/** * Checks to see if a user is logged in * @return bool True if the user is logged in */ public static function is_logged_in() { if (SessionUtil::session('user') && SessionUtil::session('loggedIn')) { $user = unserialize(SessionUtil::session('user')); if (self::user_token($user->salt) == SessionUtil::session('loggedIn')) { return true; } } return false; }
/** * Template constructor * @param string $title Title of the web page * @param bool $noTemplate If set to true then no menus or sidebars will be used. It will be a single page. * @param bool $maintenance If set it wont redirect when the site is in maintenance mode */ function __construct($title, $noTemplate = false, $maintenance = false) { //Set flags $this->noTemplate = $noTemplate; $this->maintenance = $maintenance; $this->title = $title; SessionUtil::start_session(); //Check for a user and save the data if (SessionUtil::session('user')) { $this->user = unserialize(SessionUtil::session('user')); } }
private function render_add_user() { $errorMessage = ''; //Check to see if the add button was pressed if (param('btnAdd')) { //Check the token if (SessionUtil::session('token') != param('hidToken')) { $errorMessage .= 'Invalid Token try again. '; } //Validation Block if (!ValidationUtil::text(param('txtName'), 30, 1)) { $errorMessage .= 'You must provide a name between 1 and 30 characters long. '; } if (!ValidationUtil::email(param('txtEmail'))) { $errorMessage .= 'Email is invalid. '; } if (!ValidationUtil::text(param('txtCompany'), 30, 1)) { $errorMessage .= 'You must provide a company name with a max of 30 characters. '; } if (!ValidationUtil::text(param('txtPassword'), 12, 8)) { $errorMessage .= 'You must enter in a password that is a min of 8 and a max of 12. '; } if (!$errorMessage) { $errorMessage = $this->add_user(); } } //Set the token for the page $token = SessionUtil::token(); SessionUtil::session_set('token', $token); //Render the page ?> <div class="admin-page-wrapper"> <form action="/pages/admin/useradmin.php?subPage=Add User" method="post"> <div class="admin-user-wrapper"> <h1>Add User</h1> <?php //Check to see if there is any messages and display them if there is any if ($errorMessage) { echo '<span class="warning">' . $errorMessage . '</span>'; } ?> <div class="user-admin-content"> <input type="hidden" name="hidToken" value="<?php echo $token; ?> " /> <label for="txtName">User Name:</label><br /> <input type="text" name="txtName" id="txtName" /><br /> <label for="txtEmail">Email:</label><br /> <input type="email" name="txtEmail" id="txtEmail" /><br /> <label for="txtCompany">Company:</label><br /> <input type="text" name="txtCompany" id="txtCompany" /><br /> <label for="txtPassword">Password:</label><br /> <input type="text" name="txtPassword" id="txtPassword" value="<?php echo AuthenticationUtil::generate_password(); ?> " /> </div> <h3>Privileges</h3> <div> <input type="checkbox" name="cbxPrivs[]" value="<?php echo AuthenticationUtil::PRIVILEGE_VIEW_MERCHANT_PAGE; ?> " id="cbx1" /> <label for="cbx1">Merchant View</label><br /> <input type="checkbox" name="cbxPrivs[]" value="<?php echo AuthenticationUtil::PRIVILEGE_VIEW_ADMIN_PAGE; ?> " id="cbx2" /> <label for="cbx2">Admin View</label><br /> <input type="checkbox" name="cbxPrivs[]" value="<?php echo AuthenticationUtil::PRIVILEGE_ASSIGN_PRIVILEGES; ?> " id="cbx3" /> <label for="cbx3">Assign Privileges</label><br /> <input type="checkbox" name="cbxPrivs[]" value="<?php echo AuthenticationUtil::PRIVILEGE_PAGE_ADMIN; ?> " id="cbx4" /> <label for="cbx4">Admin Pages</label><br /> <input type="checkbox" name="cbxPrivs[]" value="<?php echo AuthenticationUtil::PRIVILEGE_USER_ADMIN; ?> " id="cbx5" /> <label for="cbx5">Admin Users</label><br /> </div> <input type="submit" name="btnAdd" /> </div> </form> </div> <?php }