Esempio n. 1
0
 function __construct($ser = NULL, $user = NULL)
 {
     parent::__construct();
     //echo ( "<br>function LoadPrefs ( $ser=NULL, $user=NULL ) {" );
     $this->prefs = new Preferences();
     // Make sure that we have the correct server
     $server = $ser == NULL ? Cfg::get("server") : $ser;
     // Load up thi s domain information from
     // the user information If there is no information
     // in the user, check the alternate domain
     $sql = "SELECT * FROM tblUser WHERE ";
     if ($user != NULL) {
         $sql .= "fldUser='******'";
     } else {
         if ($server != NULL) {
             $sql .= "'{$server}' LIKE fldDomain";
         }
     }
     $sql .= " LIMIT 1";
     if ($this->_loadUserTable($sql)) {
         $this->_loadGroupTable();
     } else {
         $sql = "SELECT * FROM tblUser WHERE '{$server}' LIKE fldAltDomain LIMIT 1";
         if ($this->_loadUserTable($sql)) {
             // If it is in the alternate domain the
             // use these preferences
             $server = $this->prefs->userPrefs["fldDomain"];
             Cfg::set('server', $server);
             $this->_loadGroupTable();
         }
     }
 }
Esempio n. 2
0
 public function getRaw($key)
 {
     $oldValues = Cfg::turnOffErrorHandling();
     eval('$value = $this->formVars' . $key . ';');
     if (!isset($value)) {
         $value = '';
     }
     Cfg::turnOnErrorHandling($oldValues);
     return $value;
 }
Esempio n. 3
0
    /**
     * Generates the html for cron iframe
     */
    public static function iFrame()
    {
        $cronUrl = Cfg::get('site_url') . '/cron.php';
        $cronHtml = <<<HTML
<iframe src="{$cronUrl}" frameboarder="1" scrolling="yes" width="620" height="100">
    <p>Your browser does not support iframes.</p>
</iframe><br/>
HTML;
        return $cronHtml;
    }
Esempio n. 4
0
 public static function check()
 {
     // If we do not have jackbooted database then have no CSRFGuard
     if (!Cfg::get('jb_db', false)) {
         return true;
     }
     // If the variable is not there then assume all good
     if (($csrfKey = Request::get(CSRFGuard::KEY)) == '') {
         return true;
     }
     return self::valid($csrfKey);
 }
Esempio n. 5
0
 public static function slugRedirect($slug, $menuClasses = null)
 {
     foreach (self::getMenuItems($menuClasses) as $menuList) {
         foreach ($menuList as $row) {
             if (isset($row['slug']) && $row['slug'] == $slug) {
                 header('Location: ' . Cfg::siteUrl() . '/' . $row['url']);
                 exit;
             }
         }
     }
     // Default
     header('Location: ' . Cfg::siteUrl());
     exit;
 }
Esempio n. 6
0
 public static function migrate()
 {
     $maxRun = 0;
     $runItems = [];
     foreach (DBTable::factory(DB::DEF, 'SELECT * FROM tblMigration') as $row) {
         if ((int) $row['fldRun'] > $maxRun) {
             $maxRun = (int) $row['fldRun'];
         }
         if (!isset($runItems[$row['fldClass']])) {
             $runItems[$row['fldClass']] = [];
         }
         $runItems[$row['fldClass']][] = $row['fldMethod'];
     }
     $maxRun += 1;
     $html = '';
     // Go through all the migration classes
     foreach (Cfg::get('migration', []) as $migrationClass) {
         $clazz = new \ReflectionClass($migrationClass);
         // If new class then just add empty list
         if (!isset($runItems[$migrationClass])) {
             $runItems[$migrationClass] = [];
         }
         // get a list of methods to run
         $methodList = [];
         foreach ($clazz->getMethods() as $method) {
             if (in_array($method->name, $runItems[$migrationClass])) {
                 continue;
             }
             if (strpos($method->name, 'migrate') !== 0) {
                 continue;
             }
             // Add the name to the list
