Esempio n. 1
0
/**
 * ユーザのオートログイン
 *
 * @param string $session_id
 *
 * @return array
 */
function service_user_autologin($session_id)
{
    // セッションを取得
    $users = select_sessions(array('select' => 'user_id, keep', 'where' => array('id = :id AND expire > :expire', array('id' => $session_id, 'expire' => localdate('Y-m-d H:i:s')))));
    $session = false;
    $user_id = null;
    if (!empty($users)) {
        // セッションを更新
        $new_session_id = rand_string();
        $resource = update_sessions(array('set' => array('id' => $new_session_id, 'agent' => $_SERVER['HTTP_USER_AGENT'], 'expire' => localdate('Y-m-d H:i:s', time() + $GLOBALS['config']['cookie_expire'])), 'where' => array('id = :id', array('id' => $session_id))));
        if ($resource) {
            cookie_set('auth[session]', $new_session_id, time() + $GLOBALS['config']['cookie_expire']);
        } else {
            error('データを編集できません。');
        }
        if ($users[0]['keep']) {
            // ユーザを更新
            $resource = update_users(array('set' => array('loggedin' => localdate('Y-m-d H:i:s')), 'where' => array('id = :id', array('id' => $users[0]['user_id']))));
            if (!$resource) {
                error('データを編集できません。');
            }
            $session = true;
            $user_id = $users[0]['user_id'];
        }
    }
    return array($session, $user_id);
}
Esempio n. 2
0
function action_edit_user()
{
    global $PAGE;
    $current = isset($_GET['user_id']) && is_numeric($_GET['user_id']) ? $_GET['user_id'] : null;
    if (!$current) {
        $PAGE->title = 'Добавить пользователя';
    }
    if (isset($_POST['action']) && $_POST['action'] == 'save') {
        $temp = $res = array('login' => '', 'code' => '', 'display_name' => '', 'mail' => '', 'groups_ID' => array(), 'rules' => array());
        $res = set_merge($res, $_POST);
        if ($password = $_POST['password']) {
            $salt = random_salt();
            $password = crypt(md5($password), $salt);
            $res['password'] = $password;
            $res['salt'] = $salt;
        }
        if ($res['login'] && $res['display_name'] && $res['mail'] && $res['code'] && count($res['groups_ID']) && (isset($res['password']) || $current)) {
            if ($current) {
                if (update_users($res, "WHERE ID='{$current}'")) {
                    push_output_message(array('title' => 'Обновлено!', 'text' => 'Пользователь успешно обновлён', 'class' => 'alert alert-success'));
                } else {
                    push_output_message(array('title' => 'Ошибка!', 'text' => 'Произошла неизвестная ошибка', 'class' => 'alert alert-danger'));
                }
                $res['ID'] = $current;
                set_glob_content(array('body' => (object) $res));
            } else {
                if (add_user($res)) {
                    push_output_message(array('title' => 'Добавлено!', 'text' => 'Пользователь успешно добавлен', 'class' => 'alert alert-success'));
                } else {
                    push_output_message(array('title' => 'Ошибка!', 'text' => 'Произошла неизвестная ошибка', 'class' => 'alert alert-danger'));
                }
            }
        } else {
            push_output_message(array('title' => 'Ошибка!', 'text' => 'Заполните все обязательные поля', 'class' => 'alert alert-danger'));
            set_glob_content(array('body' => (object) $res));
        }
    } elseif (isset($_POST['action']) && $_POST['action'] == 'delete' && $current && delete_user($current)) {
        push_output_message(array('title' => 'Удалено!', 'text' => 'Пользователь успешно удалён', 'class' => 'alert alert-success'));
        set_glob_content(array('body' => (object) $temp));
    } elseif ($current && ($user = get_user($current, 'ID, login, code, display_name, mail, groups_ID, rules', true))) {
        set_glob_content(array('body' => $user));
    }
}
Esempio n. 3
0
    case "saveprefs":
        saveprefs($sid);
        break;
    case "update":
        $stype = "";
        if (intval($user) != -1) {
            $stype = $user;
        } elseif (intval($entity) != -1) {
            $stype = $entity;
        }
        if ($stype == "") {
            $stype = Session::get_session_user();
        }
        update_profile($sid, $sname, $sdescription, $stype, $sautoenable, $auto_cat_status, $auto_fam_status, $tracker);
        break;
    case "updateusers":
        update_users($sid, $users);
        break;
    case "viewconfig":
        view_config($sid);
        break;
    default:
        select_profile();
        break;
}
echo "   </td></tr>";
echo "   </table>";
echo "</td></tr>";
echo "</table>";
$db->close($dbconn);
require_once 'footer.php';
Esempio n. 4
0
         $headers = $GLOBALS['config']['mail_headers'];
         // メールを送信
         if (service_mail_send($to, $subject, $message, $headers) === false) {
             error('メールを送信できません。');
         }
         // トランザクションを終了
         db_commit();
     }
 }
 if ($success) {
     // 認証成功
     $_SESSION['auth']['user'] = array('id' => $id, 'time' => localdate());
     // トランザクションを開始
     db_transaction();
     // 認証失敗回数をリセット
     $resource = update_users(array('set' => array('loggedin' => localdate('Y-m-d H:i:s'), 'failed' => null, 'failed_last' => null), 'where' => array('username = :username', array('username' => $_POST['username']))));
     if (!$resource) {
         error('データを編集できません。');
     }
     // ログイン状態を保持
     $session = rand_string();
     if (isset($_POST['session']) && $_POST['session'] === 'keep') {
         $keep = 1;
     } else {
         $keep = 0;
     }
     if ($session_twostep == 1 || isset($_POST['twostep_session']) && $_POST['twostep_session'] === 'keep') {
         $twostep = 1;
     } else {
         $twostep = 0;
     }
<?php

