function processLogin() { global $cfg; // Initialize or retrieve the current values for the login variables $loginAttempts = !isset($_POST['loginAttempts']) ? 1 : $_POST['loginAttempts']; $formUser = !isset($_POST['formUser']) ? NULL : $_POST['formUser']; $formPassword = !isset($_POST['formPassword']) ? NULL : $_POST['formPassword']; // If the posted username and/or password doesnt match whats set in config. if ($formUser != $cfg->get('admin_user') || $formPassword != $cfg->get('admin_pass')) { // If first login attempt, initiate a login attempt counter if ($loginAttempts == 0) { $_POST['loginAttempts'] = 1; $auth = false; return; } else { if ($loginAttempts >= 3) { echo "<blink><p align='center' style=\"font-weight:bold;font-size:170px;color:red;font-family:sans-serif;\">Log In<br>Failed.</p></blink>"; exit; } else { $_POST['loginAttempts'] += 1; return; } } } elseif ($formUser == $cfg->get('admin_user') && $formPassword == $cfg->get('admin_pass')) { // Start Session, set session variables start_session(); $_SESSION['adminAuth'] = md5($cfg->get('admin_user') . $cfg->get('admin_pass')); $_SESSION['adminTime'] = time(); $SID = session_id(); $_POST['task'] = 'home'; } else { $_POST['loginAttempts'] += 1; return; } }
function __construct() { if (!session_id()) { start_session(); } $this->_db = new my_mysql(); }
function is_logged_in() { //function to see if the user is logged in start_session(); //PhP session must be started before you can start storing infromation return isset($_SESSION['user']); //return session of the "user" }
function authenticate_user($inputUsername, $inputPassword, $connection) { //query database to return password for the username that was input //usernames are unique so only 1 row should be returned $result = $connection->query("SELECT password FROM employee \n\t\tWHERE username = '******'"); //get the returned result as an array $row = $result->fetch_array(MYSQLI_NUM); //verify the passwords match if ($inputPassword == $row[0]) { echo "true"; start_session($inputUsername, $inputPassword); } else { echo "false"; } }
function validate() { $clean_email = strstr($email, '@'); if (empty($name) || !isset($name)) { echo 'please fill all fields'; } //check if array has a value if (!in_array($clean_email, $domains)) { echo 'please enter a valid email provider'; } if ($password !== $confirm) { echo 'plase check your password match'; } if (isset($_POST['register'])) { start_session(); } }
function processLogin() { global $cfg; // Initialize or retrieve the current values for the login variables $loginAttempts = !isset($_POST['loginAttempts']) ? 1 : $_POST['loginAttempts']; $formUser = !isset($_POST['formUser']) ? NULL : $_POST['formUser']; $formPassword = !isset($_POST['formPassword']) ? NULL : $_POST['formPassword']; // Check Values if ($formUser != $cfg->get('admin_user') || $formPassword != $cfg->get('admin_pass')) { if ($loginAttempts == 0) { /* 3 strikes and they're out */ $_POST['loginAttempts'] = 1; $auth = false; return; } else { if ($loginAttempts >= 3) { echo "<blink><p align='center' style=\"font-weight:bold;font-size:170px;color:red;font-family:sans-serif;\">Log In<br>Failed.</p></blink>"; exit; } else { $_POST['loginAttempts'] += 1; return; } } } elseif ($formUser == $cfg->get('admin_user') && $formPassword == $cfg->get('admin_pass')) { // test for valid username and password // Start Session start_session(); $_SESSION['adminAuth'] = md5($cfg->get('admin_user') . $cfg->get('admin_pass')); $_SESSION['adminTime'] = time(); $SID = session_id(); $_POST['task'] = 'home'; } else { $_POST['loginAttempts'] += 1; return; } }
function do_acct_status($status) { $do_admin_acct = false; // Change to 'true', if desired if (get_device() || $do_admin_acct) { switch ($status) { case 'update': update_session(); break; case 'start': start_session(); break; case 'stop': stop_session(); break; case 'auth': auth_session(); break; } } }
