/**
* Log user out and forward to homepage (or via helper method if needed).
*
* @access public
* @param none
* @return void
**/
public function index()
{
// If already logged out just send them silently on their way
if (!$this->user_model->is_logged_in()) {
redirect('/');
}
// --------------------------------------------------------------------------
// Handle flashdata, if there's anything there pass it along as GET variables.
// We're about to destroy the session so they'll go bye-bye unless we do
// something with 'em.
$_flash = array();
$_flash['name'] = active_user('first_name');
$_flash['success'] = $this->session->flashdata('success');
$_flash['error'] = $this->session->flashdata('error');
$_flash['notice'] = $this->session->flashdata('notice');
$_flash['message'] = $this->session->flashdata('message');
// --------------------------------------------------------------------------
// Generate an event for this log in
create_event('did_log_out', active_user('id'));
// --------------------------------------------------------------------------
// Log user out
$this->auth_model->logout();
// --------------------------------------------------------------------------
// Redirect via helper method
redirect('auth/logout/bye?' . http_build_query($_flash));
}
function new_pot()
{
if (!empty($_POST['new_event_name']) && !empty($_POST['new_event_loc'])) {
// CREATE EVENT
create_event($_POST['new_event_name'], $_POST['new_event_loc']);
$pid = latest_event_id();
} else {
$pid = $_POST['event_id'];
}
if (create_pot($_POST['title'], $_POST['currency'], $pid)) {
$pot = get_last_pot();
my_exit("success", "Pot created", $pot);
} else {
my_exit("error", "Could not create pot");
}
}
font-size:300%;
font-family:sans-serif;
}
</style>';*/
echo "Your Event has been submitted and will be reviewed for confirmation. Please stay updated!<br><br>Your Requested Event: <p id='sub_label' >" . $event_title . '<br>On a ';
//echo $showcase_day."</p><a href='http://freelabel.net/submit/'>Return to Dashboard</a><br><br><br><br><br><br>";
//echo '<script>
// window.location.assign("http://freelabel.net/?ctrl=booking");
// </script>';
exit;
} else {
echo "Error creating database entry: " . mysqli_error($con);
}
}
}
create_event();
// DISPLAY SHOWCASE SCHEDULES
include '../../../inc/connection.php';
$result = mysqli_query($con, "SELECT * FROM schedule ORDER BY `showcase_day` DESC LIMIT 20");
if (mysqli_fetch_array($result) == false) {
echo '<p id="joinbutton">';
echo 'You have no showcases or events booked.
</p>';
} else {
/* ------------------------------------------------------------------------
------------------------------------------------------------------------ */
if ($user_name == "admin" or $user_name_session == 'sales' or $user_name_session == 'mia' or $user_name_session == 'blog' or $user_name_session == 'booking') {
// ADMIN EVENT DISPLAY
$result = mysqli_query($con, "SELECT * FROM schedule WHERE `active` NOT LIKE '%3%' ORDER BY `showcase_day`");
} else {
public function _remap()
{
if ($this->config->item('auth_two_factor_enable')) {
$_return_to = $this->input->get('return_to', TRUE);
$_remember = $this->input->get('remember', TRUE);
$_user_id = $this->uri->segment(3);
$_user = $this->user_model->get_by_id($_user_id);
if (!$_user) {
$this->session->set_flashdata('error', lang('auth_twofactor_token_unverified'));
if ($_return_to) {
redirect('auth/login?return_to=' . $_return_to);
return;
} else {
redirect('auth/login');
return;
}
}
$_salt = $this->uri->segment(4);
$_token = $this->uri->segment(5);
$_ip = $this->input->ip_address();
$_login_method = $this->uri->segment(6) ? $this->uri->segment(6) : 'native';
// Safety first
switch ($_login_method) {
case 'facebook':
case 'twitter':
case 'linkedin':
case 'native':
// All good, homies.
break;
default:
$_login_method = 'native';
break;
}
if ($this->auth_model->verify_two_factor_token($_user->id, $_salt, $_token, $_ip)) {
// Token is valid, generate a new one for the next request
$this->data['token'] = $this->auth_model->generate_two_factor_token($_user->id);
// Set data for the views
$this->data['user_id'] = $_user->id;
$this->data['login_method'] = $_login_method;
$this->data['return_to'] = $_return_to;
$this->data['remember'] = $_remember;
if ($this->input->post('answer')) {
// Validate the answer, if correct then log user in and forward, if not
// then generate a new token and show errors
$this->data['question'] = $this->user_model->get_security_question($_user->id);
$_valid = $this->user_model->validate_security_answer($this->data['question']->id, $_user->id, $this->input->post('answer'));
if ($_valid) {
// Set login data for this user
$this->user_model->set_login_data($_user->id);
// If we're remembering this user set a cookie
if ($_remember) {
$this->user_model->set_remember_cookie($_user->id, $_user->password, $_user->email);
}
// Update their last login and increment their login count
$this->user_model->update_last_login($_user->id);
// --------------------------------------------------------------------------
// Generate an event for this log in
create_event('did_log_in', $_user->id, 0, NULL, array('method' => $_login_method));
// --------------------------------------------------------------------------
// Say hello
if ($_user->last_login) {
$this->load->helper('date');
$_last_login = $this->config->item('auth_show_nicetime_on_login') ? nice_time(strtotime($_user->last_login)) : user_datetime($_user->last_login);
if ($this->config->item('auth_show_last_ip_on_login')) {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_with_ip', array($_user->first_name, $_last_login, $_user->last_ip)));
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome', array($_user->first_name, $_last_login)));
}
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_notime', array($_user->first_name)));
}
// --------------------------------------------------------------------------
// Delete the token we generated, its no needed, eh!
