/** * This function is called before any output is generated or any other * actions are performed. Initializations happen here. * * @param $action Name of the action to perform * @param $args Arguments for the given action */ public function before_filter(&$action, &$args) { parent::before_filter($action, $args); $this->modules = array(); // Set Navigation PageLayout::setHelpKeyword("Basis.ProfileModules"); PageLayout::setTitle(_("Mehr Funktionen")); PageLayout::addSqueezePackage('lightbox'); Navigation::activateItem('/profile/modules'); // Get current user. $this->username = Request::username('username', $GLOBALS['user']->username); $this->user_id = get_userid($this->username); $this->plugins = array(); $blubber = PluginEngine::getPlugin('Blubber'); // Add blubber to plugin list so status can be updated. if ($blubber) { $this->plugins[] = $blubber; } // Get homepage plugins from database. $this->plugins = array_merge($this->plugins, PluginEngine::getPlugins('HomepagePlugin')); // Show info message if user is not on his own profile if ($this->user_id != $GLOBALS['user']->id) { $current_user = User::find($this->user_id); $message = sprintf(_('Daten von: %s %s (%s), Status: %s'), htmlReady($current_user->Vorname), htmlReady($current_user->Nachname), htmlReady($current_user->username), htmlReady($current_user->perms)); PageLayout::postMessage(MessageBox::info($message)); } $this->setupSidebar(); }
function smarty_modifier_cms_date_format($string, $format = '', $default_date = '') { $gCms = cmsms(); if ($format == '') { $format = get_site_preference('defaultdateformat'); if ($format == '') { $format = '%b %e, %Y'; } if (!isset($gCms->variables['page_id'])) { $uid = get_userid(false); if ($uid) { $tmp = get_preference($uid, 'date_format_string'); if ($tmp != '') { $format = $tmp; } } } } $config = $gCms->GetConfig(); $fn = cms_join_path($config['root_path'], 'lib', 'smarty', 'plugins', 'modifier.date_format.php'); if (!file_exists($fn)) { die; } require_once $fn; return smarty_modifier_date_format($string, $format, $default_date); }
function updatecontentobj(&$contentobj, $preview = false, $params = null) { if ($params == null) { $params = $_POST; } $userid = get_userid(); $adminaccess = check_ownership($userid, $contentobj->Id()) || check_permission($userid, 'Modify Any Page'); #Fill contentobj with parameters $contentobj->FillParams($params); if ($preview) { $error = $contentobj->ValidateData(); } if (isset($params["ownerid"])) { $contentobj->SetOwner($params["ownerid"]); } $contentobj->SetLastModifiedBy($userid); // #Fill Additional Editors (kind of kludgy) // if (isset($params["additional_editors"])) // { // $addtarray = array(); // foreach ($params["additional_editors"] as $addt_user_id) // { // $addtarray[] = $addt_user_id; // } // $contentobj->SetAdditionalEditors($addtarray); // } // else if ($adminaccess) // { // $contentobj->SetAdditionalEditors(array()); // } }
/** * A convenience function to test if the site is marked as down according to the config panel. * This method includes handling the preference that indicates that site-down behaviour should * be disabled for certain IP address ranges. * * @return boolean */ function is_sitedown() { global $CMS_INSTALL_PAGE; if (isset($CMS_INSTALL_PAGE)) { return TRUE; } if (get_site_preference('enablesitedownmessage') !== '1') { return FALSE; } if (get_site_preference('sitedownexcludeadmins')) { $uid = get_userid(FALSE); if ($uid) { return FALSE; } } if (!isset($_SERVER['REMOTE_ADDR'])) { return TRUE; } $excludes = get_site_preference('sitedownexcludes', ''); if (empty($excludes)) { return TRUE; } $tmp = explode(',', $excludes); $ret = cms_ipmatches($_SERVER['REMOTE_ADDR'], $excludes); if ($ret) { return FALSE; } return TRUE; }
