Esempio n. 1
0
 public function acl($c = '', $act = '')
 {
     // ! this method is not completed !
     $result = false;
     $name = $c . ',' . $act;
     \CORE::msg('debug', 'Checking acl: ' . $name);
     $USER = \CORE\BC\USER::init();
     $uid = $USER->get('uid');
     $gid = $USER->get('gid');
     //dafault acl settings
     $group_acl[','] = 1;
     $group_acl['page,ciscocall'] = 1;
     if ($gid == 0) {
         $group_acl['user,login'] = 1;
     } else {
         $group_acl['user,logout'] = 1;
         $group_acl['user,profile'] = 1;
     }
     if ($gid == 1) {
         $group_acl['*,*'] = 1;
     }
     // loading acl
     // ...
     // allow
     // user
     if (isset($user_acl[$name])) {
         if ($user_acl[$name] == 1) {
             $result = true;
         }
     }
     // group
     if (isset($group_acl['*,*'])) {
         if ($group_acl['*,*'] == 1) {
             $result = true;
         }
     }
     if (isset($group_acl[$name])) {
         if ($group_acl[$name] == 1) {
             $result = true;
         }
     }
     // deny
     // ...
     if (!$result) {
         \CORE::msg('error', 'Access denied');
     }
     return $result;
 }
Esempio n. 2
0
 public function passwd($pwd = '', $uid = 0)
 {
     if ($pwd == '' && isset($_POST['pwd'])) {
         $pwd = trim($_POST['pwd']);
     }
     if ($this->check_password($pwd)) {
         if ($uid == 0) {
             $uid = (int) \CORE\BC\USER::init()->get('uid');
         }
         $DB = \DB::init();
         if ($DB->connect()) {
             $gen_pwd = $this->generate_pwd($pwd);
             $pwd = array('hash' => $gen_pwd['hash'], 'salt' => $gen_pwd['salt'], 'hint' => $gen_pwd['hint'], 'uid' => $uid);
             if (!$this->hint()) {
                 $pwd['hint'] = NULL;
             }
             $sql = "UPDATE `n-users` SET `usr-pwd`=:hash, `usr-salt`=:salt, `usr-hint`=:hint WHERE `usr-uid`=:uid;";
             $sth = $DB->dbh->prepare($sql);
             $sth->execute($pwd);
             $DB->query_count();
             \CORE::init()->msg('info', 'Password successfully changed.');
         }
     } else {
         \CORE::init()->msg('error', 'Password is not valid.');
     }
 }
Esempio n. 3
0
<?php

if (!defined('DIR_BASE')) {
    echo '[+_+]';
    exit;
}
if (is_readable(DIR_CORE . '/bc/core.php')) {
    require DIR_CORE . '/bc/core.php';
} else {
    echo 'Core class not found';
    exit;
}
$CORE = CORE::init();
$USER = \CORE\BC\USER::init();
$UI = \CORE\BC\UI::init();
$APP = \CORE\BC\APP::init();
$CORE->unload();
$UI->show_template();