$this->auth_model->delete_two_factor_token($this->data['token']['id']);
// --------------------------------------------------------------------------
$_redirect = $_return_to != site_url() ? $_return_to : $_user->group_homepage;
redirect($_redirect);
return;
} else {
$this->data['error'] = lang('auth_twofactor_answer_incorrect');
// Ask away cap'n!
$this->data['page']->title = lang('auth_twofactor_answer_title');
$this->load->view('structure/header', $this->data);
$this->load->view('auth/security_question/ask', $this->data);
$this->load->view('structure/footer', $this->data);
}
} else {
// Determine whether the user has any security questions set
$this->data['question'] = $this->user_model->get_security_question($_user->id);
if ($this->data['question']) {
// Ask away cap'n!
$this->data['page']->title = 'Security Question';
$this->load->view('structure/header', $this->data);
$this->load->view('auth/security_question/ask', $this->data);
$this->load->view('structure/footer', $this->data);
} else {
// Auth config stuffz
$this->data['questions'] = $this->config->item('auth_two_factor_questions');
$this->data['num_questions'] = count($this->data['questions']) < $this->config->item('auth_two_factor_num_questions') ? count($this->data['questions']) : $this->config->item('auth_two_factor_num_questions');
$this->data['num_custom_questions'] = $this->config->item('auth_two_factor_num_custom_question');
if ($this->data['num_questions'] + $this->data['num_custom_questions'] <= 0) {
show_fatal_error('Two-factor auth is enabled, but no questions available', 'A user tried to set security questions but there are no questions available for them to choose. Please ensure auth.php is configured correctly.');
}
if ($this->input->post()) {
$this->load->library('form_validation');
for ($i = 0; $i < $this->data['num_questions']; $i++) {
$this->form_validation->set_rules('question[' . $i . '][question]', '', 'xss_clean|required|is_natural_no_zero');
$this->form_validation->set_rules('question[' . $i . '][answer]', '', 'xss_clean|trim|required');
}
for ($i = 0; $i < $this->data['num_custom_questions']; $i++) {
$this->form_validation->set_rules('custom_question[' . $i . '][question]', '', 'xss_clean|trim|required');
$this->form_validation->set_rules('custom_question[' . $i . '][answer]', '', 'xss_clean|trim|required');
}
$this->form_validation->set_message('required', lang('fv_required'));
$this->form_validation->set_message('is_natural_no_zero', lang('fv_required'));
if ($this->form_validation->run()) {
// Make sure that we have different questions
$_question_index = array();
$_question = (array) $this->input->post('question');
$_error = FALSE;
foreach ($_question as $q) {
if (array_search($q['question'], $_question_index) === FALSE) {
$_question_index[] = $q['question'];
} else {
$_error = TRUE;
break;
}
}
$_question_index = array();
$_question = (array) $this->input->post('custom_question');
foreach ($_question as $q) {
if (array_search($q['question'], $_question_index) === FALSE) {
$_question_index[] = $q['question'];
} else {
$_error = TRUE;
break;
}
}
if (!$_error) {
// Good arrows. Save questions
$_data = array();
if ($this->input->post('question')) {
foreach ($this->input->post('question') as $q) {
$_temp = new stdClass();
$_temp->question = isset($this->data['questions'][$q['question'] - 1]) ? $this->data['questions'][$q['question'] - 1] : NULL;
$_temp->answer = $q['answer'];
$_data[] = $_temp;
}
}
if ($this->input->post('custom_question')) {
foreach ((array) $this->input->post('custom_question') as $q) {
$_temp = new stdClass();
$_temp->question = trim($q['question']);
$_temp->answer = $q['answer'];
$_data[] = $_temp;
}
}
if ($this->user_model->set_security_questions($_user->id, $_data)) {
// Set login data for this user
$this->user_model->set_login_data($_user->id);
// If we're remembering this user set a cookie
if ($_remember) {
$this->user_model->set_remember_cookie($_user->id, $_user->password, $_user->email);
}
// Update their last login and increment their login count
$this->user_model->update_last_login($_user->id);
// --------------------------------------------------------------------------
// Generate an event for this log in
create_event('did_log_in', $_user->id, 0, NULL, array('method' => $_login_method));
// --------------------------------------------------------------------------
// Say hello
if ($_user->last_login) {
$this->load->helper('date');
$_last_login = $this->config->item('auth_show_nicetime_on_login') ? nice_time(strtotime($_user->last_login)) : user_datetime($_user->last_login);
if ($this->config->item('auth_show_last_ip_on_login')) {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_with_ip', array($_user->first_name, $_last_login, $_user->last_ip)));
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome', array($_user->first_name, $_last_login)));
}
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_notime', array($_user->first_name)));
}
// --------------------------------------------------------------------------
// Delete the token we generated, its no needed, eh!
