Esempio n. 1
0
function checkLoginFromAdmin($userid_from_zend)
{
    $front = Frontend::getInstance();
    if (isset($userid_from_zend) && $userid_from_zend != "" && $userid_from_zend != -2) {
        //echo "0*".$userid_from_zend."*";
        $user_id = (int) $userid_from_zend;
        if ($user_id == 0) {
            die("Admin session expired");
        }
        if ($front->isUserLoggedIn() && isset($_SESSION["userid"]) && $_SESSION["userid"] != 0 && $_SESSION["userid"] == $user_id) {
            // already logged nothing to do
        } else {
            if ($front->isUserLoggedIn() && isset($_SESSION["userid"]) && $_SESSION["userid"] != 0 && $_SESSION["userid"] != $user_id) {
                die("You are logged in Love application with another userid in this session. Please, logout from Love application!" . $_SESSION["userid"] . "**" . $user_id);
            } else {
                $sql = "SELECT " . USERS . ".*, " . COMPANY . ".name as company_name  " . "FROM " . USERS . ", " . COMPANY . " " . "WHERE " . USERS . ".id = " . mysql_real_escape_string($user_id) . " AND " . USERS . ".company_id = " . COMPANY . ".id";
                $row = doQuery($sql);
                $username = $row->username;
                $nickname = $row->nickname;
                //           $admin = $row->admin;
                $_SESSION["userid"] = $user_id;
                $_SESSION["username"] = $username;
                $_SESSION["nickname"] = $nickname;
                //         $_SESSION["admin"] = $admin;
                $_SESSION['running'] = "true";
                if (!$front->isUserLoggedIn()) {
                    $front = new Frontend();
                    if (!$front->isUserLoggedIn()) {
                        clearSession();
                        die("You are still not logged! Click on another tab, and come back back here it could work");
                    }
                }
                if (!isAdmin($user_id)) {
                    clearSession();
                    die("You should have admin right to get access to this page." . $admin . "**" . USERS);
                }
            }
        }
    }
    if (!$front->isUserLoggedIn()) {
        clearSession();
        $front->getUser()->askUserToAuthenticate();
    }
    if (!isAdmin($_SESSION["userid"])) {
        clearSession();
        die("You should have admin right to get access to this page.");
    }
}
Esempio n. 2
0
if (!$front->isUserLoggedIn()) {
    $pageURL = 'http';
    if ($_SERVER["HTTPS"] == "on") {
        $pageURL .= "s";
    }
    $pageURL .= "://";
    if ($_SERVER["SERVER_PORT"] != "80") {
        $pageURL .= $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"];
    } else {
        $pageURL .= $_SERVER["SERVER_NAME"];
    }
    die;
}
// supports outputting user
if (isset($_GET['user']) && isset($_GET['var'])) {
    echo "{$_GET['var']}.user = '******';\n";
    // support for just returning the username / logged in status for bookmarklet
    if (array_key_exists('userOnly', $_GET)) {
        exit;
    }
}
// supports outputting as variable assignment
if (isset($_GET['var']) && $_GET['var'] != '') {
    echo "{$_GET['var']}.emails = ";
}
// supports getting all records
if (isset($_GET['term']) && $_GET['term'] != '') {
    $q = mysql_real_escape_string(strtolower($_GET['term']));
} else {
    $q = '';
}