public function register() { if (Session::get('loggedin')) { Url::redirect(''); } $data['title'] = "Registrace"; $model = new \Models\Users(); if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; $repeatPassword = $_POST['repeatPassword']; $email = $_POST['email']; if ($password == $repeatPassword) { if (!$model->exists($username)) { // array of values for new user $postdata = array('name' => $username, 'pass' => Password::make($password), 'email' => $email); $model->add($postdata); Url::redirect('login'); } else { $error[] = 'Jméno je již zabráno. Zkuste prosím jiné'; } } else { $error[] = 'Heslo a ověření hesla se neshodují. Zkuste je prosím vyplnit znovu.'; } } View::renderTemplate('header', $data); View::render('auth\\register', $data, $error); View::renderTemplate('footer', $data); }
public function edit($id) { $data['title'] = 'Edit Member'; $data['row'] = $this->model->get_member($id); if (isset($_POST['submit'])) { if ($_POST['token'] != Session::get('token')) { Url::redirect('admin/login'); } $username = $_POST['username']; $password = $_POST['password']; $email = $_POST['email']; if ($username == '') { $error[] = 'Username is required'; } if ($password == '') { $error[] = 'Password is required'; } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $error[] = 'Email is not valid'; } if (!$error) { $postdata = array('member_username' => $username, 'member_password' => Password::make($password), 'member_email' => $email); $where = array('member_id' => $id); $this->model->update_member($postdata, $where); Session::set('message', 'Member Updated'); Url::redirect('admin/members'); } } View::renderadmintemplate('header', $data); View::render('admin/members/edit', $data, $error); View::renderadmintemplate('footer', $data); }
public function create() { Session::init(); if (Session::get('username')) { if (Session::get('admin')) { Url::redirect('exec'); } } else { Url::redirect(''); } $data['title'] = 'Wishlist'; $tripId = \helpers\Session::get("tripId"); $data['applicants'] = $this->mab->get_wishlist($tripId); $data['roster'] = $this->mab->get_official_roster($tripId); foreach ($data['applicants'] as $applicants_info) { $applicants_info->age = $this->mab->get_age_at_time($applicants_info->dateOfBirth, date('Y-m-d', time())); } if (isset($_POST['draft'])) { $trip_id = $this->mab->verify_applicant($_POST['applicationId']); if ($trip_id == NULL) { $this->mab->add_to_trip($_POST['applicationId'], $tripId); $this->mab->applicant_becomes_person($_POST['applicationId']); $this->mab->person_becomes_trip_member($_POST['applicationId'], $tripId); } else { if ($trip_id == $tripId) { echo 'This is your participant'; } else { echo 'Application has already been drafted.'; } } } View::rendertemplate('header', $data); View::render('wishlist/wishlist', $data, $error); View::rendertemplate('footer', $data); }
public function handleFirstStep($post) { /* * @todo: xss security * @todo: csrf security * @todo: gump validation */ $name = $post['group_name']; $descr = $post['group_descr']; if (strlen($name) < 4) { $error[] = 'Group name is too short.'; } else { $check = $this->getGroupName($name); if (strtolower($check[0]->nume) == strtolower($name)) { $error[] = 'Group name already taken.'; } } $tokenString = hash('sha256', mt_rand()); $groupData = array('id_autor' => Session::get('id'), 'nume' => $name, 'descr' => $descr, 'completed' => $tokenString); if (!isset($error)) { $this->db->insert('grupuri', $groupData); setcookie('unfinished_group', $tokenString, time() + COOKIE_RUNTIME); Url::redirect(DIR . 'teacher/new-group-2', true); } return $error; }
public function register() { if (Session::get('logged')) { Url::redirect(); } $data['title'] = 'הרשמה'; if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; $email = $_POST['email']; if ($username == '') { $error[] = 'שם משתמש הוא שדה נדרש'; } if ($this->_model->get_user($username)) { $error[] = 'שם המשתמש תפוס, בעסה'; } if ($password == '') { $error[] = 'צריך סיסמא כדי להירשם, אחרת כל אחד יוכל להיכנס במקומך...'; } if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $error[] = 'כדי להירשם צריך מייל, למקרה ששכחת את הסיסמא'; } if (!$error) { $postdata = array('user_name' => $username, 'user_password' => Password::make($password), 'user_email' => $email); $this->_model->add_user($postdata); $this->login_user($username); // Session::set('message','User Added'); Url::redirect(); } } View::renderTemplate('header', $data); View::render('register', $data, $error); View::renderTemplate('footer', $data); }
