Exemple #1
0
 public function __construct()
 {
     global $osC_Language, $osC_MessageStack;
     parent::__construct();
     if (isset($_POST['batch']) && is_array($_POST['batch']) && !empty($_POST['batch'])) {
         $this->_page_contents = 'batch_edit.php';
         if (isset($_POST['subaction']) && $_POST['subaction'] == 'confirm') {
             $error = false;
             foreach ($_POST['batch'] as $id) {
                 if (!osC_Administrators_Admin::setAccessLevels($id, $_POST['modules'], $_POST['mode'])) {
                     $error = true;
                     break;
                 }
             }
             if ($error === false) {
                 $osC_MessageStack->add($this->_module, $osC_Language->get('ms_success_action_performed'), 'success');
                 if (in_array($_SESSION['admin']['id'], $_POST['batch'])) {
                     $_SESSION['admin']['access'] = osC_Access::getUserLevels($_SESSION['admin']['id']);
                 }
             } else {
                 $osC_MessageStack->add($this->_module, $osC_Language->get('ms_error_action_not_performed'), 'error');
             }
             osc_redirect_admin(osc_href_link_admin(FILENAME_DEFAULT, $this->_module));
         }
     }
 }
 function login()
 {
     global $toC_Json, $osC_Language, $osC_Database;
     $Qcheck_session = $osC_Database->query('select count(*) from :table_sessions');
     $Qcheck_session->bindTable(':table_sessions', TABLE_SESSIONS);
     $Qcheck_session->execute();
     if ($osC_Database->isError() || $Qcheck_session->numberOfRows() < 1) {
         $Qrepaire = $osC_Database->query('repair table :table_sessions');
         $Qrepaire->bindTable(':table_sessions', TABLE_SESSIONS);
         $Qrepaire->execute();
         $Qrepaire->freeResult();
     }
     $Qcheck_session->freeResult();
     $response = array();
     if (!empty($_REQUEST['user_name']) && !empty($_REQUEST['user_password'])) {
         $Qadmin = $osC_Database->query('select id, user_name, user_password from :table_administrators where user_name = :user_name');
         $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
         $Qadmin->bindValue(':user_name', $_REQUEST['user_name']);
         $Qadmin->execute();
         if ($Qadmin->numberOfRows() > 0) {
             while ($Qadmin->next()) {
                 if (osc_validate_password($_REQUEST['user_password'], $Qadmin->value('user_password'))) {
                     $_SESSION['admin'] = array('id' => $Qadmin->valueInt('id'), 'username' => $Qadmin->value('user_name'), 'access' => osC_Access::getUserLevels($Qadmin->valueInt('id')));
                     $response['success'] = true;
                     echo $toC_Json->encode($response);
                     exit;
                 }
             }
         }
     }
     $response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_login_invalid'));
     echo $toC_Json->encode($response);
 }
Exemple #3
0
 public function __construct()
 {
     global $osC_Language, $osC_MessageStack;
     parent::__construct();
     if (isset($_GET['aID']) && is_numeric($_GET['aID'])) {
         $this->_page_contents = 'edit.php';
     } else {
         $this->_page_contents = 'new.php';
     }
     if (isset($_POST['subaction']) && $_POST['subaction'] == 'confirm') {
         $data = array('username' => $_POST['user_name'], 'password' => $_POST['user_password']);
         switch (osC_Administrators_Admin::save(isset($_GET['aID']) && is_numeric($_GET['aID']) ? $_GET['aID'] : null, $data, isset($_POST['modules']) ? $_POST['modules'] : null)) {
             case 1:
                 if (isset($_GET['aID']) && is_numeric($_GET['aID']) && $_GET['aID'] == $_SESSION['admin']['id']) {
                     $_SESSION['admin']['access'] = osC_Access::getUserLevels($_GET['aID']);
                 }
                 $osC_MessageStack->add($this->_module, $osC_Language->get('ms_success_action_performed'), 'success');
                 osc_redirect_admin(osc_href_link_admin(FILENAME_DEFAULT, $this->_module));
                 break;
             case -1:
                 $osC_MessageStack->add($this->_module, $osC_Language->get('ms_error_action_not_performed'), 'error');
                 osc_redirect_admin(osc_href_link_admin(FILENAME_DEFAULT, $this->_module));
                 break;
             case -2:
                 $osC_MessageStack->add($this->_module, $osC_Language->get('ms_error_username_already_exists'), 'error');
                 break;
         }
     }
 }
Exemple #4
0
 public function __construct()
 {
     global $osC_Database, $osC_Language, $osC_MessageStack;
     parent::__construct();
     if (!empty($_POST['user_name']) && !empty($_POST['user_password'])) {
         $Qadmin = $osC_Database->query('select id, user_name, user_password from :table_administrators where user_name = :user_name');
         $Qadmin->bindTable(':table_administrators', TABLE_ADMINISTRATORS);
         $Qadmin->bindValue(':user_name', $_POST['user_name']);
         $Qadmin->execute();
         if ($Qadmin->numberOfRows()) {
             if (osc_validate_password($_POST['user_password'], $Qadmin->value('user_password'))) {
                 $_SESSION['admin'] = array('id' => $Qadmin->valueInt('id'), 'username' => $Qadmin->value('user_name'), 'access' => osC_Access::getUserLevels($Qadmin->valueInt('id')));
                 $get_string = null;
                 if (isset($_SESSION['redirect_origin'])) {
                     $get_string = http_build_query($_SESSION['redirect_origin']['get']);
                     unset($_SESSION['redirect_origin']);
                 }
                 osc_redirect_admin(osc_href_link_admin(FILENAME_DEFAULT, $get_string));
             }
         }
     }
     $osC_MessageStack->add('header', $osC_Language->get('ms_error_login_invalid'), 'error');
 }
 function saveAdministrator()
 {
     global $toC_Json, $osC_Language;
     $data = array('username' => $_REQUEST['user_name'], 'password' => $_REQUEST['user_password'], 'email_address' => $_REQUEST['email_address']);
     $modules = null;
     if (isset($_REQUEST['modules']) && !empty($_REQUEST['modules'])) {
         $modules = explode(",", $_REQUEST['modules']);
     }
     if (isset($_REQUEST['access_globaladmin']) && $_REQUEST['access_globaladmin'] == 'on') {
         $modules = array('*');
     }
     switch (osC_Administrators_Admin::save(isset($_REQUEST['aID']) && is_numeric($_REQUEST['aID']) ? $_REQUEST['aID'] : null, $data, $modules)) {
         case 1:
             if (isset($_REQUEST['aID']) && is_numeric($_REQUEST['aID']) && $_REQUEST['aID'] == $_SESSION['admin']['id']) {
                 $_SESSION['admin']['access'] = osC_Access::getUserLevels($_REQUEST['aID']);
             }
             $response = array('success' => true, 'feedback' => $osC_Language->get('ms_success_action_performed'));
             break;
         case -1:
             $response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_action_not_performed'));
             break;
         case -2:
             $response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_username_already_exists'));
             break;
         case -3:
             $response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_email_format'));
             break;
         case -4:
             $response = array('success' => false, 'feedback' => $osC_Language->get('ms_error_email_already_exists'));
             break;
     }
     echo $toC_Json->encode($response);
 }