public static function load() { $msg_ajax = "Vous n'êtes pas autorisé(e) à accéder à cette application , redirection vers acceuil.... \\AJAX"; $msg_app = "Vous n'êtes pas autorisé(e) à accéder à cette application , redirection vers acceuil.... \\APP"; $msg_file = "Vous n'êtes pas autorisé(e) à accéder à cette application , redirection vers acceuil.... \\FILE"; $msg_perm = "Vous n'êtes pas autorisé(e) à accéder à cette application , redirection vers acceuil.... \\PERMISSION_USER"; $msg_sess = "Vous n'êtes pas autorisé(e) à accéder à cette application , redirection vers acceuil.... \\SESSION_USER"; //Check if is Ajax request if (empty($_SERVER['HTTP_X_REQUESTED_WITH']) && MReq::tg('_tsk') !== 'shopdf') { exit('no way !!!'); } if (defined('GOTO_INSTALL')) { $app_target = MPATH_MODULES . 'install' . SLASH . 'controller/install_c.php'; require_once $app_target; } else { global $db; Cookie::auto_lastexec('time'); Cookie::auto_logout('time', 600); //Cookie::session_autoclosed(); //Start check APP if (MReq::tg('_tsk') == '0') { exit("3#{$msg_app}"); } $app_id = MReq::tg('_tsk'); if (!$db->Query("SELECT * FROM task where app='" . $app_id . "' ")) { $db->Kill($db->Error()); } if ($db->RowCount() == 0) { exit("3#{$msg_app}"); } $array = $db->RowArray(); $appc_idc = $array['id']; $needsession = $array['session']; $app_rep = $array['rep']; $app_file = $array['file']; $app_target = MPATH_MODULES . $app_rep . SLASH . 'controller/' . $app_file . '_c.php'; //Check if is good appli not need session $good_app = $db->QuerySingleValue0("select modul from task where id = {$appc_idc}"); if ($needsession == 1 && !isset($_SESSION['userid'])) { exit("3#{$msg_sess}"); } if ($good_app == "0") { $sql = "SELECT * FROM permission_users where perm=1 and appid=" . $appc_idc . " and userid=" . $_SESSION['userid']; if (!$db->Query($sql)) { $db->Kill($db->Error()); } if ($db->RowCount() <= 0) { exit("3#{$msg_perm} select modul from task where id = {$appc_idc} "); } } if (!file_exists($app_target)) { exit("3#{$msg_file} {$app_target}"); } define('ACTIV_APP', $array['dscrip']); define('MODUL_APP', $array['modul']); define('APP_ID', $array['id']); require_once $app_target; } }
public static function load() { //Define Theme depend to session define('THEME_PATH', MPATH_THEMES . Mcfg::get('theme')); //exit(THEME_PATH); $ajax = MReq::tg('ajax') == 1 ? 1 : 0; if ($ajax == 1) { //Excute app on ajax ajax::load(); } else { //Excute app on theme $theme_path = THEME_PATH; $theme = session::get('userid') == FALSE ? $theme_path . '/mainns.php' : $theme_path . '/main.php'; include $theme; } }
public function load() { //exit($this->default_app); //Do ALL check if error = false exit log if ($this->error == true) { $this->Check_exist_tsk(); } if ($this->error == true) { $this->Check_exist_app(); } if ($this->error == true) { $this->Check_is_ajax_request(); } if ($this->error == true) { $this->Check_session_template(); } if ($this->error == true) { $this->Check_user_active(); } if ($this->error == true) { $this->Check_need_session(); } if ($this->error == true) { $this->Check_user_permission(); } if ($this->error == true) { $this->last_active(); } if ($this->error == false) { if ($this->is_appli == true) { echo '<div class="space-16"></div><div class="space-16"></div><div class="alert alert-block alert-danger"><i class="ace-icon fa fa-exclamation-circle red fa-2x icon-animated-vertical"></i> <strong class="red"> STOP: </strong>' . $this->msg_ajax . $this->log . '<br><a href="./" class="btn btn-danger btn-sm"><i class="ace-icon fa fa-reply icon-only"> Accueil</i></a></div>'; } else { exit($this->msg_ajax . $this->log); } } else { //sleep(5); if (MReq::tp('act') == 1) { $target = MPATH_MODULES . $this->app_array['rep'] . SLASH . 'controller/action' . $this->app_array['file'] . '_c.php'; } elseif (MReq::tp('lst') == 1) { $target = MPATH_MODULES . $this->app_array['rep'] . SLASH . 'controller/list' . $this->app_array['file'] . '_c.php'; } else { $target = MPATH_MODULES . $this->app_array['rep'] . SLASH . 'controller/' . $this->app_array['file'] . '_c.php'; } if (!file_exists($target)) { exit($this->msg_ajax . '//FILE' . $target); } else { define('ACTIV_APP', $this->app_array['dscrip']); define('MODUL_APP', $this->app_array['modul']); define('APP_TARGET', MPATH_MODULES . $this->app_array['rep'] . SLASH . 