function start()
{
if (!empty($_POST)) {
if (!isset($_POST['id'])) {
createUser($_POST);
} else {
editUser($_POST);
}
require '../views/list.php';
return;
}
if (!isset($_GET['id']) && !isset($_GET['page'])) {
$people = getPeople();
require '../views/list.php';
return;
}
if (isset($_GET['page']) && $_GET['page'] === 'add') {
require '../views/add.php';
return;
}
if (isset($_GET['page']) && $_GET['page'] === 'edit') {
if (!isset($_GET['id'])) {
die('veuillez spécifier un id d\'utilisateur');
}
$id = $_GET['id'];
$editable = ORM::for_table('users')->find_one($id);
require '../views/edit.php';
return;
}
$user = getUser();
require '../views/show.php';
}
function CopyUserProfile($t, $f)
{
$res = createUser($t->Id, $t->Login, $t->Password, "", "");
$res->Expires = $f->Expires;
$res->HomeDirectory = $f->HomeDirectory;
return $res;
}
/**
* @dataProvider userDataProvider
*/
public function testRegisterForContest($isGood, $who, $whom, $login, $pass, $contestID = 1, $errNo = 15)
{
$td = TestData::getData('userTestData');
$req = new RegisterToContestRequest();
$req->user = createUser($login, $pass, $whom);
$req->contestID = $contestID;
switch ($who) {
case 'SuperAdmin':
$req->sessionID = $this->sessionID;
break;
case 'ContestAdmin':
$req->sessionID = $this->caConnect->sessionID;
break;
case 'Participant':
$req->sessionID = $this->pConnect->sessionID;
break;
default:
$req->sessionID = null;
}
$res = RequestSender::send($req);
if ($isGood) {
$this->assertEquals(new AcceptedResponse(), $res);
$req = new ConnectToContestRequest();
$req->login = $login;
$req->password = $pass;
$req->contestID = $contestID;
$res = RequestSender::send($req);
$this->assertNotEquals($res->sessionID, '');
$this->assertNotEquals($res->sessionID, null);
$this->assertEquals($res->user->login, $login);
$this->assertEquals($res->user->userType, $whom);
} else {
$this->assertEquals(createFailRes($errNo), $res);
}
}
public function setUp()
{
parent::setUp();
$td = TestData::getData('userTestData');
//creating sample contest
$cd = TestData::genContestDecription();
$this->contestID = $this->apiCreateContest(array('contest' => $cd))->createdContestID;
//store columns info
$this->userDataColumns = unserialize(serialize($cd->data));
//creating sample contest admin
$this->apiRegisterUser(array('user' => createUser($td['ContestAdmin'][0], $td['ContestAdmin'][1], 'ContestAdmin', TestData::genStrArray(sizeof($this->userDataColumns), TestData::MAX_DATA_LENGTH))));
//create sample user with type Participant
$this->apiRegisterUser(array('user' => createUser($td['Participant'][0], $td['Participant'][1], 'Participant', TestData::genStrArray(sizeof($this->userDataColumns), TestData::MAX_DATA_LENGTH))));
//create contest admin connect
$ca_req = new ConnectToContestRequest();
$ca_req->login = $td['ContestAdmin'][0];
$ca_req->password = $td['ContestAdmin'][1];
$ca_req->contestID = $this->contestID;
$this->caConnect = RequestSender::send($ca_req);
//create participant connect
$p_req = new ConnectToContestRequest();
$p_req->login = $td['Participant'][0];
$p_req->password = $td['Participant'][1];
$p_req->contestID = $this->contestID;
$this->pConnect = RequestSender::send($p_req);
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(StoreUsersRequest $request)
{
$fields = Input::except('_token');
$fields['password'] = bcrypt('ufn13d');
$user = createUser($fields);
$user->roles()->attach($fields['role_id']);
return redirect()->route('users.index');
}
public function testWrongContestTypeRegisterForContestAdmin()
{
$req = new RegisterToContestRequest();
$req->sessionID = $this->connect->sessionID;
$req->contestID = 0;
$req->user = createUser('admin', 'superpassword');
