function loadMenu() { if (LoggedIn()) { $dir = dirname(__FILE__); include $dir . "/pixel2menu.php"; } }
function tmpModuleLeft() { // April 4, 2007, KFD. Allow a breakout here if (function_exists('appModuleLeft')) { $continue = appModuleLeft(); return $continue; } //echo "<br/>"; if (!LoggedIn()) { return; } // Only display menu if if (OptionGet('MENULEFT', 'Y') == 'Y') { $module = SessionGet("AGMENU_MODULE"); $AGMENU = SessionGet("AGMENU"); $kount = 0; if (isset($AGMENU[$module])) { $desc = $AGMENU[$module]['description']; echo "<ul class=\"nav nav-list\">"; echo "<li class=\"nav-header\">{$desc}</li>"; foreach ($AGMENU[$module]['items'] as $key => $info) { $hExtra = ' tabindex="' . hpTabIndexNext(100) . '"'; // We may make the first item the focused item if nothing else // has been picked yet. This code runs when rendering is going on // and the class-specific biz code has all run already, so it will // not override any business-specific focus setting if (vgfGet('HTML_focus') == '') { $hExtra .= ' ID="FIRSTSPLITMENU" NAME="FIRSTSPLITMENU" '; vgfSet('HTML_focus', 'FIRSTSPLITMENU'); } $kount++; $d = '?gp_page=' . $key; $h = hLink("mainlevel", $info['description'], $d, $hExtra); echo "\n<li>{$h}</li>"; // Possibly two more links if (ArraySafe($info, 'linknew') == 'Y') { $hx = ' tabindex="' . hpTabIndexNext(100) . '" style="margin-left:30px"'; $h = hLink("mainlevel", 'New', $d . '&gp_mode=ins', $hx); echo "\n<li>{$h}</td></li>"; } if (ArraySafe($info, 'linksearch') == 'Y') { $hx = ' tabindex="' . hpTabIndexNext(100) . '" style="margin-left:30px"'; $h = hLink("mainlevel", 'Search', $d . '&gp_mode=search', $hx); echo "\n<li>{$h}</li>"; } } echo "</ul>"; } } if (isset($continue)) { return $continue; } //while ($kount++ < 30) { echo "<br>"; } }
function hWiki($table_id, $pagename, $input, $title = '') { $this->table_id = $table_id; // Remove carriage returns, makes things much easier $html = str_replace("\r", '', $input); // Put in an "edit this page" if user is logged in if (LoggedIn() && $table_id != '') { echo "<br><div>"; echo '<a href="?gp_page=pages&gp_pk=' . urlencode($pagename) . '">EDIT THIS PAGE</a>'; echo "</div>"; } // If a title was provided, put it in h1 at top $retval = $title == '' ? '' : "<h1>" . hSanitize($title) . "</h1>"; // Break into lines and begin outputting $ahtml = explode("\n", $html); $mode = ''; foreach ($ahtml as $oneline) { switch ($mode) { case 'html': $f4 = substr($oneline, 0, 5); if ($f4 == "</div" || $f4 == "</pre") { $mode = ''; $new = $oneline . "\n"; } else { $new = $oneline . "\n"; } break; case 'para': list($mode, $new) = $this->wikiProcessModePara($oneline); $new .= "\n"; break; case 'list': list($mode, $new) = $this->wikiProcessModeList($oneline); $new .= "\n"; break; default: list($mode, $new) = $this->wikiProcessModeBlank($oneline); break; } $retval .= $new; } return $retval; }
<?php include_once "common.php"; if (LoggedIn() === true) { $ownerid = GetUserIdByName(GetUserName()); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>3pm - Home</title> <script type="text/javascript"> function CallParentSetTrackToPlay( divObj ) { var trackKey = divObj.getAttribute( 'data-keycode' ); var trackId = divObj.getAttribute( 'data-trackid' ); var trackTitle = divObj.getAttribute( 'data-title' ); var trackArtist = divObj.getAttribute( 'data-artist' ); var trackAlbum = divObj.getAttribute( 'data-album' ); parent.SetTrackToPlay( trackKey, trackTitle, trackArtist, trackAlbum, trackId ); } function ClearSelection() { if(document.selection && document.selection.empty) { document.selection.empty(); } else if(window.getSelection) { var sel = window.getSelection(); sel.removeAllRanges(); } } document.onclick = parent.CloseUserMenu; </script> <link type="text/css" rel="stylesheet" href="style.css">
if (mosCountModules('right')) { ?> <td class="right"> <div class="sidepad"> <?php mosLoadModules('right', -2); ?> </div> </td> <?php } ?> </tr> </table> <?php if (!(vgfGet('x4') === true && LoggedIn())) { ?> <div id="bot-footer"> <?php mosLoadModules('footer', -1); ?> </div> <?php } ?> </div> <?php if (!gpExists('x4Page')) { ?> <div id="bot-rocket"> <a href="http://www.rockettheme.com"><span class="rocket"> </span></a>
