public function setting() { global $CONFIG, $basedomain; $id = $this->admin['admin']['id']; $x = form_validation($_POST); unset($x['token']); if (isset($_POST['old_password'])) { $old_password = sha1($x['old_password'] . $this->admin['admin']['salt']); if ($old_password == $this->admin['admin']['password']) { unset($x['old_password']); unset($x['repassword']); $x['password'] = sha1($x['password'] . $this->admin['admin']['salt']); } else { echo "<script>alert('Denied. Wrong password');window.location.href='" . $CONFIG['admin']['base_url'] . "profile'</script>"; } } else { $x['password'] = $this->admin['admin']['password']; } $data = $this->models->updSettings($x, $id); if (_p('token')) { $getUser = $this->models->updSess($x); if ($getUser) { echo "<script>alert('Settings has been saved.');window.location.href='" . $CONFIG['admin']['base_url'] . "profile'</script>"; } else { redirect($basedomain . $CONFIG['admin']['login']); } exit; } }
public function videoinp() { global $CONFIG; $redirect = $CONFIG['admin']['base_url'] . 'video'; if (intval($_SERVER['CONTENT_LENGTH']) > 0 && count($_POST) === 0) { $message = 'Upload file failed. Max size is ' . ini_get('post_max_size'); echo "<script>alert('" . $message . "');window.location.href='" . $redirect . "'</script>"; } else { if (isset($_POST['n_stats'])) { if ($_POST['n_stats'] == 'on') { $_POST['n_stats'] = 1; } } else { $_POST['n_stats'] = 0; } if (isset($_POST)) { // validasi value yang masuk $x = form_validation($_POST); try { if (isset($x) && count($x) != 0) { //update or insert $x['action'] = 'insert'; if ($x['id'] != '') { $x['action'] = 'update'; } //upload file if (!empty($_FILES)) { if ($_FILES['file_video']['name'] != '') { $path = 'video'; if ($x['action'] == 'update') { deleteFile($x['video_name'], $path); } $image = uploadFile('file_video', $path, 'video_ext'); $x['video_url'] = $CONFIG['admin']['app_url'] . $image['folder_name'] . $image['full_name']; $x['video_name'] = $image['full_name']; } } $data = $this->models->video_inp($x); } } catch (Exception $e) { } $message = 'Save video succeed'; echo "<script>alert('" . $message . "');window.location.href='" . $redirect . "'</script>"; } } }
public function bannerinp() { global $CONFIG; if (isset($_POST['n_status'])) { if ($_POST['n_status'] == 'on') { $_POST['n_status'] = 1; } } else { $_POST['n_status'] = 0; } if (isset($_POST)) { // validasi value yang masuk $x = form_validation($_POST); try { if (isset($x) && count($x) != 0) { //update or insert $x['action'] = 'insert'; if ($x['id'] != '') { $x['action'] = 'update'; } //upload file if (!empty($_FILES)) { if ($_FILES['file_image']['name'] != '') { $path = 'banner'; if ($x['action'] == 'update') { deleteFile($x['image'], $path . '/image'); } if ($x['action'] == 'update') { deleteFile($x['icon'], $path . '/icon'); } $image = uploadFile('file_image', $path, 'image'); $x['image_url'] = $CONFIG['admin']['app_url'] . $image['folder_name'] . $image['full_name']; $x['image'] = $image['full_name']; } } $data = $this->models->banner_inp($x); } } catch (Exception $e) { } $redirect = $CONFIG['admin']['base_url'] . 'banner'; $message = 'Save data succeed'; echo "<script>alert('" . $message . "');window.location.href='" . $redirect . "'</script>"; } }
public function inputPage() { global $CONFIG; pr($_FILES); // pr($_POST); if (isset($_POST)) { // validasi value yang masuk $x = form_validation($_POST); // pr($x); try { if (isset($x) && count($x) != 0) { //update or insert //upload file if (!empty($_FILES)) { // if($x['gallerytype'] == '9'){ // $path_upload = 'gallery/images'; // }else{ // $path_upload = 'uploadBlog'; // } // pr($_FILES); // pr($_FILES); $image = uploadFile('userfile', $path_upload, 'image'); // pr($image); // foreach ($_FILES['userfile'] as $filekey => $file){ // pr($image); // pr($file); $x['image_url'] = $CONFIG['admin']['app_url'] . $image[0]['folder_name'] . $image[0]['full_name']; $x['image'] = $image['full_name']; $data = $this->pageModel->InpPage($x); // } } } } catch (Exception $e) { } // exit; $redirect = $CONFIG['admin']['base_url'] . 'page'; echo "<script>alert('Data berhasil di simpan');window.location.href='" . $redirect . "'</script>"; } }
