Exemplo n.º 1
0
 public static function remember($user)
 {
     //We need a user, but we won't remember the admin user.
     //if ($user && $user->id > 0 && !in_array('superadmin', $user->roles)) {
     if ($user && $user->id > 0) {
         $random = get_random('number');
         $persist = new PersistUserObj();
         $data = array('user_id' => $user->id, 'random' => $random);
         if ($persist->create($data)) {
             $query = new SelectQuery('PersistUser');
             $query->field('MD5(CONCAT(`id`, `user_id`, `random`))')->filter('`id`= :id');
             $hash = $query->fetchColumn(array(':id' => $persist->array['id']));
             if (setcookie('remembered', $hash, time() + 60 * 60 * 24 * 14, WEB_SUB_FOLDER)) {
                 return true;
             } else {
                 Backend::addError('Could not set cookie to remember login');
                 $query = new DeleteQuery('PersistUser');
                 $query->filter('`id` = :id')->limit(1);
                 $query->execute(array(':id' => $persist->array['id']));
             }
         } else {
             Backend::addError('Could not remember login');
         }
     } else {
         Backend::addError('Invalid user to remember');
     }
     return false;
 }
Exemplo n.º 2
0
    public function action_create()
    {
        if (is_post()) {
            $parameters = get_previous_parameters();
            $object = new CommentObj();
            $object = $object->fromRequest();
            $object['foreign_id'] = empty($object['foreign_id']) ? reset($parameters) : $object['foreign_id'];
            $object['foreign_table'] = empty($object['foreign_table']) ? table_name(get_previous_area()) : $object['foreign_table'];
            //If we don't have a logged in user, create a dummy account
            if (!BackendUser::check()) {
                $query = new SelectQuery('BackendUser');
                $query->filter('`email` = :email');
                if ($old_user = Controller::getVar('user')) {
                    $existing_user = $query->fetchAssoc(array(':email' => $old_user['email']));
                }
                switch (true) {
                    case $existing_user && $existing_user['confirmed'] && $existing_user['active']:
                        //Attribute quote to user? Seems risque, actually, if I know a user's email address, I can just attribute to him. Auth first
                        Backend::addError('Comment not added. Please login first');
                        return false;
                        break;
                    case $existing_user && !$existing_user['confirmed'] && $existing_user['active']:
                        //Unregistered user commented before
                        $object['user_id'] = $existing_user['id'];
                        break;
                    default:
                    case !$existing_user:
                        $user_data = array('name' => $old_user['name'], 'surname' => '', 'email' => $old_user['email'], 'website' => $old_user['website'], 'username' => $old_user['email'], 'password' => get_random(), 'confirmed' => 0, 'active' => 1);
                        $user = self::getObject('BackendUser');
                        if ($user->create($user_data)) {
                            $object['user_id'] = $user->array['id'];
                            $url = SITE_LINK . '/?q=backend_user/confirm/' . $user->array['salt'];
                            $app_name = ConfigValue::get('Title');
                            $message = <<<END
Hi {$user->array['name']}!

Thank you for your comment on {$app_name}. An account has automatically been created for you. To activate it, please click on the following link:

{$url}

Please note that you don't need to do this for your comments to show, but this account will be deleted if it isn't confirmed in a weeks time.

