function get_sale_list($uri_segment = '') { $sales = $this->sale_model->get_sale_list($uri_segment); log_message('error', __METHOD__); log_array('error', $sales); echo '{ "data":' . json_encode($sales) . '}'; }
function login() { $this->data['title'] = "Login"; //validate form input $this->form_validation->set_rules('identity', 'Identity', 'required'); $this->form_validation->set_rules('password', 'Password', 'required'); if ($this->form_validation->run() == true) { //check to see if the user is logging in //check for "remember me" $remember = (bool) $this->input->post('remember'); if ($this->ion_auth->login($this->input->post('identity'), $this->input->post('password'), $remember, $this->input->post('user_time_zone'))) { if ($this->ion_auth->is_admin()) { redirect('/auth', 'refresh'); } else { //if the login is successful log_message('debug', 'LOGIN SUCCESSFUL'); //format posted timezone for inclusion in session $tz = array('user_time_zone' => $this->input->post('user_time_zone')); //add timezome to session $this->session->set_userdata($tz); //log timezone log_message('debug', 'POSTED TIMEZONE: ' . log_array($this->input->post('user_time_zone'))); $this->session->set_flashdata('message', $this->ion_auth->messages()); //redirect them back to the home page log_message('debug', 'REDIRECTING TO ROSTER'); redirect('/manage', 'refresh'); } } else { //if the login was un-successful //redirect them back to the login page $this->session->set_flashdata('message', $this->ion_auth->errors()); redirect('auth/login', 'refresh'); //use redirects instead of loading views for compatibility with MY_Controller libraries } } else { //the user is not logging in so display the login page //set the flash data error message if there is one $this->data['message'] = validation_errors() ? validation_errors() : $this->session->flashdata('message'); $this->data['identity'] = array('name' => 'identity', 'id' => 'identity', 'type' => 'text', 'value' => $this->form_validation->set_value('identity')); $this->data['password'] = array('name' => 'password', 'id' => 'password', 'type' => 'password'); $this->_render_page('auth/login', $this->data); } }
/** * Processes a direct verification request. This is used in the OpenID specification * to verify signatures generated using stateless mode. * * @param array $request the OpenID request * @see http://openid.net/specs/openid-authentication-1_1.html#mode_check_authentication, http://openid.net/specs/openid-authentication-2_0.html#verifying_signatures */ function simpleid_check_authentication($request) { global $version; log_info('OpenID direct verification: ' . log_array($request)); $is_valid = simpleid_verify_signatures($request); if ($is_valid) { $response = array('is_valid' => 'true'); } else { $response = array('is_valid' => 'false'); } // RP wants to check whether a handle is invalid if (isset($request['openid.invalidate_handle'])) { $invalid_assoc = cache_get('association', $request['openid.invalidate_handle']); if (!$invalid_assoc || $invalid_assoc['created'] + SIMPLEID_ASSOC_EXPIRES_IN < time()) { // Yes, it's invalid $response['invalidate_handle'] = $request['openid.invalidate_handle']; } } log_info('OpenID direct verification response: ' . log_array($response)); openid_direct_response(openid_direct_message($response, $version)); }
/** * Perform the file upload * * @return bool */ public function do_upload($field = 'userfile') { log_message('error', __METHOD__ . $field); log_array('error', $_FILES); // Is $_FILES[$field] set? If not, no reason to continue. if (!isset($_FILES[$field])) { $this->set_error('upload_no_file_selected'); return FALSE; } // Is the upload path valid? if (!$this->validate_upload_path()) { // errors will already be set by validate_upload_path() so just return FALSE return FALSE; } // Was the file able to be uploaded? If not, determine the reason why. if (!is_uploaded_file($_FILES[$field]['tmp_name'])) { $error = !isset($_FILES[$field]['error']) ? 4 : $_FILES[$field]['error']; switch ($error) { case 1: // UPLOAD_ERR_INI_SIZE $this->set_error('upload_file_exceeds_limit'); break; case 2: // UPLOAD_ERR_FORM_SIZE $this->set_error('upload_file_exceeds_form_limit'); break; case 3: // UPLOAD_ERR_PARTIAL $this->set_error('upload_file_partial'); break; case 4: // UPLOAD_ERR_NO_FILE $this->set_error('upload_no_file_selected'); break; case 6: // UPLOAD_ERR_NO_TMP_DIR $this->set_error('upload_no_temp_directory'); break; case 7: // UPLOAD_ERR_CANT_WRITE $this->set_error('upload_unable_to_write_file'); break; case 8: // UPLOAD_ERR_EXTENSION $this->set_error('upload_stopped_by_extension'); break; default: $this->set_error('upload_no_file_selected'); break; } return FALSE; } // Set the uploaded data as class variables $this->file_temp = $_FILES[$field]['tmp_name']; $this->file_size = $_FILES[$field]['size']; $this->_file_mime_type($_FILES[$field]); $this->file_type = preg_replace("/^(.+?);.