             $methodList[] = $method->name;
         }
         // Sort so that it will be date ordered
         sort($methodList);
         foreach ($methodList as $method) {
             if (($result = call_user_func([$migrationClass, $method])) === false) {
                 $html .= "There is a problem running {$migrationClass}::{$method}<br/>\n";
             } else {
                 $html .= $result;
                 DB::exec(DB::DEF, 'INSERT INTO tblMigration (fldMigrationID,fldRun,fldClass,fldMethod) VALUES (?,?,?,?)', [DBMaintenance::dbNextNumber(DB::DEF, 'tblMigration'), $maxRun, $migrationClass, $method]);
             }
         }
     }
     return $html;
 }
Esempio n. 7
0
 public static function initialize()
 {
     $dbType = Cfg::get('local-driver');
     switch ($dbType) {
         case DB::SQLITE:
             $dbFileName = Cfg::get('local-host');
             echo "Checking that the file {$dbFileName} exists\n";
             if (file_exists($dbFileName)) {
                 echo "Database exists ({$dbFileName})\n";
             } else {
                 echo "Creating empty database\n";
                 touch($dbFileName);
             }
             break;
         case DB::MYSQL:
             $fldHostName = Cfg::get('local-host');
             $fldDBName = Cfg::get('local-db');
             $fldUsername = Cfg::get('local-user');
             $fldPassword = Cfg::get('local-pass');
             try {
                 $dbh = new \PDO("mysql:host={$fldHostName}", $fldUsername, $fldPassword);
                 $dbh->exec("CREATE DATABASE IF NOT EXISTS {$fldDBName}") or die(print_r($dbh->errorInfo(), true));
             } catch (PDOException $e) {
                 die("DB ERROR: " . $e->getMessage());
             }
             break;
         default:
             die("Unsupported DB Type: {$dbType}");
     }
     if (count(\Jackbooted\DB\DBMaintenance::getTableList()) == 0) {
         // Put in the base data
         $sqlFileName = Cfg::get('tmp_path') . '/base_database.sql';
         if (file_exists($sqlFileName)) {
             echo "Running the commands in {$sqlFileName} against the database\n";
             foreach (explode(';', file_get_contents($sqlFileName)) as $statement) {
                 DB::exec(DB::DEF, $statement);
             }
         } else {
             die("Base Database file does not exists ({$sqlFileName}) aborting\n");
         }
     } else {
         die("Database already seems to be set up.");
     }
     echo "audititing Table - AlertsDAO\n";
     (new \App\Models\AlertsDAO())->auditTable();
     return '';
 }
Esempio n. 8
0
 public static function icon($email, $size = 24, $rating = 'PG', $type = null)
 {
     if ($type == null) {
         $type = self::$gravType;
     }
     $gHash = md5(strtolower(trim($email)));
     $tPath = Cfg::get('tmp_path');
     $fName = 'GRAV' . $size . $type . $gHash . '.png';
     $fPath = $tPath . '/' . $fName;
     // Locally Caches the gavatar image
     if (!file_exists($fPath)) {
         copy(sprintf(self::ICO, self::$URL, $gHash, $size, $rating, $type), $fPath);
         if (!file_exists($fPath)) {
             return Tag::img(sprintf(self::ICO, self::$URL, $gHash, $size, $rating, $type));
         }
     }
     return Tag::img(Cfg::get('site_url') . '/' . basename($tPath) . '/' . $fName);
 }
Esempio n. 9
0
 public static function init()
 {
     self::$log = Log4PHP::logFactory(__CLASS__);
     self::$encryptionOff = Cfg::get('encrypt_override');
     if (!function_exists('mcrypt_get_key_size')) {
         self::$encryptionOff = true;
     }
     // The IV is session specific. See if the key has been set in the session
     if (isset($_SESSION[G::SESS][G::CRYPTO])) {
         self::$randKey = md5($_SESSION[G::SESS][G::CRYPTO]);
     } else {
         self::$randKey = md5(self::RAND_KEY);
