Esempio n. 1
0
 function checkPermision()
 {
     $user = $_SESSION["ExtDeskSession"]["username"];
     $id = $_SESSION["ExtDeskSession"]["id"];
     $module = null;
     $option = null;
     $action = null;
     if (isset($_GET["Module"])) {
         $module = $_GET["Module"];
     }
     if (isset($_GET["option"])) {
         $option = $_GET["option"];
     }
     if (isset($_GET["action"])) {
         $action = $_GET["action"];
     }
     if (isset($_POST["Module"])) {
         $module = $_POST["Module"];
     }
     if (isset($_POST["option"])) {
         $option = $_POST["option"];
     }
     if (isset($_POST["action"])) {
         $action = $_POST["action"];
     }
     $sql = "select a.module, \n                       a.option, \n                       a.action,\n                       ug.idGroup,\n                       u.p_id\n                  from groups_actions ga, \n                       actions a, \n                       user_groups \n                       ug,modules m,\n                       groups g,\n                       users u\n                 where a.id=ga.idActions \n                   and ug.idGroup=ga.idGroups \n                   and m.js=a.module \n                   and ga.idgroups=g.id\n                   and ug.idUser=u.p_id\n                   and g.active=1 \n                   and u.active=1\n                   and u.P_id={$id}\n                   and a.module='{$module}'\n                   and a.option='{$option}'\n                   and a.action='{$action}'\n                 order by m.id";
     /*        $d = new debug();
     		$d->log($sql);*/
     $stmt = $this->dbh->prepare($sql);
     $stmt->execute();
     $result = $stmt->fetchAll(PDO::FETCH_ASSOC);
     $log = new log();
     if (count($result) == 0) {
         $log->save($user, "Access denied to module", $module, $option, $action);
         return FALSE;
     } else {
         $log->save($user, "Granted access to the module", $module, $option, $action);
         return TRUE;
     }
 }
Esempio n. 2
0
 /**
  * hook telegram messages
  * @param  boolean $_save [description]
  * @return [type]         [description]
  */
 public static function hook()
 {
     // if telegram is off then do not run
     if (!\lib\utility\option::get('telegram', 'status')) {
         return 'telegram is off!';
     }
     self::$hook = json_decode(file_get_contents('php://input'), true);
     // if debug mode is enable give text from get parameter
     if (!isset(self::$hook['message']['text']) && \lib\utility\option::get('telegram', 'meta', 'debug') && \lib\utility::get('text')) {
         self::$hook['message']['text'] = \lib\utility::get('text');
     }
     // save log if allow
     log::save(self::$hook, true);
     // detect cmd and save it in static value
     self::cmd(self::response('text'));
     // if botan is set then save analytics with botan.io
     self::botan();
 }
Esempio n. 3
0
 /**
  * 运行项目
  */
 public static function run()
 {
     self::init();
     //初始化运行环境
     self::formatRequest();
     //如果开启自动转义,去除转义
     self::setAppGroupPath();
     //设置应用路径
     self::loadAppGroupConfig();
     //载入应用组配置
     self::setAppPath();
     //设置PATH_APP
     self::loadAppConfig();
     //加载应用配置文件
     self::loadUserFile();
     //加载系统类文件数据
     self::setPathConst();
     //设置缓存目录常量
     self::createDemoControl();
     //创建应用目录
     self::setTplConst();
     //设置模板常量
     self::language();
     //加载语言包
     self::ajaxCloseDebug();
     //ajax时关闭调试
     self::setCharset();
     //设置字符集
     self::createDir();
     //创建项目缓存目录结构
     self::session_set();
     self::compileAppGroupFile();
     //项目核心文件编译缓存
     self::compileAppFile();
     //模块核心文件编译缓存
     debug::start("app_start");
     //调试开启,需要打开配置文件调试开关
     self::apprun();
     //项目开始
     debug::show("app_start", "app_end");
     //显示调试结果
     log::save();
     //记录日志
 }
Esempio n. 4
0
 /**
  * TODO: update Log object to use static method
  * @param string $method
  * @return json
  */
 protected function log($method)
 {
     $remote_addr = filter_input(INPUT_SERVER, "REMOTE_ADDR");
     $user_agent = filter_input(INPUT_SERVER, "HTTP_USER_AGENT");
     $data = $this->curl('http://ipinfo.io/' . $remote_addr);
     if ($remote_addr != "::1" && 0 !== strpos($remote_addr, "192.168.")) {
         $log = new log($this->template);
         $log->created_on = date("Y-m-d h:i:s");
         $log->viewed = $method;
         $log->remote_addr = $remote_addr;
         $log->user_agent = $user_agent;
         $log->loc = $data->{"loc"};
         $log->country = $data->{"country"};
         $log->state = $data->{"region"};
         $log->city = $data->{"city"};
         $log->save();
     }
     return $data;
 }
Esempio n. 5
0
 /**
  * Updates an existing Product model.