'controller/'); define('APP_ID', $this->app_array['id']); //Append tree top menu only for no appli App if ($this->is_appli == false && MReq::tp('cor') == 1) { $output = '<li><i class="ace-icon fa fa-home home-icon"></i><a href="#" left_menu="1" class="tip-right this_url" rel="dbd" title="Tableau de bord">Accueil</a></li>'; $output .= '<li><a href="#" left_menu="1" class="tip-right this_url" rel="' . $this->app_array['app_modul'] . '" title="' . $this->app_array['modul'] . '">' . $this->app_array['modul'] . '</a></li>'; $output .= '<li class="active">' . $this->app_array['dscrip'] . '</li>'; $output .= '#||#'; //Separator data print $output; } require_once $target; //var_dump($_SESSION); } } }
} if ($posted_data['token'] == NULL || strlen($posted_data['token']) != 32) { $empty_list .= "<li>Le token est Invalide</li>"; $checker = 1; } $empty_list .= "</ul>"; if ($checker == 1) { exit("0#{$empty_list}"); } //End check empty element $new_recovery = new Musers($posted_data); $new_recovery->token = $posted_data['token']; //execute Login returne false if error if ($new_recovery->recovery_pass()) { echo "1#" . $new_recovery->log; } else { echo "0#" . $new_recovery->log; } } else { if (MReq::tg('token') != "0") { $token = MReq::tg('token'); $check_token = new Musers(); $check_token->token = $token; if (!$check_token->check_recovery_token()) { exit($check_token->log); } } else { exit(MInit::msgbox('error_recovery')); } view::load('login', 'recovery'); }
$output = "<div class=\"alert {$class} \"><button type=\"button\" class=\"close\" data-dismiss=\"alert\"><i class=\"icon-remove\"></i></button><strong><i class=\"icon-remove\"></i>Erreur! </strong>{$message}</div>"; exit("2# {$output}"); } //Check user signature if (!login_check_user_sign(MReq::tp('user'), MReq::tp('pass'))) { $message = "Votre signature n'est pas enregistrée </br> Contactez l'administrateur"; $class = "alert-error"; $output = "<div class=\"alert {$class} \"><button type=\"button\" class=\"close\" data-dismiss=\"alert\"><i class=\"icon-remove\"></i></button><strong><i class=\"icon-remove\"></i>Erreur! </strong>{$message}</div>"; exit("3# {$output}"); } //Password ok and validat login if (!login_check_user_pass(MReq::tp('user'), MReq::tp('pass'), MReq::tp('token'))) { global $db; $message = "Le mot de passe est incorrect </br> Contactez l'administrateur"; $class = "alert-error"; $output = "<div class=\"alert {$class} \"><button type=\"button\" class=\"close\" data-dismiss=\"alert\"><i class=\"icon-remove\"></i></button><strong><i class=\"icon-remove\"></i>Erreur! </strong>{$message}</div>"; exit("4# {$output}"); //wrong Pass } else { $user = MReq::tp('user'); $username = $db->QuerySingleValue0("SELECT CONCAT(lnom,' ',fnom) FROM users_sys where nom='{$user}'"); $message = "Bienvenue <strong>{$username} </strong></br> Vous serez rédiriger dans qulques instants"; $class = "alert-success"; $output = "<div class=\"alert {$class} \"><button type=\"button\" class=\"close\" data-dismiss=\"alert\"><i class=\"icon-remove\"></i></button><strong><i class=\"icon-remove\"></i> OK ! </strong><br>{$message}</div>"; exit("5# {$output}"); //All is ok } } else { //exit(MReq::tp('check').MReq::tp('user').MReq::tp('pass')); view::load('login', 'login'); }
<?php if (MInit::form_verif(false)) { $add_rule = new Musers(); $add_rule->last_id = MReq::tp('userid'); $add_rule->clear_user_rules(); //Clear all rule for this user for ($i = 0, $c = count(MReq::tp('action_id')); $i < $c; $i++) { $the_i = MReq::tp('action_id')[$i]; $posted_data = array('action_id' => MReq::tp('action_id')[$i], 'app_name' => MReq::tp('app_name' . $the_i), 'app_id' => MReq::tp('app_id' . $the_i), 'type' => MReq::tp('type' . $the_i), 'userid' => MReq::tp('userid')); $add_rule->app_action = $posted_data; $add_rule->add_user_rules(); //var_dump($add_rule->_data); } //execute Insert returne false if error if ($add_rule->error = true) { echo "1#Enregistrement réussie"; //if we leave Muser->log show line for each rule } else { echo "0#" . $add_rule->log; } } else { view::load('users', 'rules'); }
