protected static function loginPost() { $email = type::post('email', 'string'); $password = type::post('password', 'string'); // Formular ganz abgesendet? if (is_null($email) || is_null($password) || $email == '' || $password == '') { echo message::info(lang::get('login_form_notfull'), true); return; } $sql = sql::factory(); $sql->query('SELECT password, id FROM ' . sql::table('user') . ' WHERE `email` = "' . $sql->escape($email) . '"'); // Username mit E-Mail vorhanden? if (!$sql->num()) { echo message::danger(sprintf(lang::get('login_no_user'), $email), true); return; } $sql->result(); // Password nicht gleich? if (!self::checkPassword($password, $sql->get('password'))) { echo message::danger(lang::get('login_pwd_false'), true); return; } self::loginSession(); self::$userID = $sql->get('id'); $_SESSION['login'] = $sql->get('id') . '||' . self::hash($password); }
protected static function loginPost() { $email = type::post('email', 'string'); $password = type::post('password', 'string'); $remember = type::post('remember', 'int'); if (is_null($email) || is_null($password) || $email == '' || $password == '') { echo message::info(lang::get('fill_out_both')); return; } $sql = new sql(); $sql->query('SELECT password, salt, id FROM ' . sql::table('user') . ' WHERE `email` = "' . $sql->escape($email) . '"'); if (!$sql->num()) { echo message::danger(sprintf(lang::get('email_not_found'), htmlspecialchars($email)), true); $shake = 1; return; } $sql->result(); if (!self::checkPassword($password, $sql->get('salt'), $sql->get('password'))) { echo message::danger(lang::get('wrong_pw')); $shake = 1; return; } self::loginSession(); self::$userID = $sql->get('id'); $_SESSION['login'] = $sql->get('id'); if ($remember) { setcookie("remember", $sql->get('id'), time() + 3600 * 24 * 7); } }
public function addToSql($sql) { $array = type::post('DYN_' . $this->DynType, 'array', []); foreach ($array as $key => $count) { if ($count > $this->counts) { continue; } $sqlName = $this->getSqlPrefix($type, $this->dynVars[2][$key]); $sql->addPost($sqlName, $this->dynVars[0][$key]); } return $sql; }
protected static function BackendAjax() { $sort = type::post('array', 'array'); $sql = sql::factory(); $sql->setTable('metainfos'); foreach ($sort as $s => $id) { $sql->setWhere('id=' . $id); $sql->addPost('sort', $s + 1); $sql->update(); } ajax::addReturn(message::success(lang::get('save_sorting'), true)); }
public static function saveBlock() { $id = type::post('id', 'int'); $sql = sql::factory(); $sql->setTable('blocks'); foreach (pageArea::$types as $class) { $class = new $class(); $sql = $class->addSaveValues($sql); } $sql->setWhere('id=' . $id); $sql->update(); }
public static function saveBlock() { $id = type::post('id', 'int'); $sql = sql::factory(); $sql->setTable('structure_area'); $sql->getPosts(['online' => 'int', 'modul' => 'int', 'structure_id' => 'int', 'sort' => 'int']); foreach (pageArea::$types as $class) { $class = new $class(); $sql = $class->addSaveValues($sql); } if ($id) { $sql->setWhere('id=' . $id); $sql->update(); } else { $sql->save(); } self::saveSortUp($sql->getPost('structure_id'), $sql->getPost('sort')); }