</form> <?php } if ($_GET['vars'] == "yes") { $key_country = $_POST['key_country']; $key_province = $_POST['key_province']; $key_city = $_POST['key_city']; $key_org = $_POST['key_org']; $key_email = $_POST['key_email']; $server_name = $_POST['server_name']; $client_name = $_POST['client_name']; //need to use bash commands to do this... permission issues. //editing var file using sed //define('NET_SSH2_LOGGING', NET_SSH2_LOG_COMPLEX); if (!isset($_SESSION['password'])) { start_session('create_certs.php?vars=yes'); } $password = stripslashes(trim($_SESSION['password'])); $username = stripslashes(trim($_SESSION['username'])); if ($username == "") { $username = "******"; } $ssh = new Net_SSH2('localhost'); if (!$ssh->login($username, $password)) { exit('Login Failed'); } echo $ssh->read('/.*@.*/', NET_SSH2_READ_REGEX); $ssh->write("sudo killall -v openvpn\n"); $ssh->setTimeout(10); $output = $ssh->read('/.*@.*[$|#]|.*[P|p]assword.*/', NET_SSH2_READ_REGEX); //$ssh->read();
function is_logged_in() { start_session(); return isset($_SESSION['user']); }
require 'functions.php'; set_include_path(get_include_path() . PATH_SEPARATOR . 'phpseclib'); include 'Net/SSH2.php'; //if (!(isset($_SESSION['password']))){ // start_session('install.php'); //getting username and password for phpseclib ssh terminal //} ?> <? //error_reporting(E_ALL); //ini_set('display_errors', 'on'); //functions.php includes session_start() //will need to do the pkitool test now.... TODO move pkitool to previous heading so don't have to test for it twice :( //Will reach this if the "initial-setup" button is pressed in code block after this If ($_GET['action'] == "initial-setup"){ if (! (isset($_SESSION['password']))){ start_session('install.php&action=initial-setup'); } $password = stripslashes(trim($_SESSION['password'])); $username = stripslashes(trim($_SESSION['username'])); if ($username == ""){ $username = "******"; } $ssh = new Net_SSH2('localhost'); if (!$ssh->login($username, $password)) { exit('Login Failed'); } $default_pkitool_location = $config_dir . "/easy-rsa/pkitool"; if (!(file_exists($default_pkitool_location))){ echo "<font color='B22222'>Error!</font> PKITOOL not found... required, will attempt to copy into $config_dir<br />"; echo $ssh->exec("sudo cp -r $easy_rsa_dir $config_dir");
function create_zip($files = array(), $destination = '', $cert_name, $overwrite = true) { //will need phpseclib later.... so... if (!isset($_SESSION['password'])) { start_session('certs.php?action=send_cert&type=$send_type&cert_name=$cert_name'); } $password = stripslashes(trim($_SESSION['password'])); $username = stripslashes(trim($_SESSION['username'])); if ($username == "") { $username = "******"; } $ssh = new Net_SSH2('localhost'); if (!$ssh->login($username, $password)) { exit('Login Failed'); } //if the zip file already exists and overwrite is false, return false if (file_exists($destination) && !$overwrite) { echo "Will not overwrite!<br />"; return false; } //vars $valid_files = array(); //if files were passed in... if (is_array($files)) { //cycle through each file foreach ($files as $file) { //make sure the file exists if (file_exists($file)) { $valid_files[] = $file; } } } //if we have good files... if (count($valid_files)) { //create the archive $zip = new ZipArchive(); if ($zip->open($destination, $overwrite ? ZIPARCHIVE::OVERWRITE : ZIPARCHIVE::CREATE) !== true) { return false; } //add the files foreach ($valid_files as $file) { $zip->addFile($file, $file); echo "File: {$file}<br />"; } //debug echo 'The zip archive contains ', $zip->numFiles, ' files with a status of ', $zip->status; echo "<br />"; $zip->addFile($file); //close the zip -- done! $zip->close(); $curr_work_dir = getcwd(); echo "{$curr_work_dir}/Downloads/{$destination}<br />"; //now move the file to our Downloads folder if (copy("{$destination}", "{$curr_work_dir}/Downloads/{$destination}")) { unlink("{$destination}"); } //and update destination $zip_download = "{$destination}"; //TODO check if file exists return $zip_download; } else { return false; } }
<?php require_once 'inc/functions.php'; /* * If posted information from login form */ if (isset($_POST['submitLogin'])) { if (check_credentials($_POST)) { start_session($_POST['uname']); } else { $msg = 'Invalid Login Credentials!'; } } /* * If user is logged-in * redirect to home.php */ if (isset($_SESSION['username'])) { header('Location: home.php?u=' . $_SESSION['username']); } require 'inc/header.php'; ?> <div class="container"> <form method="POST" class="form-signin col-md-6 col-md-offset-3 col-xs-10 col-xs-offset-1"> <?php if (isset($msg)) { echo "<div class='alert alert-danger' role='alert'>Invalid Login Credentials!</div>"; } ?> <input type="text" name="uname" class="form-control" placeholder="Username" required autofocus> <input type="password" name="pword" class="form-control" placeholder="Password" required>
