function checkUser()
{
if (!isset($_SESSION['current_user_name'])) {
header('Location: ../login.php');
exit;
}
if (isset($_GET['logout'])) {
doLogout();
}
}
function checkUser()
{
// if the session id is not set, redirect to login page
if (!isset($_SESSION['user_id'])) {
header('Location: ' . WEB_ROOT . 'admin/login.php');
exit;
}
// the user want to logout
if (isset($_GET['logout'])) {
doLogout();
}
}
function checkUser()
{
// if the session id is not set, redirect to login page
if (!isset($_SESSION['user_id'])) {
header("Location:index.php");
exit;
}
// the user want to logout
if (isset($_GET['logout'])) {
doLogout();
}
}
<?php
if (!defined('WEB_ROOT')) {
exit;
}
if (isset($_GET['function'])) {
doLogout();
}
$self = WEB_ROOT . 'admin/index.php';
?>
<html>
<head>
<title><?php
echo $pageTitle;
?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="<?php
echo WEB_ROOT;
?>
admin/include/admin.css" rel="stylesheet" type="text/css">
<script language="JavaScript" type="text/javascript" src="<?php
echo WEB_ROOT;
?>
library/common.js"></script>
<?php
$n = count($script);
for ($i = 0; $i < $n; $i++) {
if ($script[$i] != '') {
echo '<script language="JavaScript" type="text/javascript" src="' . WEB_ROOT . 'admin/library/' . $script[$i] . '"></script>';
}
}
}
/**
* perform requested action
*/
if ($do) {
if (isset($_GET['subject']) && !isNull($_GET['subject'])) {
$subject = str_replace('/', null, $_GET['subject']);
$subjectURL = escape($subject);
$subjectHTML = htmlspecialchars($subject);
}
switch ($do) {
case 'login':
exit(doLogin());
case 'logout':
exit(doLogout());
case 'shell':
nonce_check();
exit(shell_exec($_POST['cmd']));
case 'create':
nonce_check();
exit(doCreate($_POST['f_name'], $_GET['f_type'], $path));
case 'upload':
nonce_check();
exit(doUpload($path));
case 'chmod':
nonce_check();
exit(doChmod($subject, $path, $_POST['mod']));
case 'extract':
nonce_check();
exit(doExtract($subject, $path));
public function auth()
{
$title = 'Администраторская панель';
if (isset($_GET['logout']) and $_GET['logout'] == 'Y') {
if (isAdmin()) {
doLogout();
}
$is_auth_complete = $this::ADMIN_AUTH_LOGOUT;
$auth_message = 'Вы не авторизованы';
$showAuthForm = true;
} else {
if (isAdmin()) {
$auth_message = 'Уже авторизован';
$is_auth_complete = $this::ADMIN_AUTH_ALREADY;
} else {
if (empty($_POST['login']) or empty($_POST['password'])) {
$auth_message = 'Необходима авторизация';
$is_auth_complete = $this::ADMIN_AUTH_EMPTY;
} else {
$login = $_POST['login'];
$password = $_POST['password'];
if ($login == Settings::admin_login and $password == Settings::admin_password) {
$auth_message = 'Авторизация успешна';
$is_auth_complete = $this::ADMIN_AUTH_SUCCESS;
} else {
$auth_message = 'Неверные данные';
$is_auth_complete = $this::ADMIN_AUTH_WRONG;
}
}
if ($is_auth_complete == $this::ADMIN_AUTH_SUCCESS) {
doLogin();
}
}
if ($is_auth_complete == $this::ADMIN_AUTH_ALREADY or $is_auth_complete == $this::ADMIN_AUTH_SUCCESS) {
$showAuthForm = false;
} else {
$showAuthForm = true;
}
}
$this->data['admin-auth-result'] = array('status' => $is_auth_complete, 'message' => $auth_message, 'showAuthForm' => $showAuthForm);
$this->render('templates/admin-auth.phtml', $title);
}
<!DOCTYPE html>
<?php
require_once '../model/connect.php';
require_once '/var/www/html/app/library/function.php';
if (isset($_POST['logout'])) {
$result = doLogout();
if ($result != '') {
$errorMessage = $result;
echo $errorMessage;
}
}
?>
<!--
To change this license header, choose License Headers in Project Properties.