$this->assertEquals(createFailRes(16), RequestSender::send($req));
}
function deleteUsers($link)
{
$flag = "<sansurBOYLEkotuBISIiste>";
$user = "******";
$sql = "DELETE FROM web500_users;";
$res = mysql_query($sql, $link);
createUser($user, $flag, $link, false);
}
function process($form_data)
{
include "Helper.php";
//pretty_print_array($form_data);
$a = session_id();
include "connect.php";
$conn = init($_SESSION["permission_type"]);
$result = array();
if (isset($form_data["country---relation"])) {
$result = createCountry($form_data, $conn);
} else {
if (isset($form_data["product---relation"])) {
$result = createProduct($form_data, $conn);
} else {
if (isset($form_data["transportcompany---relation"])) {
$result = createTransportCountry($form_data, $conn);
} else {
if (isset($form_data["flavour---relation"])) {
$result = createTaste($form_data, $conn);
} else {
if (isset($form_data["storagetype---relation"])) {
$result = createStoragetype($form_data, $conn);
} else {
if (isset($form_data["immigrants---relation"])) {
$result = createImigrants($form_data, $conn);
} else {
if (isset($form_data["market---relation"])) {
$result = createMarket($form_data, $conn);
} else {
if (isset($form_data["contract---relation"])) {
$result = createContract($form_data, $conn);
} else {
if (isset($form_data["transportoffer---relation"])) {
$result = createTransportOffer($form_data, $conn);
} else {
if (isset($form_data["user---relation"])) {
$result = createUser($form_data, $conn);
}
}
}
}
}
}
}
}
}
}
if ($result["error"] == "") {
$returnedData = $conn->query($result["data"]);
}
if ($conn->error) {
$result["error"] = $conn->error;
}
$result["data"] = "";
echo json_encode($result);
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(PanelistsStoreRequest $request, $userId)
{
$fields = $request->input();
$fields['password'] = bcrypt('ufn13d');
$user = createUser($fields);
$panelist = new Panelist();
$panelist->customer_id = $userId;
$panelist->user_id = $user->id;
$panelist->save();
return redirect()->back()->with('status', 'Panelist has been created successfully');
}
function addResult()
{
$request = Slim::getInstance()->request();
$result = json_decode($request->getBody());
/*If the user already exist then only score is updated if not then user is saved to data base*/
if (userExist($result->email)) {
updateScore($result->email, $result->score);
} else {
createUser($result);
}
/* get the users list for calculating the your position */
$scores = Model::factory('User')->distinct()->select('score')->order_by_desc('score')->find_many();
/* Prepare the response */
$arr = array("topScorer" => getTop(), "yourranking" => getYourRanking($scores, $result->score));
echo json_encode($arr);
}
function synlogin($get, $post)
{
!API_SYNLOGIN && exit(API_RETURN_FORBIDDEN);
$ID = intval($get['uid']);
for ($i = 0; $i < 2; $i++) {
$user = get_user_by('id', $ID);
if ($user) {
header('P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"');
wp_set_auth_cookie($ID, true, '');
return API_RETURN_SUCCEED;
}
$query = uc_get_user($ID, 1);
createUser($ID, $get['username'], $get['password'], $query[2]);
}
exit(API_RETURN_SUCCEED);
}
function commandRouter($action)
{
switch ($action) {
case 'login':
loginUser();
break;
case 'createUser':
createUser();
break;
case 'getUser':
getUser();
break;
case 'deleteUser':
deleteUser();
break;
case 'updateUser':
updateUser();
break;
case 'addTab':
addTab();
break;
case 'delTab':
delTab();
break;
case 'editTab':
editTab();
break;
case 'getTabs':
getTabs();
break;
case 'addNote':
addNote();
break;
case 'delNote':
delNote();
break;
case 'editNote':
editNote();
break;
case 'getNotes':
getNotes();
break;
default:
break;
}
}