"> <textarea name='InquireText' cols='70' rows='5'></textarea> <?php if (LoggedIn()) { echo "<input type='submit' value='Submit Enquiry'>"; } else { echo "<h3> Please Login to Submit Enquiry"; } ?> </form> <?php } ?> </div> <?php if (LoggedIn()) { if (!CheckApplication(Username(), $house->ID)) { ?> <div class="EnquireBox"> <h2> Apply For Property </h2> <!-- Application form --> <form action="Actions.php" method="get"> <input type="hidden" name="Action" value="LeaseApplication"> <input type="hidden" name="HouseID" value="<?php echo $house->ID; ?> "> <div class="InputLine"> <label>Lease Start Date</label> <input type="date" name="BookingDate"> </div> <div class="InputLine"> <label>Lease Duration</label> <select name="Duration"> <option value="3"> 3 Months </option>
function Login_Process() { $arg2 = $this->directlogin == true ? 'direct' : ''; // only process if user hit "post" if (gp('gp_posted', '', false) == '') { return; } vgfSet('LoginAttemptOK', false); // Error title vgfSet('ERROR_TITLE', '*'); // If the user supplied a loginUID, this is a post and we // must process the request. $ale = vgaGet('login_errors', array()); $app = $GLOBALS['AG']['application']; $em000 = isset($ale['000']) ? $ale['000'] : "That username/password combination did not work. Please try again."; $em001 = isset($ale['001']) ? $ale['001'] : "That username/password combination did not work. Please try again."; $em002 = isset($ale['002']) ? $ale['002'] : "That username/password combination did not work. Please try again."; $em099 = isset($ale['099']) ? $ale['099'] : "That username/password combination did not work. Please try again."; $terror = ""; $uid = gp('loginUID'); $uid = MakeUserID($uid); //$uid = str_replace('@','_',$uid); //$uid = str_replace('.','_',$uid); $pwd = gp("loginPWD", "", false); // First check, never allow the database server's superuser // account // if ($uid == "postgres") { ErrorAdd($em000); if (vgfGet('loglogins', false)) { sysLog(LOG_WARNING, "Andromeda:{$app}:Bad login attempt as postgres"); fwLogEntry('1011', 'Attempt login as postgres', '', $arg2); } return; } $app = $GLOBALS['AG']['application']; if (substr($uid, 0, strlen($app)) == $app) { ErrorAdd($em001); if (vgfGet('loglogins', false)) { sysLog(LOG_WARNING, "Andromeda:{$app}:Bad login attempt as group role"); fwLogEntry('1012', 'Attempt login as group role', $uid, $arg2); } return; } // Begin with a connection attempt. // on fail, otherwise continue $tcs = @SQL_CONN($uid, $pwd); if ($tcs === false) { ErrorAdd($em099); if (vgfGet('loglogins', false)) { sysLog(LOG_NOTICE, "Andromeda:{$app}:Bad login attempt server rejected"); fwLogEntry('1013', 'Server rejected username/password', $uid, $arg2); } return; } else { SQL_CONNCLOSE($tcs); } // The rest of this routine uses an admin connection. If we // have an error, we must close the connection before returning! // ...yes, yes, that's bad form, all complaints to /dev/null // if (vgfGet('loglogins', false)) { fwLogEntry('1010', 'Login OK', $uid, $arg2); } scDBConn_Push(); // See if they are a root user. If not, do they have an // active account? $root = false; $admin = false; $group_id_eff = ''; $results = SQL("\n Select oid\n FROM pg_roles \n WHERE rolname = CAST('{$uid}' as name)\n AND rolsuper= true"); $cr = SQL_NUMROWS($results); if ($cr != 0) { $root = true; } else { $results = SQL("Select * from users WHERE LOWER(user_id)='{$uid}'" . "AND (user_disabled<>'Y' or user_disabled IS NULL)"); $cr = SQL_NUMROWS($results); if ($cr == 0) { scDBConn_Pop(); ErrorAdd($em002); sysLog(LOG_WARNING, "Andromeda:{$app}:Bad login attempt code 002"); return; } else { $userinfo = SQL_Fetch_Array($results); $group_id_eff = $userinfo['group_id_eff']; SessionSet('user_name', $userinfo['user_name']); } } // Flag if the user is an administrator if ($root == true) { $admin = true; } else { $results = SQL("select count(*) as admin from usersxgroups " . "where user_id='{$uid}' and group_id ='{$app}" . "_admin'"); $row = SQL_FETCH_ARRAY($results); $admin = intval($row["admin"]) > 0 ? true : false; } // Get the users' groups $groups = ""; if ($root) { $results = SQL("\n select group_id \n from zdd.groups \n where COALESCE(grouplist,'')=''"); } else { $results = SQL("select group_id from usersxgroups WHERE LOWER(user_id)='{$uid}'"); } while ($row = SQL_FETCH_ARRAY($results)) { $agroups[] = "'" . trim($row['group_id']) . "'"; #$groups.