public static function saveUnauthorizedAccess($checksum, $accountId)
{
if (isset($checksum) && isset($accountId)) {
$db = db::getInstance();
$stmt = $db->prepare('SELECT
count(tblAPIUnauthorizedAccess_accessId)
AS
counter
FROM
tblAPIUnauthorizedAccess
WHERE
tblAPIUnauthorizedAccess_accountId = :aid');
$stmt->bind_param('aid', $accountId);
$stmt->execute();
$result = $stmt->fetch_assoc();
$stmt2 = $db->prepare('INSERT INTO
tblAPIUnauthorizedAccess
SET
tblAPIUnauthorizedAccess_checksum = :csum,
tblAPIUnauthorizedAccess_accountId = :accId');
$stmt2->bind_param('csum', $checksum);
$stmt2->bind_param('accId', $accountId);
$stmt2->execute();
if ($result['counter'] >= 1) {
Account::killSession();
Account::banAccount($accountId);
return 'banned';
}
}
}
$className = explode('\\', $className);
$classFileName = 'class.' . end($className) . '.inc.php';
if (!file_exists($classPath . $classFileName)) {
$smarty->assign('content', '404.tpl');
} else {
require $classPath . $classFileName;
}
}
/** Register class autoload with Smarty autoload */
spl_autoload_register('autoload_classes');
/** Set database object */
\eCMS\database\db::setType('mysql');
\eCMS\database\db::setHost('localhost');
\eCMS\database\db::setUser('root');
\eCMS\database\db::setPwd('');
\eCMS\database\db::setDbname('ecms');
/** Create account object */
$account = new \eCMS\Account\Account();
/** If a cookie is found, create the account session */
if (isset($_COOKIE['gerki']) && !isset($_SESSION['account'])) {
if ($account->loginUserByCookie() == true) {
$_SESSION['account']['accountID'] = $_COOKIE['gerki']['accountID'];
$_SESSION['account']['loginName'] = $_COOKIE['gerki']['loginName'];
$_SESSION['account']['group'] = $_COOKIE['gerki']['group'];
$_SESSION['account']['checksum'] = serialize(\eCMS\Misc\miscellaneous::hasher(unserialize($_SESSION['account']['accountID']) . unserialize($_SESSION['account']['loginName'])));
}
}
/** Load defined modules */
if (isset($_GET['module'])) {
$modulePath = 'inc/module/';
$moduleName = 'module.' . $_GET['module'] . '.inc.php';
public static function banAccount($accountId)
{
if (isset($accountId)) {
$db = db::getInstance();
$stmt = $db->prepare('UPDATE
tblUserAccount
SET
tblUserAccount_banned = 1
WHERE
tblUserAccount_accId = :aid');
$stmt->bind_param('aid', $accountId);
$stmt->execute();
}
}
public function addAccount($accountData)
{
if (!isset($accountData)) {
// Error Handling
return false;
} else {
if ($this->validateData($accountData) == false) {
return false;
} else {
$db = db::getInstance();
$stmt = $db->prepare('INSERT INTO
tblUserAccount
SET
tblUserAccount_loginName = :lName,
tblUserAccount_pwd = :password,
tblUserAccount_email = :accountmail');
$stmt->bind_param('lName', $this->loginName);
$stmt->bind_param('password', $this->password);
$stmt->bind_param('accountmail', $this->email);
$stmt->execute();
return true;
}
}
}