function camp_successful_login($user, $f_login_language) { global $ADMIN, $LiveUser, $LiveUserAdmin, $request, $requestId; $user->initLoginKey(); $data = array('KeyId' => $user->getKeyId()); if (is_object($LiveUser->_perm)) { $permUserId = $LiveUser->_perm->getProperty('perm_user_id'); $LiveUserAdmin->updateUser($data, $permUserId); $LiveUser->updateProperty(true, true); LoginAttempts::ClearLoginAttemptsForIp(); setcookie("LoginUserId", $user->getUserId()); setcookie("LoginUserKey", $user->getKeyId()); setcookie("TOL_Language", $f_login_language); Article::UnlockByUser($user->getUserId()); // Try to restore request. if (!empty($request)) { // restore request camp_session_set("request_$requestId", $request); $request = unserialize($request); camp_html_goto_page($request['uri'], TRUE, array( 'request' => $requestId, )); } // Go to admin index if no request is set. camp_html_goto_page("/$ADMIN/index.php"); } }
/** * Check if user has access to the admin. * @param array $p_request * @return array */ function camp_check_admin_access($p_request) { global $ADMIN, $g_ado_db, $LiveUser; require_once($GLOBALS['g_campsiteDir'].'/classes/User.php'); $access = false; $XPerm = array(); $user = array(); // records current page as last visited page camp_session_set('lastVisitPage', $_SERVER['REQUEST_URI']); if (!$LiveUser->isLoggedIn()) { return array($access, $user, $XPerm); } // check for required info if (!isset($p_request['LoginUserId']) || !isset($p_request['LoginUserKey']) || !is_numeric($p_request['LoginUserId']) || !is_numeric($p_request['LoginUserKey'])) { return array($access, $user, $XPerm); } // we passed LiveUser->isLoggedIn() so we can be sure the user // actually exists in database table if ($LiveUser->getProperty('keyid') == $p_request['LoginUserKey']) { $access = true; $user = new User($LiveUser->getProperty('auth_user_id')); } return array($access, $user); } // fn check_basic_access
if (($extension == '.php') || ($extension == '')) { // If they arent trying to login in... if (($call_script != $prefix . 'login.php') && ($call_script != $prefix . 'do_login.php') && $call_script != $prefix . 'password_recovery.php' && $call_script != $prefix . 'password_check_token.php') { // Check if the user is logged in already list($access, $g_user) = camp_check_admin_access(CampRequest::GetInput()); if (!$access) { // If not logged in: store request $request = serialize(array( 'uri' => $_SERVER['REQUEST_URI'], 'post' => $_POST, )); $requestId = sha1($request); camp_session_set("request_$requestId", $request); // show the login screen header("Location: /{$ADMIN}{$prefix}login.php?request=$requestId"); exit(0); } } // Load common translation strings camp_load_translation_strings('globals'); // If its not a PHP file, assume its a directory. if ($extension != '.php') { // If its a directory if (($call_script != '') && ($call_script[strlen($call_script)-1] != '/') ) { $call_script .= '/';
/** * SimplePager, unlike the PEAR Pager class, is a pager made to work * with template-like layouts. The constructor sets up the variables * you need to render the links, and you can render them * however you like. There is a default render function for * reference. * * @param int $p_totalItems * Total number of items. * * @param int $p_itemsPerPage * Number of items to display per page. * * @param string $p_offsetVarName * The name of the REQUEST variable which holds the order number * of the first item on the selected page. * * @param string $p_baseUrl * The url to which we attach the offset variable name. * * @param boolean $p_useSessions * Set to TRUE if you want the offset item number to be stored in * the session so that the user will return to their previous * position in the pager when they leave the screen and come back * to it. */ public function SimplePager($p_totalItems, $p_itemsPerPage, $p_offsetVarName, $p_baseUrl, $p_useSessions = true, $p_width = 10) { global $_REQUEST; $this->m_urls["links"] = array(); if ($p_totalItems < 0) { $p_totalItems = 0; } if ($p_itemsPerPage < 1) { $p_itemsPerPage = 1; } // Get the current page number. if ($p_useSessions) { $this->m_offset = camp_session_get($p_offsetVarName, 0); } else { $this->m_offset = isset($_REQUEST[$p_offsetVarName]) ? $_REQUEST[$p_offsetVarName] : 0; } if ($this->m_offset < 0) { $this->m_offset = 0; } elseif ( ($this->m_offset) > $p_totalItems) { // If the offset is past the total number of items, // reset it. $this->m_offset = 0; if ($p_useSessions) { camp_session_set($p_offsetVarName, 0); } } // Only generate pager if there is more than one page of information. if ($p_totalItems > $p_itemsPerPage) { // Generate the offsets into the list. $remainder = $p_totalItems % $p_itemsPerPage; if ($remainder == 0) { $this->m_offsets = SimplePager::_range(0, $p_totalItems-1, $p_itemsPerPage); } else { $this->m_offsets = SimplePager::_range(0, $p_totalItems, $p_itemsPerPage); } $this->m_numPages = count($this->m_offsets); $this->m_selectedPageNumber = floor($this->m_offset/$p_itemsPerPage)+1; if ($p_width > $this->m_numPages) { $p_width = $this->m_numPages; } // Generate the numbered links if ($this->m_selectedPageNumber < ($p_width/2 + 1)) { $begin = 0; $end = $p_width; } else if ($this->m_selectedPageNumber > ($this->m_numPages - ($p_width/2))) { $begin = $this->m_numPages - $p_width; $end = $this->m_numPages; } else { $begin = $this->m_selectedPageNumber - ceil($p_width/2) - 1; $end = $this->m_selectedPageNumber + ceil($p_width/2); } for ($index = $begin; $index < $end; $index++) { $this->m_urls["links"][$index+1] = $p_baseUrl."