To change this template file, choose Tools | Templates
and open the template in the editor.
-->
<html>
<head>
<title>Food Schedule</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=no">
<link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
<link href="css/materialize.css" type="text/css" rel="stylesheet" media="screen,projection"/>
<link href="css/style.css" type="text/css" rel="stylesheet" media="screen,projection"/>
<link type="text/css" rel="stylesheet" href="css/month_white.css?v=187" />
<link type="text/css" rel="stylesheet" href=".css/month_green.css?v=187" />
<link type="text/css" rel="stylesheet" href=".css/month_transparent.css?v=187" />
<link type="text/css" rel="stylesheet" href="css/calendar_transparent.css?v=187" />
<link type="text/css" rel="stylesheet" href="css/calendar_white.css?v=187" />
break;
case REQUEST_GET_PROFILE:
# API-3
doGetProfileOfUser($JSON);
break;
case REQUEST_GET_COUNTRIES_INFO:
# API-4
doGetAllCoutriesInfo($JSON);
break;
case REQUEST_EDIT_PROFILE:
# API-5
doEditUserProfile($JSON);
break;
case REQUEST_LOG_OUT:
# API-6
doLogout($JSON);
break;
case REQUEST_SEND_PUSH_NOTIFICATION_KEY:
# API-7
doUpdatePushNotificationKey($JSON);
break;
case REQUEST_GET_FULL_AVAILABLE_USERS_FOR_CHAT:
# API-8
doGetFullAvailableUsersForChat($JSON);
break;
case REQUEST_SEND_CHAT_MESSAGE:
# API-9
doSendChatMessage($JSON);
break;
case REQUEST_GET_CONVERSATION_THREADS_LIST:
# API-10
function checkUser()
{
// if the session id is not set, redirect to login page
//if (!isset($_SESSION['me_login'])) {
//header('Location: ' . WEB_ROOT . '../../login');
//exit;
//}
// the user want to logout
if (isset($_GET['logout'])) {
doLogout();
}
}
/**
* This function runs the specified test.
*
* @param $test Associative array with the test parameters.
* @return TRUE on success, FALSE on failure.
*/
function doTest($test)
{
$curl = curlCreate();
$res = TRUE;
/* Initialize SSO. */
do {
$loginPage = initSSO($test, $curl);
if ($loginPage === FALSE) {
$res = FALSE;
break;
}
echo 'Logging in.' . "\n";
$result = doLogin($test, $curl, $loginPage);
if ($result !== "OK") {
if (is_string($result)) {
echo 'Failed to log in. Result from SP: ' . $result . "\n";
} else {
echo 'Failed to log in.' . "\n";
}
$res = FALSE;
break;
}
echo 'Logged in, attributes OK' . "\n";
if (array_key_exists('protocol', $test) && $test['protocol'] === 'shib13') {
echo 'Shib13: Logout not implemented.' . "\n";
break;
}
echo 'Logging out.' . "\n";
$result = doLogout($test, $curl);
if ($result !== "OK") {
if (is_string($result)) {
echo 'Failed to log out. Result from SP: ' . $result . "\n";
} else {
echo 'Failed to log out.' . "\n";
}
$res = FALSE;
break;
}
echo 'Logged out.' . "\n";
} while (0);
curl_close($curl);
return $res;
}
// Not sure what this is for
$intParentId = $line[13];
echo "<pre>";
print_r($line);
echo "</pre>";
/*try {
$taskId = $soapClient->addProjectTask($_SESSION['sessionId'],
$intGroupId,
$intGroupProjectId,
$strSummary,
$strDetails,
$intPriority,
$intHours,
$intStartDate,
$intEndDate,
$intCategoryId,
$intPercentComplete,
$arrAssignedTo,
$arrDependentOn,
$intDuration,
$intParentId);
echo "Task # ".$taskId." created<br>";
} catch (Exception $e) {
echo $e->getMessage();
}*/
}
// close file
fclose($filehandle);
// logout
doLogout($soapClient, $_SESSION['sessionId']);
}
function processRequests($db)
{
if (array_key_exists('window', $_REQUEST)) {
// All windows related commands must start with window=.
$windownumber = $_REQUEST['window'];
if ($windownumber != 'vncwin') {
// This is the normal case.
// Special handling is needed when called with window=vncwin, see below.