=ListDelim($groups)."'".trim($row["group_id"])."'"; } $groups = array(); if (!empty($agroups)) { $groups = implode(",", $agroups); } //scDBConn_Pop(); // We have a successful login. If somebody else was already // logged in, we need to wipe out that person's session. But // don't do this if there was an anonymous login. if (LoggedIn()) { $uid_previous = SessionGet('UID'); if ($uid != $uid_previous) { //Session_Destroy(); SessionReset(); //Index_Hidden_Session_Start(false); } } // We know who they are and that they can connect, // see if there is any app-specific confirmation required // if (function_exists('app_login_process')) { //echo "Calling the process now"; if (!app_login_process($uid, $pwd, $admin, $groups)) { return; } } // Protect the session from hijacking, generate a new ID Session_regenerate_id(); // We now have a successful connection, set some // flags and lets go // vgfSet('LoginAttemptOK', true); SessionSet("UID", $uid); SessionSet("PWD", $pwd); SessionSet("ADMIN", $admin); SessionSet("ROOT", $root); SessionSet("GROUP_ID_EFF", $group_id_eff); SessionSet("groups", $groups); if (gp('gpz_page') == '') { # KFD 9/12/08, extra command to not change page if (gp('st2keep') != 1) { gpSet('gp_page', ''); } } $GLOBALS['session_st'] = 'N'; // for "N"ormal // ------------------------------------------------------------------- // We are about to make the menu. Before doing so, see if there // are any variables set for the menu layout. Set defaults and then // load from database. // $this->pmenu = array('MENU_TYPE' => vgaGet('MENU_TYPE', 'div'), 'MENU_CLASS_MODL' => vgaGet('MENU_CLASS_MODL', 'modulename'), 'MENU_CLASS_ITEM' => vgaGet('MENU_CLASS_ITEM', 'menuentry'), 'MENU_TICK' => vgaGET('MENU_TICK', ' - ')); //$sql = "SELECT * from variables WHERE variable like 'MENU%'"; //$dbres = SQL($sql); //while ($row = SQL_FETCH_ARRAY($dbres)) { // $this->pmenu[trim($row['variable'])]=trim($row['variable_value']); //} // ------------------------------------------------------------------- // KFD 10/28/06, Modified to examine "nomenu" instead of permsel // pulls all tables user has nomenu='N'. The basic idea is // to remove from $AGMENU the stuff they don't see // // GET AGMENU $AGMENU = array(); // avoid compiler warning, populated next line include "ddmodules.php"; // Pull distinct modules person has any menu options in. $sq = "SELECT DISTINCT module\n FROM zdd.perm_tabs \n WHERE nomenu='N'\n AND group_id iN ({$groups})"; $modules = SQL_AllRows($sq, 'module'); $AGkeys = array_keys($AGMENU); foreach ($AGkeys as $AGkey) { if (!isset($modules[$AGkey])) { unset($AGMENU[$AGkey]); } } // Now recurse the remaining modules and do the same trick // for each one, removing the tables that don't exist foreach ($AGMENU as $module => $moduleinfo) { $sq = "SELECT DISTINCT table_id\n FROM zdd.perm_tabs \n WHERE nomenu='N'\n AND module = '{$module}'\n AND group_id iN ({$groups})"; $tables = SQL_AllRows($sq, 'table_id'); $tkeys = array_keys($moduleinfo['items']); foreach ($tkeys as $tkey) { if (!isset($tables[$tkey])) { unset($AGMENU[$module]['items'][$tkey]); } } } // KFD 12/18/06. Put all table permissions into session $table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n WHERE group_id IN ({$groups})\n AND nomenu='N'", 'table_id'); SessionSet('TABLEPERMSMENU', array_keys($table_perms)); $table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n WHERE group_id IN ({$groups})\n AND permsel='Y'", 'table_id'); SessionSet('TABLEPERMSSEL', array_keys($table_perms)); $table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n WHERE group_id IN ({$groups})\n AND permins='Y'", 'table_id'); SessionSet('TABLEPERMSINS', array_keys($table_perms)); $table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n WHERE group_id IN ({$groups})\n AND permupd='Y'", 'table_id'); SessionSet('TABLEPERMSUPD', array_keys($table_perms)); $table_perms = SQL_AllRows("Select distinct table_id FROM zdd.perm_tabs\n WHERE group_id IN ({$groups})\n AND permdel='Y'", 'table_id'); SessionSet('TABLEPERMSDEL', array_keys($table_perms)); //echo "<div style='background-color:white'>"; //echo "$uid $groups $group_id_eff"; //hprint_r(SessionGet('TABLEPERMSMENU')); //hprint_r(SessionGet('TABLEPERMSSEL')); //echo "</div>"; // KFD 7/9/07, we always use joomla templates now, don't need // options to turn them off //if(defined('_ANDROMEDA_JOOMLA')) { // In a hybrid situation, put the menu into the session SessionSet('AGMENU', $AGMENU); //} $HTML_Menu = ""; $WML_Menu = ""; /* foreach ($AGMENU as $key=>$module) { //if($key=="datadict") continue; //if($key=="sysref") continue; $HTML_Module=""; $WML_Module=""; foreach($module["items"] as $itemname=>$item) { if (!isset($item["mode"])) { $item["mode"]="normal"; } switch ($item["mode"]) { case "normal": $ins=false; $extra=array(); if($item['menu_parms']<>'') { $aextras=explode('&',$item['menu_parms']); foreach($aextras as $aextra) { list($var,$value)=explode("=",$aextra); $extra[$var]=$value; } } $HTML_Module.