function SecureContent() { if (LogIn("SecureContent")) { print '<h1>Secure Content</h1>'; print '<p>This is secure content</p>'; print '<p><a href="/auth/' . $_SESSION['session_id'] . '/?action=HomePage">Home Page</a></p>'; } else { print '<h1>Not Authorized</h1>'; } }
function init() { $accion = filter_input(INPUT_POST, 'accion'); if ($accion) { if ($accion == 'registrarEntrevista') { RegistrarEntrevista(); } if ($accion == 'consultarUsuarios') { ConsultarUsuarios(); } if ($accion == 'enviarInvitaciones') { EnviarInvitaciones(); } elseif ($accion == 'logIn') { LogIn(); } } else { Respoder(false, 'Debe indicar una acción', null); } }
function init() { $accion = filter_input(INPUT_POST, 'accion'); if ($accion) { if ($accion == 'registrarUsuario') { UsuarioNuevo(); } elseif ($accion == 'logIn') { LogIn(); } elseif ($accion == 'actualizarFoto') { ActualizarFoto(); } elseif ($accion == 'actualizarDocumento') { ActualizarDocumento(); } elseif ($accion == 'actualizarPassword') { ActualizarPassword(); } elseif ($accion == 'actualizarDatos') { ActualizarDatos(); } else { Respoder(false, 'No existe la acción', null); } } else { Respoder(false, 'Debe indicar una acción', null); } }
<?php require_once "sql.php"; require_once "config.php"; require_once "util.php"; $MAXCHARS = 254; $MAXLINES = 15; // compose.php POST { page, text } //----------------------------------------------------------------------------- try { if (!isset($_POST['text']) || !isset($_POST['page'])) { exit('error'); } $g_account = LogIn(); if ($g_account->page != $_POST['page']) { exit('wrongpage'); } // arduous text sanitization: $text = $_POST['text']; $text = str_replace('[[br]]', "\n", $text); // convert marked newlines to real newlines $text = trim($text); // trim whitespace if ($text == "") { exit('empty'); } // error if empty $text = htmlspecialchars($text); // escape html chars $text = nl2br($text, false); // convert newlines to html
image/busy8.png</idleImage> <idleImage><?php echo $DIR_SCRIPT_ROOT; ?> image/busy9.png</idleImage> </mediaDisplay> </item_template> <channel> <title>Weeb.tv</title> <menu>main menu</menu> <?php $disk = $_GET["disk"]; $cc = new cURL(); ReadSettings(); LogIn(); $html = $cc->get("http://weeb.tv/channels/live"); $videos = explode('<fieldset onclick', $html); unset($videos[0]); $videos = array_values($videos); foreach ($videos as $video) { $t1 = explode('<a href="', $video); $t2 = explode('"', $t1[1]); $lnk = $t2[0]; $t1 = explode('<img src="', $video); $t2 = explode('"', $t1[1]); $image = $t2[0]; $t1 = explode('">', $video); $t2 = explode('</a></p>', $t1[5]); $title = $t2[0]; echo '
<?php session_start(); if (!isset($_SESSION['user_id'])) { include_once 'framework\\db.php'; $message = LogIn(); if ($message) { header('Location: index.php'); } //TODO: pass message to index to show error type in future } include_once 'framework\\template.php'; ?> <!DOCTYPE html> <html> <?php WriteHeader(); ?> <body> <?php WriteResumePdfStyle(); ?> <div class="row" id="resumeBody"> <?php WriteResume(); ?> <form method="POST" action="cabinet.php"> <input type="hidden" value="<?php echo $user_id; ?>
$avatar = $_FILES['avatar']['type']; $allowed = array('image/gif', 'image/png', 'image/jpg', 'image/jpeg'); if (!in_array($avatar, $allowed)) { $url = "register.php"; $_SESSION['errors'] = ['message' => "Avatar images must be JPG, PNG or GIF"]; header('Location: ' . $url); } } if ($password != $password2 || !validPass($password)) { $url = "register.php"; $_SESSION['errors'] = ['message' => "Passwords should be at least 8 characters long and consist of at least one lowercase letter, one uppercase letter, a number (0-9) and a special character."]; header('Location: ' . $url); } if (!validUser($username)) { $url = "register.php"; $_SESSION['errors'] = ['message' => "Usernames can only consist of a-Z and _ (underscore) OR a user already exists with that name"]; header('Location: ' . $url); } if ($password == $password2 && validUser($username) && validPass($password)) { Insert($username, $password); LogIn($username, $password); $url = "frontPage.php"; $_SESSION['errors'] = ['message' => 'Success! Thank you for registering.']; header('Location: ' . $url); } echo 'Noooo'; } else { $url = "register.php"; $_SESSION['errors'] = ['message' => "Something went wrong, please try again."]; header('Location: ' . $url); }