public function inputBlog() { global $CONFIG; if (isset($_POST)) { $x = form_validation($_POST); try { if (isset($x) && count($x) != 0) { if (!empty($_FILES)) { $image = uploadFile('userfile', $path_upload, 'image'); foreach ($_FILES['userfile'] as $filekey => $file) { $x['image_url'] = $CONFIG['admin']['app_url'] . $image[$filekey]['folder_name'] . $image[$filekey]['full_name']; $x['image'] = $image['full_name']; $data = $this->blogModel->InpBlog($x); } } } } catch (Exception $e) { } $redirect = $CONFIG['admin']['base_url'] . 'blog/addBlog'; echo "<script>alert('Data berhasil di simpan');window.location.href='" . $redirect . "'</script>"; } }
public function profileinp() { global $CONFIG; if (isset($_POST)) { // validasi value yang masuk $x = form_validation($_POST); $action_tentang = 'insert'; $action_sejarah = 'insert'; $action_visi = 'insert'; $action_misi = 'insert'; try { if (isset($x) && count($x) != 0) { //update or insert tentang if ($x['id_tentang'] != '') { $action_tentang = 'update'; } $data = $this->models->profile_inp($x['header_tentang'], $x['tentang'], $x['title_tentang'], $x['id_tentang'], $x['tags_tentang'], $action_tentang); //update or insert sejarah if ($x['id_sejarah'] != '') { $action_sejarah = 'update'; } $data = $this->models->profile_inp($x['header_sejarah'], $x['sejarah'], $x['title_sejarah'], $x['id_sejarah'], $x['tags_sejarah'], $action_sejarah); //update or insert visi if ($x['id_visi'] != '') { $action_visi = 'update'; } $data = $this->models->profile_inp($x['header_visi'], $x['visi'], $x['title_visi'], $x['id_visi'], $x['tags_visi'], $action_visi); //update or insert sejarah if ($x['id_misi'] != '') { $action_misi = 'update'; } $data = $this->models->profile_inp($x['header_visi'], $x['misi'], $x['title_visi'], $x['id_misi'], $x['tags_misi'], $action_misi); } } catch (Exception $e) { } echo "<script>alert('Data berhasil di simpan');window.location.href='" . $CONFIG['admin']['base_url'] . "profile/index'</script>"; } }
function register_admin() { global $CONFIG; pr($_POST); exit; if (!empty($_POST)) { $x = form_validation($_POST); try { if (isset($x) && count($x) != 0) { pr($_POST); exit; $data = $this->models->upd_pass($pass); } } catch (Exception $e) { } } echo "<script>window.location.href='" . $CONFIG['admin']['base_url'] . "'</script>"; }
* If form successfully submitted then perform form validation if validator * checkbox's value is allow. Likewise, perform code injection if its checkbox * value is allow. Perform user-entered string check here invoking * check_blacklist sub-routine to determine if user is malicious. After all * tests, submit the login form * ---------------------------------------------------------------------------# */ if ($_POST['submit']) { $uname = $_POST['uname']; $pwd = $_POST['pwd']; $message = $_POST['message']; $injection = $_POST['injection']; $validation = $_POST['validation']; $success = 0; if (0 == strcmp($validation, "allow")) { $success = form_validation($uname, $pwd, $message, $injection); } else { if (0 == strcmp($validation, "block")) { $success = 1; } } if ($success == 1) { $attack = check_blacklist($uname, $pwd); $user_details = strict_form_checking($injection, $uname, $pwd, $message); $uname = $user_details[0]; $pwd = $user_details[1]; submit_form($uname, $pwd, $attack); } } else { echo "<h2>Hmm...I think you reached this page by mistake.</h2>"; }
