Esempi in PHP per getAuthUser

Esempio n. 1

File: view_user.php Progetto: efdalustaoglu/secure-coding

function getSCS()
{
    $program = realpath("../app/SCSimulator/tan_generator");
    $program_directory = substr($program, 0, strrpos($program, "/"));
    chdir($program_directory);
    $acctNum = selectAccountByUserId(getAuthUser()->userid)->ACCOUNT_NUMBER;
    $dbUser = "******";
    $dbPass = "******";
    $dbName = "bank_db";
    $command = "./tan_generator pin {$acctNum} '{$dbUser}' '{$dbPass}' '{$dbName}'";
    $output = shell_exec($command);
    return $output;
}

Esempio n. 2

File: actions.php Progetto: ralfoide/ZoneMinder

{
    $names = $name . "s";
    $ids = array();
    if (isset($_REQUEST[$names]) || isset($_REQUEST[$name])) {
        if (isset($_REQUEST[$names])) {
            $ids = validInt($_REQUEST[$names]);
        } else {
            if (isset($_REQUEST[$name])) {
                $ids[] = validInt($_REQUEST[$name]);
            }
        }
    }
    return $ids;
}
if (ZM_OPT_USE_AUTH && ZM_AUTH_HASH_LOGINS && empty($user) && !empty($_REQUEST['auth'])) {
    if ($authUser = getAuthUser($_REQUEST['auth'])) {
        userLogin($authUser['Username'], $authUser['Password'], true);
    }
}
if (!empty($action)) {
    // General scope actions
    if ($action == "login" && isset($_REQUEST['username']) && (ZM_AUTH_TYPE == "remote" || isset($_REQUEST['password']))) {
        $username = validStr($_REQUEST['username']);
        $password = isset($_REQUEST['password']) ? validStr($_REQUEST['password']) : '';
        userLogin($username, $password);
    } elseif ($action == "logout") {
        userLogout();
        $refreshParent = true;
        $view = 'none';
    } elseif ($action == "bandwidth" && isset($_REQUEST['newBandwidth'])) {
        $_COOKIE['zmBandwidth'] = validStr($_REQUEST['newBandwidth']);

Esempio n. 3

File: view_transactions.php Progetto: efdalustaoglu/secure-coding

<div class="pull-left">
  <a class="pure-button pure-button-primary" href="create_transaction.php">New Transaction</a>
  <?php 
if ($showDownload !== "") {
    ?>
    <a class="pure-button pure-button-primary" href="view_transactions.php<?php 
    echo $showDownload;
    ?>
">Download Transactions</a>
  <?php 
}
?>
</div>
<div class="pull-right">
  <?php 
if (getAuthUser()->usertype == "E") {
    ?>
 
  <form class="pure-form" method="get" action="<?php 
    $_SERVER['PHP_SELF'];
    ?>
">
     <fieldset>
        <select name="id">
          <option value="0">All Users</option>
          <?php 
    foreach ($users as $user) {
        ?>
          <option value="<?php 
        echo $user->ID;
        ?>

Esempio n. 4

File: AdminManageUserService.php Progetto: agriya/webshopauthenticate

 public function updateUserActivationByAdmin($user_id, $action)
 {
     if (strtolower($action) == 'activate') {
         $user = User::where("id", $user_id)->where('activated', 0)->first();
         if ($user) {
             $activation_code = $user->getActivationCode();
             $userService = new UserAccountService();
             $userService->activateUser($user, $activation_code, $auto_login = false);
         }
         $success_msg = trans('admin/manageMembers.memberlist_activated_suc_msg');
     } else {
         $user = User::where("id", $user_id)->first();
         $data_arr['activated'] = 0;
         User::where('id', $user_id)->update($data_arr);
         $success_msg = trans('admin/manageMembers.memberlist_deactivated_suc_msg');
     }
     // Add user log entry
     $data_arr['user_id'] = $user_id;
     $data_arr['added_by'] = getAuthUser()->id;
     $data_arr['date_added'] = date('Y-m-d H:i:s');
     $data_arr['log_message'] = $success_msg . " Added by: " . getAuthUser()->first_name . " On." . date('Y-m-d H:i:s');
     $userlog = new UserLog();
     $userlog->addNew($data_arr);
     return $success_msg;
 }

Esempio n. 5

File: create_transaction.php Progetto: efdalustaoglu/secure-coding

        unset($_SESSION['newtransactiontoken']);
        header("Location: " . "view_transactions.php");
    }
    if (!empty($transaction->msg)) {
        $showMsg = $transaction->msg;
    }
}
// process file
if (isset($_POST['upload'])) {
    $upload = uploadTransactionFile();
    if ($upload->value) {
        // execute C program
        $program = realpath("../app/file_parser");
        $program_directory = substr($program, 0, strrpos($program, "/"));
        chdir($program_directory);
        $command = "./file_parser " . $upload->value . " root yadaandshadadb bank_db " . getAuthUser()->userid;
        $output = shell_exec($command);
        unlink($upload->value);
        if ((int) $output === 0) {
            $showMsg = "Transaction successful";
        } else {
            $showMsg = "Transaction failed with error code: " . $output;
        }
    } else {
        $showMsg = $upload->msg;
    }
}
// include header
$pageTitle = "Create Transaction";
include "header.php";
?>