         self::$log->warn('Using the default key for crypto');
     }
     if (!self::$encryptionOff) {
         self::$algortithm = Cfg::get('quercus', false) ? MCRYPT_TRIPLEDES : MCRYPT_RIJNDAEL_256;
     }
     self::$instance = new Cryptography(self::$randKey);
 }
Esempio n. 10
0
 static function library($lib, $force = false)
 {
     if (!$force && isset(self::$displayedLibraries[$lib])) {
         return '';
     }
     self::$displayedLibraries[$lib] = true;
     if (!preg_match('/^http(s)?:\\/\\/.*$/i', $lib)) {
         $lib = Cfg::get('js_url') . '/' . $lib;
     }
     if (preg_match('/^.*\\.js$/i', $lib) || preg_match('/^.*\\jsapi$/i', $lib)) {
         return Tag::hTag('script', ['type' => 'text/javascript', 'src' => $lib]) . Tag::_hTag('script') . self::$LF;
     } else {
         if (preg_match('/^.*\\.css$/i', $lib)) {
             $attribs = ['type' => 'text/css', 'href' => $lib, 'rel' => 'stylesheet'];
             if (preg_match('/^.*\\.print\\.css$/i', $lib)) {
                 $attribs['media'] = 'print';
             }
             return Tag::hTag('link', $attribs) . Tag::_hTag('link') . self::$LF;
         } else {
             return '';
         }
     }
 }
Esempio n. 11
0
    public static function access($action = null)
    {
        if (!Cfg::get('check_priviliages')) {
            return true;
        }
        if ($action == null) {
            $action = Request::get(WebPage::ACTION);
        }
        if (isset(self::$cache[$action])) {
            return self::$cache[$action];
        }
        if (($priviliagesIDs = self::getPriviliageIDs($action)) === false) {
            self::$log->warn('No priviliages found for action: ' . $action);
            return self::$cache[$action] = true;
        }
        $uid = G::get('fldUserID', '0');
        $groupIDs = self::getGroupIDs($uid);
        $params = [];
        $privIdIn = DB::in($priviliagesIDs, $params);
        $params[] = $uid;
        $params[] = (int) G::get('fldLevel', 7);
        $groupIn = DB::in($groupIDs, $params);
        $now = time();
        $sql = <<<SQL
            SELECT count(*) FROM tblSecPrivUserMap
            WHERE fldPrivilegeID IN ( {$privIdIn} )
            AND   ( fldStartDate=0 OR fldStartDate < {$now} )
            AND   ( fldEndDate=0   OR fldEndDate > {$now} )
            AND   ( ( fldUserID  IS NOT NULL AND fldUserID<>''  AND fldUserID=? )  OR
                    ( fldLevelID IS NOT NULL AND fldLevelID<>'' AND fldLevelID>=? )  OR
                      fldGroupID IN ( {$groupIn} ) )
SQL;
        if (DB::oneValue(DB::DEF, $sql, $params) > 0) {
            return self::$cache[$action] = true;
        }
        return self::canLogin($priviliagesIDs);
    }
Esempio n. 12
0
 public function index($tName = '')
 {
     if (($tableName = Request::get('tblName', $tName)) == '') {
         return '';
     }
     $crud = CRUD::factory($tableName, ['topPager' => false])->copyVarsFromRequest('tblName');
     if (preg_match('/^tblMod([A-Z]+[a-z]+)/', $tableName, $matches)) {
         foreach (Cfg::get('modules', []) as $moduleClass) {
             eval($moduleClass . '::' . Module::CRUD_MOD . '($crud);');
         }
     } else {
         switch ($tableName) {
             case 'tblNextNumber':
                 $crud->setColDisplay('fldTable', [CRUD::SELECT, DBMaintenance::getTableList(), true]);
                 break;
             case 'tblSecPrivUserMap':
                 $userSql = DB::driver() == DB::MYSQL ? Admin::USER_SQL_MYSQL : Admin::USER_SQL_MYSQL;
                 $crud->setColDisplay('fldUserID', [CRUD::SELECT, $userSql, true]);
                 $crud->setColDisplay('fldGroupID', [CRUD::SELECT, Admin::GROUP_SQL, true]);
                 $crud->setColDisplay('fldPrivilegeID', [CRUD::SELECT, Admin::PRIV_SQL, true]);
