/** * 打卡签到接口 */ public function pageSignIn() { $model = new model_kaoqin(); $mdl_user = new model_user(); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $info = $GLOBALS['HTTP_RAW_POST_DATA']; $data = json_decode($info, true); $user_id = $condition['user_id'] = $data['user_id']; if ($this->verifySignIn($user_id, $data['status'])) { $res = $mdl_user->selectOne($user_id, 'username,nickname'); $condition['username'] = $res['username']; $condition['nickname'] = $res['nickname']; $condition['status'] = $data['status']; $condition['createtime'] = $this->_time; $condition['createymd'] = $this->_date; $model->insert($condition); $lastInsertId = $model->lastInsertId(); if ($lastInsertId) { $msg = '上班打卡成功'; lib_BaseUtils::jsonp($msg, 1, 0); } else { $msg = '上班打卡失败'; lib_BaseUtils::jsonp($msg, 1, 0); } } else { $msg = '抱歉,您已经打过卡了'; lib_BaseUtils::jsonp($msg, 1, 1); } } }
function hapus($var) { cek_keamanan(array("admin")); $this->model("model_user"); $this->model_user->delete($var[model_user::pk()]); $this->redirect(); }
function new_page() { if (isset($_POST) && !empty($_POST)) { $id = model::factory('page')->add_page($_POST['title'], $_POST['body'], model_user::instance()->getId(), $sim); header('location: ' . model::factory('renderer')->url('/admin/page/edit/' . $id)); } $renderer = model::factory('renderer', 'page'); model::factory('renderer')->add_css('/css/form.css'); return model::factory('renderer')->admin_content = $renderer->render('template/admin/page/edit.php'); }
function new_file() { // If a form was posted, add a file to the site. if (isset($_POST) && !empty($_POST)) { $id = model::factory('file')->add_file($_FILES['file']['name'], $_POST['title'], $_FILES['file']['type'], file_get_contents($_FILES['file']['tmp_name']), model_user::instance()->getId()); // and send user to file list header('location: ' . model::factory('renderer')->url('/admin/file/')); } // if not render an addition form $renderer = model::factory('renderer', 'post'); model::factory('renderer')->add_css('/css/form.css'); model::factory('renderer')->admin_content = $renderer->render('template/admin/file/edit.php', true); }
public static function create($request) { $firstName = $request['firstName']; $lastName = $request['lastName']; $emailId = $request['emailId']; $facebookId = $request['facebookId']; $dateOfBirth = $request['dateOfBirth']; $result = model_user::saveUser($firstName, $lastName, $emailId, $facebookId, $dateOfBirth); $resultObj = new stdClass(); $resultObj->id = $result['id']; $resultObj->result = "Success"; return $resultObj; }
function pageAddUser() { $model = new model_user(); $model->set('nickname', '李四'); $model->set('username', 'lisi'); $model->set('pwd', '123456'); $model->set('status', '1'); $model->set('createtime', $this->_time); $model->set('createymd', $this->_date); $res = $model->save(); if ($res) { $this->ShowMsg("用户添加成功"); } else { $this->ShowMsg("用户添加失败"); } }
function login() { // Check to see if there are any login-attempts if (isset($_POST) && !empty($_POST)) { // If there is, initialize a user-model and check username and password against the database. $user = model_user::instance(); $user->login_by_username_and_password($_POST['username'], $_POST['password']); //Are we logged in? if ($user->logged_in()) { // Yes! Ship the user to adminpanel! header('location: ' . model::factory('renderer')->url('/admin')); } else { // Ha! You wish. Back to where you came from! header('location: ' . $_SERVER['HTTP_REFERER']); } } // If no login attempt do some cosmetic stuff. // Set page title using pagename from database. model::factory('renderer')->title = 'Logga in - ' . model::factory('conf')->get_value('site_name'); // Also provide a short text to tell whether or not the user is logged in or not. model::factory('renderer')->logged_in = model_user::instance()->logged_in() ? 'inloggad' : 'INTE inloggad'; }