=$this->_MenuItem( $item['description'],$itemname,$ins,$extra ); $WML_Module.="<div>"; $WML_Module.=hLink( '',$item['description'],'?gp_page='.$itemname ); $WML_Module.="</div>"; break; case "ins": //if ($admin || isset($tables_ins[$item["name"]])) { $HTML_Module.=$this->_MenuItem( $item['description'],$itemname,true ); //} break; #$HTML_Module.= # "\n<font class=\"tablename\">- <a href=\"index.php?gp_page=".$itemname."\">". # $item["description"]."</a></font><br />"; } } // the module is defined AFTER its contents so it can be // left off if it has no entries if ($HTML_Module!="") { $HTML_Menu.=$this->_MenuModule($module['description']); $HTML_Menu.=$HTML_Module; } if ($WML_Module!="") { $WML_Menu.="<div><b>".$module['description']."</b></div>"; $WML_Menu.=$WML_Module; } } */ DynamicSave("menu_" . $uid . ".php", $HTML_Menu); DynamicSave("menu_wml_" . $uid . ".php", $WML_Menu); // ------------------------------------------------------------------- // Fetch and cache user preferences if (vgaGet('member_profiles')) { cacheMember_Profiles(); } // ------------------------------------------------------------------- // Now find the user's table permissions more precisely table by table $sql = "select p.table_id,\n\t\t\t\tmax(case when p.permins='Y' then 1 else 0 end) as permins,\n\t\t\t\tmax(case when p.permupd='Y' then 1 else 0 end) as permupd,\n\t\t\t\tmax(case when p.permdel='Y' then 1 else 0 end) as permdel,\n\t\t\t\tmax(case when p.permsel='Y' then 1 else 0 end) as permsel\n\t\t\t\tfrom zdd.perm_tabs P\n\t\t\t\tWHERE group_id in ({$groups})\n\t\t\t\tGROUP BY p.table_id"; //echo $sql; $results = SQL($sql); $HTML_Perms = "<?php\n\$table_perms = array();\n"; while ($row = SQL_FETCH_ARRAY($results)) { $tn = $row["table_id"]; $ti = $row["permins"]; $tu = $row["permupd"]; $td = $row["permdel"]; $ts = $row["permsel"]; $HTML_Perms .= "\$table_perms[\"{$tn}\"]=array(\"ins\"=>{$ti},\"upd\"=>{$tu},\"del\"=>{$td},\"sel\"=>{$ts});\n"; } $HTML_Perms .= "?>\n"; DynamicSave("perms_" . $uid . ".php", $HTML_Perms); /* October 28, 2006, KFD. Rem'd this all out, column and row security made this irrelevant // ------------------------------------------------------------------- // Find out if this user has any UID Columns, columns that create // filters on the user's UID $sql = "Select column_id FROM groupuids WHERE group_id IN ($groups)"; //echo $sql; $results = SQL($sql); $groupuids = array(); while ($row = SQL_FETCH_ARRAY($results)) { //echo "Found this one".$row["column_id"]; $groupuids[$row["column_id"]] = $row["column_id"]; } SessionSet("groupuids",$groupuids); */ scDBConn_Pop(); return; }
function Login() { global $CFG, $dbConn; // Are they already logged in? if ($_SESSION['loggedin']) { LoggedIn(); } // Are they coming for the first time? if (!$_REQUEST['username']) { // Yes, so give them the login page. require "./skins/{$CFG['skin']}/login.tpl.php"; exit; } // Grab the values (if any) the user posted. $strPostedUsername = $dbConn->sanitize($_REQUEST['username']); $strPostedPassword = $_REQUEST['password']; // Get the member information of the member whose username was specified. $dbConn->query("SELECT * FROM citizen WHERE username='******' AND reghash IS NULL"); // Was the username of a real member? if ($aSQLResult = $dbConn->getresult(TRUE)) { // Yes, so do the passwords match? if ($aSQLResult['passphrase'] == md5($strPostedPassword)) { // Store the member information into the session. LoadUser($aSQLResult); // Delete any guest entries from the session table. $dbConn->query("DELETE FROM guest WHERE id='" . session_id() . "'"); // Do they wanna be remembered? if ($aSQLResult['autologin']) { setcookie('activeuserid', $_SESSION['userid'], $CFG['globaltime'] + 2592000, $CFG['paths']['cookies']); setcookie('activepassword', $aSQLResult['passphrase'], $CFG['globaltime'] + 2592000, $CFG['paths']['cookies']); } // Show them the success page. LoggedIn(); } } // Invalid username/password pair given. Msg("Wrong username or password specified. Click <a href=\"member.php?action=login\">here</a> to go back and try again. Click <a href=\"member.php?action=forgotdetails\">here</a> if you've forgotten your member details."); }