$p_offsetVarName=".$this->m_offsets[$index]; } // Generate special links. if ($this->m_selectedPageNumber > 1) { $this->m_urls["first"] = $p_baseUrl."$p_offsetVarName=".$this->m_offsets[0]; $this->m_urls["previous"] = $p_baseUrl."$p_offsetVarName=".$this->m_offsets[max(0, $this->m_selectedPageNumber-2)]; } if ($this->m_selectedPageNumber > 10) { $this->m_urls["previous_10_pages"] = $p_baseUrl."$p_offsetVarName=".$this->m_offsets[max(0, $this->m_selectedPageNumber-11)]; } if ($this->m_selectedPageNumber > 100) { $this->m_urls["previous_100_pages"] = $p_baseUrl."$p_offsetVarName=".$this->m_offsets[max(0, $this->m_selectedPageNumber-101)]; } if ( ($this->m_numPages > $this->m_selectedPageNumber)) { $this->m_urls["next"] = $p_baseUrl."$p_offsetVarName=".$this->m_offsets[min($this->m_numPages-1, $this->m_selectedPageNumber)]; } if ( ($this->m_numPages - $this->m_selectedPageNumber) > 9) { $this->m_urls["next_10_pages"] = $p_baseUrl."$p_offsetVarName=".$this->m_offsets[min($this->m_numPages-1, $this->m_selectedPageNumber+9)]; } if ( ($this->m_numPages - $this->m_selectedPageNumber) > 99) { $this->m_urls["next_100_pages"] = $p_baseUrl."$p_offsetVarName=".$this->m_offsets[min($this->m_numPages-1, $this->m_selectedPageNumber+99)]; } if ( ($this->m_numPages > $this->m_selectedPageNumber)) { $this->m_urls["last"] = $p_baseUrl."$p_offsetVarName=".$this->m_offsets[$this->m_numPages-1]; } } } // constructor
$argsStr .= "&f_mode=multi&f_action=duplicate"; foreach ($_REQUEST["f_article_code"] as $code) { $argsStr .= "&f_article_code[]={$code}"; } camp_session_set($offsetVarName, 0); camp_html_goto_page("/{$ADMIN}/articles/duplicate.php?" . $argsStr); case "move": $args = $_REQUEST; unset($args[SecurityToken::SECURITY_TOKEN]); unset($args["f_article_code"]); $argsStr = camp_implode_keys_and_values($args, "=", "&"); $argsStr .= "&f_mode=multi&f_action=move"; foreach ($_REQUEST["f_article_code"] as $code) { $argsStr .= "&f_article_code[]={$code}"; } camp_session_set($offsetVarName, 0); camp_html_goto_page("/{$ADMIN}/articles/duplicate.php?" . $argsStr); case "unlock": foreach ($articleCodes as $articleCode) { $articleObj = new Article($articleCode['language_id'], $articleCode['article_id']); if ($articleObj->userCanModify($g_user)) { $articleObj->setIsLocked(false); } } camp_html_add_msg(getGS("Article(s) unlocked."), "ok"); break; case "context_box_update": camp_html_add_msg(getGS("Context Box updated"), "ok"); break; case "schedule_publish": $args = $_REQUEST;
$f_language_id = Input::Get('f_language_id', 'int', 0); if (isset($_SESSION['f_language_selected'])) { $f_old_language_selected = (int) $_SESSION['f_language_selected']; } else { $f_old_language_selected = 0; } $f_language_selected = (int) camp_session_get('f_language_selected', 0); $offsetVarName = "f_article_offset_" . $f_publication_id . "_" . $f_issue_number . "_" . $f_language_id . "_" . $f_section_number; $f_article_offset = camp_session_get($offsetVarName, 0); $ArticlesPerPage = 15; if (!Input::IsValid()) { camp_html_display_error(getGS('Invalid input: $1', Input::GetErrorString()), $_SERVER['REQUEST_URI']); exit; } if ($f_old_language_selected != $f_language_selected) { camp_session_set('f_article_offset', 0); $f_article_offset = 0; } if ($f_article_offset < 0) { $f_article_offset = 0; } $sectionObj = new Section($f_publication_id, $f_issue_number, $f_language_id, $f_section_number); if (!$sectionObj->exists()) { camp_html_display_error(getGS('Section does not exist.')); exit; } $publicationObj = new Publication($f_publication_id); if (!$publicationObj->exists()) { camp_html_display_error(getGS('Publication does not exist.')); exit; }
} } // Default to english if we dont find anything that matches. if (is_null($defaultLanguage)) { $defaultLanguage = 'en'; } // HACK: the function regGS() strips off the ":en" from // english language strings, but only if it knows that // the language being displayed is english...and it knows // via the cookie. $_COOKIE['TOL_Language'] = $defaultLanguage; $_REQUEST['TOL_Language'] = $defaultLanguage; } if (isset($requestId)) { // Store request again camp_session_set("request_{$requestId}", $request); } // Load the language files. camp_load_translation_strings("globals"); camp_load_translation_strings("home"); $siteTitle = !empty($Campsite['site']['title']) ? htmlspecialchars($Campsite['site']['title']) : putGS("Newscoop") . $Campsite['VERSION']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <meta name="robots" content="noindex, nofollow"> <title><?php p($siteTitle . ' - ') . putGS("Login"); ?> </title>