public function confirm($arguments) { if (Session::isLoggedIn()) { return Error::set(self::ERR_LOGGED_IN); } if (empty($arguments[0])) { return Error::set(self::ERR_NO_LOST_ID); } if (empty($arguments[1]) || $arguments[1] != 'auth' && $arguments[1] != 'password') { return Error::set(self::ERR_INIVALID_MODE); } $passReset = new passwordReset(ConnectionFactory::get('redis')); $info = $passReset->get($arguments[0], $arguments[1] == 'auth' ? true : false); if (is_string($info)) { return Error::set($info); } $users = new users(ConnectionFactory::get('mongo')); if ($arguments[1] == 'auth') { $users->changeAuth($info[1], true, false, false, false); $this->view['password'] = false; } else { $password = $users->resetPassword($info[1]); $this->view['password'] = $password; } }
public function process() { if (Session::isLoggedIn()) { Session::getUser()->setData('location', $this->getElementValue('location')); } setcookie('mylocation', $this->getElementValue('location')); }
public function check() { $this->setView('reclaim/index'); if (Session::isLoggedIn()) { return Error::set('You\'re logged in!'); } $this->view['valid'] = true; $this->view['publicKey'] = Config::get('recaptcha:publicKey'); if (empty($_POST['recaptcha_challenge_field']) || empty($_POST['recaptcha_response_field'])) { return Error::set('We could not find the captcha validation fields!'); } $recaptcha = Recaptcha::check($_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']); if (is_string($recaptcha)) { return Error::set(Recaptcha::$errors[$recaptcha]); } if (empty($_POST['username']) || empty($_POST['password'])) { return Error::set('All forms are required.'); } $reclaims = new reclaims(ConnectionFactory::get('mongo')); $good = $reclaims->authenticate($_POST['username'], $_POST['password']); if (!$good) { return Error::set('Invalid username/password.'); } $reclaims->import($_POST['username'], $_POST['password']); $users = new users(ConnectionFactory::get('mongo')); $users->authenticate($_POST['username'], $_POST['password']); header('Location: ' . Url::format('/')); }
public static function handler($data = null) { if (isset($_SESSION['done_autoauth'])) { return; } if (empty($_SERVER['SSL_CLIENT_RAW_CERT'])) { return self::done(); } if (Session::isLoggedIn()) { return self::done(); } $certs = new certs(ConnectionFactory::get('mongo'), ConnectionFactory::get('redis')); $userId = $certs->check($_SERVER['SSL_CLIENT_RAW_CERT']); if ($userId == NULL) { return self::done(); } $users = new users(ConnectionFactory::get('mongo')); $user = $users->get($userId, false); if (empty($user)) { return; } if (!in_array('autoauth', $user['auths'])) { return self::done(); } if ($user['status'] == users::ACCT_LOCKED) { return self::done(); } Session::setBatchVars($user); return self::done(); }
public function getPostDetailMenuItems($post) { $menus = array(); $map_template_path = Utils::getPluginViewDirectory('geoencoder').'geoencoder.map.tpl'; //Define a menu item $map_menu_item = new MenuItem("Response Map", "", $map_template_path, 'Geoencoder'); //Define a dataset to be displayed when that menu item is selected $map_menu_item_dataset_1 = new Dataset("geoencoder_map", 'PostDAO', "getRelatedPosts", array($post->post_id, $post->network, 'location') ); //Associate dataset with menu item $map_menu_item->addDataset($map_menu_item_dataset_1); //Add menu item to menu $menus["geoencoder_map"] = $map_menu_item; $nearest_template_path = Utils::getPluginViewDirectory('geoencoder').'geoencoder.nearest.tpl'; //Define a menu item $nearest_menu_item = new MenuItem("Nearest Responses", "", $nearest_template_path); //Define a dataset to be displayed when that menu item is selected $nearest_dataset = new Dataset("geoencoder_nearest", 'PostDAO', "getRelatedPosts", array($post->post_id, $post->network, !Session::isLoggedIn())); //Associate dataset with menu item $nearest_menu_item->addDataset($nearest_dataset); $nearest_dataset_2 = new Dataset("geoencoder_options", 'PluginOptionDAO', 'getOptionsHash', array('geoencoder', true)); $nearest_menu_item->addDataset($nearest_dataset_2); //Add menu item to menu $menus["geoencoder_nearest"] = $nearest_menu_item; return $menus; }
