/** * sets the proper elements from $data into the fields on this instance of the model * *@access public *@param array $data the array of data to set *@param bool $insert Is this an insert or an update? *@param string $auth_mod The authmod this person should be updated for. */ public function set_data($data, $insert = 0, $auth_mod = NULL) { if ($auth_mod == NULL) { $auth_mod = self::$config->auth_class; } if ($insert === TRUE) { return $this->insert($data); } else { $where_tmp = new WhereClause('uid', $data['id']); $this->where_clause($where_tmp); API::DEBUG("[Prefs::set_data()] data is " . print_r($data, true), 8); $this->update($data); API::Message("User Authentication Information Saved!"); if (isset($do_redirect)) { API::Redirect($do_redirect); } return NULL; } }
public function logoutAction() { session_destroy(); API::Redirect("/"); }
/** * sets the proper elements from $data into the fields on this instance of the model * *@access public *@param array $data the array of data to set *@param bool $insert Is this an insert or an update? *@param string $auth_mod The authmod this person should be updated for. */ public function set_data($data, $insert = 0, $auth_mod = NULL) { if ($auth_mod == NULL) { $auth_mod = self::$config->auth_class; } if (isset($data['set_perms'])) { if (!self::$CertisInst->Perms->checkPerm($this->authed_user, 'perms_admin')) { error_log("[Prefs::check_input()] Security Violation (perms_admin) ERR_SEC. "); // effectively log off the user $_SESSION['authed_user'] = NULL; $this->authed_user = NULL; // set display messages to the user. $_SESSION['errors'] = $errors; // redirect them to the home page. API::Redirect("/"); } $perms = 0; if (isset($data['perms'])) { foreach ($data['perms'] as $perm) { if ($perm == -1) { $perms = -1; continue; } $perms = $perms | 1 << $perm; } } $data['perms'] = $perms; unset($data['set_perms']); $do_redirect = API::printUrl("perms", "display", NULL, "uid=" . $data['uid']); } if ($insert === TRUE) { return $this->insert($data); } else { $where_tmp = new WhereClause('uid', $data['uid']); $where_tmp->w_and('auth_mod', $auth_mod); $this->where_clause($where_tmp); API::DEBUG("[Prefs::set_data()] data is " . print_r($data, true), 8); $this->update($data); API::Message("User Information Saved!"); if (isset($do_redirect)) { API::Redirect($do_redirect); } return NULL; } }
/** * default action processing new requests passed in from the display action. Does * not use a template. Uses the 'set_data' function on the model object of the implementing * class to do data verification. * * @return none */ public function newAction() { # process the new entry form. # check the post data and filter it. if (isset($_POST['cancel'])) { API::Redirect(API::printUrl($this->_redirect)); } $input_check = $this->_model->check_input($_POST); if (is_array($input_check)) { API::Error($input_check); // redirect to index and displayed an error there. API::redirect(API::printUrl($this->_redirect)); } // all hooks will stack their errors onto the API::Error stack // but WILL NOT redirect. API::callHooks(self::$module, 'validate', 'controller', $_POST); if (API::hasErrors()) { API::redirect(API::printUrl($this->_redirect)); } // set the id into the post var for any hooks. $_POST['id'] = $this->_model->set_data($_POST, TRUE); // auto call the hooks for this module/action API::callHooks(self::$module, 'save', 'controller', $_POST); if (isset($this->params['redir'])) { API::Redirect($this->params['redir']); } API::redirect(API::printUrl($this->_redirect)); }
$CertisInst->action = 'error'; API::Error('FATAL ERROR: Unable to find Authentication Class'); } } API::DEBUG("[__SYSTEM__] index.php: authentication check done."); $controller = null; if (!empty($CertisInst->module)) { if (preg_match("/\\.\\./", $CertisInst->module)) { error_log("[index.php] FATAL ERROR! SOMEONE TRIED TO ESCAPE! " . $CertisInst->module); print "UNAUTHORIZED!!!!!!"; exit(1); } // first check to see if the module exists. if (!file_exists(_SYSTEM_ . "/modules/" . $CertisInst->module)) { error_log("[index.php] Unable to find requested module: " . $CertisInst->module); API::Redirect("/"); } // use this module's controller // to create a new instance of it's controller to work with for // this request. $classname = ucfirst($CertisInst->module) . "Controller"; } else { // if no module is specified, pull in the main system controller and // set it to be the new intantiated class $classname = "MainController"; if ($CertisInst->action == 'error') { // unset the leftNav var so no nav links are displayed unset($GLOBALS['leftNav']); } } // now we know what controller to bring in.