public function action_download($cache_filename) { if (!$cache_filename) { return $this->action_404(); } // add json extension $cache_filename .= '.json'; // load data from cache if possible try { $data = Cache::get($cache_filename); } catch (\CacheNotFoundException $e) { return $this->action_404(); } // cache found but empty!? if (!$data) { return $this->action_404(); } $response = new Response(); // We'll be outputting a json string $response->set_header('Content-Type', 'application/json'); // It will be called downloaded.pdf $response->set_header('Content-Disposition', 'attachment; filename="checkins.json"'); // Set no cache $response->set_header('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate'); $response->set_header('Expires', 'Mon, 26 Jul 1997 05:00:00 GMT'); $response->set_header('Pragma', 'no-cache'); $response->body($data); return $response; }
public function action_exportinvalidleads($data_id) { $headings = array('Dialler ID' => 'dialler_lead_id', 'Title' => 'title', 'First Name' => 'first_name', 'Last Name' => 'last_name', 'Number' => 'phone_number', 'Alt Number' => 'alt_phone', 'Status' => 'number_data'); $headingArray = array(); $headingCounts = array(); $headingNames = array(); foreach ($headings as $heading => $dbcolumn) { $headingCounts[] = $dbcolumn; $headingNames[] = $heading; } list($validLeads, $validCount, $filterCount) = \Data\Model_Data::get_leads($data_id, -1, 0, 'dialler_lead_id', 'asc', '='); $invalidArray = array(); $makeArray = array(); foreach ($validLeads as $singleLead) { $singleArray = array(); foreach ($headings as $heading) { if ($heading == 'number_data') { $allData = unserialize($singleLead[$heading]); $diallerIDs = array(); if (isset($allData['duplicates']['data_list_ids'])) { foreach ($allData['duplicates']['data_list_ids'] as $did) { $diallerListIDQuery = \DB::select('dialler_id')->from('data')->where('id', $did)->execute()->as_array(); } if (count($diallerListIDQuery) > 0) { $diallerIDs[] = $diallerListIDQuery[0]['dialler_id']; } } if (isset($allData['duplicates']['list_ids'])) { foreach ($allData['duplicates']['list_ids'] as $did) { $diallerIDs[] = $did; } } $singleArray[] = count($diallerIDs) > 0 ? 'Duplicate from list(s) ' . implode("/", $diallerIDs) : 'TPS Match'; } else { $singleArray[] = $singleLead[$heading]; } } $makeArray[] = $singleArray; } $data = implode(",", $headingNames) . "\n"; foreach ($makeArray as $oneLine) { $data .= implode(",", $oneLine) . "\n"; } //$data = \Format::forge($makeArray)->to_csv(); $response = new \Response(); $response->set_header('Content-Type', 'text/csv'); $response->set_header('Content-Disposition', 'attachment; filename="' . $data_id . '_' . date('Ymd-Hi') . '.csv"'); // $response->body($data); //return $response; $response->send_headers(); echo $data; return ""; }
public function action_ajax_test_ftp() { // is ajax if (!\Input::is_ajax()) { \Response::redirect(\Uri::create('admin')); } // check permission if (\Model_AccountLevelPermission::checkAdminPermission('config_global', 'config_global') == false) { \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string())))); return null; } if (\Input::method() == 'POST') { // get post value and test connection $config['hostname'] = trim(\Input::post('hostname')); $config['username'] = trim(\Input::post('username')); $config['password'] = trim(\Input::post('password')); $config['port'] = (int) trim(\Input::post('port')); $config['passive'] = trim(\Input::post('passive')) == 'true' ? true : false; $config['ssl_mode'] = false; $config['debug'] = false; $basepath = trim(\Input::post('basepath')); // connect to ftp $ftp = \Ftp::forge($config); $ftp->connect(); $ftp->change_dir($basepath); $files = $ftp->list_files(); $ftp->close(); $output = array(); if ($files !== false) { $output['form_status'] = 'success'; $output['form_status_message'] = \Lang::get('config_ftp_connected_check_basepath_from_dir_structure_below'); natsort($files); $output['list_files'] = '<ul>'; foreach ($files as $file) { $output['list_files'] .= '<li>' . $file . '</li>'; } $output['list_files'] .= '</ul>'; } else { // got false from list_files means cannot connect $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('config_ftp_could_not_connect_to_server'); } // clear no use variables unset($basepath, $config, $file, $files, $ftp); // send out json values $response = new \Response(); $response->set_header('Content-Type', 'application/json'); $response->body(json_encode($output)); return $response; } }