require 'model.php';
?>
<!DOCTYPE HTML>
<html>
    <head>        
        <title>Exemple simple de site en PHP </title>
    </head>
    <body>
        <h1>Liste des utilisateurs</h1>
        <?php 
if (isset($_GET['action']) && $_GET['action'] == "save") {
    if (!empty($_GET[id])) {
        update_users($_GET[nom], $_GET[prenom], $_GET[id]);
    } else {
        insert_users($_GET[nom], $_GET[prenom]);
    }
}
if (isset($_GET['action']) && $_GET['action'] == "ajouter" || isset($_GET['action']) && $_GET['action'] == "modifier") {
    $nom = "";
    $prenom = "";
    $id = "";
    if ($_GET['action'] == "modifier") {
        $result = select_one_user($_GET['id']);
        $user = mysqli_fetch_assoc($result);
        $nom = $user['nom'];
        $prenom = $user['prenom'];
        $id = $user['id'];
    }
    include 'Views/addOrModifyUserView.php';
Esempio n. 6
0
    if (!$resource) {
        error('指定されたユーザが見つかりません。');
    }
    // ユーザを取得
    $users = select_users(array('select' => 'email', 'where' => array('id = :id', array('id' => $_SESSION['auth']['user']['id']))));
    // メール送信内容を作成
    $_view['url'] = $GLOBALS['config']['http_url'] . MAIN_FILE . '/user/activate?email=' . rawurlencode($users[0]['email']) . '&token=' . $token;
    $to = $users[0]['email'];
    $subject = $GLOBALS['config']['mail_subjects']['user/activate'];
    $message = view('mail/user/activate.php', true);
    $headers = $GLOBALS['config']['mail_headers'];
    // メールを送信
    if (service_mail_send($to, $subject, $message, $headers) === false) {
        error('メールを送信できません。');
    }
    // トランザクションを終了
    db_commit();
    // リダイレクト
    redirect('/user/home?ok=send');
} else {
    // ユーザを編集
    $resource = update_users(array('set' => array('email_activated' => 1, 'token' => null, 'token_code' => null, 'token_expire' => null), 'where' => array('email = :email AND token = :token', array('email' => $_GET['email'], 'token' => $_GET['token']))));
    if (!$resource) {
        error('データを編集できません。');
    }
    if (db_affected_count($resource) == 0) {
        error('メールアドレスを確認できません。');
    }
    // リダイレクト
    redirect('/user/home?ok=activate');
}
Esempio n. 7
0
db_transaction();
// メールアドレスを取得
$users = select_users(array('select' => 'email', 'where' => array('id = :id', array('id' => $_SESSION['auth']['user']['id']))));
// メールアドレスの変更を確認
if ($_SESSION['post']['user']['email'] === $users[0]['email']) {
    $email_activated = 1;
} else {
    $email_activated = 0;
}
// ユーザを編集
$sets = array('username' => $_SESSION['post']['user']['username'], 'email' => $_SESSION['post']['user']['email'], 'email_activated' => $email_activated);
if (!empty($_SESSION['post']['user']['password'])) {
    $sets['password'] = hash_crypt($_SESSION['post']['user']['password'], $password_salt . ':' . $GLOBALS['config']['hash_salt']);
    $sets['password_salt'] = $password_salt;
}
$resource = update_users(array('set' => $sets, 'where' => array('id = :id', array('id' => $_SESSION['auth']['user']['id']))), array('id' => intval($_SESSION['auth']['user']['id']), 'update' => $_SESSION['update']['user']));
if (!$resource) {
    error('データを編集できません。');
}
// プロフィールを編集
$resource = update_profiles(array('set' => array('name' => $_SESSION['post']['profile']['name'], 'text' => $_SESSION['post']['profile']['text']), 'where' => array('user_id = :user_id', array('user_id' => $_SESSION['auth']['user']['id']))), array('id' => intval($_SESSION['auth']['user']['id']), 'update' => $_SESSION['update']['user']));
if (!$resource) {
    error('データを編集できません。');
}
// トランザクションを終了
db_commit();
// 投稿セッションを初期化
unset($_SESSION['post']);
unset($_SESSION['update']);
// リダイレクト
redirect('/user/modify_complete');
Esempio n. 8
0
            echo "updated user {$user->id}\n";
        }
    }
}
function update_users($app_id)
{
    $n = 0;
    $maxid = BoincUser::max("id");
    while ($n <= $maxid) {
        $m = $n + 1000;
        $users = BoincUser::enum("id>={$n} and id<{$m}");
        foreach ($users as $user) {
            update_user($user, $app_id);
        }
        $n = $m;
    }
}
if ($argc != 2) {
    die("usage: app_select_edit.php app_id\n");
}
$app_id = $argv[1];
if (!BoincApp::lookup_id($app_id)) {
    die("No such app: {$app_id}\n");
}
// change comments below for testing
//echo get_new_prefs(BoincUser::lookup_id(1), $app_id);
// show the new project prefs for a user, but don't update DB
//update_user(BoincUser::lookup_id(1), $app_id);
// update DB for a particular user
update_users($app_id);
// update DB for all users
Esempio n. 9
0
        <a href="manage_listings.php"><li>Manage Listings</li></a>
        <a href="logout.php" style="float:right;"><li>Logout</li></a>

