예제 #1
0
     $results = mysqli_query($c, $sql);
     if (mysqli_num_rows($results) >= 1) {
         $row = mysqli_fetch_array($results);
     } else {
         $sql = "INSERT INTO credentials (userid, profile, password) VALUES ('" . $_REQUEST['userid'] . "','" . $_REQUEST['profile'] . "','" . $_REQUEST['password'] . "');";
         mysqli_query($c, $sql);
         $sql = "SELECT id FROM credentials WHERE userid = '" . $_REQUEST['userid'] . "' AND profile = '" . $_REQUEST['profile'] . "' AND password = '******'password'] . "';";
         $credentialsresults = mysqli_query($c, $sql);
         $row = mysqli_fetch_array($credentialsresults);
     }
     setcookie('credential_id', encryptCookie($row['id']), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
     setcookie('custom_custid', encryptCookie($_REQUEST['userid']), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
     setcookie('custom_password', encryptCookie($_REQUEST['password']), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
     setcookie('custom_profile', encryptCookie($_REQUEST['profile']), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
     $_SESSION['sessionToken']['profile'] = $_REQUEST['profile'];
     setcookie('login', encryptCookie($_REQUEST['profile']), 0, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
     header("Location:vtest.php?userid=" . $_REQUEST['userid'] . "&password="******"&profile=" . $_REQUEST['profile']);
 } else {
     $errors = 0;
     $errorlog = '';
     $errorlog .= '<p>TestMySQLConnection - ';
     if (!$c) {
         $errorlog .= 'Failed</p>';
         $errors++;
     } else {
         $errorlog .= 'Passed</p>';
     }
     include 'rest/EBSCOAPI.php';
     $errorlog .= '<p>TestMySQLPrivileges - ';
     $sql = 'INSERT INTO readings (listid, authorid, an, db, url, title, priority, type) VALUES (1,1,"testing-an", "testing-db","none ","Circumstances Surrounding the Community Needle-Stick Injuries in Georgia.",1,1);';
     $results = mysqli_query($c, $sql);
예제 #2
0
function generate_token($objUser, $token_type)
{
    return encryptCookie($objUser->user_id . $token_type . time());
}
예제 #3
0
                die("It looks like the application was unable to connect to your MySQL server, or had trouble looking for the reading list.  Here is the MySQL error: 4");
            }
            // add this instructor to the authors list for this reading list
            $sql = "INSERT INTO authorlists (authorid, listid) VALUES (?,?)";
            $stmt = $c->prepare($sql);
            $stmt->bind_param('ii', $authorID, $row['id']);
            $stmt->execute();
            $added = TRUE;
        } else {
            $authorIDfetch = mysqli_fetch_array($authorresults);
            $authorID = $authorIDfetch['id'];
        }
    } else {
        die("It looks like the application was unable to connect to your MySQL server, or had trouble looking for the reading list.  Here is the MySQL error: 5");
    }
    setcookie('currentAuthorId', encryptCookie($authorID), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
}
$foundCopy = FALSE;
if ($newlist && (isset($customparams['copylist']) && $customparams['copylist'] == 'y')) {
    if (substr_count($clean['roles'], "Instructor") > 0) {
        $sql = "SELECT id, linklabel, course, linkid FROM lists WHERE (id IN (SELECT listid FROM authorlists WHERE authorid = ?) AND linklabel = ? AND linkid != ? AND credentialconsumerid = ?) OR (private = 0 AND credentialconsumerid = ? AND linklabel = ?) ORDER BY private, last_access DESC;";
        $stmt = $c->prepare($sql);
        $stmt->bind_param('issiis', $authorID, $clean['resource_link_title'], $clean['resource_link_id'], $clean['credential_consumer_id'], $clean['credential_consumer_id'], $clean['resource_link_title']);
    } else {
        $sql = "SELECT id, linklabel, course, linkid FROM lists WHERE private = 0 AND credentialconsumerid = ? AND linklabel = ? ORDER BY private, last_access DESC";
        $stmt = $c->prepare($sql);