* # If the form is not submitted then the user got in this program by mistake. * # User goes back to signup.php. If form successfully submitted then perform * # form validation. After all tests succeed, submit the signup form * #---------------------------------------------------------------------------# * */ if ($_POST['submit']) { $uname = $_POST['uname']; $pwd = $_POST['pwd']; $email = $_POST['email']; $dob = $_POST['dob']; $sex = $_POST['sex']; $state = $_POST['state']; $city = $_POST['city']; $news = $_POST['news']; $success = form_validation($uname, $pwd, $email, $dob, $sex, $state, $city, $news); if ($success == 1) { submit_form($uname, $pwd, $email, $dob, $sex, $state, $city, $news); } } /* * ---------------------------------------------------------------------------# * Perform form validation and print errors, if any. User goes back to * signup page, if any errors persist, for refilling form correctly this time. * ---------------------------------------------------------------------------# * */ function form_validation($uname, $pwd, $email, $dob, $sex, $state, $city, $news) { $error_message = ""; $error_message = validate_username($uname, $error_message);
public function do_addEvent() { global $CONFIG; if (isset($_POST['n_status'])) { if ($_POST['n_status'] == 'on') { $_POST['n_status'] = 1; } } else { $_POST['n_status'] = 0; } if (isset($_POST)) { // validasi value yang masuk $x = form_validation($_POST); try { if (isset($x) && count($x) != 0) { //update or insert $x['action'] = 'insert'; if ($x['id'] != '') { $x['action'] = 'update'; } //pr($x);exit; $data = $this->mdigirepo->eventInp('digirepo_events', $x); } } catch (Exception $e) { } $redirect = $CONFIG['admin']['base_url'] . 'digirepo/events'; echo "<script>alert('Data successfully saved');window.location.href='" . $redirect . "'</script>"; } }
public function viewmaterial() { $id = form_validation($_GET); $id_course = $id['id']; // pr($id); // echo "id course".$id_course; $this->view->assign('data', $id_course); //select header $select_header_material = $this->mcourse->select_data_header_material($id_course); // pr($select_header_material); $this->view->assign('data_header_material', $select_header_material); //select data upload $select_list_data_material = $this->mcourse->select_data_list_material($id_course); $this->view->assign('data_list_material', $select_list_data_material); return $this->loadView('course/material'); }
public function editvideowebex() { global $CONFIG; $id_video = $_GET['id_video']; //kondisi apabila tidak melakukan perubahan if ($_POST == null) { $data = $this->models->selectvideowebex($id_video); if ($data) { $this->view->assign('data', $data); } return $this->loadView('webex/editvideowebex'); } else { if (isset($_POST)) { $x = form_validation($_POST); try { if (isset($x) && count($x) != 0) { //update or insert $x['title'] = $_POST['title']; $x['jenisfile'] = $_POST['jenisfile']; $x['id_video'] = $_GET['id_video']; if (!empty($_FILES['file_video']['name'])) { if ($_FILES['file_video']['name'] != '') { deleteFile($x['file_hidden']); $video = uploadFile('file_video', null, 'video'); $x['post_video'] = $video['full_name']; } } else { if (empty($_FILES['file_video']['name']) && $x['file_video'] != "") { //get first url $split_first = explode('watch', $x['file_video']); $hit = count($split_first); if ($hit != 1) { $split_second = explode('=', $x['file_video']); $x['post_video'] = $split_first[0] . 'embed/' . $split_second[1]; } else { $x['post_video'] = $x['file_video']; } } else { $x['post_video'] = $x['file_hidden']; } } $data = $this->models->updatevideowebex($x); } } catch (Exception $e) { } echo "<script>alert('Video Successfully Edit');window.location.href='" . $CONFIG['admin']['base_url'] . "webex/listvideowebex'</script>"; } return $this->loadView('editvideowebex'); } }