/** * Runs the generateInsight function on all registered plugins. * @param Instance $instance * @param User $user User associated with the instance * @param arr last week of Post objects * @param int $number_days Number of days to backfill with insights * @throws UnauthorizedUserException * @return void */ public function runRegisteredPluginsInsightGeneration(Instance $instance, User $user, $last_week_of_posts, $number_days) { if (!Session::isLoggedIn()) { throw new UnauthorizedUserException('You need a valid session to generate insights.'); } $this->emitObjectFunction('generateInsight', array($instance, $user, $last_week_of_posts, $number_days)); }
/** * Gets called when crawler runs. * * About crawler exclusivity (mutex usage): * When launched by an admin, no other user, admin or not, will be able to launch a crawl until this one is done. * When launched by a non-admin, we first check that no admin run is under way, and if that's the case, * we launch a crawl for the current user only. * No user will be able to launch two crawls in parallel, but different non-admin users crawls can run in parallel. */ public function crawl() { if (!Session::isLoggedIn()) { throw new UnauthorizedUserException('You need a valid session to launch the crawler.'); } $mutex_dao = DAOFactory::getDAO('MutexDAO'); $owner_dao = DAOFactory::getDAO('OwnerDAO'); $owner = $owner_dao->getByEmail(Session::getLoggedInUser()); if (empty($owner)) { throw new UnauthorizedUserException('You need a valid session to launch the crawler.'); } $global_mutex_name = 'crawler'; // Everyone needs to check the global mutex $lock_successful = $mutex_dao->getMutex($global_mutex_name); if ($lock_successful) { // Global mutex was free, which means no admin crawls are under way if ($owner->is_admin) { // Nothing more needs to be done, since admins use the global mutex $mutex_name = $global_mutex_name; } else { // User is a non-admin; let's use a user mutex. $mutex_name = 'crawler-' . $owner->id; $lock_successful = $mutex_dao->getMutex($mutex_name); $mutex_dao->releaseMutex($global_mutex_name); } } if ($lock_successful) { $this->emitObjectMethod('crawl'); $mutex_dao->releaseMutex($mutex_name); } else { throw new CrawlerLockedException("Error starting crawler; another crawl is already in progress."); } }
function Page($userstatus='dc') { if ( $userstatus == "registered" ) { if ( !(Session::isLoggedIn()) ) { echo 'Not logged in'; exit; } } }
/** * Determine if a user has finished a mission. * * @param string $id Mission id. * * @return bool True if the user has completed the mission before. */ public static function hasDone($id) { if (!Session::isLoggedIn()) { return false; } $missions = self::getModel(); return (bool) $missions->getTimesDone(Session::getVar('_id'), $id); }
/** * Write a new error message to log. * * @param int $priority One of the PHP Syslog priority constants. * @param string $message Message to log. * * @return bool True on success. */ public static function error($priority, $message) { if (!self::$opened) { self::initiate(); } $logHeader = (!Session::isLoggedIn() ? 'Guest' : 'User ' . Session::getVar('username')) . ' (' . microtime() . '): '; return syslog($priority, $logHeader . $message); }
function __construct() { require_once 'Session.php'; $S = new Session(); if (!$S->isLoggedIn()) { throw new Exception("Admin access required", $this->class_id); } }
