function admin_modeles_delinst() { global $tpl; $modele = new Modele($_GET['modele']); $modele->fetch($_GET['key']); $modele->delete(); $tpl->assign('result', 'success'); modexec('admin_modeles', 'modele'); }
/** * Supression d'une école * Controleur utilisé pour supprimer une école. */ function ecole_delete() { global $pdo; $sql = $pdo->prepare('DELETE FROM user_types WHERE ut_id = ?'); $sql->bindValue(1, $_GET['ecole']); if ($sql->execute()) { redirect('ecole'); } else { modexec('syscore', 'sqlerror'); } }
function developer_index() { //Securité : sortir les gens malhonnêtes if (isset($_REQUEST['appli'])) { modexec('syscore', 'forbidden'); } $cli = new Modele('api_clients'); if (hasAcl(ACL_SUPERUSER)) { $cli->find(); } else { $cli->find(array('ac_owner' => $_SESSION['user']['user_id'])); } $cli->appendTemplate('clients'); display(); }
function twofactors_set() { global $tpl, $srcdir; $usr = new Modele('users'); $usr->fetch($_SESSION['user']['user_id']); if ($_POST['activation'] == "true") { require_once $srcdir . '/libs/GoogleAuthenticator/GoogleAuthenticator.php'; $otp = new GoogleAuthenticator(); if (!$otp->checkCode($_SESSION['user']['GoogleAuthenticator'], $_POST['code'])) { $tpl->assign('hsuccess', "GoogleAuthentificator code invalide"); modexec("index", "profile"); quit(); } $usr->user_otp = $_SESSION['user']['GoogleAuthenticator']; } else { $usr->user_otp = ""; } $_SESSION['user']['user_otp'] = $usr->user_otp; redirect("index", "profile", array('hsuccess' => 1)); }
function cards_delmycard() { global $tpl; $mdl = new Modele('card'); $mdl->find(array('card_user' => $_SESSION['user']['user_id'], 'card_id' => $_GET['card'])); if (!$mdl->next()) { $tpl->assign('hsuccess', false); modexec('index', 'profile'); } $mdl->delete(); $tpl->assign('hsuccess', true); modexec('index', 'profile'); }
function index_password_change() { global $tpl; if (!isset($_GET['valid']) || $_GET['valid'] != $_SESSION['index_password_code']) { $tpl->assign('hsuccess', false); modexec('index'); } $mdl = new Modele('users'); $mdl->find(array('user_email' => $_SESSION['index_password_email'])); $mdl->next(); if (isset($_POST['pwd1'])) { $success = $mdl->modFrom(array('user_pass' => $_POST['pwd1']), false); $tpl->assign('hsuccess', $success); if ($success) { unset($_SESSION['index_password_code']); $_SESSION['user'] = $mdl->toArray(); $_SESSION['user']['role'] = aclFromText($mdl->raw_user_role); $tpl->assign('_user', $_SESSION['user']); modexec('index'); } } $tpl->assign('user', $mdl); display(); }
function user_editpassword() { global $tpl; $pass = $_POST['password']; $confirm = $_POST['password2']; $user = $_GET['user']; if ($pass != $confirm) { $tpl->assign('hsuccess', false); } else { $mdl = new Modele('users'); $mdl->fetch($user); $rslt = $mdl->modFrom(array('user_pass' => md5($mdl->user_name . ':' . $pass)), false); $tpl->assign('hsuccess', $rslt); modexec('user', 'view'); } }
if (isset($_GET['page'])) { $page = $_GET['page']; } $page = basename($page); } // Recherche du module ... if (Extend::getAction($action) == false && !file_exists($root . 'action' . DS . $action . '.php')) { $action = 'syscore'; $page = 'nomod'; } // Etape 3, vérification des droits d'accès if (!isset($_SESSION['user'])) { $_SESSION['user'] = false; } $tpl->assign('_user', $_SESSION['user']); if ($_SESSION['user']) { $sections = $pdo->prepare('SELECT * FROM user_sections LEFT JOIN sections ON us_section = section_id WHERE us_user = ?'); $sections->bindValue(1, $_SESSION['user']['user_id']); $sections->execute(); $_SESSION['user']['sections'] = array(); while ($line = $sections->fetch()) { $_SESSION['user']['sections'][$line['section_id']] = $line; } } modsecu($action, $page, $_GET); needAcl(getAclLevel($action, $page), $action, $page, $_GET); // Etape 4 lancement du module modexec($action, $page); modexec('syscore', 'moderror'); quit(); }
