コード例 #1
0
ファイル: updateemail.php プロジェクト: runamedia/resiprocate
}
// verify that a new email was provided via POST
dbgSquirt("Checking post");
if (!isset($_POST['newemail'])) {
    // error .. no post variable provided ... possibly because they've jumped
    // directly to this page?
    dbgSquirt("...not set");
    header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/changeemail.php?error=No new email was provided.  Please enter one and click Save.  If this error reoccurs, contact an administrator.");
    exit;
}
// verify that the new email is non-blank
$newEmail = $_POST['newemail'];
dbgSquirt("Checking blank -- {$newEmail}");
if (empty($newEmail)) {
    // error ... requested email is blank... bounce them back to change email page
    dbgSquirt("...Empty");
    header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/changeemail.php?error=The new email must not be blank.");
    exit;
}
// update the email for this user with the provided value
if (updateEmail($username, $newEmail)) {
    // update successful
    $title = "Email changed";
    $heading = "Email changed";
    $msg = "Email changed to <em>{$newEmail}</em>.";
} else {
    // update failed
    $title = "Error while changing email";
    $heading = "Error while changing email";
    $msg = "An error occurred while attempting to change your email.  Please contact an administrator.";
}
コード例 #2
0
ファイル: changeemail.php プロジェクト: runamedia/resiprocate
<?php

require 'reprofunctions.php';
dbgSquirt("============= Change Email ===============");
$result = checkCookies($forceLogin, $error, FALSE);
if (!$result || $forceLogin) {
    // we got an error back that occurred while checkCookies was being run,
    // or authentication failed.  Either way, bounce them back to the login screen
    header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php?error={$error}");
    exit;
}
$username = $_COOKIE['user'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<!--
System:  Repro
File:    changeemail.php
Purpose: Allow an authenticated user to change the email address stored for them
Author:  S. Chanin
-->
<html>
<head>
<link rel="stylesheet" type="text/css" href="repro_style.css" />
  <title>Change Email</title>
</head>

<body>
<h1 class="title">Repro</h1>
<h1>Change Email</h1>
<hr />
コード例 #3
0
function updateResource($resourceId, $username, $resource, $forwardType, $forward, $voicemail)
{
    dbgSquirt("============= Function: updateResource ===========");
    $db = mysql_connect("localhost", "apache", "apache") or die(mysql_error());
    mysql_select_db("repro", $db) or die(mysql_error());
    // first we need to get the userid from the username
    $query = "select id from Users where username = '******'";
    dbgSquirt("Query -- {$query}");
    $result = mysql_query($query) or die(mysql_error());
    $count = mysql_num_rows($result);
    dbgSquirt("Rows -- {$count}");
    if ($count == 1) {
        // we matched, so lets get the userid of the user
        $userid = mysql_result($result, 0, "id");
        mysql_free_result($result);
        // delete the resource
        $query = "update Resources set aor='{$resource}',forwardType='{$forwardType}',forwardDestination='{$forward}',voicemail='{$voicemail}' where userid = '{$userid}' and id = '{$resourceId}'";
        dbgSquirt("Query2 -- {$query}");
        $result = mysql_query($query) or die(mysql_error());
        $count = mysql_affected_rows();
        dbgSquirt("Rows -- {$count}");
        if (1 == $count && TRUE == $result) {
            // no error and 1 row modified (should only be 1 row since id is
            // the primary key)
            $state = TRUE;
        } else {
            $state = FALSE;
        }
    } else {
        $state = FALSE;
    }
    mysql_free_result($result);
    mysql_close($db);
    return $state;
}
コード例 #4
0
<?php