                 $crud->setColDisplay('fldLevelID', [CRUD::SELECT, Admin::LEVEL_SQL]);
                 break;
             case 'tblUserGroupMap':
                 $userSql = DB::driver() == DB::MYSQL ? Admin::USER_SQL_MYSQL : Admin::USER_SQL_SQLITE;
                 $crud->setColDisplay('fldUserID', [CRUD::SELECT, $userSql, true]);
                 $crud->setColDisplay('fldGroupID', [CRUD::SELECT, Admin::GROUP_SQL, true]);
                 break;
             case 'tblUser':
                 $crud->setColDisplay('fldLevel', [CRUD::SELECT, Admin::LEVEL_SQL]);
                 $crud->setColDisplay('fldTimeZone', [CRUD::SELECT, Admin::TZ_SQL]);
                 break;
         }
     }
     $resp = Response::factory()->set('tblName', $tableName);
     return Tag::hTag('b') . 'Editing Table: ' . $tableName . Tag::_hTag('b') . ' ' . Tag::hRef('ajax.php?' . $resp->action(__CLASS__ . '->csv()'), 'CSV') . ' ' . Tag::hRef('ajax.php?' . $resp->action(__CLASS__ . '->xls()'), 'XLS') . $crud->index();
 }
Esempio n. 13
0
 public static function getTempDir()
 {
     if (preg_match('/^(RADWEB|JACKBOOTWEB).*$/', Cfg::get('version'))) {
         $tmpDir = Cfg::get('tmp_path');
     } else {
         $tmpDir = '/tmp';
         if (function_exists('sys_get_temp_dir')) {
             $tmpDir = sys_get_temp_dir();
         } else {
             foreach (['TMP', 'TEMP', 'TMPDIR'] as $envVar) {
                 if (($temp = getenv($envVar)) !== false) {
                     $tmpDir = $temp;
                     break;
                 }
             }
         }
     }
     // ensure that there is no trailing slash (Standard)
     $lastChar = substr($tmpDir, -1);
     if ($lastChar == '/' || $lastChar == '\\') {
         $tmpDir = substr($tmpDir, 0, -1);
     }
     return $tmpDir;
 }
Esempio n. 14
0
<?php

/** config.php - This file loads the various configuration options
 **
 ** Written by Brett Dutton of Jackbooted Software
 ** brett@brettdutton.com
 **
 ** This software is written and distributed under the GNU General Public
 ** License which means that its source code is freely-distributed and
 ** available to the general public.
 **
 **/
// Create the $config array
$config = [];
require_once dirname(__FILE__) . '/config.default.php';
require_once dirname(__FILE__) . '/config.local.php';
// Environment overrides not in version control
if (file_exists(dirname(__FILE__) . '/config.env.php')) {
    require_once dirname(__FILE__) . '/config.env.php';
}
require_once $config['site_path'] . '/vendor/jackbooted/config/Cfg.php';
\Jackbooted\Config\Cfg::init($config);
// If you want to set everything as global scope then uncheck this
// \Jackbooted\Config\Config::setOverrideScope( \Jackbooted\Config\Config::GLOBAL_SCOPE );
Esempio n. 15
0
    public function sendPW()
    {
        $sql = 'SELECT fldUserID FROM tblUser WHERE fldUser=?';
        if (($id = DB::oneValue(DB::DEF, $sql, Request::get('fldEmail'))) === false) {
            $msg = 'This email does not exist on this system.<br>' . 'Either choose a new email address or register as new customer.' . $this->forgotPassword();
        } else {
            $pw = Password::passGen(10, Password::MEDIUM);
            if (DB::driver() == DB::MYSQL) {
                $sql = 'UPDATE tblUser SET fldPassword=PASSWORD(?) WHERE fldUserID=?';
                DB::exec(DB::DEF, $sql, [$pw, $id]);
            } else {
                $sql = 'UPDATE tblUser SET fldPassword=? WHERE fldUserID=?';
                DB::exec(DB::DEF, $sql, [hash('md5', $pw), $id]);
            }
            // Update the Database with the new Password combo
            $boss = Cfg::get('boss');
            $desc = Cfg::get('desc');
            // create the email message to notify about a password request
            $body = '<h3>User requested password<br>Email: <b>%s</b></h3><br>From %s';
