public function validatePasswordResetRequest($email, $token)
{
Auth::restrictAccess('anonymous');
$passwordResets = new PasswordResets();
// This needs to go into base functions and return some kind of json message
if (!v::email()->validate($email)) {
return 'email dont comply';
}
if (!v::xdigit()->length(32, 32)->validate($token)) {
return 'token dont comply';
}
$passwordReset = $passwordResets->show($email);
// Not going to reveal whether the user account was found...
if (empty($passwordReset['token']) || empty($passwordReset['created'])) {
echo 'password reset request not found. forward. please submit a password reset request first';
die;
}
$created = strtotime($passwordReset['created']);
$now = strtotime(date('Y-m-d H:i:s'));
$diff = round(($now - $created) / 60, 2);
if (intval($diff) > 60) {
echo 'password reset has expired. 60 minutes max. submit another reset request';
die;
}
if (password_verify($token, $passwordReset['token'])) {
// probably shouldnt disclose this. just send json success
echo 'password matches. proceed to reset.';
}
return $passwordReset;
}
/**
* Call the parent construct
*/
public function __construct()
{
parent::__construct();
if (!Auth::isLogged()) {
Url::redirect('login');
}
$this->language->load('groups');
$this->group = new \Models\Group();
}
/**
* Call the parent construct
*/
public function __construct()
{
parent::__construct();
if (!Auth::isLogged()) {
Url::redirect('login');
}
$this->language->load('phonebook');
$this->phonebook = new \Models\Phonebook();
}
public function __construct()
{
parent::__construct();
Auth::block();
$this->albumModel = new Album();
$this->status_model = new Status();
$this->mediaModel = new Media();
$this->categoryModel = new Category();
}
/**
* Call the parent construct
*/
public function __construct()
{
parent::__construct();
if (!Auth::isLogged()) {
Url::redirect('login');
}
$this->language->load('user_types');
$this->user_type = new \Models\UserType();
}
/**
* Call the parent construct
*/
public function __construct()
{
parent::__construct();
if (!Auth::isLogged()) {
Url::redirect('login');
}
$this->language->load('permissions');
$this->permission = new \Models\Permission();
}
/**
* Call the parent construct
*/
public function __construct()
{
parent::__construct();
if (!Auth::isLogged()) {
Url::redirect('login');
}
$this->language->load('organization');
$this->organization = new \Models\Organization();
}
/**
* Call the parent construct
*/
public function __construct()
{
parent::__construct();
if (!Auth::isLogged()) {
Url::redirect('login');
}
$this->language->load('offices');
$this->office = new \Models\Office();
$this->company = new \Models\Company();
}
/**
* Call the parent construct
*/
public function __construct()
{
parent::__construct();
if (!Auth::isLogged()) {
Url::redirect('login');
}
$this->language->load('navigation');
$this->navigation = new \Models\Navigation();
$this->role = new \Models\Role();
}
/**
* Call the parent construct
*/
public function __construct()
{
parent::__construct();
if (!Auth::isLogged()) {
Url::redirect('login');
}
$this->language->load('teams');
$this->team = new \Models\Team();
$this->department = new \Models\Department();
}
/**
* On run make an instance of the config class and view class.
*/
public function __construct()
{
/** initialise the views object */
$this->view = new View();
/** initialise the language object */
$this->language = new Language();
/** initialise the language object */
$this->log = new Log();
Auth::getUserPermissions();
}
/**
* Call the parent construct
*/
public function __construct()
{
parent::__construct();
if (!Auth::isLogged()) {
Url::redirect('login');
}
if (!Auth::hasPermission('manage-companies')) {
Url::redirect('forbidden');
}
$this->language->load('companies');
$this->company = new \Models\Company();
}
/**
* Call the parent construct
*/
public function __construct()
{
parent::__construct();
if (!Auth::isLogged()) {
Url::redirect('login');
}
$this->language->load('users');
$this->user = new \Models\User();
$this->optima = new \Models\Optima();
$this->group = new \Models\Group();
$this->role = new \Models\Role();
$this->permission = new \Models\Permission();
$this->department = new \Models\Department();
$this->team = new \Models\Team();
$this->company = new \Models\Company();
$this->office = new \Models\Office();
$this->user_type = new \Models\UserType();
$this->interface_language = new \Models\Language();
}
public function index()
{
if (!Auth::isLogged()) {
Url::redirect('login');
}
$data['js'] = array(Url::assetPath('js') . 'plugins/forms/selects/select2.min.js', Url::assetPath('js') . 'plugins/forms/validation/validate.min.js', Url::assetPath('js') . 'plugins/notifications/bootbox.min.js', Url::assetPath('js') . 'pages/settings.js');
$settings = $this->setting->getSettings();
if (isset($settings)) {
foreach ($settings as $obj) {
$data[$obj->name] = $obj->value;
}
}
if (isset($_POST['update'])) {
$site_name = $_POST['site_name'];
$site_email = $_POST['site_email'];
$domains = $_POST['domains'];
if ($site_name == '') {
$error[] = $this->language->get('site_name_required');
}
if ($site_email == '') {
$error[] = $this->language->get('site_email_required');
}
if ($domains == '') {
$error[] = $this->language->get('domains_required');
}
if (!$error) {
foreach ($_POST as $key => $value) {
$data2 = array('value' => $value);
$where = array('name' => $key);
$log[$key] = $value;
if (!empty($value) && $data[$key] != $log[$key]) {
$this->setting->updateSettings($data2, $where);
Log::notice('log_settings_edit', json_encode(array($data2, $where)));
}
}
Session::set('success', $this->language->get('msg_settings_edit'));
Url::redirect('settings');
}
}
View::renderTemplate('header', $data);
View::render('settings/index', $data, $error);
View::renderTemplate('footer', $data);
}
public function post($request, $response, $service, $app)
{
Auth::restrictAccess('anonymous');
$app->users = new Users();
$app->passwordResets = new PasswordResets();
$body = json_decode($request->body());
$email = $body->email;
if (!v::email()->validate($email)) {
return 'email dont comply';
}
$user = $app->users->showFromEmail($email);
// Maybe add some limit on request frequency here
if ($user) {
$token = bin2hex(openssl_random_pseudo_bytes(16));
$app->passwordResets->update($user['id'], $token);
echo 'password reset request submitted with email: ' . $email . ' and token: ' . $token;
} else {
// dont disclose that the user wasnt found? or do? do or do not. there is no try
echo 'account not found';
}
}
public function login()
{
Auth::redirect();
if (isset($_POST) && !empty($_POST)) {
$user_model = new User();
$login = $user_model->login($_POST['email'], md5($_POST['password']));
if (!is_bool($login)) {
Session::set('user_id', $login->user_id);
Session::set('user', $login);
switch ($login->role_title) {
case 'admin':
Url::redirect('dashboard');
break;
// case 'business':
// Url::redirect('user');
// break;
// case 'user1':
// Url::redirect('user/dashboard');
// break;
// case 'business':
// Url::redirect('user');
// break;
// case 'user1':
// Url::redirect('user/dashboard');
// break;
default:
