static function check($key)
{
if (is_array($key)) {
$set = true;
foreach ($key as $k) {
if (!session::check($k)) {
$set = false;
}
}
return $set;
} else {
$key = session::generateSessionKey($key);
return isset($_SESSION[$key]);
}
}
function drawWidget()
{
$s = new session();
if (session::check() != false) {
$w = new box($this->logged_in_realm_caption);
$w->css_box = "login";
$w->addWidget(html::write($this->logged_in_caption . $s->user->username));
$w->addWidget(new button($this->logout_caption, $this->logouttarget . "?logout=1"));
return $w->draw();
}
$h = new html();
$h->html .= "\n\t\t\t\t\t\n\t\t\t\t\t<form method=\"post\" action=\"" . $this->target . "\">\n\t\t\t\t\t<table>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td colspan=\"2\">\n\t\t\t\t\t\t\t" . $this->realm_caption . "\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr><td>" . $this->username_caption . "</td><td><input type=\"text\" name=\"username\"></td></tr>\t\t\t\n\t\t\t\t\t\t<tr><td>" . $this->password_caption . "</td><td><input type=\"password\" name=\"password\"></td></tr>\n\t\t\t\t\t\t<tr><td><input type=\"submit\" value=\"" . $this->submit_caption . "\"></td></tr></table></form>";
$b = new box($this->realm_caption, $h);
$b->css_box = "login";
return $b->draw();
}
/**
* This file is used to verify that the session parameters are correct
* In case of invalid Session, the script is stopped
*/
require_once 'class/Session.class.php';
// Caller script should pass a GET parameter with the domain name
//gj([X.X.X] - sanitize input, register patterns globally for readability and consistency. email, adword, instance, etc)^M
$domain = preg_replace("/[^a-zA-Z0-9\\-\\.]/", "", $_REQUEST['domain']);
$databaseName = preg_replace("/[^a-zA-Z0-9\\_]/", "", $_REQUEST['databaseName']);
if ($domain == null || $domain == "") {
echo json_encode(array('error' => "parameter", 'errorMsg' => "Invalid parameter domain!"));
die;
}
// Get the instance name from the domain
// Open the session of the instance database
//$instance = getInstanceNameFromDomain($domain);
$instance = $databaseName;
session::initByInstance($instance);
session::check();
//Verify that the instance session has the checkout information
// and the same domain
if (!isset($_SESSION['checkoutCampaign'])) {
echo json_encode(array('error' => "Session", 'errorMsg' => "Missing Session Information! Instance name:" . $instance . " , domain name: " . $domain));
die;
} else {
$domainFromSession = $_SESSION['checkoutCampaign']['instanceHost'];
if ($domain != $domainFromSession) {
echo json_encode(array('error' => "Session", 'errorMsg' => "Invalid domain information!"));
die;
}
}
<?php
include '../core/main.class.php';
$main = new Main();
//check for loged in
$id = Security::secureString($_GET['id']);
$idea = mysql_fetch_array($main->con()->db_query("SELECT votes FROM feedback_ideas WHERE id='{$id}'"));
if (session::check()) {
$voter_id = session::get_param('user_id');
$main->con()->db_query("UPDATE feedback_ideas SET votes=votes+1 WHERE id='{$id}'");
$main->con()->db_query("INSERT INTO feedback_votes (idea_id,voter_id) VALUES('{$id}','{$voter_id}')");
}
echo render::dynamicFont(number_format($idea['votes'] + 1, 0, '', ','), 32);
?>
<br/>
votes<br/>
<?php
include '../core/main.class.php';
$main = new Main();
//check for loged in
$id = Security::secureString($_GET['id']);
$status = Security::secureString($_GET['status']);
if (session::check() && session::get_param('admin')) {
$main->con()->db_query("UPDATE feedback_ideas SET status='{$status}' WHERE id='{$id}'");
$info = array('status' => '<div id="status_' . $id . '" class="nr_votes ' . render::giveStatus($status, "class") . '">' . render::giveStatus($status, "text") . '</div>', 'adm_com' => '<div id="com_status_' . $id . '" class="ad_' . render::giveStatus($status, "class") . '"></div>');
echo json_encode($info);
}
</div>
</div>
<div id="blackout"></div>
<div id="content">
<a href="<?php
echo HTTP_CORE_BASE;
?>
"><img src="<?php
echo HTTP_CORE_BASE;
?>
images/logo.jpg" alt="logo"/></a>
<br clear="all"/>
<div class="title fleft"><b>Chocksy</b> Feedback</div>
<div class="get_in">
<?php
if (!session::check()) {
?>
<a href="<?php
echo HTTP_CORE_BASE;
?>
getin">Login</a> sau <a href="<?php
echo HTTP_CORE_BASE;
?>
getin">Register</a>
<?php
} else {
?>
<a href="javascript:void(0)" onclick="OPN.logout()">Log Out</a>
<?php
}
?>
function isLoggedIn()
{
$check = array("id", "username", "admin", "fname", "lname");
if (session::check($check)) {
return true;
} else {
return false;
}
}
public static function checkVoted($idea_id, $voted_ideas)
{
if (self::array_search_r($idea_id, $voted_ideas) || !session::check()) {
return true;
} else {
return false;
}
}
public function init()
{
if (!session::check('user')) {
$this->redirect(Request::createUrl('login', 'login'));
}
}