            Mailer::envelope()->format(Mailer::HTML_TEXT)->from(Request::get('fldEmail'))->to($boss)->subject('User requested password')->body(sprintf($body, Request::get('fldEmail'), $desc))->send();
            $body = <<<TXT
Message from %s

Here are your login details

Password: %s

Regards
%s
TXT;
            // create the email message to notify the user of his/her login details
            Mailer::envelope()->from($boss)->to(Request::get('fldEmail'))->subject('Login Request ' . $desc)->body(sprintf($body, $desc, $pw, $desc))->send();
            $msg = 'Soon you will receive an email that will contain your login details.';
        }
        return Widget::popupWrapper($msg, -1);
    }
Esempio n. 16
0
 public static function setErrorLevel()
 {
     $errMode = self::get('jb_error_mode');
     $level = $errMode ? E_ALL | E_STRICT : 0;
     error_reporting($level);
     ini_set('display_errors', $errMode ? '1' : '0');
     if (Cfg::get('quercus', false)) {
         set_error_handler([__CLASS__, 'errorHandler'], $level);
     }
     self::$errorLevel = $level;
 }
Esempio n. 17
0
 public function version()
 {
     return Cfg::get('build_version', 'No Version info');
 }
Esempio n. 18
0
 private static function connectionFactoryFromString($db)
 {
     if (isset(self::$connections[$db])) {
         self::$lastDB = self::$connections[$db];
         return self::$lastDB;
     } else {
         $dbConnection = ['hostname' => Cfg::get($db . '-host'), 'dbname' => Cfg::get($db . '-db'), 'username' => Cfg::get($db . '-user'), 'password' => Cfg::get($db . '-pass'), 'options' => Cfg::get($db . '-options', ''), 'driver' => Cfg::get($db . '-driver', 'mongodb')];
         if ($dbConnection['hostname'] != '') {
             return self::connectionFactoryFromArray($dbConnection);
         } else {
             self::logErrorMessage('Unknown DB: ' . $db);
             return false;
         }
     }
 }
Esempio n. 19
0
 public function index()
 {
     $sitePath = Cfg::get('site_path');
     $sitePathLen = strlen($sitePath);
     $resp = Response::factory()->action(__CLASS__ . '->zoom()');
     $html = Tag::ul();
     foreach ($this->findImages($sitePath) as $item) {
         $relItemName = substr($item, $sitePathLen);
         $html .= Tag::li() . Tag::hRef('?' . $resp->set('url', $relItemName)->toUrl(), $relItemName) . Tag::_li();
     }
     $html .= Tag::_ul();
     return $html;
 }
Esempio n. 20
0
 public function fileChecksumRebase()
 {
     DB::exec(DB::DEF, 'TRUNCATE tblFileCheck');
     $dirList = PHPExt::dirSearch(Cfg::get('site_path'), '/^[^_].*$/');
     $len = strlen(Cfg::get('site_path')) + 1;
     $fileCount = 0;
     foreach ($dirList as $fullPath) {
         $fileCount++;
         DB::exec(DB::DEF, 'INSERT INTO tblFileCheck VALUES(?,?,?,?)', [DBMaintenance::dbNextNumber(DB::DEF, 'tblFileCheck'), substr($fullPath, $len), filesize($fullPath), sha1_file($fullPath)]);
     }
     return "Updated {$fileCount} files<br/>" . $this->fileChecksum();
 }
Esempio n. 21
0
 /**
  * Check to see if there is class level initialisation and then runs it
  * Need this because PHP does not have static initialisation yet
  * @param string $className to initialise
  */
 private static function runClassInitialization($className)
 {
     if (Cfg::get('quercus', false)) {
         @eval($className . '::' . self::STATIC_INIT . '();');
     } else {
         if (method_exists($className, self::STATIC_INIT)) {
             $classLevelInit = [$className, self::STATIC_INIT];
             call_user_func($classLevelInit);
         }
     }
 }
Esempio n. 22
0
 /**
  * @param  $row
  * @return bool|mixed
  */
 public function insert($row, $insertMethod = 'INSERT')
 {
     $row = $this->objToRel($row);
     // This allows for dummy columns to be part of the object without the
     // DAO automatically accessing them in the queries.