$this->auth_model->delete_two_factor_token($this->data['token']['id']);
// --------------------------------------------------------------------------
$_redirect = $_return_to != site_url() ? $_return_to : $_user->group_homepage;
redirect($_redirect);
return;
} else {
$this->data['error'] = lang('auth_twofactor_question_set_fail') . ' ' . $this->user_model->last_error();
}
} else {
$this->data['error'] = lang('auth_twofactor_question_unique');
}
} else {
$this->data['error'] = lang('fv_there_were_errors');
}
}
// No questions, request they set them
$this->data['page']->title = lang('auth_twofactor_question_set_title');
$this->load->view('structure/header', $this->data);
$this->load->view('auth/security_question/set', $this->data);
$this->load->view('structure/footer', $this->data);
}
}
} else {
$this->session->set_flashdata('error', lang('auth_twofactor_token_unverified'));
$_query = array();
$_query['return_to'] = $_return_to;
$_query['remember'] = $_remember;
$_query = array_filter($_query);
if ($_query) {
$_query = '?' . http_build_query($_query);
} else {
$_query = '';
}
redirect('auth/login' . $_query);
}
} else {
show_404();
}
}
$app->put('', $check_token_exists, $decode_body, function ($calendar_id, $username) {
edit_member($username, $calendar_id);
});
$app->delete('', $check_token_exists, function ($calendar_id, $username) {
delete_member($username, $calendar_id);
});
});
});
$app->group('/events', function () use($app) {
global $check_token_exists;
global $decode_body;
$app->get('', $check_token_exists, function ($calendar_id) {
get_events($calendar_id);
});
$app->post('', $check_token_exists, $decode_body, function ($calendar_id) {
create_event($calendar_id);
});
$app->group('/:event_id', function () use($app) {
global $check_token_exists;
global $decode_body;
$app->get('', $check_token_exists, function ($calendar_id, $event_id) {
get_event($calendar_id, $event_id);
});
$app->put('', $check_token_exists, $decode_body, function ($calendar_id, $event_id) {
edit_event($calendar_id, $event_id);
});
$app->delete('', $check_token_exists, function ($calendar_id, $event_id) {
delete_event($calendar_id, $event_id);
});
});
});
?>
<br />
<?php
echo create_link("中文", "process.php?act=ChangeLocale&locale=cn");
?>
| <?php
echo create_link("English", "process.php?act=ChangeLocale&locale=en");
?>
| <?php
echo create_link(_("Archives"), "http://bbs.sysu.edu.cn/bbs0an?path=boards/ACMICPC/D.1044598815.A/D.1111840644.A", _("Archives about sicily"));
?>
| <?php
echo create_link(_("Help"), "faq.php", _("Submittion guileline etc."));
?>
| <?php
echo create_event("About", '$("#about").show()');
?>
<br>
<?php
echo _("Copyright © 2005-2011 Informatic Lab in SYSU. All rights reserved.");
?>
</p>
<?php
if (is_debug_mode()) {
printf("<strong><p>" . round((microtime(true) - $startTime) * 1000) . " ms</p></strong>");
}
?>
/**
* Create a new user, needs to interrupt the authentication flow to request specific details from the user
*
* @access public
* @param object $access_token The users access token
* @return void
**/
protected function _create_user($access_token)
{
// Attempt the registration
$_data = array();
$_data['email'] = $access_token->email;
$_data['username'] = $access_token->email;
$_data['password'] = NULL;
$_data['li_id'] = $access_token->user_id;
$_data['li_token'] = $access_token->access_token;
$_data['auth_method_id'] = 'linkedin';
$_data['first_name'] = trim($access_token->first_name);
$_data['last_name'] = trim($access_token->last_name);
$_data['email_is_verified'] = TRUE;
// Trust the email from LinkedIn
// --------------------------------------------------------------------------
// Generate a username based on their name
if (!empty($access_token->first_name) && !empty($access_token->last_name)) {
// No handle, odd, try their name, keep trying it till it works
$_data['username'] = url_title($access_token->first_name . ' ' . $access_token->last_name, '-', TRUE);
$_user = $this->user_model->get_by_username($_data['username']);
while ($_user) {
$_data['username'] = increment_string(url_title($access_token->first_name . ' ' . $access_token->last_name, '-', TRUE), '');
$_user = $this->user_model->get_by_username($_data['username']);
}
} else {
// Random string
$_data['username'] = '******' . date('YmdHis');
$_user = $this->user_model->get_by_username($_data['username']);
while ($_user) {
$_data['username'] = increment_string($_data['username'], '');
$_user = $this->user_model->get_by_username($_data['username']);
}
}
// --------------------------------------------------------------------------
// Handle referrals
if ($this->session->userdata('referred_by')) {
$_data['referred_by'] = $this->session->userdata('referred_by');
}
// --------------------------------------------------------------------------
// Which group?
// If there's a register_token set, use that if not fall back to the default
if (!empty($this->_register_token['group'])) {
$_data['group_id'] = $this->_register_token['group'];
} else {
$_data['group_id'] = $this->user_group_model->get_default_group_id();
}
// Create new user
$_new_user = $this->user_model->create($_data);
if ($_new_user) {
// Fetch group data
$_group = $this->user_group_model->get_by_id($_data['group_id']);
// --------------------------------------------------------------------------
// Send the user the welcome email (that is, if there is one)
if ($_new_user->email) {
$this->load->library('emailer');
$_email = new stdClass();
$_email->type = 'new_user_' . $_group->id;
$_email->to_id = $_new_user->id;
$_email->data = array();
$_email->data['method'] = 'linkedin';
if (!$this->emailer->send($_email, TRUE)) {
// Failed to send using the group email, try using the generic email template
$_email->type = 'new_user';
if (!$this->emailer->send($_email, TRUE)) {
// Email failed to send, musn't exist, oh well.