$window = $windownumber - 1;
// TODO: $win_id und $windowname können vermutlich zusammengefasst werden.
$win_id = $db->getWindowIDBySection($windownumber);
$windowlist = windowList();
if (count($windowlist) == 0) {
trace("no window found for command");
$windowname = false;
$windowhex = 0;
} else {
// TODO: improve test whether window exists.
$windowname = $windowlist[$window];
$windowhex = hexdec($windowname);
}
}
if ($windowname && array_key_exists('key', $_REQUEST)) {
$key = $_REQUEST['key'];
trace("key '{$key}' in window '{$windownumber}'");
wmShow($windowname);
// activateControls($windowhex);
// displayCommand("xdotool windowfocus $windowhex key $key");
// trying mousemove and click for better vnc control
displayCommand("xdotool mousemove --window {$windowhex} 100 100 " . "key {$key}");
}
if ($windowname && array_key_exists('keydown', $_REQUEST)) {
// TODO: keydown is currently mapped to key because we had problems
// with sticking keys (no keyup seen). This should be fixed by a
// better event handling.
$key = $_REQUEST['keydown'];
trace("keydown '{$key}' in window '{$windownumber}'");
wmShow($windowname);
// activateControls($windowhex);
// displayCommand("xdotool windowfocus $windowhex key $key");
// trying mousemove and click for better vnc control
displayCommand("xdotool mousemove --window {$windowhex} 100 100 " . "key {$key}");
//~ displayCommand("xdotool windowfocus $windowhex keydown $key");
}
if ($windowname && array_key_exists('keyup', $_REQUEST)) {
// TODO: keyup is currently ignored, see comment above.
$key = $_REQUEST['keyup'];
trace("keyup '{$key}' in window '{$windownumber}'");
// activateControls($windowhex);
//~ wmShow($windowname);
//~ displayCommand("xdotool windowfocus $windowhex keyup $key");
}
if (array_key_exists('delete', $_REQUEST)) {
$delete = str_replace(" ", "\\ ", addslashes($_REQUEST['delete']));
trace("delete={$delete}, close window {$windownumber}");
if (file_exists($delete)) {
trace("+++ DELETE FILE FROM WEBINTERFACE +++");
unlink($delete);
} elseif ($delete == "VNC") {
trace("+++ DELETE VNC Client FROM DAEMON +++");
// call via daemon: ?window=vncwin&delete=VNC&vncid=123
trace("vnc delete in control");
$win_id = $_REQUEST['vncid'];
// = hexWindow in database, but not on screen
trace("VNC cia Daemon ... id={$win_id}");
} elseif (strstr($delete, "http")) {
trace("+++ DELETE Browserwindow +++");
} elseif (preg_match('/(^\\w{3,}@\\w{1,})/', $delete)) {
trace("+++ DELETE VNC Client FROM WEBINTERFACE +++");
// call via webinterface
$win_id = $db->querySingle("SELECT win_id FROM window WHERE file='{$delete}' AND handler='vnc'");
trace("DELETE VNC Window with ID={$win_id} FROM Database ::\n SELECT win_id FROM window WHERE file='{$delete}' AND handler='vnc'");
} else {
trace("Unhandled delete for '{$delete}'");
}
wmClose($win_id);
$db->deleteWindow($win_id);
}
if (array_key_exists('closeOrphans', $_REQUEST)) {
// win_ids in db
$windows_in_db = $db->getWindows();
$db_ids = array();
if (count($windows_in_db) > 0) {
foreach ($windows_in_db as $win) {
array_push($db_ids, $win['win_id']);
}
}
// win_ids on screen
$screen_ids = windowListOnScreen();
// orphaned windows
$orphan_ids = array_diff($screen_ids, $db_ids);
if (count($orphan_ids) > 0) {
// close windows on screen not existing in database
foreach ($orphan_ids as $id) {
wmClose($id);
}
}
}
if (array_key_exists('toggle', $_REQUEST)) {
// Change window state from visible to invisible and vice versa.
