()) {
return Security::permissionFailure($this, "You do not have permission to edit this profile.");
}
return array('Title' => "Edit Profile", 'Content' => '', 'Form' => $this->EditProfileForm());
}
public function init()
{
parent::init();
if (!Permission::check('ADMIN')) {
return Security::permissionFailure($this);
}
}
/**
* @return string
*/
public function install()
{
if (!Permission::check('ADMIN')) {
return Security::permissionFailure($this);
}
return $this->customise(array('Title' => 'Install Deploy Tools', 'Content' => '<p>Some instructions would be nice.</p>', 'Form' => $this->InstallForm()))->renderWith(array('Page', 'Page'));
}
/**
* Process all incoming requests passed to this controller, checking
* that the file exists and passing the file through if possible.
*/
public function handleRequest(SS_HTTPRequest $request, DataModel $model)
{
// Copied from Controller::handleRequest()
$this->pushCurrent();
$this->urlParams = $request->allParams();
$this->request = $request;
$this->response = new SS_HTTPResponse();
$this->setDataModel($model);
$url = array_key_exists('url', $_GET) ? $_GET['url'] : $_SERVER['REQUEST_URI'];
// remove any relative base URL and prefixed slash that get appended to the file path
// e.g. /mysite/assets/test.txt should become assets/test.txt to match the Filename field on File record
$url = Director::makeRelative(ltrim(str_replace(BASE_URL, '', $url), '/'));
$file = File::find($url);
if ($this->canDownloadFile($file)) {
// If we're trying to access a resampled image.
if (preg_match('/_resampled\\/[^-]+-/', $url)) {
// File::find() will always return the original image, but we still want to serve the resampled version.
$file = new Image();
$file->Filename = $url;
}
$this->extend('onBeforeSendFile', $file);
return $this->sendFile($file);
} else {
if ($file instanceof File) {
// Permission failure
Security::permissionFailure($this, 'You are not authorised to access this resource. Please log in.');
} else {
// File doesn't exist
$this->response = new SS_HTTPResponse('File Not Found', 404);
}
}
return $this->response;
}