}
}
}
// --------------------------------------------------------------------------
// Log the user in
$this->user_model->set_login_data($_new_user->id);
// --------------------------------------------------------------------------
// Create an event for this event
create_event('did_register', $_new_user->id, 0, NULL, array('method' => 'linkedin'));
// --------------------------------------------------------------------------
// Delete register token
delete_cookie('liRegisterToken');
// --------------------------------------------------------------------------
// Redirect
$this->session->set_flashdata('success', lang('auth_social_register_ok', $_new_user->first_name));
$this->session->set_flashdata('from_linkedin', TRUE);
// Registrations will be forced to the registration redirect, regardless of
// what else has been set
if ($this->_register_use_return) {
$_redirect = $this->_return_to;
} else {
$_redirect = $_group->registration_redirect ? $_group->registration_redirect : $_group->default_homepage;
}
$this->_redirect($_redirect);
return;
}
}
/**
* Display registration form, validate data and create user
*
* @access public
* @param none
* @return void
**/
public function index()
{
// If you're logged in you shouldn't be accessing this method
if ($this->user_model->is_logged_in()) {
$this->session->set_flashdata('error', lang('auth_no_access_already_logged_in', active_user('email')));
redirect('/');
}
// --------------------------------------------------------------------------
// If there's POST data attempt to log user in
if ($this->input->post()) {
// Validate input
$this->form_validation->set_rules('first_name', '', 'required|xss_clean');
$this->form_validation->set_rules('last_name', '', 'required|xss_clean');
$this->form_validation->set_rules('password', '', 'required|xss_clean');
if (APP_NATIVE_LOGIN_USING == 'EMAIL') {
$this->form_validation->set_rules('email', '', 'xss_clean|required|valid_email|is_unique[' . NAILS_DB_PREFIX . 'user_email.email]');
if ($this->input->post('username')) {
$this->form_validation->set_rules('email', '', 'xss_clean|is_unique[' . NAILS_DB_PREFIX . 'user.username]');
}
} elseif (APP_NATIVE_LOGIN_USING == 'USERNAME') {
$this->form_validation->set_rules('username', '', 'xss_clean|required|is_unique[' . NAILS_DB_PREFIX . 'user.username]');
if ($this->input->post('email')) {
$this->form_validation->set_rules('email', '', 'xss_clean|valid_email|is_unique[' . NAILS_DB_PREFIX . 'user_email.email]');
}
} elseif (APP_NATIVE_LOGIN_USING == 'BOTH') {
$this->form_validation->set_rules('email', '', 'xss_clean|required|valid_email|is_unique[' . NAILS_DB_PREFIX . 'user_email.email]');
$this->form_validation->set_rules('username', '', 'xss_clean|required|is_unique[' . NAILS_DB_PREFIX . 'user.username]');
}
// --------------------------------------------------------------------------
// Change default messages
$this->form_validation->set_message('required', lang('fv_required'));
$this->form_validation->set_message('valid_email', lang('fv_valid_email'));
if (APP_NATIVE_LOGIN_USING == 'EMAIL') {
$this->form_validation->set_message('is_unique', lang('auth_register_email_is_unique', site_url('auth/forgotten_password')));
} elseif (APP_NATIVE_LOGIN_USING == 'USERNAME') {
$this->form_validation->set_message('is_unique', lang('auth_register_username_is_unique', site_url('auth/forgotten_password')));
} elseif (APP_NATIVE_LOGIN_USING == 'BOTH') {
$this->form_validation->set_message('is_unique', lang('auth_register_identity_is_unique', site_url('auth/forgotten_password')));
}
// --------------------------------------------------------------------------
// Run validation
if ($this->form_validation->run()) {
// Attempt the registration
$_data = array();
$_data['email'] = $this->input->post('email');
$_data['username'] = $this->input->post('username');
$_data['group_id'] = $this->user_group_model->get_default_group_id();
$_data['password'] = $this->input->post('password');
$_data['first_name'] = $this->input->post('first_name');
$_data['last_name'] = $this->input->post('last_name');
// --------------------------------------------------------------------------
// Handle referrals
if ($this->session->userdata('referred_by')) {
$_data['referred_by'] = $this->session->userdata('referred_by');
}
// --------------------------------------------------------------------------
// Create new user
$_new_user = $this->user_model->create($_data);
if ($_new_user) {
// Fetch user and group data
$_group = $this->user_group_model->get_by_id($_data['group_id']);
// --------------------------------------------------------------------------
// Log the user in
$this->user_model->set_login_data($_new_user->id);
// --------------------------------------------------------------------------
// Create an event for this event
create_event('did_register', $_new_user->id, 0, NULL, array('method' => 'native'));
// --------------------------------------------------------------------------
// Redirect to the group homepage
// TODO: There should be the option to enable/disable forced activation
$this->session->set_flashdata('success', lang('auth_register_flashdata_welcome', $_new_user->first_name));
$_redirect = $_group->registration_redirect ? $_group->registration_redirect : $_group->default_homepage;
redirect($_redirect);
return;
} else {
$this->data['error'] = 'Could not create new user account. ' . $this->user_model->last_error();
}
} else {
$this->data['error'] = lang('fv_there_were_errors');
}
}
// --------------------------------------------------------------------------
// Load the views
$this->load->view('structure/header', $this->data);
$this->load->view('auth/register/form', $this->data);
$this->load->view('structure/footer', $this->data);
}
require_once 'settings.php';
require_once 'lib.php';
// 1. Expire cookie in 90 days
$expire = time()+60*60*24*90;
// 2. Expire the cookie NOW! (for testing)
//setcookie("remora", 0, time()-1000*60*60 );
// check for a session cookie
if(!isset($_COOKIE["remora"])) {
// create a new visitor cookie
$visitor_id = create_visitor();
setcookie("remora", $visitor_id, $expire );
}else {
$visitor_id = $_COOKIE["remora"];
}
// track the event
$curr_url = parse_url( urldecode( $_REQUEST["current"] ) );
$refr_url = urldecode( $_REQUEST["referrer"] );
create_event($visitor_id, $curr_url, $refr_url);
print "visitorid=$visitor_id\n";
?>
/**
* Create a new user from FB Details
*
* @access public
* @param object $user The user's basic userobject
* @return void
**/
protected function _create_user($me)
{
// Attempt the registration
$_data = array();
$_data['email'] = $me['email'];
$_data['username'] = $me['username'];
$_data['password'] = NULL;
$_data['first_name'] = $me['first_name'];
$_data['last_name'] = $me['last_name'];
$_data['fb_id'] = $me['id'];
$_data['fb_token'] = $this->fb->getAccessToken();
$_data['auth_method_id'] = 'facebook';
$_data['email_is_verified'] = TRUE;
// Trust the email from Facebook
// --------------------------------------------------------------------------
// Set username, ensure it's valid.
