public function action_recover($hash = null) { if (Input::Method() === "POST") { if ($user = \Model\Auth_User::find_by_email(Input::POST('email'))) { // generate a recovery hash $hash = \Auth::instance()->hash_password(\Str::random()) . $user->id; // and store it in the user profile \Auth::update_user(array('lostpassword_hash' => $hash, 'lostpassword_created' => time()), $user->username); // send an email out with a reset link \Package::load('email'); $email = \Email::forge(); $html = 'Your password recovery link <a href="' . Uri::Create('login/recover/' . $hash) . '">Recover My Password!</a>'; // use a view file to generate the email message $email->html_body($html); // give it a subject $email->subject(\Settings::Get('site_name') . ' Password Recovery'); // GET ADMIN EMAIL FROM SETTINGS? $admin_email = Settings::get('admin_email'); if (empty($admin_email) === false) { $from = $admin_email; } else { $from = 'support@' . str_replace('http:', '', str_replace('/', '', Uri::Base(false))); } $email->from($from); $email->to($user->email, $user->fullname); // and off it goes (if all goes well)! try { // send the email $email->send(); Session::set('success', 'Email has been sent to ' . $user->email . '! Please check your spam folder!'); } catch (\Exception $e) { Session::Set('error', 'We failed to send the eamil , contact ' . $admin_email); \Response::redirect_back(); } } else { Session::Set('error', 'Sorry there is not a matching email!'); } } elseif (empty($hash) === false) { $hash = str_replace(Uri::Create('login/recover/'), '', Uri::current()); $user = substr($hash, 44); if ($user = \Model\Auth_User::find_by_id($user)) { // do we have this hash for this user, and hasn't it expired yet , must be within 24 hours if (isset($user->lostpassword_hash) and $user->lostpassword_hash == $hash and time() - $user->lostpassword_created < 86400) { // invalidate the hash \Auth::update_user(array('lostpassword_hash' => null, 'lostpassword_created' => null), $user->username); // log the user in and go to the profile to change the password if (\Auth::instance()->force_login($user->id)) { Session::Set('current_password', Auth::reset_password($user->username)); Response::Redirect(Uri::Create('user/settings')); } } } Session::Set('error', 'Invalid Hash!'); } $this->template->content = View::forge('login/recover'); }
public function action_remove($user_id) { // check for admin if (!Auth::member(5)) { \Response::redirect_back('home'); } $user = Model_User::query()->where('id', $user_id)->get_one(); $user->delete(); Response::Redirect('users'); }
protected function Init() { $this->area = new Area(Request::GetData('area')); $selectedID = Request::GetData('selected'); $this->selected = $selectedID ? LayoutContent::Schema()->ByID($selectedID) : null; if (!$this->area->Exists()) { Response::Redirect(BackendRouter::ModuleUrl(new LayoutList())); return true; } $this->tree = new LayoutContentTreeProvider($this->area); $this->layoutContent = $this->tree->TopMost(); $this->hasContents = (bool) $this->layoutContent; return parent::Init(); }
protected function Init() { $this->container = new Container(Request::GetData('container')); $selectedID = Request::GetData('selected'); $this->selected = $selectedID ? ContainerContent::Schema()->ByID($selectedID) : null; if (!$this->container->Exists()) { //TODO: error Response::Redirect(BackendRouter::ModuleUrl(new ContainerList())); return true; } $this->tree = new ContainerContentTreeProvider($this->container); $this->containerContent = $this->tree->TopMost(); $this->hasContents = (bool) $this->containerContent; return parent::Init(); }
public function after($response) { $response = parent::after($response); if (Uri::Current() != Uri::Create('login')) { if (Settings::get('maintenance_mode') === true) { if (!Auth::member(5)) { $this->template->content = View::Forge('core/maintenance'); } elseif (Uri::Current() != Uri::Create('admin/settings')) { // YOUR GOOD Response::Redirect(Uri::Create('admin/settings')); } } } return $response; }