require_once DIR_FS_PRONTO . DS . 'core' . DS . 'factory.php'; require_once DIR_FS_PRONTO . DS . 'core' . DS . 'session.php'; if (defined('SESSION_USEDB') && SESSION_USEDB === true) { // taken from pronto/profiles/web.php if (defined('DB_NAME')) { $db =& Factory::db(array('dsn' => DB_DSN, 'file' => DB_FILE, 'host' => DB_HOST, 'user' => DB_USER, 'pass' => DB_PASS, 'name' => DB_NAME)); Registry::set('pronto:db:main', $db); } else { foreach ($DATABASES as $key => $dbcfg) { $db =& Factory::db($dbcfg); Registry::set('pronto:db:' . $key, $db); } unset($key, $dbcfg); } } start_session($_GET['sessidpass']); /* TinyBrowser 1.41 - A TinyMCE file browser (C) 2008 Bryn Jones (author website - http://www.lunarvis.com) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License
// as well as links to various search forms. // Incorporate some include files: include 'initialize/db.inc.php'; // 'db.inc.php' is included to hide username and password include 'includes/header.inc.php'; // include header include 'includes/footer.inc.php'; // include footer include 'includes/include.inc.php'; // include common functions include 'initialize/ini.inc.php'; // include common variables // -------------------------------------------------------------------- // START A SESSION: // call the 'start_session()' function (from 'include.inc.php') which will also read out available session variables: start_session(true); // -------------------------------------------------------------------- // Initialize preferred display language: // (note that 'locales.inc.php' has to be included *after* the call to the 'start_session()' function) include 'includes/locales.inc.php'; // include the locales // -------------------------------------------------------------------- // If there's no stored message available: if (!isset($_SESSION['HeaderString'])) { $HeaderString = $loc["Default Welcome Message"]; } else { $HeaderString = $_SESSION['HeaderString']; // extract 'HeaderString' session variable (only necessary if register globals is OFF!) // Note: though we clear the session variable, the current message is still available to this script via '$HeaderString': deleteSessionVariable("HeaderString"); // function 'deleteSessionVariable()' is defined in 'include.inc.php'
<?php include '../include/webzone.php'; $login = $_POST['login']; $password = $_POST['password']; if ($login == '' || $password == '') { $display .= '<div class="alert fade in alert-error"><button type="button" class="close" data-dismiss="alert">×</button><strong>'; $display .= 'Missing login and/or password'; $display .= '</strong></div>'; $d['display'] = $display; $d['code'] = 0; echo json_encode($d); } else { if ($login == $GLOBALS['admin_username'] and $password == $GLOBALS['admin_password']) { start_session(array('user_id' => '99999', 'login' => $login)); $d['code'] = 1; //success echo json_encode($d); } else { $display .= '<div class="alert fade in alert-error"><button type="button" class="close" data-dismiss="alert">×</button><strong>'; $display .= 'The user and/or password are incorrect'; $display .= '</strong></div>'; $d['display'] = $display; $d['code'] = 0; echo json_encode($d); } }
function POST_login__openid() { if (USER_USE_OPENID !== true) { $this->redirect(url('User', 'login')); return; } if (isset($_SESSION['openid']['validated'])) { if ($_SESSION['openid']['validated']) { $err = $this->models->user->authenticate_openid($_SESSION['openid']['identity']); if ($err === false) { // no user exists yet, but we have a positive openid auth, // so let's create a new account... $_SESSION['newuser_data'] = array(); if (is_array($_SESSION['openid']['sreg'])) { $_SESSION['openid_identity'] = $_SESSION['openid']['identity']; $_SESSION['openid_user_data'] = $_SESSION['openid']['sreg']; $this->redirect(url('User', 'signup')); return; } } } else { $err = $_SESSION['openid']['error']; } unset($_SESSION['openid']); if ($err !== true) { $this->tset('error', $err); $this->GET_login(); } else { $return_url = $this->param('return_url', '/'); $this->redirect(url($return_url)); } } else { if ($this->param('openid_url')) { define('OPENID_NOKEYMANAGER', 1); define('OPENID_SREG_REQUEST', 'nickname,email,fullname,dob,gender,postcode,country,language,timezone'); start_session(); require_once dirname(__FILE__) . '/../extlib/openid/processor.php'; } } }