if (!empty($_me[0]->screen_name)) {
// Check if their Facebook username is available
$_data['username'] = $me['username'];
$_user = $this->user_model->get_by_username($_data['username']);
while ($_user) {
$_data['username'] = increment_string($me['username'], '');
$_user = $this->user_model->get_by_username($_data['username']);
}
} elseif (!empty($me['first_name']) && !empty($me['last_name'])) {
// No handle, odd, try their name, keep trying it till it works
$_data['username'] = url_title($me['first_name'] . ' ' . $me['last_name'], '-', TRUE);
$_user = $this->user_model->get_by_username($_data['username']);
while ($_user) {
$_data['username'] = increment_string(url_title($me['first_name'] . ' ' . $me['last_name'], '-', TRUE), '');
$_user = $this->user_model->get_by_username($_data['username']);
}
} else {
// Random string
$_data['username'] = '******' . date('YmdHis');
$_user = $this->user_model->get_by_username($_data['username']);
while ($_user) {
$_data['username'] = increment_string($_data['username'], '');
$_user = $this->user_model->get_by_username($_data['username']);
}
}
// --------------------------------------------------------------------------
// Use gender, if supplied
if (isset($me['gender'])) {
if ($me['gender'] == 'male') {
$_data['gender'] = 'male';
} elseif ($me['gender'] == 'female') {
$_data['gender'] = 'female';
}
}
// --------------------------------------------------------------------------
// Handle referrals
if ($this->session->userdata('referred_by')) {
$_data['referred_by'] = $this->session->userdata('referred_by');
}
// --------------------------------------------------------------------------
// Which group?
// If there's a register_token set, use that if not fall back to the default
if (!empty($this->_register_token['group'])) {
$_data['group_id'] = $this->_register_token['group'];
} else {
$_data['group_id'] = $this->user_group_model->get_default_group_id();
}
// Create new user
$_new_user = $this->user_model->create($_data);
if ($_new_user) {
// Fetch group data
$_group = $this->user_group_model->get_by_id($_data['group_id']);
// --------------------------------------------------------------------------
// Send the user the welcome email (that is, if there is one)
if ($_new_user->email) {
$this->load->library('emailer');
$_email = new stdClass();
$_email->type = 'new_user_' . $_group->id;
$_email->to_id = $_new_user->id;
$_email->data = array();
$_email->data['method'] = 'facebook';
if (!$this->emailer->send($_email, TRUE)) {
// Failed to send using the group email, try using the generic email template
$_email->type = 'new_user';
if (!$this->emailer->send($_email, TRUE)) {
// Email failed to send, musn't exist, oh well.
}
}
}
// --------------------------------------------------------------------------
// Log the user in
$this->user_model->set_login_data($_new_user->id);
// --------------------------------------------------------------------------
// Create an event for this event
create_event('did_register', $_new_user->id, 0, NULL, array('method' => 'facebook'));
// --------------------------------------------------------------------------
// Redirect
$this->session->set_flashdata('success', lang('auth_social_register_ok', $_new_user->first_name));
$this->session->set_flashdata('from_facebook', TRUE);
// Registrations will be forced to the registration redirect, regardless of
// what else has been set_error_handler
if ($this->_register_use_return) {
$_redirect = $this->_return_to;
} else {
$_redirect = $_group->registration_redirect ? $_group->registration_redirect : $_group->default_homepage;
}
$this->_redirect($_redirect);
return;
}
}
public function logout()
{
// Only create the event if the user is logged in
if ($this->user_model->is_logged_in()) {
// Generate an event for this log in
create_event('did_log_out', active_user('id'));
// --------------------------------------------------------------------------
// Log user out
$this->auth_model->logout();
}
// --------------------------------------------------------------------------
$this->_out();
}
$db = get_db_connection();
if (isset($_SERVER['CONTENT_TYPE']) && strpos($_SERVER['CONTENT_TYPE'], 'application/json') !== false) {
//Process the batched data, separated json objects by new lines
$batchData = file("php://input", FILE_IGNORE_NEW_LINES);
log_("NOTICE", mysql_real_escape_string(print_r($batchData, true)));
foreach ($batchData as $jsonData) {
create_event($config, json_decode($jsonData, true), $db);
}
} else {
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
log_("NOTICE", mysql_real_escape_string(http_build_query($_POST)));
create_event($config, $_POST, $db);
} else {
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'GET') {
log_("NOTICE", mysql_real_escape_string(http_build_query($_GET)));
create_event($config, $_GET, $db);
} else {
error_out(400, "Only POST, GET, and application/json requests supported.");
}
}
}
//Return the success code to SendGrid
//We would have died already if something went wrong
header("HTTP/1.1 200:", true, 200);
echo "SUCCESS";
function create_event($config, $data, $db)
{
// The combination of event specific, basic, and unique keys creates a set
// of required key values that we can use to strictly validate the data source.
