public function login() {
if (empty($_POST)) {
HttpHandler::redirect('/'+MODULE+'/login/form');
} else {
BM::singleton()->getObject('db')->newConnection(HOST, USER, PASSWORD, DATABASE);
$usuario = BM::singleton()->getObject('db')->sanitizeData($_POST['usuario']);
$clave = cifrar_RIJNDAEL_256($_POST['clave']);
$query = "SELECT * FROM empleado WHERE usuario='{$usuario}' AND clave='{$clave}' AND modulo='terceros';";
BM::singleton()->getObject('db')->executeQuery($query);
if (BM::singleton()->getObject('db')->getNumRows() > 0) {
$level = 1;
while ($data = BM::singleton()->getObject('db')->getResult()->fetch_assoc()) {
$level = $data['permiso'];
}
Session::singleton()->NewSession($usuario, $level);
if(!isset($_GET['url'])||empty($_GET['url'])){
HttpHandler::redirect('/'.MODULE.'/login/form');
}else{
HttpHandler::redirect($_GET['url']);
}
} else {
HttpHandler::redirect('/'.MODULE.'/login/form?error_id=2');
}
}
}
public function Upload(){
$EmailAddress = Session::singleton()->getUser();
$query = "SELECT UserID FROM User WHERE EmailAddress='$EmailAddress'";
data_model()->executeQuery($query);
$row = data_model()->getResult()->fetch_assoc();
$id = $row['UserID'];
$ruta = "static/img/";
$foto = $_FILES['imagen']['tmp_name'];
$nom_archivo = $_FILES['imagen']['name'];
//$ext = pathinfo($nom_archivo);
//$array = explode(".", $nom_archivo); //Lo uso para dividir el nombre
//$nombre= $array[0]."_".$id.".".$array[1]; //Aqui formo el nuevo nombre
$nombre = "profile_".$id.".jpg";
$subir = move_uploaded_file($foto, "$ruta/$nombre");
if($subir){
$query = "update user set ProfilePic =2,imagen='$nombre' where UserID='$id'";
data_model()->executeQuery($query);
HttpHandler::redirect("/warbook/Profile/view");
}
}
public function View(){
if (!Session::singleton()->ValidateSession()) {
HttpHandler::redirect('/warbook/login/form');
} else {
$this->view->View();
}
}
/**
* close current session
*
*/
public static function logOut() {
$_SESSION = array();
session_destroy();
$parametros_cookies = session_get_cookie_params();
setcookie(session_name(), 0, 1, $parametros_cookies["path"]);
HttpHandler::redirect(DEFAULT_DIR);
}
/**
* Executes a put method to the Orbit API
*
* @param $method
* @return mixed
*/
public function delete($method)
{
$this->request->clearParams();
$this->request->setMethod('delete');
$this->request->setURI($method . '?token=' . $this->getToken());
$this->request->execute();
$content = json_decode($this->request->getContent(), true);
return $content;
}
public function guardar_tercero(){
$proveedor = $this->model->get_child('cliente');
$proveedor->get(0);
$proveedor->change_status($_POST);
$proveedor->save();
HttpHandler::redirect('/terceros/terceros/terceros?status=save');
}
public function eliminar(){
if(isset($_POST)&&!empty($_POST)){
if($this->validarCampo('codigo')){
$codigo = $_POST['codigo'];
if($this->model->exists($codigo)){
$query = "SELECT * FROM cuenta_contable WHERE madre = '{$codigo}'";
data_model()->executeQuery($query);
if(data_model()->getNumRows()>0){
HttpHandler::redirect('/contabilidad/main/cuentas?error=dependency');
}else{
$this->model->delete($codigo);
HttpHandler::redirect('/contabilidad/main/cuentas?success=deleted');
}
}
}
}
}
public static function &CheckVars(&$array,$reserve=false)
{
foreach($array as $key=>$val)
{
if($reserve) return ;
if($key==false) continue;
if(is_array($val)==false)
{
$array[$key]=HttpHandler::CleanVal($val);
}
else
{
$array[$key]=HttpHandler::CheckVars($val);
}
}
Return $array;
}
public function login() {
if (empty($_POST)) {
HttpHandler::redirect('/warbook/login/form');
} else {
BM::singleton()->getObject('db')->newConnection(HOST, USER, PASSWORD, DATABASE);
