Authentication::suspendUser($_POST['user']);
$successAlert = 1;
}
// Deal with unban form
if ($_GET['action'] == 'unban' && isset($_POST['unbanID'])) {
Authentication::reinstateUser($_POST['unbanID']);
$successAlert = 1;
}
if ($_GET['action'] == 'deactivate' && isset($_POST['uid'])) {
Authentication::deactivateUser($_POST['uid']);
$successAlert = 1;
}
}
$sqlSuspend = "SELECT * FROM `users` WHERE `suspended` = '0'";
$resultSuspend = openRailwayCore::dbQuery($sqlSuspend);
$sqlReinstate = "SELECT * FROM `users` WHERE `suspended` = '1'";
$resultReinstate = openRailwayCore::dbQuery($sqlReinstate);
$main = new Template();
$main->set_custom_template("includes/", 'default');
$main->assign_var('ROOT', ROOT);
while ($accountSuspend = mysql_fetch_assoc($resultSuspend)) {
$main->assign_block_vars('user_loop', array('UID' => $accountSuspend['user_id'], 'NAME' => $accountSuspend['username'], 'SID' => $accountSuspend['staff_id']));
}
while ($accountReinstate = mysql_fetch_assoc($resultReinstate)) {
$main->assign_block_vars('user_sus_loop', array('UID' => $accountReinstate['user_id'], 'NAME' => $accountReinstate['username'], 'SID' => $accountReinstate['staff_id']));
}
if (mysql_num_rows($resultReinstate) == 0) {
$main->assign_block_vars('if_no_results', array());
}
$main->set_filenames(array('main' => "usr_ban.html"));
$main->display('main');
<?php
include "config.php";
session_start();
openRailwayCore::initialisation();
openRailwayCore::dbConnect();
Authentication::blockPageToVisitors();
// Process login info section
$ipAddr = $_SESSION['user_ip'];
$loginTime = date('l jS F Y H:i:s T', $_SESSION['log_in_time']);
use phpbrowscap\Browscap;
$bc = new Browscap(FROOT . "cache");
// $browser = $bc->getBrowser(); COMMENTED OUT AS XAMPP DOES NOT SUPPORT
openRailwayCore::pageHeader("Your dashboard");
$template = new Template();
$template->set_custom_template("theme/" . STYLE, 'default');
$template->assign_var('IP_ADDR', $ipAddr);
$template->assign_var('LOGTIME', $loginTime);
if (isset($browser['parent']) && isset($browser['platform'])) {
$template->assign_var('BRWSR', $browser['parent'] . " on " . $browser['platform']);
}
$template->set_filenames(array('body' => 'home.html'));
$template->display('body');
openRailwayCore::pageFooter();
/**
* Builds the file integrity table
*
*/
public static function buildFileIntegrity()
{
$files = array();
// Extensions to fetch, an empty array will return all extensions
$ext = array("php", "html");
// Directories to ignore, an empty array will check all directories
$skip = array();
// Build profile
$dir = new RecursiveDirectoryIterator(FROOT);
$iter = new RecursiveIteratorIterator($dir);
while ($iter->valid()) {
// Skip unwanted directories
if (!$iter->isDot() && !in_array($iter->getSubPath(), $skip)) {
// get specific file extensions
if (!empty($ext)) {
// PHP 5.3.4: if (in_array($iter->getExtension(), $ext)) {
if (in_array(pathinfo($iter->key(), PATHINFO_EXTENSION), $ext)) {
$files[$iter->key()] = hash_file("sha1", $iter->key());
}
} else {
// ignore file extensions
$files[$iter->key()] = hash_file("sha1", $iter->key());
}
}
$iter->next();
}
// Add hashes to databases
openRailwayCore::logEvent(time(), openRailwayCore::createInteractionIdentifier(), null, 5, 1, "File integrity hash table built");
foreach ($files as $k => $v) {
$sql = "INSERT INTO integrity_hashes (file_path,file_hash) VALUES ('" . $k . "','" . $v . "')";
openRailwayCore::dbQuery($sql);
}
}
<?php
Authentication::accessLevelController(8, '>');
// Deal with logout form
if (isset($_GET['action']) && $_GET['action'] == "force" && isset($_POST['uid'])) {
Authentication::logUserOut($_POST['uid'], openRailwayCore::createInteractionIdentifier(), 1);
}
$sql = "SELECT * FROM `sessions`";
$result = openRailwayCore::dbQuery($sql);
$main = new Template();
$main->set_custom_template("includes/", 'default');
$main->assign_var('ROOT', ROOT);
while ($sessions = mysql_fetch_assoc($result)) {
$ipGeoLoc = array();
$ipGeoLoc = Authentication::checkIPLocation($sessions['user_ip']);
if ($ipGeoLoc['town'] == '') {
$geoLoc = null;
} else {
$geoLoc = $ipGeoLoc['town'] . ", " . $ipGeoLoc['state'] . ", " . $ipGeoLoc['country'];
}
$main->assign_block_vars('usr_sess', array('SESSID' => $sessions['session_id'], 'LOGIN' => date("d-M-Y H:i:s", $sessions['log_in_time']), 'LASTACTIVE' => date("d-M-Y H:i:s", $sessions['last_active_time']), 'UID' => $sessions['user_id'], 'SID' => $sessions['staff_id'], 'IP' => $sessions['user_ip'], 'GEOLOC' => $geoLoc, 'UA' => $sessions['user_agent'], 'SAL' => $sessions['session_access_level']));
}
$main->set_filenames(array('main' => "usr_sess.html"));
$main->display('main');
/**
* Reinstates a user account
* @param integer $uid The user account to reinstate
*/
public static function reinstateUser($uid)
{
$sql = "UPDATE `users` SET `suspended` = '0' WHERE user_id = '" . $uid . "'";
$result = openRailwayCore::dbQuery($sql);
openRailwayCore::logEvent(time(), openRailwayCore::createInteractionIdentifier(), $_SESSION['user_id'], 5, 1, "User (UID: " . $uid . ") reinstated by user (UID: " . $_SESSION['user_id'] . ")");
}
