function _edit(&$vars)
{
extract($vars);
$password = $Setting->find_by(array('name' => 'aktt_identica_password', 'profile_id' => get_profile_id()));
if (!$password) {
$password = $Setting->base();
$password->set_value('profile_id', get_profile_id());
$password->set_value('person_id', get_person_id());
$password->set_value('name', 'aktt_identica_password');
$password->save_changes();
$password->set_etag();
$password = $Setting->find($password->id);
$pword = "";
}
if (!empty($password->value)) {
$pword = "******";
}
// get the one-to-one-related child-record from "entries"
$pEntry =& $password->FirstChild('entries');
$passurl = $request->url_for(array('resource' => 'settings', 'id' => $password->id, 'action' => 'put'));
$username = $Setting->find_by(array('name' => 'aktt_identica_username', 'profile_id' => get_profile_id()));
if (!$username) {
$username = $Setting->base();
$username->set_value('profile_id', get_profile_id());
$username->set_value('person_id', get_person_id());
$username->set_value('name', 'aktt_identica_username');
$username->save_changes();
$username->set_etag();
$username = $Setting->find($username->id);
}
// get the one-to-one-related child-record from "entries"
$uEntry =& $username->FirstChild('entries');
$userurl = $request->url_for(array('resource' => 'settings', 'id' => $username->id, 'action' => 'put'));
$stat = $Setting->find_by(array('name' => 'identica_status', 'profile_id' => get_profile_id()));
if (!$stat) {
$stat = $Setting->base();
$stat->set_value('profile_id', get_profile_id());
$stat->set_value('person_id', get_person_id());
$stat->set_value('name', 'identica_status');
$stat->set_value('value', 'enabled');
$stat->save_changes();
$stat->set_etag();
$stat = $Setting->find($stat->id);
}
// get the one-to-one-related child-record from "entries"
$sEntry =& $stat->FirstChild('entries');
$staturl = $request->url_for(array('resource' => 'settings', 'id' => $stat->id, 'action' => 'put'));
$status = $stat->value;
$akidentica_tw_text_options = array('disabled' => 'disabled', 'enabled' => 'enabled');
$RemoteServer =& $db->model('RemoteServer');
$RemoteServer->find();
$servers = array();
while ($r = $RemoteServer->MoveNext()) {
$servers[] = $r;
}
return vars(array(&$servers, &$akidentica_tw_text_options, &$status, &$staturl, &$pword, &$userurl, &$passurl, &$password, &$sEntry, &$username, &$uEntry, &$pEntry, &$profile), get_defined_vars());
}
public function Create($r_Auth)
{
plog("Session::Create for User ID: " . $r_Auth);
$now = strtotime('now');
$data = array("login" => $now, "REFERRER" => getenv('HTTP_REFERER'), "IP" => getenv('REMOTE_ADDR'), "BROWSER" => getenv('HTTP_USER_AGENT'), "r_Auth" => $r_Auth, "status" => 1, "refreshed" => $now, "last_refreshed" => $now);
global $session_id, $auth;
$session_id = $this->Insert($data);
plog('New session ID: ' . vars($session_id));
cook("username", $auth['username'], timeout);
cook("session", $session_id, timeout);
return $session_id;
}
function _sources(&$vars)
{
extract($vars);
if (!member_of('administrators')) {
trigger_error('sorry you must be an administrator to do that', E_USER_ERROR);
}
$aktwitter_tw_text_options = array('0' => 'false', '1' => 'true');
$Setting =& $db->model('Setting');
$returnvars = array();
$TwitterUser =& $db->model('TwitterUser');
$TwitterUser->find_by(array('eq' => 'not like', 'oauth_key' => ''), 1);
$i = 1;
while ($tu = $TwitterUser->MoveNext()) {
$modevar = 'n' . $i . 'mode';
$urlvar = 'n' . $i . 'url';
$entryvar = 'n' . $i . 'entry';
$nickvar = 'n' . $i . 'nick';
$i++;
${$nickvar} = $tu->screen_name;