Esempio n. 6

File: user.php Progetto: efdalustaoglu/secure-coding

function approveRegistration($id, $approver, $decision, $balance)
{
    privilegedUserAction();
    $return = returnValue();
    getDBCredentials(getAuthUser()->usertype);
    if ($decision && (!is_numeric($balance) || $balance < 1)) {
        $return->value = false;
        $return->msg = "Balance should be a positive number.";
        return $return;
    }
    //Ensure that users are approved only once 4.6.3
    $user = getSingleUser($id);
    if ($user->APPROVED_BY != NULL) {
        $return->value = false;
        $return->msg = "Invalid action";
        return $return;
    }
    $update = updateUserRegistration($id, $approver, $decision);
    if (!$update) {
        $return->value = false;
        $return->msg = "DB update operation failed";
        return $return;
    }
    if (!$decision) {
        $return->value = true;
        $return->msg = "User registration denied successfully";
        return $return;
    }
    // create user's account number
    $accountNumber = generateAccountNumber($id, $balance);
    if (!$accountNumber) {
        $return->value = false;
        $return->msg = "Error updating user account number";
        return $return;
    }
    // send email to user with 100 tans
    $tans = createTans($id);
    if (!$tans->value) {
        $return->value = false;
        $return->msg = $tans->msg;
        return $return;
    }
    $return->value = true;
    $return->msg = "User approval successful";
    return $return;
}

Esempio n. 7

File: AdminProductListService.php Progetto: agriya/webshoppack

 public function sendProductActionMail($p_id, $action, $input_arr)
 {
     $product_details = Product::whereRaw('id = ?', array($p_id))->first();
     $user_details = CUtil::getUserDetails($product_details->product_user_id);
     $product_code = $product_details->product_code;
     $url_slug = $product_details->url_slug;
     $view_url = $this->getProductViewURL($product_details->id, $product_details);
     $user_type = CUtil::isSuperAdmin() ? 'Admin' : 'Staff';
     $logged_user_id = isLoggedin() ? getAuthUser()->user_id : 0;
     $staff_details = CUtil::getUserDetails($logged_user_id);
     $data = array('product_code' => $product_details['product_code'], 'product_name' => $product_details['product_name'], 'display_name' => $user_details['display_name'], 'user_email' => $user_details['email'], 'action' => $action, 'view_url' => $view_url, 'admin_notes' => isset($input_arr['comment']) ? $input_arr['comment'] : '', 'user_type' => $user_type);
     $data['product_details'] = $product_details;
     $data['user_details'] = $user_details;
     $data['staff_details'] = $staff_details;
     //Mail to User
     Mail::send('emails.mp_product.productStatusUpdate', $data, function ($m) use($data) {
         $m->to($data['user_email']);
         $subject = str_replace('VAR_PRODUCT_CODE', $data['product_code'], trans('email.productStatusUpdate'));
         $m->subject($subject);
     });
     //Send mail to admin
     $mailer = new AgMailer();
     $data['subject'] = str_replace('VAR_PRODUCT_CODE', $data['product_code'], trans('email.productStatusUpdateAdmin'));
     $mailer->sendAlertMail('mp_product_status_update', 'emails.mp_product.productStatusUpdateAdmin', $data);
 }

Esempio n. 8

File: view.php Progetto: bvy/cources

    } else {
        $sortDirection = $_GET['sort'];
        setcookie('sortDirection', $sortDirection, time() + 3600);
    }
} else {
    if (isset($_COOKIE['sortDirection'])) {
        $sortDirection = $_COOKIE['sortDirection'];
        $_GET['sort'] = $_COOKIE['sortDirection'];
    } else {
        $sortDirection = 1;
    }
}
if (isset($newSortDirection)) {
    $sortDirection = $newSortDirection;
}
echo '<br>' . 'You are logged to site as: ' . getAuthUser() . ' <br>';
echo '<form method="post" action="logout.php"><input type="submit" value="Log out"></form>';
?>

<form action="view.php" method="get">
            
             <label>Sort products
                 <select name="sort">
                     <option value="1" <?php 
if (isset($_GET['sort'])) {
    if ($_GET['sort'] == 1) {
        echo ' selected="selected"';
    }
}
?>
 >ASC</option>";