public function articleinp() { global $CONFIG; if (isset($_POST['n_status'])) { if ($_POST['n_status'] == 'on') { $_POST['n_status'] = 1; } } else { $_POST['n_status'] = 0; } if (isset($_POST['articletype'])) { if ($_POST['articletype'] == 'on') { if ($_POST['articleid_old'] != 0) { $_POST['articletype'] = $_POST['articleid_old']; } else { $_POST['articletype'] = 1; } } } else { $_POST['articletype'] = 0; } if (isset($_POST)) { // validasi value yang masuk $x = form_validation($_POST); try { if (isset($x) && count($x) != 0) { //update or insert $x['action'] = 'insert'; if ($x['id'] != '') { $x['action'] = 'update'; } //pr($x);exit; //upload file if (!empty($_FILES)) { if ($_FILES['file_image']['name'] != '') { if ($x['categoryid'] == '9') { $path_upload = 'gallery/images'; } else { $path_upload = 'news'; } if ($x['action'] == 'update') { deleteFile($x['image'], $path_upload); } //if($x['action'] == 'update') deleteFile($x['image']); $image = uploadFile('file_image', $path_upload, 'image'); $x['image_url'] = $CONFIG['admin']['app_url'] . $image['folder_name'] . $image['full_name']; $x['image'] = $image['full_name']; } } $data = $this->models->article_inp($x); } } catch (Exception $e) { } $redirect = $CONFIG['admin']['base_url'] . 'home'; if (isset($x['categoryid'])) { if ($x['categoryid'] == '1') { $redirect = $CONFIG['admin']['base_url'] . 'home'; } elseif ($x['categoryid'] == '2') { $redirect = $CONFIG['admin']['base_url'] . 'site/content/?cat=2&&type=' . $_POST["articletype"]; } elseif ($x['categoryid'] == '3') { $redirect = $CONFIG['admin']['base_url'] . 'site/content/?cat=3&&type=' . $_POST["articletype"]; } elseif ($x['categoryid'] == '4') { if ($x['articletype'] == '1') { $redirect = $CONFIG['admin']['base_url'] . 'about/profile'; } elseif ($x['articletype'] == '2') { $redirect = $CONFIG['admin']['base_url'] . 'about/struktur'; } } elseif ($x['categoryid'] == '9') { if ($x['articletype'] == '1') { $redirect = $CONFIG['admin']['base_url'] . 'gallery'; } elseif ($x['articletype'] == '2') { $redirect = $CONFIG['admin']['base_url'] . 'gallery'; } } elseif ($x['categoryid'] == '8') { $redirect = $CONFIG['admin']['base_url'] . 'direktori/listCategory'; } } echo "<script>alert('Data berhasil di simpan');window.location.href='" . $redirect . "'</script>"; } }
public function inpGallery() { global $CONFIG; if (isset($_POST)) { // validasi value yang masuk $x = form_validation($_POST); try { if (isset($x) && count($x) != 0) { //update or insert $x['action'] = 'insert'; if ($x['id'] != '') { $x['action'] = 'update'; } //upload file if (!empty($_FILES)) { if ($x['gallerytype'] == '9') { $path_upload = 'gallery/images'; } else { $path_upload = ''; } $image = uploadFileMultiple('file_image', $path_upload, 'image'); foreach ($_FILES['file_image']['name'] as $filekey => $file) { $x['image_url'] = $CONFIG['admin']['app_url'] . $image[$filekey]['folder_name'] . $image[$filekey]['full_name']; $x['image'] = $image[$filekey]['full_name']; $data = $this->gallery->gallery_inp($x); } } } } catch (Exception $e) { } $redirect = $CONFIG['admin']['base_url'] . 'home'; if (isset($x['gallerytype'])) { if ($x['gallerytype'] == '9') { $redirect = $CONFIG['admin']['base_url'] . 'gallery/album/?album=' . $x['otherid']; } } echo "<script>alert('Photo successfully uploaded');window.location.href='" . $redirect . "'</script>"; } }