${$modevar} = $Setting->find_by('name', 'config.env.importtwitter_' . $tu->id);
if (!${$modevar}) {
${$modevar} = $Setting->base();
${$modevar}->set_value('profile_id', get_profile_id());
${$modevar}->set_value('person_id', get_person_id());
${$modevar}->set_value('name', 'config.env.importtwitter_' . $tu->id);
${$modevar}->set_value('value', 0);
${$modevar}->save_changes();
${$modevar}->set_etag();
${$modevar} = $Setting->find(${$modevar}->id);
}
${$urlvar} = $request->url_for(array('resource' => 'settings', 'id' => ${$modevar}->id, 'action' => 'put'));
${$entryvar} = ${$modevar}->FirstChild('entries');
$returnvars[] =& ${$modevar};
$returnvars[] =& ${$urlvar};
$returnvars[] =& ${$entryvar};
$returnvars[] =& ${$nickvar};
}
$returnvars[] =& $collection;
$returnvars[] =& $profile;
$returnvars[] =& $aktwitter_tw_text_options;
$listvars = array(1 => 'friends_timeline', 0 => 'disabled');
$returnvars[] =& $listvars;
$returnvars[] =& $i;
return vars($returnvars, get_defined_vars());
}
function _mobile(&$vars)
{
extract($vars);
$foo = "";
return vars(array(&$foo), get_defined_vars());
}
global $session;
$session = NULL;
global $user;
$user = NULL;
global $domain;
$domain = NULL;
global $expired;
$expired = false;
global $pageurl;
$pageurl = current_page_url();
global $is_logged_in;
$is_logged_in = false;
if (!defined('quiet_auth')) {
$domain = explode("/", str_replace("http://", "", $pageurl));
$domain = $domain[0];
}
if (!defined('suppress_auth')) {
$session_model->Active();
plog('$auth: ' . vars($auth));
plog('$session: ' . vars($session));
}
global $plog_level;
if ($plog_level == 1) {
plog('##### $pageurl: ' . vars($pageurl));
if (isset($_SERVER['HTTP_REFERRER'])) {
plog('Referred: ' . $_SERVER['HTTP_REFERRER']);
}
plog('getpost():------' . vars(getpost()));
}
plog('----Executing: ' . vars($pageurl));
function _oauth(&$vars)
{
// top stream, re-connect to subtwitter-db
extract($vars);
global $prefix;
$Blog =& $db->model('Blog');
if (empty($db->prefix)) {
if (isset($_REQUEST['oauth_token'])) {
$tabresult = $db->get_result("SHOW tables");
$tables = array();
$tablist = array();
for ($i = 0; $tables[$i] = mysql_fetch_assoc($tabresult); $i++) {
foreach ($tables[$i] as $k => $v) {
$tablist[] = $v;
}
}
while ($b = $Blog->MoveNext()) {
if (!empty($b->prefix) && in_array($b->prefix . "_db_sessions", $tablist)) {
$sql = "SELECT data FROM " . $b->prefix . "_db_sessions WHERE data LIKE '%" . $db->escape_string($_REQUEST['oauth_token']) . "%'";
$result = $db->get_result($sql);
if ($db->num_rows($result) == 1) {
// XXX subdomain upgrade
$redir = blog_url($b->nickname, true);
$redir .= 'oauth_login';
$redir .= "&oauth_token=" . $_REQUEST['oauth_token'];
$content = '<script type="text/javascript">' . "\n";
$content .= ' // <![CDATA[' . "\n";
$content .= " location.replace('" . $redir . "');" . "\n";
$content .= ' // ]]>' . "\n";
$content .= '</script>' . "\n";
return vars(array(&$content), get_defined_vars());
}
}
}
}
}
// http://abrah.am
lib_include('twitteroauth');
/* Sessions are used to keep track of tokens while user authenticates with twitter */
/* Consumer key from twitter */
$consumer_key = environment('twitterKey');
/* Consumer Secret from twitter */
$consumer_secret = environment('twitterSecret');
/* Set up placeholder */
$content = NULL;
/* Set state if previous session */
$state = $_SESSION['oauth_state'];
/* Checks if oauth_token is set from returning from twitter */
$session_token = $_SESSION['oauth_request_token'];
/* Checks if oauth_token is set from returning from twitter */
$oauth_token = $_REQUEST['oauth_token'];