protected static function loginPost() { $email = type::post('email', 'string'); $password = type::post('password', 'string'); // Formular ganz abgesendet? if (is_null($email) || is_null($password) || $email == '' || $password == '') { echo message::info(lang::get('login_form_notfull'), true); return; } $sql = sql::factory(); $sql->query('SELECT password, salt, id FROM ' . sql::table('user') . ' WHERE `email` = "' . $sql->escape($email) . '"'); // Username mit E-Mail vorhanden? if (!$sql->num()) { echo message::danger(sprintf(lang::get('login_no_user'), htmlspecialchars($email)), true); return; } $sql->result(); // Password nicht gleich? if (!self::checkPassword($password, $sql->get('salt'), $sql->get('password'))) { echo message::danger(lang::get('login_pwd_false'), true); return; } self::loginSession(); self::$userID = $sql->get('id'); $_SESSION['login'] = $sql->get('id'); // Falls alte Methode (sha1) neuen Salt generieren und salt updaten // sha1 deprecated 0.2 Beta $salt = $sql->get('salt'); if (empty($salt)) { $salt = self::generateSalt(); $sql->setTable('user'); $sql->setWhere('`email` = "' . $email . '"'); $sql->addPost('salt', $salt); $sql->addPost('password', self::hash($password, $salt)); $sql->update(); } }
public static function checkLogin() { $username = type::post('username', 'string', ''); $password = type::post('password', 'string', ''); if ($username == '' || $password == '') { echo message::info(lang::get('login_form_notfull'), true); return; } $sql = sql::factory(); $sql->query('SELECT password, salt, id FROM ' . sql::table('community_user') . ' WHERE `username` = "' . $sql->escape($username) . '"'); if (!$sql->num()) { echo message::danger(sprintf(lang::get('login_no_user'), $email), true); return; } $sql->result(); if (!userLogin::checkPassword($password, $sql->get('salt'), $sql->get('password'))) { echo message::danger(lang::get('login_pwd_false'), true); return; } $_SESSION['community-login'] = $sql->get('id'); self::checkSession(); // Für spätere Foren-Bridges extension::get('COMMUNITY_USER_LOGIN', $password); }
public function getPosts($post) { if (!is_array($post)) { //throw new Exception(); } foreach ($post as $val => $cast) { $this->values[$val] = $this->escape(type::post($val, $cast, '')); } return $this; }
<div class="row"> <?php // Wenn Aktion == add // UND Wenn Sortierung von SQL gleich der $_GET['sort'] // UND Wenn Formular noch nicht abgeschickt worden if ($action == 'add' && $sort == $i && !$form->isSubmit()) { echo pageAreaHtml::formOut($form); } else { echo pageAreaHtml::selectBlock($module->getStructureId()); } // Wenn Aktion == edit // UND Wenn ID von SQL gleich der $_GET['id'] // UND // Wenn Formular noch nicht abgeschickt worden // ODER Abgeschickt worden ist und ein Übernehmen geklickt worden ist if ($action == 'edit' && $id == $sql->get('id') && (!$form->isSubmit() || $form->isSubmit() && !is_null(type::post('save-back')))) { echo pageAreaHtml::formOut($form); } else { if ($sql->get('online')) { $class = 'online fa fa-check'; } else { $class = 'offline fa fa-times'; } $button = ['<a href="' . url::backend('structure', ['subpage' => 'pages', 'structure_id' => $structure_id, 'action' => 'online', 'id' => $sql->get('id')]) . '" class="btn btn-sm dyn-' . $class . '"></a>', '<a href="' . url::backend('structure', ['subpage' => 'pages', 'structure_id' => $structure_id, 'action' => 'edit', 'id' => $sql->get('id')]) . '" class="btn btn-default btn-sm fa fa-edit"></a>', '<a href="' . url::backend('structure', ['subpage' => 'pages', 'structure_id' => $structure_id, 'action' => 'delete', 'id' => $sql->get('id')]) . '" class="btn btn-danger btn-sm fa fa-trash-o delete"></a>']; echo bootstrap::panel($sql->get('name'), $button, $module->OutputFilter($sql->get('output'), $sql)); } ?> </div> </li> <?php $sql->next();