Esempio n. 9

File: AdminViewProductController.php Progetto: agriya/webshoppack

 public function addReplyComment()
 {
     $error_message = $success_message = "";
     $url = Url::to('products');
     $thread_id = Input::get('thread_id', 0);
     $product_code = Input::get('prd', 0);
     if ($product_code) {
         $rules = $messages = array();
         $rules = array('reply_message_' . $thread_id => 'required');
         $validator = Validator::make(Input::all(), $rules, $messages);
         if ($validator->passes()) {
             $reply_id = 0;
             $p_details = Product::whereRaw('product_code = ? AND product_status != ?', array($product_code, 'Deleted'))->first();
             if (count($p_details) > 0) {
                 $return_arr = $this->chkIsAllowConversation($p_details['id'], $p_details, $thread_id);
                 if ($return_arr['allow_to_reply']) {
                     $input_arr = Input::All();
                     $logged_user_id = getAuthUser() ? getAuthUser()->user_id : 0;
                     $date_now = date('Y-m-d H:i:s');
                     if ($thread_id > 0) {
                         $message_thread = MpProductComments::whereRaw('id = ? AND is_deleted = ?', array($thread_id, 0))->first();
                         if (count($message_thread) > 0) {
                             $visibility = $message_thread['visibility'] == 'Private' ? 'Private' : Input::get('visibility_' . $thread_id, 'Public');
                             $mesage_data = array('date_added' => $date_now, 'product_id' => $message_thread['product_id'], 'thread_id' => $thread_id, 'notes' => Input::get('reply_message_' . $thread_id), 'added_by_user_id' => $logged_user_id, 'visibility_status' => $visibility, 'is_deleted' => 0);
                             $message_comment_replies = new MpProductCommentReplies();
                             $reply_id = $message_comment_replies->insertGetId($mesage_data);
                             $reply_count = $message_thread['total_replies'];
                             //To update reply count and reply status
                             MpProductComments::where('id', $thread_id)->update(array("last_replied_user_id" => $logged_user_id, "last_updated" => $date_now, 'total_replies' => (int) $reply_count + 1));
                         }
                         $success_message = trans('webshoppack::viewProduct.reply_message_added_success');
                         $key = "NewReply";
                     } else {
                         $visibility = Input::get('visibility_' . $thread_id, 'Public');
                         $mesage_data = array('date_added' => $date_now, 'product_id' => $p_details['id'], 'user_id' => $logged_user_id, 'seller_id' => $p_details['product_user_id'], 'message' => Input::get('reply_message_' . $thread_id), 'last_updated' => $date_now, 'visibility' => $visibility, 'is_deleted' => 0);
                         $message_comments = new MpProductComments();
                         $thread_id = $message_comments->insertGetId($mesage_data);
                         $success_message = trans('webshoppack::viewProduct.comment_added_success');
                         $key = "NewComment";
                     }
                     // Send user notification mail details for admin and Thread owner / Purchased user
                     $this->ViewProductService->sendProductConversationMail($p_details, $thread_id, $key, $reply_id);
                 }
                 $url = $this->ViewProductService->getProductViewURL($p_details['id'], $p_details);
                 $url = $url . "/comments";
             } else {
                 $error_message = trans('webshoppack::viewProduct.invalid_url_slug');
             }
         } else {
             $error_message = trans('webshoppack::viewProduct.invalid_url_slug');
             $error_message = trans('webshoppack::viewProduct.invalid_url_slug');
         }
     }
     return Redirect::to($url)->with('success_message', $success_message)->with('error_message', $error_message);
 }