/* Set section var */
$section = $_REQUEST['section'];
/* If oauth_token is missing get it */
if ($_REQUEST['oauth_token'] != NULL && $_SESSION['oauth_state'] === 'start') {
/*{{{*/
$_SESSION['oauth_state'] = $state = 'returned';
}
/*}}}*/
/*
* 'default': Get a request token from twitter for new user
* 'returned': The user has authorize the app on twitter
*/
switch ($state) {
/*{{{*/
default:
/* Create TwitterOAuth object with app key/secret */
$to = new TwitterOAuth($consumer_key, $consumer_secret);
/* Request tokens from twitter */
$tok = $to->getRequestToken();
/* Save tokens for later */
$Blog =& $db->model('Blog');
if (!empty($db->prefix) && isset($_REQUEST['oauth_token'])) {
$tabresult = $db->get_result("SHOW tables");
$tables = array();
$tablist = array();
for ($i = 0; $tables[$i] = mysql_fetch_assoc($tabresult); $i++) {
foreach ($tables[$i] as $k => $v) {
$tablist[] = $v;
}
}
while ($b = $Blog->MoveNext()) {
if (!empty($b->prefix) && in_array($b->prefix . "_db_sessions", $tablist)) {
$sql = "SELECT id FROM " . $b->prefix . "_db_sessions WHERE data LIKE '%" . $db->escape_string($_REQUEST['oauth_token']) . "%'";
$result = $db->get_result($sql);
if ($db->num_rows($result) == 1) {
$sess = $db->result_value($result, 0, "id");
$del = $db->get_result("DELETE FROM " . $b->prefix . "_db_sessions WHERE id = '{$sess}'");
}
}
}
}
$_SESSION['oauth_request_token'] = $token = $tok['oauth_token'];
$_SESSION['oauth_request_token_secret'] = $tok['oauth_token_secret'];
$_SESSION['oauth_state'] = "start";
if (isset($_GET['forward']) && !empty($_SERVER['HTTP_REFERER'])) {
$_SESSION['oauth_twitter'] = $_SERVER['HTTP_REFERER'];
} else {
$_SESSION['oauth_twitter'] = $request->base;
}
/* Build the authorization URL */
$auth_url = $to->getAuthorizeURL($token);
if (empty($auth_url)) {
$content = 'Request token not found, <a href="' . $request->url_for('oauth_login') . '">click here to try again...</a>';
} else {
$content = '<script type="text/javascript">' . "\n";
$content .= ' // <![CDATA[' . "\n";
$content .= " location.replace('" . $auth_url . "');" . "\n";
$content .= ' // ]]>' . "\n";
$content .= '</script>' . "\n";
}
break;
case 'returned':
if (isset($_SESSION['oauth_twitter'])) {
$redirect_to = $_SESSION['oauth_twitter'];
} else {
$redirect_to = $request->base;
}
/* If the access tokens are already set skip to the API call */
if ($_SESSION['oauth_access_token'] === NULL && $_SESSION['oauth_access_token_secret'] === NULL) {
/* Create TwitterOAuth object with app key/secret and token key/secret from default phase */
$to = new TwitterOAuth($consumer_key, $consumer_secret, $_SESSION['oauth_request_token'], $_SESSION['oauth_request_token_secret']);
/* Request access tokens from twitter */
$tok = $to->getAccessToken();
/* Save the access tokens. Normally these would be saved in a database for future use. */
$_SESSION['oauth_access_token'] = $tok['oauth_token'];
$_SESSION['oauth_access_token_secret'] = $tok['oauth_token_secret'];
if (!($_SESSION['oauth_access_token'] === NULL && $_SESSION['oauth_access_token_secret'] === NULL)) {
unset($_SESSION['oauth_request_token']);
unset($_SESSION['oauth_request_token_secret']);
}
}
$to = new TwitterOAuth($consumer_key, $consumer_secret, $_SESSION['oauth_access_token'], $_SESSION['oauth_access_token_secret']);
$session_oauth_token = $_SESSION['oauth_access_token'];
$session_oauth_secret = $_SESSION['oauth_access_token_secret'];
$content = $to->OAuthRequest('https://twitter.com/account/verify_credentials.json', array(), 'GET');
if (!class_exists('Services_JSON')) {
lib_include('json');
}
