コード例 #1
0
ファイル: LTMessageCommand.php プロジェクト: skhal/Latte
 public function execute()
 {
     // Check if logged in user has enough permissions to run command
     $authenticationCenter = LTAuthenticationCenter::sharedCenter();
     if (!$authenticationCenter->validate() || 1 > LTAuthenticationCenter::user()->level()) {
         throw new Exception('You do not have permissions to execute this command');
     }
     $title = strtolower(trim(strip_tags(urldecode(stripslashes($_POST['title'])))));
     $body = strtolower(trim(strip_tags(urldecode(stripslashes($_POST['body'])))));
     // Test Title
     // Test Body
     $db = new LTMySQL();
     $db->connect(LTRWDBConfig::HOST, LTRWDBConfig::USER, LTRWDBConfig::PASS);
     $db->selectdb(LTRWDBConfig::DB);
     $db->query('insert into ehead set author=\'' . LTAuthenticationCenter::user()->id() . '\',title=\'' . $title . '\',added=unix_timestamp(),edit=unix_timestamp();');
     if (1 !== $db->numrows()) {
         throw new RuntimeException('Failed to add message. Try later.');
     }
     // Get ID of newly created entry
     $id = $db->insertid();
     $db->query("insert into entry set id={$id},body='{$body}';");
     if (1 !== $db->numrows()) {
         $db->query("delete from ehead where id={$id};");
         throw new RuntimeException('Failed to add message. Try later.');
     }
     return new LTJsonMessage('Entry was successfully added.');
 }
コード例 #2
0
ファイル: index.php プロジェクト: skhal/Latte
 * Created by Samvel Khalatian on January 5, 2010.
 * Copyright 2009, Your Company All rights reserved.
 */
define("TLDIR_INDEX", $_SERVER['DOCUMENT_ROOT']);
@(include_once TLDIR_INDEX . '/php/LTConfig.php');
@(include_once TLDIR_INDEX . '/php/LTMySQL.php');
$pass = trim(strip_tags(urldecode(stripslashes($_GET['pass']))));
try {
    if (!preg_match('/[a-z0-9]{32}/', $pass)) {
        throw new RuntimeException('Invalid PASS.');
    }
    $mysql = new LTMySQL();
    if (!$mysql->connect(LTRWDBConfig::HOST, LTRWDBConfig::USER, LTRWDBConfig::PASS)) {
        throw new Exception('DB Connection Failed. Can not register user at the moment. Try later.');
    }
    $mysql->selectdb(LTRWDBConfig::DB);
    $pass = mysql_real_escape_string($pass, $mysql->link());
    $res = $mysql->query("select name,login,email from candidate where pass='******';");
    if (!$mysql->numrows()) {
        throw new RuntimeException('Link is not valid any more.');
    }
    $row = mysql_fetch_assoc($res);
    if (!$row) {
        throw new RuntimeException('Failed to find user in DB. Try to re-register.');
    }
    $mysql->query("delete from candidate where pass='******';");
    // Generate password for user.
    $pass = uniqid();
    $mysql->query("insert into user set login='******'login']}',pass='******'\';');
    $id = $mysql->insertid();
    $mysql->query("insert into uinfo set id='{$id}',name='{$row['name']}',email='{$row['email']}',added=unix_timestamp();");
コード例 #3
0
ファイル: LTUserCommand.php プロジェクト: skhal/Latte
 public function execute()
 {
     $mysql = new LTMySQL();
     if (!$mysql->connect(LTRODBConfig::HOST, LTRODBConfig::USER, LTRODBConfig::PASS)) {
         throw new Exception('DB Connection Failed. Can not read user at the moment. Try later.');
     }
     $mysql->selectdb(LTRODBConfig::DB);
     $this->uid = mysql_real_escape_string($this->uid, $mysql->link());
     $res = $mysql->query("select name,added from uinfo where id='{$this->uid}';");
     if (!$mysql->numrows()) {
         throw new Exception('User does not exist.');
     }
     $row = mysql_fetch_assoc($res);
     if (!$row) {
         throw new RuntimeException('Failed to read user from DB. Try later.');
     }
     return json_encode(array('name' => $_row['name'], 'added' => $_row['added']));
 }