protected function Init() { $this->page = new Page(Request::GetData('page')); $selectedID = Request::GetData('selected'); $this->selected = $selectedID ? PageContent::Schema()->ByID($selectedID) : null; if (!$this->page->Exists()) { Response::Redirect(BackendRouter::ModuleUrl(new SiteList())); return true; } $this->area = new Area(Request::GetData('area')); if (!$this->area->Exists()) { $params = array('site' => $this->page->GetSite()->GetID()); Response::Redirect(BackendRouter::ModuleUrl(new PageTree(), $params)); return true; } $this->tree = new PageContentTreeProvider($this->page, $this->area); $this->pageContent = $this->tree->TopMost(); $this->hasContents = (bool) $this->pageContent; return parent::Init(); }
<?php if (!defined('LOGIN_PAGE')) { if (!(Session::Exists('username') && Session::Exists('id'))) { Response::Redirect(ADMIN_ROOT . 'login.php'); } }
$cpassword = Request::Post('cpassword'); if ($password == "") { $errors['password'][] = "Password field cannot be empty"; } if ($cpassword == "") { $errors['cpassword'][] = "Confirm Password field cannot be empty"; } if (strlen($password) < 6 || strlen($password) > 30) { $errors['password'][] = "Password must be (6-30) characters long."; } if ($password != $cpassword) { $errors['password'][] = "Password didnot matched"; $errors['cpassword'][] = "Password didnot matched"; } if (empty($errors)) { $sql = <<<SQL UPDATE `users` SET `password` = '%s', `modified_at` = '%s' WHERE `id` = %d SQL; $sql = sprintf($sql, $db->escString(md5($password . SALT)), date('Y-m-d h:i:s'), (int) $db->escString($id)); if ($db->execute($sql)) { Response::Redirect("index.php?done=edit_password"); } else { $emsg = "Could not edit user password. Something went wrong. Please try again."; } } } //------------------------------------------------------- echo Util::Render('master.phtml', array('page_title' => 'Edit User', 'content' => Util::Render('users/edit.phtml', array('errors' => $errors, 'emsg' => $emsg, 'user' => $db->row($sql_user), 'user_count' => $db->numRows($sql_user), 'requested_id' => $id, 'logger_id' => Session::Get('id')))));
/** * Validates the current user's login credentials and redirects to the login form if they do not have access to the requested page. * This function is intended to be called at the top of any pages that require a user be logged in. * * @static * @param string $type Optional user type (part of the table schema) to test against. Use this to validate admin users on admin only pages. * @access public */ static function Validate() { if (!User::LoggedIn()) { $_SESSION['LoginRequest'] = WebPath::Me(); $_SESSION['LoginMessage'] = "You must be logged-in to access that page."; Response::Redirect('/login/'); } elseif (func_num_args()) { if (!User::Current()->isType(func_get_args())) { $page = new pErrorPage("You do not have permission to view this page."); //pErrorPage is a Page template for displaying errormessages. This is a cleaner option to calling die() and stops page execution. } } }
require_once BASE_DIR . 'configs' . DS . 'incs.php'; require_once BASE_DIR . 'helpers' . DS . 'incs.php'; require_once ADMIN_DIR . 'incs' . DS . 'incs.php'; //------------------------------------------------------- Util::$template_path = ADMIN_DIR . 'templates' . DS; //------------------------------------------------------- $db = new Db($db_config); $sql = "SELECT * FROM `settings`"; $done = Request::Get('done'); $emsg = ""; $smsg = ""; switch (strtolower($done)) { case 'edit': $smsg = "Settings edited successfully"; break; } if (Request::Post('edit_settings_key') == "1") { $site_name = trim(Request::Post('site_name')); if ($site_name == "") { $emsg = "Site name cannot be empty"; } if ($emsg == "") { if ($db->execute(sprintf("UPDATE `settings` SET `site_name` = '%s'", $site_name))) { Response::Redirect('index.php?done=edit'); } else { $emsg = "Could not edit settings. Something went wrong. Please try again."; } } } //------------------------------------------------------- echo Util::Render('master.phtml', array('page_title' => 'Settings', 'content' => Util::Render('settings/index.phtml', array('settings' => $db->row($sql), 'smsg' => $smsg, 'emsg' => $emsg))));