$json = new Services_JSON();
$user = $json->decode($content);
if (empty($user)) {
trigger_error('The server said: ' . $content, E_USER_ERROR);
}
if (empty($prefix) && in_array('invites', $db->tables)) {
$Invite =& $db->model('Invite');
$result = $Invite->find_by('nickname', $user->screen_name);
if (!$result) {
trigger_error('Sorry, you have not been invited yet ' . environment('email_from'), E_USER_ERROR);
}
}
$Identity =& $db->model('Identity');
$Person =& $db->model('Person');
$TwitterUser =& $db->model('TwitterUser');
$twuser = $TwitterUser->find_by('twitter_id', $user->id);
// a) twitter user exists, does not have a profile_id
// b) twitter user exists, HAS a profile_id
// c) twitter user does not exist
if ($twuser) {
if (!$twuser->profile_id) {
// a
$i = make_identity(array($user->screen_name, $user->profile_image_url, $user->name, $user->description, $user->url, $user->location));
if (!$i) {
trigger_error('sorry I was unable to create an identity', E_USER_ERROR);
}
$twuser->set_value('profile_id', $i->id);
$twuser->set_value('oauth_key', $session_oauth_token);
$twuser->set_value('oauth_secret', $session_oauth_secret);
$twuser->save_changes();
if (!$twuser) {
trigger_error('sorry I was unable to create a twitter user', E_USER_ERROR);
}
} else {
// b
$i = $Identity->find($twuser->profile_id);
if (!$i) {
trigger_error('sorry I was unable to find the identity', E_USER_ERROR);
}
if ($session_oauth_token != $twuser->oauth_key) {
$twuser->set_value('oauth_key', $session_oauth_token);
$twuser->set_value('oauth_secret', $session_oauth_secret);
$twuser->save_changes();
}
}
} else {
// c
$i = make_identity(array($user->screen_name, $user->profile_image_url, $user->name, $user->description, $user->url, $user->location));
if (!$i) {
trigger_error('sorry I was unable to create an identity', E_USER_ERROR);
}
$twuser = make_twuser($user, $i->id, $session_oauth_token, $session_oauth_secret);
if (!$twuser) {
trigger_error('sorry I was unable to create a twitter user', E_USER_ERROR);
}
}
$_SESSION['oauth_person_id'] = $i->person_id;
if (empty($redirect_to)) {
$content = "<p>there was an error in the oauth routine, sorry</p>";
} else {
$content = '<script type="text/javascript">' . "\n";
$content .= ' // <![CDATA[' . "\n";
$content .= " location.replace('" . $redirect_to . "');" . "\n";
$content .= ' // ]]>' . "\n";
$content .= '</script>' . "\n";
}
break;
}
/*}}}*/
return vars(array(&$content), get_defined_vars());
}
function get_var($key, $default = '')
{
$vars =& vars();
return isset($vars->{$key}) ? $vars->{$key} : $default;
}
function _following(&$vars)
{
extract($vars);
global $request;
global $response;
$pagevar = "followingpage";
if (isset($request->params[$pagevar])) {
$page = $request->params[$pagevar];
} else {
$page = 1;
}
$mapper = array('nickname' => $request->params['nickname']);
$where = array('subscriber' => $request->params['byid']);
$Subscription->set_param('find_by', $where);
$request->set_param('page', $page);
$Subscription->set_limit(10);
$response->collection = new Collection('subscriptions');
if (count($response->collection->members) >= $response->collection->per_page) {
$mapper[$pagevar] = $page + 1;
$older = '<a href="' . $request->url_for($mapper);
$older .= '">< older</a>';
}
if ($page > 1) {
$mapper[$pagevar] = $page - 1;
$newer = " ";
$newer .= '<a href="' . $request->url_for($mapper);
$newer .= '">newer ></a>';
}
$Identity =& $db->model('Identity');
return vars(array(&$newer, &$older, &$collection, &$Identity), get_defined_vars());
}
include_once 'ui.php';
// Basic (minimal) bootstrapping.