<meta content="width=device-width, initial-scale=1.0" name="viewport" /> <?php echo $META_description; echo $META_author; ?> <link rel="shortcut icon" href="ili-upload/favicon.png"> <link href="ili-style/assets/bootstrap/css/bootstrap.min.css" rel="stylesheet" /> <link href="ili-style/assets/font-awesome/css/font-awesome.css" rel="stylesheet" /> <link href="ili-style/css/style.css" rel="stylesheet" /> <link href="ili-style/css/style_responsive.css" rel="stylesheet" /> <link href="ili-style/css/style_default.css" rel="stylesheet" id="style_color" /> </head> <!-- END HEAD --> <?php if (isset($_POST['email']) && isset($_POST['Password'])) { LogIn($_POST['email'], md5($_POST['Password'])); } ?> <!-- BEGIN BODY --> <body id="login-body"> <div class="login-header"> <!-- BEGIN LOGO --> <div id="logo" class="center"> <h4> <?php echo $sytem_title; ?> </h4> </div> <!-- END LOGO --> </div>
<form action="<?php echo $_SERVER['PHP_SELF']; ?> " method="post"> <input type="submit" name="searchWord" value="<?php echo $displayInput['KEYWORD']; ?> " /> </form> <?php } } else { if (isset($_POST['submitLogIn']) && $_POST['txtUsername'] != '' && $_POST['txtPassword'] != '') { $sUsername = $_POST['txtUsername']; $sPassword = $_POST['txtPassword']; if (LogIn($sUsername, $sPassword) == true) { $sSavedUser = $_COOKIE["SavedUserInfo"]; $result = mysql_query("SELECT KEYWORD FROM accounts WHERE ACCOUNT_NUMBER='{$sSavedUser}'") or die(mysql_error()); while ($displayInput = mysql_fetch_array($result)) { ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?> " method="post"> <input type="submit" name="searchWord" value="<?php echo $displayInput['KEYWORD']; ?> " /> </form> <?php }
function changePassword($newPassword, $id = "") { if ($newPassword == "" || !isActiveUser()) { return 4; } $link = getDBConnection(); if (mysqli_select_db($link, getDBName())) { $newPassword = md5(md5(trim(mysqli_real_escape_string($link, $newPassword)))); if (isAdmin() && $id != "") { $currentId = intval($id); } else { $currentId = intval(getActiveUserID()); } if (mysqli_query($link, "UPDATE users SET password = '******' WHERE id = {$currentId}")) { //logOff(); LogIn(md5(generateUniqueCode(10)), getActiveUserID()); return 0; } return 1; } else { return 2; } }
<?php $is_session_post = false; if (isset($_POST['login'])) { require_once 'authenticate.php'; $must_be_admin = isset($must_be_admin) ? $must_be_admin : false; if (($user_info = LogIn($_POST['username'], $_POST['password'], $must_be_admin)) === false) { $view_data['message'] = 'Username or password not recognised. Please try again.'; } $is_session_post = true; } elseif (isset($_POST['logout'])) { require_once 'authenticate.php'; LogOut(); $is_session_post = true; } elseif (isset($_POST['timeout'])) { require_once 'authenticate.php'; LogOut(); $view_data['message'] = 'Your session has expired. Please log in again to continue.'; $is_session_post = true; }
if (isActiveUser()) { header("Location: /"); } $loginFailed = false; $userBanned = false; if (isset($_POST['submitAuth'])) { $reason = ""; $data = getAuthorizationData(); //var_dump($data); if (!empty($data)) { if ($data['group'] == 'banned' && $data['password'] === md5(md5($_POST['password']))) { $userBanned = true; } else { if ($data['password'] === md5(md5($_POST['password']))) { $hash = md5(generateUniqueCode(10)); LogIn($hash, $data['id']); echo '<meta http-equiv="refresh" content="0; url=userCheckData.php?redirect=' . htmlspecialchars($_POST['redirect']) . '">'; exit; } else { //$reason = "Неправильный пароль!"; $loginFailed = true; } } } else { //$reason = "Проблемы с БД!"; $loginFailed = true; } } ?> <?php