require 'reprofunctions.php';
dbgSquirt("============= Save Modified Resource ===============");
dbgSquirt(dbgShowFile($_POST));
$result = checkCookies($forceLogin, $error, FALSE);
if (!$result || $forceLogin) {
    // we got an error back that occurred while checkCookies was being run,
    // or authentication failed.  Either way, bounce them back to the login screen
    header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php?error={$error}");
    exit;
}
$username = $_COOKIE['user'];
$bounceURL = "Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/editresource.php?aor=" . $_POST['aor'] . "&forwardType=" . $_POST['forwardType'] . "&forward=" . $_POST['forward'] . "&voicemail=" . $_POST['voicemail'] . "&error=";
// make sure post variables have arrived
// note -- can't check for forward because if it was diabled on the previous
// screen by clicking No, it will not be sent as a POST variable
if (!isset($_POST['resourceId']) || !isset($_POST['aor']) || !isset($_POST['forwardType']) || !isset($_POST['voicemail'])) {
    header($bounceURL . "The information to modify a resource was not provided.  Please enter the information and click Save.  If this error reoccurs, contact an administrator.");
    exit;
}
// check if the user pressed cancel ... if so, back to user home
if ("Cancel" == $_POST['submit']) {
    header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/userhome.php");
    exit;
}
// check that resourceId only contains digits
// the valid number check is for security to make sure that no one hacks the
// URL and replaces the resourceId param with something designed to screw up
// the database.  In this case, there is nothing the user can fix, so send them
// back to userhome.
コード例 #5
0
ファイル: addresource.php プロジェクト: runamedia/resiprocate
<?php

require 'reprofunctions.php';
dbgSquirt("============= Add Resource ===============");
$result = checkCookies($forceLogin, $error, FALSE);
if (!$result || $forceLogin) {
    // we got an error back that occurred while checkCookies was being run,
    // or authentication failed.  Either way, bounce them back to the login screen
    header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php?error={$error}");
    exit;
}
$username = $_COOKIE['user'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<!--
System:  Repro
File:    addresource.php
Purpose: Allows an authenticated user to add additional resources to their
         profile
Author:  S. Chanin
-->
<html>
<head>
<link rel="stylesheet" type="text/css" href="repro_style.css" />
<title>Add Resource</title>
<script type="text/javascript">
<!--
function disableForward() {
  document.resourceForm.forward.value = ""
  document.resourceForm.forward.disabled = true
コード例 #6
0
<?php

require 'reprofunctions.php';
dbgSquirt("============= Modify Resource ===============");
dbgSquirt("GET --" . dbgShowFile($_GET));
dbgSquirt("POST --" . dbgShowFile($_POST));
$result = checkCookies($forceLogin, $error, FALSE);
if (!$result || $forceLogin) {
    // we got an error back that occurred while checkCookies was being run,
    // or authentication failed.  Either way, bounce them back to the login screen
    header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php?error={$error}");
    exit;
}
$username = $_COOKIE['user'];
$bounceURL = "Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/userhome.php?error=";
// make sure post variables have arrived.  We should always get a resourceId,
// name, and either an edit or a delete
if (!(isset($_POST['resourceId']) && isset($_POST['aor']) && (isset($_POST['edit']) || isset($_POST['delete'])))) {
    header($bounceURL . "The information to modify a resource was not provided.  Please enter the information and click Save.  If this error reoccurs, contact an administrator.");
    exit;
}
// check that resourceId is non-blank ... this shouldn't happen since this is
// a system provided invisible field
if (empty($_POST['resourceId']) || empty($_POST['aor'])) {
    header($bounceURL . "The resource to be modified was not specified.  Please click one of the Add or Delete buttons.  If you see this message again, please contact an administrator.");
    exit;
}
$resourceId = $_POST['resourceId'];
$aor = $_POST['aor'];
//see if the operation is Edit or Delete
if ("Delete" == $_POST['delete']) {
コード例 #7
0
<?php

require 'reprofunctions.php';
dbgSquirt("============= Change Password ===============");
$result = checkCookies($forceLogin, $error, FALSE);
if (!$result || $forceLogin) {
    // we got an error back that occurred while checkCookies was being run,
    // or authentication failed.  Either way, bounce them back to the login screen
    header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php?error={$error}");
    exit;
}
$username = $_COOKIE['user'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<!--
System:  Repro
File:    changepassword.php
Purpose: Allow an authenticated user to change the password stored for them
Author:  S. Chanin
-->
<html>
<head>
<link rel="stylesheet" type="text/css" href="repro_style.css" />
  <title>Change Password</title>
</head>