function search_vuln($scanID) { $pScanID = $scanID; // echo $pScanID.'<br>'; if ($userid = get_userid()) { // echo $userid . '<br>'; } else { die; } $query = "SELECT Vuln.IP_URL,Plugin.Name,Vuln.Vuln_Info,Vuln.Level FROM Plugin,Scan,Vuln WHERE Vuln.Scan_ID=Scan.ID AND Vuln.Plugin_ID=Plugin.ID AND Scan.ID={$scanID} AND Scan.User_ID='{$userid}' ORDER BY Vuln.IP_URL,Vuln.Level,Vuln.ID"; // echo $query.'<br>'; $ret = array(); $result = mysql_query($query); while ($row = mysql_fetch_row($result)) { // var_dump($row); foreach ($row as $key => $value) { // echo $key.' => '.$value; $row[$key] = check_xss($value); } $ipurl = $row[0]; $ret[$ipurl][] = array_slice($row, 1); } // var_dump($ret); return $ret; }
function PrePopulateAdminForm($formDescriptor) { $mod = $this->form_ptr->module_ptr; $main = array(array($mod->Lang('title_text'), $mod->CreateTextArea(get_preference(get_userid(), 'use_wysiwyg') == '1', $formDescriptor, $this->GetOption('text', ''), 'fbrp_opt_text', 'pageheadtags'))); $adv = array(array($mod->Lang('title_smarty_eval'), $mod->CreateInputCheckbox($formDescriptor, 'fbrp_opt_smarty_eval', '1', $this->GetOption('smarty_eval', '0')))); return array('main' => $main, 'adv' => $adv); }
function SMS_ADD_POST($person = 0, $content = 0, $type, $url = 0, $userid) { //发送消息表 $sms_send = array('receiveperson' => $person, 'content' => $content, 'uid' => $userid, 'date' => get_date('y-m-d H:i:s', PHP_TIME)); insert_db('sms_send', $sms_send); global $db; $blog = $db->fetch_one_array("SELECT * FROM " . DB_TABLEPRE . "sms_send WHERE receiveperson = '" . $person . "' and uid='" . $userid . "' order by id desc"); $id = $blog["id"]; //获取字符串 $receivepersonarr = explode(',', $person); //发送消息表 for ($i = 0; $i < sizeof($receivepersonarr); $i++) { //接收消息表 $sms_receive = array('sendperson' => $userid, 'date' => get_date('y-m-d H:i:s', PHP_TIME), 'content' => $content, 'receiveperson' => get_userid($receivepersonarr[$i]), 'type' => '2', 'smskey' => '1', 'sendid' => $id); //接收消息表 insert_db('sms_receive', $sms_receive); } if ($id != '') { $oalog = array('uid' => $userid, 'content' => $content . get_log(1) . $person, 'title' => '发布短消息', 'startdate' => get_date('Y-m-d H:i:s', PHP_TIME), 'contentid' => $id, 'type' => '4'); insert_db('oalog', $oalog); } if ($type == '1') { goto_page($url); } }
public function act_insert() { $emails = isset($_POST['emails']) ? trim($_POST['emails']) : ""; $accounts = isset($_POST['accounts']) ? $_POST['accounts'] : ""; $emails = explode(",", $emails); $emails = array_filter($emails); $userId = get_userid(); foreach ($emails as $key => $value) { if (!preg_match("/^([a-z0-9_\\.-]+)@([\\da-z\\.-]+)\\.([a-z\\.]{2,6})\$/", $value)) { self::$errMsg[10061] = get_promptmsg(10061, "邮箱格式有误导致"); return false; } foreach ($accounts as $account) { $data['email'] = $value; $data['accountId'] = $account; $data['createTime'] = time(); $data['creatorId'] = get_userid(); $data['modefyTime'] = time(); $msg = M('PaypalEmail')->insertData($data); if (!$msg) { self::$errMsg[10061] = get_promptmsg(10061, "插入数据库出错导致"); return false; } } } self::$errMsg[200] = get_promptmsg(200, "添加paypalEmail"); return true; }