$usuario = BM::singleton()->getObject('db')->sanitizeData($_POST['usuario']);
$clave = md5($_POST['clave']);
$query = "SELECT * FROM User WHERE EmailAddress='{$usuario}' AND AccessPassword='******'";
//echo $query;
BM::singleton()->getObject('db')->executeQuery($query);
if (BM::singleton()->getObject('db')->getNumRows() > 0) {
$level = 1;
Session::singleton()->NewSession($usuario, $level);
HttpHandler::redirect('/warbook/login/form');
} else {
HttpHandler::redirect('/warbook/login/form?error_id=2');
}
}
}
/**
* An static call to create an instance
*
* @param string $url - The Request URL
* @param string $method - The Request Method ( GET | POST | PUT | DELETE | UPDATE | PATCH )
* @return HttpHandler
*/
public static function Create($url, $method)
{
$http = new HttpHandler($url);
$http->setMethod($method);
return $http;
}
public function submit()
{
$request = new HttpHandler(self::PAGSEGURO_URL . '?email=' . $this->email . '&token=' . $this->token);
$request->setMethod('post');
$request->addHeader('Content-type', 'application/xml');
$request->setBody($this->getXML());
$request->execute();
$response = $request->getContent(true);
if (isset($response['code'])) {
$this->code = $response['code'];
return $this->code;
} else {
$this->response = $response;
}
}
function proveedor_activo() {
if (validar_sesion_proveedor()) {
HttpHandler::redirect('/nymsa_testing/mdl/Proveedor/acceder');
}
}
function run($module)
{
$config = $this->config;
if ($module != 'admin')
{
global $rewriteHandler;
include_once './include/rewrite.php';
}
require_once DRIVER_PATH . 'i18n.php';
i18n_init($config['language']);
require_once LIB_PATH . 'config.han.php';
include_once CONFIG_PATH . 'robot.php';
require_once FUNCTION_PATH . 'common.func.php';
define('MY_QUERY_ERROR', 10);
require_once CONFIG_PATH . 'constants.php'; require_once CONFIG_PATH . 'credits.php'; require_once FUNCTION_PATH . 'cache.func.php';
require_once FUNCTION_PATH . 'global.func.php';
require_once INCLUDE_PATH . 'load.php';
require_once LIB_PATH . 'http.han.php';
require_once LIB_PATH . 'template.han.php';
require_once LIB_PATH . 'form.han.php';
require_once DB_DRIVER_PATH . 'database.db.php';
require_once DB_DRIVER_PATH . "mysql.db.php";
require_once INCLUDE_PATH . 'constant.php';
require_once INCLUDE_PATH . 'engine.php';
require_once INCLUDE_PATH . 'extend.php';
require_once MOD_PATH . 'master.mod.php';
require_once MOD_PATH . $this->accessMod($config['default_module']) . '.mod.php';
$_GET = HttpHandler::checkVars($_GET);
$_POST = HttpHandler::checkVars($_POST);
$moduleobject = new ModuleObject($config);
$module != 'inizd' && handler('member')->SaveActionToLog($moduleobject->Title);
unset($moduleobject);
}
function Messager($message, $redirectto='',$time = -1,$return_msg=false,$js=null)
{
global $rewriteHandler;
if ($time==-1)$time=is_numeric($this->Config['msg_time'])?$this->Config['msg_time']:2;
if($this->MemberHandler)$this->MemberHandler->SaveActionToLog($this->Title);
$to_title=($redirectto==='' or $redirectto==-1)?"返回上一页":"跳转到指定页面";
if($redirectto===null)
{
$return_msg=$return_msg===false?" ":$return_msg;
}
else
{
$redirectto=($redirectto!=='')?$redirectto:($from_referer=referer());
if (is_numeric($redirectto)!==false and $redirectto!==0)
{
if($time!==null){
$url_redirect="<script language=\"JavaScript\" type=\"text/javascript\">\r\n";
$url_redirect.=sprintf("window.setTimeout(\"history.go(%s)\",%s);\r\n",$redirectto,$time*1000);
$url_redirect.="</script>\r\n";
}
$redirectto="javascript:history.go({$redirectto})";
}
else
{
if($rewriteHandler)
{
$redirectto = rewrite($redirectto);
}
else
{
if ($redirectto != '' && substr($redirectto, 0, 1) == '?')