<body>
<h1 class="title">Repro</h1>
<h1>Change Password</h1>
<hr />
コード例 #8
0
<?php

require 'reprofunctions.php';
dbgSquirt("============= Edit Resource ===============");
dbgSquirt("GET --" . dbgShowFile($_GET));
$result = checkCookies($forceLogin, $error, FALSE);
if (!$result || $forceLogin) {
    // we got an error back that occurred while checkCookies was being run,
    // or authentication failed.  Either way, bounce them back to the login screen
    header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php?error={$error}");
    exit;
}
$username = $_COOKIE['user'];
$bounceURL = "Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/userhome.php?error=";
// this page is only entered via GET's
// all of these should be set all the time, even though they might be
// empty... if they aren't set, something is strange about how we got to this
// page
if (!isset($_GET['resourceId']) || !isset($_GET['aor']) || !isset($_GET['forwardType']) || !isset($_GET['forward']) || !isset($_GET['voicemail'])) {
    header($bounceURL . "Information missing in request to modify a resource. Please try again.  If this error reoccurs, please contact an administrator.");
    exit;
}
$resourceId = $_GET['resourceId'];
$aor = $_GET['aor'];
$forwardType = $_GET['forwardType'];
$forward = $_GET['forward'];
$voicemail = $_GET['voicemail'];
// make sure resourceId isn't blank.  Other fields could be blank
if (empty($resourceId)) {
    header($bounceURL . "Information missing in request to modify a resource. Please try again.  If this error reoccurs, please contact an administrator.");
    exit;
コード例 #9
0
ファイル: userhome.php プロジェクト: runamedia/resiprocate
                }
            }
        }
    } else {
        // no post variables supplied
        dbgSquirt('No post variables');
        $error = "Authentication error -- you must enter a username and password.";
    }
} else {
    // forceLogin was FALSE ... that means the cookie's were valid
    // so get username from the cookie
    $username = $_COOKIE['user'];
}
// after checking cookies and post variables, if a login is still needed, then
// redirect
dbgSquirt("After post check -- forceLogin = {$forceLogin}");
if ($forceLogin) {
    header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php?error={$error}");
    exit;
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<!--
System:  Repro
File:    userhome.php
Purpose: User Home Page.  This displays the users personal information and
         allows changes to be made.
Author:  S. Chanin
-->
コード例 #10
0
<?php

require 'reprofunctions.php';
dbgSquirt("============= Change Fullname ===============");
$result = checkCookies($forceLogin, $error, FALSE);
if (!$result || $forceLogin) {
    // we got an error back that occurred while checkCookies was being run,
    // or authentication failed.  Either way, bounce them back to the login screen
    header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php?error={$error}");
    exit;
}
$username = $_COOKIE['user'];
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<!--
System:  Repro
File:    changefullname.php
Purpose: Allow an authenticated user to change the fullname stored for them
Author:  S. Chanin
-->
<html>
<head>
<link rel="stylesheet" type="text/css" href="repro_style.css" />
  <title>Change Fullname</title>
</head>

<body>
<h1 class="title">Repro</h1>
<h1>Change Fullname</h1>
<hr />
コード例 #11
0
if ($newPassword == $currentPassword) {
    // error ... password entries shouldn't match ... what's the point of changing
    dbgSquirt("Trying to reuse the current password");
    header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/changepassword.php?error=The new password is the same as the existing password.");
    exit;
}
// make sure the current password they entered matches
$encryptedPassword = createPassword($username, $currentPassword);
$result = validateUser($username, $encryptedPassword);
dbgSquirt("Verifying current password");
if ("A" != $result) {
    // either didn't match, or user is unverified or disabled
    // only way a user should end up here and be unverified or disabled is if
    // an admin changed their account status in the middle of a session.
    // but we'll check for it anyway...
    dbgSquirt("...doesn't match an active user");
    header("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/changepassword.php?error=Current password doesn't match an active user.  Please try again.  If you receive this error again, contact an administrator.");
    exit;
}
// update the password for this user with the provided value
$encryptedPassword = createPassword($username, $newPassword);
if (updatePassword($username, $encryptedPassword)) {
    // update successful
    $title = "Password changed";
    $heading = "Password changed";
    $msg = "Password successfully updated.";
} else {
    // update failed
    $title = "Error while changing password";
    $heading = "Error while changing password";
    $msg = "An error occurred while attempting to change your password.  Please contact an administrator.";