public function postLogin()
{
$token = isset($_POST['_token']) ? $_POST['_token'] : null;
check_token($token);
$okay = true;
$email = $_POST['email'];
$password = $_POST['password'];
// lookup the user
$user = User::user($email);
if ($user != null) {
// validate password
if (!password_verify($password, $user->password)) {
$okay = false;
}
} else {
$okay = false;
}
if ($okay) {
$_SESSION['user'] = $user;
flash('success', ['you are Login successfully']);
redirect('/');
} else {
flash('errors', ['Invalid Login or you not active your account']);
redirect('/');
}
}
/**
* the login data post process here
* @return [type] [description]
*/
public function postShowLoginPage()
{
check_token($_POST['_token']);
$okay = true;
$email = $_POST['email'];
$password = $_POST['password'];
// Look up the user
$user = User::where('active', 1)->where('email', $email)->first();
if ($user != null) {
// validate credentials
if (!password_verify($password, $user->password)) {
$okay = false;
}
} else {
$okay = false;
}
if ($okay) {
// if valid, log them
$this->session->login($user);
header('Location: /');
exit;
} else {
// if not valid redirect to the login page
Session::flash('errors', ['Invalid Login']);
echo $this->blade->render('login');
}
}
function index()
{
$bo_table = $this->input->post('bo_table');
if (!IS_MEMBER || !$bo_table) {
show_404();
}
$board = $this->Basic_model->get_board($bo_table);
if (!isset($board['bo_table'])) {
alert_close('존재하지 않은 게시판입니다.');
}
$member = unserialize(MEMBER);
if ($member['mb_id'] != $board['bo_admin']) {
show_404();
}
$config = array(array('field' => 'bo_table', 'label' => 'TABLE', 'rules' => 'trim|required|min_length[3]|max_length[20]|alpha_dash|xss_clean'), array('field' => 'token', 'label' => '토큰', 'rules' => 'trim|required'), array('field' => 'bo_subject', 'label' => '게시판 제목', 'rules' => 'trim|required|max_length[20]|xss_clean'), array('field' => 'bo_admin', 'label' => '게시판 관리자', 'rules' => 'trim|min_length[3]|max_length[20]|alpha_dash'));
$this->load->library('form_validation');
$this->form_validation->set_rules($config);
if ($this->form_validation->run() == FALSE) {
$head = array('title' => $board['bo_subject']);
$data = array('token' => get_token(), 'bo_table' => $board['bo_table'], 'bo_admin' => $board['bo_admin'], 'bo_subject' => $board['bo_subject'], 'bo_insert_content' => $board['bo_insert_content'], 'bo_sort_field' => $board['bo_sort_field'], 'bo_count_write' => isset($board['bo_count_write']) ? number_format($board['bo_count_write']) : FALSE, 'bo_count_comment' => isset($board['bo_count_comment']) ? number_format($board['bo_count_comment']) : FALSE, 'bo_count_delete' => $board['bo_count_delete'], 'bo_count_modify' => $board['bo_count_modify'], 'bo_use_secret' => $board['bo_use_secret'], 'bo_page_rows' => $board['bo_page_rows'], 'bo_page_rows_comt' => $board['bo_page_rows_comt'], 'bo_subject_len' => $board['bo_subject_len'], 'bo_new' => $board['bo_new'], 'bo_hot' => $board['bo_hot'], 'bo_image_width' => $board['bo_image_width'], 'bo_reply_order' => $board['bo_reply_order'], 'use_private_chk' => $board['bo_use_private'] ? "checked='checked'" : '', 'use_rss_chk' => $board['bo_use_rss'] ? "checked='checked'" : '', 'use_sns_chk' => $board['bo_use_sns'] ? "checked='checked'" : '', 'use_comment_chk' => $board['bo_use_comment'] ? "checked='checked'" : '', 'use_category_chk' => $board['bo_use_category'] ? "checked='checked'" : '', 'use_sideview_chk' => $board['bo_use_sideview'] ? "checked='checked'" : '', 'use_editor_chk' => $board['bo_use_editor'] ? "checked='checked'" : '', 'use_name_chk' => $board['bo_use_name'] ? "checked='checked'" : '', 'use_ip_view_chk' => $board['bo_use_ip_view'] ? "checked='checked'" : '', 'use_list_view_chk' => $board['bo_use_list_view'] ? "checked='checked'" : '', 'use_email_chk' => $board['bo_use_email'] ? "checked='checked'" : '', 'use_syntax_chk' => $board['bo_use_syntax'] ? "checked='checked'" : '', 'use_search_chk' => $board['bo_use_search'] ? "checked='checked'" : '', 'bo_list_level' => get_mb_level_select('bo_list_level', $board['bo_list_level'], '', $member['mb_level']), 'bo_read_level' => get_mb_level_select('bo_read_level', $board['bo_read_level'], '', $member['mb_level']), 'bo_write_level' => get_mb_level_select('bo_write_level', $board['bo_write_level'], '', $member['mb_level']), 'bo_reply_level' => get_mb_level_select('bo_reply_level', $board['bo_reply_level'], '', $member['mb_level']), 'bo_comment_level' => get_mb_level_select('bo_comment_level', $board['bo_comment_level'], '', $member['mb_level']), 'bo_upload_level' => get_mb_level_select('bo_upload_level', $board['bo_upload_level'], '', $member['mb_level']), 'bo_download_level' => get_mb_level_select('bo_download_level', $board['bo_download_level'], '', $member['mb_level']));
widget::run('head', $head);
$this->load->view('board/admin', $data);
widget::run('tail');
} else {
check_token();
// 이것을 Model로 해야 하는가 말아야 하는가
$this->db->update('ki_board', array('bo_subject' => $this->input->post('bo_subject'), 'bo_list_level' => $this->input->post('bo_list_level'), 'bo_read_level' => $this->input->post('bo_read_level'), 'bo_write_level' => $this->input->post('bo_write_level'), 'bo_reply_level' => $this->input->post('bo_reply_level'), 'bo_comment_level' => $this->input->post('bo_comment_level'), 'bo_upload_level' => $this->input->post('bo_upload_level'), 'bo_download_level' => $this->input->post('bo_download_level'), 'bo_count_modify' => $this->input->post('bo_count_modify'), 'bo_count_delete' => $this->input->post('bo_count_delete'), 'bo_use_private' => $this->input->post('bo_use_private'), 'bo_use_rss' => $this->input->post('bo_use_rss'), 'bo_use_sns' => $this->input->post('bo_use_sns'), 'bo_use_category' => $this->input->post('bo_use_category'), 'bo_use_comment' => $this->input->post('bo_use_comment'), 'bo_use_sideview' => $this->input->post('bo_use_sideview'), 'bo_use_secret' => $this->input->post('bo_use_secret'), 'bo_use_editor' => $this->input->post('bo_use_editor'), 'bo_use_name' => $this->input->post('bo_use_name'), 'bo_use_ip_view' => $this->input->post('bo_use_ip_view'), 'bo_use_list_view' => $this->input->post('bo_use_list_view'), 'bo_use_email' => $this->input->post('bo_use_email'), 'bo_use_syntax' => $this->input->post('bo_use_syntax'), 'bo_subject_len' => $this->input->post('bo_subject_len'), 'bo_page_rows' => $this->input->post('bo_page_rows'), 'bo_page_rows_comt' => $this->input->post('bo_page_rows_comt'), 'bo_new' => $this->input->post('bo_new'), 'bo_hot' => $this->input->post('bo_hot'), 'bo_image_width' => $this->input->post('bo_image_width'), 'bo_reply_order' => $this->input->post('bo_reply_order'), 'bo_sort_field' => $this->input->post('bo_sort_field'), 'bo_insert_content' => $this->input->post('bo_insert_content'), 'bo_use_search' => $this->input->post('bo_use_search')), array('bo_table' => $bo_table));
alert_close('게시판 설정이 변경되었습니다.');
}
}
function memo_delete()
{
$me_no = $this->input->post('me_no');
$flag = $this->input->post('flag');
check_token('member/memo/lists/' . $flag);
if (!IS_MEMBER) {
alert_close("회원만 이용하실 수 있습니다.");
}
if (!($flag && $me_no)) {
alert_close("잘못된 접근입니다.");
}
$member = unserialize(MEMBER);
$this->load->model('Member_memo_model');
if ($flag == 'R') {
$result = $this->Member_memo_model->get_del_memo($me_no, $flag, $member['mb_id']);
$cnt = 0;
foreach ($result as $row) {
if ($row['me_check'] == '0000-00-00 00:00:00') {
$cnt++;
}
}
if ($cnt > 0) {
$this->Member_memo_model->memo_count($member['mb_id'], $cnt);
}
}
$this->Member_memo_model->memo_delete($me_no, $flag, $member['mb_id']);
goto_url('member/memo/lists/' . $flag);
}
public function launch(Request $request, Response $response)
{
$content = "";
if ($request->getParam('asker')) {
if ($_SESSION['statut'] == "administrateur") {
check_token();
if ($request->getParam('asker') == "calendrier") {
$this->insertPeriod($content, $request);
} else {
if ($request->getParam('asker') == "edit_period") {
$this->editPeriod($content, $request);
} else {
if ($request->getParam('asker') == "delete_period") {
$this->deletePeriod($content, $request);
} else {
if ($request->getParam('asker') == "validate_period") {
$this->validatePeriod($content, $request);
}
}
}
}
}
}
$response->addVar('content', $content);
$this->render("./lib/template/ajaxrequestSuccess.php");
$this->printOut();
}
function index()
{
$member = unserialize(MEMBER);
if (!$member['mb_email']) {
alert('관리자 E-mail이 존재하지 않습니다.');
}
$mail_addr = $mail_msg = FALSE;
if ($this->input->post('mail_addr')) {
check_token();
$mail_addr = $this->input->post('mail_addr');
$subject = '[메일검사] 제목';
$content = '[메일검사] 내용<br />이 내용이 제대로 보인다면 보내는 메일 서버에는 이상이 없는것입니다.<br />발송시간 : ' . date('Y-m-d H:i:s') . '<br />이 메일 주소로는 회신되지 않습니다.';
$this->email->clear();
$this->email->from($member['mb_email'], '메일검사');
$this->email->to($mail_addr);
$this->email->subject($subject);
$this->email->message($content);
if (!$this->email->send()) {
$mail_msg = '<strong>※ 메일전송 오류</strong><br/>' . $this->email->print_debugger();
} else {
$mail_msg = '<strong>' . $mail_addr . '</strong> (으)로 메일을 발송 하였습니다.