/** * creates a new ad * @param array $data * @param model_user $user * @return array */ public static function new_ad($data, $user) { $return_message = ''; $checkout_url = ''; //akismet spam filter if (isset($data['title']) and isset($data['description']) and core::akismet($data['title'], $user->email, $data['description']) == TRUE) { // is user marked as spammer? Make him one :) if (core::config('general.black_list')) { $user->user_spam(); } return array('error' => __('This post has been considered as spam! We are sorry but we can not publish this advertisement.'), 'error_type' => Alert::ALERT); } //akismet $ad = new Model_Ad(); $ad->id_user = $user->id_user; $ad->values($data); $ad->seotitle = $ad->gen_seo_title($ad->title); $ad->created = Date::unix2mysql(); try { $ad->save(); } catch (ORM_Validation_Exception $e) { return array('validation_errors' => $e->errors('ad')); } catch (Exception $e) { return array('error' => $e->getMessage(), 'error_type' => Alert::ALERT); } /////////// NOTIFICATION Emails,messages to user and Status of the ad // depending on user flow (moderation mode), change usecase $moderation = core::config('general.moderation'); //calculate how much he needs to pay in case we have payment on if ($moderation == Model_Ad::PAYMENT_ON or $moderation == Model_Ad::PAYMENT_MODERATION) { // check category price, if 0 check parent if ($ad->category->price == 0) { $cat_parent = new Model_Category($ad->category->id_category_parent); //category without price if ($cat_parent->price == 0) { //swapping moderation since theres no price :( if ($moderation == Model_Ad::PAYMENT_ON) { $moderation = Model_Ad::POST_DIRECTLY; } elseif ($moderation == Model_Ad::PAYMENT_MODERATION) { $moderation = Model_Ad::MODERATION_ON; } } else { $amount = $cat_parent->price; } } else { $amount = $ad->category->price; } } //where and what we say to the user depending ont he moderation switch ($moderation) { case Model_Ad::PAYMENT_ON: case Model_Ad::PAYMENT_MODERATION: $ad->status = Model_Ad::STATUS_NOPUBLISHED; $order = Model_Order::new_order($ad, $user, Model_Order::PRODUCT_CATEGORY, $amount, NULL, Model_Order::product_desc(Model_Order::PRODUCT_CATEGORY) . ' ' . $ad->category->name); // redirect to invoice $return_message = __('Please pay before we publish your advertisement.'); $checkout_url = Route::url('default', array('controller' => 'ad', 'action' => 'checkout', 'id' => $order->id_order)); break; case Model_Ad::EMAIL_MODERATION: case Model_Ad::EMAIL_CONFIRMATION: $ad->status = Model_Ad::STATUS_UNCONFIRMED; $url_ql = $user->ql('oc-panel', array('controller' => 'myads', 'action' => 'confirm', 'id' => $ad->id_ad)); $user->email('ads-confirm', array('[URL.QL]' => $url_ql, '[AD.NAME]' => $ad->title)); $return_message = __('Advertisement is posted but first you need to activate. Please check your email!'); break; case Model_Ad::MODERATION_ON: $ad->status = Model_Ad::STATUS_NOPUBLISHED; $url_ql = $user->ql('oc-panel', array('controller' => 'myads', 'action' => 'update', 'id' => $ad->id_ad)); $user->email('ads-notify', array('[URL.QL]' => $url_ql, '[AD.NAME]' => $ad->title)); // email to notify user of creating, but it is in moderation currently $return_message = __('Advertisement is received, but first administrator needs to validate. Thank you for being patient!'); break; case Model_Ad::POST_DIRECTLY: default: $ad->status = Model_Ad::STATUS_PUBLISHED; $ad->published = $ad->created; $url_cont = $user->ql('contact'); $url_ad = $user->ql('ad', array('category' => $ad->category->seoname, 'seotitle' => $ad->seotitle)); $user->email('ads-user-check', array('[URL.CONTACT]' => $url_cont, '[URL.AD]' => $url_ad, '[AD.NAME]' => $ad->title)); Model_Subscribe::notify($ad); $return_message = __('Advertisement is posted. Congratulations!'); break; } //save the last changes on status $ad->save(); //notify admins new ad $ad->notify_admins(); return array('message' => $return_message, 'checkout_url' => $checkout_url, 'ad' => $ad); }
