function _wifi_getToken() { global $pdo; if (isset($_SESSION['user']) && $_SESSION['user']) { $alreadyToken = $pdo->prepare('SELECT * FROM wifi_tokens LEFT JOIN wifi_tokenGroup ON wt_group = wtg_id WHERE wt_assign = ? AND wt_date + INTERVAL wtg_duration MINUTE > NOW()'); $alreadyToken->bindValue(1, $_SESSION['user']['user_id']); $alreadyToken->execute(); if ($token = $alreadyToken->fetch()) { return $token['wt_token']; } else { $countStmt = $pdo->query('SELECT COUNT(*) FROM wifi_tokens WHERE wt_assign IS NULL'); $countRslt = $countStmt->fetch(); $tokenStmt = $pdo->prepare('SELECT * FROM wifi_tokens WHERE wt_assign IS NULL LIMIT 10, 1'); //$tokenStmt->bindValue(1, rand(0, $countRslt[0] - 1)); $tokenStmt->execute(); $token = $tokenStmt->fetch(); if ($token != null) { $mdl = new Modele('wifi_tokens'); $mdl->fetch($token['wt_id']); $mdl->modFrom(array('wt_assign' => $_SESSION['user']['user_id'], 'wt_date' => date('Y-m-d H:i:s')), false); return $mdl->wt_token; } else { echo 'aucun tocken'; return false; //Plus aucun token. } } } else { echo 'not logged'; return false; } }
function admin_modeles_modinst() { global $tpl; $modele = new Modele($_GET['modele']); $modele->fetch($_GET['key']); $tpl->assign('result', ''); if (isset($_POST['action'])) { if ($modele->modFrom($_POST)) { $tpl->assign('result', 'success'); } else { $tpl->assign('result', 'error'); } } $tpl->assign('modele', $modele); $tpl->assign('edit', $modele->edit()); $tpl->display('adminmodeles_modinst.tpl'); quit(); }
function api_token() { // $_POST['grant_type']; // $_POST['code']; // $_POST['redirect_uri']; // $_POST['client_id']; // $_POST['client_secret']; //On ne fait que des tokens d'auth if ($_REQUEST['grant_type'] != 'authorization_code') { return _api_error('grant_type', 'Only authorization_code is supported'); } //Recherche du client $cli = new Modele('api_clients'); $cli->find(array('ac_client' => $_REQUEST['client_id'], 'ac_secret' => $_REQUEST['client_secret'])); if (!$cli->next()) { return _api_error('unauthorized_client', 'API client denied.'); } //Verif callback client $allowed_callbaks = explode("\n", $cli->ac_callback); foreach ($allowed_callbaks as &$callback) { $callback = trim($callback, " \t\n\r\v/"); } if ($_REQUEST['redirect_uri'] == '' || !in_array($_REQUEST['redirect_uri'], $allowed_callbaks)) { return _api_error('invalid_request_uri', 'Callback not registred 1 :' . $_REQUEST['redirect_uri']); //Force l'arrêt } //Recherche du token $tok = new Modele('api_tokens'); $tok->find(array('at_client' => $cli->getKey(), 'at_code' => $_REQUEST['code'], 'at_type' => 'AUTH')); if (!$tok->next()) { return _api_error('invalid_grant', 'API token not found.'); } if ($tok->at_expire < time()) { return _api_error('invalid_grant', 'API token too old.'); } if ($tok->at_uri != '' && (!isset($_REQUEST['redirect_uri']) || $tok->at_uri != $_REQUEST['redirect_uri'])) { return _api_error('invalid_request', 'Request URI invalid'); } $update = array('at_type' => 'ACCESS', 'at_code' => md5(uniqid('', true)), 'at_start' => time(), 'at_expire' => time() + 3600); if (!$tok->modFrom($update)) { return _api_error('server_error', 'API token update.'); } //Reponse $config = _api_config(); $header = array('alg' => 'RS256', 'typ' => 'JWT'); $claims = array('iss' => $config['issuer'], 'sub' => $update['at_code'], 'aud' => $cli->ac_client, 'exp' => $update['at_expire'], 'iat' => $update['at_start']); if ($tok->at_nonce != '') { $claims['nonce'] = $tok->at_nonce; } $payload = base64url_encode(json_encode($header)) . '.' . base64url_encode(json_encode($claims)); $token = array('id_token' => $payload . '.' . base64url_encode(_api_sign($payload)), 'access_token' => $update['at_code'], 'token_type' => 'bearer', 'expires_in' => 3600); if ($tok->at_scope != '') { $token['scope'] = $tok->at_scope; } echo json_encode($token); quit(); }
function _index_wizard_edit(Modele &$mdl, &$fields) { global $tpl; if ($_SERVER['REQUEST_METHOD'] != 'POST') { return; } $insert = array(); foreach ($fields as $field) { $insert[$field] = $_POST[$field]; } if ($mdl->modFrom($insert)) { $fields = null; } else { $tpl->assign('hsuccess', false); } }
function user_editpassword() { global $tpl; $pass = $_POST['password']; $confirm = $_POST['password2']; $user = $_GET['user']; if ($pass != $confirm) { $tpl->assign('hsuccess', false); } else { $mdl = new Modele('users'); $mdl->fetch($user); $rslt = $mdl->modFrom(array('user_pass' => md5($mdl->user_name . ':' . $pass)), false); $tpl->assign('hsuccess', $rslt); modexec('user', 'view'); } }
function section_edit() { global $tpl; $mdl = new Modele('sections'); $mdl->fetch($_GET['section']); if (isset($_POST['postOK'])) { $tpl->assign('hsuccess', $mdl->modFrom($_POST)); } $tpl->assign('section', $mdl); display(); }
function trip_opt_edit() { global $tpl; $opt = new Modele('trip_option_options'); $opt->fetch($_GET['option']); $opt->assignTemplate('ooption'); $mod = $opt->too_option; $mod->assignTemplate('option'); $mdl = $mod->topt_trip; $mdl->assignTemplate('trip'); $tpl->assign('form', $opt->edit(array('too_value', 'too_price'))); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($opt->modFrom($_POST)) { redirect('trip', 'opt_list', array('option' => $mod->getKey(), 'hsuccess' => 1)); } $tpl->assign('hsuccess', false); } display(); }
/** * Sauvegarde de l'événement */ function event_editpost() { global $tpl; $mdl = new Modele('events'); $mdl->fetch($_GET['event']); $tpl->assign('success', false); $tpl->assign('error', false); if ($mdl->modFrom($_POST)) { $tpl->assign('success', true); } else { $tpl->assign('error', 'Erreur d\'enregistrement.'); } $tpl->assign('event', $mdl); $tpl->display('event_edit.tpl'); quit(); }