<div class="col-sm-8"> <input type="text" name="database" value="<?php echo type::post('database'); ?> "> </div> </div> <div class="input row"> <label class="col-sm-4"><?php echo lang::get('prefix'); ?> </label> <div class="col-sm-8"> <input type="text" name="prefix" value="<?php echo type::post('prefix'); ?> "> </div> </div> <hr> <a href="?page=lang" class="button light nospace pull-left"><?php echo lang::get('back'); ?> </a> <button type="submit" class="nospace pull-right"><?php echo lang::get('save'); ?>
?> " value="<?php echo type::post('email'); ?> "> <input type="password" name="password" placeholder="<?php echo lang::get('password'); ?> "> <div class="foot"> <div class="switch"> <input name="remember" id="remember" value="1" type="checkbox" <?php echo type::post('remember', 'int') ? 'checked="checked"' : ''; ?> > <label for="remember"></label> <div><?php echo lang::get('remember_login'); ?> </div> </div> <button name="login" type="submit"> <?php echo layout::svg('check'); ?> </button>
$title = lang::get('module_add'); } if ($form->isSubmit()) { pageCache::clearAll(); } $back = '<a class="btn btn-sm btn-default" href="' . url::backend('structure', ['subpage' => 'module']) . '">' . lang::get('back') . '</a>'; ?> <div class="row"><?php echo bootstrap::panel($title, [$button, $back], $form->show()); ?> </div> <?php } if ($action == '') { if (ajax::is()) { $sort = type::post('array', 'array'); $sql = sql::factory(); $sql->setTable('module'); foreach ($sort as $s => $id) { $sql->setWhere('id=' . $id); $sql->addPost('sort', $s + 1); $sql->update(); } ajax::addReturn(message::success(lang::get('save_sorting'), true)); } $table = table::factory(['class' => ['js-sort']]); $table->addCollsLayout('20,*,110'); $table->addRow()->addCell()->addCell(lang::get('name'))->addCell(lang::get('action')); $table->addSection('tbody'); $table->setSql('SELECT * FROM ' . sql::table('module') . ' ORDER BY sort '); if ($table->numSql()) {
<?php $secondpage = type::super('secondpage', 'string'); if (!is_null($secondpage) && dyn::get('user')->hasPerm('page[content]')) { if (!is_null(type::post('save-back')) || !is_null(type::post('save'))) { slot::saveBlock(); echo message::success(lang::get('structure_content_save'), true); } if ($secondpage == 'show') { $sql = sql::factory(); $sql->query(' SELECT s.*, m.output FROM ' . sql::table('slots') . ' AS s LEFT JOIN ' . sql::table('module') . ' AS m ON m.id = s.modul WHERE s.id=' . $id)->result(); $pageArea = new pageArea($sql); $form = form::factory('module', 'id=' . $sql->get('modul'), 'index.php'); $form->setSave(false); $form->addFormAttribute('class', ''); $form->setSuccessMessage(null); $input = $pageArea->OutputFilter($form->get('input'), $sql); $form->addRawField($input); $form->addHiddenField('secondpage', $secondpage); $form->addHiddenField('id', $id); ?> <div class="row"> <div class="col-lg-12">
<?php $catId = type::super('catId', 'int', 0); $subaction = type::super('subaction', 'string'); if ($action == 'delete' && dyn::get('user')->hasPerm('media[delete]')) { echo mediaUtils::deleteFile($id); $action = ''; } if ($action == 'deleteFiles') { $files = type::post('file', '', []); foreach ($files as $id) { echo mediaUtils::deleteFile($id); } $action = ''; } if (in_array($action, ['add', 'edit']) && dyn::get('user')->hasPerm('media[edit]')) { $form = form::factory('media', 'id=' . $id, 'index.php'); $form->addFormAttribute('enctype', 'multipart/form-data'); $field = $form->addTextField('title', $form->get('title')); $field->fieldName(lang::get('title')); $field->autofocus(); $category = type::session('media_cat', 'int', $form->get('category')); $field = $form->addRawField('<select class="form-control" name="category">' . mediaUtils::getTreeStructure(0, 0, ' ', $category) . '</select>'); $field->fieldName(lang::get('category')); $field = $form->addRawField('<input type="file" name="file" />'); $field->fieldName(lang::get('select_file')); if ($action == 'edit') { $form->addHiddenField('id', $id); } if ($form->isSubmit()) { type::addSession('media_cat', $form->get('category'));
