public function Update($id)
{
if ($_POST['member_password'] == '') {
unset($_POST['member_password']);
} else {
$_POST['member_password'] = Password($_POST['member_password']);
}
$date = TDate::GetInstance();
$_POST['member_active_time'] = $date->Persi2Timestamp($_POST['member_active_time']);
$this->model->Edit($id, $_POST);
Redirect(UR_MP . 'Member/Edit/' . $id);
}
public function Update($id)
{
if ($_POST['manager_password'] == '') {
unset($_POST['manager_password']);
} else {
$_POST['manager_password'] = Password($_POST['manager_password']);
}
if (isset($_POST['allow'])) {
$_POST['manager_permission'] = implode(',', $_POST['allow']);
unset($_POST['allow']);
}
if ($this->model->Edit($id, $_POST)) {
Redirect(UR_MP . 'Manager/Edit/' . $id);
} else {
TNotification::Add(_lg("You can't edit this manager this protected"), NF_WARNING);
Redirect(UR_MP . 'Manager/Edit/' . $id);
}
}
<?php
include 'common.php';
$path = "games/stats-{$game}.txt";
if (!$game) {
exit("wrong params");
}
//check for password
if ($passw) {
Password($nick, $passw);
}
//read tabble
if (file_exists($path)) {
$filetext = file_get_contents($path);
$stringArray = explode("\r\n", $filetext);
for ($i = 0; $i < count($stringArray); $i++) {
$values = explode("\t", $stringArray[$i]);
if (count($values) == 3) {
$tabble["{$values['0']}"] = "{$values['1']}\t{$values['2']}";
}
}
}
//write user, sort tabble
$write = $passw;
if ($write && (!isset($frags) || !isset($deaths))) {
exit("wrong params: no frags");
}
if ($write) {
if ($tabble[$nick]) {
$plScores = explode("\t", $tabble[$nick]);
$tabble[$nick] = max($plScores[0], $frags) . "\t" . max($plScores[1], $deaths);
<?php
if (isset($_POST['email']) && isset($_POST['password'])) {
$m = new TModel('member');
$result = $m->db->Select('SELECT * FROM %table% WHERE member_email = :email AND member_password = :password AND member_type > 0', array('member'), array(':email' => $_POST['email'], ':password' => Password($_POST['password'])));
if ($result != array()) {
//login
setcookie('mid', $result[0]['member_id'], time() + 60 * 60 * 12 * 15);
setcookie('mtype', $result[0]['member_type'], time() + 60 * 60 * 12 * 15);
setcookie('mname', $result[0]['member_name'], time() + 60 * 60 * 12 * 15);
setcookie('mchat', $result[0]['member_chat'], time() + 60 * 60 * 12 * 15);
setcookie('mact', $result[0]['member_active_time'], time() + 60 * 60 * 12 * 15);
Redirect('/msg/شما با موفقیت وارد شدید.');
} else {
// failed
$_GET['msg'] = 'ایمیل یا گذرواژه اشتباه است و یا عضویت شما تایید نشده است.';
setcookie('mid', null, time() - 300);
setcookie('mtype', null, time() - 300);
setcookie('mname', null, time() - 300);
setcookie('mchat', null, time() - 300);
setcookie('mact', null, time() - 300);
}
}
session_start();
if (!isset($_SESSION['LoggedInCustID'])) {
if (empty($_GET["txtCustomerID"])) {
showForm();
exit;
} else {
$CustomerID = $_GET["txtCustomerID"];
}
if (empty($_GET["txtPassword"])) {
showForm();
exit;
} else {
$PasswordForm = $_GET["txtPassword"];
}
//Validate password
if ($PasswordForm != Password($CustomerID, $FirstName)) {
showForm("Invalid password");
exit;
}
setcookie('FirstName', $FirstName, strtotime('+1 week'), "/500141777");
$_SESSION['LoggedInCustID'] = $CustomerID;
}
function Password($CustomerID, &$FirstName)
{
$dsn = 'mysql:host=itsql.fvtc.edu;dbname=31845_500141777';
$username = '******';
$password = '******';
try {
$options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);
//Associative array
$db = new PDO($dsn, $username, $password, $options);
if (!isset($_SESSION["contEmail"])) {
# Check for empty credentials
switch (true) {
case empty($_POST["txtEmail"]):
showForm();
exit;
case empty($_POST["txtPassword"]):
showForm();
exit;
default:
$Email = $_POST["txtEmail"];
$Password = $_POST["txtPassword"];
break;
}