public function insert_upload() { global $CONFIG; if (isset($_POST)) { $x = form_validation($_POST); try { if (isset($x) && count($x) != 0) { //update or insert $x['action'] = 'insert'; if ($x['id'] != '') { $x['action'] = 'update'; } /*$exp = explode("_",$x['file_hidden']); $encode_name_files = $exp[0]; $real_name_files = $exp[1];*/ //upload file if (!empty($_FILES['file_image']['name'])) { // echo "masuk files"; if ($_FILES['file_image']['name'] != '') { if ($x['action'] == 'update') { deleteFile($x['file_hidden']); } $image = uploadFile('file_image', null, 'image'); // pr($image); // $x['post_image'] = $image['full_name']."_".$image['real_name']; $x['post_image'] = $image['full_name']; } } else { // echo "sini kan"; $x['post_image'] = $x['file_hidden']; } // pr($x); $data = $this->mcourse->upload_insert($x); } } catch (Exception $e) { } if ($x['id'] == '') { echo "<script>alert('Upload Ebook & Video Successfully Created');window.location.href='" . $CONFIG['admin']['base_url'] . "course/uploadfile'</script>"; } else { echo "<script>alert('Upload Ebook & Video Successfully Update');window.location.href='" . $CONFIG['admin']['base_url'] . "course/uploadfile'</script>"; } } return $this->loadView('insert_upload'); }
$getURI = null; if ($baseURI) { $explURI = explode('/', $baseURI); if ($explURI) { foreach ($explURI as $key => $URI) { if ($URI != "") { $getURI[] = $URI; } } } else { // URI tidak didefinisi show_error_page('URI not defined'); exit; } } $vPage = form_validation($getURI); // pr($vPage);exit; if ($vPage) { $validation['pid'] = @$vPage[0]; $validation['act'] = @$vPage[1]; $validation['det'] = @$vPage['det']; } // pr($validation);exit; if (isset($validation)) { if (isset($validation['pid'])) { if ($validation['pid'] == '') { $setPage = $CONFIG['admin']['default_view']; } else { $setPage = $validation['pid']; } } else {
public function articleinp() { global $CONFIG; if (isset($_POST['n_status'])) { if ($_POST['n_status'] == 'on') { $_POST['n_status'] = 1; } } else { $_POST['n_status'] = 0; } if (isset($_POST['articletype'])) { if ($_POST['articletype'] == 'on') { if ($_POST['articleid_old'] != 0) { $_POST['articletype'] = $_POST['articleid_old']; } else { $_POST['articletype'] = 1; } } } else { $_POST['articletype'] = 0; } if (isset($_POST['highlight'])) { if ($_POST['highlight'] == 'on') { $_POST['highlight'] = 1; } } else { $_POST['highlight'] = 0; } //pr($_POST); if (isset($_POST)) { // validasi value yang masuk $x = form_validation($_POST); try { if (isset($x) && count($x) != 0) { //update or insert $x['action'] = 'insert'; if ($x['id'] != '') { $x['action'] = 'update'; } //pr($x);exit; //upload file if (!empty($_FILES)) { if ($_FILES['file_image']['name'] != '') { if ($x['categoryid'] == '9') { $path_upload = 'gallery/images'; } elseif ($x['categoryid'] == '4') { $path_upload = 'digirepo/linksIcon'; } else { $path_upload = 'news'; } if ($x['action'] == 'update') { deleteFile($x['image'], $path_upload); } //if($x['action'] == 'update') deleteFile($x['image']); $image = uploadFile('file_image', $path_upload, 'image'); logFile(serialize($image)); $x['image_url'] = $CONFIG['admin']['app_url'] . $image['folder_name'] . $image['full_name']; $x['image'] = $image['full_name']; } } $data = $this->models->article_inp($x); } } catch (Exception $e) { } $redirect = $CONFIG['admin']['base_url'] . 'home'; if (isset($x['categoryid'])) { if ($x['categoryid'] == '1') { $redirect = $CONFIG['admin']['base_url'] . 'home'; } elseif ($x['categoryid'] == '4') { $redirect = $CONFIG['admin']['base_url'] . 'digirepo/links'; } elseif ($x['categoryid'] == '9') { if ($x['articletype'] == '1') { $redirect = $CONFIG['admin']['base_url'] . 'gallery'; } elseif ($x['articletype'] == '2') { $redirect = $CONFIG['admin']['base_url'] . 'gallery'; } } } //echo $redirect; echo "<script>alert('Data successfully saved');window.location.href='" . $redirect . "'</script>"; } }