public function index() { if (!Session::get('loggedin')) { Url::redirect('login'); } if (isset($_POST['submit']) && $_FILES['fileToUpload']['size'] > 0) { $name = !isset($_POST['productName']) || trim($_POST['productName']) == '' ? '' : $_POST['productName']; $price = !isset($_POST['productPrice']) || trim($_POST['productPrice']) == '' ? 0 : floatval($_POST['productPrice']); $description = !isset($_POST['productDescription']) || trim($_POST['productDescription']) == '' ? '' : $_POST['productDescription']; $target_dir = "uploads/"; $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = pathinfo($target_file, PATHINFO_EXTENSION); // Check if image file is a actual image or fake image if (isset($_POST["submit"])) { $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if ($check !== false) { //echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { //echo "File is not an image."; $uploadOk = 0; } } // Check if file already exists if (file_exists($target_file)) { $error = "Sorry, file already exists." . $error; $uploadOk = 0; } // Check file size if ($_FILES["fileToUpload"]["size"] > 500000) { $error = "Sorry, your file is too large." . $error; $uploadOk = 0; } // Allow certain file formats if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") { $error = "Sorry, only JPG, JPEG, PNG & GIF files are allowed." . $error; $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { $error = "Sorry, your file was not uploaded." . $error; // if everything is ok, try to upload file } else { //if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], str_replace(' ','-',strtolower($target_file)))) { //echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded."; $product['product'] = array('name' => $name, 'price' => $price, 'description' => $description, 'lastUpdate' => date('Y-m-d G:i:s')); $product['image'] = array('image' => file_get_contents($_FILES['fileToUpload']['tmp_name']), 'size' => $_FILES["fileToUpload"]["size"], 'type' => $imageFileType); $this->_model->insertProduct($product); //unlink(str_replace(' ','-',strtolower($target_file))); } } Hooks::addHook('js', 'Controllers\\menu@indexJS'); Hooks::addHook('css', 'Controllers\\menu@indexCss'); $data['title'] = 'index'; $data['username'] = Session::get('username'); View::rendertemplate('header', $data); View::render('menu/index', $data, $error); View::rendertemplate('footer', $data); }
public function index() { \helpers\Session::init(); if (\helpers\Session::get('username')) { if (\helpers\Session::get('admin')) { \helpers\url::redirect('exec'); } else { \helpers\url::redirect('welcome'); } } if ($_POST['submit']) { $is_valid = \helpers\gump::is_valid($_POST, array('fname' => 'required|alpha', 'lname' => 'required|alpha', 'dob' => 'required', 'gender' => 'required', 'year' => 'required', 'email' => 'required|valid_email', 'phone' => 'required', 'stunum' => 'required|numeric', 'issue1' => 'required', 'issue2' => 'required', 'issue3' => 'required')); if ($is_valid === true) { $this->submit(); } else { $data['errors'] = $is_valid; } } $data['title'] = "Apply"; $data['questions'] = $this->apply_model->getAllQuestions(); $data['issues'] = $this->apply_model->getAllIssues(); $data['options'] = $this->apply_model->getAllQuestionOptions(); $data['colleges'] = $this->apply_model->getAllColleges(); View::rendertemplate('header', $data); View::render('apply/apply', $data, $error); View::rendertemplate('footer', $data); }
public function __construct() { parent::__construct(); if (!Session::get('loggedin')) { Url::redirect('login'); } }