include_once SITE_ROOT . '/settings/config.php';
include_once SITE_ROOT . '/settings/config.crypt.php';
include_once SITE_ROOT . '/settings/config.flags.php';
include_once SITE_ROOT . '/settings/config.enums.php';
include_once SITE_ROOT . '/settings/config.global.php';
include_once SITE_ROOT . '/settings/config.databases.php';
include_all(SITE_ROOT . '/model/');
global $auth_database;
try {
$auth_database = new Database(AUTH_DB_DSN, AUTH_DB_USER, AUTH_DB_PASS);
} catch (Exception $e) {
plog($e);
}
plog('$auth_database: ' . vars($auth_database));
global $auth_model;
$auth_model = new Auth($auth_database);
global $session_model;
$session_model = new Session($auth_database);
global $profile_model;
$profile_model = new Profile($auth_database);
global $auth;
$auth = NULL;
global $session;
$session = NULL;
global $user;
$user = NULL;
global $database;
// change to something else if you want a common auth
$database = $auth_database;
function _new(&$vars)
{
// bring controller vars into scope
extract($vars);
$Member = $Group->base();
return vars(array(&$Member), get_defined_vars());
}
<?php
//global $plog_level; $plog_level=1;
include 'core/Page.php';
plog('File: ' . __FILE__);
global $session_model, $auth_model, $auth;
$getpost = getpost();
if (!(isset($getpost['username']) && isset($getpost['password']))) {
Page::Redirect("login?m=1");
}
$auth = $auth_model->byUsername($getpost['username']);
plog('$getpost: ' . vars($getpost));
plog('$auth: ' . vars($auth));
if (!is_array($auth)) {
Page::Redirect("login?m=2");
}
if (strlen($auth['password']) == 0 || matches(ourcrypt($getpost['password']), $auth['password'])) {
plog('Password matched! User has authenticated.');
if (Auth::ACL('locked')) {
plog('Account is locked, logging user ' . $auth['ID'] . ' off.');
$session_model->Logout();
Page::Redirect("login?m=4");
die;
}
$session_model->Create($auth['ID']);
Page::Redirect("dash");
} else {
Page::Redirect("login?m=1");
}
public function Update($table, $data, $where_clause, $prepared = "")
{
$fields = array_keys($data);
$size = count($fields);
$query = "UPDATE " . $table . " SET ";
for ($f = 0; $f < $size; ++$f) {
if ($f > 0) {
$query .= ", ";
}
$query .= $fields[$f] . " = :update_" . $fields[$f];
}
if (is_array($where_clause)) {
$query .= Database::Where($where_clause);
} else {
if (!empty($where_clause)) {
$query .= " WHERE " . $where_clause;
}
}
$prepared = $this->Clean($prepared);
foreach ($fields as $field) {
$prepared[":update_{$field}"] = $data[$field];
}
$this->result = $this->Run($query, $prepared);
plog("Prepared: " . str_replace("\n", "", vars($prepared)));
return $this->result;
}
<?php
if (isset($_GET['hash'])) {
echo vars($_GET['hash']);
die;
}
function vars($data)
{
$result = '<table class="table table-striped table-hover table-condensed"><tr><th>Hash Name</th><th>Length</th><th>Hash</th></tr>';
foreach (hash_algos() as $v) {
$r = hash($v, $data, false);
$result .= '<tr ' . ($v == 'md5' || $v == 'sha1' ? 'class="info"' : false) . '><td>' . $v . '</td><td>' . strlen($r) . '</td><td class="monospace">' . $r . '</td></tr>';
//'[$v] = ['length' => strlen($r), 'value'=>$r];
}
return $result .= '</table>';
}
?>
<!DOCTYPE html>
<html>
<head>
<title></title>
<script type="text/javascript" src="https://code.jquery.com/jquery-2.1.1.min.js"></script>
<link rel="stylesheet" type="text/css" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css">
<style type="text/css">
body {
padding: 2%;
}
.monospace {