     if ($this->ignoreCols != null) {
         foreach ($this->ignoreCols as $ignoreCol) {
             unset($row[$ignoreCol]);
         }
     }
     if (Cfg::get('jb_db', false)) {
         $pKey = DBMaintenance::dbNextNumber($this->db, $this->tableName);
         $row[$this->primaryKey] = $pKey;
     }
     $keys = array_keys($row);
     $values = array_values($row);
     $sql = $insertMethod . ' INTO ' . $this->tableName . ' (' . join(',', $keys) . ') VALUES (' . DB::in($values) . ')';
     if (DB::exec($this->db, $sql, $values) != 1) {
         return false;
     }
     if (!Cfg::get('jb_db', false)) {
         $pKey = DB::lastInsertId($this->db);
     }
     return $pKey;
 }
Esempio n. 23
0
 public function imageUrl()
 {
     $resp = new Response();
     $url = Cfg::siteUrl() . '/ajax.php?' . Response::factory()->action(__CLASS__ . '::img()')->set('_CP1', $this->value)->set('_CP4', $this->hatch)->toUrl(Response::UNIQUE_CSRF);
     return $url;
 }
Esempio n. 24
0
 protected function insertRows()
 {
     $rowsToInsert = (int) Request::get('rows');
     $insertedCnt = 0;
     for ($i = 0; $i < $rowsToInsert; $i++) {
         $params = array_merge($this->insDefaults, $this->where);
         $paramValues = null;
         if (Cfg::get('jb_db', false)) {
             $params[$this->primaryKey] = DBMaintenance::dbNextNumber($this->db, $this->tableName);
         }
         $sql = 'INSERT INTO ' . $this->tableName;
         if (count($params) > 0) {
             $sql .= ' (' . join(',', array_keys($params)) . ') ' . 'VALUES (' . DB::in(array_values($params), $paramValues) . ')';
         }
         $insertedCnt += $this->exec($sql, $paramValues);
     }
     if ($insertedCnt > 0) {
         $this->paginator->setRows($this->getRowCount());
     }
     return 'Inserted ' . $insertedCnt . ' row' . StringUtil::plural($insertedCnt) . Tag::br();
 }
Esempio n. 25
0
 public static function driver($dbh = self::DEF)
 {
     return Cfg::get($dbh . '-driver');
 }
Esempio n. 26
0
    public function editAccount()
    {
        $resp = new Response();
        $uid = G::get('fldUserID');
        $html = '';
        $props = [];
        $jsUrl = Cfg::get('js_url');
        $jQuery = <<<JS
            \$().ready(function() {
                \$('a.facebox').facebox({closeImage:   '{$jsUrl}/images/closelabel.png',
                                        loadingImage: '{$jsUrl}/images/loading.gif'

                });
            });
JS;
        $userSql = DB::driver() == DB::MYSQL ? self::USER_SQL_MYSQL : self::USER_SQL_SQLITE;
        if (G::accessLevel(Privileges::getSecurityLevel('SITE ADMIN'))) {
            $uid = Request::get('fldUserID', G::get('fldUserID'));
            $props['where'] = ['fldUserID' => G::get('fldUserID')];
            $html .= Tag::form() . $resp->action(sprintf('%s->%s()', __CLASS__, __FUNCTION__))->toHidden() . Tag::table() . Tag::tr() . Tag::th() . 'User to edit' . Tag::_th() . Tag::td() . Lists::select('fldUserID', $userSql, ['onChange' => 'submit()', 'default' => $uid]) . Tag::_td() . Tag::_tr() . Tag::_table() . Tag::_form();
        }
        $formName = 'Admin_editAccount';
        $valid = Validator::factory($formName)->addEqual('fldPassword', 'fldPassword_CHK', 'Your passwords do not match')->addLength('fldPassword', 'Password must be at least 6 characters', 6, null, true)->addExists('fldFirstName', 'You must enter your first name')->addExists('fldLastName', 'You must enter your last name');
        $row = DB::oneRow(DB::DEF, 'SELECT * FROM tblUser WHERE fldUserID=?', $uid);
        $html .= '<h2>Edit User Account</h2>' . $valid->toHtml() . Tag::form(['name' => $formName, 'onSubmit' => $valid->onSubmit()]) . $resp->action(sprintf('%s->%sSave()', __CLASS__, __FUNCTION__))->set('fldUserID', $uid)->toHidden() . Tag::table();