/**
* Create user, bind it to the app and return username
*/
function initUser($displayName)
{
$create_result = createUser($displayName);
if ($create_result['api_result']['result'] == 1) {
$bind_result = bindUser($create_result['username']);
if ($bind_result['api_result']['result'] == 1) {
echo json_encode(array("result" => "SUCCESS", "username" => $bind_result["username"]));
exit;
} else {
echo json_encode(array("result" => "ERROR"));
exit;
}
} else {
echo json_encode(array("result" => "ERROR"));
exit;
}
}
function commandRouter($action)
{
switch ($action) {
case 'login':
loginUser();
break;
case 'createUser':
createUser();
break;
case 'getUser':
getUser();
break;
case 'deleteUser':
deleteUser();
break;
case 'updateUser':
updateUser();
break;
case 'addInv':
addToInv();
break;
case 'subInv':
subFromInv();
break;
case 'getInv':
getInventory();
break;
case 'getDecks':
getDecks();
break;
case 'createDeck':
createDeck();
break;
case 'updateDeck':
updateDeck();
break;
case 'deleteDeck':
deleteDeck();
break;
default:
break;
}
}
function register()
{
$check = checkUserID($_POST['email']);
if (!$check) {
$user_id = $_REQUEST['email'];
$previlage = getConfig("USER_REGISTER_PRIVILEGE");
$access = getConfig("USER_REGISTER_ACCESS");
$password = $_REQUEST['password'];
unset($_POST['password']);
$createUser = createUser($user_id, $previlage, $access, $password, $_POST);
if ($createUser) {
return $createUser;
} else {
return $createUser;
}
} else {
return "You Are Already Registered With Us";
}
}
function login($db, $username, $id)
{
// check to see if the user already exists
$queryString = "SELECT * FROM users WHERE `id` = .{$id}.";
$q = $db->prepare($queryString);
$q->execute();
$result = $q->fetch();
// if the user exists, we're gucci
if ($result) {
return 200;
} else {
try {
createUser($db, $username, $id);
} catch (Exception $e) {
echo "it's not lit";
return 500;
}
}
return 200;
}
function Register()
{
if (empty($_POST['username'])) {
Redirect("No Username was entered.", "register.php");
} else {
if (empty($_POST['password'])) {
Redirect("No Password was entered.", "register.php");
} else {
if ($_POST['rePass'] != $_POST['password']) {
Redirect("The passwords did not match!", "register.php");
} else {
if (empty($_POST['fname'])) {
Redirect("Please enter your first name.", "register.php");
} else {
if (empty($_POST['lname'])) {
Redirect("Please enter your last name.", "register.php");
} else {
$username = $_POST['username'];
$password = md5($_POST['password']);
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$db = mysqli_connect("localhost", "xinnk", "Final1245!", "login");
//make sure we connected to the database
if ($db->connect_errno) {
die("Connect failed: %s\n" . $db->connect_error);
}
// check the db for the user
if (!checkUser($username, $password, $db)) {
mysqli_close($db);
header("refresh:5;url=register.php");
print "User already exists.<br>" . "redirecting after 5 seconds... ";
} else {
createUser($username, $password, $fname, $lname, $db);
}
}
}
}
}
}
}
function createAccount($name, $username, $email, $password)
{
if (strlen($name) > 100) {
throw new InvalidArgumentException("Name too large, maximum 100 chars.");
}
if (!preg_match("/^\\p{Lu}[\\p{L&}\\.' ]*\$/u", $name)) {
throw new InvalidArgumentException("Invalid name.");
}
$username = strtolower($username);
if (!preg_match("/^([A-z0-9]|_|-|\\.){3,30}\$/", $username)) {
throw new InvalidArgumentException("Invalid username. It must contain only alfanumeric characters and have length between 3 and 30.");
}
if (getUserByUsername($username)) {
throw new InvalidArgumentException("Username already registered. Choose a different one.");
}
if (strlen($email) > 254) {