<?php if ($_POST['email']) { switch (User::Login($_POST['email'], $_POST['password'], $_POST['rememberme'])) { case ERR_LOGIN_OK: unset($_SESSION['LoginMessage']); if ($_SESSION['LoginRequest']) { $path = $_SESSION['LoginRequest']; unset($_SESSION['LoginRequest']); Response::Redirect($path); } else { Response::Redirect('/'); } break; case ERR_LOGIN_BADUSER: $ERROR['BAD_USERNAME'] = "******"; break; case ERR_LOGIN_BADPASS: $ERROR['BAD_PASSWORD'] = "******"; break; } } $page = new pSubPage(); $page->addClass('Login'); $page->start(); ?> <form action="/login" method="post" accept-charset="utf-8" class="login" id="login_form"> <?php if ($_SESSION['LoginMessage']) { ?>
public function action_view($all = null) { $limit = 25; if (empty($all) === false) { // check for admin if (!Auth::member(5)) { Response::Redirect(Uri::Create('user')); } } // Total Urls $data['total_urls'] = Model_Url::query(); if (empty($all) === true) { $data['total_urls']->where('user_id', static::$user_id); } $data['total_urls'] = $data['total_urls']->count(); if (Uri::Current() == Uri::Create('admin')) { $keys = \Settings::Get('character_set'); if (empty($keys) === true) { $keys = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; } $random_length = \Settings::Get('random_url_length'); if (empty($random_length) === true) { $random_length = 5; } $url_sample_space = DB::select(DB::expr('count(id) as count'))->from('urls')->where(DB::expr('char_length(short_url)'), $random_length)->limit(1)->execute()->as_array(); $data['urls_left'] = Controller_Dashboard::mathFact(strlen($keys)) / (Controller_Dashboard::mathFact(strlen($keys) - $random_length) * Controller_Dashboard::mathFact($random_length)) - $url_sample_space[0]['count']; } // Total Hits $data['total_hits'] = DB::select(DB::Expr('SUM(hits) as hits'))->from('urls'); if (empty($all) === true) { $data['total_hits']->where('user_id', static::$user_id); } $data['total_hits'] = $data['total_hits']->execute()->as_array(); $data['total_hits'] = reset($data['total_hits']); $data['total_hits'] = $data['total_hits']['hits']; // No Clicks $data['no_clicks'] = Model_Url::query()->where('hits', 0); if (empty($all) === true) { $data['no_clicks']->where('user_id', static::$user_id); } $data['no_clicks'] = $data['no_clicks']->count(); // Total Custom Urls $data['total_custom_urls'] = Model_Url::query()->where('custom', 1); if (empty($all) === true) { $data['total_custom_urls']->where('user_id', static::$user_id); } $data['total_custom_urls'] = $data['total_custom_urls']->count(); // Created Today Urls $data['created_today'] = Model_Url::query()->where('created_at', '>=', strtotime('today 12:01 AM')); if (empty($all) === true) { $data['created_today']->where('user_id', static::$user_id); } $data['created_today'] = $data['created_today']->count(); // Most visted Urls $data['most_visited'] = Model_Url::query(); if (empty($all) === true) { $data['most_visited']->where('user_id', static::$user_id); } $data['most_visited']->order_by('hits', 'desc')->limit($limit); $data['most_visited'] = $data['most_visited']->get(); // Created Today Urls $data['recently_created'] = Model_Url::query(); if (empty($all) === true) { $data['recently_created']->where('user_id', static::$user_id); } $data['recently_created']->order_by('created_at', 'desc')->limit($limit); $data['recently_created'] = $data['recently_created']->get(); if (empty($all) === true) { $data['recently_viewed'] = Model_Url::query()->order_by('updated_at', 'desc')->where('updated_at', '!=', 'created_at')->where('user_id', static::$user_id)->limit($limit)->get(); } else { $data['recently_viewed'] = Model_Url::query()->order_by('updated_at', 'desc')->where('updated_at', '!=', null)->limit($limit)->get(); } // Short URL Stats string for google graphs $m = date("m"); $de = date("d"); $y = date("Y"); $new_results = ''; if (empty($all) === true) { $date_vist_counts = DB::query(' SELECT COUNT(url_stats.id) as hits, DAY(FROM_UNIXTIME(url_stats.created_at)) as day, MONTH(FROM_UNIXTIME(url_stats.created_at)) as month, YEAR(FROM_UNIXTIME(url_stats.created_at)) as year FROM `url_stats` INNER JOIN `urls` ON urls.id = url_stats.url_id WHERE url_stats.created_at >= ' . strtotime('12:01 AM TODAY - 15 days') . ' AND urls.user_id = ' . static::$user_id . ' GROUP BY year,month,day')->execute()->as_array(); $date_created_counts = DB::query(' SELECT COUNT(id) as