public function action_deleteAvatar() { // get account id from cookie $account = new \Model_Accounts(); $cookie = $account->getAccountCookie(); if (\Input::method() == 'POST') { if (!\Extension\NoCsrf::check()) { // validate token failed $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token'); $output['result'] = false; } else { if (!isset($cookie['account_id']) || \Model_Accounts::isMemberLogin() == false) { $output['result'] = false; } else { $output['result'] = true; $account->deleteAccountAvatar($cookie['account_id']); } } } unset($account, $cookie); if (\Input::is_ajax()) { // re-generate csrf token for ajax form to set new csrf. $output['csrf_html'] = \Extension\NoCsrf::generate(); $response = new \Response(); $response->set_header('Content-Type', 'application/json'); $response->body(json_encode($output)); return $response; } else { if (\Input::referrer() != null && \Input::referrer() != \Uri::main()) { \Response::redirect(\Input::referrer()); } else { \Response::redirect(\Uri::base()); } } }
/** * JSONで返答する * * $sendがtrueの時、返答して終わる * $sendがfalseの時、レスポンスオブジェクを返す * * @access protected * @param mixed $data 返答する値 * @param bool $send 送信フラグ * @return Response * @author kobayasi */ protected function responseJson($data = false, $send = false) { $response = new \Response(json_encode($data), 200); $response->set_header('Content-Type', 'application/json'); if ($send) { $response->send(true); exit; } return $response; }
public function responseJson($output) { $response = new \Response(); // no cache $response->set_header('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate'); $response->set_header('Cache-Control', 'post-check=0, pre-check=0', false); $response->set_header('Expires', 'Sat, 26 Jul 1997 05:00:00 GMT'); $response->set_header('Pragma', 'no-cache'); // content type $response->set_header('Content-Type', 'application/json'); // set body if ($output == null) { $output = []; } $response->body(json_encode($output)); return $response; }
/** * Demonstrates how HTTP basic authentication can be used * @return \Response */ public function action_basic() { if (Input::server("PHP_AUTH_USER", null) == null) { $response = new Response(); $response->set_header('WWW-Authenticate', 'Basic realm="Authenticate for eventual.org"'); return $response; } else { $response = Response::forge("You are authenticated as " . Input::server("PHP_AUTH_USER")); return $response; } }
/** * Out put relation json * * @access public * @return Response */ public function action_relationjson($introduced_user_id) { $me = Session::get('user', null); $introduced_user = Model_User::find($introduced_user_id); $query = \DB::query('SELECT `users`.`id` as `post_user_id`, `users`.`url`, `users`.`name`, `introductions`.*, (`introductions`.`distance` + `introductions`.`humanity`+ `introductions`.`ability`) as goodpoint FROM `users` LEFT JOIN `introductions` ON `users`.`id` = `introductions`.`user_id` AND `introductions`.`introduced_user_id` = :introduced_user_id WHERE `users`.`id` != :introduced_user_id ORDER BY goodpoint desc', \DB::SELECT); $users = $query->bind('introduced_user_id', $introduced_user_id)->execute(); unset($query); $query = \DB::query("SELECT `introductions`.*\n\t\t\tFROM `users`\n\t\t\t\tLEFT JOIN\n\t\t\t\t\t`introductions`\n\t\t\t\t\tON\n\t\t\t\t\t`users`.`id` = `introductions`.`user_id`\n\t\t\t\t\tAND\n\t\t\t\t\t`introductions`.`user_id` = " . $introduced_user_id . "\n\t\t\t\t\tAND\n\t\t\t\t\t`introductions`.