        $stmt->bind_param('is', $clean['credential_consumer_id'], $clean['resource_link_title']);
    }
    $stmt->execute();
    $results = $stmt->get_result();
    if (substr_count($clean['roles'], "Instructor") > 0 && mysqli_num_rows($results) > 0) {
<style type="text/css">
  #currentList { display: none; }
</style>
<?php 
$time = 0;
// store for session only
if (!isset($_COOKIE['logged_in_cust_id'])) {
    setcookie('message', encryptCookie("You must be logged in to access that service, please login"), $time, '/');
    setcookie('forward_to_admin', encryptCookie(" "), $time, '/');
    header("admin.php2");
}
$clean = strip_tags_deep($_REQUEST);
/* if (isInstructor()) { */
?>
<div class="readingListLink"><h3 style="color:red;">Warning: you are about to delete the following lists permanently.  This action cannot be undone.  Any instructor that tries to access these lists from their course will find an empty list.</h3><?php 
if (isset($clean['listid'])) {
    ?>
    <form action="process_delete.php" method="get">
    <?php 
    $id_list = join(",", $clean['listid']);
    //create a comma delimited list of all the ids to be deleted
    $count = 0;
    foreach ($clean['listid'] as $id_list) {
        //form and execute the mysqli
        $sql = $c->prepare("SELECT id, course, linklabel, private, last_access FROM lists WHERE id = ?;");
        $sql->bind_param('i', $id_list);
        $sql->execute();
        $sql->bind_result($lists_id, $lists_course, $lists_linklabel, $lists_private, $lists_last_access);
        //$results = mysqli_query($c,$sql);
        //create a hidden input in our form for each of the items to be deleted
        while ($sql->fetch()) {
예제 #5
0
                    $c->next_result();
                    mysqli_close($c);
                    header("Location:admin2.php");
                }
            } else {
                setcookie('logged_in_cust_id', encryptCookie("none"), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
                setcookie('forward_to_admin', encryptCookie("y"), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
                $c->next_result();
                mysqli_close($c);
                header("Location:admin2.php");
            }
        }
        if (!isset($cust_id)) {
            setcookie('logged_in_cust_id', encryptCookie("none"), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
        }
        setcookie('forward_to_admin', encryptCookie("y"), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
        $c->next_result();
        mysqli_close($c);
        header("Location:admin2.php");
    }
    if (!isset($_COOKIE['logged_in_cust_id'])) {
        $message = "Login failed";
    }
}
?>

<strong>
<?php 
//display message, if one has been generated
if (isset($message)) {
    echo $message;
    $titlecount = count($titles);
    $ANcount = count($ANs);
    $DBcount = count($DBs);
    if ($titlecount != $ANcount || $titlecount != $DBcount || $ANcount != $DBcount || $titlecount == 0) {
        ?>
 <div class="readingListLink"> <h3><?php 
        echo "Oops! An error occurred. The data for one or more records is incomplete. Please try again, being sure to include the entire record for each reading.";
        ?>
</h3></div><?php 
    } else {
        for ($i = 0; $i < $titlecount; $i++) {
            $sql = $c->prepare("INSERT INTO readings (listid, authorid, an, db, title, priority, url, type) VALUES (?,?,?,?,?,1,'none',1);");
            $sql->bind_param('iisss', decryptCookie($_COOKIE['currentListId']), decryptCookie($_COOKIE['currentAuthorId']), $ANs[$i], $DBs[$i], $titles[$i]);
            $sql->execute();
        }
        if ($titlecount == 1) {
            setcookie('import_folder_message', encryptCookie("1 reading added"), $time, '/');
        } else {
            setcookie('import_folder_message', encryptCookie("{$titlecount} readings added"), $time, '/');
        }
        header("Location:reading_list.php");
    }
    //Add statement saying how many items added to reading list.