<br/>해당 주소로 메일이 왔는지 확인하세요.
<br/>메일이 오지 않는다면 프로그램의 오류가 아닌
<br/>메일 서버(sendmail)의 오류일 가능성이 있습니다.
<br/>이런 경우에는 웹 서버관리자에게 문의하세요.';
}
}
$head = array('title' => '메일전송 테스트');
$data = array('token' => get_token(), 'mail_addr' => $mail_addr, 'mail_msg' => $mail_msg);
widget::run('head', $head);
$this->load->view(ADM_F . '/sendmail_test', $data);
widget::run('tail');
}
function route_request()
{
$cmd = strtolower(grab_request_var("cmd"));
// token if required for most everyting
if ($cmd != "" && $cmd != "hello") {
check_token();
}
//echo "CMD='$cmd'<BR>";
switch ($cmd) {
// say hello
case "hello":
say_hello();
break;
// display a form for debugging/testing
// display a form for debugging/testing
case "":
display_form();
break;
default:
//echo "PASSING TO PLUGINS<BR>";
// let plugins handle the output
$args = array("cmd" => $cmd);
do_callbacks(CALLBACK_PROCESS_REQUEST, $args);
break;
}
echo "NO REQUEST HANDLER";
exit;
}
function update()
{
check_token('member/join');
check_wrkey();
$this->load->helper('chkstr');
$config = array(array('field' => 'mb_id', 'label' => '아이디', 'rules' => 'trim|required|min_length[3]|max_length[20]|alpha_dash|xss_clean|callback_mb_id_check'), array('field' => 'mb_password', 'label' => '비밀번호', 'rules' => 'trim|required|max_length[20]|md5'), array('field' => 'mb_password_re', 'label' => '비밀번호 확인', 'rules' => 'trim|required|max_length[20]|matches[mb_password]|md5'), array('field' => 'mb_password_q', 'label' => '비밀번호 분실시 질문', 'rules' => 'trim|required|max_length[50]'), array('field' => 'mb_password_a', 'label' => '비밀번호 분실시 답변', 'rules' => 'trim|required|max_length[50]'), array('field' => 'mb_name', 'label' => '이름', 'rules' => 'trim|required|max_length[10]|callback_mb_name_check'), array('field' => 'mb_email', 'label' => '이메일', 'rules' => 'trim|required|max_length[50]|valid_email|callback_mb_email_check'), array('field' => 'mb_birth', 'label' => '생일', 'rules' => 'trim|exact_length[10]'), array('field' => 'mb_sex', 'label' => '성별', 'rules' => 'trim|exact_length[1]'), array('field' => 'wr_key', 'label' => '자동등록방지', 'rules' => 'trim|required'));
if ($this->config->item('cf_use_nick')) {
$config[] = array('field' => 'mb_nick', 'label' => '별명', 'rules' => 'trim|required|max_length[20]|callback_mb_nick_check');
}
$this->form_validation->set_rules($config);
if ($this->form_validation->run() == FALSE) {
$this->_form();
} else {
$this->load->library(array('encrypt', 'email'));
if ($this->config->item('cf_use_nick')) {
$mb_nick = $this->input->post('mb_nick');
} else {
$mb_nick = substr(md5(uniqid($this->input->post('mb_id'), TRUE)), 0, 14);
}
$admin = $this->Basic_model->get_member(ADMIN, 'mb_nick, mb_email');
// 회원 INSERT
$this->Member_infor_model->insert($mb_nick);
// 회원가입 포인트 부여
$this->load->model('Point_model');
$this->Point_model->insert($this->input->post('mb_id'), $this->config->item('cf_register_point'), "회원가입 축하", '@member', $this->input->post('mb_id'), '회원가입');
// 회원님께 메일 발송
if ($this->config->item('cf_email_mb_member') || $this->config->item('cf_use_email_certify')) {
$mb_md5 = md5($this->input->post('mb_id') . $this->input->post('mb_email') . TIME_YMDHIS);
$certify_href = $this->config->item('base_url') . '/member/certify/email/' . $this->input->post('mb_id') . '/' . $mb_md5;
$data = array('mb_name' => $this->input->post('mb_name'), 'certify_href' => $certify_href, 'email_chk' => $this->config->item('cf_use_email_certify'));
$content = $this->load->view('mail/join_member', $data, TRUE);
$this->email->clear();
$this->email->from($admin['mb_email'], $admin['mb_nick']);
$this->email->to($this->input->post('mb_email'));
$this->email->subject("회원가입을 축하드립니다.");
$this->email->message($content);
$this->email->send();
}
// 최고관리자님께 메일 발송
if ($this->config->item('cf_email_mb_admin')) {
$data = array('mb_id' => $this->input->post('mb_id'), 'mb_name' => $this->input->post('mb_name'), 'mb_nick' => $mb_nick);
$content = $this->load->view('mail/join_admin', $data, TRUE);
$this->email->clear();
$this->email->from($this->input->post('mb_email'), $this->input->post('mb_name'));
$this->email->to($admin['mb_email']);
$this->email->subject($this->input->post('mb_name') . " 님께서 회원으로 가입하셨습니다.");
$this->email->message($content);
$this->email->send();
}
// 메일인증 사용하지 않는 경우에만 로그인
if (!$this->config->item('cf_use_email_certify')) {
$this->session->set_userdata('ss_mb_id', $this->input->post('mb_id'));
}
$this->session->set_flashdata('ss_mb_reg', $this->input->post('mb_id'));
goto_url('member/join/result');
}
}
/**
* Validates form submission by checking for hidden input field and validating token
*
* @param boolean $skiptoken Set true to skip token checking for this form submission
*
* @return boolean form submit true/false
**/
public function issubmitted($skiptoken = false)
{
if (isset($_POST["__fp" . $this->frmname])) {
if (!$skiptoken) {
check_token();
}
return true;
}
return false;
}
function delete() {
check_token(false);
$this->nature_selected=isset($_POST['nature'])?$_POST['nature']:(isset($_GET['nature'])?$_GET['nature']:Null);
$this->nature[]=html_entity_decode($this->nature_selected,ENT_QUOTES);
$this->categorie=isset($_POST['categorie_id'])?$_POST['categorie_id']:(isset($_GET['categorie_id'])?$_GET['categorie_id']:Null);
if($this->categorie) {
$this->modele_incidents->update_categorie('default',Null,$this->categorie);
}else {
$this->modele_incidents->update_categorie('default',$this->nature);
}
$this->index();
}
function form($w = '', $gr_id = '')
{
$this->load->library('form_validation');
$config = array(array('field' => 'gr_id', 'label' => '아이디', 'rules' => 'trim|required|min_length[3]|max_length[20]|alpha_dash|xss_clean'), array('field' => 'gr_subject', 'label' => '제목', 'rules' => 'trim|required|max_length[20]'), array('field' => 'gr_admin', 'label' => '그룹 관리자', 'rules' => 'trim|min_length[3]|max_length[20]|alpha_dash'));
$this->form_validation->set_rules($config);
if ($this->form_validation->run() == FALSE) {
if ($w == '') {
$title = '생성';
$gr = FALSE;
} else {
if ($w == 'u') {
$gr = $this->Boardgroup_model->get_group($gr_id);
if (!isset($gr['gr_id'])) {
alert('존재하지 않는 그룹 ID 입니다.');
}
$title = '수정';
} else {
alert('잘못된 접근입니다.');
}
}
$head = array('title' => '게시판그룹' . $title);
$data = array('w' => $w, 'token' => get_token(), 'gr_id' => $gr['gr_id'], 'gr_subject' => $gr['gr_subject'], 'gr_admin' => $gr['gr_admin']);
widget::run('head', $head);
$this->load->view(ADM_F . '/boardgroup_form', $data);
widget::run('tail');
} else {
check_token();
$w = $this->input->post('w');
$gr_id = $this->input->post('gr_id');
if (!$w) {
$gr = $this->Boardgroup_model->get_group($gr_id);
if (isset($gr['gr_id'])) {
alert("이미 존재하는 그룹 ID 입니다.");
}
$this->Boardgroup_model->insert();
} else {
if ($w == 'u') {
$this->Boardgroup_model->update();
} else {
alert('잘못된 접근입니다.');
}
}
// goto_url(ADM_F.'/boardgroup/form/u/'.$gr_id);
goto_url(ADM_F . '/boardgroup/lists');
}
}
public function login($username = null, $password = null)
{
// testa token do formulário
if (!check_token($_POST['token'])) {
return false;
}
// verificar se username existe
$user = $this->findByUsername($username);
if (is_numeric($user->id)) {
// verificar senha digitada
if (!$password) {
return false;
}
$this->db->query("SELECT password FROM users WHERE id = :id", array(array('name' => 'id', 'value' => $user->id)));
$res = $this->db->getResults();
if ($this->db->isOk() && password_verify($password, $res->password)) {
$_SESSION["user"] = $user->id;
return true;
}
}
return false;
}
<?php
include('includes/header.php');
switch($_POST['act'])
{
case 'Send': // Reply
if(!check_token()) Output::HardError('Session error. Try again.');
//Lurk more?
