Exemplo n.º 1
0
 /**
  * sets the proper elements from $data into the fields on this instance of the model
  *
  *@access    public
  *@param     array   $data   the array of data to set
  *@param     bool    $insert Is this an insert or an update?
  *@param         string  $auth_mod       The authmod this person should be updated for.
  */
 public function set_data($data, $insert = 0, $auth_mod = NULL)
 {
     if ($auth_mod == NULL) {
         $auth_mod = self::$config->auth_class;
     }
     if ($insert === TRUE) {
         return $this->insert($data);
     } else {
         $where_tmp = new WhereClause('uid', $data['id']);
         $this->where_clause($where_tmp);
         API::DEBUG("[Prefs::set_data()] data is " . print_r($data, true), 8);
         $this->update($data);
         API::Message("User Authentication Information Saved!");
         if (isset($do_redirect)) {
             API::Redirect($do_redirect);
         }
         return NULL;
     }
 }
Exemplo n.º 2
0
 public function logoutAction()
 {
     session_destroy();
     API::Redirect("/");
 }
Exemplo n.º 3
0
 /**
  * sets the proper elements from $data into the fields on this instance of the model
  *
  *@access    public
  *@param     array   $data   the array of data to set
  *@param     bool    $insert Is this an insert or an update?
  *@param		string	$auth_mod	The authmod this person should be updated for.
  */
 public function set_data($data, $insert = 0, $auth_mod = NULL)
 {
     if ($auth_mod == NULL) {
         $auth_mod = self::$config->auth_class;
     }
     if (isset($data['set_perms'])) {
         if (!self::$CertisInst->Perms->checkPerm($this->authed_user, 'perms_admin')) {
             error_log("[Prefs::check_input()] Security Violation (perms_admin) ERR_SEC.  ");
             // effectively log off the user
             $_SESSION['authed_user'] = NULL;
             $this->authed_user = NULL;
             // set display messages to the user.
             $_SESSION['errors'] = $errors;
             // redirect them to the home page.
             API::Redirect("/");
         }
         $perms = 0;
         if (isset($data['perms'])) {
             foreach ($data['perms'] as $perm) {
                 if ($perm == -1) {
                     $perms = -1;
                     continue;
                 }
                 $perms = $perms | 1 << $perm;
             }
         }
         $data['perms'] = $perms;
         unset($data['set_perms']);
         $do_redirect = API::printUrl("perms", "display", NULL, "uid=" . $data['uid']);
     }
     if ($insert === TRUE) {
         return $this->insert($data);
     } else {
         $where_tmp = new WhereClause('uid', $data['uid']);
         $where_tmp->w_and('auth_mod', $auth_mod);
         $this->where_clause($where_tmp);
         API::DEBUG("[Prefs::set_data()] data is " . print_r($data, true), 8);
         $this->update($data);
         API::Message("User Information Saved!");
         if (isset($do_redirect)) {
             API::Redirect($do_redirect);
         }
         return NULL;
     }
 }
 /**
  * default action processing new requests passed in from the display action.  Does
  * not use a template. Uses the 'set_data' function on the model object of the implementing
  * class to do data verification.
  *
  * @return none
  */
 public function newAction()
 {
     # process the new entry form.
     # check the post data and filter it.
     if (isset($_POST['cancel'])) {
         API::Redirect(API::printUrl($this->_redirect));
     }
     $input_check = $this->_model->check_input($_POST);
     if (is_array($input_check)) {
         API::Error($input_check);
         // redirect to index and displayed an error there.
         API::redirect(API::printUrl($this->_redirect));
     }
     // all hooks will stack their errors onto the API::Error stack
     // but WILL NOT redirect.
     API::callHooks(self::$module, 'validate', 'controller', $_POST);
     if (API::hasErrors()) {
         API::redirect(API::printUrl($this->_redirect));
     }
     // set the id into the post var for any hooks.
     $_POST['id'] = $this->_model->set_data($_POST, TRUE);
     // auto call the hooks for this module/action
     API::callHooks(self::$module, 'save', 'controller', $_POST);
     if (isset($this->params['redir'])) {
         API::Redirect($this->params['redir']);
     }
     API::redirect(API::printUrl($this->_redirect));
 }
Exemplo n.º 5
0
        $CertisInst->action = 'error';
        API::Error('FATAL ERROR: Unable to find Authentication Class');
    }
}
API::DEBUG("[__SYSTEM__] index.php: authentication check done.");
$controller = null;
if (!empty($CertisInst->module)) {
    if (preg_match("/\\.\\./", $CertisInst->module)) {
        error_log("[index.php] FATAL ERROR! SOMEONE TRIED TO ESCAPE! " . $CertisInst->module);
        print "UNAUTHORIZED!!!!!!";
        exit(1);
    }
    // first check to see if the module exists.
    if (!file_exists(_SYSTEM_ . "/modules/" . $CertisInst->module)) {
        error_log("[index.php] Unable to find requested module: " . $CertisInst->module);
        API::Redirect("/");
    }
    // use this module's controller
    // to create a new instance of it's controller to work with for
    // this request.
    $classname = ucfirst($CertisInst->module) . "Controller";
} else {
    // if no module is specified, pull in the main system controller and
    // set it to be the new intantiated class
    $classname = "MainController";
    if ($CertisInst->action == 'error') {
        // unset the leftNav var so no nav links are displayed
        unset($GLOBALS['leftNav']);
    }
}
// now we know what controller to bring in.