public function login() { // Redirect to browser if user is already logged in if (System::getUser() != NULL) { System::forwardToRoute(Router::getInstance()->build('BrowserController', 'index')); exit; } $username = Utils::getPOST('username'); $password = Utils::getPost('password'); if (Utils::getPOST('submit', false) != false) { $user = User::find('username', $username); if ($user != NULL && $user->login($password)) { System::forwardToRoute(Router::getInstance()->build('HomeController', 'index')); exit; } else { System::getSession()->setData('errorMsg', System::getLanguage()->_('LogInFailed')); } } $smarty = new Template(); $smarty->assign('title', System::getLanguage()->_('LogIn')); if ($_SERVER['SERVER_NAME'] == 'localhost' && strpos($_SERVER['HTTP_USER_AGENT'], 'Chrome') !== false) { $smarty->assign('showChromeInfo', true); } else { $smarty->assign('showChromeInfo', false); } $smarty->requireResource('auth'); $smarty->display('auth/login.tpl'); }
private function loadFile() { if ($this->file != NULL) { return; } $this->file = File::find('alias', $this->getParam('alias', '')); if ($this->file == NULL) { System::displayError(System::getLanguage()->_('ErrorFileNotFound'), '404 Not Found'); } if (System::getUser() != NULL) { $user_id = System::getUser()->uid; } else { $user_id = -1; } if ($user_id != $this->file->uid) { if ($this->file->permission == FilePermissions::PRIVATE_ACCESS) { System::displayError(System::getLanguage()->_('PermissionDenied'), '403 Forbidden'); exit; } elseif ($this->file->permission == FilePermissions::RESTRICTED_ACCESS) { if (is_array(System::getSession()->getData("authenticatedFiles"))) { if (!in_array($this->file->alias, System::getSession()->getData("authenticatedFiles"))) { System::forwardToRoute(Router::getInstance()->build('AuthController', 'authenticateFile', $this->file)); exit; } } else { System::forwardToRoute(Router::getInstance()->build('AuthController', 'authenticateFile', $this->file)); exit; } } } }
/** * Construct */ public function __construct() { parent::__construct(); $this->JSRMS = new JSRMS(); $this->JSRMS->requireResource('system'); $this->muteExpectedErrors(); $this->setCacheDir(SYSTEM_ROOT . '/classes/smarty/cache/'); $this->setCompileDir(SYSTEM_ROOT . '/classes/smarty/templates_c/'); $this->setTemplateDir(SYSTEM_ROOT . '/view/'); $this->registerObject('Router', Router::getInstance(), array('build'), false); $this->registerObject('L10N', System::getLanguage(), array('_'), false); $this->assign('LoggedIn', System::getUser() != NULL); $this->assign('User', System::getUser()); $this->assign('Navigation', Navigation::$elements); $this->assign('LangStrings', System::getLanguage()->getAllStrings()); // Configuration $this->assign('HTTP_BASEDIR', System::getBaseURL()); $this->assign('MOD_REWRITE', MOD_REWRITE); $this->assign('MAX_UPLOAD_SIZE', Utils::maxUploadSize()); if (System::getSession()->getData('successMsg', '') != '') { $this->assign('successMsg', System::getSession()->getData('successMsg', '')); System::getSession()->setData('successMsg', ''); } if (System::getSession()->getData('errorMsg', '') != '') { $this->assign('errorMsg', System::getSession()->getData('errorMsg', '')); System::getSession()->setData('errorMsg', ''); } if (System::getSession()->getData('infoMsg', '') != '') { $this->assign('infoMsg', System::getSession()->getData('infoMsg', '')); System::getSession()->setData('infoMsg', ''); } }
public function index() { $user = System::getUser(); $form = new Form('form-profile'); $form->setAttribute('data-noajax', 'true'); $form->binding = $user; $fieldset = new Fieldset(System::getLanguage()->_('General')); $firstname = new Text('firstname', System::getLanguage()->_('Firstname')); $firstname->binding = new Databinding('firstname'); $lastname = new Text('lastname', System::getLanguage()->_('Lastname')); $lastname->binding = new Databinding('lastname'); $email = new Text('email', System::getLanguage()->_('EMail'), true); $email->binding = new Databinding('email'); $email->blacklist = $this->getListOfMailAdresses($user); $email->error_msg[4] = System::getLanguage()->_('ErrorMailAdressAlreadyExists'); $language = new Radiobox('lang', System::getLanguage()->_('Language'), L10N::getLanguages()); $language->binding = new Databinding('lang'); $fieldset->addElements($firstname, $lastname, $email, $language); $form->addElements($fieldset); $fieldset = new Fieldset(System::getLanguage()->_('Password')); $password = new Password('password', System::getLanguage()->_('Password')); $password->minlength = PASSWORD_MIN_LENGTH; $password->binding = new Databinding('password'); $password2 = new Password('password2', System::getLanguage()->_('ReenterPassword')); $fieldset->addElements($password, $password2); $form->addElements($fieldset); $fieldset = new Fieldset(System::getLanguage()->_('Settings')); $quota = new Text('quota', System::getLanguage()->_('Quota')); if ($user->quota > 0) { $quota->value = System::getLanguage()->_('QuotaAvailabe', Utils::formatBytes($user->getFreeSpace()), Utils::formatBytes($user->quota)); } else { $quota->value = System::getLanguage()->_('Unlimited'); } $quota->readonly = true; $fieldset->addElements($quota); $form->addElements($fieldset); if (Utils::getPOST('submit', false) !