if($_SERVER['REQUEST_TIME'] - $_SESSION['first_seen'] < REQUIRED_LURK_TIME_REPLY)
{
add_error('Lurk for at least ' . REQUIRED_LURK_TIME_REPLY . ' seconds before posting your first reply.');
}
// Flood control.
$too_early = $_SERVER['REQUEST_TIME'] - FLOOD_CONTROL_REPLY;
$res=DB::Execute(sprintf('SELECT 1 FROM {P}PMs WHERE pmFrom = \'%s\' AND pmDateSent > %d',$_SERVER['REMOTE_ADDR'], $too_early));
if($res->RecordCount() > 0)
{
add_error('Wait at least ' . FLOOD_CONTROL_REPLY . ' seconds between each reply. ');
}
//Check inputs
list($_POST['title'],$_POST['body'])=Check4Filtered($_POST['title'],$_POST['body']);
$reply=new PM();
$reply->To = $_POST['to'];
$reply->Thread = intval($_POST['thread']);
$reply->From =$User->ID;
$reply->Title = $_POST['title'];
$active = $db->insert('active', array('content' => "获取订单 {$tradeno} 返回状态码 {$data['message_id']} 内容 {$message[0]}", 'username' => $token['username'], 'time' => date('Y-m-d H:i:s', time())));
} else {
// 显示错误信息
$message[] = '检查订单失败,请联系管理员';
}
}
}
$title = '缴费';
include 'views/pay.php';
} else {
header('Location: member.php?action=login');
}
} else {
if ($action == 'discount') {
// Ajax 折扣码查询
$token = check_token();
if ($token) {
if (isset($_GET['commodity_id'], $_GET['code'])) {
$commodity = $db->get('commodity', array('id', 'name', 'introduction', 'time', 'price', 'transfer', 'region'), array('id' => $_GET['commodity_id']));
if ($commodity) {
/*$code = generate_string(32);
$db->insert('discount', array(
'card' => $code,
'md5' => md5($code),
'create_time' => date('Y-m-d H:i:s'),
'discount_price' => 5
));*/
$discount_code = $db->get('discount', array('card', 'md5', 'create_time', 'used_member', 'discount_price', 'min_price', 'username'), array('AND' => array('card' => $_GET['code'], 'md5' => md5($_GET['code']), 'used_member' => array('', null))));
if ($discount_code) {
echo json_encode(array('commodity' => $commodity, 'discount' => $discount_code));
} else {
<?php
require_once 'f-encryption.php';
$client_encryption_keys = array('127.0.0.1' => 'Qs/7S$N%C8');
$remote_ip = '206.225.90.76';
$encryption_key = $client_encryption_keys[$remote_ip];
$timeout = 60;
echo "Decrypting: {$argv['1']}\n\n";
$decr_b64 = urlsafe_b64decode($argv[1]);
$decrypted = encrypt_decrypt('decrypt', $decr_b64);
$fields = explode(":", $decrypted);
if (count($fields) == 2) {
// sleep (3);
list($ip, $timestamp) = explode(":", $decrypted);
$nowtime = time();
//echo "$ip, $timestamp, $timeout\n";
$sum = (int) ($timestamp + $timeout);
if ($nowtime > $sum || $nowtime < $timestamp) {
echo "Expired key\n";
}
echo "IP:{$ip},TIMESTAMP:{$timestamp}\n";
}
check_token($argv[1]);
public function device_post()
{
set_req_log('/member/device', $_SERVER['HTTP_CLIENT_TYPE'], json_encode($this->post()));
if (isset($_SERVER['HTTP_ACCESS_TOKEN'])) {
$access_token_check = check_token($_SERVER['HTTP_ACCESS_TOKEN']);
if ($access_token_check['result'] == 0) {
http_response_code(400);
set_err_log('Access Token Error');
echo json_encode(array('errorCode' => '04', 'errorMessage' => ' access token error'));
exit(0);
}
$access_token = $access_token_check['access_token'];
$xid = isset($_SERVER['HTTP_XID']) ? $_SERVER['HTTP_XID'] : get_xid($access_token);
set_xid_log($xid);
header('Access-Token: ' . $access_token);
if ($xid == 0) {
http_response_code(400);
set_err_log('Access Token Error');
echo json_encode(array('errorCode' => '04', 'errorMessage' => ' access token error'));
exit(0);
}
if ($this->post('uuid') && $this->post('pushToken')) {
$uuid = $this->post('uuid');
$push_token = $this->post('pushToken');
$device = $_SERVER['HTTP_CLIENT_TYPE'];
$this->member_db_model->set_member_device($xid, $device, $uuid, $push_token);
} else {
http_response_code(400);
if (!array_key_exists('uuid', $this->post())) {
set_err_log('Parameter Empty - uuid');
}
if (!array_key_exists('pushToken', $this->post())) {
set_err_log('Parameter Empty - pushToken');
}
echo json_encode(array('errorCode' => '00', 'errorMessage' => 'parameter error'));
}
} else {
http_response_code(400);
set_err_log('Parameter Empty - Access-Token');
echo json_encode(array('errorCode' => '00', 'errorMessage' => 'parameter error'));
}
}
function licensing_output($vars)
{
global $whmcs;
global $licensing;
global $aInt;
global $numrows;
global $tabledata;
global $orderby;
global $order;
global $page;
global $limit;
global $jscode;
if (!LICENSINGADDONLICENSE) {
if ($whmcs->get_req_var("refresh")) {
$licensing->forceRemoteCheck();
redir("module=licensing");
}
echo "<div class=\"gracefulexit\">\nYour WHMCS license key is not enabled to use the Licensing Addon yet.<br /><br />\nYou can find out more about it and purchase @ <a href=\"http://go.whmcs.com/94/licensing-addon\" target=\"_blank\">www.whmcs.com/addons/licensing-addon</a><br /><br />\nIf you have only recently purchased the addon, please <a href=\"addonmodules.php?module=licensing&refresh=1\">click here</a> to perform a license refresh.\n</div>";
return false;
}
$modulelink = $vars['modulelink'];
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : "";
$id = (int) $_REQUEST['id'];
echo "<style>\n.licensinglinksbar {\n padding:10px 25px 10px 25px;\n background-color:#6CAD41;\n font-weight:bold;\n font-size: 14px;\n color: #5A7B2F;\n margin: 0 0 15px 0;\n -moz-border-radius: 5px;\n -webkit-border-radius: 5px;\n -o-border-radius: 5px;\n border-radius: 5px;\n}\n.licensinglinksbar a {\n color: #fff;\n font-weight: normal;\n}\n</style>\n\n<div class=\"licensinglinksbar\">\n<a href=\"" . $modulelink . "\">Home</a> | <a href=\"" . $modulelink . "&action=list\">Search/Browse Licenses</a> | <a href=\"" . $modulelink . "&action=bans\">Ban Control</a> | <a href=\"" . $modulelink . "&action=log\">License Access Logs</a> | <a href=\"http://docs.whmcs.com/Licensing_Addon\" target=\"_blank\">Help</a>\n</div>\n\n";
if (!$action) {
echo "\n<h2>Statistics</h2>\n\n<table width=\"90%\" align=\"center\">\n<tr><td width=\"33%\">\n\n<div style=\"margin:0 25px;padding:15px;font-family:Trebuchet MS,Tahoma;text-align:center;font-size:20px;background-color:#E7F1C0;-moz-border-radius: 5px;-webkit-border-radius: 5px;-o-border-radius: 5px;border-radius: 5px;\">\nActive Licenses<br />\n";
echo "<s";
echo "trong>";
echo get_query_val("mod_licensing", "COUNT(*)", "status='Reissued' OR status='Active'");
echo "</strong>\n</div>\n\n</td><td width=\"33%\">\n\n<div style=\"margin:0 25px;padding:15px;font-family:Trebuchet MS,Tahoma;text-align:center;font-size:20px;background-color:#F2E8BF;-moz-border-radius: 5px;-webkit-border-radius: 5px;-o-border-radius: 5px;border-radius: 5px;\">\nSuspended Licenses<br />\n";
echo "<s";
echo "trong>";
echo get_query_val("mod_licensing", "COUNT(*)", "status='Suspended'");
echo "</strong>\n</div>\n\n</td><td width=\"33%\">\n\n<div style=\"margin:0 25px;padding:15px;font-family:Trebuchet MS,Tahoma;text-align:center;font-size:20px;background-color:#F2BFBF;-moz-border-radius: 5px;-webkit-border-radius: 5px;-o-border-radius: 5px;border-radius: 5px;\">\nExpired Licenses<br />\n";
echo "<s";
echo "trong>";
echo get_query_val("mod_licensing", "COUNT(*)", "status='Expired'");