  * If update is successful, the browser will be redirected to the 'view' page.
  * @param integer $id
  * @return mixed
  */
 public function actionMinius($id)
 {
     // echo Url::toRoute(['admin/product/minius', 'id' => $id]);
     $searchModel = new ProductSearch();
     $dataProvider = $searchModel->search(Yii::$app->request->queryParams);
     $LogModel = new log();
     $LogModel->product_id = $id;
     $LogModel->number = -1;
     $model = $this->findModel($id);
     $LogModel->content = "đã bán sản phẩm " . $model->name . " với số lượng là ";
     $LogModel->save();
     if ($model->number != 0) {
         $model->number--;
     } else {
         echo "<script>alert('không thể thực hiện vì số lượng đã bằng 0');</script>";
     }
     $model->save();
     if ($model->load(Yii::$app->request->post()) && $model->save()) {
         return $this->render('index', ['searchModel' => $searchModel, 'dataProvider' => $dataProvider]);
     } else {
         return $this->render('index', ['searchModel' => $searchModel, 'dataProvider' => $dataProvider]);
     }
 }
 function openDefaultFuncGroups()
 {
     // 为新注册用户自动打开部分功能
     $currTime = time();
     $currUserFuncs = M('user_func_group')->where(array('user_id' => $this->websiteUserId))->select();
     $basicOpenFGs = array();
     $secondaryOpenFGs = array();
     if ($currUserFuncs !== FALSE) {
         $basicDefaultFuncGroups = C('DEFAULT_OPEN_FUNC_GROUPS');
         foreach ($basicDefaultFuncGroups as $funcGroupId) {
             // 检查该功能组是否已经存在
             $existing = false;
             foreach ($currUserFuncs as $currFunc) {
                 if ($currFunc['group_id'] == $funcGroupId) {
                     $existing = true;
                     break;
                 }
             }
             if (!$existing) {
                 $userFuncGroupData = array();
                 $userFuncGroupData['user_id'] = $this->websiteUserId;
                 $userFuncGroupData['group_id'] = $funcGroupId;
                 $userFuncGroupData['start_time'] = $currTime;
                 $openDuration = intval(C('DEFAULT_OPEN_FUNC_GROUPS_DAYS'));
                 if ($openDuration == -1) {
                     $expireTime = 2147483647;
                 } else {
                     $expireTime = $currTime + $openDuration * 24 * 60 * 60;
                 }
                 $userFuncGroupData['expire_time'] = $expireTime;
                 $userFuncGroupData['status'] = 1;
                 M('user_func_group')->add($userFuncGroupData);
                 array_push($basicOpenFGs, $funcGroupId);
             }
         }
         // 自动开通辅助功能组列表:减少测试码的发送量
         $secondaryFuncGroups = C('DEFAULT_OPEN_FUNC_GROUPS_SECONDARY');
         foreach ($secondaryFuncGroups as $secondaryFG) {
             // 检查该功能组是否已经存在
             $existing = false;
             foreach ($currUserFuncs as $currFunc) {
                 if ($currFunc['group_id'] == $secondaryFG) {
                     $existing = true;
                     break;
                 }
             }
             if (!$existing) {
                 $userFuncGroupData = array();
                 $userFuncGroupData['user_id'] = $this->websiteUserId;
                 $userFuncGroupData['group_id'] = $secondaryFG;
                 $userFuncGroupData['start_time'] = $currTime;
                 $userFuncGroupData['expire_time'] = $currTime + intval(C('DEFAULT_OPEN_FUNC_GROUPS_SECONDARY_DAYS')) * 24 * 60 * 60;
                 $userFuncGroupData['status'] = 1;
                 M('user_func_group')->add($userFuncGroupData);
                 array_push($secondaryOpenFGs, $secondaryFG);
             }
         }
     }
     log::record('user:'******'id'] . ' basicFGs:' . join(',', $basicOpenFGs) . ' secondaryFGs:' . join(',', $secondaryOpenFGs));
     log::save();
 }
Esempio n. 7
0
 /**
  * Execute cURL call
  * @return mixed Result of the cURL call
  */
 public static function send($_method = null, array $_data = null, $_output = null)
 {
     if (!isset($_data['is_json'])) {
         $is_json = true;
     } else {
         $is_json = $_data['is_json'];
         unset($_data['is_json']);
     }
     // if telegram is off then do not run
     if (!\lib\utility\option::get('telegram', 'status')) {
         return 'telegram is off!';
     }
     // if method or data is not set return
     if (!$_method || !$_data) {
         return 'method or data is not set!';
     }
     if (array_key_exists('method', $_data)) {
         if ($_data['method'] == 'answerInlineQuery') {