$row = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["username"])) { echo "Please input a username"; die; } else { if (empty($_POST["password"])) { echo "Please input a password"; die; } else { $username = clean_input($_POST["username"]); $password = clean_input(md5($_POST["password"])); $query = mysqli_query($database_connection, "SELECT * FROM userstable WHERE `username` = '{$username}' AND `password` = '{$password}' "); $row = mysqli_fetch_array($query); if ($row) { start_session($row); echo "<br><br>", $_SESSION['LOGGED_IN']; header("Location: /website/"); } else { echo 'LOGIN UNSUCCESSFUL'; } } } } function clean_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); $data = mysql_real_escape_string($data); return $data;
function application_add_company() { global $wpdb; if (function_exists('start_session')) { start_session(); } $_SESSION['wp_page'] = 'my-companies'; // Create for empty post data if (!isset($_REQUEST['submit']) && !isset($_REQUEST['name']) && empty($_REQUEST['name']) && !isset($_REQUEST['firstname']) && empty($_REQUEST['firstname']) && !isset($_REQUEST['lastname']) && empty($_REQUEST['lastname']) && !isset($_REQUEST['email']) && empty($_REQUEST['email']) && !isset($_REQUEST['phone']) && empty($_REQUEST['phone']) && !isset($_REQUEST['preferredcontactmethodcode']) && empty($_REQUEST['preferredcontactmethodcode']) && !isset($_REQUEST['address']) && empty($_REQUEST['address']) && !isset($_REQUEST['city']) && empty($_REQUEST['city']) && !isset($_REQUEST['zipcode']) && empty($_REQUEST['zipcode']) && !isset($_REQUEST['state']) && empty($_REQUEST['state']) && !isset($_REQUEST['country']) && empty($_REQUEST['country'])) { if (isset($_SERVER["HTTP_REFERER"]) && !empty($_SERVER["HTTP_REFERER"])) { $_SESSION['wp_errors']['company_invalid_post_data'] = __("Mandatory field(s) are required.."); wp_redirect($_SERVER["HTTP_REFERER"]); } else { // This case is occur when internet is disconnect and user direct hit the url $_SESSION['wp_errors']['company_invalid_post_data'] = __("Something went wrong.Please try again later."); wp_redirect(get_permalink(get_page_by_path('listings')) . '?page=my-companies&type=all'); } } // Check for unique company name $company_sql = 'SELECT id FROM ' . $wpdb->prefix . 'company where name="' . $_POST['name'] . '"'; if ($_POST['id'] != 0) { $company_sql .= ' AND id != ' . $_POST['id']; } //echo $company_sql; $company_result = $wpdb->get_results($company_sql); $company_count = $wpdb->num_rows; /* if ($company_count > 0) { set_site_message('my-companies', 'error', "Company Already exists"); //$_SESSION['wp_errors']['company_exists'] = __("Company Already exists "); wp_redirect($_SERVER["HTTP_REFERER"]); exit; } */ $roles = get_user_meta(get_current_user_id(), 'wp_capabilities'); if (!empty($roles) && isset($roles[0]) && array_key_exists('staff', $roles[0])) { $isstaff = true; } //if ($wpdb->num_rows == 0) { if ($_POST['id'] == 0) { if (email_exists($_REQUEST['email'])) { set_site_message('my-companies', 'error', "Email already exists please enter another email"); wp_redirect(get_permalink(get_page_by_path('listings')) . '?page=my-companies&type=all'); } $company_type = isset($_POST['company_type']) ? $_POST['company_type'] : "Company"; $table = $wpdb->prefix . "company"; $data = array('name' => $_POST['name'], 'email' => $_POST['email'], 'created_by' => get_current_user_id(), 'phone' => $_POST['phone'], 'created_on' => date('Y-m-d H:m:s'), 'address' => $_POST['address'], 'fax' => $_POST['fax'], 'country' => $_POST['country'], 'state' => $_POST['state'], 'city' => $_POST['city'], 'zipcode' => $_POST['zipcode'], 'website_url' => $_POST['website_url'], 'status' => "New_company", 'type' => $company_type); //print_r($data);die; $wpdb->insert($table, $data); $company_id = $wpdb->insert_id; /* create new contact associated with new inserted company */ $random_password = wp_generate_password($length = 12, $include_standard_special_chars = false); /* 0846 - 08/06/15 - in place of user_name in below function we take user_email because we change the functionality to take user_name as user_email */ $user_id = wp_create_user($_REQUEST['email'], $random_password, $_REQUEST['email']); $user = get_user_by('id', $user_id); /* assign role agent if company is agency */ if ($isstaff) { if ($company_type == 'Agency') { $agent_array = get_role("Agent"); if (empty($agent_array)) { add_role('agent', 'Agent', array('read' => true, 'application-form' => true)); $user = new WP_User($user_id); $user->add_cap('Agent'); } else { $user = new WP_User($user_id); $user->add_cap('Agent'); } } else { $user = new WP_User($user_id); $user->remove_cap('Agent'); } } $wpdb->query("update " . $wpdb->prefix . "users set display_name = '" . $_POST['firstname'] . " " . $_POST['lastname'] . "', first_name = '" . $_POST['firstname'] . "',last_name='" . $_POST['lastname'] . "',salutaions='" . $_POST['salutaions'] . "',preferred_form='" . $_POST['preferredcontactmethodcode'] . "', phone = '" . $_POST['phone'] . "', country=" . $_POST['country'] . ",state=" . $_POST['state'] . ",city='" . $_POST['city'] . "', address = '" . $_POST['address'] . "', created_by = " . get_current_user_id() . ", created_on = '" . date("Y-m-d H:m:s") . "', company_id = '" . $company_id . "' where ID=" . $user_id); $sql = 'SELECT * FROM ' . $wpdb->prefix . 'users where ID=' . get_current_user_id(); $result = $wpdb->get_results($sql); $get_current_user_role_new = get_current_user_role(); if (strtolower($get_current_user_role_new) != 'staff') { $firstname_users = $result[0]->first_name; $lastname_users = $result[0]->last_name; $link_to_comapnies = get_permalink(get_page_by_path('listings')) . '?page=my-companies&type=all'; $bnfw = BNFW::factory(); if ($bnfw->notifier->notification_exists('new-company')) { $notifications = $bnfw->notifier->get_notifications('new-company'); foreach ($notifications as $notification) { $setting = $bnfw->notifier->read_settings($notification->ID); foreach ($setting['users'] as $users_role) { $main_role = strtolower(str_replace('role-', '', $users_role)); $sql = "select `user_email`,`display_name` from " . $wpdb->prefix . "users where `user_type` = '" . $main_role . "'"; $staff_user = $wpdb->get_results($sql); foreach ($staff_user as $staff_user) { $emailstaff = $staff_user->user_email; $username_staff = ucwords($staff_user->display_name); $subjectstaff = str_replace('New Company Added', 'Existing Company Details Updated', $setting['subject']); $date = date('Y-m-d'); $messagestaff = $setting['message']; $messagestaff = str_replace('[firstname]', $firstname_users, $messagestaff); $messagestaff = str_replace('[lastname]', $lastname_users, $messagestaff); $messagestaff = str_replace('[username]', $username_staff, $messagestaff); $messagestaff = str_replace('[date]', $date, $messagestaff); $messagestaff = str_replace('[companyname]', $_POST['name'], $messagestaff); $messagestaff = str_replace('[linkToCompany]', $link_to_comapnies, $messagestaff); $subjectstaff = str_replace('[firstname]', $firstname_users, $subjectstaff); $subjectstaff = str_replace('[lastname]', $lastname_users, $subjectstaff); wp_mail($emailstaff, $subjectstaff, wpautop($messagestaff)); } } } } } if ($isstaff) { try { staff_company_approve($company_id, false); // approve company } catch (Exception $e) { $_SESSION['company_error_msg'] = "CRM Approve ERROR: " . $e->getMessage(); wp_redirect($_SERVER["HTTP_REFERER"]); exit; } } /* approve user at the time of company creation */ if ($isstaff) { try { approve_user_by_staff($user_id, false); // approve user } catch (Exception $e) { $_SESSION['user_error_msg'] = "CRM Approve ERROR: " . $e->getMessage(); wp_redirect($_SERVER["HTTP_REFERER"]); exit; } } if (isset($_POST['redirect_url']) && !empty($_POST['redirect_url'])) { set_site_message('my-companies', 'success', "Company Added Successfully"); //$_SESSION['wp_notices']['company_added'] = __("Company Added Successfully"); wp_redirect($_POST['redirect_url']); } else { set_site_message('my-companies', 'success', "Company Added Successfully"); // $_SESSION['wp_notices']['company_added'] = __("Company Added Successfully"); wp_redirect(admin_url() . 