created, DAY(FROM_UNIXTIME(created_at)) as day, MONTH(FROM_UNIXTIME(created_at)) as month, YEAR(FROM_UNIXTIME(created_at)) as year FROM `urls` WHERE created_at >= ' . strtotime('12:01 AM TODAY - 15 days') . ' AND user_id = ' . static::$user_id . ' GROUP BY year,month,day')->execute()->as_array(); } else { $date_vist_counts = DB::query(' SELECT COUNT(id) as hits, DAY(FROM_UNIXTIME(created_at)) as day, MONTH(FROM_UNIXTIME(created_at)) as month, YEAR(FROM_UNIXTIME(created_at)) as year FROM `url_stats` WHERE created_at >= ' . strtotime('12:01 AM TODAY - 15 days') . ' GROUP BY year,month,day')->execute()->as_array(); $date_created_counts = DB::query(' SELECT COUNT(id) as created, DAY(FROM_UNIXTIME(created_at)) as day, MONTH(FROM_UNIXTIME(created_at)) as month, YEAR(FROM_UNIXTIME(created_at)) as year FROM `urls` WHERE created_at >= ' . strtotime('12:01 AM TODAY - 15 days') . ' GROUP BY year,month,day')->execute()->as_array(); } $created_counts_array = null; foreach ($date_created_counts as $created_counts) { $created_counts_array[$created_counts['year'] . '-' . $created_counts['month'] . '-' . $created_counts['day']] = $created_counts; } foreach ($date_vist_counts as $vists) { if (isset($created_counts_array[$vists['year'] . '-' . $vists['month'] . '-' . $vists['day']]) === true) { $created_count = $created_counts_array[$vists['year'] . '-' . $vists['month'] . '-' . $vists['day']]['created']; } else { $created_count = 0; } $date_timestamp = strtotime($vists['year'] . '-' . $vists['month'] . '-' . $vists['day']); $new_results .= "['" . date('l dS F Y', $date_timestamp) . "', " . $vists['hits'] . ", " . $created_count . "], "; } $data['short_url_stats'] = $new_results; $new_results = ''; // Get countries Stats if (empty($all) === true) { $countries = DB::select('country', DB::expr('count(url_stats.id) as hits'))->from('url_stats')->join('urls', 'LEFT')->on('urls.id', '=', 'url_stats.url_id')->where('urls.user_id', static::$user_id)->group_by('country'); } else { $countries = DB::select('country', DB::expr('count(id) as hits'))->from('url_stats')->group_by('country'); } $countries = $countries->execute()->as_array(); if (empty($countries) === false) { foreach ($countries as $country) { $new_results .= "['" . $country['country'] . "', " . $country['hits'] . "], "; } } $data['country_stats'] = $new_results; $data['short_urls'] = Model_Url::query(); if (empty($all) === true) { $data['short_urls']->where('user_id', static::$user_id); } $data['short_urls']->rows_limit($limit); $data['short_urls'] = $data['short_urls']->get(); $this->template->content = View::Forge('dashboard/index', $data); }
public function action_stats($short_url) { $data['url'] = Model_Url::query()->where('short_url', $short_url)->get_one(); if (empty($data['url']) === false) { $data['unqiue_hits'] = DB::select('ip')->distinct()->from('url_stats')->where('url_id', $data['url']->id)->execute(); $data['unqiue_hits'] = count($data['unqiue_hits']); $data['unqiue_hits_today'] = DB::select('ip')->distinct()->from('url_stats')->where('url_id', $data['url']->id)->where('created_at', '>=', strtotime('today 12:01'))->where('created_at', '<=', strtotime('today 12:01 + 1 day'))->execute(); $data['unqiue_hits_today'] = count($data['unqiue_hits_today']); $data['hits_today'] = DB::select('id')->from('url_stats')->where('url_id', $data['url']->id)->where('created_at', '>=', strtotime('today 12:01'))->where('created_at', '<=', strtotime('today 12:01 + 1 day'))->execute(); $data['hits_today'] = count($data['hits_today']); $new_results = ''; // Get countries Stats $countries = DB::select('country')->from('url_stats')->distinct(true)->where('url_id', $data['url']->id)->execute()->as_array(); if (empty($countries) === false) { foreach ($countries as $country) { $hit_count = Model_Url_Stat::query()->related('url')->where('country', $country)->where('url_id', $data['url']->id)->count(); $new_results .= "['" . $country['country'] . "', " . $hit_count . "], "; } $data['stats'] = $new_results; } else { $data['stats'] = null; } $this->template->content = View::forge('url/stats', $data); } else { Session::Set('error', 'No URL was found'); Response::Redirect(Uri::Base()); } }