$event_keys = array('bounce' => array('reason', 'type', 'status', 'smtp-id', 'sg_message_id'), 'click' => array('url', 'ip', 'useragent'), 'deferred' => array('response', 'attempt', 'smtp-id', 'sg_event_id'), 'delivered' => array('response', 'smtp-id', 'sg_event_id'), 'dropped' => array('reason', 'smtp-id'), 'open' => array('ip', 'useragent'), 'processed' => array('smtp-id', 'sg_event_id', 'sg_message_id'), 'spamreport' => array('sg_message_id'), 'unsubscribe' => array());
$basic_keys = array('email', 'event', 'category', 'timestamp');
<?php
session_start();
if (isset($_POST["submit"]) and !empty($_POST["box"])) {
$id = $_SESSION['id'];
$rollno = $_SESSION['rollno'];
$event = $_POST['box'];
include "db.php";
$connectionStatus = connect_db();
$result = create_event($connectionStatus, $id, $rollno, $event);
if ($result) {
header("Location: events.php?id=&v=Success");
} else {
echo "Error";
}
header("Location: events.php");
} else {
header("Location: events.php?id=error&v=Error: All fields mandatory");
}
/**
* Validate data and log the user in.
*
* @access public
* @param none
* @return void
**/
public function index()
{
// If you're logged in you shouldn't be accessing this method
if ($this->user_model->is_logged_in()) {
$this->session->set_flashdata('error', lang('auth_no_access_already_logged_in', active_user('email')));
redirect($this->data['return_to']);
}
// --------------------------------------------------------------------------
// If there's POST data attempt to log user in
if ($this->input->post()) {
// Validate input
// The rules vary depending on what login methods are enabled.
switch (APP_NATIVE_LOGIN_USING) {
case 'EMAIL':
$this->form_validation->set_rules('identifier', 'Email', 'required|xss_clean|trim|valid_email');
break;
// --------------------------------------------------------------------------
// --------------------------------------------------------------------------
case 'USERNAME':
$this->form_validation->set_rules('identifier', 'Username', 'required|xss_clean|trim');
break;
// --------------------------------------------------------------------------
// --------------------------------------------------------------------------
case 'BOTH':
default:
$this->form_validation->set_rules('identifier', 'Username or Email', 'xss_clean|trim');
break;
}
// Password is always required, obviously.
$this->form_validation->set_rules('password', 'Password', 'required|xss_clean');
$this->form_validation->set_message('required', lang('fv_required'));
$this->form_validation->set_message('valid_email', lang('fv_valid_email'));
if ($this->form_validation->run()) {
// Attempt the log in
$_identifier = $this->input->post('identifier');
$_password = $this->input->post('password');
$_remember = (bool) $this->input->post('remember');
$_login = $this->auth_model->login($_identifier, $_password, $_remember);
if ($_login) {
/**
* User was recognised and permitted to log in. Final check to
* determine whether they are using a temporary password or not.
*
* $login will be an array containing the keys first_name, last_login, homepage;
* the key temp_pw will be present if they are using a temporary password.
*
**/
if (isset($_login['temp_pw'])) {
/**
* Temporary password detected, log user out and redirect to
* temp password reset page.
*
* temp_pw will be an array containing the user's ID and hash
*
**/
$_query = array();
if ($this->data['return_to']) {
$_query['return_to'] = $this->data['return_to'];
}
// Log the user out and remove the 'remember me' cookie - if we don't do this then the password reset
// page will see a logged in user and go nuts (i.e error).
if ($_remember) {
$_query['remember'] = TRUE;
}
$_query = $_query ? '?' . http_build_query($_query) : '';
$this->auth_model->logout();
redirect('auth/reset_password/' . $_login['temp_pw']['id'] . '/' . $_login['temp_pw']['hash'] . $_query);
return;
} elseif ($this->config->item('auth_two_factor_enable')) {
$_query = array();
if ($this->data['return_to']) {
$_query['return_to'] = $this->data['return_to'];
}
if ($_remember) {
$_query['remember'] = TRUE;
}
$_query = $_query ? '?' . http_build_query($_query) : '';
// Login was successful, redirect to the security questions page
redirect('auth/security_questions/' . $_login['user_id'] . '/' . $_login['two_factor_auth']['salt'] . '/' . $_login['two_factor_auth']['token'] . $_query);
} else {
// Finally! Send this user on their merry way...