{
$redirectto = $this->Config['site_url'].'/'.$redirectto;
}
}
if($message===null)
{
$redirectto=rawurldecode(HttpHandler::UnCleanVal(($redirectto)));
header("Location: $redirectto"); #HEADER跳转
}
if($time!==null)
{
$url_redirect = $redirectto?'<meta http-equiv="refresh" content="' . $time . '; URL=' . $redirectto . '">':null;
}
}
}
$title="消息提示:".(is_array($message)?implode(',',$message):$message);
$title=strip_tags($title);
if($js!="") {
$js="<script language=\"JavaScript\" type=\"text/javascript\">{$js}</script>";
}
$additional_str = $url_redirect.$js;
include_once $this->TemplateHandler->Template('messager');
exit;
}
public function run() {
if (is_callable(array(new $this->controller, $this->action))):
call_user_func_array(array(new $this->controller, $this->action), $this->params);
else:
HttpHandler::redirect($this->basePath . 'error/not_found');
endif;
}
function DoModifyNormal()
{
$this->CheckAdminPrivs('siteset');
if($this->Post['site_enable']) {
$this->IoHandler->WriteFile(CACHE_PATH . './site_enable.php',$this->Post['site_enable']);
} else {
@is_file(CACHE_PATH . './site_enable.php') && $this->IoHandler->DeleteFile(CACHE_PATH . './site_enable.php');
}
unset($this->Post['site_enable']);
if($this->Post['user_forbid']) {
$forbid_list = explode("\r\n",$this->Post['user_forbid']);
$forbid_list = array_unique($forbid_list);
$forbid = implode("\r\n",$forbid_list);
$configHandler = new ConfigHandler();
$configHandler->set('user',array('forbid'=>$forbid));
}
unset($this->Post['user_forbid']);
extract($this->Post['config']);
if($site_name=="")
{
$this->Messager("修改出现错误,站点名称不能为空");
}
if (!$_FILES['config']['error']['site_logo']) {
$this->Post['config']['site_logo'] = IMAGE_PATH . 'site_logo.gif';
if(!move_uploaded_file($_FILES['config']['tmp_name']['site_logo'],$this->Post['config']['site_logo'])) {
@copy($_FILES['config']['tmp_name']['site_logo'],$this->Post['config']['site_logo']);
}
if (!is_file($this->Post['config']['site_logo'])) {
unset($this->Post['config']['site_logo']);
}
}
$this->Post['config']['thumbwidth'] = min(300,max(30,(int) $this->Post['config']['thumbwidth']));
$this->Post['config']['thumbheight'] = min(300,max(30,(int) $this->Post['config']['thumbheight']));
$this->Post['config']['watermark_position'] = (int) $this->Post['config']['watermark_position'];
$this->Post['config']['tuangou_str'] = strip_tags(trim($this->Post['config']['tuangou_str']));
include(CONFIG_PATH.'settings.php');
$new_config=array_merge($config['settings'],$this->Post['config']);
ksort($new_config);
$new_config['copyright']=HttpHandler::UnCleanVal($new_config['copyright']);
$new_config['tongji']=HttpHandler::UnCleanVal($new_config['tongji']);
$result = ini('settings', $new_config);
if($result!=false)
{
$this->Messager("配置修改成功");
}
else
{
$this->Messager("配置修改失败");
}
}
function Messager($message, $redirectto='',$time = 2,$return_msg=false,$js=null)
{
global $rewriteHandler,$__is_messager;
$__is_messager=true;
$this->MemberHandler->SaveActionToLog($this->Title);
$to_title=($redirectto==='' or $redirectto==-1)?"返回上一页":"跳转到指定页面";
if($redirectto===null)
{
$return_msg=$return_msg===false?" ":$return_msg;
}
else
{
$redirectto=($redirectto!=='')?$redirectto:($from_referer=referer());
if (is_numeric($redirectto)!==false and $redirectto!==0)
{
if($time!==null){
$url_redirect="<script language=\"JavaScript\" type=\"text/javascript\">\r\n";