Regards
END;
                            send_email($user->array['email'], 'Thank you for your comment.', $message);
                        } else {
                            Backend::addError('Could not create user to add Comment');
                            return false;
                        }
                        break;
                }
            }
            $object = array_filter($object, create_function('$var', 'return !is_null($var);'));
            Controller::setVar('obj', $object);
        }
        return parent::action_create();
    }
Exemplo n.º 3
0
function pm_sms_query()
{
    header("Content-Type: text/xml");
    echo "<?xml version='1.0' encoding='UTF-8' ?>";
    $msisdn = isset($_GET['msisdn']) ? $_GET['msisdn'] : "";
    $message = isset($_GET['message']) ? $_GET['message'] : "";
    $contentid = isset($_GET['contentid']) ? $_GET['contentid'] : "";
    $realmsisdn = isset($_GET['realmsisdn']) ? $_GET['realmsisdn'] : "";
    $parameter = explode(" ", $message);
    $jns = strtolower(isset($parameter[1]) ? $parameter[1] : "");
    $koderedeem = isset($parameter[1]) ? $parameter[1] : "";
    $kodeavatar = isset($parameter[3]) ? $parameter[3] : "";
    $notelepon = isset($parameter[4]) ? $parameter[4] : "";
    $dataxml = array('msisdn' => $msisdn, 'response' => "1", 'option' => "0", 'charge' => "0", 'appid' => "", 'partnerid' => "", 'mediaid' => "", 'trxid' => "", 'hptype' => "ALL", 'shortname' => "", 'contenttype' => "1", 'priority' => "1", 'contentid' => $contentid, 'desc' => "", 'mesage' => "Maaf, avatar item " . $koderedeem . " tidak valid, silakan coba lagi.");
    switch ($jns) {
        case "av":
            $lilo_mongo = new LiloMongo();
            $lilo_mongo->selectDB('Assets');
            $lilo_mongo->selectCollection('Avatar');
            $data = $lilo_mongo->find(array("code" => $koderedeem, "payment" => array('$in' => array('Unlock', 'Paid'))));
            if ($data) {
                $idavatar = $data['_id'];
                $count = 1;
                $kodegenerate = get_random(10);
                $lilo_mongo->selectCollection('Redeem');
                $datatinsert = array('code' => $kodegenerate, 'count' => $count, 'expire' => '', 'create' => $lilo_mongo->time(strtotime(date("Y-m-d H:i:s"))));
                $lilo_mongo->insert($datatinsert);
                $data2 = $lilo_mongo->findOne(array("code" => $kodegenerate));
                if ($data2) {
                    $idredeem = $data2['_id'];
                    $lilo_mongo->selectCollection('RedeemAvatar');
                    foreach ($data as $tampung) {
                        $datatinsert = array('avatar_id' => (string) $tampung['_id'], 'code_id' => (string) $idredeem);
                        $lilo_mongo->insert($datatinsert);
                    }
                    $dataxml['msisdn'] = $msisdn;
                    $dataxml['contentid'] = $contentid;
                    $dataxml['mesage'] = "Selamat, avatar item " . $koderedeem . " menjadi milik anda. Ini redeem codenya: " . $kodegenerate . ".";
                    echo return_xml($dataxml);
                } else {
                    $dataxml['msisdn'] = $msisdn;
                    $dataxml['contentid'] = $contentid;
                    $dataxml['mesage'] = "Maaf, avatar item " . $koderedeem . " Gagal tergenerate, silakan coba lagi.";
                    echo return_xml($dataxml);
                }
            } else {
                echo return_xml($dataxml);
            }
            break;
        default:
            echo return_xml($dataxml);
    }
}
Exemplo n.º 4
0
function new_session($username, $password)
{
    do {
        $random_var = get_random();
    } while (preg_match("/[^a-f0-4]/", $random_var));
    $clear = $username . $password . $random_var;
    $salt = get_salt();
    $result = '';
    for ($i = 0; $i < strlen($clear); $i++) {
        for ($j = 0; $j < strlen($salt); $j++, $i++) {
            $result .= $clear[$i] ^ $salt[$j];
        }
    }
    $result = khkh($result);
    $session = strtolower($result);
    return $session;
}
Exemplo n.º 5
0
function unity_user_newuser()
{
    $email = func_arg(0);
    $password = urldecode(func_arg(1));
    $username = urldecode(func_arg(2));
    $gender = func_arg(3) != "" ? func_arg(3) : "male";
    $statemind = urldecode(func_arg(4));
    $tgl_lahir = func_arg(5) != "" ? urldecode(func_arg(5)) : date('Y-m-d');
    $fb_id = func_arg(6) != "" ? func_arg(6) : "";
    $lilo_mongo = new LiloMongo();
    $lilo_mongo->selectDB('Users');
    $lilo_mongo->selectCollection('Account');
    $cekada = $lilo_mongo->findOne(array("email" => $email));
    $retValid = FALSE;
    $retMessage = "Duplicate email";
    if (!$cekada) {
        $key = get_random(25);
        $id = $key;
        $activkey = date('Y-m-d H:i:s');
        $datatinsert = array('email' => $email, 'password' => md5($password), 'username' => $email, 'join_date' => $lilo_mongo->time(strtotime(date("Y-m-d H:i:s"))), 'activation_key' => md5($activkey), 'token_key' => md5($key), 'fb_id' => $fb_id, 'access' => '');
        $lilo_mongo->insert($datatinsert);
        // Sync between _id and lilo_id, this is a pain in the ass, why do need lilo_id in the first f*****g place????????????????//
        $findQuery = $lilo_mongo->findOne(array("email" => $email));
        if ($findQuery) {
            $lilo_id = $findQuery["_id"];
            $lilo_mongo->update_set(array("email" => $email), array("lilo_id" => (string) $lilo_id));
            $lilo_mongo->selectCollection('Properties');
            $pecahtgllahir = explode("-", $tgl_lahir);
            $datatinsert = array('lilo_id' => (string) $lilo_id, 'avatarname' => $username, 'fullname' => $username, 'sex' => $gender, 'website' => '', 'link' => '', 'birthday' => $tgl_lahir, 'birthday_dd' => $pecahtgllahir[2], 'birthday_mm' => $pecahtgllahir[1], 'birthday_yy' => $pecahtgllahir[0], 'state_mind' => $statemind, 'about' => '', 'picture' => '', 'location' => '', 'handphone' => '', 'twitter' => '');
            $lilo_mongo->insert($datatinsert);
            $lilo_mongo->selectCollection('UserProfile');
            $generatetime = date("Y-m-d H:i:s");
            $time_start = strtotime($generatetime);
            $datatinsert = array('lilo_id' => (string) $lilo_id, 'StateMind' => $statemind, 'date' => $lilo_mongo->time($time_start));
            $lilo_mongo->insert($datatinsert);
            $retValid = TRUE;
            $retMessage = "Succesfully created user: " . $email;
            write_session($id, md5($activkey), md5($key));
        }
    } else {
        write_session($cekada['_id'], $cekada['activation_key'], $cekada['token_key']);
    }
    $ret = array('valid' => $retValid, 'message' => $retMessage);
    return json_encode($ret);
}
Exemplo n.º 6
0
<?php