# Validate password
if ($Password != Password($Email, $FirstName)) {
showForm('Invalid email and password combination');
exit;
}
setcookie('FirstName', $FirstName, strtotime('+1 week'), "/");
$_SESSION["contEmail"] = $Email;
}
# Return users password from the DB
function Password($contID, &$FirstName)
{
$dsn = 'sqlsrv:Server=agilebob.database.windows.net;Database=bob';
$uname = 'bobadmin';
$pwd = 'Agilebob60515';
$options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);
try {
$db = new PDO($dsn, $uname, $pwd, $options);
* ->class('someclass'),
* for a placeholder: ->placeholder('Some text'). If the attribute doesn't
* take a value just omit it, so : ->required()
*
* In addition to HTML attributes, each element takes meta-data such as the
* submitted value. All meta-data is set in exactly the same way but is prefixed
* with a single underscore. For example, you can set the form's show_submitted
* flag with ->_show_submitted(true), or force an initial check on a specific
* item in a radioset using ->_value('name') -- in this case you are setting up
* the element to appear as if that value was already submitted to it.
*
* This is done to make form specification as terse and fluent as possible
* -- yet still giving control where needed.
*
**/
$contact_form = Form('contact', './')->setRenderer($r)->onSuccess('MySuccessHandler')->novalidate()->add(Fieldset('About you...', 'about')->class('about')->add(Checkbox('control', '>Collect Personal Details', 'ok')->_ignore_parent_fields('disabled,readonly,required'))->add(Input('salutation', 'Title', 'Your title please')->autofocus()->datalist($salutations)->required())->add(Input('name', 'Your Name', 'Your name please')->autocomplete('off')->required()->validator('myNameValidator'))->add(Email('email', 'Your Email', 'Your email address')->required()->autocomplete('off'))->add(URL('url', 'Website', 'Your URL here (optional)'))->add(Hidden('secret', '123'))->add(Password('pass', 'Your Password', 'Enter a password of 10 characters or more')->required()->minlength(10, '10+ chars. please'))->add(Password('oth', 'Repeat Password', 'Enter password again')->required()->minlength(10, '10+ chars. please')->matches('pass', 'This must match what you typed in the "Your Password" field.'))->add(Tel('tel', 'Phone', 'A contact number please')->pattern('/^[\\s]*[\\+]?[0-9][-0-9]*[\\s-0-9]*[\\s]*$/', 'Enter a valid phone number. This can start with an international code like +44 if needed.'))->add(Input('human', 'Are you human?', 'No bots please')->pattern('/^yes|yep|yeah|sure am|indeed$/i', 'Some form of affirmation is needed.')->required())->add(YesNo('alive', 'Were you alive when you celebrated your last birthday?', 'Babies excluded.', 'Just yes or no please.')->required())->add(Integer('age', 'How old are you?')->value(5)->min(2)->max(10)))->add(Fieldset('Your message...')->add(TextArea('msg', 'Message', 'Your message to us')->required()->pattern('/^[^0-9]*$/', 'No numbers please!')->whitelist('great,good,fantastic,amazing')))->add(Fieldset('Legal stuff...')->add(Radios('agreement', '>Do you agree to our terms?', $conditions)->required('* Please select one of the options')->validator('myConditionValidator'))->add(Checkboxes('options', 'Additional Options...', $checkboxes)->required()->value('spam_me'))->add(MSelect('depts', 'Forward to which departments?', $departments)->required('Please choose at least one department')->value('complaints-2 , complaints-3 , sales-0')))->add(Submit('Send'))->process();
/** ==================== Custom formatters follow ====================
*
* These all override, or append to, some aspect of the renderer's output
* and should allow you fine enough control over your form output not to
* have to resort to hand-crafted HTML.
*
* They are all enabled by setting values on the renderer.