             $is_json = true;
         }
         unset($_data['method']);
     }
     $response_callback = null;
     if (array_key_exists('response_callback', $_data)) {
         $response_callback = $_data['response_callback'];
         unset($_data['response_callback']);
     }
     // if api key is not set get it from options
     if (!self::$api_key) {
         self::$api_key = \lib\utility\option::get('telegram', 'meta', 'key');
     }
     // if key is not correct return
     if (strlen(self::$api_key) < 20) {
         return 'api key is not correct!';
     }
     // initialize curl
     $ch = curl_init();
     if ($ch === false) {
         return 'Curl failed to initialize';
     }
     $curlConfig = [CURLOPT_URL => "https://api.telegram.org/bot" . self::$api_key . "/{$_method}", CURLOPT_POST => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_SAFE_UPLOAD => true, CURLOPT_SSL_VERIFYPEER => false];
     curl_setopt_array($ch, $curlConfig);
     if (!empty($_data)) {
         if ($is_json) {
             $data_string = json_encode($_data);
             curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
             curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json', 'Content-Length: ' . strlen($data_string)));
         } else {
             curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: multipart/form-data'));
             // curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
             // curl_setopt( $ch, CURLOPT_POSTFIELDS, http_build_query($_data));
             curl_setopt($ch, CURLOPT_POSTFIELDS, $_data);
         }
     }
     if (Tld === 'dev') {
         curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
     }
     $result = curl_exec($ch);
     if ($response_callback) {
         if (is_object($response_callback)) {
             call_user_func_array($response_callback, [json_decode($result), $_data]);
         } elseif (is_array($response_callback)) {
             $args = array_splice($response_callback, 1);
             array_unshift($args, json_decode($result), $_data);
             call_user_func_array($response_callback[0], $args);
         }
     }
     if ($result === false) {
         return curl_error($ch) . ':' . curl_errno($ch);
     }
     if (empty($result) | is_null($result)) {
         return 'Empty server response';
     }
     curl_close($ch);
     //Logging curl requests
     if (substr($result, 0, 1) === "{") {
         $result = json_decode($result, true);
         if ($_output && isset($result[$_output])) {
             $result = $result[$_output];
         }
     }
     log::save($result);
     // return result
     return $result;
 }
Esempio n. 8
0
<?php

session_start();
require_once "server/include/config.php";
require_once "server/include/class.log.php";
$user = $_SESSION["ExtDeskSession"]["username"];
$log = new log();
$log->save($user, "leaving the system", "system");
$_SESSION = array();
//destroy all of the session variables
session_destroy();
?>

{"success" : true}
Esempio n. 9
0
 /**
  * @return if falis return false if ok return session 
  */
 function CheckLogin()
 {
     $stmt = $this->dbh->prepare("SELECT P_id,username, password, wallPaper,theme, wpStretch,extrainfo1,extrainfo2,extrainfo3,active,shorcutColor FROM users\n        WHERE username = :username AND password =  :password and active=1");
     $stmt->bindParam(':username', $this->Username);
     $stmt->bindParam(':password', $this->Password);
     $stmt->execute();
     $log = new log();
     if ($stmt->rowCount() > 0) {
         $result = $stmt->fetch(PDO::FETCH_ASSOC);
         $_SESSION['ExtDeskSession']['id'] = $result["P_id"];
         $_SESSION['ExtDeskSession']['username'] = $result["username"];
         $_SESSION['ExtDeskSession']['wallPaper'] = $result["wallPaper"];
         $_SESSION['ExtDeskSession']['theme'] = $result["theme"];
         $_SESSION['ExtDeskSession']['wpStretch'] = $result["wpStretch"];
         $_SESSION['ExtDeskSession']['extrainfo1'] = $result["extrainfo1"];
         $_SESSION['ExtDeskSession']['extrainfo2'] = $result["extrainfo2"];
         $_SESSION['ExtDeskSession']['extrainfo3'] = $result["extrainfo3"];
         $_SESSION['ExtDeskSession']['bactive'] = $result["active"];
         $_SESSION['ExtDeskSession']['color'] = $result["shorcutColor"];
         $log->save($this->Username, "Granted access to the system", "system", "login");
     } else {
         $log->save($this->Username, "Access denied to the system", "system", "login");
         return false;
     }
 }