}
?>
<div class="readingListLink"><h2> Enter bibliographic info from the list into this box:</h2>
<form action="import_folder.php" id="EBSCOFolderForm" method="post">
<textarea name="BiblioInfo" form="EBSCOFolderForm" rows="6" cols="50"></textarea></br>
<input type="submit" value="Generate list">
</form></div>
예제 #7
0
function createCookie($id, $user, $pass)
{
    //call encryption function
    $cookie_value = encryptCookie($id, $user, $pass);
    //set the cookie
    setcookie(ADMIN_COOKIE, $cookie_value, time() + 2592000, APP_WEB_PATH, SITE_DOMAIN);
}
예제 #8
0
        $count = 0;
        while ($sql->fetch()) {
            $count++;
            $consumeridsArray['logged_in_consumerid'][$count] = $result;
        }
        if (!isset($consumeridsArray)) {
            $consumeridsArray = array();
        }
        setcookie('consumeridsArray', encryptCookie($consumeridsArray), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
        if ($c->more_results()) {
            $c->next_result();
        }
        $customparams = loadCustomParams($c, $key);
        $variables['consumeridsArray'] = $consumeridsArray;
        $variables['customparams'] = $customparams;
        ebsco_render('admin.html', 'layout.html', $variables);
    } else {
        if (isset($_COOKIE['forward_to_admin']) && decryptCookie($_COOKIE['forward_to_admin']) == "n") {
            if (isset($_POST['admin_key'])) {
                $clean = strip_tags_deep($_POST);
                setcookie('admin_key', encryptCookie($clean['admin_key']), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
                setcookie('admin_secret', encryptCookie($clean['admin_secret']), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
                $variables['admin_key'] = $clean['admin_key'];
                $variables['admin_secret'] = $clean['admin_secret'];
            }
            ebsco_render('sign_on.html', 'layout.html', $variables);
        } else {
            ebsco_render('sign_on.html', 'layout.html', $variables);
        }
    }
}
예제 #9
0
 /**
  * Get session token for a profile 
  * If session token is not available 
  * a new session token will be generated
  * 
  * @param Authentication token, Profile 
  * @access public
  */
 public function getSessionToken($authenToken, $invalid = 'n')
 {
     $token = '';
     // Check user's login status
     if (isset($_COOKIE['login'])) {
         if ($invalid == 'y') {
             $profile = self::$cust_profile;
             $_SESSION['debug'] .= "--GetSession with INVALID is YES--";
             $sessionToken = $this->apiSessionToken($authenToken, $profile, 'n');
             $_SESSION['debug'] .= "---apiSessionToken got " . var_export($sessionToken, TRUE) . "---";
             $time = 0;
             // store for session only //store cookie for one hour
             setcookie('sessionToken', encryptCookie($sessionToken), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
             $_SESSION['sessionToken'] = $sessionToken;
         } else {
             if (isset($_SESSION['sessionToken'])) {
                 $sessionToken = $_SESSION['sessionToken'];
                 $_SESSION['debug'] .= "---Using EXISTING session token from SESSION var: " . var_export($sessionToken, TRUE) . "---";
             } else {
                 $sessionToken = decryptCookie($_COOKIE['sessionToken']);
                 $_SESSION['debug'] .= "---Using EXISTING session token from Cookie var: " . var_export($sessionToken, TRUE) . "---";
             }
         }
         $token = $sessionToken['sessionToken'];
     } else {
         die("The reading list tool requires the use of cookies.  Please insure you allow cookies from this site.");
     }
     return $token;
 }
예제 #10
0
$customparams = loadCustomParams($c, $cookieDCd);
$profile = $customparams['profile'];
try {
    $api = new EBSCOAPI($c, $customparams);
} catch (Exception $e) {
    die("It looks like your user id and password for your EDS API profile are incorrect.  Please check your settings in the <a href='http://curriculumbuilder.ebscohost.com/admin.php' target='_top'>admin panel</a>.<p style='display:none;'>" . var_export($customparams, TRUE) . "</p>");
}
try {
    $_SESSION['debug'] .= "<p>Using AuthToken " . $api->getAuthToken() . "</p>";
    $newSessionToken = $api->apiSessionToken($api->getAuthToken(), $profile, 'n');
} catch (Exception $e) {
    echo "<div style='display:none;'>" . $_SESSION['debug'] . "</div>";
    die("It looks like your profile id for your EDS API profile is incorrect.  Please check your settings in the <a href='http://curriculumbuilder.ebscohost.com/admin.php' target='_top'>admin panel</a>.<p style='display:none;'>" . var_export($customparams, TRUE) . "</p><p style='display:none;'>" . $e->getMessage() . "</p>");
}
setcookie('sessionToken', encryptCookie($newSessionToken), $time, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
setcookie('login', encryptCookie($profile), 0, "/", $_SERVER['SERVER_NAME'], FALSE, TRUE);
if (isset($_COOKIE['Guest'])) {
    setcookie('Guest', '', time() - 3600);
}
if (isset($clean['path'])) {
    $path = $clean['path'];
} else {
    $path = "default";
}
if (isset($clean['copyid'])) {
    if ($clean['copyid'] == '0') {
    } else {
        copyList($c, $clean['copyid'], decryptCookie($_COOKIE['currentListId']));
        $path = "reading_list";
    }
}