$url_redirect.=sprintf("window.setTimeout(\"history.go(%s)\",%s);\r\n",$redirectto,$time*1000);
$url_redirect.="</script>\r\n";
}
$redirectto="javascript:history.go({$redirectto})";
}
else
{
if($rewriteHandler)
{
$redirectto = rewrite($redirectto);
}
if($message===null)
{
$redirectto=rawurldecode(HttpHandler::UnCleanVal(($redirectto)));
header("Location: $redirectto"); #HEADER跳转
}
if($time!==null)
{
$url_redirect = $redirectto?'<meta http-equiv="refresh" content="' . $time . '; URL=' . $redirectto . '">':null;
}
}
}
$title="消息提示:".(is_array($message)?implode(',',$message):$message);
$title=strip_tags($title);
if($js!="")$js="<script language=\"JavaScript\" type=\"text/javascript\">{$js}</script>";
$this->ShowHeader($title,array(),$url_redirect.$js);
include_once handler('template')->file('@admin/messager');
$this->ShowFooter();
exit;
}
<?php
@date_default_timezone_set('PRC');
define("ROOTPATH", dirname(__FILE__) . "/../");
define("APP_PATH", dirname(__FILE__) . "/../");
define("SP_PATH", dirname(__FILE__) . '/../kernel');
require SP_PATH . "/System.class.php";
$str_base_url = HttpHandler::get_base_url();
$str_base_url .= $str_base_url[strlen($str_base_url) - 1] == "/" ? "" : "/";
define("WEB_ROOT", $str_base_url);
define("REWRITED", $GLOBALS['G_SP']['rewrite']);
$rewrite = '';
if (TRUE === $GLOBALS['G_SP']['rewrite']) {
$rewrite = WEB_ROOT . 'index.php';
}
define("WEB_ENTRY", $rewrite);
spRun();
function _saveConfig($link)
{
$fp=fopen($this->configPath.'link.php',"wb");
if(!$fp)
$this->Messager("配置文件“{$this->configPath}link.php”无法写入,请检查文件是否有可写权限");
$link=HttpHandler::CheckVars($link,false);
fwrite($fp,"<?php\r\n\$config['link']=".var_export($link,true).";\r\n?>");
fclose($fp);
return true;
}
/**
Delete request
@access public
@throws Exception object
@param string $serviceUri | String with the service uri
@param array $parameters | Array with the parameters
@param string $authorization | String with the authorization hash string
@return object
*/
public function delete($serviceUri, $parameters = null, $authorization = null, $debug = false)
{
try {
self::check_headers();
$curl = curl_init($this->Options["host"] . $serviceUri);
curl_setopt($curl, CURLOPT_HTTPHEADER, self::build_header(Utility::build_http_query($parameters), $authorization));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, "DELETE");
curl_setopt($curl, CURLOPT_POSTFIELDS, Utility::build_http_query($parameters));
$curl_response = curl_exec($curl);
$http_status_code = curl_getinfo($curl, CURLINFO_HTTP_CODE);
curl_close($curl);
if ($curl_response === false) {
throw new Exception('Error occured during curl exec. Additioanl info: ' . var_export(curl_getinfo($curl)));
}
$json = json_decode($curl_response);
if (isset($json) && is_object($json)) {
return (object) Utility::array_to_object(["payload" => json_decode($curl_response), "http_status" => ["http_method" => "POST", "code" => $http_status_code, "canonical_name" => HttpHandler::get_http_code_info($http_status_code)]]);
} else {
if ($debug) {
$data = (object) Utility::array_to_object(["webservice_return" => trim(strip_tags($curl_response)), "http_status" => ["http_method" => "POST", "code" => $http_status_code, "canonical_name" => HttpHandler::get_http_code_info($http_status_code)]]);
Utility::debug($data);
}
}
} catch (Exception $e) {
throw $e;
}
}