    </ul>
</div>

<!-- Main page content: -->
<div id="mainForm">
    <h3>Here you can manage administrators or change your password. (Superuser "admin" cannot be deleted.)</h3>

    <!-- Manage users table -->
    <form action="manage_users.php" method="POST">
    <?php 
    // Update and show changes to admins upon POST
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        update_users($dbc);
        show_users($dbc);
    } else {
        show_users($dbc);
    }
    ?>
    </form>
    <button onclick= "location.href='new_admin.php'">Add New Admin</button>
    <br><br><br><br><br>

    <!-- Password change fields -->
    <form action="manage_users.php" method="POST">
        <?php 
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        // Validates password and changes the password if valid
        if (isset($_POST['pass']) && isset($_POST['pass-repeat']) && strcmp($_POST['pass'], $_POST['pass-repeat']) == 0) {
Esempio n. 10
0
    // Files.
    update_files();
    // Menus will be manually recreated.
    // Node tables.
    update_node_table();
    // Node fields content.
    update_node_fields();
    update_sequences_table();
    // Shortcuts.
    update_shortcuts();
    // Taxonomy terms.
    update_taxonomy_tables();
    // Url aliases.
    update_url_aliases();
    // Users.
    update_users();
    // We do not migrate the watchdog at the moment.
    // Config
    update_config();
} catch (Exception $e) {
    $message = 'If you have just changed code (for example deployed a new module or moved an existing one) read <a href="http://drupal.org/documentation/rebuild">http://drupal.org/documentation/rebuild</a>';
    if (Settings::get('rebuild_access', FALSE)) {
        $rebuild_path = $GLOBALS['base_url'] . '/rebuild.php';
        $message .= " or run the <a href=\"{$rebuild_path}\">rebuild script</a>";
    }
    // Set the response code manually. Otherwise, this response will default to a
    // 200.
    http_response_code(500);
    print $message;
    throw $e;
}
Esempio n. 11
0
<?php

import('libs/plugins/hash.php');
// フォワードを確認
if (forward() === null) {
    error('不正なアクセスです。');
}
// 投稿データを確認
if (empty($_SESSION['post'])) {
    // リダイレクト
    redirect('/password');
}
// トランザクションを開始
db_transaction();
// パスワードのソルトを作成
$password_salt = hash_salt();
// ユーザを編集
$resource = update_users(array('set' => array('password' => hash_crypt($_SESSION['post']['user']['password'], $password_salt . ':' . $GLOBALS['config']['hash_salt']), 'password_salt' => $password_salt, 'token' => null, 'token_code' => null, 'token_expire' => null), 'where' => array('email = :email', array('email' => $_SESSION['post']['user']['key']))), array('id' => intval($_SESSION['post']['user']['id']), 'update' => $_SESSION['update']['user']));
if (!$resource) {
    error('データを編集できません。');
}
// トランザクションを終了
db_commit();
// 投稿セッションを初期化
unset($_SESSION['post']);
unset($_SESSION['update']);
unset($_SESSION['expect']);
// リダイレクト
redirect('/password/complete');
Esempio n. 12
0
<?php