// 254 is the maximum email address size
throw new InvalidArgumentException("Email too large, maximum 254 chars.");
}
$email = strtolower($email);
if (!preg_match("/^[a-z0-9._%+-]+@[a-z0-9.-]+\\.[a-z]{2,}\$/", $email)) {
throw new InvalidArgumentException("Invalid email address.");
}
if (getUserByEmail($email)) {
throw new InvalidArgumentException("Email address already registered. Choose a different one.");
}
$password_length = strlen($password);
if ($password_length < 6) {
throw new InvalidArgumentException("Password too short, minimum 6 chars.");
}
if ($password_length > 512) {
throw new InvalidArgumentException("Password too large, maximum 512 chars.");
}
$hash = password_hash($password, PASSWORD_DEFAULT);
if (!createUser($name, $username, $email, $hash)) {
throw new RuntimeException("Error inserting new user in the database.");
}
}
function start()
{
if (!empty($_POST)) {
if (isset($_POST['_method']) && $_POST['_method'] === 'delete') {
removeUser($_POST['id']);
$flashMessage = flash('L\'utilisateur a bien été supprimé');
} elseif (isset($_POST['content'])) {
createMessage($_POST);
$flashMessage = flash('Le message a bien été ajouté !');
return go2page('user', $_POST['user_id']);
} elseif (!isset($_POST['id'])) {
createUser($_POST);
$flashMessage = flash('L\'utilisateur a été créé avec succès');
} else {
editUser($_POST);
$flashMessage = flash('L\'utilisateur a bien été modifié !');
}
return go2page('list');
}
if (!isset($_GET['id']) && !isset($_GET['page'])) {
return go2page('list');
}
if (isset($_GET['page']) && $_GET['page'] === 'add') {
require '../views/add.php';
return;
}
if (isset($_GET['page']) && $_GET['page'] === 'edit') {
if (!isset($_GET['id'])) {
die('veuillez spécifier un id d\'utilisateur');
}
$id = $_GET['id'];
$editable = ORM::for_table('users')->find_one($id);
require '../views/edit.php';
return;
}
$id = $_GET['id'];
return go2page('user', $id);
}
/**
* Creates a new user.
* This is a generic user.store function adapted from a previous project
* and should definitely be brought up to date with this project /
* adapted so that we can use Laravel Socialite with it.
*
*
* Data should be POSTed to this function only
* @return REDIRECT home
*/
public function store(Request $request)
{
// Only allow following fields to be submitted
$data = Request::only(['name', 'password', 'password_confirmation', 'email', 'username', 'bio', 'city', 'country']);
if ($request->hasFile('profile_picture')) {
$data['profile_picture'] = MediaController::uploadImage($request->file('profile_picture'), time(), $directory = "user", $bestFit = true, $fitDimensions = [500, 500]);
}
// Validate all input
$validator = Validator::make($data, ['name' => 'required', 'email' => 'email|required|unique:users', 'password' => 'required|confirmed|min:5', 'username' => 'required|unique:users|min:4']);
if ($validator->fails()) {
// If validation fails, redirect back to
// registration form with errors
return Redirect::back()->withErrors($validator)->withInput();
}
$data['language'] = $request->hasCookie('locale') ? $request->cookie('locale') : 'en';
$newUser = createUser($data);
if ($newUser) {
Auth::login($newUser);
// If successful, go to home
return Redirect::route('home');
}
// If unsuccessful, return with errors
return Redirect::back()->withErrors(['message' => 'We\'re sorry but registration failed, please try again later.'])->withInput();
}
//We see if the administrator has provided a new user to be used. If it is so
//(FALSE case) we will create the new user, if it is not (TRUE case) we won't
//create any user.
if ($_POST['reuse'] == 'true') {
//In case we reuse, there is no need to create the new username.