`introduced_user_id` != " . $introduced_user_id . " WHERE `users`.`id` = " . $introduced_user_id, \DB::SELECT); $my_relations = $query->execute(); $bond = array(); foreach ($my_relations as $key => $intro) { $bond[$intro['introduced_user_id']] = (int) $intro['distance']; } $data = array(); $data['default']['nodes'] = array(); $data['default']['links'] = array(); $data['default']['introductions'] = array(); $nodes_i = 1; $data['default']['nodes'][] = array('name' => $introduced_user['name'], 'size' => 80, 'id' => (int) $introduced_user['id'], 'url' => $introduced_user['url'], 'nodetype' => 'person', 'fixed' => true, 'x' => 600, 'y' => 350); $links = array(); foreach ($users as $key => $user) { if (empty($user['id'])) { continue; } $nodes_i++; $links[(int) $user['user_id']] = $nodes_i; $data['default']['nodes'][] = array('name' => $user['name'], 'size' => 80, 'id' => (int) $user['user_id'], 'url' => $user['url'], 'nodetype' => 'person'); $bondStrength = !empty($bond[(int) $user['user_id']]) ? $bond[(int) $user['user_id']] : 0; $bondStrength = $bondStrength + (int) $user['distance']; if ($bondStrength >= 10) { $bondType = 3; } elseif ($bondStrength >= 7) { $bondType = 2; } else { $bondType = 1; } $data['default']['links'][] = array('source' => $nodes_i - 1, 'target' => 0, 'bondType' => $bondType, 'text' => $user['feature'], 'id' => 1000 + $user['id']); } foreach ($users as $key => $user) { if (empty($user['id'])) { continue; } $nodes_i++; $bondType = !empty($bond[(int) $user['introduced_user_id']]) ? (int) $user['introduced_user_id'] : 0; $bondType = $bondType + (int) $user['distance']; $data['default']['nodes'][] = array('name' => '紹介', 'size' => 150, 'id' => (int) $user['user_id'] + 1000, 'introduced' => array('feature' => $user['feature'], 'charm' => $user['charm'], 'skilfull' => $user['skillfull']), 'nodetype' => 'introduced'); $data['default']['introductions'][] = array('id' => (int) $user['user_id'] + 1000, 'div' => $this->intro_dl($user), 'bondType' => $bondType); $data['default']['links'][] = array('source' => $nodes_i - 1, 'target' => $links[(int) $user['user_id']] - 1, 'bondType' => 0, 'text' => '', 'id' => 10000 + $user['id']); } $response = new Response(); $response->set_header('Content-type', 'application/json'); $response->send_headers(); return Response::forge(View::forge('user/relationjson', array('data' => $data))); }
/** * Handler for HTTP Digest Authentication * * @return array A key/value array of the username => value and password => value */ private function _http_digest(\Response $response) { $realm = $this->config['http_authenticatable']['realm']; $data = array('nonce' => null, 'nc' => null, 'cnonce' => null, 'qop' => null, 'username' => null, 'uri' => null, 'response' => null); foreach (explode(',', \Input::server('PHP_AUTH_DIGEST')) as $string) { $parts = explode('=', trim($string), 2) + array('', ''); $data[$parts[0]] = trim($parts[1], '"'); } $users = $this->config['http_authenticatable']['users']; $password = !empty($users[$data['username']]) ? $users[$data['username']] : null; $A1 = md5("{$data['username']}:{$realm}:{$password}"); $A2 = "{$data['nonce']}:{$data['nc']}:{$data['cnonce']}:{$data['qop']}"; $A3 = md5(\Input::server('REQUEST_METHOD') . ':' . $data['uri']); $hash = md5("{$A1}:{$A2}:{$A3}"); if (!$data['username'] || $hash !== $data['response']) { $nonce = uniqid(); $opaque = md5($realm); $header_value = "Digest realm=\"{$realm}\",qop=\"auth\", nonce=\"{$nonce}\",opaque=\"{$opaque}\""; $response->set_header('WWW-Authenticate', $header_value); $response->send(true); exit; } return array('username' => $data['username'], 'password' => $password); }