'admin.php?page=' . $_GET['page']); } } else { $status = "Modified"; $company_result = $wpdb->get_results("SELECT status, crm_id FROM " . $wpdb->prefix . "company where " . $wpdb->prefix . "company.id = " . $_POST['id']); $users = $wpdb->get_results("SELECT ID FROM " . $wpdb->prefix . "users where company_id = " . $_POST['id']); //Do not update company status until it is approved if (!empty($company_result) && $company_result[0]->crm_id == '') { $status = $company_result[0]->status; } if (!empty($users)) { $user_id = $users[0]->ID; } $company_type = isset($_POST['company_type']) ? $_POST['company_type'] : "Company"; $update_item_sql = 'SELECT ' . $wpdb->prefix . 'users.salutaions,' . $wpdb->prefix . 'users.first_name as firstname,' . $wpdb->prefix . 'users.last_name as lastname,' . $wpdb->prefix . 'company.email,' . $wpdb->prefix . 'company.phone,' . $wpdb->prefix . 'company.fax,' . $wpdb->prefix . 'company.name,' . $wpdb->prefix . 'company.address,' . $wpdb->prefix . 'company.preferredcontactmethodcode,' . $wpdb->prefix . 'company.city,' . $wpdb->prefix . 'company.zipcode,' . $wpdb->prefix . 'company.state,' . $wpdb->prefix . 'company.country,' . $wpdb->prefix . 'company.website_url FROM ' . $wpdb->prefix . 'company JOIN ' . $wpdb->prefix . 'users on ' . $wpdb->prefix . 'users.company_id=' . $wpdb->prefix . 'company.id where ' . $wpdb->prefix . 'company.id=' . $_POST['id'] . ' AND ' . $wpdb->prefix . 'users.ID=' . $_POST['user_id']; $update_item_result = $wpdb->get_results($update_item_sql); $_POST['preferredcontactmethodcode'] = isset($_POST['preferredcontactmethodcode']) ? $_POST['preferredcontactmethodcode'] : 'Email'; $post_array = array_slice($_POST, 0, 8, true) + array("preferredcontactmethodcode" => $_POST['preferredcontactmethodcode']) + array_slice($_POST, 3, count($_POST) - 3, true); $update_array = json_decode(json_encode($update_item_result), true); $diff_array = array_diff($_POST, $update_array[0]); $updated_string = ''; foreach ($diff_array as $key => $value) { if (isset($update_array[0][$key]) && isset($diff_array[$key])) { switch ($key) { case 'firstname': $label = 'First Name'; break; case 'lastname': $label = 'Last Name'; break; case 'preferredcontactmethodcode': $label = 'Preferred Contact Method'; break; case 'name': $label = 'Company Name'; break; default: $label = $key; } $updated_string .= ucfirst(str_replace("_", ' ', $label)) . " from '" . $update_array[0][$key] . "' to '" . $diff_array[$key] . "'<br/>"; } } //Add updated data in logger $json_data = json_encode($diff_array); $log_data = array(); //Declare array to stored log data $log_data['ref_type'] = "company"; $log_data['ref_id'] = $_POST['id']; $log_data['title'] = "Company Updated"; $log_data['description'] = "Company Updated From Portal"; $log_data['content'] = $json_data; //Used to log activity IB_Logging::ib_log_activity($log_data); $wpdb->update($wpdb->prefix . 'company', array('name' => $_POST['name'], 'email' => $_POST['email'], 'address' => $_POST['address'], 'preferredcontactmethodcode' => $_POST['preferredcontactmethodcode'], 'phone' => $_POST['phone'], 'fax' => $_POST['fax'], 'country' => $_POST['country'], 'state' => $_POST['state'], 'city' => $_POST['city'], 'zipcode' => $_POST['zipcode'], 'website_url' => $_POST['website_url'], 'status' => $status, 'modified_by' => get_current_user_id(), 'modified_on' => date('Y-m-d H:m:s'), 'type' => $company_type), array('id' => $_POST['id'])); /* update user details */ $wpdb->update($wpdb->prefix . 'users', array('first_name' => $_POST['firstname'], 'last_name' => $_POST['lastname'], 'phone' => $_POST['phone'], 'preferred_form' => $_POST['preferredcontactmethodcode'], 'modified_by' => get_current_user_id(), 'modified_on' => date('Y-m-d H:m:s'), 'country' => $_POST['country'], 'state' => $_POST['state'], 'city' => $_POST['city'], 'zipcode' => $_POST['zipcode'], 'website_url' => $_POST['website_url']), array('ID' => $_POST['user_id'])); /* update quotation progarm company details*/ $wpdb->update($wpdb->prefix . 'quotation_program', array('companyname' => $_POST['name']), array('company_id' => $_POST['id'])); /* assign role agent if company is agency */ if (isset($isstaff) && $isstaff) { if ($company_type == 'Agency') { $agent_array = get_role("Agent"); if (empty($agent_array)) { add_role('agent', 'Agent', array('read' => true, 'application-form' => true)); $user = new WP_User($user_id); $user->add_cap('Agent'); } else { $user = new WP_User($user_id); $user->add_cap('Agent'); } } else { $user = new WP_User($user_id); $user->remove_cap('Agent'); } } if (isset($isstaff) && $isstaff) { try { $company_sql = 'SELECT crm_id FROM ' . $wpdb->prefix . 