public function get($value, $default = null) { // Falls per Post übermittelt return type::post($value); }
/** * Überprüfen ob auf Übernehmen geklickt worde nist * * @return bool * */ public function isSaveEdit() { return !is_null(type::post('save-back')); }
$new = new sql(); $new->setTable('user'); $admin = isset($_POST['admin']) ? 1 : 0; $salt = userLogin::generateSalt(); $new->addPost('salt', $salt); $new->addPost('firstname', type::post('firstname')); $new->addPost('name', type::post('name')); $new->addPost('email', type::post('email')); $new->addPost('admin', $admin); $new->addPost('username', type::post('username')); $new->addPost('password', userLogin::hash(type::post('password'), $salt)); $new->save(); echo message::success(lang::get('user_added')); } if (isset($_POST['delete'])) { $ids = type::post('ids'); if (is_array($ids) && count($ids) >= 1) { if (in_array(rp::get('user')->get('id'), $ids)) { echo message::danger(lang::get('user_delete_own')); } else { foreach ($ids as $var) { $sql = new sql(); $sql->setTable('user'); $sql->setWhere("id=" . $var); $sql->delete(); } echo message::success(lang::get('user_deleted')); } } else { echo message::danger(lang::get('choose_user')); }
<div class="col-sm-8"> <input type="email" name="email" value="<?php echo type::post('email'); ?> "> </div> </div> <div class="input row"> <label class="col-sm-4"><?php echo lang::get('password'); ?> </label> <div class="col-sm-8"> <input type="password" name="password" value="<?php echo type::post('password'); ?> "> </div> </div> <hr> <a href="?page=server" class="button light nospace pull-left"><?php echo lang::get('back'); ?> </a> <button type="submit" class="nospace pull-right"><?php echo lang::get('finish'); ?>
<?php if (!dyn::get('backend')) { if (!is_null(type::post('community_login', 'string'))) { community_user::checkLogin(); } else { community_user::checkSession(); } } else { userPerm::add('coummunity[]', 'Community Administrator'); backend::addAddonNavi(lang::get('community'), url::backend('community'), 'group', -1, function () { return dir::addon('community', 'page' . DIRECTORY_SEPARATOR . 'community.php'); }); }
public static function newInstall() { $sql = new sql(); $sql->query('DROP TABLE `' . sql::table('module') . '`'); $sql->query('CREATE TABLE `' . sql::table("module") . '` ( `id` int(16) unsigned NOT NULL auto_increment, `name` varchar(255) NOT NULL, `input` text NOT NULL, `output` text NOT NULL, `sort` int(16) unsigned NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8;'); $sql->query('DROP TABLE `' . sql::table('structure') . '`'); $sql->query('CREATE TABLE `' . sql::table("structure") . '` ( `id` int(16) unsigned NOT NULL auto_increment, `name` varchar(255) NOT NULL, `template` varchar(255) NOT NULL, `sort` int(16) unsigned NOT NULL, `parent_id` int(16) unsigned NOT NULL, `online` int(1) unsigned NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8;'); $sql->query('DROP TABLE `' . sql::table('user') . '`'); $sql->query('CREATE TABLE `' . sql::table("user") . '` ( `id` int(11) unsigned NOT NULL auto_increment, `firstname` varchar(255) NOT NULL, `name` varchar(255) NOT NULL, `email` varchar(255) NOT NULL, `password` varchar(255) NOT NULL, `perms` varchar(255) NOT NULL, `admin` int(1) unsigned NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8;'); $sql->setTable('user'); $sql->addPost('firstname', type::post('firstname')); $sql->addPost('name', type::post('name')); $sql->addPost('email', type::post('email')); $sql->addPost('password', userLogin::hash(type::post('password'))); $sql->addPost('admin', 1); $sql->save(); $sql->query('DROP TABLE `' . sql::table('structure_area') . '`'); $sql->query('CREATE TABLE `' . sql::table("structure_area") . '` ( `id` int(16) unsigned NOT NULL auto_increment, `structure_id`int(16) unsigned NOT NULL, `sort` int(16) unsigned NOT NULL, `modul` int(16) unsigned NOT NULL, `online` int(1) unsigned NOT NULL, `value1` text NOT NULL, `value2` text NOT NULL, `value3` text NOT NULL, `value4` text NOT NULL, `value5` text NOT NULL, `value6` text NOT NULL, `value7` text NOT NULL, `value8` text NOT NULL, `value9` text NOT NULL, `value10` text NOT NULL, `value11` text NOT NULL, `value12` text NOT NULL, `value13` text NOT NULL, `value14` text NOT NULL, `value15` text NOT NULL, `link1` int(11) NOT NULL, `link2` int(11) NOT NULL, `link3` int(11) NOT NULL, `link4` int(11) NOT NULL, `link5` int(11) NOT NULL, `link6` int(11) NOT NULL, `link7` int(11) NOT NULL, `link8` int(11) NOT NULL, `link9` int(11) NOT NULL, `link10` int(11) NOT NULL, `linklist1` varchar(255) NOT NULL, `linklist2` varchar(255) NOT NULL, `linklist3` varchar(255) NOT NULL, `linklist4` varchar(255) NOT NULL, `linklist5` varchar(255) NOT NULL, `linklist6` varchar(255) NOT NULL, `linklist7` varchar(255) NOT NULL, `linklist8` varchar(255) NOT NULL, `linklist9` varchar(255) NOT NULL, `linklist10` varchar(255) NOT NULL, `php1` text NOT NULL, `php2` text NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8;'); $sql->query('DROP TABLE `' . sql::table('addons') . '`'); $sql->query('CREATE TABLE `' . sql::table("addons") . '` ( `id` int(11) unsigned NOT NULL auto_increment, `name` varchar(255) NOT NULL, `active` int(1) NOT NULL, `install` int(1) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8;'); $sql->query('DROP TABLE `' . sql::table('slots') . '`'); $sql->query('CREATE TABLE `' . sql::table("slots") . '` ( `id` int(11) unsigned NOT NULL auto_increment, `name` varchar(255) NOT NULL, `description` varchar(255) NOT NULL, `template` varchar(255) NOT NULL, `modul` int(11) unsigned NOT NULL, `is-structure`int(1) unsigned NOT NULL DEFAULT "1", `structure` varchar(255) NOT NULL, `value1` text NOT NULL, `value2` text NOT NULL, `value3` text NOT NULL, `value4` text NOT NULL, `value5` text NOT NULL, `value6` text NOT NULL, `value7` text NOT NULL, `value8` text NOT NULL, `value9` text NOT NULL, `value10` text NOT NULL, `value11` text NOT NULL, `value12` text NOT NULL, `value13` text NOT NULL, `value14` text NOT NULL, `value15` text NOT NULL, `link1` int(11) NOT NULL, `link2` int(11) NOT NULL, `link3` int(11) NOT NULL, `link4` int(11) NOT NULL, `link5` int(11) NOT NULL, `link6` int(11) NOT NULL, `link7` int(11) NOT NULL, `link8` int(11) NOT NULL, `link9` int(11) NOT NULL, `link10` int(11) NOT NULL, `linklist1` varchar(255) NOT NULL, `linklist2` varchar(255) NOT NULL, `linklist3` varchar(255) NOT NULL, `linklist4` varchar(255) NOT NULL, `linklist5` varchar(255) NOT NULL, `linklist6` varchar(255) NOT NULL, `linklist7` varchar(255) NOT NULL, `linklist8` varchar(255) NOT NULL, `linklist9` varchar(255) NOT NULL, `linklist10` varchar(255) NOT NULL, `php1` text NOT NULL, `php2` text NOT NULL, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8;'); }