/** * Write a new error message to log. * * @param int $priority One of the PHP Syslog priority constants. * @param string $message Message to log. * * @return bool True on success. */ public static function error($message) { if (!self::$opened) { self::initiate(); } $logHeader = (!Session::isLoggedIn() ? 'Guest' : 'User ' . Session::getVar('username')) . ' ' . $_SERVER['REMOTE_ADDR'] . ' (' . microtime(true) . '): '; return self::$logModel->error($logHeader . $message); }
public function index() { if (!Session::isLoggedIn()) { return Error::set('You need to log in!'); } $this->view['valid'] = true; $missions = new missions(ConnectionFactory::get('mongo')); $this->view['missions'] = $missions->getTypes(); }
public static function checkAuthentication() { if (!Session::isLoggedIn()) { // destroy session Session::destroy(); // redirect to login screen header('Location: ' . URL_WITH_INDEX_FILE . 'login'); exit; } }
public function __construct() { parent::__construct('formChangePassword', 'Change password'); if (!Session::isLoggedIn()) { throw new Exception('You need to be logged in to change your password.'); } $this->addElement(Element::factory('password', 'password1', 'New password')); $this->addElement(Element::factory('password', 'password2', 'Password (confirm)')); $this->addButtons(Form::BTN_SUBMIT); }
/** * Check ACLs to determine if a user has a certain permission. * * @param string $name Name of the permission to check for. * * @return bool True if the user does have the permission in $name. */ public static function can($name) { return Session::isLoggedIn(); if (!self::$populated) { self::_populate(); } $group = Session::getVar('group'); if (empty($group)) { $group = 'guest'; } $result = self::$acl->can($group, $name); return $result; }
private function info($level) { $default = array('name' => '', 'photourl' => ''); if (!Session::isLoggedIn()) { $this->view['data'] = $default; goto infoReturn; } $photoUrl = 'https://secure.gravatar.com/avatar/' . md5(strtolower(trim(Session::getVar('email')))) . '?d=identicon&r=pg'; if ($level == 'public') { $this->view['data'] = array('name' => Session::getVar('username'), 'photourl' => $photoUrl); } elseif ($level == 'full') { $this->view['data'] = array('uniqueid' => (string) Session::getVar('_id'), 'name' => Session::getVar('username'), 'email' => Session::getVar('email'), 'photourl' => $photoUrl); } else { $this->view['data'] = $default; } infoReturn: return true; }
public function dispatchAction($action, $params) { if ($action === 'logout') { Session::terminate(); return new ControllerActionRedirect(Router::toBase()); } if (!Session::isLoggedIn()) { list($num, $pwd) = Arr::initList($_REQUEST, ['num' => TYPE_KEY, 'pwd' => TYPE_STRING]); if (!$num || !$pwd || !Session::login($num, $pwd)) { return ControllerDispatcher::renderModuleView(self::MODULE_NAME, 'login', ['formVal' => ['num' => $num]]); } } if (!Session::getLogin()) { Session::terminate(); return new ControllerActionRedirect(Router::toBase()); } return parent::dispatchAction($action, $params); }
function fetchEventsFromOrganizerId($id) { global $db; if (Session::isLoggedIn() && (Session::getUser()->hasPriv('SUPERUSER') || Session::getUser()->getData('organization') == $id)) { $sql = 'SELECT e.id, e.title, e.dateStart, e.dateFinish, e.published FROM events e WHERE e.organizer = :id ORDER BY e.dateStart'; } else { $sql = 'SELECT e.id, e.title, e.dateStart, e.dateFinish, e.published FROM events e WHERE e.organizer = :id AND e.published = 1 ORDER BY e.dateStart'; } $stmt = $db->prepare($sql); $stmt->bindValue(':id', $id); $stmt->execute(); $events = array(); foreach ($stmt->fetchAll() as $event) { $event['dtStart'] = date('Y-m-d', strtotime($event['dateStart'])); $event['dtFinish'] = date('Y-m-d', strtotime($event['dateFinish'])); $events[] = $event; } return $events; }