echo "</strong>\n</div>\n\n</td></tr>\n</table>\n\n<table width=\"90%\" align=\"center\">\n<tr><td width=\"50%\">\n\n<div style=\"margin:0 25px;padding:15px;font-family:Trebuchet MS,Tahoma;text-align:center;font-size:20px;background-color:#efefef;-moz-border-radius: 5px;-webkit-border-radius: 5px;-o-border-radius: 5px;border-radius: 5px;\">\nTotal Licenses in Database<br />\n";
echo "<s";
echo "trong>";
echo get_query_val("mod_licensing", "COUNT(*)", "");
echo "</strong>\n</div>\n\n</td><td width=\"50%\">\n\n<div style=\"margin:0 25px;padding:15px;font-family:Trebuchet MS,Tahoma;text-align:center;font-size:20px;background-color:#efefef;-moz-border-radius: 5px;-webkit-border-radius: 5px;-o-border-radius: 5px;border-radius: 5px;\">\nAccessed within the Past 30 Days<br />\n";
echo "<s";
echo "trong>";
echo get_query_val("mod_licensing", "COUNT(*)", "lastaccess>='" . date("Y-m-d", mktime(0, 0, 0, date("m"), date("d") - 30, date("Y"))) . "'");
echo "</strong>\n</div>\n\n</td></tr>\n</table>\n\n<br />\n\n<h2>Search</h2>\n\n<form method=\"post\" action=\"";
echo $modulelink;
echo "&action=list\">\n\n<table class=\"form\" width=\"100%\" border=\"0\" cellspacing=\"2\" cellpadding=\"3\">\n<tr><td width=\"15%\" class=\"fieldlabel\">Product/License</td><td class=\"fieldarea\">";
echo "<s";
echo "elect name=\"search_pid\"><option value=\"0\">- Any -</option>";
$result = select_query("tblproducts", "id,name", array("servertype" => "licensing"), "name", "ASC");
while ($data = mysql_fetch_array($result)) {
echo "<option value=\"" . $data['id'] . "\">" . $data['name'] . "</option>";
}
echo "</select></td></tr>\n<tr><td width=\"15%\" class=\"fieldlabel\">License Key</td><td class=\"fieldarea\"><input type=\"text\" name=\"search_licensekey\" size=\"30\" value=\"";
echo $search_licensekey;
echo "\" /></td></tr>\n<tr><td class=\"fieldlabel\">Domain</td><td class=\"fieldarea\"><input type=\"text\" name=\"search_domain\" size=\"30\" value=\"";
echo $search_domain;
echo "\" /></td></tr>\n<tr><td class=\"fieldlabel\">IP</td><td class=\"fieldarea\"><input type=\"text\" name=\"search_ip\" size=\"30\" value=\"";
echo $search_ip;
echo "\" /></td></tr>\n<tr><td class=\"fieldlabel\">Directory</td><td class=\"fieldarea\"><input type=\"text\" name=\"search_dir\" size=\"60\" value=\"";
echo $search_dir;
echo "\" /></td></tr>\n<tr><td class=\"fieldlabel\">Status</td><td class=\"fieldarea\">";
echo "<s";
echo "elect name=\"search_status\">\n<option value=\"\">- Any -</option>\n<option>Reissued</option>\n<option>Active</option>\n<option>Suspended</option>\n<option>Expired</option>\n</select></td></tr>\n</table>\n\n<p align=\"center\"><input type=\"submit\" value=\"Search\" class=\"button\" /></p>\n\n</form>\n\n";
return null;
}
if ($action == "list") {
echo "\n<form method=\"post\" action=\"";
echo $modulelink;
echo "&action=list\">\n\n<h2>Search/Browse Licenses</h2>\n\n<table class=\"form\" width=\"100%\" border=\"0\" cellspacing=\"2\" cellpadding=\"3\">\n<tr><td width=\"15%\" class=\"fieldlabel\">Product/License</td><td class=\"fieldarea\">";
echo "<s";
echo "elect name=\"search_pid\"><option value=\"0\">- Any -</option>";
$result = select_query("tblproducts", "id,name", array("servertype" => "licensing"), "name", "ASC");
while ($data = mysql_fetch_array($result)) {
echo "<option value=\"" . $data['id'] . "\"";
if ($_REQUEST['search_pid'] == $data['id']) {
echo " selected";
}
echo ">" . $data['name'] . "</option>";
}
echo "</select></td></tr>\n<tr><td width=\"15%\" class=\"fieldlabel\">License Key</td><td class=\"fieldarea\"><input type=\"text\" name=\"search_licensekey\" size=\"30\" value=\"";
echo $_REQUEST['search_licensekey'];
echo "\" /></td></tr>\n<tr><td class=\"fieldlabel\">Domain</td><td class=\"fieldarea\"><input type=\"text\" name=\"search_domain\" size=\"30\" value=\"";
echo $_REQUEST['search_domain'];
echo "\" /></td></tr>\n<tr><td class=\"fieldlabel\">IP</td><td class=\"fieldarea\"><input type=\"text\" name=\"search_ip\" size=\"30\" value=\"";
echo $_REQUEST['search_ip'];
echo "\" /></td></tr>\n<tr><td class=\"fieldlabel\">Directory</td><td class=\"fieldarea\"><input type=\"text\" name=\"search_dir\" size=\"60\" value=\"";
echo $_REQUEST['search_dir'];
echo "\" /></td></tr>\n<tr><td class=\"fieldlabel\">Status</td><td class=\"fieldarea\">";
echo "<s";
echo "elect name=\"search_status\">\n<option value=\"\">- Any -</option>\n<option";
if ($_REQUEST['search_status'] == "Reissued") {
echo " selected";
}
echo ">Reissued</option>\n<option";
if ($_REQUEST['search_status'] == "Active") {
echo " selected";
}
echo ">Active</option>\n<option";
if ($_REQUEST['search_status'] == "Suspended") {
echo " selected";
}
echo ">Suspended</option>\n<option";
if ($_REQUEST['search_status'] == "Expired") {
echo " selected";
}
echo ">Expired</option>\n</select></td></tr>\n</table>\n\n<p align=\"center\"><input type=\"submit\" value=\"Search\" class=\"button\" /></p>\n\n</form>\n\n";
$where = array();
if ($_REQUEST['search_pid']) {
$where['packageid'] = $_REQUEST['search_pid'];
}
if ($_REQUEST['search_licensekey']) {
$where['licensekey'] = array("sqltype" => "LIKE", "value" => trim($_REQUEST['search_licensekey']));
}
if ($_REQUEST['search_domain']) {
$where['validdomain'] = array("sqltype" => "LIKE", "value" => trim($_REQUEST['search_domain']));
}
if ($_REQUEST['search_ip']) {
$where['validip'] = array("sqltype" => "LIKE", "value" => trim($_REQUEST['search_ip']));
}
if ($_REQUEST['search_dir']) {
$where['validdirectory'] = array("sqltype" => "LIKE", "value" => trim($_REQUEST['search_dir']));
}
if ($_REQUEST['search_status']) {
$where['status'] = $_REQUEST['search_status'];
}
$aInt->sortableTableInit("id", "ASC");
if (!in_array($orderby, array("id", "licensekey", "validdomain", "validip", "lastaccess", "status"))) {
$orderby = "id";
}
$result = select_query("mod_licensing", "mod_licensing.*", $where, $orderby, $order, "", "tblhosting ON tblhosting.id=mod_licensing.serviceid");
$numrows = mysql_num_rows($result);
if (count($where) && $numrows == 1) {
$data = mysql_fetch_array($result);
$id = $data['id'];
redir("module=licensing&action=manage&id=" . $id);
}
$result = select_query("mod_licensing", "mod_licensing.*", $where, $orderby, $order, $page * $limit . ("," . $limit), "tblhosting ON tblhosting.id=mod_licensing.serviceid");
while ($data = mysql_fetch_array($result)) {
$id = $data['id'];
$serviceid = $data['serviceid'];
$licensekey = $data['licensekey'];
$validdomain = $data['validdomain'];
$validip = $data['validip'];
$validdirectory = $data['validdirectory'];
$status = $data['status'];
$lastaccess = $data['lastaccess'];
if ($lastaccess == "0000-00-00 00:00:00") {
$lastaccess = "Never";
} else {
$lastaccess = fromMySQLDate($lastaccess, "time");
}
$validdomain = explode(",", $validdomain);
$validip = explode(",", $validip);
$validdirectory = explode(",", $validdirectory);
$validdomain = $validdomain[0];
$validip = $validip[0];
$validdirectory = $validdirectory[0];
$tabledata[] = array("<a href=\"clientshosting.php?id=" . $serviceid . "\" target=\"_blank\">" . $licensekey . "</a>", $validdomain, $validip, $lastaccess, $status, "<a href=\"" . $modulelink . "&action=manage&id=" . $id . "\"><img src=\"images/edit.gif\" border=\"0\"></a>");
}