'company where id="' . $_POST['id'] . '"'; $company_result = $wpdb->get_results($company_sql); if (!empty($company_result) && !empty($company_result[0]->crm_id)) { staff_company_approve($_POST['id'], true); // approve company } else { staff_company_approve($_POST['id'], false); // approve company } } catch (Exception $e) { $_SESSION['company_error_msg'] = "CRM Approve ERROR: " . $e->getMessage(); wp_redirect($_SERVER["HTTP_REFERER"]); exit; } } $sql = 'SELECT * FROM ' . $wpdb->prefix . 'users where ID=' . get_current_user_id(); $result = $wpdb->get_results($sql); $get_current_user_role_new = get_current_user_role(); if (strtolower($get_current_user_role_new) != 'staff') { $firstname_users = $result[0]->first_name; $lastname_users = $result[0]->last_name; $link_to_comapnies = get_permalink(get_page_by_path('listings')) . '?page=my-companies&type=modified'; $bnfw = BNFW::factory(); if ($bnfw->notifier->notification_exists('existing-company-update')) { $notifications = $bnfw->notifier->get_notifications('existing-company-update'); foreach ($notifications as $notification) { $setting = $bnfw->notifier->read_settings($notification->ID); foreach ($setting['users'] as $users_role) { $main_role = strtolower(str_replace('role-', '', $users_role)); $sql = "select `user_email`,`display_name` from " . $wpdb->prefix . "users where `user_type` = '" . $main_role . "'"; $staff_user = $wpdb->get_results($sql); foreach ($staff_user as $staff_user) { $emailstaff = $staff_user->user_email; $username_staff = ucwords($staff_user->display_name); $subjectstaff = $setting['subject']; $subjectstaff = str_replace("[firstname]", $firstname_users, $subjectstaff); $subjectstaff = str_replace('[lastname]', $lastname_users, $subjectstaff); $date = date('Y-m-d'); $messagestaff = $setting['message']; //$messagestaff = str_replace('[common_header]', $common_header, $messagestaff); $messagestaff = str_replace('[firstname]', $firstname_users, $messagestaff); $messagestaff = str_replace('[lastname]', $lastname_users, $messagestaff); $messagestaff = str_replace('[username]', $username_staff, $messagestaff); $messagestaff = str_replace('[date]', $date, $messagestaff); $messagestaff = str_replace('[companyname]', $_POST['name'], $messagestaff); $messagestaff = str_replace('[linkToCompany]', $link_to_comapnies, $messagestaff); $messagestaff = str_replace("[update_fields]", $updated_string, $messagestaff); $subjectstaff = str_replace('[firstname]', $firstname_users, $subjectstaff); $subjectstaff = str_replace('[lastname]', $lastname_users, $subjectstaff); if ($updated_string != '') { wp_mail($emailstaff, $subjectstaff, wpautop($messagestaff)); } } } } } } if (isset($_POST['redirect_url']) && !empty($_POST['redirect_url'])) { set_site_message('my-companies', 'success', "Company Details Updated Successfully"); // $_SESSION['wp_notices']['company_updated'] = __("Company Updated Successfully"); wp_redirect($_POST['redirect_url']); } else { set_site_message('my-companies', 'success', "Company Details Updated Successfully"); //$_SESSION['wp_notices']['company_updated'] = __("Company Updated Successfully"); wp_redirect(admin_url() . 'admin.php?page=' . $_GET['page']); } } //} }
// a link to the previous search results page (if any) // Incorporate some include files: include 'initialize/db.inc.php'; // 'db.inc.php' is included to hide username and password include 'includes/header.inc.php'; // include header include 'includes/footer.inc.php'; // include footer include 'includes/include.inc.php'; // include common functions include 'initialize/ini.inc.php'; // include common variables // -------------------------------------------------------------------- // START A SESSION: // call the 'start_session()' function (from 'include.inc.php') which will also read out available session variables: start_session(false); // -------------------------------------------------------------------- // Initialize preferred display language: // (note that 'locales.inc.php' has to be included *after* the call to the 'start_session()' function) include 'includes/locales.inc.php'; // include the locales // -------------------------------------------------------------------- // [ Extract form variables sent through POST/GET by use of the '$_REQUEST' variable ] // [ !! NOTE !!: for details see <http://www.php.net/release_4_2_1.php> & <http://www.php.net/manual/en/language.variables.predefined.php> ] // Check if any error occurred while processing the database UPDATE/INSERT/DELETE $errorNo = $_REQUEST['errorNo']; $errorMsg = $_REQUEST['errorMsg']; $errorMsg = stripSlashesIfMagicQuotes($errorMsg); // function 'stripSlashesIfMagicQuotes()' is defined in 'include.inc.php' // Extract the header message that was returned by originating script: $HeaderString = $_REQUEST['headerMsg'];