/** * Runs registered plugins' crawl function. * * About crawler exclusivity (mutex usage): * When launched by an admin, no other user, admin or not, will be able to launch a crawl until this one is done. * When launched by a non-admin, we first check that no admin run is under way, and if that's the case, * we launch a crawl for the current user only. * No user will be able to launch two crawls in parallel, but different non-admin users crawls can run in parallel. * @throws UnauthorizedUserException If user is not logged in * @throws CrawlerLockedException If a crawl is already in progress * @throws InstallerException If ThinkUp is in the midst of a database upgrade */ public function runRegisteredPluginsCrawl() { if (!Session::isLoggedIn()) { throw new UnauthorizedUserException('You need a valid session to launch the crawler.'); } $mutex_dao = DAOFactory::getDAO('MutexDAO'); $owner_dao = DAOFactory::getDAO('OwnerDAO'); $owner = $owner_dao->getByEmail(Session::getLoggedInUser()); if (empty($owner)) { throw new UnauthorizedUserException('You need a valid session to launch the crawler.'); } // are we in an upgrading state if (UpgradeDatabaseController::isUpgrading(true, 'Crawler')) { throw new InstallerException("ThinkUp needs a database migration, so we are unable to run the crawler."); } $global_mutex_name = self::GLOBAL_MUTEX; // Everyone needs to check the global mutex $lock_successful = 1; $mutex_dao->getMutex($global_mutex_name); // 1 if ($lock_successful) { // Global mutex was free, which means no admin crawls are under way if ($owner->is_admin) { // Nothing more needs to be done, since admins use the global mutex $mutex_name = $global_mutex_name; } else { // User is a non-admin; let's use a user mutex. $mutex_name = 'crawler-' . $owner->id; $lock_successful = $mutex_dao->getMutex($mutex_name); $mutex_dao->releaseMutex($global_mutex_name); } } if ($lock_successful) { $this->emitObjectFunction('crawl'); $mutex_dao->releaseMutex($mutex_name); //clear cache so that insight stream updates $v_mgr = new ViewManager(); $v_mgr->clear_all_cache(); } else { throw new CrawlerLockedException("Error starting crawler; another crawl is already in progress."); } }
public static function handler($data = null) { Session::init(); $key = Cache::PREFIX . 'sessionReq_' . Session::getId(); if (apc_exists($key)) { Session::setBatchVars(apc_fetch($key)); apc_delete($key); } $ip = Session::getVar('ip'); if (Session::isLoggedIn() && Session::getVar('lockToIP') && $ip != null && $ip != $_SERVER['REMOTE_ADDR']) { Session::destroy(); header('Location: ' . Url::format('/')); die; } Session::setVar('ip', $_SERVER['REMOTE_ADDR']); $twitter = new twitter(ConnectionFactory::get('redis')); Layout::set('tweets', $twitter->getOfficialTweets()); self::slowBan(); self::errorBan(); }
public function drawAnswers() { $classname = 'foro-elem'; if (Session::isLoggedIn() && $this->getUser()->getId() == Session::getUser()->getId()) { $classname .= ' foro-elem-user'; } echo '<div class="' . $classname . '" id="q' . $this->getId() . '">'; $date = $this->getTimestamp(); echo '<div class="fecha" title="Hora: ' . date('H', $date) . ':' . date('i', $date) . '">'; echo '<div class="dia">' . date('d', $date) . '</div>'; echo '<div class="mes">' . date('M', $date) . '</div>'; echo '<div class="ano">' . date('Y', $date) . '</div>'; echo '</div>'; echo '<div class="botones margen">'; echo '<button id="answer-button1-' . $this->getId() . '" class="shadow-button shadow-button-blue" onclick="botonResponderClick(\'' . $this->getId() . '\'); this.style.display=\'none\'">Responder</button>'; echo '</div>'; echo '<div class="margen texto">'; echo '<div class="pie">'; $autor = $this->getUser(); if ($autor != null) { echo '<div class="autor">por <em>' . htmlentities($this->getUser()->getName(), ENT_COMPAT, 'utf-8') . '</em></div>'; } // TODO: Contar y escribir comentarios: echo '<div class="comentarios">' . $this->getNumResponses() . ' respuestas</div>'; echo '</div>'; echo Lib::colorizeHTML($this->getText()); echo '</div>'; echo '<div id="answer' . $this->getId() . '" class="margen" style="background-color:silver; display:none;">fasdfasfdffdfdfdfafsd'; echo '</div>'; echo '</div>'; echo '<div id="hijos' . $this->getId() . '" class="foro-hijos">'; $hijos = $this->getResponses(); foreach ($hijos as $h) { $h->drawAnswers(); } echo '</div>'; }