echo $aInt->sortableTable(array(array("licensekey", "License Key"), array("validdomain", "Valid Domains"), array("validip", "Valid IPs"), array("lastaccess", "Last Access"), array("status", "Status"), ""), $tabledata);
return null;
}
if ($action == "manage") {
if ($_REQUEST['save']) {
update_query("mod_licensing", array("validdomain" => licensing_addon_valid_input_clean($_REQUEST['validdomain']), "validip" => licensing_addon_valid_input_clean($_REQUEST['validip']), "validdirectory" => licensing_addon_valid_input_clean($_REQUEST['validdirectory']), "reissues" => $_REQUEST['reissues'], "status" => $_REQUEST['status']), array("id" => $id));
redir("module=licensing&action=manage&id=" . $id);
}
$result = select_query("mod_licensing", "", array("id" => $id));
$data = mysql_fetch_array($result);
$id = $data['id'];
if (!$id) {
echo "<p>License Not Found. Please go back and try again.</p>";
return false;
}
$serviceid = $data['serviceid'];
$licensekey = $data['licensekey'];
$validdomain = $data['validdomain'];
$validip = $data['validip'];
$validdirectory = $data['validdirectory'];
$reissues = $data['reissues'];
$status = $data['status'];
$lastaccess = $data['lastaccess'];
if ($lastaccess == "0000-00-00 00:00:00") {
$lastaccess = "Never";
} else {
$lastaccess = fromMySQLDate($lastaccess, "time");
}
$data = get_query_vals("tblhosting", "tblproductgroups.name,tblproducts.name", array("tblhosting.id" => $serviceid), "", "", "", "tblproducts ON tblhosting.packageid=tblproducts.id INNER JOIN tblproductgroups ON tblproductgroups.id=tblproducts.gid");
$productname = $data[0] . " - " . $data[1];
echo "\n<h2>Manage License Key</h2>\n\n<form method=\"post\" action=\"";
echo $modulelink;
echo "&action=manage&id=";
echo $id;
echo "\">\n<input type=\"hidden\" name=\"save\" value=\"true\" />\n\n<table class=\"form\" width=\"100%\" border=\"0\" cellspacing=\"2\" cellpadding=\"3\">\n<tr><td class=\"fieldlabel\" width=\"20%\">Product/Service</td><td class=\"fieldarea\" height=\"24\">";
echo $productname;
echo "</td></tr>\n<tr><td class=\"fieldlabel\">License Key</td><td class=\"fieldarea\"><input type=\"text\" size=\"40\" value=\"";
echo $licensekey;
echo "\" readonly=\"true\" /> ";
echo "<s";
echo "pan style=\"color:#cccccc;\">(Not Editable)</span></td></tr>\n<tr><td class=\"fieldlabel\">Valid Domains</td><td class=\"fieldarea\"><textarea name=\"validdomain\" rows=2 cols=80>";
echo $validdomain;
echo "</textarea></td></tr>\n<tr><td class=\"fieldlabel\">Valid IPs</td><td class=\"fieldarea\"><textarea name=\"validip\" rows=2 cols=80>";
echo $validip;
echo "</textarea></td></tr>\n<tr><td class=\"fieldlabel\">Valid Directory</td><td class=\"fieldarea\"><textarea name=\"validdirectory\" rows=2 cols=80>";
echo $validdirectory;
echo "</textarea></td></tr>\n<tr><td class=\"fieldlabel\">Number of Reissues</td><td class=\"fieldarea\"><input type=\"text\" name=\"reissues\" size=\"10\" value=\"";
echo $reissues;
echo "\"></td></tr>\n<tr><td class=\"fieldlabel\">Status</td><td class=\"fieldarea\">";
echo "<s";
echo "elect name=\"status\">\n<option";
if ($status == "Reissued") {
echo " selected";
}
echo ">Reissued</option>\n<option";
if ($status == "Active") {
echo " selected";
}
echo ">Active</option>\n<option";
if ($status == "Suspended") {
echo " selected";
}
echo ">Suspended</option>\n<option";
if ($status == "Expired") {
echo " selected";
}
echo ">Expired</option>\n</select></td></tr>\n<tr><td class=\"fieldlabel\">Last Access</td><td class=\"fieldarea\" height=\"24\">";
echo $lastaccess;
echo "</td></tr>\n</table>\n\n<p align=\"center\"><input type=\"button\" value=\"« Back to List\" onclick=\"history.go(-1)\" /> <input type=\"submit\" value=\"Save Changes\" class=\"button\" /> <input type=\"button\" value=\"Product Details »\" onclick=\"window.location='clientshosting.php?id=";
echo $serviceid;
echo "'\" /></p>\n\n</form>\n\n<h2>Recent Access</h2>\n\n";
$aInt->sortableTableInit("nopagination");
$result = select_query("mod_licensinglog", "", array("licenseid" => $id), "id", "DESC", "0,10");
while ($data = mysql_fetch_array($result)) {
$domain = $data['domain'];
$ip = $data['ip'];
$path = $data['path'];
$message = $data['message'];
$datetime = $data['datetime'];
$datetime = fromMySQLDate($datetime, true);
$tabledata[] = array($datetime, $domain, $ip, $path, $message);
}
echo $aInt->sortableTable(array("Date", "Domain", "IP", "Path", "Result"), $tabledata);
return null;
}
if ($action == "bans") {
if ($_REQUEST['save']) {
check_token();
if (trim($_REQUEST['banvalue'])) {
insert_query("mod_licensingbans", array("value" => trim($_REQUEST['banvalue']), "notes" => trim($_REQUEST['bannote'])));
}
redir("module=licensing&action=bans");
}
if ($_REQUEST['delete']) {
check_token();
delete_query("mod_licensingbans", array("id" => $_REQUEST['delete']));
redir("module=licensing&action=bans");
}
$jscode = "function doDelete(id) {\n if (confirm(\"Are you sure you want to delete this ban entry?\")) {\n window.location='" . $modulelink . "&action=bans&delete='+id+'" . generate_token("link") . "';\n }\n}\n";
echo "\n<h2>Ban Control</h2>\n\n<form method=\"post\" action=\"";
echo $modulelink;
echo "&action=bans\">\n<input type=\"hidden\" name=\"save\" value=\"true\" />\n\n<table class=\"form\" width=\"100%\" border=\"0\" cellspacing=\"2\" cellpadding=\"3\">\n<tr><td class=\"fieldlabel\" width=\"20%\">Value</td><td class=\"fieldarea\"><input type=\"text\" name=\"banvalue\" size=\"40\" /></td></tr>\n<tr><td class=\"fieldlabel\">Reason/Notes</td><td class=\"fieldarea\"><input type=\"text\" name=\"bannote\" size=\"80\" /></td></tr>\n</table>\n\n<p ali";
echo "gn=\"center\"><input type=\"submit\" value=\"Add Ban\" /></p>\n\n</form>\n\n";
$aInt->sortableTableInit("nopagination");
$result = select_query("mod_licensingbans", "", "", "value", "ASC");
while ($data = mysql_fetch_array($result)) {
$id = $data['id'];
$value = $data['value'];
$notes = $data['notes'];
$tabledata[] = array($value, $notes, "<a href=\"#\" onClick=\"doDelete('" . $id . "');return false\"><img src=\"images/delete.gif\" width=\"16\" height=\"16\" border=\"0\" alt=\"" . $aInt->lang("global", "delete") . "\"></a>");
}
echo $aInt->sortableTable(array("Domain/IP", "Ban Reason/Notes", ""), $tabledata);
return null;
}
if ($action == "log") {
echo "\n<h2>License Access Logs</h2>\n\n<form method=\"post\" action=\"";
echo $modulelink;
echo "&action=log\">\n<p align=\"center\"><b>Search/Filter</b>\nDomain: <input type=\"text\" name=\"search_domainlog\" size=\"30\" value=\"";
echo $_REQUEST['search_domainlog'];
echo "\" />\nIP: <input type=\"text\" name=\"search_iplog\" size=\"15\" value=\"";
echo $_REQUEST['search_iplog'];
echo "\" />\nDir: <input type=\"text\" name=\"search_dirlog\" size=\"25\" value=\"";
echo $_REQUEST['search_dirlog'];
echo "\" />\nStatus: <input type=\"text\" name=\"search_message\" size=\"25\" value=\"";
echo $_REQUEST['search_message'];
echo "\" />\n<input type=\"submit\" value=\"Go\" class=\"button\" /></p>\n</form>\n\n";
$where = array();
if ($_REQUEST['search_domainlog']) {
$where['domain'] = array("sqltype" => "LIKE", "value" => trim($_REQUEST['search_domainlog']));
}
if ($_REQUEST['search_iplog']) {
$where['ip'] = array("sqltype" => "LIKE", "value" => trim($_REQUEST['search_iplog']));
}
if ($_REQUEST['search_dirlog']) {