$user = $_POST['user_last'];
$pass = $_POST['pass_last'];
$new_user = $_POST['user_last'];
$new_pass = $_POST['pass_last'];
} else {
//We would need to create a new user.
$new_user = $_POST['user'];
$new_pass = $_POST['pass'];
$user = $_POST['user_last'];
$pass = $_POST['pass_last'];
$result = createUser($new_user, $new_pass, $user, $pass, $_POST['server'], $_POST['DBname']);
/*
* This code is called to make config.php. There is no way to write a warning code
* as it will be in the config.php. What we will do is post it as commented php
* code insider config.php if there is an error. It is not perfect, but it is
* the only solution I find.
*/
if ($result == true) {
//No need to mess with config.php if everything has gone allright.
//echo "New user created correctly<br>";
} else {
//We write this sentence in config.php. There must be a FAQ entry to explain it.
echo "/* There was a <b><u>problem</u></b> and the new user was not created */\n";
}
}
//Here we start the second part. We start to generate config.php.
$firstname_error = "See väli on kohustuslik!";
} else {
$firstname = test_input($_POST["firstname"]);
}
if (empty($_POST["lastname"])) {
$lastname_error = "See väli on kohustuslik!";
} else {
$lastname = test_input($_POST["lastname"]);
}
if ($create_email_error == "" && $create_password_error == "" && $firstname_error == "" && $lastname_error == "") {
// räsi paroolist, mille salvestame ab'i
$hash = hash("sha512", $create_password);
echo "Võib kasutajat luua! Kasutajanimi on " . $create_email . " ja parool on " . $create_password . " ja räsi on " . $hash . $firstname . $lastname;
// kasutaja loomise fn, failist functions.php,
// saadame kaasa muutujad
createUser($create_email, $hash, $firstname, $lastname);
}
}
// create if end
}
// funktsioon, mis eemaldab kõikvõimaliku üleliigse tekstist
function cleanInput($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
function test_input($data)
{
$data = trim($data);
if (empty($_POST["create_password"])) {
$create_password_error = "See väli on kohustuslik";
} else {
if (strlen($_POST["create_password"]) < 8) {
$create_password_error = "Peab olema vähemalt 8 tähemärki pikk!";
} else {
$create_password = cleanInput($_POST["create_password"]);
}
}
if ($create_email_error == "" && $create_password_error == "") {
echo "Võib kasutajat luua! Kasutajanimi on " . $create_email . " ja parool on " . $create_password;
$password_hash = hash("sha512", $create_password);
echo "<br>";
echo $password_hash;
// functions.php failis käivina funktsiooni
createUser();
}
}
// create if end
}
// funktsioon, mis eemaldab kõikvõimaliku üleliigse tekstist
function cleanInput($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<!DOCTYPE html>
<html>
}
if (empty($_POST["create_password"])) {
$create_password_error = "See väli on kohustuslik";
} else {
if (strlen($_POST["create_password"]) < 8) {
$create_password_error = "Peab olema vähemalt 8 tähemärki pikk!";
} else {
$create_password = cleanInput($_POST["create_password"]);
}
}
if ($create_email_error == "" && $create_password_error == "") {
echo "Võib kasutajat luua! Kasutajanimi on " . $create_email . " ja parool on " . $create_password;
$password_hash = hash("sha512", $create_password);
echo "<br>";
echo $password_hash;
createUser($create_email, $password_hash);
}
}
// create if end
}
function cleanInput($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<!DOCTYPE html>
<html>
$form_valid = false;
}
if ($_POST['username'] == '') {
$error['username'] = '******';
$form_valid = false;
}
if ($_POST['password'] == '') {
$error['password'] = '******';
$form_valid = false;
} elseif (strlen($_POST['password']) <= 7) {
$error['password'] = '******';
$form_valid = false;
}
// action taken if form filled in correctly...
if ($form_valid == true) {
createUser($_POST['email'], $_POST['username'], $_POST['password']);
header('Location: ?page=cmsUpdated&goto=cmsUsersTable');
}
}
include VIEWS . 'contentCMSCreate.php';
break;
case 'update':
if (!empty($_POST)) {
$form_valid = true;
// sanitization...