<?php require_once "../../global.php"; if (!Session::isLoggedIn()) { header('Location: ' . Url::error()); exit; } $messages = Message::getReceivedMessagesByUserID(Session::getUserID()); $soup = new Soup(); $soup->set('messages', $messages); $soup->render('site/page/inbox');
/** * Set the instance variable based on request and logged-in status * Add the list of avaiable instances to the view you can switch to in the dropdown based on logged-in status */ private function setInstance() { $instance_dao = DAOFactory::getDAO('InstanceDAO'); $config = Config::getInstance(); if ($this->isLoggedIn()) { $owner_dao = DAOFactory::getDAO('OwnerDAO'); $owner = $owner_dao->getByEmail($this->getLoggedInUser()); if (isset($_GET["u"]) && isset($_GET['n'])) { $instance = $instance_dao->getByUsernameOnNetwork(stripslashes($_GET["u"]), $_GET['n']); if (isset($instance)) { $owner_instance_dao = DAOFactory::getDAO('OwnerInstanceDAO'); if ($owner_instance_dao->doesOwnerHaveAccessToInstance($owner, $instance)) { $this->instance = $instance; } else { $this->instance = null; $this->addErrorMessage("Insufficient privileges"); } } else { $this->addErrorMessage(stripslashes($_GET["u"]) . " on " . ucfirst($_GET['n']) . " is not in ThinkUp."); } } else { $this->instance = $instance_dao->getFreshestByOwnerId($owner->id); } $this->addToView('instances', $instance_dao->getByOwner($owner)); } else { if (isset($_GET["u"]) && isset($_GET['n'])) { $instance = $instance_dao->getByUsernameOnNetwork(stripslashes($_GET["u"]), $_GET['n']); if (isset($instance)) { if ($instance->is_public) { $this->instance = $instance; } else { $this->addErrorMessage("Insufficient privileges"); } } else { $this->addErrorMessage(stripslashes($_GET["u"]) . " on " . ucfirst($_GET['n']) . " is not in ThinkUp."); } } $this->addToView('instances', $instance_dao->getPublicInstances()); } if (!isset($this->instance)) { // A specific instance wasn't passed in the URL (or isn't accessible), get a default one $instance_id_to_display = $config->getValue('default_instance'); $instance_id_to_display = intval($instance_id_to_display); if ($instance_id_to_display != 0) { $this->instance = $instance_dao->get($instance_id_to_display); } if (!isset($this->instance) || !$this->instance->is_public) { $this->instance = $instance_dao->getInstanceFreshestPublicOne(); } } if (isset($this->instance)) { //user $user_dao = DAOFactory::getDAO('UserDAO'); $user = $user_dao->getDetails($this->instance->network_user_id, $this->instance->network); $this->addToView('user_details', $user); if (Session::isLoggedIn() && !isset($user)) { $this->addInfoMessage("Oops! There's no information about " . $this->instance->network_username . " on " . ucfirst($this->instance->network) . " to display."); $this->addToView('show_update_now_button', true); } SessionCache::put('selected_instance_network', $this->instance->network); SessionCache::put('selected_instance_username', $this->instance->network_username); //check Realtime last update and overwrite instance->last_update $stream_proc_dao = DAOFactory::getDAO('StreamProcDAO'); $process = $stream_proc_dao->getProcessInfoForInstance($this->instance->id); if (isset($process)) { //$this->instance->crawler_last_run = $process['last_report']; $this->instance->crawler_last_run = 'realtime'; } $this->addToView('instance', $this->instance); } else { SessionCache::put('selected_instance_network', null); SessionCache::put('selected_instance_username', null); } $this->addToView('developer_log', $config->getValue('is_log_verbose')); }