function ShowBooking($Booking, $Manager) { $date = $Booking->GetStringDate(); $usr = GetUserByUsername($Booking->HostUsername); echo "<div class='BookingEntry'> \n\t\t<h3> {$date} </h3>\n\t\t<h4> Manager Name: {$usr->Name} </h4>\n\t\t<h4> Manager Phone: {$usr->PhoneNumber} </h4>\n\t\t<form action='Actions.php' method='get'>\n\t\t<input type='hidden' name='BookingID' value='{$Booking->ID}'>\n\t\t<input type='hidden' name='HouseID' value='{$Booking->HouseID}'> "; if (LoggedIn()) { if ($Manager) { echo "<input type='submit' value='Delete'>\n\t\t\t\t<input type='hidden' name='Action' value='DeleteBooking'></form></div>"; } else { if (CheckBooking($Booking->ID, Username())) { echo "<input type='submit' value='Unregister'>\n\t\t\t\t\t<input type='hidden' name='Action' value='UnregisterBooking'></form></div>"; } else { echo "<input type='submit' value='Register'>\n\t\t\t\t\t<input type='hidden' name='Action' value='RegisterBooking'></form></div>"; } } } else { echo "<h4> Please Login to Register for Open House</h4> </form></div>"; } }
/** * KFD 2/23/08, Put frequently used links over on the left * all of the time * */ function appModuleLeft() { $retVal = ''; $hasContent = false; if (!LoggedIn()) { return false; } $retVal .= "<ul class=\"nav nav-list\">"; $retVal .= "<li class=\"nav-header\">Updates</li>"; $retVal .= '<li>'; $retVal .= '<a class="small" href="?gp_page=a_pullsvn">Pull Code From Subversion</a>'; $retVal .= '</li>'; // Display either applications or instances, depending upon // which we have here # KFD 4/15/08, make this unconditional #$ds =OptionGet('DEV_STATION','Y'); #$boa=OptionGet( 'BUILD_ALL_APPS','N'); #if($ds=='Y' || $boa == 'Y') { if (True) { $apps = SQL_AllRows("Select * from applications order by application"); if (!empty($apps)) { $hasContent = true; $retVal .= '<li class="nav-header">Applications</li>'; foreach ($apps as $app) { $retVal .= '<li>'; $retVal .= '<a class="pull-left" href="?gp_page=applications&gp_skey=' . $app['skey'] . '">'; $retVal .= $app['application']; $retVal .= '</a>'; $retVal .= ' '; $retVal .= hLinkBuild($app['application'], 'Build'); $retVal .= '</li>'; } } } $instances = SQL_ALLROWS("Select * from instances\n order by application,instance"); if (!empty($instances) > 0) { $hasContent = true; $retVal .= '<li class="nav-header">Instances</li>'; foreach ($instances as $i) { $retVal .= '<li>'; $retVal .= '<a class="pull-left" href="?gp_page=instances&bp_skey=' . $i['skey'] . '">'; $retVal .= $i['application'] . ' / ' . $i['instance']; $retVal .= '</a>'; $retVal .= '<a class=" pull-right small" href="?gp_page=instances_p&gp_app=' . trim($i['application']) . '&gp_inst=' . $i['instance'] . '">'; $retVal .= 'Build/Upgrade'; $retVal .= '</a>'; $retVal .= '</li>'; } } $retVal .= '</ul>'; $retVal .= '<div style="clear:both;"></div>'; return $hasContent !== false ? $retVal : false; }
function AdminNavigation() { $output = "<nav class=\"admin-panel\"><ul><li>"; $output .= "<a title = \"Website Content\" href=\"../public/manage_content.php\">Website Content</a>"; $output .= "</li>"; $output .= "<li>"; $output .= "<a title = \"Admins\" href=\"../public/manage_admin.php\">Admins</a>"; $output .= "</li>"; $output .= "<li>"; $output .= "<a title = \"LogOut\" href=\"../public/admin_logout.php\">Log out</a>"; $output .= "</li></ul></nav>"; if (LoggedIn()) { return $output; } }
