public function checkRightUser() { $session = new Session(); if ($session->getUsername() === $this->username) { return true; } return false; }
<?php require_once 'connection.php'; $session = new Session(); $user = User::select($db, $session->getUsername()); //print_r($_POST); if (!$session->getLoggedin() || !$session->haveAccess(1, 1, 1, 0) || $session->getUsertype() == Session::USER_MANAGER && $user->getEventcode() != $_GET['eventcode']) { die("People of India posses a great deal of wisdom for changing what is not their."); } $out = []; if (isset($_POST['eventcode'])) { $eventcode = $db->escape($_POST['eventcode']); $eventname = $db->escape(str_replace("'", "'", $_POST['ename'])); $shortdesc = $db->escape(str_replace("'", "'", $_POST['shortdesc'])); $tags = $db->escape($_POST['tags']); $contacts = $db->escape($_POST['contacts']); $prizes = $db->escape($_POST['prizes']); $longdesc = $db->escape($_POST['longdesc']); //single quotes - replaced with javascript .. (really???) $prtpnt = $db->escape($_POST['prtpnt']); $timings = $db->escape($_POST['timings']); $loc = $db->escape($_POST['venue']); $query = "UPDATE events SET " . Event::EVENT_NAME . " ='{$eventname}'," . Event::EVENT_SHORTDESC . "='{$shortdesc}'," . Event::EVENT_LONGDESC . "='{$longdesc}'," . Event::EVENT_TAGS . "='{$tags}'," . Event::EVENT_CONTACTS . "='{$contacts}'," . Event::EVENT_PRIZE . "='{$prizes}'," . Event::EVENT_PRTPNT . "='{$prtpnt}'," . Event::EVENT_TIMINGS . "='{$timings}'," . Event::EVENT_LOCATIONID . "='{$loc}' WHERE " . Event::EVENT_CODE . "='{$eventcode}'"; $db->query($query); $status = "Success Fully Updated!!"; } else { $status = "Success Fully Failed :P ---> This shouldnt be happening!! Contact Incharge."; } require './includes/metadetails.php'; ?> <body>
require_once '../classes/functions.php'; require __DIR__ . '/../vendor/autoload.php'; require '../config.php'; require '../classes/boot.php'; require_once '../classes/Item.php'; require_once '../classes/Restaurant.php'; require_once '../classes/User.php'; require_once '../classes/Order.php'; $session = new Session(); $session->forceLogin('../index.php'); if (isset($_POST['status'])) { $order = Order::find($_GET['id']); $order->status = $_POST['status']; $order->save(); } $user = User::find($session->getUsername()); $order = Order::with('restaurant')->find($_GET['id']); $items = json_decode($order->items, TRUE); getTemplate(1, 'header', []); ?> <body> <?php getTemplate(1, 'admin_nav', []); ?> <div class="orderscontainer" ng-controller="PageController"> <div class="container"> <div class="row"> <div class="col s12 m12"> <h3>Order Details</h3> <p>Order ID: <?php
/* TODO: register new user at master if it does not exist yet */ $session->login($result['login']); $_SESSION['name'] = $result['name']; $_SESSION['profile_url'] = $result['html_url']; $_SESSION['token'] = $token->getAccessToken(); return $response->withRedirect('/repositories'); } catch (\OAuth\Common\Http\Exception\TokenResponseException $e) { return $response->withStatus(500)->write($e->getMessage()); } } else { return $response->withRedirect($gitHub->getAuthorizationUri()); } }); /* GitHub list repositories */ $app->get('/repositories', function ($request, $response) use($session) { if (!$session->getUsername()) { return $response->withStatus(403)->write('Not authenticated'); } $client = new \Github\Client(); $client->authenticate($_SESSION['token'], null, \Github\Client::AUTH_HTTP_TOKEN); try { $repos = $client->api('user')->repositories($session->getUsername()); foreach ($repos as $key => $repository) { $repos[$key]['redports_enabled'] = false; foreach ($client->api('repo')->hooks()->all($session->getUsername(), $repository['name']) as $hook) { if ($hook['name'] == 'web' && strpos($hook['config']['url'], 'redports.org') !== false) { $repos[$key]['redports_enabled'] = true; } } } } catch (\Github\Exception\RuntimeException $e) {
<?php require __DIR__ . '/./vendor/autoload.php'; require './config.php'; require_once './helpers/session.php'; require './helpers/boot.php'; require_once './helpers/User.php'; require './helpers/functions.php'; require './helpers/Level.php'; $session = new Session(); if (!$session->getLoggedin()) { header("Location: index.php"); } $user = User::find($session->getUsername()); if (isset($_POST['level'])) { $level = new Level(); $level->user_id = $session->getUsername(); $level->level = $_POST['level']; $level->save(); header("Location: index.php"); } ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title>Form</title> <link href="./static/css/awe.css" rel="stylesheet"> <link href="./static/css/player.css" rel="stylesheet">
<li class="right"><a href="<?php echo Url::settings(); ?> ">Settings</a></li> <li class="right"><a href="<?php echo Url::inbox(); ?> ">Inbox<?php echo $numUnread > 0 ? '<span class="unread">' . $numUnread . '</span>' : ''; ?> </a></li> <li class="right"><a href="<?php echo Url::profile(); ?> "><?php echo Session::getUsername(); ?> </a></li> <?php } else { ?> <li class="right"><a href="<?php echo Url::consent(); ?> ">Register</a></li> <li class="right"><a href="<?php echo Url::logIn(); ?> ">Log In</a></li> <?php }
<?php require_once 'blog/controller/blogController.php'; require_once 'session/session.php'; $session = new Session(); // Man ska alltid kunna gå in på bloggen, dock så är det i ett annat läge om man inte är inlogggad if ($session->isLoggedIn()) { //Skicka ingenstans, men ha istället argument i controllern som skriver ut en sida utan möjlighet till inlägg eller något $blogController = new BlogController(true, $session->getUsername()); $blogController->checkPostback(); echo $blogController->getHTML(); } else { $blogController = new BlogController(false, ""); //Borde jag verkligen ha den här här? $blogController->checkPostback(); echo $blogController->getHTML(); }
$session = new Session(); if (!$session->getLoggedin() || $session->getUsertype() != Session::USER_MANAGER) { header("Location: login.php"); } $olddb = new Database(DB_SERVER, DB_USER, DB_PASS, "nitcfest_tathva14"); $oldevents = Event::selectAllShort($olddb); $oldoptions = ""; foreach ($oldevents as $event) { $oldoptions .= "<option value='{$event['code']}'>{$event['name']}</option>"; } $events = Event::selectAllShort($db); $options = ""; foreach ($events as $event) { $options .= "<option value='{$event['code']}'>{$event['name']}</option>"; } $user = $session->getUsername(); $user = User::select($db, $user); $eventcode = $user->getEventcode(); $event = Event::select($db, $eventcode); require './includes/metadetails.php'; ?> <body> <?php require './includes/header.php'; ?> <div class="container-fluid"> <ul class="nav nav-tabs" role="tablist"> <li role="presentation" class="active"><a href="#reglist" aria-controls="reglist" role="tab" data-toggle="tab">T14 Reglist</a></li>