$where['path'] = array("sqltype" => "LIKE", "value" => trim($_REQUEST['search_dirlog']));
}
if ($_REQUEST['search_message']) {
$where['message'] = array("sqltype" => "LIKE", "value" => trim($_REQUEST['search_message']));
}
$result = select_query("mod_licensinglog", "", $where, "id", "DESC");
$numrows = mysql_num_rows($result);
$result = select_query("mod_licensinglog", "", $where, "id", "DESC", $page * $limit . ("," . $limit));
$aInt->sortableTableInit("datetime", "ASC");
while ($data = mysql_fetch_array($result)) {
$domain = $data['domain'];
$ip = $data['ip'];
$path = $data['path'];
$message = $data['message'];
$datetime = $data['datetime'];
$datetime = fromMySQLDate($datetime, true);
$tabledata2[] = array($datetime, $domain, $ip, $path, $message);
}
echo $aInt->sortableTable(array("Date", "Domain", "IP", "Path", "Status Message"), $tabledata2);
}
}
function __construct()
{
parent::__construct();
check_token(ADM_F . '/member/lists');
$this->load->model(ADM_F . '/Member_model');
}
<?php
$sub_menu = "200100";
include_once "./_common.php";
check_demo();
auth_check($auth[$sub_menu], "d");
$mb = get_member($_POST['mb_id']);
if (!$mb[mb_id]) {
alert("회원자료가 존재하지 않습니다.");
} else {
if ($member[mb_id] == $mb[mb_id]) {
alert("로그인 중인 관리자는 삭제 할 수 없습니다.");
} else {
if (is_admin($mb[mb_id]) == "super") {
alert("최고 관리자는 삭제할 수 없습니다.");
} else {
if ($mb[mb_level] >= $member[mb_level]) {
alert("자신보다 권한이 높거나 같은 회원은 삭제할 수 없습니다.");
}
}
}
}
check_token();
// 회원자료 삭제
member_delete($mb[mb_id]);
if ($url) {
goto_url("{$url}?{$qstr}&w=u&mb_id={$mb_id}");
} else {
goto_url("./member_list.php?{$qstr}");
}
echo ", ";
}
echo get_nom_prenom_eleve($lig_ele_fut_aid->login);
$cpt_ele_aid++;
}
echo "</span>)";
}
echo "<br />\n";
}
echo "</p>\n";
echo "<p><br /></p>\n";
}
echo "<script type='text/javascript'>\n\tfunction verifie_form() {\n\t\ttemoin_assoc='ok';\n\t\tfor(i=0;i<{$cpt};i++) {\n\t\t\tif(document.getElementById('id_grp_fut_'+i)) {\n\t\t\t\t//alert(\"document.getElementById('id_grp_fut_\"+i+\"').value=\"+document.getElementById('id_grp_fut_'+i).value);\n\n\t\t\t\tif(document.getElementById('id_grp_fut_'+i).value=='') {\n\t\t\t\t\ttemoin_assoc='n';\n\t\t\t\t}\n\t\t\t}\n\t\t}\n\n\t\tif(temoin_assoc=='n') {\n\t\t\tverif=confirm('ATTENTION:\\nUn enseignement de " . $classe . " au moins n est pas associé à un enseignement de " . $classe_future . ".\\nLes notes éventuelles de l élève à cet enseignement seront perdues si vous confirmez la volonté de procéder aux changements.');\n\t\t\tif(verif) {\n\t\t\t\tdocument.forms['form_assoc_grp'].submit();\n\t\t\t}\n\t\t}\n\t\telse {\n\t\t\tdocument.forms['form_assoc_grp'].submit();\n\t\t}\n\t}\n</script>\n";
echo "<p><b>ATTENTION:</b></p>\n<blockquote>\n<p>Dans le cas où des groupes sont en commun entre la {$classe} et la {$classe_future}, si l'élève fait partie de plusieurs enseignements correspondant à la même matière (<i>exemple: l'élève fait partie de 2 enseignements de DecP3 partagés entre les deux classes</i>), il faut éviter d'intervertir les groupes.<br />\nDans le cas contraire, lors de la migration du deuxième enseignement, l'inscription au premier est supprimé.</p>\n<p>La page propose normalement de ne pas changer de groupe lorsque le groupe est partagé par les deux classes (<i>le numéro de groupe est indiqué entre parenthèses</i>).<br />\nEvitez les 'fantaisies';o).</p>\n</blockquote>\n";
} else {
check_token(false);
$tab_per = array($periode_num);
if ($chgt_periode_sup == "y") {
$sql = "SELECT num_periode FROM periodes WHERE id_classe='{$id_classe}' AND num_periode>{$periode_num} ORDER BY num_periode;";
$test_per = mysqli_query($GLOBALS["mysqli"], $sql);
if (mysqli_num_rows($test_per) > 0) {
while ($lig_per = mysqli_fetch_object($test_per)) {
$tab_per[] = $lig_per->num_periode;
}
}
}
affiche_debug("count(\$tab_per)=" . count($tab_per) . "<br />\n");
for ($j = 0; $j < count($tab_per); $j++) {
affiche_debug("\$tab_per[{$j}]={$tab_per[$j]}<br />");
}
$gepi_denom_boite = getSettingValue("gepi_denom_boite");
function form($w = '', $mb_id = '')
{
$this->load->config('cf_register');
$this->load->config('cf_icon');
$this->load->model('Register_model');
$this->load->library('form_validation');
$this->load->helper(array('admin', 'chkstr'));
$config = array(array('field' => 'mb_name', 'label' => '이름', 'rules' => 'trim|required|max_length[10]'), array('field' => 'mb_email', 'label' => '이메일', 'rules' => 'trim|required|max_length[50]|valid_email|callback_mb_email_check'), array('field' => 'mb_sex', 'label' => '성별', 'rules' => 'trim|exact_length[1]'), array('field' => 'mb_birth', 'label' => '생일', 'rules' => 'trim|exact_length[10]'));
$pwd_req = '';
if (!$this->input->post('w')) {
$config[] = array('field' => 'mb_id', 'label' => '아이디', 'rules' => 'trim|required|min_length[3]|max_length[20]|alpha_dash|xss_clean|callback_mb_id_check');
$pwd_req = 'required|';
}
$config[] = array('field' => 'mb_password', 'label' => '비밀번호', 'rules' => 'trim|' . $pwd_req . 'min_length[3]|max_length[20]|md5');
if ($this->config->item('cf_use_nick')) {
$config[] = array('field' => 'mb_nick', 'label' => '별명', 'rules' => 'trim|required|max_length[20]|callback_mb_nick_check');
}
$this->form_validation->set_rules($config);
if ($this->form_validation->run() == FALSE) {
$data = array();
if ($w == '') {
$mb = array_false(unserialize(MEMBER), TRUE);
$mb['mb_zip1'] = $mb['mb_zip2'] = '';
$mb['mb_mailling'] = 1;
$mb['mb_open'] = 1;
$mb['mb_level'] = $this->config->item('cf_register_level');
$title = '등록';
} else {
if ($w == 'u') {
$mb = $this->Basic_model->get_member($mb_id);
if (!isset($mb['mb_id'])) {
alert('존재하지 않는 회원자료입니다.');
}
list($mb['mb_zip1'], $mb['mb_zip2']) = explode('-', $mb['mb_zip']);
if ($this->config->item('cf_use_point')) {
$mb['mb_point'] = number_format($mb['mb_point']);
}
if ($this->config->item('cf_use_email_certify')) {
$data['passive_certify'] = FALSE;
if ($mb['mb_email_certify'] == '0000-00-00 00:00:00') {
$data['passive_certify'] = "<input type='checkbox' name='passive_certify'> 수동인증";
}
}
$data['use_email_certify'] = $this->config->item('cf_use_email_certify');
$title = '수정';
} else {
alert('잘못된 접근입니다.');
}
}
if ($this->config->item('cf_use_icon')) {
$mb_path = '/member/' . substr($mb['mb_id'], 0, 2) . '/';
$icon_path = $mb_path . $mb['mb_id'] . '.gif';
$icon_file = DATA_DIR . $icon_path;
if (!file_exists(DATA_PATH . $icon_path)) {
$icon_file = FALSE;
}
$data['icon_file'] = $icon_file;
$data['icon_width'] = $this->config->item('cf_icon_width');
$data['icon_height'] = $this->config->item('cf_icon_height');
$data['icon_size'] = $this->config->item('cf_icon_size');
$named_path = $mb_path . 'n_' . $mb['mb_id'] . '.gif';
$named_file = DATA_DIR . $named_path;
if (!file_exists(DATA_PATH . $named_path)) {
$named_file = FALSE;
}
$data['named_file'] = $named_file;
$data['named_width'] = $this->config->item('cf_named_width');
$data['named_height'] = $this->config->item('cf_named_height');
$data['named_size'] = $this->config->item('cf_named_size');
}
$head = array('title' => '회원관리 ' . $title);
$data = array_merge(array('w' => $w, 'token' => get_token(), 'cf_use_nick' => $this->config->item('cf_use_nick'), 'cf_use_icon' => $w ? $this->config->item('cf_use_icon') : FALSE, 'mailling_chk' => $mb['mb_mailling'] ? "checked='checked'" : FALSE, 'open_chk' => $mb['mb_open'] ? "checked='checked'" : FALSE, 'mb_level_select' => get_mb_level_select('mb_level', $mb['mb_level'])), $data, $mb);