public function action_reset($account_id = '') { // set redirect url $redirect = $this->getAndSetSubmitRedirection(); // ajax request only if (!\Input::is_ajax()) { \Response::redirect($redirect); } // check permission if (\Model_AccountLevelPermission::checkAdminPermission('acperm_perm', 'acperm_manage_user_perm') == false) { \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string())))); return null; } // method post only if (\Input::method() != 'POST') { return null; } // if account id not set if (!is_numeric($account_id)) { $cookie_account = \Model_Accounts::forge()->getAccountCookie('admin'); $account_id = 0; if (isset($cookie_account['account_id'])) { $account_id = $cookie_account['account_id']; } unset($cookie_account); } $output['account_id'] = $account_id; // check target account $account_check_result = $this->checkAccountData($account_id); $output['account_check_result'] = is_object($account_check_result) || is_array($account_check_result) ? true : $account_check_result; unset($account_check_result); if (!\Extension\NoCsrf::check()) { $output['result'] = false; } else { if ($output['account_check_result'] === true) { $result = \Model_AccountPermission::resetPermission($account_id); $output['result'] = $result; } else { $output['result'] = false; } } $response = new \Response(); $response->set_header('Content-Type', 'application/json'); $response->body(json_encode($output)); return $response; }
public function action_reset() { // set redirect url $redirect = $this->getAndSetSubmitRedirection(); // ajax request only if (!\Input::is_ajax()) { \Response::redirect($redirect); } // check permission if (\Model_AccountLevelPermission::checkAdminPermission('acperm_perm', 'acperm_manage_level_perm') == false) { \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string())))); return null; } // method post only if (\Input::method() != 'POST') { return null; } if (!\Extension\NoCsrf::check()) { $output['result'] = false; } else { $result = \Model_AccountLevelPermission::resetPermission(); $output['result'] = $result; } $response = new \Response(); $response->set_header('Content-Type', 'application/json'); $response->body(json_encode($output)); return $response; }
/** * redirect to url that contain language * example: * http://localhost/ -> http://localhost/en * http://localhost/page -> http://localhost/en/page * * @author Vee Winch. * @license MIT * @link http://rundiz.com The author's website. * @package Fuel Start */ public function redirectLanguageUri() { $locales = \Config::get('locales'); $default_lang = \Config::get('language'); if (is_array($locales) && !empty($locales)) { if (!count($this->segments)) { // current uri is in root web. the url is http://domain.tld/fuelphp_root_web/ $need_redirect = true; // redirect to http://domain.tld/fuelphp_root_web/{lang} $redirect_url = $default_lang; } else { // current url is in dir or /lang $uri_exp = explode('/', \Input::uri()); // the \Input::uri will return uri segments with / at the start. when explode it, the first array might be null. // check that first array of exploded uri is not null. if (isset($uri_exp[0]) && $uri_exp[0] != null) { $first_uri = $uri_exp[0]; } elseif (isset($uri_exp[1])) { $first_uri = $uri_exp[1]; } else { // in case that \Input::uri with exploded / is not array or something wrong. $first_uri = $default_lang; } // if first uri is NOT in locales. if (!array_key_exists($first_uri, $locales)) { // first uri segment is not lang. the url is http://domain.tld/fuelphp_root_web/page $need_redirect = true; // redirect to http://domain.tld/fuelphp_root_web/{lang}/page $redirect_url = $default_lang . '/' . implode('/', $this->segments); } } // if need to redirect. if (isset($need_redirect) && $need_redirect === true) { // set no cache header. $response = new Response(); $response->set_header('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate'); $response->set_header('Expires', 'Mon, 26 Jul 1997 05:00:00 GMT'); $response->set_header('Pragma', 'no-cache'); $response->send_headers(); // clean vars. unset($default_lang, $first_uri, $locales, $need_redirect); // go! redirect. (do not use fuelphp redirect because it generate error 404 in home page) $redirect_url = self::createNL($redirect_url); // use redirect manually. $response->set_status(301); $response->set_header('Location', $redirect_url); $response->send(true); exit; } // clean vars. unset($default_lang, $locales); } // clean vars. unset($default_lang, $locales); }