public function getPostDetailMenuItems($post) { $facebook_data_tpl = Utils::getPluginViewDirectory('facebook') . 'facebook.post.likes.tpl'; $menus = array(); if ($post->network == 'facebook' || $post->network == 'facebook page') { $likes_menu_item = new MenuItem("Likes", "Those who liked this post", $facebook_data_tpl); //if not logged in, show only public fav'd info $liked_dataset = new Dataset("likes", 'FavoritePostDAO', "getUsersWhoFavedPost", array($post->post_id, $post->network, !Session::isLoggedIn())); $likes_menu_item->addDataset($liked_dataset); $menus['likes'] = $likes_menu_item; } return $menus; }
public static function editingMode() { return array_key_exists('edit', $_GET) && Session::isLoggedIn(); }
public function testLogOut() { $this->simulateLogin('*****@*****.**', true); $session = new Session(); $this->assertTrue(Session::isLoggedIn()); $this->assertTrue(Session::isAdmin()); $this->assertEqual(Session::getLoggedInUser(), '*****@*****.**'); $session->logOut(); $this->assertFalse(Session::isLoggedIn()); $this->assertFalse(Session::isAdmin()); $this->assertNull(Session::getLoggedInUser()); }
/** * Load the view with required variables */ private function loadView() { $webapp = Webapp::getInstance(); if ($this->view_name == 'default') { $this->loadDefaultDashboard(); } else { $menu_item = $webapp->getDashboardMenuItem($this->view_name, $this->instance); $this->addToView('data_template', $menu_item->view_template); $this->addToView('display', $this->view_name); $this->addToView('header', $menu_item->name); $this->addToView('description', $menu_item->description); $this->setPageTitle($this->instance->network_username . ' on ' . ucfirst($this->instance->network)); $page = isset($_GET['page']) && is_numeric($_GET['page']) ? $_GET['page'] : 1; foreach ($menu_item->datasets as $dataset) { if (array_search('#page_number#', $dataset->method_params) !== false) { //there's paging $this->addToView('next_page', $page + 1); $this->addToView('last_page', $page - 1); } $this->addToView($dataset->name, $dataset->retrieveDataset($page)); if (Session::isLoggedIn() && $dataset->isSearchable()) { $view_name = 'is_searchable'; $this->addToView($view_name, true); } $this->view_mgr->addHelp($this->view_name, $dataset->getHelp()); } } }
/** * Returns whether or not Hackademic user is logged in * * @return bool whether or not user is logged in */ protected function isLoggedIn() { return Session::isLoggedIn(); }
<?php session_start(); // set up chdir(".."); require_once 'config.webapp.inc.php'; ini_set("include_path", ini_get("include_path") . PATH_SEPARATOR . $INCLUDE_PATH); require_once "init.php"; require_once "class.Mailer.php"; $session = new Session(); if ($session->isLoggedIn()) { header("Location: ../index.php"); } $db = new Database($THINKTANK_CFG); $conn = $db->getConnection(); $od = new OwnerDAO($db); $s = new SmartyThinkTank(); $s->caching = false; if (!$THINKTANK_CFG['is_registration_open']) { $s->assign('closed', true); $errormsg = 'Sorry, registration on this instance of ThinkTank is closed. <br /><br /><a href="http://github.com/ginatrapani/thinktank/tree/master">Install ThinkTank on your own server</a> or go back to <a href="' . $THINKTANK_CFG['site_root_path'] . 'public.php">the public timeline</a>.'; } else { $db = new Database($THINKTANK_CFG); $conn = $db->getConnection(); $od = new OwnerDAO($db); $s->assign('closed', false); $captcha = new Captcha($THINKTANK_CFG); if ($_POST['Submit'] == 'Register') { if (strlen($_POST['email']) < 5) { $errormsg = "Incorrect email. Please enter valid email address."; }