$_first_name = $_login['first_name'];
if ($_login['last_login']) {
$this->load->helper('date');
$_last_login = $this->config->item('auth_show_nicetime_on_login') ? nice_time(strtotime($_login['last_login'])) : user_datetime($_login['last_login']);
if ($this->config->item('auth_show_last_ip_on_login')) {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_with_ip', array($_first_name, $_last_login, $_login['last_ip'])));
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome', array($_first_name, $_last_login)));
}
} else {
$this->session->set_flashdata('message', lang('auth_login_ok_welcome_notime', array($_first_name)));
}
$_redirect = $this->data['return_to'] != site_url() ? $this->data['return_to'] : $_login['homepage'];
// --------------------------------------------------------------------------
// Generate an event for this log in
create_event('did_log_in', $_login['user_id'], 0, NULL, array('method' => 'native'));
// --------------------------------------------------------------------------
redirect($_redirect);
return;
}
} else {
// Login failed
$this->data['error'] = $this->auth_model->get_errors();
}
} else {
$this->data['error'] = lang('fv_there_were_errors');
}
}
// --------------------------------------------------------------------------
// Load the views
$this->load->view('structure/header', $this->data);
$this->load->view('auth/login/form', $this->data);
$this->load->view('structure/footer', $this->data);
}
$header = array('Authorization' => $_SESSION['token'], 'Content-Type' => 'application/json', 'Accept' => 'application/json');
$response = $client->fetch($baseApiUrl . '/api/v1/people/' . $details['id'], json_encode($params), 'PUT', $header, 0);
header('Location: index.php');
}
function update_event($details)
{
global $client, $baseApiUrl, $baseSiteSlug;
$params = array('event' => array('name' => $details['name'], 'status' => $details['status'], 'start_time' => $details['start_time'], 'end_time' => $details['end_time']));
$header = array('Authorization' => $_SESSION['token'], 'Content-Type' => 'application/json', 'Accept' => 'application/json');
$response = $client->fetch($baseApiUrl . '/api/v1/sites/' . $baseSiteSlug . '/pages/events/' . $details['id'], json_encode($params), 'PUT', $header, 0);
header('Location: index.php');
}
function delete_person($id)
{
global $client, $baseApiUrl;
$response = $client->fetch($baseApiUrl . '/api/v1/people/' . $id, array(), 'DELETE');
header('Location: index.php');
}
if (isset($_GET['create']) && $_GET['create'] == 'create') {
create_person($_GET);
} elseif (isset($_GET['update']) && $_GET['update'] == 'update') {
update_person($_GET);
} elseif (isset($_GET['delete'])) {
delete_person($_GET['delete']);
} elseif (isset($_GET['updateEvent'])) {
if (isset($_GET['id'])) {
update_event($_GET);
} else {
create_event($_GET);
}
}
/**
* Create a new user, needs to interrupt the authentication flow to request specific details from the user
*
* @access public
* @param object $access_token The users access token
* @return void
**/
protected function _create_user($access_token)
{
// Fetch some information about this user
$_me = (array) $this->tw->users_lookup('user_id=' . $access_token->user_id);
// Try and determine the user's first name and surname
if (isset($_me[0]->name)) {
$this->data['first_name'] = trim(substr($_me[0]->name, 0, strpos($_me[0]->name, ' ')));
$this->data['last_name'] = trim(substr($_me[0]->name, strpos($_me[0]->name, ' ')));
} else {
$this->data['first_name'] = '';
$this->data['last_name'] = '';
}
// --------------------------------------------------------------------------
// Set the user's username as their Twitter handle, check it's available, if
// it's not, try their name. If that fails stick a random number on the end
// of their handle
if (!empty($_me[0]->screen_name)) {
// Check if their Twitter handle is available
$this->data['username'] = url_title($_me[0]->screen_name, '-', TRUE);
$_user = $this->user_model->get_by_username($this->data['username']);
while ($_user) {
$this->data['username'] = increment_string(url_title($_me[0]->screen_name, '-', TRUE), '');
$_user = $this->user_model->get_by_username($this->data['username']);
}
} elseif (!empty($_me[0]->name)) {
// No handle, odd, try their name, keep trying it till it works
$this->data['username'] = url_title($_me[0]->name, '-', TRUE);
$_user = $this->user_model->get_by_username($this->data['username']);
while ($_user) {
$this->data['username'] = increment_string(url_title($_me[0]->name, '-', TRUE), '');
$_user = $this->user_model->get_by_username($this->data['username']);
}
} else {
// Random string
$this->data['username'] = '******' . date('YmdHis');
$_user = $this->user_model->get_by_username($this->data['username']);
while ($_user) {
$this->data['username'] = increment_string($this->data['username'], '');
$_user = $this->user_model->get_by_username($this->data['username']);
}
}
// --------------------------------------------------------------------------
if ($this->input->post()) {
// Validate the form and attempt the registration
$this->load->library('form_validation');
// Set rules
if (APP_NATIVE_LOGIN_USING == 'EMAIL') {
$this->form_validation->set_rules('email', '', 'xss_clean|required|valid_email|is_unique[' . NAILS_DB_PREFIX . 'user_email.email]');
if ($this->input->post('username')) {
$this->form_validation->set_rules('email', '', 'xss_clean|is_unique[' . NAILS_DB_PREFIX . 'user.username]');
}
} elseif (APP_NATIVE_LOGIN_USING == 'USERNAME') {
$this->form_validation->set_rules('username', '', 'xss_clean|required|is_unique[' . NAILS_DB_PREFIX . 'user.username]');
if ($this->input->post('email')) {
$this->form_validation->set_rules('email', '', 'xss_clean|valid_email|is_unique[' . NAILS_DB_PREFIX . 'user_email.email]');
}
} elseif (APP_NATIVE_LOGIN_USING == 'BOTH') {
$this->form_validation->set_rules('email', '', 'xss_clean|required|valid_email|is_unique[' . NAILS_DB_PREFIX . 'user_email.email]');
$this->form_validation->set_rules('username', '', 'xss_clean|required|is_unique[' . NAILS_DB_PREFIX . 'user.username]');
}
if (!$this->data['first_name'] || !$this->data['last_name']) {
$this->form_validation->set_rules('first_name', '', 'xss_clean|required');
$this->form_validation->set_rules('last_name', '', 'xss_clean|required');
}
// Set messages
$this->form_validation->set_message('required', lang('fv_required'));
if (APP_NATIVE_LOGIN_USING == 'EMAIL') {
$this->form_validation->set_message('is_unique', lang('fv_email_already_registered', site_url('auth/forgotten_password')));
} elseif (APP_NATIVE_LOGIN_USING == 'USERNAME') {
$this->form_validation->set_message('is_unique', lang('fv_username_already_registered', site_url('auth/forgotten_password')));
} elseif (APP_NATIVE_LOGIN_USING == 'BOTH') {
$this->form_validation->set_message('is_unique', lang('fv_identity_already_registered', site_url('auth/forgotten_password')));
}
// Execute
if ($this->form_validation->run()) {
$_data = array();
$_data['email'] = $this->input->post('email');
$_data['username'] = $this->input->post('username');
if (!$this->data['first_name'] || !$this->data['last_name']) {
$_data['first_name'] = $this->input->post('first_name');
$_data['last_name'] = $this->input->post('last_name');
} else {
$_data['first_name'] = $this->data['first_name'];
$_data['last_name'] = $this->data['last_name'];
}
$_data['tw_id'] = $access_token->user_id;
$_data['tw_token'] = $access_token->oauth_token;
$_data['tw_secret'] = $access_token->oauth_token_secret;
$_data['auth_method_id'] = 'twitter';
// --------------------------------------------------------------------------
// Handle referrals
if ($this->session->userdata('referred_by')) {
$_data['referred_by'] = $this->session->userdata('referred_by');
}
// --------------------------------------------------------------------------
// Which group?