widget::run('head', $head);
$this->load->view(ADM_F . '/member_form', $data);
widget::run('tail');
} else {
check_token();
$w = $this->input->post('w');
$mb_id = $this->input->post('mb_id');
if ($mb_id == ADMIN) {
$member = unserialize(MEMBER);
if ($member['mb_id'] != $mb_id) {
alert('최고관리자는 수정할 수 없습니다.');
}
}
if (!$w) {
$mb = $this->Basic_model->get_member($mb_id, 'mb_id,mb_name,mb_nick,mb_email');
if (isset($mb['mb_id'])) {
alert("이미 존재하는 회원입니다.\\n\\nID : " . $mb['mb_id'] . "\\n\\n이름 : " . $mb['mb_name'] . "\\n\\n별명 : " . $mb['mb_nick'] . "\\n\\n메일 : " . $mb['mb_email']);
}
$this->Member_model->insert();
} else {
if ($w == 'u') {
$mb = $this->Basic_model->get_member($mb_id, 'mb_id');
if (!isset($mb['mb_id'])) {
alert('존재하지 않는 회원자료입니다.');
}
$mb_dir = DATA_PATH . '/member/' . substr($mb_id, 0, 2);
$mb_icon = $mb_dir . '/' . $mb_id . '.gif';
$mb_named = $mb_dir . '/n_' . $mb_id . '.gif';
// 아이콘 삭제
if ($this->input->post('del_mb_icon')) {
@unlink($mb_icon);
}
// 이미지이름 삭제
if ($this->input->post('del_mb_named')) {
@unlink($mb_named);
}
if ($_FILES) {
$this->load->library('upload');
if (is_uploaded_file($_FILES['mb_icon']['tmp_name'])) {
@mkdir($mb_dir, 0707);
@chmod($mb_dir, 0707);
$config['upload_path'] = $mb_dir;
$config['allowed_types'] = 'gif';
$config['max_size'] = $this->config->item('cf_icon_size');
$config['max_width'] = $this->config->item('cf_icon_width');
$config['max_height'] = $this->config->item('cf_icon_height');
$config['overwrite'] = TRUE;
$config['file_name'] = $mb_id . '.gif';
$this->upload->initialize($config);
if ($this->upload->do_upload('mb_icon')) {
chmod($mb_icon, 0606);
}
}
if (is_uploaded_file($_FILES['mb_named']['tmp_name'])) {
@mkdir($mb_dir, 0707);
@chmod($mb_dir, 0707);
$config['upload_path'] = $mb_dir;
$config['allowed_types'] = 'gif';
$config['max_size'] = $this->config->item('cf_named_size');
$config['max_width'] = $this->config->item('cf_named_width');
$config['max_height'] = $this->config->item('cf_named_height');
$config['overwrite'] = TRUE;
$config['file_name'] = 'n_' . $mb_id . '.gif';
$this->upload->initialize($config);
if ($this->upload->do_upload('mb_named')) {
chmod($mb_named, 0606);
}
}
}
$this->Member_model->update();
} else {
alert('잘못된 접근입니다.');
}
}
goto_url(ADM_F . '/member/form/u/' . $mb_id);
}
}
exit;
}
// Handle OPML export
if (isset($_POST['export']) && !empty($_POST['token']) && check_token(600, 'export_form')) {
$feeds = array();
foreach ($_POST['export'] as $feed_id) {
$feeds[] = get_feed($feed_id);
}
require_once 'inc/opml.php';
$now = new DateTime();
header('Content-disposition: attachment; filename="freeder_export_' . $now->format('d-m-Y_H-i') . '.xml"');
header('Content-type: "text/xml"; charset="utf8"');
exit(opml_export($feeds));
}
// Handle OPML import
if (isset($_FILES['import']) && isset($_POST['import_tags_opml']) && !empty($_POST['token']) && check_token(600, 'import_form')) {
if ($_FILES['import']['error'] > 0) {
$error = array();
$error['type'] = 'error';
$error['title'] = 'OPML import error';
$error['content'] = '<p>The OPML file could not be imported.</p>';
$tpl->assign('error', $error, RainTPL::RAINTPL_IGNORE_SANITIZE);
$tpl->draw('settings');
exit;
}
if ($_FILES['import']['size'] > 1048576) {
$error = array();
$error['type'] = 'error';
$error['title'] = 'OPML import error';
$error['content'] = '<p>The OPML file is too large.</p>';
$tpl->assign('error', $error, RainTPL::RAINTPL_IGNORE_SANITIZE);
function __construct()
{
parent::__construct();
check_token(ADM_F . '/popup/lists');
$this->load->model(ADM_F . '/Popup_model');
}
<?php
/* Copyright (c) 2014 Freeder
* Released under a MIT License.
* See the file LICENSE at the root of this repo for copying permission.
*/
require_once 'inc/init.php';
require_once 'inc/feeds.php';
$command_line = is_command_line();
if (!$command_line && (!require_auth(false) || empty($_GET['token']) || !check_token(600, 'refresh'))) {
header('location: index.php');
exit;
}
$refresh_start = microtime(true);
$feeds = get_feeds();
$feeds_to_refresh = array();
foreach ($feeds as $feed) {
$feeds_to_refresh[$feed['id']] = array('id' => $feed['id'], 'url' => $feed['url'], 'post' => $feed['post'], 'import_tags_from_feed' => $feed['import_tags_from_feed']);
}
$tpl->assign('feeds_to_refresh', $feeds_to_refresh);
$tpl->assign('feeds', $feeds);
$tpl->assign('command_line', $command_line);
$tpl->draw('refresh');
$modifs .= "**description** modifiée\n";
}
if ($edited == 1) {
// Suppression du token délayée jusqu'à ici
check_token(true);
// Ajout d'un commentaire résumant les modifications
$st = $db->prepare('INSERT INTO commentaires(auteur, demande, texte, creation, resume) VALUES(:auteur, :demande, :texte, NOW(), 1)');
$st->execute(array(':auteur' => $utilisateur->userid(), ':demande' => $demande['id'], ':texte' => $modifs));
if (!$conf['debug']) {
header('HTTP/1.1 302 Moved Temporarily');
header('Location: index.php?mod=demande&id=' . $demande['id']);
}
$template->assign_block_vars('MSG_INFO', array('DESCR' => 'Demande modifiée ; <a href="index.php?mod=demande&id=' . $demande['id'] . '">cliquez ici</a> pour la consulter'));
}
} else {
if (isset($_POST['dem_titre']) && $_POST['dem_titre'] != '' && isset($_POST['dem_descr']) && $_POST['dem_descr'] != '' && check_token()) {
$st = $db->prepare('INSERT INTO demandes(projet, titre, auteur, description, priorite, statut, creation, derniere_activite) VALUES(:projet, :titre, :auteur, :description, 1, 1, NOW(), NOW())');
$st->execute(array(':projet' => $projet['id'], ':titre' => $_POST['dem_titre'], ':auteur' => $utilisateur->userid(), ':description' => $_POST['dem_descr']));
$st = $db->prepare('SELECT d.id, d.projet, d.version, d.titre, d.auteur, d.description, d.priorite, d.statut, d.creation, p.nom AS projet_nom, v.nom AS version_nom
FROM demandes d
INNER JOIN projets p ON p.id=d.projet
LEFT OUTER JOIN versions v ON v.id=d.version
WHERE d.projet=:projet AND d.titre=:titre');
$st->execute(array(':projet' => $projet['id'], ':titre' => $_POST['dem_titre']));
// Si la demande a été ajoutée correctement, on l'affiche (on quitte donc la page d'édition)
if ($demande = $st->fetch(PDO::FETCH_ASSOC)) {
if (!$conf['debug']) {
header('HTTP/1.1 302 Moved Temporarily');
header('Location: index.php?mod=demande&id=' . $demande['id']);
}
$template->assign_block_vars('MSG_INFO', array('DESCR' => 'Demande ajoutée ; <a href="index.php?mod=demande&id=' . $demande['id'] . '">cliquez ici</a> pour la consulter'));
public function launch(Request $request, Response $response)
{
$message = null;
$new_name = null;
$delete_confirmation = null;
if ($_SESSION['statut'] == "administrateur") {
if ($request->getParam('operation')) {
check_token(false);
if ($request->getParam('operation') == "delete") {
if ($request->getParam('confirm_delete')) {
if ($request->getParam('id_calendrier')) {
$calendrier = new Calendrier();
$calendrier->id = $request->getParam('id_calendrier');
if (!$calendrier->delete()) {
$message = "Impossible de supprimer le calendrier";
}
}
} else {
if ($request->getParam('id_calendrier')) {