font-family: monospace;
function _edit(&$vars)
{
extract($vars);
if (!class_exists('Services_JSON')) {
lib_include('json');
}
$TwitterUser =& $db->model('TwitterUser');
$tu = $TwitterUser->find_by(array('profile_id' => get_profile_id()), 1);
if ($tu) {
$method = 'oauth';
} else {
$method = 'password';
$password = $Setting->find_by(array('name' => 'aktt_twitter_password', 'profile_id' => get_profile_id()));
if (!$password) {
$password = $Setting->base();
$password->set_value('profile_id', get_profile_id());
$password->set_value('person_id', get_person_id());
$password->set_value('name', 'aktt_twitter_password');
$password->save_changes();
$password->set_etag();
$password = $Setting->find($password->id);
$pword = "";
}
if (!empty($password->value)) {
$pword = "******";
}
// get the one-to-one-related child-record from "entries"
$pEntry =& $password->FirstChild('entries');
$passurl = $request->url_for(array('resource' => 'settings', 'id' => $password->id, 'action' => 'put'));
$username = $Setting->find_by(array('name' => 'aktt_twitter_username', 'profile_id' => get_profile_id()));
if (!$username) {
$username = $Setting->base();
$username->set_value('profile_id', get_profile_id());
$username->set_value('person_id', get_person_id());
$username->set_value('name', 'aktt_twitter_username');
$username->save_changes();
$username->set_etag();
$username = $Setting->find($username->id);
}
// get the one-to-one-related child-record from "entries"
$uEntry =& $username->FirstChild('entries');
$userurl = $request->url_for(array('resource' => 'settings', 'id' => $username->id, 'action' => 'put'));
}
$stat = $Setting->find_by(array('name' => 'twitter_status', 'profile_id' => get_profile_id()));
if (!$stat) {
$stat = $Setting->base();
$stat->set_value('profile_id', get_profile_id());
$stat->set_value('person_id', get_person_id());
$stat->set_value('name', 'twitter_status');
$stat->set_value('value', 'enabled');
$stat->save_changes();
$stat->set_etag();
$stat = $Setting->find($stat->id);
}
// get the one-to-one-related child-record from "entries"
$sEntry =& $stat->FirstChild('entries');
$staturl = $request->url_for(array('resource' => 'settings', 'id' => $stat->id, 'action' => 'put'));
$status = $stat->value;
$aktwitter_tw_text_options = array('disabled' => 'disabled', 'enabled' => 'enabled');
if ($method == 'password') {
return vars(array(&$aktwitter_tw_text_options, &$status, &$staturl, &$pword, &$userurl, &$passurl, &$password, &$sEntry, &$username, &$uEntry, &$pEntry, &$profile, &$method), get_defined_vars());
}
if ($method == 'oauth') {
return vars(array(&$aktwitter_tw_text_options, &$status, &$staturl, &$sEntry, &$profile, &$method), get_defined_vars());
}
}
function page_input($keys)
{
if (!is_array($keys)) {
$keys = func_get_args();
}
global $getpost;
if (!isset($getpost) || !is_array($getpost)) {
$getpost = getpost();
}
plog('page_input:getpost(): ' . vars($getpost));
plog('page_input:checked against required input parameters ' . vars($keys));
foreach ($keys as $numbered => $v) {
if (!isset($getpost[$v])) {
return FALSE;
}
}
plog('page_input:PASSED');
return $getpost;
}
function _entry(&$vars)
{
// bring controller vars into scope
extract($vars);
$Category = $Category->find($request->id);
if (!$Category) {
trigger_error("Sorry, I could not find that entry in categories.", E_USER_ERROR);
}
$Category->set_etag();
$Entry = $Entry->find_by(array('resource' => 'categories', 'record_id' => $Category->id), $Category->id);