function section_admin_ml_noadmin() { global $tpl, $srcdir, $pdo; include $srcdir . '/libs/GoogleApi.php'; $api = new GoogleApi(); $mdl = new Modele('sections'); $mdl->fetch($_REQUEST['section']); $mdl->assignTemplate('section'); $lnk = new Modele('section_ml'); $lnk->find(array('sm_section' => $_REQUEST['section'], 'sm_ml' => $_REQUEST['ml'])); $mbr = $api->getGroupMemberDetails($_REQUEST['ml'], $_REQUEST['member']); if (!$lnk->next() || strpos($_REQUEST['member'], 'save_') === 0 || $mbr->type == "GROUP") { modexec('syscore', 'forbidden'); } $api->setGroupMemberLevel($lnk->sm_ml, $_REQUEST['member'], 'MEMBER'); redirect("section", "admin_ml", array("hsuccess" => 1, "section" => $_REQUEST['section'], "ml" => $lnk->sm_ml)); }
function wifi_del() { global $pdo, $tpl; $stmt1 = $pdo->prepare('DELETE FROM wifi_tokens WHERE wt_group = ?'); $stmt2 = $pdo->prepare('DELETE FROM wifi_tokenGroup WHERE wtg_id = ?'); $stmt1->bindValue(1, $_GET['roll']); $stmt2->bindValue(1, $_GET['roll']); $tpl->assign('hsuccess', $stmt1->execute() && $stmt2->execute()); modexec('wifi', 'tokens'); }
function ftp_edit() { global $tpl; $account = new Modele('ftp_users'); $account->fetch($_GET['account']); $tpl->assign('account', $account); if (!hasAcl(ACL_SUPERUSER, 'ftp', 'index') && (!isset($_SESSION['user']['sections'][$account->raw_fu_section]) || $_SESSION['user']['sections'][$account->raw_fu_section]['us_type'] != 'manager')) { $tpl->assign('hsuccess', false); modexec('ftp'); } else { if (isset($_POST['password'])) { if (strlen($_POST['password']) < 8) { $tpl->assign('badpass', 'Le mot de passe est trop court.'); display(); } else { $account->fu_pass = $_POST['password']; $usr = escapeshellarg($account->fu_user); $pwd = escapeshellarg($_POST['password']); _ftp_exec("sudo /opt/scripts/passwduser.sh {$usr} {$pwd}"); $tpl->assign('hsuccess', true); modexec('ftp'); } } else { display(); } } }
function event_bocal_view() { global $tpl, $pdo, $srcdir; $sql = $pdo->prepare('SELECT * FROM events LEFT JOIN users ON event_owner = user_id LEFT JOIN sections ON section_id = event_section WHERE event_id = ?'); $sql->bindValue(1, $_GET['event']); $sql->execute(); $event = $sql->fetch(); if (!$event) { modexec('syscore', 'notfound'); } $tpl->assign('event', $event); $mdl = new Modele('event_bocal'); $mdl->find(array('eb_id' => $_GET['ticket'], 'eb_event' => $event['event_id'])); if (!$mdl->next()) { modexec('syscore', 'notfound'); } include_once $srcdir . '/libs/bocal.php'; $bocal = new Bocal(); if (!$bocal->getTicket($mdl->eb_ticket)) { modexec('syscore', 'notfound'); } $bocal->updateDB($mdl->getKey()); $tpl->assign('ticket', $bocal); display(); }
<?php /* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ if (!isset($argv) || !isset($argc) || isset($_SERVER['HTTP_HOST'])) { echo "Le script Cron n'est utilisable qu'en console."; exit; } define('NPE_INDEX', true); chdir(dirname(__FILE__) . '/../htdocs'); require 'bootstrap.php'; include $srcdir . '/loader.php'; //Liste des actions a enclencher $cronActions = array("bocal:update", "user:execSync", "ml:execUpdate"); //Execution des actions foreach ($cronActions as $param) { list($action, $page) = explode(':', $param); modexec($action, $page); }
/** * Execute un controleur * @global type $root * @param type $action * @param type $page */ function modexec($action, $page = 'index') { global $root, $exec_mod, $exec_action, $exec_extend; $exec_extend = false; if (file_exists($root . 'action' . DS . $action . '.php')) { include_once $root . 'action' . DS . $action . '.php'; } else { $exec_extend = Extend::getAction($action); $exec_extend->init($action); } $exec = false; if (function_exists($action . '_autoload')) { call_user_func($action . '_autoload', $page); $exec = true; } if (function_exists($action . '_' . $page)) { $exec_mod = $action; $exec_action = $page; call_user_func($action . '_' . $page); $exec = true; } if ($exec == false) { modexec('syscore', 'nopage'); } }