function add_comment() { global $db, $fullsite, $cla_cid, $cla_nid, $cla_site, $ts_config; $result = array('result' => -1, 'data' => ''); if (!is_login()) { die(json_encode($result)); } $user_info = get_user_info_login(); $user_id = get_userid(); $comment = __post('comment'); $post_id = (int) __post('post_id'); $token = __post('token'); $tokenCheck = md5(md5($post_id)); if ($token != $tokenCheck) { $result['result'] = -2; die(json_encode($result)); } $sSQL = " insert into ntk_forum_comments(user_id,post_id,content,`status`,create_date)\n\t\t\t\tvalues({$user_id},{$post_id},'{$comment}',0,NOW() )\n\t\t\t"; $resultSQL = $db->query($sSQL, true, "Query failed"); $result['result'] = 1; $html_comment = '<div class="forum_comment ' . $class . '">'; $html_comment .= '<div class="forum_comment_header">'; $html_comment .= '<span class="forum_comment_full_name">' . $user_info['full_name'] . '</span> '; $html_comment .= '<span class="forum_comment_date">' . date("d/m/Y H:i:s") . '</span><br>'; $html_comment .= '</div>'; $html_comment .= '<div class="forum_comment_content">'; $html_comment .= ' <pre>' . $comment . '<pre>'; $html_comment .= '</div>'; $html_comment .= '</div>'; $result['data'] = $html_comment; die(json_encode($result)); }
public function check($data, $virtualobject, $relevantfields) { $errors = ""; if (!$data['user_id']) { if (!$data['username']) { $errors .= "Kein Nutzername. "; } else { $validator = new email_validation_class(); if (!$validator->ValidateUsername($data['username'])) { $errors .= "Nutzername syntaktisch falsch. "; } elseif (get_userid($data['username']) && get_userid($data['username']) !== $data['user_id']) { $errors .= "Nutzername schon vergeben. "; } } if (!$data['perms'] || !in_array($data['perms'], array("user", "autor", "tutor", "dozent", "admin", "root"))) { $errors .= "Keine korrekten Perms gesetzt. "; } if (!$data['vorname'] && !$data['nachname']) { $errors .= "Kein Name gesetzt. "; } } if (in_array("email", $relevantfields)) { if (!$data['email']) { $errors .= "Keine Email. "; } else { $validator = new email_validation_class(); if (!$validator->ValidateEmailAddress($data['email'])) { $errors .= "Email syntaktisch falsch. "; } } } return $errors; }
function TabNames() { $res = array(lang('main')); if (check_permission(get_userid(), 'Manage All Content')) { $res[] = lang('options'); } return $res; }
/** * 新增平台信息 * @return array * @author lzx */ public function act_insert() { $data = array(); $data['platform'] = isset($_POST['platform']) ? trim($_POST['platform']) : ''; $data['shortcode'] = isset($_POST['shortcode']) ? trim($_POST['shortcode']) : ''; $data['suffix'] = isset($_POST['suffix']) ? trim($_POST['suffix']) : ''; $data['addUser'] = get_userid(); $data['addTime'] = time(); return M('Platform')->insertData($data); }
public function act_insert() { $id = isset($_POST['currId']) ? $_POST['currId'] : ''; $data = array(); $data['currency'] = isset($_POST['currency']) ? $_POST['currency'] : ''; $data['rates'] = isset($_POST['rates']) ? $_POST['rates'] : ''; $data['userId'] = get_userid(); $data['modefyTime'] = time(); return M('Currency')->insertData($data); }
public function view_edit() { //面包屑 $navlist = array(array('url' => 'index.php?mod=user&act=index', 'title' => '授权管理'), array('url' => '#', 'title' => '用户列表'), array('url' => 'index.php?mod=user&act=edit&uid=' . $id, 'title' => '编辑')); $userInfo = A('User')->act_getUserInfoById(get_userid()); $this->smarty->assign('navlist', $navlist); $this->smarty->assign('toptitle', '编辑'); $this->smarty->assign('userInfo', $userInfo); $this->smarty->display("userModify.htm"); }
public function act_update() { $data = array(); $id = isset($_POST['id']) ? trim($_POST['id']) : ''; $data['type'] = isset($_POST['type']) ? trim($_POST['type']) : ''; $data['status'] = isset($_POST['status']) ? trim($_POST['status']) : ''; $data['errormsg'] = isset($_POST['errormsg']) ? trim($_POST['errormsg']) : ''; $data['lastmodifyuserId'] = get_userid(); $data['lastmodefyTime'] = time(); return M('PromptMsg')->updateData($id, $data); }