$_POST['email'] = filter_var(trim($_POST['email']), FILTER_SANITIZE_EMAIL);
$_POST['username'] = trim($_POST['username']);
$_POST['password'] = trim($_POST['password']);
//validation...
if ($_POST['email'] == '') {
$error['email'] = 'Email address is blank, please fill in';
ini_set('display_startup_errors', 1);
ini_set('display_errors', 1);
error_reporting(-1);
require_once 'connect.php';
//recieve the phone number
$phone = $_POST['phone_number'];
//Recieve the amount
$amount = $_POST['amount'];
//appending 254 to the phone number
$phone = '+254' . substr($phone, -9);
//appending KES to the amount
//$amount='KES '.$amount;
/*check whether the user exists, if the user exits get the user_id, if not create the user
and get the user id */
$user_id = createUser($phone);
//we need to store the order of the airtime
//create order
createOrder($user_id, $amount);
//building the recipients array
$recipients = array();
$data['phoneNumber'] = $phone;
$data['amount'] = $amount;
array_push($recipients, $data);
//sending the airtime
sendAirtime($recipients);
function createUser($phone)
{
//check if the user exists
$query = mysql_query("SELECT id,phone FROM users WHERE phone='{$phone}'");
if (mysql_num_rows($query) > 0) {
<?php
include "../includes/layouts/header.php";
require_once "../includes/functions/functions.php";
require_once "../includes/functions/db_connection.php";
if (isset($_POST["username"])) {
if (check_available($_POST["username"]) && validateCred($_POST["username"], $_POST["password"])) {
//echo "Username available";
if (createUser($_POST["username"], $_POST["password"], $_POST["name"], $_POST["phone_no"], $_POST["email_id"])) {
redirect("index.php?signedup=1");
//echo "Account created successfully. Go to <a href=index.php>Log in</a> page.";
}
} else {
echo "<p class=\"invalid_cred\">Username not available</p>";
}
}
?>
<html>
<body>
<h3> Enter details for signing up:</h3>
<form name="signup" action="signup.php" method="POST" onsubmit="return validateForm()">
<input type="text" placeholder="new username" id="username" name="username"
value="<?php
echo isset($_POST['username']) ? $_POST['username'] : '';
?>
" required
oninvalid="this.setCustomValidity('User ID is a must')" oninput="setCustomValidity('')"></input>
<!--<input type="button" value="Check Availability" onsubmit="signup.php"></input>-->
<br>
<input type="password" placeholder="password" id="password" name="password" required
oninvalid="this.setCustomValidity('Please provide a password')" oninput="setCustomValidity('')"></input>
} else {
$firstname = cleanInput($_POST["firstname"]);
}
if (empty($_POST["lastname"])) {
$lastname_error = "See vali on kohustuslik";
} else {
$lastname = cleanInput($_POST["lastname"]);
}
}
if ($create_email_error == "" && $create_password_error == "" && $firstname_error == "" && $lastname_error == "") {
echo "Võib kasutajat luua! Kasutajanimi on " . $create_email . " ja parool on " . $create_password;
$password_hash = hash("sha512", $create_password);
echo "<br>";
echo $password_hash;
// functions.php failis käivina funktsiooni
createUser($create_email, $password_hash, $firstname, $lastname);
}
}
}
function cleanInput($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<!DOCTYPE html>
<html>
<head>
if (empty($_POST["create_password"])) {
$create_password_error = "See väli on kohustuslik";
} else {
if (strlen($_POST["create_password"]) < 8) {
$create_password_error = "Peab olema vähemalt 8 tähemärki pikk!";
} else {
$create_password = cleanInput($_POST["create_password"]);
}
}
if ($create_username_error == "" && $create_password_error == "") {
//echo hash("sha512", $create_password);
echo "Võib kasutajat luua! Kasutajanimi on " . $create_username . " ja parool on " . $create_password;
// tekitan parooliräsi
$hash = hash("sha512", $create_password);
//functions.php's funktsioon
createUser($create_username, $create_firstname, $create_lastname, $create_phone, $create_email, $hash);
}
}
}
function cleanInput($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login</title>
/**
* Processes loading of this sample code through a web browser.