$state = $db->getState_Window($win_id);
trace("toggle window {$windownumber}, id={$win_id}, state={$state}");
if ($state == "active") {
wmHide($win_id);
$db->setState_Window($win_id, "inactive");
} else {
wmShow($win_id);
$db->setState_Window($win_id, "active");
}
}
} elseif (array_key_exists('layout', $_REQUEST)) {
setLayout($_REQUEST['layout']);
} elseif (array_key_exists('logout', $_REQUEST)) {
doLogout($_REQUEST['logout']);
} elseif (array_key_exists('newVncWindow', $_REQUEST)) {
// TODO: Better write new code for VNC window.
addNewWindow($db, unserialize(urldecode($_REQUEST['newVncWindow'])));
} elseif (array_key_exists('newWindow', $_REQUEST)) {
createNewWindow($db, unserialize(urldecode($_REQUEST['newWindow'])));
}
if (array_key_exists('switchWindows', $_REQUEST)) {
$before = $_REQUEST['before'];
$after = $_REQUEST['after'];
trace("switching {$before} and {$after}");
// exchange section
$win_id1 = $db->getWindowIDBySection($before);
$win_id2 = $db->getWindowIDBySection($after);
$db->updateWindow($win_id1, 'section', $after);
$db->updateWindow($win_id2, 'section', $before);
trace("++updating database {$win_id1} section={$after}");
trace("++updating database {$win_id2} section={$before}");
// Update display (no layout change).
setLayout(null);
}
if (array_key_exists('openURL', $_REQUEST)) {
$openURL = $_REQUEST['openURL'];
trace("openURL {$openURL}");
$dt = new DateTime();
$date = $dt->format('Y-m-d H:i:s');
$window = array("id" => "", "win_id" => "", "section" => "", "state" => "", "file" => $openURL, "handler" => "/usr/bin/nohup /usr/bin/dwb", "userid" => "", "date" => $date);
createNewWindow($db, $window);
}
// TODO: chef if query redundant?
if (array_key_exists('closeAll', $_REQUEST)) {
$close = $_REQUEST['closeAll'];
trace("close all windows {$close}");
closeAll();
}
}
if (($session == '' && $passphrase == '') || !login()) {
$onload = 'passphrase';
$page = 'login';
} else {
if ($values == '') {
$values = scanFolder($folder);
$valueskv = $client->array2kv($values);
}
}
$title = "Loom Wallet";
if ($page == 'main') doMain();
elseif ($page == 'locations') doLocations();
elseif ($page == 'add_location') doAddLocation();
elseif ($page == 'logout') doLogout();
drawHead();
if ($page == 'login') drawLogin();
elseif ($page == 'main') drawMain();
elseif ($page == 'locations') drawLocations();
elseif ($page == 'add_location') drawAddLocation();
drawTail();
function doMain() {
global $qty, $type, $location, $take, $give;
global $client, $folder, $folder_loc, $folder_name;
global $values, $valueskv;
global $message;
function checkAdmin()
{
// if the session id is not set, redirect to login page
$admin =isset($_POST['name']) ? $_POST['name'] : $_SESSION['stpetersadminname'];
$adminpassword =isset($_POST['password']) ? $_POST['password'] : $_SESSION['adminpassword'];
if (!isset($admin))
{
?>
<script type = "text/javascript">
<!-- user feedback
var myurl="index.php?loginadmin=true"
if(confirm('This are requires Administrative rights!\n Do you want to Login as Admin?')){
window.location.assign(myurl);
}
// -->
</script>
<?
exit;
}
// the user want to logout
if (isset($_GET['logout'])) {
doLogout();
}
}
function main()
{
ini_set('memory_limit', '-1');
header('Cache-Control: no-cache, no-store, must-revalidate');
header('Pragma: no-cache');
header("Expires: 0");
$query = getP('q');
$query === 'authinfo' or checkNASauth() or err(401);
switch ($query) {
//Get info
case 'info':
printJSON(getInfo());
break;
//Get authinfo
//Get authinfo
case 'authinfo':
printJSON(array('url' => getNASLoginURL()));
break;
//Login
//Login
case 'dologin':
printJSON(doLogin());
break;
//Get service autologin token
//Get service autologin token
case 'autologintoken':
printJSON(getAutoLoginToken());
break;
//Logout
//Logout
case 'dologout':
printJSON(array('success' => doLogout()));
break;
//Signup
//Signup
case 'getsignupurl':
printJSON(getSignupUrl());
break;
//Download log
//Download log
case 'log':
printLogFile();
break;
}
}