== false) { if (!empty($password->value) && $password->value != $password2->value) { $password2->error = System::getLanguage()->_('ErrorInvalidPasswords'); } else { if ($form->validate()) { $form->save(); System::getUser()->save(); System::getSession()->setData('successMsg', System::getLanguage()->_('ProfileUpdated')); System::forwardToRoute(Router::getInstance()->build('ProfileController', 'index')); exit; } } } else { $form->fill(); } $form->setSubmit(new Button(System::getLanguage()->_('Save'), 'floppy-disk')); $smarty = new Template(); $smarty->assign('title', System::getLanguage()->_('MyProfile')); $smarty->assign('heading', System::getLanguage()->_('MyProfile')); $smarty->assign('form', $form->__toString()); $smarty->display('form.tpl'); }
/** * Initialises the system * @static */ public static function init() { self::redirectHTTPS(); Router::getInstance()->init(HOST_PATH, MOD_REWRITE); self::$database = new Database('mysql:dbname=' . DATABASE_NAME . ';host=' . DATABASE_HOST, DATABASE_USER, DATABASE_PASS); self::$session = new Session(); self::$user = System::getSession()->getUID() != NULL ? User::find('_id', System::getSession()->getUID()) : NULL; self::$language = new L10N(System::getUser() != NULL ? System::getUser()->lang : LANGUAGE); self::buildNavigation(); }
/** * Checks if user is an admin * if not - HTTP 403 is shown */ public final function checkIfAdmin() { if (System::getUser() == NULL || !System::getUser()->isAdmin) { System::displayError(System::getLanguage()->_('PermissionDenied'), '403 Forbidden'); } }
public static function find($column = '*', $value = NULL, array $options = array()) { if ($column == '_id' && $value === NULL) { return new Folder(); } $query = 'SELECT * FROM folders'; $params = array(':uid' => System::getUser()->uid); if ($column != '*' && strlen($column) > 0) { if ($value == NULL) { $query .= ' WHERE ' . Database::makeTableOrColumnName($column) . ' IS NULL AND user_ID = :uid'; } else { $query .= ' WHERE ' . Database::makeTableOrColumnName($column) . ' = :value AND user_ID = :uid'; $params[':value'] = $value; } } else { $query .= ' WHERE user_ID = :uid'; } if (isset($options['orderby']) && isset($options['sort'])) { $query .= ' ORDER BY ' . Database::makeTableOrColumnName($options['orderby']) . ' ' . strtoupper($options['sort']); } if (isset($options['limit'])) { $query .= ' LIMIT ' . $options['limit']; } $sql = System::getDatabase()->prepare($query); $sql->execute($params); if ($sql->rowCount() == 0) { return NULL; } else { if ($sql->rowCount() == 1) { $folder = new Folder(); $folder->assign($sql->fetch()); return $folder; } else { $list = array(); while ($row = $sql->fetch()) { $folder = new Folder(); $folder->assign($row); $list[] = $folder; } return $list; } } }
public function delete() { $user = User::find('_id', $this->getParam('uid', 0)); if ($user == NULL) { System::displayError(System::getLanguage()->_('ErrorUserNotFound'), '404 Not Found'); } else { if ($user->uid == System::getUser()->uid) { System::displayError(System::getLanguage()->_('ErrorCannotDeleteYourself'), '403 Forbidden'); } } $form = new Form('form-user', Router::getInstance()->build('UsersController', 'delete', $user)); $fieldset = new Fieldset(System::getLanguage()->_('Confirm')); $checkbox = new Checkbox('confirm', System::getLanguage()->_('ConfirmDeleteUser'), true); $p = new Paragraph(System::getLanguage()->_('ConfirmDeleteUserInfo')); $fieldset->addElements($checkbox, $p); $form->addElements($fieldset); $form->setSubmit(new Button(System::getLanguage()->_('Confirm'), 'icon icon-delete')); $form->addButton(new Button(System::getLanguage()->_('Cancel'), 'icon icon-cancel', Router::getInstance()->build('UsersController', 'index'))); if (Utils::getPOST('submit', false) !== false) { if ($form->validate()) { $user->delete(); System::forwardToRoute(Router::getInstance()->build('UsersController', 'index')); exit; } } $smarty = new Template(); $smarty->assign('title', System::getLanguage()->_('DeleteUser')); $smarty->assign('heading', System::getLanguage()->_('DeleteUser')); $smarty->assign('form', $form); $smarty->display('form.tpl'); }
public function quota() { $response = new AjaxResponse(); $response->success = true; $response->data = new Object(); $response->data->quota = System::getUser()->quota; $response->data->available = System::getUser()->getFreeSpace(); $response->send(); }