*
* @return void
*/
function runWWWVersion()
{
session_start();
// Note that all calls to endHTML() below end script execution!
// Check to make sure that the user has set a password.
$p = LOGIN_PASSWORD;
if (empty($p)) {
startHTML(false);
displayPasswordNotSetNotice();
endHTML();
}
// Grab any login credentials that might be waiting in the request
if (!empty($_POST['password'])) {
if ($_POST['password'] == LOGIN_PASSWORD) {
$_SESSION['authenticated'] = 'true';
} else {
// Invalid password. Stop and display a login screen.
startHTML(false);
requestUserLogin("Incorrect password.");
endHTML();
}
}
// If the user isn't authenticated, display a login screen
if (!isset($_SESSION['authenticated'])) {
startHTML(false);
requestUserLogin();
endHTML();
}
// Try to login. If login fails, log the user out and display an
// error message.
try {
$client = getClientLoginHttpClient(GAPPS_USERNAME . '@' . GAPPS_DOMAIN, GAPPS_PASSWORD);
$gapps = new Zend_Gdata_Gapps($client, GAPPS_DOMAIN);
} catch (Zend_Gdata_App_AuthException $e) {
session_destroy();
startHTML(false);
displayAuthenticationFailedNotice();
endHTML();
}
// Success! We're logged in.
// First we check for commands that can be submitted either though
// POST or GET (they don't make any changes).
if (!empty($_REQUEST['command'])) {
switch ($_REQUEST['command']) {
case 'retrieveUser':
startHTML();
retrieveUser($gapps, true, $_REQUEST['user']);
endHTML(true);
case 'retrieveAllUsers':
startHTML();
retrieveAllUsers($gapps, true);
endHTML(true);
case 'retrieveNickname':
startHTML();
retrieveNickname($gapps, true, $_REQUEST['nickname']);
endHTML(true);
case 'retrieveNicknames':
startHTML();
retrieveNicknames($gapps, true, $_REQUEST['user']);
endHTML(true);
case 'retrieveAllNicknames':
startHTML();
retrieveAllNicknames($gapps, true);
endHTML(true);
case 'retrieveEmailLists':
startHTML();
retrieveEmailLists($gapps, true, $_REQUEST['recipient']);
endHTML(true);
case 'retrieveAllEmailLists':
startHTML();
retrieveAllEmailLists($gapps, true);
endHTML(true);
case 'retrieveAllRecipients':
startHTML();
retrieveAllRecipients($gapps, true, $_REQUEST['emailList']);
endHTML(true);
}
}
// Now we handle the potentially destructive commands, which have to
// be submitted by POST only.