/** * 订单系统相关操作权限获取 *@eturn array *@author lzx *modify by yxd 2014/7/17 */ public function view_edit() { F('order'); //编辑权限控制, 存在隐患BUG, 需要增加是否有编辑这个用户的权限 $navlist = array(array('url' => 'index.php?mod=user&act=index', 'title' => '授权管理'), array('url' => 'index.php?mod=user&act=index', 'title' => '用户列表'), array('url' => '#', 'title' => '订单系统相关操作权限获取')); $uid = isset($_GET['uid']) & intval($_GET['uid']) > 0 ? intval($_GET['uid']) : 0; $competences = A('UserCompetence')->act_getCompetenceByUserId($uid); $mycompetences = A('UserCompetence')->act_getCompetenceByUserId(get_userid()); //需要设置session的用户id, 还需要增加文件夹移动权限 $groupLists = M('StatusMenu')->getOrderStatusByGroupId(); //文件夹分组列表 $statusLists = A('StatusMenu')->act_getStatusMenuList(); //文件夹状态列表 $visibleCarrier = json_decode($competences['visible_carrier'], true); $visibleEditorder = explode(',', $competences['visible_editorder']); $myVisibleEditorder = explode(',', $mycompetences['visible_editorder']); $visibleCarrier0 = $visibleCarrier[0]; //快递 $visibleCarrier1 = $visibleCarrier[1]; //非快递 $myvisibleCarrier = json_decode($competences['visible_carrier'], true); $editorder_options = C('EDITORDEROPTIONS'); $this->smarty->assign('platform_account', json_decode($competences['visible_platform_account'], true)); //被修改者平台账号控制权限 $this->smarty->assign('myplatform_account', json_decode($mycompetences['visible_platform_account'], true)); //修改者平台账号控制权限 $this->smarty->assign('showfolder', explode(',', $competences['visible_showfolder'])); //被修改者文件夹显示权限 $this->smarty->assign('myshowfolder', explode(',', $mycompetences['visible_showfolder'])); //修改者文件夹显示权限 $this->smarty->assign('movefolder', $competences['visible_movefolder']); //被修改者文件夹移动权限 $this->smarty->assign('mymovefolder', $mycompetences['visible_movefolder']); //修改者文件夹移动权限 $this->smarty->assign('statusLists', $statusLists); //文件状态分组 $this->smarty->assign('groupLists', $groupLists); //文件状态 $this->smarty->assign("editorderOptions", $editorder_options); $this->smarty->assign('myVisibleEditorder', $myVisibleEditorder); $this->smarty->assign('visibleEditorder', $visibleEditorder); $this->smarty->assign('carrierListk', A('PlatformToCarrier')->act_getCarrierFromApi(0)); //快递 $this->smarty->assign('carrierListnk', A('PlatformToCarrier')->act_getCarrierFromApi(1)); //非快递 $this->smarty->assign('visibleCarrier0', $visibleCarrier0); $this->smarty->assign('visibleCarrier1', $visibleCarrier1); $this->smarty->assign('toptitle', '订单系统细颗粒度权限控制'); $this->smarty->assign('toplevel', A('Topmenu')->act_getToplevel('User')); $this->smarty->assign('secondlevel', A('Topmenu')->act_getSecondlevel('User')); $this->smarty->assign('navlist', $navlist); $this->smarty->assign('toptitle', '授权管理'); $this->smarty->display("compenseEdit.htm"); }
public function view_edit() { $navlist = array(array('url' => 'index.php?mod=Platform&act=index', 'title' => '系统设置'), array('url' => 'index.php?mod=averageDailyCount&act=index', 'title' => '日均量策略设置'), array('url' => '', 'title' => '修改')); F('order'); $this->smarty->assign('plataccount', get_userplatacountpower(get_userid())); $this->smarty->assign('navlist', $navlist); $this->smarty->assign('toptitle', '添加SKU'); $this->smarty->assign('toplevel', A('Topmenu')->act_getToplevel('averageDailyCount')); $this->smarty->assign('secondlevel', A('Topmenu')->act_getSecondlevel('averageDailyCount')); $this->smarty->assign('averageDailyCountList', A('AverageDailyCount')->act_getAverageDailyCountListById()); $this->smarty->display("averageDailyCountEdit.htm"); }