* Thay are also totally option. In fact, the default output of the renderer
* should be fine in most cases so you can probably delete all the code in
* this part of the file.
**/
/**
* Controls the output that goes at the head of the form when there are any
* invalid elements. Use this only if the renderer's default markup isn't
* what you need.
?>
Executed : <b> <?php
echo basename($sql_file);
?>
</b>
</div>
<?php
}
?>
<div class="notification success">
<?php
$reg->SetValue(ROOT_SYSTEM, 'title', $_POST['title']);
$reg->SetValue(ROOT_SYSTEM, 'email', $_POST['email']);
$query = "INSERT INTO `" . DB_PREFIX . "manager` ( \n `manager_username`, `manager_email`, `manager_password`,\n `manager_displayname`, `manager_lastlogin`, `manager_type`,\n `manager_protected`) VALUES\n ( :username , :email, :password, :name, :time, 1, b'1');";
$stm = $database_handle->prepare($query);
$stm->execute(array(':username' => $_POST['manager_username'], ':name' => $_POST['manager_username'], ':password' => Password($_POST['manager_password']), ':time' => time(), ':email' => $_POST['email']));
?>
Update : <b> Syetem info</b>
</div>
<div class="notification success">
Syetem install successfully.
<br />
<b style="color: red">
Please remove install directory.
</b>
</div>
</div>
<br />
<?php
$clean = array_map('strip_tags', $_POST);
$result['success'] = false;
$result['value'] = 'unknow error';
switch ($url[1]) {
case 'regiter':
$valid = array('member_name', 'member_email', 'member_password', 'member_password2', 'member_degree', 'member_field', 'member_number', 'member_city');
$insert = promis($clean, $valid);
if ($insert['member_password'] != $insert['member_password2']) {
$result['value'] = 'پسورد ها یکی نیستند';
echo json_encode($result);
die;
} else {
$insert['member_password'] = Password($insert['member_password']);
unset($insert['member_password2']);
}
if (!filter_var($insert['member_email'], FILTER_VALIDATE_EMAIL)) {
$result['value'] = ' ایمیل معتبر نیست';
echo json_encode($result);
die;
}
if (strlen($insert['member_name']) < 5 || strlen($insert['member_password']) < 5) {
$result['value'] = ' نام یا گذرواژه خیلی کوتاه است ';
echo json_encode($result);
die;
}
if (strlen($insert['member_number']) != 11 || substr($insert['member_number'], 0, 2) != '09') {
$result['value'] = ' شماره مورد نظر اشتباه است ';
echo json_encode($result);
die;
/**
* send new password
* @input post data
* @return mixed [0] 1:success | 2:login failed | 3:spamer [max|try|time]
*/
public function CheckEmail()
{
$registry = TRegistry::GetInstance();
$trylog = new TTryLog();
$time = $registry->GetValue(ROOT_SYSTEM, 'login_ignore_time');
// check login try
$try = $trylog->Check(TRY_PASSWORD, $time);
// get max try ;
$max_try = $registry->GetValue(ROOT_SYSTEM, 'login_max_try');
// check is try more than max try
if ($try <= $max_try) {
// can login
// log try
$trylog->Log(TRY_PASSWORD);
// check input length
if (strlen($_POST['manager_username']) < 3 || empty($_POST['manager_email'])) {
// take access
$ret[0] = 2;
return $ret;
}
$sql = "SELECT * FROM %table% WHERE \n manager_username = :username AND manager_email = :email ;";
$result = $this->db->Select($sql, array('manager'), array('type' => 'ss', ":username" => $_POST['manager_username'], ":email" => $_POST['manager_email']));
//manager access control init
if (count($result) == 1) {
//sending
$ret['passwd'] = THash::SaltGenerator(8);
// update last login
$this->db->Update('manager', array('type' => 'i', "manager_password" => Password($ret['passwd'])), "manager_id = '{$result[0]['manager_id']}'");
$ret[0] = 1;
return $ret;
} else {
//not send
$ret[0] = 2;
return $ret;
}
} else {
// can't login
$ret[0] = 3;
$ret['max'] = $max_try;
$ret['time'] = $time;
// and show error
return $ret;
}
}