function user_controller() { global $session, $action, $format, $allowusersregister; $output['content'] = ""; $output['message'] = ""; //-------------------------------------------------------------------------- // Login user (PUBLIC ACTION) // http://yoursite/emoncms/user/login?name=john&pass=test //-------------------------------------------------------------------------- if ($action == 'login') { if (isset($_POST['name']) && isset($_POST['pass']) && ($_POST['name'] && $_POST['pass'])) { $username = preg_replace('/[^\\w\\s-.]/', '', $_POST['name']); // filter out all except for alphanumeric white space and dash $username = db_real_escape_string($username); $password = db_real_escape_string($_POST['pass']); $result = user_logon($username, $password); if ($result == 0) { $output['message'] = _('Invalid username or password'); $output['content'] = view("user/login_block.php", array()); } else { $output['message'] = _('Welcome, you are now logged in'); if ($format == 'html') { header('Location: ../dashboard/list'); } } } else { $output['content'] = view('user/login_block.php', array()); } } elseif ($action == 'create' && $allowusersregister) { $username = preg_replace('/[^\\w\\s-.]/', '', $_POST["name"]); // filter out all except for alphanumeric white space and dash $username = db_real_escape_string($username); $password = db_real_escape_string($_POST["pass"]); // New option to return apikey on register - for use with drupal auth integration if ($_GET['returnapikey'] == true) { $returnapikey = true; } else { $returnapikey = false; } if (get_user_id($username) != 0) { $output['message'] = _("Sorry username already exists"); } elseif (strlen($username) < 4 || strlen($username) > 30) { $output['message'] = _("Please enter a username that is 4 to 30 characters long") . "<br/>"; } elseif (strlen($password) < 4 || strlen($password) > 30) { $output['message'] = _("Please enter a password that is 4 to 30 characters long") . "<br/>"; } else { $user = create_user($username, $password); if (!$returnapikey) { $result = user_logon($username, $password); $output['message'] = _("Your new account has been created"); } else { $output['message'] = $user['readapikey']; } if ($format == 'html') { header("Location: ../dashboard/list"); } if ($_SESSION['write']) { create_user_statistics($_SESSION['userid']); } } } elseif ($action == 'changepass' && $_SESSION['write']) { $oldpass = db_real_escape_string($_POST['oldpass']); $newpass = db_real_escape_string($_POST['newpass']); if (strlen($newpass) < 4 || strlen($newpass) > 30) { $output['message'] = _("Please enter a password that is 4 to 30 characters long") . "<br/>"; } elseif (change_password($_SESSION['userid'], $oldpass, $newpass)) { $output['message'] = _("Your password has been changed"); } else { $output['message'] = _("Invalid password"); } } elseif ($action == 'changedetails' && $_SESSION['write']) { $username = preg_replace('/[^\\w\\s-.]/', '', $_POST["username"]); $username = db_real_escape_string($username); $email = preg_replace('/[^\\w\\s-.@]/', '', $_POST["email"]); $email = db_real_escape_string($email); $id = get_user_id($username); if ($id && $id != $_SESSION['userid']) { $output['message'] = _("Sorry username already exists"); } elseif (strlen($username) < 4 || strlen($username) > 30) { $output['message'] = _("Please enter a username that is 4 to 30 characters long") . "<br/>"; } elseif (!$email) { $output['message'] = _("No email address present") . "<br/>"; } else { set_user_username($_SESSION['userid'], $username); set_user_email($_SESSION['userid'], $email); } } elseif ($action == 'newapiread' && $session['write']) { $apikey_read = md5(uniqid(mt_rand(), true)); set_apikey_read($session['userid'], $apikey_read); $output['message'] = _("New read apikey: ") . $apikey_read; if ($format == 'html') { header("Location: view"); } } elseif ($action == 'newapiwrite' && $session['write']) { $apikey_write = md5(uniqid(mt_rand(), true)); set_apikey_write($session['userid'], $apikey_write); $output['message'] = _("New write apikey: ") . $apikey_write; if ($format == 'html') { header("Location: view"); } } elseif ($action == 'logout' && $session['read']) { if ($_POST['CSRF_token'] == $_SESSION['CSRF_token']) { user_logout(); $output['message'] = _("You are logged out"); } else { reset_CSRF_token(); $output['message'] = _("Invalid token"); } if ($format == 'html') { header("Location: ../"); } } elseif ($action == 'getapiread' && $session['read']) { $apikey_read = get_apikey_read($session['userid']); $output = $apikey_read; } elseif ($action == 'getapiwrite' && $session['write']) { $apikey_write = get_apikey_write($session['userid']); $output = $apikey_write; } elseif ($action == 'view' && $session['write']) { $user = get_user($session['userid']); $stats = get_statistics($session['userid']); if ($format == 'json') { $output['content'] = json_encode($user); } if ($format == 'html') { $output['content'] = view("user_view.php", array('user' => $user, 'stats' => $stats)); } } elseif ($action == 'setlang' && $session['write']) { // Store userlang in database set_user_lang($session['userid'], $_GET['lang']); // Reload the page if ($format == 'html') { header("Location: view"); } } return $output; }
function vis_controller() { require "Models/feed_model.php"; global $session, $action, $format; if ($session['read']) { $apikey = get_apikey_read($session['userid']); } if ($action == 'list' && $session['write']) { $user = get_user($session['userid']); $output['content'] = view("api_view.php", array('user' => $user)); } // vis/realtime?feedid=1 if ($action == "realtime" && $session['read']) { $feedid = intval($_GET['feedid']); $output['content'] = view("vis/realtime.php", array('feedid' => $feedid, 'feedname' => get_feed_name($feedid))); } // vis/rawdata?feedid=1 if ($action == "rawdata" && $session['read']) { $feedid = intval($_GET['feedid']); $output['content'] = view("vis/rawdata.php", array('feedid' => $feedid, 'feedname' => get_feed_name($feedid))); } // vis/bargraph?feedid=2 if ($action == "bargraph" && $session['read']) { $feedid = intval($_GET['feedid']); $output['content'] = view("vis/bargraph.php", array('feedid' => $feedidtrystan, 'feedname' => get_feed_name($feedid))); } if ($action == 'smoothie' && $session['read']) { $output['content'] = view("vis/smoothie/smoothie.php", array()); } // vis/histgraph?feedid=3 if ($action == "histgraph" && $session['read']) { $feedid = intval($_GET['feedid']); $output['content'] = view("vis/histgraph.php", array('feedid' => $feedid, 'feedname' => get_feed_name($feedid))); } // vis/dailyhistogram?power= &kwhd= &whw= if ($action == 'dailyhistogram' && $session['read']) { $output['content'] = view("vis/dailyhistogram/dailyhistogram.php", array()); } if ($action == 'zoom' && $session['read']) { $output['content'] = view("vis/zoom/zoom.php", array()); } if ($action == 'comparison' && $session['read']) { $output['content'] = view("vis/comparison/comparison.php", array()); } if ($action == 'stacked' && $session['read']) { $output['content'] = view("vis/stacked.php", array()); } if ($action == 'threshold' && $session['read']) { $output['content'] = view("vis/threshold.php", array()); } if ($action == 'simplezoom' && $session['read']) { $output['content'] = view("vis/simplezoom.php", array()); } if ($action == "orderbars" && $session['read']) { $feedid = intval($_GET['feedid']); $output['content'] = view("vis/orderbars.php", array('feedid' => $feedid, 'feedname' => get_feed_name($feedid))); } if ($action == 'orderthreshold' && $session['read']) { $output['content'] = view("vis/orderthreshold.php", array()); } elseif ($action == 'multigraph' && $session['read']) { if ($session['write']) { $write_apikey = get_apikey_write($session['userid']); } $output['content'] = view("vis/multigraph.php", array('write_apikey' => $write_apikey)); } // vis/rawdata?feedid=1 if ($action == "edit" && $session['write']) { $feedid = intval($_GET['feedid']); $output['content'] = view("vis/edit.php", array('feedid' => $feedid, 'feedname' => get_feed_name($feedid), 'type' => get_feed_datatype($feedid))); } return $output; }
<?php global $path, $session; ?> <h2>Command API</h2> <h3>Apikey authentication</h3> <p>If you want to call any of the following action's when your not logged in, add your read & write apikey to the URL of your request: &apikey=APIKEY.</p> <p><b>Read & Write:</b><br> <input type="text" style="width:230px" readonly="readonly" value="<?php echo get_apikey_write($session['userid']); ?> " /> </p> <h3>Get command</h3> <p><a href="<?php echo $path; ?> command/get.json"><?php echo $path; ?> command/get.json</a></p> <h3>Insert command</h3> <p><a href="<?php echo $path; ?> command/insert?cmd=turnonheating"><?php