// $Header$
// Copyright (c) 2002-2005, Luis Argerich, Garland Foster, Eduardo Polidor, et. al.
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
//session_start();
// hmm. to many session tweaks in setup_smarty ... we need to call this
require_once 'tiki-setup.php';
//random_number.php
$img_number = imagecreate(95, 30);
$white = imagecolorallocate($img_number, 255, 255, 255);
$black = imagecolorallocate($img_number, 0, 0, 0);
$grey_shade = imagecolorallocate($img_number, 204, 204, 204);
imagefill($img_number, 0, 0, $grey_shade);
srand(time());
$number = get_random();
$_SESSION['random_number'] = $number;
for ($i = 0; $i < 5; $i++) {
    Imagestring($img_number, 5, 10 + 17 * $i + rand(0, 2), 1 + rand(0, 10), substr($number, $i, 1), $black);
}
header("Content-type: image/jpeg");
imagejpeg($img_number);
function get_random()
{
    # return a 5 digit value
    return rand(10000, 99999);
}
Exemplo n.º 7
0
/**
 * 生成随机字符串
 * @param string $lenth 长度
 * @return string 字符串
 */
function get_randomstr($lenth = 6, $type = 'all')
{
    if ($type == 'num') {
        $str = '0123456789';
    } else {
        if ($type == 'string') {
            $str = 'abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ';
        } else {
            $str = '123456789abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ';
        }
    }
    return get_random($lenth, $str);
}
Exemplo n.º 8
0
<!-- Banner -->
<div class="row">
	<div class="10u">
		
