コード例 #1
0
<?php

require_once '../includes/config.inc';
require_once '../includes/access.inc';
$requestedUrl = isset($_REQUEST['ref']) ? base64_decode(htmlentities($_REQUEST['ref'])) : $BASE_URL . '/dashboard.php';
$submitted = isset($_REQUEST['submitted']);
$username = isset($_REQUEST['username']) ? htmlentities($_REQUEST['username']) : false;
$password = isset($_REQUEST['password']) ? htmlentities($_REQUEST['password']) : false;
$smarty = new MySmarty($SMARTY_CONFIG);
if ($submitted) {
    try {
        $access = new Access();
        if ($access->authenticate($username, $password)) {
            header("Location: " . $requestedUrl);
            exit;
        } else {
            $smarty->assign('errorMessage', 'Username or Password is incorrect. Please try logging in again.');
        }
    } catch (AccessDeniedException $e) {
        header('HTTP/1.1 401 Access Denied');
        echo "AccessDeniedException: " . $e->getMessage();
    } catch (Exception $e) {
        header('HTTP/1.1 500 Internal Server Error');
        echo "Exception: " . $e->getMessage();
    }
}
$smarty->assign('login', 'login');
$smarty->display('login.tpl');
コード例 #2
0
<?php

require_once '../includes/config.inc';
require_once 'access.inc';
require_once 'accessdeniedexception.inc';
$smarty = new MySmarty($SMARTY_CONFIG);
try {
    $access = new Access();
    $access->authenticate(null, null, false);
    $user = $access->getUser();
    $smarty->assign('user', $user);
} catch (AccessDeniedException $e) {
    // Don't need to do anything, This just means user is not logged in.
}
$smarty->assign('left_menu', true);
$smarty->assign('about', 'about');
$smarty->display('about.tpl');
コード例 #3
0
<?php

require_once '../includes/config.inc';
require_once 'user.inc';
require_once 'access.inc';
require_once 'activity.inc';
require_once 'accessdeniedexception.inc';
require_once 'category.inc';
require_once 'transaction.inc';
$access = new Access();
$access->authenticate();
$user = $access->getUser();
$action = isset($_REQUEST['action']) ? htmlentities($_REQUEST['action']) : false;
$data = isset($_REQUEST['data']) ? $_REQUEST['data'] : false;
try {
    if ($action) {
        if ($data === false) {
            throw new Exception("Missing required parameter data");
        }
        switch ($action) {
            case 'edit':
                $transaction = new Transaction(new MySqlDB());
                $transaction->start();
                $activity = Factory::getView(new ActivityKey($_POST['data']['id']));
                $activity->setName($data['name']);
                if ($data['category'] != null && trim($data['category']) && $data['category'] != 'null') {
                    $activity->setCategory(Factory::getView(new CategoryKey($data['category'])));
                }
                $activity->setTransactionDate(new Date($_POST['data']['transdate']));
                $activity->setAmount($data['amount']);
                $transaction->commit();
コード例 #4
0
    if (!preg_match("/((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[^a-zA-Z0-9\\s]).{8,})/", $_POST['new_password'])) {
        $smarty->assign('err_message', 'Password Invalid! Must be at least 8 characters and have one lowercase, one uppercase, one number, and one special character.');
        $smarty->display('reset_password.tpl');
    }
    try {
        $username = $_GET['username'];
        $pid = $_GET['pid'];
        $result = User::checkAuthentication($username, $pid, true);
        if ($result) {
            $transaction = new Transaction(new MySqlDB());
            $transaction->start();
            $user = User::getUserByUserName($username);
            $user->setPassword($_POST['new_password'], false);
            $transaction->commit();
            $access = new Access();
            if ($access->authenticate($username, $_POST['new_password'])) {
                header("Location: dashboard.php");
                exit;
            }
        } else {
            echo 'fff';
        }
    } catch (Exception $e) {
        if ($transaction && !$transaction->isComplete()) {
            $transaction->rollback();
        }
        header('HTTP/1.1 500 Internal Server Error');
        echo "Exception: " . $e->getMessage();
    }
} else {
    $username = $_GET['username'];