function _loginUser() { if ($_POST['userlogin']) { #check fields $logindata['username'] = trim($_POST['login_username']); $logindata['password'] = trim($_POST['login_password']); $errors = false; foreach ($logindata as $key => $value) { if (!$value) { $this->forms['userlogin']['fields'][$key]['bgrd'] = '_error'; $errors = true; } else { $this->forms['userlogin']['fields'][$key]['value'] = $value; } } #empty fields if ($errors) { $this->forms['userlogin']['errormessage'] = "Feld leer!"; } else { $return = getUserByLogin($logindata['username'], $logindata['password']); if (!$return || $return['activation']) { #login wrong $this->forms['userlogin']['errormessage'] = "Login/Passwort falsch!"; addToLogfile("Login fehlgeschlagen, User " . $logindata['username'], "Login/Logout"); } else { #login ok #save id and password in session $sessionuserdata['id'] = $return['uid']; $sessionuserdata['password'] = $return['password']; $_SESSION['sessionuserdata'] = $sessionuserdata; LoggedIn($return['uid']); addToLogfile("Login", "Login/Logout", $return['uid']); setcookie('menuitems'); $this->_header("index.php"); } } } $this->template->assign('title', 'Login'); $this->template->assign('forms', $this->forms); $this->template->display('index_login.html'); exit; }
function index_hidden_template($mode) { # KFD 1/10/08. If x6 is set, we follow a completely different # path, x6 settings win out. $flagx6 = configGet('flag_x6', 'N'); $x6template = configGet('x6_template', ''); $x6group = configGet('x6_group', ''); if ($flagx6 == 'Y') { # In x6, we consider the "app_template()" function first, # if it returns something it always wins. if (function_exists('app_template')) { vgfSet('template', app_template()); } else { if ($x6template == '') { vgfSet('template', 'x6'); } else { if (!LoggedIn() || inGroup($x6group)) { vgfSet('template', $x6template); } else { vgfSet('template', 'x6'); } } } } else { # this is old x2/x4 mode, begin by obtaining a # 'candidate' they may have been set $candidate = vgfGet('template'); # KFD 7/23/08. Give application a chance to # play with setting if (function_exists('app_template')) { vgfSet('template', app_template($candidate)); } # KFD 7/23/08. If no template has been set by vgfSet, # and the candidate is not empty, pick it if ($candidate != '' && vgfGet('template') == '') { vgfSet('template', $candidate); } # KFD 7/23/08. Finally, if we still don't have something, # pick according to mode if (vgfGet('template') == '') { if ($mode == 'x4') { vgfSet('template', 'pixel2'); } else { vgfSet('template', 'rt_pixel'); } } } # KFD 9/2/08. We still have one customer with a public # interface that is not a Joomla template. If the # template is "*" then we DO NOT set up Joomla # compatibility. The application will use its own # file in the application directory that is specified # with vgaSet('html_pub'). if (vgfGet('template') == '*') { return; } # Tell the JOOMLA files that we are legit # Fool them, that is... define("_ANDROMEDA_JOOMLA", 1); define("_JOOMLA_ANDROMEDA", 1); # Activate the template by creating public $J and calling funcs global $J, $AG; $J['TEMPLATE'] = vgfGet('template'); JoomlaCompatibility($J['TEMPLATE']); $aphp = $AG['dirs']['root'] . '/templates/' . $J['TEMPLATE'] . '/andromeda.php'; if (file_exists($aphp)) { include $aphp; } # <----- EARLY RETURN # The rest of this is totally superseded, and can # be removed after we go live with Beta 1 return; /* global $AG; # KFD 7/3/08. Have the vgfGet() value override anything else # if(vgfGet('template')<>'') { # Assign the template to spots where the legacy code will find it $AG['template'] = vgfGet('template'); } // First conditional fix contributed by Don Organ 9/07, $AG['template'] // was getting lost on passes 2+ if(ArraySafe($AG,'template')<>'') { SessionSet('TEMPLATE',$AG['template']); } else { if(SessionGet("TEMPLATE")=='') { if(!file_exists(fsDirTop().'templates')) { // There is no templates directory, so stop looking SessionSet('TEMPLATE','*'); } else { if(ArraySafe($AG,'template')<>'') { // if the app or instance specified a template at build time, // use that. SessionSet('TEMPLATE',$AG['template']); } else { // At this point nobody has told us what to do, pick the // first template we can find. // Big change by KFD 3/15/08 If we do not know what // template to use, prefer to pick rt_pixel, our // default template, unless we find another one. // In that case we assume that template is there for // a reason and we use it. $dir = $AG['dirs']['root'].'templates/'; $DIR = opendir($dir); $rt_pixel = false; while (false!==($filename = readdir($DIR))) { if ($filename=='.') continue; if ($filename=='..') continue; if ($filename=='andro_classic') continue; if ($filename=='x4') continue; // DO 2-1-2008 Added to ignore SVN directory if ($filename=='.svn') continue; if ($filename=='rt_pixel') $rt_pixel = true; if (is_dir($dir.