		 <div id="wrapper">
			 <div class="slider-wrapper theme-default">
				<div id="banner">
					<?php 
$banners = get_random('Banner', 5);
foreach ($banners as $banner) {
    ?>
					<a href="<?php 
    echo $banner['url'];
    ?>
"><img src="<?php 
    qoolinfo('home');
    ?>
/<?php 
    echo $banner['image'];
    ?>
" title=" <?php 
    echo $banner['alt'];
    ?>
" alt="" /></a>
					<?php 
}
?>
				</div>
				
			</div>
		</div>
Exemplo n.º 9
0
function generate_redeem_avatar($avatar_item_code, $count)
{
    $code = get_random(10);
    $lilo_mongo = new LiloMongo();
    $id = $lilo_mongo->mongoid($code . date('YmdHis'));
    $lilo_mongo->selectDB('Assets');
    // Create Redeem
    $lilo_mongo->selectCollection('Redeem');
    $generatetime = date("Y-m-d H:i:s");
    $time_start = strtotime($generatetime);
    $datatinsert = array('code' => $code, 'count' => $count, 'expire' => '', 'create' => $lilo_mongo->time($time_start), '_id' => $id);
    $result = $lilo_mongo->insert($datatinsert);
    $redeemId = (string) $id;
    // Create Mapping Avatar
    $lilo_mongo->selectCollection('Avatar');
    $data = $lilo_mongo->find(array("code" => $avatar_item_code));
    $datareturn = array();
    if ($data) {
        $lilo_mongo->selectCollection('RedeemAvatar');
        foreach ($data as $tampung) {
            $dataaddnew = array('avatar_id' => (string) $tampung['_id'], 'code_id' => $redeemId);
            $lilo_mongo->insert($dataaddnew);
            $datareturn[] = $dataaddnew;
        }
    }
    $ret = array('id' => $datareturn, 'code' => $code);
    return $ret;
}
Exemplo n.º 10
0
/**
 * 生成随机字符串
 * @param string $lenth 长度
 * @return string 字符串
 */
function get_randomstr($lenth = 6)
{
    return get_random($lenth, '123456789abcdefghijklmnpqrstuvwxyzABCDEFGHIJKLMNPQRSTUVWXYZ');
}
Exemplo n.º 11
0
 function validate($data, $action, $options = array())
 {
     $data = parent::validate($data, $action, $options);
     if (!$data) {
         return $data;
     }
     switch ($action) {
         case 'create':
             $data['active'] = array_key_exists('active', $data) ? $data['active'] : true;
             //We need either an email, mobile number or username to register a user
             //Lower ASCII only
             if (!empty($data['username'])) {
                 $data['username'] = filter_var(trim($data['username']), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH);
                 //TODO Make the banned usernames configurable
                 $banned_usernames = array('root', 'admin', 'superadmin', 'superuser', 'webadmin', 'postmaster', 'webdeveloper', 'webmaster', 'administrator', 'sysadmin');
                 if (in_array($data['username'], $banned_usernames) && BackendUser::hasSuperUser()) {
                     Backend::addError('Please choose a valid username');
                     return false;
                 }
             }
             if (empty($data['username']) && empty($data['email']) && empty($data['mobile'])) {
                 Backend::addError('Please provide a username');
             }
             //If the username is an email address, make it the email address
             if (!empty($data['username']) && filter_var($data['username'], FILTER_VALIDATE_EMAIL)) {
                 if (!empty($data['email'])) {
                     list($data['username'], $data['email']) = array($data['email'], $data['username']);
                 } else {
                     $data['email'] = $data['username'];
                     unset($data['username']);
                 }
             }
             $data['salt'] = get_random('numeric');
             $data['password'] = md5($data['salt'] . $data['password'] . Controller::$salt);
             if (ConfigValue::get('application.confirmUser')) {
                 $data['confirmed'] = false;
             } else {
                 $data['confirmed'] = array_key_exists('confirmed', $data) ? $data['confirmed'] : true;
             }
             break;
         case 'update':
             if (!empty($data['password'])) {
                 $data['password'] = md5($this->array['salt'] . $data['password'] . Controller::$salt);
             }
             break;
     }
     return $data;
 }