return vars(array(&$Category, &$Entry), get_defined_vars());
}
function _pagespan(&$vars)
{
extract($vars);
return vars(array(&$collection, &$profile), get_defined_vars());
}
function _block(&$vars)
{
extract($vars);
return vars(array(&$Entry, &$collection), get_defined_vars());
}
function _background(&$vars)
{
extract($vars);
$settingvalue = $Setting->find_by(array('name' => 'background_image', 'profile_id' => get_profile_id()));
if (!$settingvalue) {
$settingvalue = $Setting->base();
$settingvalue->set_value('profile_id', get_profile_id());
$settingvalue->set_value('person_id', get_person_id());
$settingvalue->set_value('name', 'background_image');
$settingvalue->save_changes();
$settingvalue->set_etag();
$settingvalue = $Setting->find($settingvalue->id);
}
// get the one-to-one-related child-record from "entries"
$Entry =& $settingvalue->FirstChild('entries');
$settingurl = $request->url_for(array('resource' => 'settings', 'id' => $settingvalue->id, 'action' => 'put'));
$setting_name = 'background_tile';
$boolean_options = array('0' => 'false', '1' => 'true');
$setting_list = $boolean_options;
$setting_mode = $Setting->find_by(array('name' => $setting_name, 'profile_id' => get_profile_id()));
if (!$setting_mode) {
$setting_mode = $Setting->base();
$setting_mode->set_value('profile_id', get_profile_id());
$setting_mode->set_value('person_id', get_person_id());
$setting_mode->set_value('name', $setting_name);
$setting_mode->set_value('value', '0');
$setting_mode->save_changes();
$setting_mode->set_etag();
$setting_mode = $Setting->find($setting_mode->id);
}
$setting_url = $request->url_for(array('resource' => 'settings', 'id' => $setting_mode->id, 'action' => 'put'));
$setting_entry = $setting_mode->FirstChild('entries');
return vars(array(&$setting_mode, &$setting_url, &$setting_entry, &$setting_list, &$Member, &$Entry, &$profile, &$settingurl, &$settingvalue, &$boolean_options), get_defined_vars());
}
/**
* User Login Action
*
* @return void
*/
function action_user_login() : void
{
if (registered()) {
redirect(url('user/dashboard'));
}
if ($data = http_post('data')) {
if (!empty($data['username']) && !empty($data['password']) && ($item = one('user', ['username' => $data['username'], 'active' => true, 'project_id' => project('ids')])) && password_verify($data['password'], $item['password'])) {
message(_('Welcome %s', $item['name']));
session_regenerate_id(true);
session('user', $item['id']);
redirect(url('user/dashboard'));
}
message(_('Invalid username and password combination'));
}
layout_load();
vars('head', ['title' => _('Login')]);
}
$ajax = AJAX::FormPost();
plog('--- $ajax: ' . vars($ajax));
// var_dump($ajax); die;
if (!isset($ajax['map'])) {
echo 'AJAX error!';
die;
}
$post_types = array(1 => 'changeMyPassword');
$modes = array();
foreach ($ajax['map'] as $form => $elements) {
$mode = matchvalue($post_types, $form);
if ($mode !== FALSE) {
$modes[] = $mode;
}
}
plog('--- detected ajax modes ' . vars($modes));
global $database;
foreach ($modes as $mode) {
switch ($mode) {
default:
Page::Redirect('dash?nosuchform');
break;
case 1:
if (!Session::logged_in()) {
Page::Redirect('login');
}
global $auth;
$old = AJAX::Value($ajax, 'changeMyPassword', 'password', 'old');
$change = AJAX::Value($ajax, 'changeMyPassword', 'password', 'new');
$repeat = AJAX::Value($ajax, 'changeMyPassword', 'password', 'confirm');
if (strlen($auth['password']) === 0 || Auth::PasswordMatches(ourcrypt($old), $auth['password'])) {