public function action_accountMultisite() { $act = trim(\Input::post('act')); $output = []; if (strtolower(\Fuel\Core\Input::method()) == 'post') { if ($act == 'createmaintable') { $create_table = \Fuel\Core\DBUtil::create_table('testmultisiteaccount', ['id' => ['constraint' => 11, 'type' => 'int', 'auto_increment' => true], 'account_id' => ['constraint' => 11, 'type' => 'int', 'null' => true, 'comment' => 'refer to accounts.account_id'], 'actdate' => ['type' => 'bigint', 'null' => true, 'comment' => 'date/time of record date.']], ['id'], true); $output['create_table_result'] = $create_table; $output['result'] = true; } elseif ($act == 'insertdemodata') { // get accounts that is not guest $account_result = \DB::select('account_id')->as_object()->from('accounts')->where('account_id', '!=', '0')->execute(); // get all sites from site table $sites_result = \DB::select('site_id')->as_object()->from('sites')->execute(); $output['tables_data'] = []; if ($sites_result != null) { foreach ($sites_result as $site) { if ($site->site_id == '1') { $test_table = 'testmultisiteaccount'; } else { $test_table = $site->site_id . '_testmultisiteaccount'; } if (\DBUtil::table_exists($test_table)) { \DBUtil::truncate_table($test_table); if ($account_result != null) { foreach ($account_result as $account) { \DB::insert($test_table)->set(['account_id' => $account->account_id, 'actdate' => time()])->execute(); } // endforeach; $account_result } // endif; $account_result // finished insert get data from this table. $this_table_result = \DB::select()->as_object('stdClass')->from($test_table)->limit(10)->order_by('id', 'DESC')->execute()->as_array(); $output['tables_data'][$test_table] = $this_table_result; unset($this_table_result); } unset($test_table); } // endforeach; $sites_result $output['result'] = true; } // endif; $sites_result unset($account, $account_result, $site, $sites_result); } elseif ($act == 'loaddemodata') { // get all sites from site table $sites_result = \DB::select('site_id')->as_object()->from('sites')->execute(); $output['tables_data'] = []; if ($sites_result != null) { foreach ($sites_result as $site) { if ($site->site_id == '1') { $test_table = 'testmultisiteaccount'; } else { $test_table = $site->site_id . '_testmultisiteaccount'; } if (\DBUtil::table_exists($test_table)) { $this_table_result = \DB::select()->as_object('stdClass')->from($test_table)->limit(10)->order_by('id', 'DESC')->execute()->as_array(); $output['tables_data'][$test_table] = $this_table_result; unset($this_table_result); } } // endforeach; $sites_result $output['result'] = true; } // endif; $sites_result unset($site, $sites_result); } elseif ($act == 'droptable') { // get all sites from site table $sites_result = \DB::select('site_id')->as_object()->from('sites')->execute(); if ($sites_result != null) { foreach ($sites_result as $site) { if ($site->site_id == '1') { $test_table = 'testmultisiteaccount'; } else { $test_table = $site->site_id . '_testmultisiteaccount'; } if (\DBUtil::table_exists($test_table)) { \DBUtil::drop_table($test_table); } } // endforeach; $sites_result $output['result'] = true; } // endif; $sites_result unset($site, $sites_result); } // endif; $act if (\Input::is_ajax()) { $response = new \Response(); // no cache $response->set_header('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate'); $response->set_header('Cache-Control', 'post-check=0, pre-check=0', false); $response->set_header('Expires', 'Sat, 26 Jul 1997 05:00:00 GMT'); $response->set_header('Pragma', 'no-cache'); // content type $response->set_header('Content-Type', 'application/json'); // set body if ($output == null) { $output = []; } $response->body(json_encode($output)); return $response; } } // <head> output ------------------------------------------- $output['page_title'] = $this->generateTitle('Test module plugin'); // <head> output ------------------------------------------- // breadcrumb ------------------------------------------------------------------------------------------------- $page_breadcrumb = []; $page_breadcrumb[0] = ['name' => \Lang::get('admin_admin_home'), 'url' => \Uri::create('admin')]; $page_breadcrumb[1] = ['name' => 'Test module plugin', 'url' => \Uri::create('testmod/admin/index')]; $page_breadcrumb[2] = ['name' => 'Test delete account on multisite table', 'url' => \Uri::main()]; $output['page_breadcrumb'] = $page_breadcrumb; unset($page_breadcrumb); // breadcrumb ------------------------------------------------------------------------------------------------- return $this->generatePage('admin/templates/index/accountMultisite_v', $output, false); }
public function action_ajaxsort() { // set redirect url $redirect = $this->getAndSetSubmitRedirection(); // if not ajax if (!\Input::is_ajax()) { \Response::redirect($redirect); } // check permission if (\Model_AccountLevelPermission::checkAdminPermission('accountlv_perm', 'accountlv_sort_perm') == false) { \Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string())))); return null; } $output['result'] = false; if (\Input::method() == 'POST') { $lvg_ids = \Input::post('listItem'); if (is_array($lvg_ids)) { $level_priority = 3; foreach ($lvg_ids as $level_group_id) { $alg = \Model_AccountLevelGroup::find($level_group_id); $alg->level_priority = $level_priority; $alg->save(); $level_priority++; } $output['result'] = true; if (\Session::get_flash('form_status', null, false) == null) { \Session::set_flash('form_status', array('form_status' => 'success', 'form_status_message' => \Lang::get('admin_saved'))); } } unset($alg, $lvg_ids, $level_group_id, $level_priority); } $response = new \Response(); $response->set_header('Content-Type', 'application/json'); $response->body(json_encode($output)); return $response; }
public function action_delete_avatar() { if (!\Input::is_ajax()) { \Response::redirect(\Uri::create('admin/account')); } // check permission if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_edit_perm') == false) { return false; } $account_id = (int) trim(\Input::post('account_id')); // if editing guest. if ($account_id == '0') { return false; } // load language \Lang::load('account'); // get target user data $row = \Model_Accounts::find($account_id); if ($row == null) { return false; } // set target user levels foreach ($row->account_level as $lvl) { $output['level_group_id'][] = $lvl->level_group_id; } // check that this user can edit? if (\Model_Accounts::forge()->canIAddEditAccount($output['level_group_id']) == false) { // no $output = array('form_status' => 'error', 'form_status_message' => \Lang::get('account_you_cannot_edit_account_that_contain_role_higher_than_yours')); $output['result'] = false; } else { // yes unset($output); // delete avatar \Model_Accounts::forge()->deleteAccountAvatar($account_id); $output['result'] = true; } $response = new \Response(); $response->set_header('Content-Type', 'application/json'); $response->body(json_encode($output)); return $response; }
public function action_index() { // load language \Lang::load('admin'); \Lang::load('account'); // load config from db. $cfg_values = array('member_max_login_fail', 'member_login_fail_wait_time'); $config = Model_Config::getvalues($cfg_values); $output['config'] = $config; unset($cfg_values); // set active theme for admin. this controller is not based on admin controller, then it is require to set to admin theme. $theme = \Theme::instance(); $theme->active($this->theme_system_name); // set login redirect if (\Input::get('rdr') != null) { $output['go_to'] = urlencode(\Input::get('rdr')); } else { $output['go_to'] = urlencode(\Uri::create('admin')); } // read flash message for display errors. this is REQUIRED if you coding the check login with simultaneous login detection on. // this is REQUIRED in login page. because failed 'is login' check will redirect to here. $form_status = \Session::get_flash('form_status'); if (isset($form_status['form_status']) && isset($form_status['form_status_message'])) { $output['form_status'] = $form_status['form_status']; $output['form_status_message'] = $form_status['form_status_message']; } unset($form_status); // count login fail and show captcha. if (\Session::get('login_all_fail_count', '0') >= $this->login_fail_time_show_captcha || \Session::get('show_captcha', false) === true) { $output['show_captcha'] = true; // if last time login failed is over wait time, reset it if ((time() - \Session::get('login_all_fail_time', time())) / 60 > $config['member_login_fail_wait_time']['value']) { // reset captcha requirement and wait time. \Session::set('login_all_fail_count', \Session::get('login_all_fail_count') - ($this->login_fail_time_show_captcha + 1)); // do not reset this, just reduce to fail time show captcha+1. doing this to prevent brute force attack. \Session::delete('login_all_fail_time'); \Session::delete('show_captcha'); } } // browser check $output['browser_check'] = $this->browserCheck(); // if form submitted -------------------------------------------------------------------------------------------- if (\Input::method() == 'POST') { // store data for login $data['account_identity'] = trim(\Input::post('account_identity')); if (strpos($data['account_identity'], '@') === false) { $data['account_username'] = $data['account_identity']; } else { $data['account_email'] = $data['account_identity']; } $data['account_password'] = trim(\Input::post('account_password')); // validate form. $validate = \Validation::forge(); // check username or email required $validate->add('account_identity', \Lang::get('account_username_or_email'), array(), array('required')); $validate->add('account_password', \Lang::get('account_password'), array(), array('required')); if (!\Extension\NoCsrf::check()) { // validate token failed $output['form_status'] = 'error'; $output['form_status_message'] = \Lang::get('fslang_invalid_csrf_token'); $output['input_csrf_token'] = \Extension\NoCsrf::generate(); } elseif (!$validate->run()) { // validate failed $output['form_status'] = 'error'; $output['form_status_message'] = $validate->show_errors(); if (\Input::is_ajax()) { $response = new \Response(); $response->set_header('Content-Type', 'application/json'); $response->body(json_encode($output)); return $response; } } else { // count login failed and wait if it was exceed max failed allowed. if (\Session::get('login_all_fail_count', '0') > $config['member_max_login_fail']['value'] && (time() - \Session::get('login_all_fail_time', time())) / 60 <= $config['member_login_fail_wait_time']['value']) { // continuous login failed over max fail limit. $result = Lang::get('account_login_failed_too_many', array('wait_minute' => $config['member_login_fail_wait_time']['value'], 'wait_til_time' => date('d F Y H:i:s', time() + $config['member_login_fail_wait_time']['value'] * 60))); } else { // not reach maximum limit // check if show captcha if (isset($output['show_captcha']) && $output['show_captcha'] === true) { include APPPATH . 'vendor' . DS . 'securimage' . DS . 'securimage.php'; $securimage = new \Securimage(); if ($securimage->check(\Input::post('captcha')) == false) { $result = \Lang::get('account_wrong_captcha_code'); } } // try to login. --------------------------------------------- if (!isset($result) || isset($result) && $result == null) { $result = \Model_Accounts::adminLogin($data); } } // check login result ---------------------------------------------- if ($result === true) { // success $all_fail_count = 0; \Session::delete('login_all_fail_count'); \Session::delete('login_all_fail_time'); \Session::delete('show_captcha'); if (\Input::is_ajax()) { $output['login_status'] = true; $output['form_status'] = 'success'; $output['form_status_message'] = \Lang::get('account_login_success'); if (!isset($output['go_to'])) { $output['go_to'] = \Uri::main(); } else { $output['go_to'] = urldecode($output['go_to']); } $response = new \Response(); $response->set_header('Content-Type', 'application/json'); $response->body(json_encode($output)); return $response; } else { if (isset($output['go_to'])) { \Response::redirect(urldecode($output['go_to'])); } else { \Response::redirect(\Uri::base()); } } } else { // failed $all_fail_count = \Session::get('login_all_fail_count', '0') + 1; \Session::set('login_all_fail_count', $all_fail_count); \Session::set('login_all_fail_time', time()); // if login fail count more than or equal to fail time show captcha if ($all_fail_count >= $this->login_fail_time_show_captcha) { $output['show_captcha'] = true; \Session::set('show_captcha', true); } $output['form_status'] = 'error'; $output['form_status_message'] = $result; if (\Input::is_ajax()) { $response = new \Response(); $response->set_header('Content-Type', 'application/json'); $response->body(json_encode($output)); return $response; } } } // re-populate form $output['account_identity'] = $data['account_identity']; } // <head> output ---------------------------------------------------------------------------------------------- $output['page_title'] = $this->generateTitle(\Lang::get('account_login')); $output['page_meta'][] = '<meta name="robots" content="noindex, nofollow" />'; // <head> output ---------------------------------------------------------------------------------------------- // breadcrumb ------------------------------------------------------------------------------------------------- $page_breadcrumb = []; $page_breadcrumb[0] = ['name' => \Lang::get('admin_admin_home'), 'url' => \Uri::create('admin')]; $page_breadcrumb[1] = ['name' => \Lang::get('account_login'), 'url' => \Uri::create('admin/login')]; $output['page_breadcrumb'] = $page_breadcrumb; unset($page_breadcrumb); // breadcrumb ------------------------------------------------------------------------------------------------- if (\Input::is_ajax()) { $response = new \Response(); $response->set_header('Content-Type', 'application/json'); $response->body(json_encode($output)); return $response; } else { return $theme->view('admin/templates/login/index_v', $output, false); } }
/** * Forced download of the attached file * @param type $id * @return \Response * @throws HttpNotFoundException */ public function action_poster($id = null) { //if the event request is not valid, return a 404 error if (is_null($id)) { throw new HttpNotFoundException(); } $event = Model_Orm_Event::find($id); if (is_null($event)) { throw new HttpNotFoundException(); } if ($event->poster != null) { //the files are found in subfolder of APPPATH, named "files" //DS stands for "Directory Separator" //Since we know it's a PDF file, we force PDF mime type. $response = new Response(); $response->set_header('Content-Type', 'application/pdf'); $response->set_header('Content-Disposition', 'attachment; filename="' . $event->poster . '"'); $response->body = file_get_contents(APPPATH . "files" . DS . $event->poster); return $response; } else { //no poster file for the current document! throw new HttpNotFoundException(); } }
public function action_list_reports($campaign_id) { $full_details = Controller_Reports::list_reports($campaign_id, TRUE); $stats = array(); foreach ($full_details as $full) { $stats[] = '"' . implode($full, '","') . '"'; } $response = new Response(implode($stats, "\n")); $response->set_header('Content-Type', 'text/csv'); $response->set_header('Content-Disposition', 'attachment; filename="full_stats_' . $campaign_id . '.csv"'); $response->set_header('Cache-Control', 'no-cache, no-store, max-age=0, must-revalidate'); $response->set_header('Expires', 'Mon, 26 Jul 1997 05:00:00 GMT'); $response->set_header('Pragma', 'no-cache'); return $response; }
public static function redirect($absolute_url, $permanent = false) { $response = new Response(); $response->set_status($permanent ? Constants::MOVED_PERMANENTLY : Constants::MOVED_TEMPORARILY); $response->set_header('Location', $absolute_url); return $response; }