sql::sortTable('media_cat', 0, '`pid` = ' . $sql->get('pid')); echo message::success(lang::get('file_deleted')); } } if (in_array($action, ['save-add', 'save-edit']) && dyn::get('user')->hasPerm('media[category][edit]')) { $sql = sql::factory(); $sql->setTable('media_cat'); $sql->setWhere('id=' . $id); $sql->getPosts(['name' => 'string', 'sort' => 'int', 'pid' => 'int']); if ($action == 'save-edit') { $sql->update(); } else { $sql->save(); } $sort = type::post('sort', 'int'); $parent_id = type::post('pid', 'int'); sql::sortTable('media_cat', $sort, '`pid` = ' . $parent_id . ' AND id != ' . $id); } $table = table::factory(['class' => ['js-sort']]); $colFirstWidth = $action == 'edit' || $action == 'add' ? 50 : 25; $table->addCollsLayout($colFirstWidth . ',*, 110'); $table->addRow()->addCell()->addCell(lang::get('category'))->addCell(lang::get('action')); $table->addSection('tbody'); $table->setSql('SELECT * FROM ' . sql::table('media_cat') . ' WHERE pid = ' . $pid . ' ORDER BY sort ASC'); if (in_array($action, ['edit', 'add']) && dyn::get('user')->hasPerm('media[category][edit]')) { echo '<form method="post" action="index.php">'; $inputHidden = formInput::factory('action', 'save-' . $action); $inputHidden->addAttribute('type', 'hidden'); echo $inputHidden->get(); $inputHidden = formInput::factory('page', 'media'); $inputHidden->addAttribute('type', 'hidden');
fwrite($fp, $newCSS); fclose($fp); } catch (exception $e) { echo message::danger($e->getMessage()); $error = true; } if (!$error) { echo message::success(lang::get('generate_css_success')); } } if (isset($_POST['send'])) { rp::add('lang', type::post('lang', 'string'), true); rp::add('logs', type::post('logs', 'int'), true); rp::add('ip', type::post('ip', 'string'), true); rp::add('email', type::post('email', 'string'), true); rp::add('emailNot', type::post('emailNot', 'int'), true); rp::save(); echo message::success(lang::get('settings_edited')); } ?> <div class="row"> <form action="" method="post"> <div class="col-md-7"> <div class="panel"> <div class="top"> <h3><?php echo lang::get('general');
/** * Inits the RequestHandle * @param type $requestObject */ public static function init($requestObject) { // Set the postData self::setPostData($requestObject->post()); // Sanitize the URI $explodedURI = explode('/', $requestObject::detect_uri()); $sanitizedArrayURI = array(); // Iterate the exploded stuff foreach ($explodedURI as $part) { if (!empty($part)) { $sanitizedArrayURI[] = htmlentities($part); } } // Check if the first element is given if (isset($sanitizedArrayURI[0])) { // Set URI self::setUri(htmlentities($sanitizedArrayURI[0])); } // Check if there is anything else if (isset($sanitizedArrayURI[1])) { // Unset the first element (it is the uri part inside "_uri" unset($sanitizedArrayURI[0]); // Sanitize the array $sanitizedArrayURI = array_values($sanitizedArrayURI); // And set the uri params self::setUriParams($sanitizedArrayURI); } // Set protocol self::setProtocol(self::checkProtocol()); // Set ajax bool self::setIsAjax(self::checkIfAjax()); if (!self::getIsAjax()) { // Require HTTP layer require_once MODPATH . '/chatmate/classes/Helper/Http.php'; // ChatMate $controllerToCall = new ChatMate_Http(); } else { // Require AJAX layer require_once MODPATH . '/chatmate/classes/Helper/Ajax.php'; $controllerToCall = new ChatMate_Ajax(); } // Call the layer return $controllerToCall::route(self::getUri(), self::getUriParams(), self::getPostData()); }
public function getPosts($post) { if (!is_array($post) && rp::get('debug')) { throw new InvalidArgumentException(__CLASS__ . '::' . __METHOD__ . ' ertwartet als 1. Parameter ein array'); } foreach ($post as $val => $cast) { $this->values[$val] = $this->escape(type::post($val, $cast, '')); } return $this; }