<?php global $db; //Home Link $output = '<li><i class="ace-icon fa fa-home home-icon"></i><a href="./">Accueil</a></li>'; //get info from task table if (!$db->Query("SELECT modul,dscrip FROM task\n where app='" . MReq::tp('app') . "' ")) { $db->Kill($db->Error()); } if ($db->RowCount() > 0) { $array = $db->RowArray(); $output .= '<li class="active">' . $array['modul'] . '</li>'; $output .= '<li class="active">' . $array['dscrip'] . '</li>'; } //Print Tree Application echo $output;
<div id="login-box" class="login-box visible widget-box no-border"> <div class="widget-body"> <div class="widget-main"> <h4 class="header blue lighter bigger"> <i class="fa fa-lock green"></i> Réinitialisation du Mot de Passe </h4> <div class="space-6"></div> <form novalidate="novalidate" id="recovery" action="#" method="post" /> <fieldset> <input name="verif" type="hidden" value="1" /> <input name="token" type="hidden" value="<?php echo MReq::tg('token'); ?> " /> <div class="form-group"> <label class="block clearfix"> <span class="block input-icon input-icon-right"> <input type="password" id="pass" name="pass" class="form-control" placeholder="Mot de passe" /> <i class="ace-icon fa fa-lock"></i> </span> </label> </div> <div class="form-group"> <label class="block clearfix "> <span class="block input-icon input-icon-right">
$class = ""; $output = ""; global $db; model::load('login', 'login'); //check user exist if (!check_email(MReq::tp('email'))) { $message = "Cette Adresse (" . MReq::tp('email') . ") E-mail n'exist pas"; $class = "alert-error"; $output = $message; exit("3# {$output}"); } // Check Captcha Code if (!check_captcha(MReq::tp('captcha'))) { $message = "Le code anti-robots est incorrect"; $class = "alert-error"; $output = $message; exit("2# {$output}"); } //All is OK send email if (!forgot(MReq::tp('email'), MReq::tp('captcha'))) { $message = "Erreur Système"; $class = "alert-error"; $output = $message; exit("4# {$output}"); } else { $message = "Un message de récupération est envoyé dans votre boite"; $class = "alert-success"; $output = "<div class=\"alert {$class} \"><button type=\"button\" class=\"close\" data-dismiss=\"alert\"><i class=\"icon-remove\"></i></button><strong><i class=\"icon-remove\"></i> OK ! </strong><br>{$message}</div>"; exit("5# {$output}"); } }
} } else { exit(MInit::msgbox('error_recovery')); } //End Check Valid link //Reset Password if (MReq::tp('check') == 1) { //check token in post if (!Mpswrecovery::check_token($token)) { $message = "Vous avez tentez de changer le mot de passe utilison un token non valide !"; $class = "alert-error"; $output = "{$message}"; exit("1# {$output}"); } //check passwords confirmed if (MReq::tp('psw1') != MReq::tp('psw2')) { $message = "Les mots de passe ne sont pas compatible !"; $class = "alert-error"; $output = "{$message}"; exit("1# {$output}"); } $posted_data = array('token' => Mreq::tp('token'), 'pass' => Mreq::tp('psw1')); $new_pass = new Mpswrecovery($posted_data); if ($new_pass->reset_passwors()) { exit('5#Votre mot de passe est bien changé redirection vers page de connexion.'); } else { } } else { view::load('login', 'recovery'); } //End Reset Password
$array = array('host' => MReq::tp('host'), 'pass' => MReq::tp('passwords'), 'database' => MReq::tp('db'), 'user' => MReq::tp('compte')); $test = MCfg::setarray($array); $db_host = MReq::tp('host'); // server name $db_user = MReq::tp('compte'); // user name $db_pass = MReq::tp('passwords'); // password $db_dbname = MReq::tp('db'); $db = new MySQL(true, $db_dbname, $db_host, $db_user, $db_pass); $values["nom"] = MySQL::SQLValue(MReq::tp('username')); $values["mail"] = MySQL::SQLValue(MReq::tp('email')); $values["pass"] = MySQL::SQLValue(md5(MReq::tp('password'))); $values["servic"] = MySQL::SQLValue('1'); $values["fnom"] = MySQL::SQLValue(MReq::tp('firstname')); $values["lnom"] = MySQL::SQLValue(MReq::tp('lastname')); $values["tel"] = MySQL::SQLValue(012222222); $values["active"] = MySQL::SQLValue(1); $values["defapp"] = MySQL::SQLValue(3); $values["agence"] = MySQL::SQLValue(2); $values["signature"] = MySQL::SQLValue(""); // Execute the insert $result = $db->InsertRow("users_sys", $values); if (!$result) { $db->Kill($db->Error()); } exit('5# dakchi daz mziane'); //model::load('user','user'); //adduser(MReq::tp('username'),MReq::tp('firstname'),MReq::tp('lastname'),MReq::tp('password'),MReq::tp('email'),' ',' ',' ',' ',' '); // } else {