private static function _init() { $AC =& ac_utils::get_module('AdvancedContent'); self::$_tabs = array('main' => array('tab_id' => 'main', 'tab_name' => lang('main'), 'block_tabs' => array(), 'block_groups' => array(), 'content_blocks' => array())); if (check_permission(get_userid(), 'Manage All Content')) { self::$_tabs['options'] = array('tab_id' => 'options', 'tab_name' => lang('options'), 'block_tabs' => array(), 'block_groups' => array(), 'content_blocks' => array()); } if (check_permission(get_userid(), 'Manage AdvancedContent Options') && $AC->GetPreference('use_advanced_pageoptions', 0)) { self::$_tabs['AdvancedContent'] = array('tab_id' => 'AdvancedContent', 'tab_name' => $AC->lang('advancedcontent_tabname'), 'block_tabs' => array(), 'block_groups' => array(), 'content_blocks' => array()); } self::$_init = true; }
/** * Triggered on loc_begin_index * * Initiating GhostTracker - Perform user logout after registration if not validated */ function UAM_Init() { global $conf, $user; include_once PHPWG_ROOT_PATH . 'admin/include/functions.php'; $conf_UAM = unserialize($conf['UserAdvManager']); // Admins, Guests and Adult_Content users are not tracked for Ghost Tracker or Users Tracker // ----------------------------------------------------------------------------------------- if (!is_admin() and !is_a_guest() and $user['username'] != "16" and $user['username'] != "18") { if (isset($conf_UAM['GHOSTRACKER']) and $conf_UAM['GHOSTRACKER'] == 'true' or isset($conf_UAM['ADDLASTVISIT']) and $conf_UAM['ADDLASTVISIT'] == 'true') { $userid = get_userid($user['username']); // Looking for existing entry in last visit table // ---------------------------------------------- $query = ' SELECT * FROM ' . USER_LASTVISIT_TABLE . ' WHERE user_id = ' . $userid . ' ;'; $count = pwg_db_num_rows(pwg_query($query)); if ($count == 0) { // If not, data are inserted in table // ---------------------------------- $query = ' INSERT INTO ' . USER_LASTVISIT_TABLE . ' (user_id, lastvisit, reminder) VALUES (' . $userid . ', now(), "false") ;'; pwg_query($query); } else { if ($count > 0) { // If yes, data are updated in table // --------------------------------- $query = ' UPDATE ' . USER_LASTVISIT_TABLE . ' SET lastvisit = now(), reminder = "false" WHERE user_id = ' . $userid . ' LIMIT 1 ;'; pwg_query($query); } } } // Perform user logout after registration if not validated if (isset($conf_UAM['CONFIRM_MAIL']) and ($conf_UAM['CONFIRM_MAIL'] == 'true' or $conf_UAM['CONFIRM_MAIL'] == 'local') and (isset($conf_UAM['REJECTCONNECT']) and $conf_UAM['REJECTCONNECT'] == 'true') and !UAM_UsrReg_Verif($user['id']) and !is_admin() and !is_webmaster()) { invalidate_user_cache(); logout_user(); if ($conf['guest_access']) { redirect(make_index_url() . '?UAM_msg=rejected', 0); } else { redirect(get_root_url() . 'identification.php?UAM_msg=rejected', 0); } } } }
public function act_update() { $id = isset($_POST['id']) ? trim($_POST['id']) : ''; $data['platformId'] = $_POST['platformId']; $data['accountId'] = $_POST['accountId']; $data['sku'] = $_POST['sku']; $data['orderTime1'] = strtotime($_POST['OrderTime1']); $data['orderTime2'] = strtotime($_POST['OrderTime2']); $data['updateTime'] = time(); $data['operatorId'] = get_userid(); $data['is_delete'] = 0; return M('AverageDailyCount')->updateData($id, $data); }
/** * 修改指定用户的密码 * @param userId POST过来的被修改人id * @param pwd 新密码 * @return array() * @author zqt */ public function act_updateUserPsw() { $userId2 = $_POST['userId']; //被修改人密码 $pwd = $_POST['pwd']; //密码 $data = M('InterfacePower')->userUpdatePsw(get_userid(), $userId2, $pwd); if (empty($data)) { self::$errMsg[10052] = get_promptmsg(10052); } else { self::$errMsg[$data['errCode']] = $data['errMsg']; } return $data; }