$filename)) { SessionSet('TEMPLATE',scFileName($filename)); break; } } closedir($DIR); // Here is where we pick rt_pixel if we could not // find anything else if($rt_pixel && SessionGet('TEMPLATE','')=='') { SessionSet('TEMPLATE',$rt_pixel); } } } } } // Now if a template was identified if(SessionGet("TEMPLATE")<>'*') { // Notify any code that may need to know that we are in a hybrid // Andromeda-joomla situation. This is for both template code and // Andromeda code. We define both variables in case people forget // which one we defined. define("_ANDROMEDA_JOOMLA",1); define("_JOOMLA_ANDROMEDA",1); // Activate the template by creating public $J and calling funcs global $J; $J['TEMPLATE']=SessionGet('TEMPLATE'); JoomlaCompatibility($J['TEMPLATE']); $aphp=$AG['dirs']['root'].'/templates/'.$J['TEMPLATE'].'/andromeda.php'; if(file_exists($aphp)) { include($aphp); } } */ }
function delfile() { # If user is not logged in and not in file maintenance, # quietly ignore if (!LoggedIn()) { return; } if (!inGroup('filemaint')) { return; } $filename = fsDirTop() . 'apppub/' . gp('file'); unlink($filename); }
function mosShowListMenu($menutype) { // ------------------------------------------------------- // Andromeda Code: If we are in an Andromeda situation // then everything is vastly simplified, we already have // the menu and we don't do much conversion // ------------------------------------------------------- if (defined('_ANDROMEDA_JOOMLA')) { if (!LoggedIn()) { return; } // KFD 7/6/07, cache the menu so we don't have to do // this on every call. // Cachegrind cost to build menu : 259 / 199 // Cachegrind cost logging in : 140 // Cachegrind cost login, cache to session: 2!!!! // Cachegrind cost to cache to disk : 400! # KFD 4/17/08, rebuild menu if they switched modes # KFD 6/21/08, simplify this by just looking at x4Welcome #$menu_mode = gpExists('x4Page') # ? (vgfGet('x4menu',false)==true ? 'x4' : 'classic') # : 'classic'; $menu_mode = configGet('x4welcome', 'N') == 'Y' ? 'x4' : 'classic'; vgfSet('menu_mode', $menu_mode); # KFD 6/21/08 (END) if ($menu_mode != SessionGet('menu_mode')) { sessionSet('menu', ''); sessionSet('menu_mode', $menu_mode); } $menu = SessionGet('menu', ''); if ($menu != '') { echo $menu; return; } ob_start(); $children = array(); $open = array(); $indents = array(array("<ul>", "<li>", "</li>", "</ul>")); $class_sfx = null; $hilightid = SessionGET('AGMENU_MODULE'); $hilightid = ''; $menus = SessionGET("AGMENU"); foreach ($menus as $menuid => $menuinfo) { //if($menuid=='datadict') continue; //if($menuid=='sysref') continue; $x = new joomla_fake(); $x->type = 'url'; $x->id = $menuid; if (sessionGet('menu_mode') == 'x4') { $x->link = 'javascript:void(0);'; } else { $x->link = "?x_module=" . urlencode($menuid); } $x->browserNav = ''; $x->name = $menuinfo['description']; $children[0][] = $x; foreach ($menuinfo['items'] as $page => $pageinfo) { $x = new joomla_fake(); $x->type = 'url'; $x->id = $page; # KFD 6/26/08, the vgfX(x4) was experimental, get rid of it #if(vgfGet('x4')===true) { # $pd = $pageinfo['description']; # $x->link="javascript:x4Page('$page','$pd')"; #} #else { # KFD 6/26/08, work out the menu mode first $xmode = 'x2'; if (sessionGet('menu_mode') == 'x4') { $xmode = a($pageinfo, 'uix2', 'N') == 'Y' ? 'x2' : 'x4'; } if ($xmode == 'x4') { $x->link = '?x4Page=' . urlencode($page); $x->link .= '&x4Return=' . vgaGet('nopage', 'menu'); } else { $x->link = "?x_module={$menuid}&x2=1&gp_page=" . urlencode($page); } if (ArraySafe($pageinfo, 'menu_parms') != '') { $x->link .= '&' . urlencode($pageinfo['menu_parms']); } #} $x->browserNav = ''; $x->name = $pageinfo['description']; $children[$menuid][] = $x; } } mosRecurseListMenu(0, 0, $children, $open, $indents, $class_sfx, $hilightid); $menu = ob_get_clean(); echo $menu; SessionSet('menu', $menu); //$fsMenuFileHTML=ob_get_clean(); //file_put_contents($fsMenuFile,$fsMenuFileHTML); //echo $fsMenuFileHTML; return; } // ------------------------------------------------------- // Andromeda Code: END // ------------------------------------------------------- global $database, $my, $cur_template, $Itemid; global $mosConfig_absolute_path, $mosConfig_live_site, $mosConfig_shownoauth; $class_sfx = null; $hilightid = null; /* If a user has signed in, get their user type */ $intUserType = 0; if ($my->gid) { switch ($my->usertype) { case 'Super Administrator': $intUserType = 0; break; case 'Administrator': $intUserType = 1; break; case 'Editor': $intUserType = 2; break; case 'Registered': $intUserType = 3; break; case 'Author': $intUserType = 4; break; case 'Publisher': $intUserType = 5; break; case 'Manager': $intUserType = 6; break; } } else { /* user isn't logged in so make their usertype 0 */ $intUserType = 0; } if ($mosConfig_shownoauth) { $database->setQuery("SELECT m.