$delete_confirmation = "<form action=\"index.php?action=calendriermanager\" method=\"post\">" . add_token_field(false) . "\r\n\t\t\t\t\t\t\t\t\t\t\t<input name=\"operation\" type=\"hidden\" value=\"delete\">\r\n\t\t\t\t\t\t\t\t\t\t\t<input name=\"id_calendrier\" type=\"hidden\" value=\"" . $request->getParam('id_calendrier') . "\">\r\n\t\t\t\t\t\t\t\t\t\t\t<p>La suppression d'un calendrier entraîne la suppression de toutes les périodes calendaires qui en dépendent !</p>\r\n\t\t\t\t\t\t\t\t\t\t\t<input name=\"confirm_delete\" type=\"submit\" style=\"width:200px;\" value=\"Confirmer la suppression\">\r\n\t\t\t\t\t\t\t\t\t\t</form>";
}
}
} else {
if ($request->getParam('operation') == "new") {
if ($request->getParam('nom_calendrier')) {
$calendrier = new Calendrier();
$calendrier->nom = $request->getParam('nom_calendrier');
if (!$calendrier->save()) {
$message = "Impossible de créer le calendrier";
}
}
} else {
if ($request->getParam('operation') == "modify_name") {
if ($request->getParam('new_name')) {
$calendrier = new Calendrier();
$calendrier->nom = $request->getParam('new_name');
$calendrier->id = $request->getParam('id_calendrier');
if (!$calendrier->update()) {
$message = "Impossible de modifier le nom du calendrier";
}
} else {
if ($request->getParam('id_calendrier')) {
$new_name = "<form action=\"index.php?action=calendriermanager\" method=\"post\">" . add_token_field(false) . "\r\n\t\t\t\t\t\t\t\t\t\t\t<input name=\"operation\" type=\"hidden\" value=\"modify_name\">\r\n\t\t\t\t\t\t\t\t\t\t\t<input name=\"id_calendrier\" type=\"hidden\" value=\"" . $request->getParam('id_calendrier') . "\">\r\n\t\t\t\t\t\t\t\t\t\t\t<input name=\"new_name\" type=\"text\" style=\"width:200px;\" value=\"" . Calendrier::getNom($request->getParam('id_calendrier')) . "\">\r\n\t\t\t\t\t\t\t\t\t\t\t<input name=\"bouton_valider_new_name\" type=\"submit\" style=\"width:200px;\" value=\"Modifier le nom du calendrier\">\r\n\t\t\t\t\t\t\t\t\t\t</form>";
}
}
} else {
if ($request->getParam('operation') == "edit_classes") {
if ($request->getParam('id_calendrier')) {
$id_calendrier = $request->getParam('id_calendrier');
$jointure = new jointure_calendar_classes();
$periodes = new PeriodeCalendaire();
$classe = new Classe();
$jointure->id_calendar = $id_calendrier;
$jointure->delete_classes();
if ($request->getParam('classes_' . $id_calendrier)) {
$liste_classes = null;
foreach ($request->getParam('classes_' . $id_calendrier) as $id_classe) {
$classe->id = $id_classe;
$liste_classes .= $classe->getShortName() . ";";
$jointure->id_classe = $id_classe;
if (!$jointure->save_classe()) {
$message .= "Une classe est déjà affectée dans un autre calendrier<br/>";
}
}
// ================ Compatibilité pour les autres modules GEPi
$periodes->id_calendar = $id_calendrier;
$periodes->classes_concernees = $liste_classes;
$periodes->update_classes();
}
}
}
}
}
}
}
calendar::updateTables();
}
$response->addVar('delete_confirmation', $delete_confirmation);
$response->addVar('new_name', $new_name);
$response->addVar('message', $message);
$response->addVar('NomPeriode', calendar::getPeriodName(time()));
$response->addVar('TypeSemaineCourante', calendar::getTypeCurrentWeek());
$response->addVar('SemaineCourante', calendar::getCurrentWeek());
$response->addVar('calendrier', calendar::GenerateCalendarList());
$this->render("./lib/template/calendriermanagerSuccess.php");
$this->printOut();
}
}
redir("saved=true#" . $module);
exit;
}
if ($action == "activate") {
check_token("WHMCS.admin.default");
$module = $_GET['module'];
if ($module) {
delete_query("tblregistrars", array("registrar" => $module));
insert_query("tblregistrars", array("registrar" => $module, "setting" => "Username", "value" => ""));
}
redir("activated=true#" . $module);
exit;
}
if ($action == "deactivate") {
check_token("WHMCS.admin.default");
$module = $_GET['module'];
if ($module) {
delete_query("tblregistrars", array("registrar" => $module));
}
redir("deactivated=true");
exit;
}
ob_start();
if ($saved) {
infoBox($aInt->lang("domainregistrars", "changesuccess"), $aInt->lang("domainregistrars", "changesuccessinfo"));
}
if ($activated) {
infoBox($aInt->lang("domainregistrars", "moduleactivated"), $aInt->lang("domainregistrars", "moduleactivatedinfo"), "success");
}
if ($deactivated) {
// on success
if (empty($erreurs)) {
$new_fichier = bdd_fichier($fichier, 'ajout-nouveau', 'upload', $_FILES['fichier']);
$fichier = is_null($new_fichier) ? $fichier : $new_fichier;
echo '{';
echo '"url": "fichiers.php?file_id=' . $fichier['bt_id'] . '&edit",';
echo '"status": "success",';
echo '"token": "' . new_token() . '"';
echo '}';
exit;
} else {
echo '{';
echo '"url": "0",';
echo '"status": "failure",';
echo '"token": "0"';
echo '}';
exit;
}
} elseif (isset($_POST['token']) and check_token($_POST['token'])) {
echo '{';
echo '"url": "0",';
echo '"status": "failure",';
echo '"token": "' . new_token() . '"';
echo '}';
} else {
echo '{';
echo '"url": "0",';
echo '"status": "failure",';
echo '"token": "0"';
echo '}';
}
<?php
require_once 'config/tank_config.php';
$getjson = file_get_contents('php://input');
$dataarr = json_decode($getjson, true);
$token = $dataarr['token'];
$tab = $dataarr['tab'];
$uid = check_token($token);
if ($uid != 3) {
mysql_select_db($database_tankdb, $tankdb);
$query_Recordset_sumtotal = sprintf("SELECT \n\t\t\t\t\t\t\tCOUNT(*) as count_prj \n\t\t\t\t\t\t\tFROM tk_project \t\n\t\t\t\t\t\t\tWHERE project_to_user = %s", GetSQLValueString($uid, "int"));
$Recordset_sumtotal = mysql_query($query_Recordset_sumtotal, $tankdb) or die(mysql_error());
$row_Recordset_sumtotal = mysql_fetch_assoc($Recordset_sumtotal);
$my_totalprj = $row_Recordset_sumtotal['count_prj'];
$get_function = project_list($uid, "project_lastupdate", "DESC", "0", $tab);
$rearr = array('summprj' => $my_totalprj, 'list' => $get_function);
$redata = json_encode($rearr);
echo $redata;
} else {
echo 3;
}
<td><div class="warning">
<strong>WARNING:</strong><br />
You must use Get Subscription Status to get the Subscription ID before you can refund it.
</div></td>
</tr>
</thead>
<tbody>
<?php
if ($refundSubscription != null) {
//This application uses the Autonomous Client OAuth consumption model
//Check if there is a valid access token that has not expired
$fullToken["accessToken"] = $accessToken;
$fullToken["refreshToken"] = $refreshToken;
$fullToken["refreshTime"] = $refreshTime;
$fullToken["updateTime"] = $updateTime;
$fullToken = check_token($FQDN, $api_key, $secret_key, $scope, $fullToken, $oauth_file);
$accessToken = $fullToken["accessToken"];
$url = $FQDN . "/Commerce/Payment/Rest/2/Transactions/" . $trxIdRefund;
$url = $url . "?access_token=" . $accessToken . "&Action=refund";
$headers = array('Content-Type: application/json', 'Accept: application/json');
$payload = "{\"RefundReasonCode\":1,\n \"RefundReasonText\":\"" . $refundReasonText . "\"}";
$putData = tmpfile();
fwrite($putData, $payload);
fseek($putData, 0);
$request = curl_init();
curl_setopt($request, CURLOPT_URL, $url);
curl_setopt($request, CURLOPT_HTTPGET, 1);
curl_setopt($request, CURLOPT_HEADER, 0);
curl_setopt($request, CURLINFO_HEADER_OUT, 0);
curl_setopt($request, CURLOPT_HTTPHEADER, $headers);
curl_setopt($request, CURLOPT_RETURNTRANSFER, 1);