import('libs/plugins/hash.php');
// フォワードを確認
if (forward() === null) {
    error('不正なアクセスです。');
}
// 投稿データを確認
if (empty($_SESSION['post'])) {
    // リダイレクト
    redirect('/user/twostep');
}
// トランザクションを開始
db_transaction();
// ユーザを編集
$resource = update_users(array('set' => array('twostep' => $_SESSION['post']['user']['twostep'], 'twostep_email' => $_SESSION['post']['user']['twostep_email']), 'where' => array('id = :id', array('id' => $_SESSION['auth']['user']['id']))), array('id' => intval($_SESSION['auth']['user']['id']), 'update' => $_SESSION['update']['user']));
if (!$resource) {
    error('データを編集できません。');
}
// トランザクションを終了
db_commit();
// 投稿セッションを初期化
unset($_SESSION['post']);
unset($_SESSION['update']);
// リダイレクト
redirect('/user/twostep_complete');
Esempio n. 13
0
function vm_edit_users_check()
{
    $IDs = array();
    $Delete_IDs = array();
    $dirty_IDs = array();
    // Get all IDs from Form
    foreach ($_POST as $index => $value) {
        if (startsWith($index, "ID_")) {
            $IDs[] = str_replace("ID_", "", $index);
        } elseif (startsWith($index, "Delete_")) {
            $Delete_IDs[] = str_replace("Delete_", "", $index);
        }
    }
    // Now check for dirty elements
    foreach ($IDs as $id) {
        if ($_POST['username_' . $id] != $_POST['username_new_' . $id] || $_POST['debt_' . $id] != $_POST['debt_new_' . $id] || $_POST['state_' . $id] != $_POST['state_new_' . $id] || $_POST['comment_' . $id] != $_POST['comment_new_' . $id]) {
            // This is a dirty ID
            $dirty_IDs[] = $id;
        }
    }
    $edited_users = array();
    // create User Objects for edited users
    foreach ($dirty_IDs as $id) {
        $user = new User();
        $user->comment = $_POST['comment_new_' . $id];
        $user->username = $_POST['username_new_' . $id];
        $user->debt = floatval(str_replace(",", ".", $_POST['debt_new_' . $id]));
        $user->state = $_POST['state_new_' . $id];
        $user->iD = $id;
        $edited_users[] = $user;
    }
    if (count($edited_users) > 0) {
        $response = update_users($edited_users);
    }
    if (count($Delete_IDs) > 0) {
        $response2 = delete_users($Delete_IDs);
    }
    $resp;
    if (isset($response) && !isset($response2)) {
        $resp = $response;
    } elseif (isset($response2) && !isset($response)) {
        $resp = $response2;
    } elseif (isset($response2) && isset($response)) {
        $resp = $response;
        $resp->status &= $response2->status;
        $resp->errorDescription = $resp->errorDescription . " " . $response2->errorDescription;
    } else {
        return "";
    }
    return $resp;
}
Esempio n. 14
0
 } else {
     $warnings = array();
 }
 // 入力データを検証&登録
 if (isset($_POST['_type']) && $_POST['_type'] === 'json') {
     if (empty($warnings)) {
         ok();
     } else {
         warning($warnings);
     }
 } else {
     if (empty($warnings)) {
         // トランザクションを開始
         db_transaction();
         // パスワード再発行用URLを通知
         $resource = update_users(array('set' => array('token' => rand_string(), 'token_code' => rand_number(1000, 9999), 'token_expire' => localdate('Y-m-d H:i:s', time() + 60 * 60 * 24)), 'where' => array('email = :email', array('email' => $_POST['email']))));
         if (!$resource) {
             error('指定されたメールアドレスが見つかりません。');
         }
         $users = select_users(array('where' => array('email = :email', array('email' => $_POST['email']))));
         // メール送信内容を作成
         $_view['url'] = $GLOBALS['config']['http_url'] . MAIN_FILE . '/password/form?key=' . rawurlencode($users[0]['email']) . '&token=' . $users[0]['token'];
         $_SESSION['expect']['token_code'] = $users[0]['token_code'];
         $to = $users[0]['email'];
         $subject = $GLOBALS['config']['mail_subjects']['password/send'];
         $message = view('mail/password/send.php', true);
         $headers = $GLOBALS['config']['mail_headers'];
         // メールを送信
         if (service_mail_send($to, $subject, $message, $headers) === false) {
             error('メールを送信できません。');
         }