/** * checks the validity of input parameters, fills $page['errors'] and * $page['infos'] and send an email with confirmation link * * @return bool (true if email was sent, false otherwise) */ function process_password_request() { global $page, $conf; if (empty($_POST['username_or_email'])) { $page['errors'][] = l10n('Invalid username or email'); return false; } $user_id = get_userid_by_email($_POST['username_or_email']); if (!is_numeric($user_id)) { $user_id = get_userid($_POST['username_or_email']); } if (!is_numeric($user_id)) { $page['errors'][] = l10n('Invalid username or email'); return false; } $userdata = getuserdata($user_id, false); // password request is not possible for guest/generic users $status = $userdata['status']; if (is_a_guest($status) or is_generic($status)) { $page['errors'][] = l10n('Password reset is not allowed for this user'); return false; } if (empty($userdata['email'])) { $page['errors'][] = l10n('User "%s" has no email address, password reset is not possible', $userdata['username']); return false; } $activation_key = generate_key(20); list($expire) = pwg_db_fetch_row(pwg_query('SELECT ADDDATE(NOW(), INTERVAL 1 HOUR)')); single_update(USER_INFOS_TABLE, array('activation_key' => pwg_password_hash($activation_key), 'activation_key_expire' => $expire), array('user_id' => $user_id)); $userdata['activation_key'] = $activation_key; set_make_full_url(); $message = l10n('Someone requested that the password be reset for the following user account:') . "\r\n\r\n"; $message .= l10n('Username "%s" on gallery %s', $userdata['username'], get_gallery_home_url()); $message .= "\r\n\r\n"; $message .= l10n('To reset your password, visit the following address:') . "\r\n"; $message .= get_gallery_home_url() . '/password.php?key=' . $activation_key . '-' . urlencode($userdata['email']); $message .= "\r\n\r\n"; $message .= l10n('If this was a mistake, just ignore this email and nothing will happen.') . "\r\n"; unset_make_full_url(); $message = trigger_change('render_lost_password_mail_content', $message); $email_params = array('subject' => '[' . $conf['gallery_title'] . '] ' . l10n('Password Reset'), 'content' => $message, 'email_format' => 'text/plain'); if (pwg_mail($userdata['email'], $email_params)) { $page['infos'][] = l10n('Check your email for the confirmation link'); return true; } else { $page['errors'][] = l10n('Error sending email'); return false; } }
function execute() { $list_form = new XTemplate('Home/List.html'); $left_menu = $this->rmenu(); $uId = get_userid(); $infoArr = $this->fnc_get_user_info($type_id = 1, $value = $uId, $html = true); $gridview = $infoArr['html']; $list_form->assign('slide_bar', $this->slide_bar($left_menu)); $list_form->assign('tabs', $this->set_tabs()); $list_form->assign('gridview', $gridview); $list_form->assign('dialog_title', 'thành viên'); $list_form->parse('main'); $html = $list_form->out_return('main'); echo $html; }