Esempio n. 10

File: UserAccountService.php Progetto: ahsanpackage/webshopauthenticate

 public function uploadUserImage($file, $image_ext, $image_name, $destinationpath, $user_id = 0)
 {
     $config_path = Config::get('generalConfig.user_image_folder');
     $this->chkAndCreateFolder($config_path);
     $logged_user_id = $user_id;
     if (!$logged_user_id && isset(getAuthUser()->id)) {
         $logged_user_id = getAuthUser()->id;
     }
     // open file a image resource
     Image::make($file->getRealPath())->save(Config::get("generalConfig.user_image_folder") . $image_name . '_O.' . $image_ext);
     list($width, $height) = getimagesize($file);
     list($upload_img['width'], $upload_img['height']) = getimagesize(base_path() . '/public/' . $config_path . $image_name . '_O.' . $image_ext);
     $large_width = Config::get('generalConfig.user_image_large_width');
     $large_height = Config::get('generalConfig.user_image_large_height');
     if (isset($large_width) && isset($large_height)) {
         $img_size = CUtil::DISP_IMAGE($large_width, $large_height, $upload_img['width'], $upload_img['height'], true);
         Image::make($file->getRealPath())->resize($large_width, $large_height, true, false)->save($config_path . $image_name . '_L.' . $image_ext);
     }
     $small_width = Config::get("generalConfig.user_image_small_width");
     $small_height = Config::get("generalConfig.user_image_small_height");
     if (isset($small_width) && isset($small_height)) {
         $simg_size = CUtil::DISP_IMAGE($small_width, $small_height, $upload_img['width'], $upload_img['height'], true);
         Image::make($file->getRealPath())->resize($small_width, $small_height, true, false)->save($config_path . $image_name . '_S.' . $image_ext);
     }
     $thumb_width = Config::get("generalConfig.user_image_thumb_width");
     $thumb_height = Config::get("generalConfig.user_image_thumb_height");
     if (isset($thumb_width) && isset($thumb_height)) {
         $timg_size = CUtil::DISP_IMAGE($thumb_width, $thumb_height, $upload_img['width'], $upload_img['height'], true);
         Image::make($file->getRealPath())->resize($thumb_width, $thumb_height, true, false)->save($config_path . $image_name . '_T.' . $image_ext);
     }
     $img_path = Request::root() . '/' . $config_path;
     list($upload_input['small_width'], $upload_input['small_height']) = getimagesize($img_path . $image_name . '_S.' . $image_ext);
     list($upload_input['thumb_width'], $upload_input['thumb_height']) = getimagesize($img_path . $image_name . '_T.' . $image_ext);
     list($upload_input['large_width'], $upload_input['large_height']) = getimagesize($img_path . $image_name . '_L.' . $image_ext);
     $user_image = new UserImage();
     $user_data = array('image_ext' => $image_ext, 'image_name' => $image_name, 'image_server_url' => $destinationpath, 'large_height' => $upload_input['large_height'], 'large_width' => $upload_input['large_width'], 'small_width' => $upload_input['small_width'], 'small_height' => $upload_input['small_height'], 'thumb_width' => $upload_input['thumb_width'], 'thumb_height' => $upload_input['thumb_height']);
     $user_image_details = UserImage::where('user_id', $logged_user_id)->first();
     if (count($user_image_details) > 0) {
         $this->deleteImageFiles($user_image_details->image_name, $user_image_details->image_ext, $config_path);
         UserImage::where('user_id', $logged_user_id)->update($user_data);
         $id = $user_image_details->image_id;
     } else {
         $user_data['date_added'] = new DateTime();
         $user_data['user_id'] = $logged_user_id;
         $id = $user_image->insertGetId($user_data);
     }
     return $id;
 }

Esempio n. 11

File: top-menu.php Progetto: D-L-C/php-Development-project

<div class="top-menu">
    <div class="menu-options">
        <?php 
if (isLoggedIn()) {
    ?>
			<a href="index.php">Home</a>
			|
			<a href="list-posts.php">All posts</a>
			|
            <a href="edit-post.php">New post</a>
            |
            Hello <?php 
    echo htmlEscape(getAuthUser());
    ?>
.
            <a href="logout.php">Log out</a>
        <?php 
} else {
    ?>
            <a href="login.php">Log in</a>
        <?php 
}
?>
    </div>
</div>

Esempio n. 12

File: view_transaction.php Progetto: efdalustaoglu/secure-coding

    </div>

    <div class="pure-control-group">
      <label>Approved On</label>
      <span><?php 
    echo $transaction->DATE_APPROVED;
    ?>
</span>
    </div>

    <div class="pure-controls">
      <input type="hidden" name="transactionid" value="<?php 
    echo $transaction->ID;
    ?>
" />
      <?php 
    if ($transaction->STATUS == "P" and getAuthUser()->usertype == "E") {
        ?>
      <button type="submit" name="approve" class="pure-button button-success">Approve</button>
      <button type="submit" name="deny" class="pure-button button-error">Deny</button>
      <?php 
    }
    ?>
    </div>
  </fieldset>
</form>

<?php 
}
// include footer
include "footer.php";

Esempio n. 13

File: header.php Progetto: efdalustaoglu/secure-coding

          </li>
          <li class="pure-menu-item">
            <?php 
    $userLink = getAuthUser()->usertype === 'E' ? 'view_users.php' : 'view_user.php?id=' . getAuthUser()->userid;
    ?>
            <a href="<?php 
    echo $userLink;
    ?>
" class="pure-menu-link">User</a>
          </li>
        </ul>
        <ul class="pure-menu-list pull-right">
          <li class="pure-menu-item">
            <a href="#!" class="pure-menu-link">
              <b><?php 
    echo getAuthUser()->firstname . ' ' . getAuthUser()->lastname;
    ?>
</b>
            </a>
          </li>
          <li class="pure-menu-item">
            <a href="<?php 
    echo 'logout.php';
    ?>
" class="pure-menu-link">Logout</a>
          </li>
        </ul>
      <?php 
} else {
    ?>
      <ul class="pure-menu-list">