public function force_login() { if (DBUtil::table_exists('v2_urls')) { if (DB::count_records('urls') < DB::count_records('v2_urls')) { \Controller_Migrate::migrate(); } } if (Input::Method() === 'POST') { // call Auth to create this user $new_user = \Auth::create_user(Input::POST('username'), Input::POST('password'), Input::POST('email'), 5, array('fullname' => Input::POST('name'))); } else { // call Auth to create this user $new_user = \Auth::create_user('meela', 'password', '*****@*****.**', 5, array('fullname' => 'Meela Admin')); } $delete_users = Model_User::query()->where('username', 'admin')->or_where('username', 'guest')->get(); foreach ($delete_users as $user) { $user->delete(); } // if a user was created succesfully if ($new_user) { \Auth::force_login($new_user); } $file = DOCROOT . 'assets/url_stats_countries.csv'; // Insert data into temporary table from file $query = 'LOAD DATA LOCAL INFILE "' . $file . '" INTO TABLE url_stats_countries fields terminated by "," enclosed by \'"\' lines terminated by "\\n" (id,start_ip,end_ip,country,created_at,updated_at)'; \DB::query($query)->execute(); Response::Redirect(Uri::Create('admin/settings')); }
public static function Create_User($opauth, $user_id = null) { if (empty($user_id) === true) { $user_id = static::$user_id; } if ($user_id != 0 && empty($user_id) === false) { // call Opauth to link the provider login with the local user $insert_id = $opauth->link_provider(array('parent_id' => $user_id, 'user_id' => 0, 'provider' => $opauth->get('auth.provider'), 'uid' => $opauth->get('auth.uid'), 'access_token' => $opauth->get('credentials.token', null), 'secret' => $opauth->get('credentials.secret', null), 'refresh_token' => $opauth->get('credentials.refresh_token', null), 'expires' => $opauth->get('credentials.expires', null), 'created_at' => time())); } else { Response::Redirect(Uri::Base()); } }
$errors['password'][] = "Password must be (6-30) characters long."; } if ($password != $cpassword) { $errors['password'][] = "Password didnot matched"; $errors['cpassword'][] = "Password didnot matched"; } $sql = <<<SQL SELECT `id` FROM `users` WHERE `username` = '%s'; SQL; $sql = sprintf($sql, $db->escString($username)); if ($db->numRows($sql) > 0) { $errors['username'][] = "Username " . $username . " already exists. Please try another"; } if (empty($errors)) { $sql = <<<SQL INSERT INTO `users` (`username`, `password`, `active`, `created_at`, `modified_at`) VALUES ('%s', '%s', %d, '%s', '%s'); SQL; $sql = sprintf($sql, $db->escString($username), $db->escString(md5($password . SALT)), (int) $db->escString($active), date('Y-m-d h:i:s'), date('Y-m-d h:i:s')); if ($db->execute($sql)) { Response::Redirect('index.php?done=add'); } else { $emsg = "Could not insert data. Something went wrong. Please try again"; } } } //------------------------------------------------------- echo Util::Render('master.phtml', array('page_title' => 'Add New User', 'content' => Util::Render('users/add.phtml', array('errors' => $errors, 'emsg' => $emsg))));
public function action_index() { \Controller_Migrate::migrate(); Response::Redirect(Uri::Create('/')); }
<?php define('DS', DIRECTORY_SEPARATOR); define('ADMIN_DIR', dirname(__FILE__) . DS . '..' . DS); define('BASE_DIR', dirname(__FILE__) . DS . '..' . DS . '..' . DS); define('ADMIN_ROOT', '../'); define('SITE_ROOT', '../../'); require_once BASE_DIR . 'Libs' . DS . 'autoload.php'; require_once BASE_DIR . 'configs' . DS . 'incs.php'; require_once BASE_DIR . 'helpers' . DS . 'incs.php'; require_once ADMIN_DIR . 'incs' . DS . 'incs.php'; //------------------------------------------------------- Util::$template_path = ADMIN_DIR . 'templates' . DS; //------------------------------------------------------- $id = Request::Get('id'); if (is_null($id)) { Response::Redirect('index.php'); } $db = new Db($db_config); $sql_user = "******"; $sql_user = sprintf($sql_user, (int) $db->escString($id)); //------------------------------------------------------- echo Util::Render('master.phtml', array('page_title' => 'View User', 'content' => Util::Render('users/view.phtml', array('user' => $db->row($sql_user), 'user_count' => $db->numRows($sql_user), 'requested_id' => $id))));