/** * Upload a new template file */ public function index_post() { validate_admin(); $this->load->library('form_validation'); $this->form_validation->set_rules('name', 'Name', 'trim|required|xss_clean'); if ($this->form_validation->run() == FALSE) { json_error('There was a problem with your submission: ' . validation_errors(' ', ' ')); } else { $config = array('upload_path' => $this->config->item('template_upload_dir'), 'allowed_types' => $this->config->item('screen_upload_types'), 'max_size' => $this->config->item('max_screen_upload_size'), 'encrypt_name' => true); /* Handle the file upload */ $this->load->library('upload', $config); if ($this->upload->do_upload('file')) { $data = $this->upload->data(); /* Upload to s3 */ $client = S3Client::factory(array('credentials' => array('key' => $this->config->item('s3_access_key_id'), 'secret' => $this->config->item('s3_secret')), 'region' => $this->config->item('s3_region'), 'version' => $this->config->item('s3_version'))); $object = array('Bucket' => $this->config->item('s3_bucket'), 'Key' => $data['file_name'], 'SourceFile' => $data['full_path'], 'ACL' => 'public-read'); $result = $client->putObject($object); if ($result['ObjectURL']) { $insert = array('creator_id' => get_user_id(), 'name' => $this->post('name', TRUE), 'ordering' => $this->Template->get_max_ordering() + 1, 'url' => $data['file_name'], 'file_type' => $data['file_type'], 'file_size' => $data['file_size'], 'image_height' => $data['image_height'], 'image_width' => $data['image_width']); $template = $this->decorate_object($this->Template->load($this->Template->add($insert))); unlink($data['full_path']); /* Handle the download situation */ $this->response($template); } else { log_message('info', '[File Add] putObject Result: ' . print_r($result, TRUE)); return json_error('File Upload to S3 Failed: ', $result); } } else { json_error($this->upload->display_errors()); exit; } } }
<?php require_once "codelibrary/inc/db.php"; require_once "codelibrary/inc/functions.php"; validate_admin(); @extract($_REQUEST); if ($_POST['submitForm'] == "yes") { if (!$id) { $query1 = NULL; $user_id = $_POST['username']; $sql = "select id from tbl_admin where user_id = ? "; $stmt = $conn->prepare($sql); if ($stmt === false) { trigger_error('Wrong SQL: ' . $sql . ' Error: ' . $conn->error, E_USER_ERROR); } $stmt->bind_param('s', $user_id); $stmt->execute(); $stmt->bind_result($id); while ($stmt->fetch()) { $query1 = $id; } if ($query1) { $_SESSION['sess_msg'] = "Username already exist! Please Choose Another One."; } else { if (empty($user_id)) { $_SESSION['sess_msg'] = "Empty Username"; } else { if (empty($password)) { $_SESSION['sess_msg'] = "Empty Password"; } else { $sql = "insert into tbl_admin (id,type,name,email,address,phone,user_id,password,status) values (NULL,?,?,?,?,?,?,?,1)";
<?php session_start(); include "../functions.inc.php"; if (validate_user($_SESSION['helpdesk_user_id'], $_SESSION['code'])) { if (validate_admin($_SESSION['helpdesk_user_id'])) { include "head.inc.php"; include "navbar.inc.php"; ?> <div class="container"> <div class="page-header" style="margin-top: -15px;"> <div class="row"> <div class="col-md-6"> <h3><i class="fa fa-tags"></i> <?php echo lang('SUBJ_title'); ?> </h3></div><div class="col-md-6"> <h4> <div class="input-group"> <input type="text" class="form-control input-sm ui-autocomplete-input" id="subj_text" placeholder="<?php echo lang('SUBJ_name'); ?> " autocomplete="off"> <span class="input-group-btn">
$GLOBALS['phpgw']->db =& $db; $GLOBALS['phpgw']->accounts = CreateObject('phpgwapi.accounts'); $GLOBALS['phpgw']->acl = CreateObject('phpgwapi.acl'); $GLOBALS['phpgw']->crypto->init(array(md5(session_id() . $GLOBALS['phpgw_info']['server']['encryptkey']), $GLOBALS['phpgw_info']['server']['mcrypt_iv'])); /* Posted admin data */ // We need to reverse the entities or the password can be mangled $passwd = html_entity_decode(phpgw::get_var('passwd', 'string', 'POST')); $passwd2 = html_entity_decode(phpgw::get_var('passwd2', 'string', 'POST')); $username = phpgw::get_var('username', 'string', 'POST'); $fname = phpgw::get_var('fname', 'string', 'POST'); $lname = phpgw::get_var('lname', 'string', 'POST'); if ($GLOBALS['phpgw_info']['server']['account_repository'] == 'ldap' && !$GLOBALS['phpgw']->accounts->connected) { echo "<strong>Error: Error connecting to LDAP server {$GLOBALS['phpgw_info']['server']['ldap_host']}</strong><br>"; exit; } $errors = validate_admin($username, $passwd, $passwd2, $fname, $lname); if (in_array($username, array('admins', 'default'))) { $errors[] = lang('That loginid has already been taken'); } if (!count($errors)) { $admin_acct = array('username' => $username, 'firstname' => $fname, 'lastname' => $lname, 'password' => $passwd); // Begin transaction for acl, etc // FIXME: Conflicting transactions - there are transactions in phpgwapi_accounts_::create() and acl::save_repository() //$GLOBALS['phpgw_setup']->db->transaction_begin(); // Now, clear out existing tables $contacts_to_delete = $GLOBALS['phpgw']->accounts->get_account_with_contact(); $GLOBALS['phpgw_setup']->db->query('DELETE FROM phpgw_accounts'); $GLOBALS['phpgw_setup']->db->query('DELETE FROM phpgw_preferences'); $GLOBALS['phpgw_setup']->db->query('DELETE FROM phpgw_acl'); $GLOBALS['phpgw_setup']->db->query('DELETE FROM phpgw_mapping'); $GLOBALS['phpgw_setup']->db->query('DELETE FROM phpgw_group_map');