public function login() { if (Session::get('loggedin')) { Url::redirect('admin-panel'); } $data['title'] = 'Login'; if (isset($_POST['submit'])) { $correo = $_POST['correo']; $password = $_POST['password']; if ($correo == '' || !isset($correo)) { $data['error'][0] = 'Correo es un campo obligatorio'; } if ($password == '' || !isset($password)) { $data['error'][1] = 'Password es un campo obligatorio'; } if (Password::verify($password, $this->_model->getHash($correo)) == false) { $data['error'][2] = 'Correo o password incorrectos'; } if (!$data['error']) { $data['usuario'] = $this->_model->getUsuario($correo); Session::set('loggedin', true); Session::set('idUsuario', $data[usuario][0]->idUsuario); Session::set('nombre', $data[usuario][0]->nombre); Session::set('apellidoPaterno', $data[usuario][0]->apellidoPaterno); $dataUsuario = array('fechaConexion' => date("Y-m-d H:i:s")); $where = array('correo' => $correo); $this->_model->updateUsuario($dataUsuario, $where); Url::redirect('admin-panel'); } } View::renderTemplate('header', $data); View::render('Auth/Login', $data); View::renderTemplate('footer', $data); }
public function incrementLevel() { $levelActuel = Ajax::get('levelActuel'); $nbInstruction = Ajax::get('tokensLength'); $nbInstructionExecuted = Ajax::get('nbInstructions'); $scoreValue = Ajax::get('score'); $idJoueur = Session::get('id'); $lvlJoueur = Session::get('level'); echo "Nous sommes au level " . $levelActuel . " le joueur est au level " . $lvlJoueur; if ($levelActuel - 1 == $lvlJoueur) { $sql = "insert into score values (" . Session::get('id') . "," . $levelActuel . "," . $nbInstructionExecuted . "," . $nbInstruction . "," . $scoreValue . ");"; $sql2 = "update personne set currentLvl = " . $levelActuel . " where id= " . $idJoueur . ";"; echo $sql; echo $sql2; $instanceofdb = $this->entityManager = DBManager::getInstance(); $instanceofdb->prepare($sql); $instanceofdb->execute(); $instanceofdb->prepare($sql2); $instanceofdb->execute(); //currentLvl ++ Session::set('level', $levelActuel); } else { //si le niveau du jeu est inférieur à celui du joueur, on update son score s'il est meilleur $user = $this->userSQL->findById(Session::get('id')); if ($user->score < $scoreValue) { $sql = "update score set score = " . $scoreValue . ", nbInstructions= " . $nbInstructionExecuted . ", nbLignes= " . $nbInstruction . " where idPlayer= " . $idJoueur . ";"; $instanceofdb = $this->entityManager = DBManager::getInstance(); $instanceofdb->prepare($sql); $instanceofdb->execute(); } } }
public function login() { if (Session::get('loggedin')) { Url::redirect('admin'); } $model = new \Models\Admin\Auth(); $data['title'] = 'Login'; if (isset($_POST['submit'])) { $username = $_POST['member_username']; $password = $_POST['member_password']; if (Password::verify($_POST['member_password'], $model->getHash($_POST['member_username'])) == 0) { $error[] = 'Wrong username of password'; } else { $data['user_infos'] = $model->get_user_infos($_POST['member_username']); Session::set('member_id', $data['user_infos'][0]->member_id); Session::set('member_username', $username); Session::set('member_password', '' . $password . ''); Session::set('loggedin', true); Url::redirect('admin'); } } View::renderadmintemplate('loginheader', $data); View::render('admin/login', $data, $error); View::renderadmintemplate('footer', $data); }
public function applicationSpecificInitializations() { /** * Application specific initializations */ define('THIS_USER_ID', \Helpers\Session::get('user_id')); }
public function change_password() { //Sanitize Data using Gump helper $_POST = Gump::sanitize($_POST); if (isset($_POST['password'])) { //Validate data using Gump $is_valid = Gump::is_valid($_POST, array('current_password' => 'required', 'password' => 'required', 'password-again' => 'required')); if ($is_valid === true) { $user = $this->userSQL->find(Session::get('id')); if (Password::verify($_POST['current_password'], $user->password) === true) { if ($_POST['password'] != $_POST['password-again']) { $error[] = 'Les deux mots de passe ne sont pas identiques'; } } else { $error[] = 'mot de passe courant incorrect'; } } else { // $is_valid holds an array for the errors. $error = $is_valid; } if (!$error) { $user->password = Password::make($_POST['password']); $this->entityManager->save($user); Session::set('message', 'Votre mot de passe a bien été mis à jour'); Url::redirect(); } } $data['title'] = 'Change Password'; View::rendertemplate('header', $data); View::render('user/modification', $data, $error); View::rendertemplate('footer', $data); }