        $html .= Tag::tr() . Tag::td() . Tag::table() . Tag::tr() . Tag::td() . 'User Name/Email' . Tag::_td() . Tag::td() . Tag::text('fldUser', $row['fldUser']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Old Password' . Tag::_td() . Tag::td() . Tag::password('fldPassword_OLD') . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Password' . Tag::_td() . Tag::td() . Tag::password('fldPassword') . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Confirm Password' . Tag::_td() . Tag::td() . Tag::password('fldPassword_CHK') . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Title' . Tag::_td() . Tag::td() . Tag::text('fldSalutation', $row['fldSalutation']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'First Name' . Tag::_td() . Tag::td() . Tag::text('fldFirstName', $row['fldFirstName']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Last Name' . Tag::_td() . Tag::td() . Tag::text('fldLastName', $row['fldLastName']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Time Zone' . Tag::_td() . Tag::td() . Lists::select('fldTimeZone', self::TZ_SQL, ['default' => $row['fldTimeZone']]) . Tag::_td() . Tag::_tr();
        if (G::accessLevel(Privileges::getSecurityLevel('SITE ADMIN'))) {
            $html .= Tag::tr() . Tag::td() . 'Security Level' . Tag::_td() . Tag::td() . Lists::select('fldLevel', self::LEVEL_SQL, ['default' => $row['fldLevel']]) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Login Fails' . Tag::_td() . Tag::td() . Tag::text('fldFails', $row['fldFails']) . Tag::_td() . Tag::_tr();
        } else {
            $html .= Tag::tr() . Tag::td() . 'Security Level' . Tag::_td() . Tag::td() . Privileges::getSecurityLevel($row['fldLevel']) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . 'Login Fails' . Tag::_td() . Tag::td() . $row['fldFails'] . Tag::_td() . Tag::_tr();
        }
        $html .= Tag::tr() . Tag::td(['colspan' => 2]) . Tag::submit('Save') . Tag::_td() . Tag::_tr();
        if (G::accessLevel(Privileges::getSecurityLevel('SITE ADMIN'))) {
            $html .= Tag::tr() . Tag::td(['colspan' => 2]) . Tag::hRef('ajax.php?' . $resp->action(__CLASS__ . '->newUser()')->toUrl(), 'Create New User', ['class' => 'facebox']) . Tag::_td() . Tag::_tr();
        }
        $html .= Tag::_table() . Tag::_td() . Tag::td(['valign' => 'top', 'align' => 'center']) . Tag::table() . Tag::tr() . Tag::td(['valign' => 'top', 'align' => 'center']) . Gravatar::icon($row['fldUser'], 128) . Tag::_td() . Tag::_tr() . Tag::tr() . Tag::td() . Tag::linkButton(Gravatar::getURL(), 'Change Picture', ['target' => '_blank', 'title' => 'your gravatar is associated with your email address ' . $row['fldUser'] . ' (up to 24 hrs to change)']) . Tag::_td() . Tag::_tr();
        if (G::accessLevel(Privileges::getSecurityLevel('SITE ADMIN')) && $uid != G::get('fldUserID')) {
            $name = $row['fldFirstName'] . ' ' . $row['fldLastName'];
            $html .= Tag::tr() . Tag::td() . Tag::linkButton('?' . $resp->action(__CLASS__ . '->loginAs()')->set('fldUser', $row['fldUser'])->toUrl(), 'Login as this User', ['title' => "Login as this user ({$name})"]) . Tag::_td() . Tag::_tr();
        }
        $html .= Tag::_table() . Tag::_td() . Tag::_tr() . Tag::_table() . Tag::_form();
        return JS::library(JS::JQUERY) . JS::libraryWithDependancies(JS::FACEBOX) . JS::javaScript($jQuery) . $html;
    }
Esempio n. 27
0
 public function __call($name, $arguments)
 {
     $fName = Cfg::get('site_path') . '/' . $name . '.html';
     if (file_exists($fName)) {
         return file_get_contents($fName);
     } else {
         return 'Unknown Method Call: ' . $name;
     }
 }
Esempio n. 28
0