// If there's a register_token set, use that if not fall back to the default
if (isset($this->_register_token['group']) && $this->_register_token['group']) {
$_data['group_id'] = $this->_register_token['group'];
} else {
$_data['group_id'] = $this->user_group_model->get_default_group_id();
}
// Create new user
$_new_user = $this->user_model->create($_data);
if ($_new_user) {
// Fetch group data
$_group = $this->user_group_model->get_get_by_id($_data['group_id']);
// --------------------------------------------------------------------------
// Send the user the welcome email (that is, if there is one)
$this->load->library('emailer');
$_email = new stdClass();
$_email->type = 'new_user_' . $_group->id;
$_email->to_id = $_new_user->id;
$_email->data = array();
$_email->data['method'] = 'twitter';
if (!$this->emailer->send($_email, TRUE)) {
// Failed to send using the group email, try using the generic email template
$_email->type = 'new_user';
if (!$this->emailer->send($_email, TRUE)) {
// Email failed to send, musn't exist, oh well.
}
}
// --------------------------------------------------------------------------
// Log the user in
$this->user_model->set_login_data($_new_user->id);
// --------------------------------------------------------------------------
// Create an event for this event
create_event('did_register', $_new_user->id, 0, NULL, array('method' => 'twitter'));
// --------------------------------------------------------------------------
// Delete register token
delete_cookie('twRegisterToken');
// --------------------------------------------------------------------------
// Redirect
$this->session->set_flashdata('success', lang('auth_social_register_ok', $_new_user->first_name));
$this->session->set_flashdata('from_twitter', TRUE);
// Registrations will be forced to the registration redirect, regardless of
// what else has been set
if ($this->_register_use_return) {
$_redirect = $this->_return_to;
} else {
$_redirect = $_group->registration_redirect ? $_group->registration_redirect : $_group->default_homepage;
}
$this->_redirect($_redirect);
return;
}
} else {
$this->data['error'] = lang('fv_there_were_errors');
}
}
// --------------------------------------------------------------------------
// Store the access token in the Session so we can interrupt the auth flow cleanly
$this->session->set_userdata('tw_access_token', $access_token);
// --------------------------------------------------------------------------
// Set some view data
$this->data['page'] = new stdClass();
$this->data['page']->title = lang('auth_register_extra_title');
$this->data['return_to'] = $this->_return_to;
$this->data['return_to_fail'] = $this->_return_to_fail;
$this->load->view('structure/header', $this->data);
$this->load->view('auth/register/extra-info', $this->data);
$this->load->view('structure/footer', $this->data);
}
if ($_POST["type"] == "open" && ($_POST["start"] == "" || $_POST["end"] == "") || $_POST["name"] == "") {
echo "Missing fields";
} else {
if ($_POST["type"] == "open" && date_diff(date_create($_POST["start"]), date_create($_POST["end"]))->format("%r") == "-") {
echo "End date must be after start date";
} else {
$hash = "";
$account_id = $account !== false ? $account : 0;
$public = isset($_POST["public"]);
$hidden = isset($_POST["hidden"]);
if ($_POST["type"] == "open") {
$hash = create_event($_POST["name"], $_POST["start"], $_POST["end"], $_POST["desc"], $_POST["type"], $account_id, $public, $hidden);
header('Location: view?event=' . $hash);
} else {
if ($_POST["type"] == "centered") {
$hash = create_event($_POST["name"], date("Y-m-d H:i:s", 0), date("Y-m-d H:i:s", PHP_INT_MAX), $_POST["desc"], $_POST["type"], $account_id, $public, $hidden);
$id = get_event($hash)["id"];
$processor = new NaturalLanguageProcessor($_POST["proposal"], date("Y-m-d H:i:s", 0), date("Y-m-d H:i:s", PHP_INT_MAX));
if ($account !== false) {
put_schedule("", $processor->Process(), $id, $account, $_POST["proposal"]);
} else {
put_schedule($_POST["username"], $processor->Process(), $id, $_POST["proposal"]);
}
header('Location: view?event=' . $hash . "#share");
}
}
}
}
}
$title = "Create Event";
require_once "header.php";
}
}
} else {
log_(ERROR, "Unable to decode JSON event data");
$http_status = HTTP_SRVERR;
}
} else {
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'POST') {
log_(DEBUG, http_build_query($_POST));
log_(INFO, "Processing a single POST event record");
$http_status = create_event($config, $_POST, $dbcon);
} else {
if (isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == 'GET') {
log_(DEBUG, http_build_query($_GET));
log_(INFO, "Processing a single GET event record");
$http_status = create_event($config, $_GET, $dbcon);
} else {
log_(ERROR, "Only POST, GET, and application/json requests supported");
$http_status = HTTP_BADREQ;
}
}
}
if ($dbcon) {
mysqli_close($dbcon);
}
reply_and_exit($http_status);
function create_event($config, $data, $dbcon)
{
global $g_event_keys, $g_basic_keys, $g_unique_keys;
// We require a valid event_type to be specified.
if (!($event_type = get_default('event', $data, false))) {