# code...
break;
}
} else {
$this->data['error'] = 'Login Fails!';
}
}
$this->data['title'] = 'Sign In';
// View::rendertemplate('header',$this->data);
View::render('account/login', $this->data);
// View::rendertemplate('footer',$this->data);
}
/**
* call the parent construct
*/
public function __construct()
{
Auth::block();
parent::__construct();
}
public function __construct()
{
parent::__construct();
Auth::only('teacher');
}
public function noaccess()
{
if (!Auth::isLogged()) {
Url::redirect('login');
}
header("HTTP/1.0 403 Not Found");
$data['title'] = '403';
View::renderTemplate('header', $data);
View::render('error/403', $data, $error);
View::renderTemplate('footer', $data);
}
public function __construct()
{
parent::__construct();
$this->teacherMember = new \Models\TeacherMember();
Auth::none('teacher');
}
/**
* call the parent construct
*/
public function __construct()
{
Auth::block();
parent::__construct();
// $this->language->load('welcome');
}
/**
* Edit Post
*/
public function edit($id)
{
if (!Auth::isLogged()) {
Url::redirect('login');
}
$data['js'] = array(Url::assetPath('js') . 'plugins/forms/selects/select2.min.js', Url::assetPath('js') . 'plugins/forms/validation/validate.min.js', Url::assetPath('js') . 'plugins/editors/summernote/summernote.min.js', Url::assetPath('js') . 'plugins/pickers/bootstrap-datetimepicker.min.js', Url::assetPath('js') . 'plugins/forms/styling/uniform.min.js', Url::assetPath('js') . 'plugins/notifications/bootbox.min.js', Url::assetPath('js') . 'pages/blog_add.js');
$data['categories'] = $this->blog->getCategories();
$data['statuses'] = (object) array(0 => (object) array('id' => '0', 'name' => $this->language->get('draft')), 1 => (object) array('id' => '1', 'name' => $this->language->get('publish')));
$data['post'] = $this->blog->getPost($id);
if (isset($_POST['update'])) {
$title = $_POST['title'];
$status = $_POST['status'];
$content = $_POST['content'];
$category_id = $_POST['category'];
$user_id = $_SESSION['id'];
$schedule = isset($_POST['schedule']) ? '1' : '0';
if ($status == '1' && $schedule == '1') {
if (isset($_POST['published_at'])) {
$published_at = Date::convertLocalDateTimeToSQL($_POST['published_at'], $_SESSION['dateformat'] . ' ' . $_SESSION['timeformat']);
} else {
$published_at = '';
}
} elseif ($status == '1' && $schedule == '0') {
$published_at = Date::convertLocalDateTimeToSQL($_POST['published_at'], $_SESSION['dateformat'] . ' ' . $_SESSION['timeformat']);
} else {
$published_at = '';
$schedule = '0';
}
if ($title == '') {
$error[] = $this->language->get('title_required');
}
if ($status == '') {
$error[] = $this->language->get('status_required');
}
if ($category_id == '') {
$error[] = $this->language->get('category_required');
}
if (!$error) {
$data = array('title' => $title, 'content' => $content, 'status' => $status, 'category_id' => $category_id, 'user_id' => $user_id, 'schedule' => $schedule, 'published_at' => $published_at != '' ? $published_at : NULL);
$where = array('id' => $id);
$data_log = array('id' => $id, 'title' => $title, 'status' => $status, 'category_id' => $category_id, 'user_id' => $user_id, 'schedule' => $schedule, 'published_at' => $published_at != '' ? $published_at : NULL);
$this->blog->updatePost($data, $where);
Session::set('success', $this->language->get('msg_blog_edit'));
Log::notice('log_blog_edit', $data_log);
Url::redirect('blog');
}
}
if (isset($_POST['cancel'])) {
Url::redirect('blog');
}
View::renderTemplate('header', $data);
View::renderModule('Blog/views/edit', $data, $error);
View::renderTemplate('footer', $data);
}
public function __construct()
{
parent::__construct();
Auth::any();
}