function search_dist($status, $os, $mac, $distid = 0) { // $pKeyword = check_sql($keyword); $pStatus = $status; $pOS = $os; $pMAC = $mac; $pId = $distid; $time = time(); $ip = $_SERVER["REMOTE_ADDR"]; if ($userid = get_userid()) { // echo $userid . '<br>'; } else { die; } // echo $userid . '<br>'; // echo $time . '<br>'; // if Last_Time bigger than now time too much, such as 1 min, then set online status off $query = "UPDATE Dispatcher SET Status=0 WHERE {$time}-Last_Time>60"; $result = mysql_query($query); // then select information $query = "SELECT Dispatcher.ID,Dispatcher.OS,Dispatcher.MAC,Dispatcher.IP,Dispatcher.Last_Time,Dispatcher.Status,User.Name FROM Dispatcher,User WHERE Dispatcher.User_ID=User.ID AND Dispatcher.User_ID='{$userid}'"; if (is_int($pStatus) and $pStatus >= 0 and $pStatus < 2) { $query .= " AND Dispatcher.Status='{$pStatus}'"; } if ($pOS) { $query .= " AND Dispatcher.OS like'%{$pOS}%'"; } if ($pMAC) { $query .= " AND Dispatcher.MAC='{$pMAC}'"; } if (is_int($pId) and $pId > 0) { $query .= " AND Dispatcher.ID={$pId}"; } // echo $query.'<br>'; $ret = array('data' => array()); $result = mysql_query($query); while ($row = mysql_fetch_row($result)) { // var_dump($row); foreach ($row as $key => $value) { // echo $key.' => '.$value; $row[$key] = check_xss($value); } $ret['data'][] = $row; // var_dump($row); } return $ret; }
function adduser($username, $level = 0, $email = '', $realname = '', $can_modify_passwd = 0, $description = '', $twofactor = 0) { // Check to see if user is already added in the database if (!user_exists_in_db($username)) { $userid = dbInsert(array('username' => $username, 'realname' => $realname, 'email' => $email, 'descr' => $description, 'level' => $level, 'can_modify_passwd' => $can_modify_passwd, 'twofactor' => $twofactor, 'user_id' => get_userid($username)), 'users'); if ($userid == false) { return false; } else { foreach (dbFetchRows('select notifications.* from notifications where not exists( select 1 from notifications_attribs where notifications.notifications_id = notifications_attribs.notifications_id and notifications_attribs.user_id = ?) order by notifications.notifications_id desc', array($userid)) as $notif) { dbInsert(array('notifications_id' => $notif['notifications_id'], 'user_id' => $userid, 'key' => 'read', 'value' => 1), 'notifications_attribs'); } } return $userid; } else { return false; } }
public function index_action($verify_action = null) { if (Request::submitted('store')) { $this->check_ticket(); if (Request::get('new_smsforward_rec')) { $this->user->smsforward_rec = get_userid(Request::get('new_smsforward_rec')); $this->user->smsforward_copy = 1; } else { if (Request::int('smsforward_copy') && !$this->user->smsforward_copy) { $this->user->smsforward_copy = 1; } else { if (!Request::int('smsforward_copy') && $this->user->smsforward_copy) { $this->user->smsforward_copy = 0; } } } $this->user->email_forward = Request::int('send_as_email'); $this->user->store(); // write to user config table $this->config->store('ONLINE_NAME_FORMAT', Request::option('online_format')); $this->config->store('MAIL_AS_HTML', Request::int('mail_format')); $settings = $this->settings; $settings['sms_sig'] = Request::get('sms_sig'); $settings['logout_markreaded'] = Request::int('logout_markreaded'); $settings['save_snd'] = Request::int('save_snd', 2); $settings['request_mail_forward'] = Request::int('request_mail_forward', 0); $this->config->store('MESSAGING_SETTINGS', $settings); $this->reportSuccess(_('Ihre Einstellungen wurden erfolgreich gespeichert.')); $this->redirect('settings/messaging'); } if (!$this->user->smsforward_rec && Request::submitted('gosearch')) { $vis_query = get_vis_query('auth_user_md5'); $query = "SELECT user_id, username, {$GLOBALS['_fullname_sql']['full_rev']} AS fullname, perms\n FROM auth_user_md5\n LEFT JOIN user_info USING (user_id)\n WHERE (username LIKE CONCAT('%', :needle, '%') OR\n Vorname LIKE CONCAT('%', :needle, '%') OR\n Nachname LIKE CONCAT('%', :needle, '%'))\n AND user_id != :user_id AND {$vis_query}\n ORDER BY Nachname ASC"; $statement = DBManager::get()->prepare($query); $statement->bindValue(':needle', Request::get('search_exp')); $statement->bindValue(':user_id', $this->user->user_id); $statement->execute(); $matches = $statement->fetchAll(PDO::FETCH_ASSOC); } else { $matches = false; } $this->matches = $matches; $this->verify_action = $verify_action; }