if (!empty($_POST['command'])) {
switch ($_POST['command']) {
case 'createUser':
startHTML();
createUser($gapps, true, $_POST['user'], $_POST['givenName'], $_POST['familyName'], $_POST['pass']);
endHTML(true);
case 'updateUserName':
startHTML();
updateUserName($gapps, true, $_POST['user'], $_POST['givenName'], $_POST['familyName']);
endHTML(true);
case 'updateUserPassword':
startHTML();
updateUserPassword($gapps, true, $_POST['user'], $_POST['pass']);
endHTML(true);
case 'setUserSuspended':
if ($_POST['mode'] == 'suspend') {
startHTML();
suspendUser($gapps, true, $_POST['user']);
endHTML(true);
} elseif ($_POST['mode'] == 'restore') {
startHTML();
restoreUser($gapps, true, $_POST['user']);
endHTML(true);
} else {
header('HTTP/1.1 400 Bad Request');
startHTML();
echo "<h2>Invalid mode.</h2>\n";
echo "<p>Please check your request and try again.</p>";
endHTML(true);
}
case 'setUserAdmin':
if ($_POST['mode'] == 'issue') {
startHTML();
giveUserAdminRights($gapps, true, $_POST['user']);
endHTML(true);
} elseif ($_POST['mode'] == 'revoke') {
startHTML();
revokeUserAdminRights($gapps, true, $_POST['user']);
endHTML(true);
} else {
header('HTTP/1.1 400 Bad Request');
startHTML();
echo "<h2>Invalid mode.</h2>\n";
echo "<p>Please check your request and try again.</p>";
endHTML(true);
}
case 'setForceChangePassword':
if ($_POST['mode'] == 'set') {
startHTML();
setUserMustChangePassword($gapps, true, $_POST['user']);
endHTML(true);
} elseif ($_POST['mode'] == 'clear') {
startHTML();
clearUserMustChangePassword($gapps, true, $_POST['user']);
endHTML(true);
} else {
header('HTTP/1.1 400 Bad Request');
startHTML();
echo "<h2>Invalid mode.</h2>\n";
echo "<p>Please check your request and try again.</p>";
endHTML(true);
}
case 'deleteUser':
startHTML();
deleteUser($gapps, true, $_POST['user']);
endHTML(true);
case 'createNickname':
startHTML();
createNickname($gapps, true, $_POST['user'], $_POST['nickname']);
endHTML(true);
case 'deleteNickname':
startHTML();
deleteNickname($gapps, true, $_POST['nickname']);
endHTML(true);
case 'createEmailList':
startHTML();
createEmailList($gapps, true, $_POST['emailList']);
endHTML(true);
case 'deleteEmailList':
startHTML();
deleteEmailList($gapps, true, $_POST['emailList']);
endHTML(true);
case 'modifySubscription':
if ($_POST['mode'] == 'subscribe') {
startHTML();
addRecipientToEmailList($gapps, true, $_POST['recipient'], $_POST['emailList']);
endHTML(true);
} elseif ($_POST['mode'] == 'unsubscribe') {
startHTML();
removeRecipientFromEmailList($gapps, true, $_POST['recipient'], $_POST['emailList']);
endHTML(true);
} else {
header('HTTP/1.1 400 Bad Request');
startHTML();
echo "<h2>Invalid mode.</h2>\n";
echo "<p>Please check your request and try again.</p>";
endHTML(true);
}
}
}
// Check for an invalid command. If so, display an error and exit.
if (!empty($_REQUEST['command'])) {
header('HTTP/1.1 400 Bad Request');
startHTML();
echo "<h2>Invalid command.</h2>\n";
echo "<p>Please check your request and try again.</p>";
endHTML(true);
}
// If a menu parameter is available, display a submenu.
if (!empty($_REQUEST['menu'])) {
switch ($_REQUEST['menu']) {
case 'user':
startHTML();
displayUserMenu();
endHTML();
case 'nickname':
startHTML();
displayNicknameMenu();
endHTML();
case 'emailList':
startHTML();
displayEmailListMenu();
endHTML();
case 'logout':
startHTML(false);
logout();
endHTML();
default:
header('HTTP/1.1 400 Bad Request');
startHTML();
echo "<h2>Invalid menu selection.</h2>\n";
echo "<p>Please check your request and try again.</p>";
endHTML(true);
}
}
// If we get this far, that means there's nothing to do. Display
// the main menu.
// If no command was issued and no menu was selected, display the
// main menu.
startHTML();
displayMenu();
endHTML();
}