*, count(p.parent) as cnt" . "\nFROM #__menu AS m" . "\nLEFT JOIN #__menu AS p ON p.parent = m.id" . "\nWHERE m.menutype='{$menutype}' AND m.published='1'" . "\nGROUP BY m.id ORDER BY m.parent, m.ordering "); } else { $database->setQuery("SELECT m.*, sum(case when p.published=1 then 1 else 0 end) as cnt" . "\nFROM #__menu AS m" . "\nLEFT JOIN #__menu AS p ON p.parent = m.id" . "\nWHERE m.menutype='{$menutype}' AND m.published='1' AND m.access <= '{$my->gid}'" . "\nGROUP BY m.id ORDER BY m.parent, m.ordering "); } $rows = $database->loadObjectList('id'); echo $database->getErrorMsg(); //work out if this should be highlighted $sql = "SELECT m.* FROM #__menu AS m" . "\nWHERE menutype='" . $menutype . "' AND m.published='1'"; $database->setQuery($sql); $subrows = $database->loadObjectList('id'); $maxrecurse = 5; $parentid = $Itemid; //this makes sure toplevel stays hilighted when submenu active while ($maxrecurse-- > 0) { $parentid = getParentRow($subrows, $parentid); if (isset($parentid) && $parentid >= 0 && $subrows[$parentid]) { if (vgfGet('menu_mode') != 'x4') { $hilightid = $parentid; } } else { break; } } if (vgfGet('menu_mode') == 'x4') { $hilightid = ''; } //echo "<!--[if lte IE 7]>\n"; include_once "{$mosConfig_absolute_path}/templates/" . $cur_template . "/js/ie.js"; //echo "<![endif]-->\n"; $indents = array(array("<ul>", "<li>", "</li>", "</ul>")); // establish the hierarchy of the menu $children = array(); // first pass - collect children foreach ($rows as $v) { $pt = $v->parent; $list = @$children[$pt] ? $children[$pt] : array(); array_push($list, $v); $children[$pt] = $list; } // second pass - collect 'open' menus $open = array($Itemid); $count = 20; // maximum levels - to prevent runaway loop $id = $Itemid; while (--$count) { if (isset($rows[$id]) && $rows[$id]->parent > 0) { $id = $rows[$id]->parent; $open[] = $id; } else { break; } } $class_sfx = null; mosRecurseListMenu(0, 0, $children, $open, $indents, $class_sfx, $hilightid); }
<?php $id = $_GET['id']; include 'common-code/login.php'; if (!LoggedIn()) { header("location:login.php"); } $conn = dbConnect(); ?> <html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Zealicon 2015</title> <!-- Core CSS - Include with every page --> <link href="css/bootstrap.min.css" rel="stylesheet"> <link href="font-awesome/css/font-awesome.css" rel="stylesheet"> <!-- Page-Level Plugin CSS - Tables --> <link href="css/plugins/dataTables/dataTables.bootstrap.css" rel="stylesheet"> <!-- SB Admin CSS - Include with every page --> <link href="css/sb-admin.css" rel="stylesheet"> </head> <body>
/** * This is an experimental routine. * * This routine is used by public websites that accept user registration * information. The idea is that after you create their account you call * this routine to log them in, saving them the annoyance of having to * re-type their username/password at a login screen. * * string $UID User ID * string $PWD Password */ function Login($UID, $PWD) { // Make it look like the UID and PWD were passed in on the // request, that's where x_login wants to find them. gpSet('loginUID', $UID); gpSet('loginPWD', $PWD); // Create and run the login object $obj_login = DispatchObject('x_login'); $obj_login->Login_Process(); // If the login worked, disconnect whatever previous connection // we had and connect back as this user. This usually means an // anonymous connection is killed. if (LoggedIn()) { scDBConn_Pop(); scDBConn_PUsh(); } }
function tmpModuleMenuRight() { if (!LoggedIn()) { return; } $extra = ''; if (!vgfGet('x4Welcome', false) && gpExists('x4Page')) { $extra = '<li><a href="?index.php">Classic</a>'; } ?> <ul> <?php echo $extra; ?> <li><a href='?st2logout=1'>Logout</a></li> </ul> <?php return false; }