function create_action() { $username = strtolower(Request::get("username")); $password = Request::get("password"); if (isset($username) && isset($password)) { $result = StudipAuthAbstract::CheckAuthentication($username, $password); } if (!isset($result) || $result['uid'] === false) { $this->flash["notice"] = "login unsuccessful!"; $this->redirect("session/new"); return; } $user_id = get_userid($username); if (isset($user_id)) { $this->start_session($user_id); } $this->flash["notice"] = "login successful!"; $this->redirect("quickdial"); }
function add_task($target, $arguments) { $target = check_sql($target); $time = time(); // $argJson = base64_encode(json_encode($arguments)); // $argJson = json_encode($arguments,JSON_FORCE_OBJECT); $argJson = json_encode($arguments); $argJson = mysql_real_escape_string($argJson); $userid = get_userid(); var_dump($argJson); $query = "INSERT INTO Task(Target,Start_Time,Arguments,Status,User_ID) VALUES('{$target}',{$time},'{$argJson}','waiting',{$userid})"; // echo $query . '<br>'; $result = mysql_query($query); if ($result) { return True; } else { echo mysql_error(); return False; } }
public function getUserFormat($fmt = '') { $config = cmsms()->GetConfig(); $stz = new DateTimeZone($config['timezone']); $utz = new DateTimeZone($config['user_timezone']); // this calls the cms_date_format stuff. if (empty($fmt)) { $fmt = get_site_preference('defaultdateformat', '%b %e, %Y'); global $gCms; if (!isset($gCms->variables['page_id'])) { $uid = get_userid(FALSE); if ($uid) { $fmt = get_preference($uid, 'date_format_string', $fmt); } } } $this->setTimeZone($utz); $when = $this->format('U'); $this->setTimeZone($stz); return strftime($fmt, $when); }
function smarty_cms_function_edit($params, &$smarty) { global $gCms; if (!check_permission(get_userid(false), 'Modify Any Page') && !quick_check_authorship($gCms->variables['content_id'], author_pages(get_userid(false)))) { return; } $urlext = '?' . CMS_SECURE_PARAM_NAME . '=' . $_SESSION[CMS_USER_KEY]; $text = isset($params['text']) ? $params['text'] : 'Edit This Page'; if (isset($params["showbutton"])) { return '<a href="' . $gCms->config['root_url'] . '/' . $gCms->config['admin_dir'] . '/editcontent.php' . $urlext . '&content_id=' . $gCms->variables['content_id'] . '"><img src="' . $gCms->config['root_url'] . '/images/cms/editbutton.png" alt="' . $text . '"/></a>'; } else { return '<a href="' . $gCms->config['root_url'] . '/' . $gCms->config['admin_dir'] . '/editcontent.php' . $urlext . '&content_id=' . $gCms->variables['content_id'] . '">' . $text . '</a>'; } /* global $gCms; $userid = get_userid(false); if(!$userid) return; $access = check_permission($userid, 'Modify Any Page'); if (!$access) return; $text = 'Edit This Page'; if (!empty($params['text'])) { $text = $params['text']; } //will this work if using htaccess? (Yes! -Wishy) if (isset($params["showbutton"])) { return '<a href="'.$gCms->config['root_url'].'/'.$gCms->config['admin_dir'].'/editcontent.php?content_id='.$gCms->variables['content_id'].'"><img src="'.$gCms->config['root_url'].'/images/cms/editbutton.png" alt="'.$text.'"/></a>'; } else { return '<a href="'.$gCms->config['root_url'].'/'.$gCms->config['admin_dir'].'/editcontent.php?content_id='.$gCms->variables['content_id'].'">'.$text.'</a>'; } */ }