public function signin() { $userModel = new \Models\User(); $helper = $this->fb->getRedirectLoginHelper(); $permissions = ['email', 'user_likes']; // optional $callback_url = DIR . 'account/fblogin'; $this->data['loginUrl'] = $helper->getLoginUrl($callback_url, $permissions); if (isset($_POST['email']) && !empty($_POST['email'])) { $login = $userModel->login($_POST['email'], md5($_POST['password'])); if (!is_bool($login)) { Session::set('user_id', $login->user_id); Session::set('user', $login); //redirects user to last visited page $redirectUrl = Session::get('redirectLogin'); Session::destroy('redirectLogin'); if (isset($redirectUrl) && $redirectUrl != '') { Url::redirect($redirectUrl); } else { Url::redirect('board'); } } else { Session::set('error', 'Login Fails!'); } } $this->data['title'] = 'Sign In'; View::rendertemplate('header', $this->data); View::render('account/signin', $this->data); View::rendertemplate('footer', $this->data); }
public function login() { Hooks::addHook('js', 'Controllers\\auth@js'); Hooks::addHook('css', 'Controllers\\auth@css'); $error = 'hi'; $success = 'hi'; if (Session::get('loggedin')) { Url::redirect(); } if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; //validation if (Password::verify($password, $this->_model->getHash($username)) == false) { $error[] = 'Wrong username or password'; } //if validation has passed carry on if (!$error) { Session::set('loggedin', true); Session::set('username', $username); Session::set('memberID', $this->_model->getID($username)); $data = array('lastLogin' => date('Y-m-d G:i:s')); $where = array('memberID' => $this->_model->getID($username)); $this->_model->update($data, $where); $error = 'hi'; Url::redirect(); } } $data['title'] = 'Login'; View::rendertemplate('header', $data); View::render('auth/login', $data, $error, $success); View::rendertemplate('footer', $data); }
public function index() { $data['title'] = $this->language->get('beheer klanten'); $rechten = \Helpers\Session::get('rechten') - 1; $result = $this->getData('klanten', $rechten); $i = 1; foreach ($result as $key) { $data["users"] .= ' <tr> <td>' . $i . '</td> <td>' . $key->voornaam . '</td> <td>' . $key->tussenvoegsel . '</td> <td>' . $key->achternaam . '</td> <td>' . $key->email . '</td> <td style="text-align: right"> <a href="#" data-id="' . $key->klant_id . '" class="EditRow"><i class="fa fa-pencil-square-o fa-lg"></i></a> <a href="#" data-id="' . $key->klant_id . '" class="DeleteRow"><i class="fa fa-times fa-lg"></i></a> </td> </tr> '; $i++; } View::renderTemplate('header', $data); View::render('beheer/beheerklanten', $data); View::renderTemplate('footer', $data); }
/** * Resgata o tipo da model */ public static function getTypeModel() { $type = base64_decode(Session::get(md5(Request::getArea() . Request::getController() . Request::getAction()))); if ($type == null) { return 'stdClass'; } return $type; }
public function __construct() { parent::__construct(); if (!Session::get('loggedin')) { Url::redirect('admin-login'); } $this->_model = new \App\Models\Administrador(); }
/** * Call the parent construct */ public function __construct() { parent::__construct(); if (!Session::get('loggedin')) { Url::redirect('login'); } $this->language->load('Dashboard'); }
/** * return absolute path to selected template directory * @param string $path path to file from views folder * @param array $data array of data */ public static function rendertemplate($path, $data = false) { if (!headers_sent()) { foreach (self::$headers as $header) { header($header, true); } } require "app/templates/" . \helpers\Session::get('template') . "/{$path}.php"; }
public function about() { $data['title'] = 'About'; $data['css'] = 'app/templates/landing/css/About.css'; $data['logged'] = Session::get('loggedin'); $data = $this->handleHeader('about', $data); View::renderTemplate('header', $data, 'landing'); View::render('landing/about', $data); }