$params = explode('/', $parts[3]); } else { $params = array(); } // Instantiate the class $class_name = 'controller_' . $parts[0] . '_' . $parts[1]; $class = new $class_name(); // And finish with the method $method = isset($parts[2]) && !empty($parts[2]) ? $parts[2] : 'index'; } else { // if parts is empty, use the default welcome-controller if ($parts[0] == '') { $parts[0] = 'welcome'; } // Prepare the parameters if (isset($parts[2])) { $params = explode('/', $parts[2]); } else { $params = array(); } // Instantiate the class $class_name = 'controller_' . $parts[0]; $class = new $class_name(); // And finish with the method $method = isset($parts[1]) && !empty($parts[1]) ? $parts[1] : 'index'; } // Once done. return an array with the stuff return array('class' => $class, 'params' => $params, 'method' => $method); } model_user::instance();
/** * Проверка подлинности сессии */ private function check_session() : bool { $check = false; $login = self::$session->read('login'); $action_time = self::$session->read('action_time'); $hash = self::$session->read('hash'); $sid = self::$session->read('sid'); $row = self::$db->selectOne('SELECT `user`, `sid`,`action_time` FROM `Auth` WHERE `user` = :login AND `sid` = :hash AND `action_time` = :action_time', ['login' => $login, 'action_time' => $action_time, 'hash' => $hash]); if (!empty($row) && $row['sid'] === $hash) { $row = self::$db->selectOne('SELECT `login`, `user_group`, `sid`, `control_ip`, `action_time` FROM Users WHERE `login` = :login', ['login' => $login]); if (!empty($row) && $row['sid'] === self::hash($sid, $row['action_time'], $row['control_ip'])) { if (self::$config['tech_work'] && !$row['user_group'] < 5) { if ($action_time < self::mtime()) { self::$session->recreate($login, $sid); self::$db->runQuery('UPDATE Auth SET `sid` = :sid, `action_time` = :action_time WHERE `user` = :login LIMIT 1', ['login' => $login, 'sid' => self::$session->read('hash'), 'action_time' => self::$session->read('action_time')]); $check = true; } else { $check = true; } } else { $check = false; } } else { $check = false; } } else { $check = false; } if ($check) { self::$login = $row['login']; self::$user_group = $row['user_group']; return true; } else { return false; } }
die; } // was the ROOT trying to log in? if ($name == 'mwaroot' && $rootPasswd != "" && $password == $rootPasswd) { // match, create root userdata. $userdata = array(); $userdata['id'] = 0; $userdata['name'] = "mwaroot"; $userdata['groups'] = "root"; } else { // are there any user models? $mdl = sprintf("%s/model/user.php", ROOT); if (!file_exists($mdl)) { // no user model, asumming only root user. http_response::redir('/admin'); die; } // try login $mdlUser = new model_user(); $userdata = $mdlUser->login($name, $password); } if ($userdata == null) { http_response::redir('/admin'); die; } // init login session $user = user::getInstance(); $user->login($userdata['id'], $userdata['name'], $userdata['groups'], $remember); // enter admin http_response::redir('/admin/index'); die;
<div class="page-header"> <h1><?php echo $judul; ?> </h1> </div> <form <?php form_properties("user", $aksi, $data[model_user::pk()], true); ?> > <table border="0"> <tr> <td>Nama</td> <td><?php input("nama", $data); ?> </td> </tr> <tr> <td>Email</td> <td><?php input("email", $data); ?> </td> </tr> <tr> <td>Handphone</td> <td><?php input("hp", $data); ?> </td>
define('key', ''); } // Include init.php if not already included earlier. require_once 'init.php'; // Change the session-timeout to something from the database. ini_set("session.cookie_lifetime", $conf['session_timeout']); // and start it session_start(); // Initialize a new global rendering object accessible from model::factory('renderer') $renderer = new model_renderer(); // Do some magic with the url $parts = model::factory('url')->get_parts(); switch ($parts[0]) { case 'admin': // Admin? are you sure you are admin? if (model_user::instance()->isAdmin()) { // Seems like it. $parts = resolv($_GET); // Which controller do you want? Ah yes! That one. $class = new $parts['class'](); // Run the before part if there is one. if (method_exists($class, 'before')) { $class->before(); } // Alright, enough foreplay. Call the class already and its method. And don't forget the parameters! call_user_func_array(array($class, $parts['method']), $parts['params']); // Echo back the results. echo model::factory('renderer')->render('template/admin/main.html'); break; } case 'login':