 /** Function to set a Cookie
  * @param $s The name of the Cookie
  * @param $val The value of the Cookie
  * @public
  */
 public static function set($key, $val)
 {
     setcookie($key, self::$crypto->encrypt($val), time() + self::$timeout, Cfg::get('cookie_path', '/'));
 }
Esempio n. 29
0
 public static function check(Request $request)
 {
     if (($formVarLen = $request->count()) == 0) {
         return true;
     }
     foreach ($request as $key => $val) {
         if (in_array($key, self::$knownFields)) {
             $formVarLen--;
         }
     }
     if ($formVarLen <= 0) {
         return true;
     }
     if (($checksum = $request->getVar(self::CHECKSUM)) == '') {
         $request->clear();
         if (Cfg::get('jb_tamper_detail', false)) {
             return 'Checksum Variable Missing from the request.';
         } else {
             self::$log->error('Checksum Variable Missing from the request: ' . $_SERVER['SCRIPT_NAME']);
             return false;
         }
     } else {
         if (!is_array($checksum)) {
             $request->clear();
             if (Cfg::get('jb_tamper_detail', false)) {
                 return 'Checksum Variable not an array.';
             } else {
                 self::$log->error('Checksum Variable not an array: ' . $_SERVER['SCRIPT_NAME']);
                 return false;
             }
         } else {
             if (count($checksum) != 2) {
                 $request->clear();
                 if (Cfg::get('jb_tamper_detail', false)) {
                     return 'Checksum Variable not 2 elements.';
                 } else {
                     self::$log->error('Checksum Variable not 2 elements: ' . $_SERVER['SCRIPT_NAME']);
                     return false;
                 }
             } else {
                 if (!empty($checksum[0])) {
                     $keys = explode(',', $checksum[0]);
                     $allVariablesJoined = $checksum[0];
                     foreach ($keys as $key) {
                         $allVariablesJoined .= $request->getRaw($key);
                     }
                 } else {
                     $allVariablesJoined = '';
                 }
                 if (md5($allVariablesJoined) != $checksum[1]) {
                     $request->clear();
                     if (Cfg::get('jb_tamper_detail', false)) {
                         return 'Checksum failed md5(' . $allVariablesJoined . ')<>' . $checksum[1];
                     } else {
                         self::$log->error('The checksum has failed. The request variables have been tampered: ' . $_SERVER['SCRIPT_NAME']);
                         return false;
                     }
                     self::$log->error('The checksum has failed. The request variables have been tampered. ' . $_SERVER['SCRIPT_NAME']);
                 } else {
                     return true;
                 }
             }
         }
     }
 }
Esempio n. 30
0
?>
</td>
                            <td width="100%"    align="center">
                                &copy; <?php 
echo date('Y');
?>
.
                                Created by <a href="<?php 
echo Cfg::get('site_url');
?>
"><?php 
echo Cfg::get('title');
?>
</a>
                                <?php 
echo Cfg::get('copyright');
?>
                            </td>
                            <td nowrap="nowrap" align="right">
                                <?php 
echo $pageTimer->logLoadTime();
?>
                            </td>
                        </tr>
                    </table>
                </td>
            </tr>
        </table>
        <?php 
/* <script src="//cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/js/bootstrap.min.js"></script> */
?>