public function index() { $model = new \Models\Ratings(); $data['title'] = "Vaše recenze"; $data['ratings'] = $model->getRatingsAndTalesReview(Session::get('userID')); View::renderTemplate('header', $data); View::render('review\\ratings', $data, $error); View::renderTemplate('footer', $data); }
protected function before() { parent::before(); $userId = Session::get('userId'); if ($userId) { $this->user = new Model_User(); $this->user->get($userId); } }
public function get_current_user() { if ($this->_user) { return $this->_user; } if (Session::get('user')) { $this->_user = Session::get('user'); } return $this->_user; }
public static function authRole($role) { //CHECK IF USER IS LOGGED IN self::block(); $user = Session::get('user'); if ($user->role != $role) { // var_dump($user->role); Url::redirect('home'); } }
public function getUserPermissions($user_id = NULL) { self::init(); if (empty($user_id)) { $user_id = Session::get('id'); } $userPermissions = self::$db->select(" \n\t\t\t(\n SELECT name as permission_name, permission_id\n FROM " . PREFIX . "user_has_permissions AS uhp\n LEFT JOIN " . PREFIX . "permissions AS p\n ON p.id = uhp.permission_id\n WHERE\n user_id = :user_id\n )\n UNION\n ( \n SELECT p.name as permission_name, permission_id\n FROM " . PREFIX . "role_has_permissions AS rhp\n LEFT JOIN " . PREFIX . "user_has_roles AS uhr\n ON rhp.role_id = uhr.role_id\n LEFT JOIN " . PREFIX . "roles AS r\n ON r.id = uhr.role_id\n LEFT JOIN " . PREFIX . "permissions AS p\n ON p.id = rhp.permission_id\n WHERE\n user_id = :user_id\n ) \n\t\t\t", array(':user_id' => $user_id)); $this->permissions = $userPermissions; return $this->permissions; }
public function wishlist() { $tripId = \helpers\Session::get("tripId"); $data['applicants'] = $this->wishListModel->get_wishlist($tripId); foreach ($data['applicants'] as $applicants_info) { $applicants_info->age = $this->wishListModel->get_age_at_time($applicants_info->dateOfBirth, date('Y-m-d', time())); } View::rendertemplate('iframe_header', $data); View::render('draftBoard/wishlist', $data, $error); }
public static function none($level) { $sessionLogin = Session::get('loggedin'); if ($sessionLogin) { if ($level == 'student') { Url::redirect(DIR, true); } else { Url::redirect(DIR . 'teacher', true); } } }
protected static function getCurrentLanguage($code) { if ($code != LANGUAGE_CODE) { // User defined Language Code; nothing to do. } else { if (Session::exists('language')) { return Session::get('language'); } } return ucfirst($code); }
public function login() { $data['title'] = "Login"; $data['css'] = array("css/login.css"); if (\Helpers\Session::get('loggedin')) { View::renderTemplate('header', $data); View::render('auth/loggedin', $data); View::renderTemplate('footer', $data); return; } // If login data posted if (isset($_POST['submit'])) { // Check everything's there if (isset($_POST['username']) && isset($_POST['password'])) { // Check the password if ($_POST['password'] == "") { $data['error_message'] = "Your password isn't blank, mate."; } else { $password_confirmation = $this->_users->check_user($_POST['username'], $_POST['password']); if ($password_confirmation['correct']) { // LOG EM IN \helpers\session::set('loggedin', true); \helpers\session::set('username', $_POST['username']); // Redirect To URL if (isset($_POST['redirect']) && $_POST['redirect'] != "") { header('Location: ' . $_POST['redirect']); } else { header('Location: /manage/'); } return; } else { $data['error_message'] = $password_confirmation['message']; } } } if (isset($_POST['redirect'])) { $data['redirect'] = $_POST['redirect']; } } // Set the redirect if it hasn't already been set if (isset($_SERVER['HTTP_REFERER']) && (!isset($data['redirect']) || $data['redirect'] == "")) { // Check if the redirect came from us if (parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) == SITELOCATION) { // Check the URL wasn't the logout URL if (!strpos(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_PATH), '/logout')) { $data['redirect'] = parse_url($_SERVER['HTTP_REFERER'], PHP_URL_PATH); } } } View::renderTemplate('header', $data); View::render('auth/login', $data); View::renderTemplate('footer', $data); }