} } $cwdir = getcwd(); echo "<h3> Config file written to {$cwdir}/{$config_file_temp}.</h3><br />"; echo "Shall I attempt to copy config file to {$config_file_with_path}?<br />"; echo "This will require openvpn to be restarted..... continue?<br />"; echo "<a class='btn btn-danger' href='config.php?action=restart'>Restart Openvpn</a>"; echo " "; echo "<a class='btn btn-primary' href='index.php'>I will restart manually</a>"; exit; } //End update file... now checking for a restart command.... if (isset($_GET['action']) and $_GET['action'] == "restart") { if (!isset($_SESSION['password'])) { //will start the session if needed, and return to config.php?action=restart start_session('config.php?action=restart'); } $password = stripslashes(trim($_SESSION['password'])); $username = stripslashes(trim($_SESSION['username'])); if ($username == "") { $username = "******"; } $ssh = new Net_SSH2('localhost'); if (!$ssh->login($username, $password)) { exit('Login Failed'); } read_config_file(); $config_file_temp = $config_file; $cwdir = getcwd(); echo "<pre>"; echo $ssh->exec("sudo killall -v openvpn");
<!DOCTYPE html> <?php start_session(600); #session_start(); if (empty($_SESSION['username'])) { header("location:index.php"); } echo "You're logged as " . $_SESSION['username']; echo '<form action=./destroy.php method=get><input type=submit value=logout></form>'; function start_session($expire = 0) { if ($expire == 0) { $expire = ini_get('session.gc_maxlifetime'); } else { ini_set('session.gc_maxlifetime', $expire); } if (empty($_COOKIE['PHPSESSID'])) { session_set_cookie_params($expire); session_start(); } else { session_start(); setcookie('PHPSESSID', session_id(), time() + $expire); } } ?> <html> <head> <title></title> <script type="text/javascript" src="js/jquery-1.7.2.js"></script> <link rel="stylesheet" type="text/css" href="js/tree_themes/SimpleTree.css"/> <script type="text/javascript" src="js/SimpleTree.js"></script>
echo "<br />"; echo "<br />"; echo "<br />"; echo "<br />"; echo "Checking if openvpn is running......<br />"; echo "<br />"; echo "<br />"; echo "<br />"; echo "Printing your config file......<br />"; echo "</div>"; echo "<div class='span5'>"; echo "Checking {$config_dir}" . "easy-rsa/....<br />"; } //Next test... see if openvpn is running if (!isset($_SESSION['password'])) { start_session('install.php'); } $password = stripslashes(trim($_SESSION['password'])); $username = stripslashes(trim($_SESSION['username'])); if ($username == "") { $username = "******"; } $ssh = new Net_SSH2('localhost'); if (!$ssh->login($username, $password)) { exit('Login Failed'); } $openvpn_running = $ssh->exec("ps aux | grep openvpn"); echo str_repeat(' ', 1024 * 64); if (stristr($openvpn_running, $bin_file)) { echo "Running from {$bin_file}<br />"; if ($pki_tool_found == "no") {
<?php /** * Validates POST data from HTML forms * * A subclass to which is passed the form's fields' attributes * can offer more specific validation. */ require_once CORE_DOC_ROOT . 'php/global.php'; start_session(); class Form_Validator { public $valid = false; public $result = null; public function __construct() { $form_data = $this->get_form_data(); if ($form_data === null) { return; } $validation_return = $this->validate_form($form_data); $this->valid = $validation_return[0]; $this->result = $validation_return[1]; } protected function get_form_data() { if ($_POST === null || count($_POST) === 0) { return null; } /* * undo PHP's automatic field-name-to-array grouping
<?php require_once('config.php'); require_once('base_function.php'); # 建立資料庫連線 global $db; $db = new PDO( 'mysql:host='.DB_HOST.';dbname='.DB_NAME.';', DB_USERNAME, DB_PASSWORD, array( PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'" )); start_session(3600);