*\$/", "\\1", $this->file_type); $this->file_type = strtolower(trim(stripslashes($this->file_type), '"')); $this->file_name = $this->_prep_filename($_FILES[$field]['name']); $this->file_ext = $this->get_extension($this->file_name); $this->client_name = $this->file_name; // Is the file type allowed to be uploaded? if (!$this->is_allowed_filetype()) { $this->set_error('upload_invalid_filetype'); return FALSE; } // if we're overriding, let's now make sure the new name and type is allowed if ($this->_file_name_override != '') { $this->file_name = $this->_prep_filename($this->_file_name_override); // If no extension was provided in the file_name config item, use the uploaded one if (strpos($this->_file_name_override, '.') === FALSE) { $this->file_name .= $this->file_ext; } else { $this->file_ext = $this->get_extension($this->_file_name_override); } if (!$this->is_allowed_filetype(TRUE)) { $this->set_error('upload_invalid_filetype'); return FALSE; } } // Convert the file size to kilobytes if ($this->file_size > 0) { $this->file_size = round($this->file_size / 1024, 2); } // Is the file size within the allowed maximum? if (!$this->is_allowed_filesize()) { $this->set_error('upload_invalid_filesize'); return FALSE; } // Are the image dimensions within the allowed size? // Note: This can fail if the server has an open_basdir restriction. if (!$this->is_allowed_dimensions()) { $this->set_error('upload_invalid_dimensions'); return FALSE; } // Sanitize the file name for security $this->file_name = $this->clean_file_name($this->file_name); // Truncate the file name if it's too long if ($this->max_filename > 0) { $this->file_name = $this->limit_filename_length($this->file_name, $this->max_filename); } // Remove white spaces in the name if ($this->remove_spaces == TRUE) { $this->file_name = preg_replace("/\\s+/", "_", $this->file_name); } /* * Validate the file name * This function appends an number onto the end of * the file if one with the same name already exists. * If it returns false there was a problem. */ $this->orig_name = $this->file_name; if ($this->overwrite == FALSE) { $this->file_name = $this->set_filename($this->upload_path, $this->file_name); if ($this->file_name === FALSE) { return FALSE; } } /* * Run the file through the XSS hacking filter * This helps prevent malicious code from being * embedded within a file. Scripts can easily * be disguised as images or other file types. */ if ($this->xss_clean) { if ($this->do_xss_clean() === FALSE) { $this->set_error('upload_unable_to_write_file'); return FALSE; } } /* * Move the file to the final destination * To deal with different server configurations * we'll attempt to use copy() first. If that fails * we'll use move_uploaded_file(). One of the two should * reliably work in most environments */ if (!@copy($this->file_temp, $this->upload_path . $this->file_name)) { if (!@move_uploaded_file($this->file_temp, $this->upload_path . $this->file_name)) { $this->set_error('upload_destination_error'); return FALSE; } } /* * Set the finalized image dimensions * This sets the image width/height (assuming the * file was an image). We use this information * in the "data" function. */ $this->set_image_properties($this->upload_path . $this->file_name); return TRUE; }
function get_user_name($created_by = '') { $result = ''; $CI =& get_instance(); $query = $CI->db->select('concat(first_name, " ", last_name) as username', false)->from('js_users')->where('id', $created_by)->get(); log_array('error', __METHOD__ . $CI->db->last_query()); if ($query->num_rows() > 0) { $row = $query->row_array(); $result = $row['username']; } return $result == 'admin admin' ? 'Admin' : $result; }
function insert_update_user() { $user_data = array(); $postData = array_map('trim', $this->input->post()); log_array('error', $postData); $user_id = $postData['user_id'] != "" ? $postData['user_id'] : ""; $uri_segment = $this->input->post('uri_segment'); $user_data = array('first_name' => $postData['first_name'], 'last_name' => $postData['last_name'], 'username' => $postData['username'], 'email' => $postData['email'], 'role_id' => $postData['user_type'], 'created_by' => $this->session->userdata('user_id'), 'created_datetime' => current_timestamp_database(), 'status' => 'y'); if ($user_id == "") { $user_data['password'] = encrypt_password(strtoupper($postData['password'])); } $user_status = $this->user_model->insert_update_user($user_id, $user_data, $uri_segment); if ($user_status != "" && $user_id == "") { log_message('error', __METHOD__ . '======user email called=====' . $user_status); $email_template_user = "******"; $to = $postData['email']; $from = EMAIL_SEND_FROM; $new_client_link = base_url() . 'user/' . strtoupper($postData['password']); $email_required_data = array('{REGISTRATION_FIRST_LAST_NAME}' => $postData['first_name'] . " " . $postData['last_name'], '{CLIENT_LINK}' => $new_client_link, '{USERNAME}' => $postData['username'], '{PASSWORD}' => strtoupper($postData['password'])); $mail_status = send_mail($to, $from, $email_template_user, $email_required_data); } echo "success"; }