function loginForm($username = null, $status = null, &$auth = null)
{
global $templateEngine;
$templateEngine->clearAssign('MenuItems');
$templateEngine->clearAssign("LoggedInUsername");
$templateEngine->assign('username', $username);
switch ($status) {
case 0:
break;
case -1:
case -2:
$error = T_("Your session has expired. Please login again");
AdminLog::getInstance()->log("Expired Session");
break;
case -3:
$error = T_("Incorrect Login");
AdminLog::getInstance()->log("Invalid Login");
break;
case -5:
$errro = T_("Security Issue. Please login again");
AdminLog::getInstance()->log("Security Issue With Login");
break;
default:
$error = T_("Authentication Issue. Please report to Admin");
AdminLog::getInstance()->log("Auth Issues: {$status}");
}
if (isset($error)) {
$templateEngine->assign("error", $error);
}
$templateEngine->displayPage('loginform.tpl');
exit;
}
public static function fatalDatabaseError($error, $pear_error_obj)
{
if (is_object($pear_error_obj)) {
$error .= ": " . $pear_error_obj->toString();
}
$AdminLog =& \AdminLog::getInstance();
$AdminLog->log_error($error);
global $NONINTERACTIVE_SCRIPT;
if (isset($NONINTERACTIVE_SCRIPT) && $NONINTERACTIVE_SCRIPT) {
// Non-interactive script running, return error message as comments
echo "#error_occured\n";
echo "# An error has occured in the application\n";
echo "# More information may be available in the server logs\n";
echo "# ::{$error}::\n";
echo "# Memory used: " . memory_get_usage() . "\n";
die;
}
$smarty = new \SmartyBC();
$smarty->compile_check = true;
$smarty->register_block('t', 'smarty_block_t');
// Needed even though message will be in English
$smarty->assign("Application", APPLICATION_NAME);
$smarty->assign("error", $error);
$smarty->display("error.tpl");
//var_dump($pear_error_obj);
die;
}
/**
* User manager index
*/
public function actionIndex()
{
$model = new AdminLog('search');
$model->unsetAttributes();
if (isset($_GET['AdminLog'])) {
$model->attributes = $_GET['AdminLog'];
}
$this->title[] = at('Admin Logs');
$user = null;
if (getRParam('user')) {
$user = User::model()->findByPk(getRParam('user'));
if ($user) {
$this->title[] = at('Viewing logs for {name}', array('{name}' => $user->name));
}
}
$this->render('index', array('model' => $model, 'user' => $user));
}
<!-- //header -->
<br>
<br>
<!-- Content -->
<div class="row-fluid">
<?php
include_layout_template('admin_menu.php');
?>
<div class="span9">
<?php
if (isset($_POST["uid"])) {
$user_id = customDecrypt($_POST["uid"]);
$user = AdminLog::find_by_id($user_id);
if (isset($user->surname) && isset($user->othernames)) {
echo '<h5 align="center">Edit ' . $user->surname . ' ' . $user->othernames . '\'s Profile</h5>';
}
}
?>
<hr>
<form action="" method="POST" class="admin_edit_form form-horizontal" >
<div class="control-group">
<label class="control-label" for="inputSurname">Surname</label>
<div class="controls">
<div class="input-prepend">
<span class="add-on"><i class="icon-user"></i></span>
<input type="text" id="surname" name="surname" placeholder="Enter surname" value="<?php
if (isset($user->surname)) {
echo $user->surname;
$password = \Grase\Util::randomPassword($Settings->getSetting('passwordLength'));
}
// Attempt to create user. Will error if it's not a unique username
if (DatabaseFunctions::getInstance()->createUser($username, $password, $MaxMb, $MaxTime, expiry_for_group($group, $groupSettings), $groupSettings[$group]['ExpireAfter'], \Grase\Clean::text($_POST['Group']), \Grase\Clean::text($_POST['Comment']))) {
AdminLog::getInstance()->log("Created new user {$username}");
$Settings->addUserToBatch($batchID, $username);
$createdUsernames[] = $username;
} else {
// Failed to create. Most likely not a unique username.
// Try again but only for so long (i.e. all usernames are in use)
$i--;
// This really chokes up the logs, maybe don't log this? TODO
AdminLog::getInstance()->log("Failed to created new user {$username}. Probably duplicate username");
$failedUsers++;
if ($failedUsers > 20) {
AdminLog::getInstance()->log("Too many failed usernames, stopping batch creation");
$error[] = sprintf(T_("Too many users failed to create. Batch creation stopped. %s users have been successfully created"), $i);
break;
}
}
}
// Load up user details of created users for displaying
$createdUsers = DatabaseFunctions::getInstance()->getMultipleUsersDetails($createdUsernames);
$templateEngine->assign("createdusers", $createdUsers);
// Check if we managed to create all users or if batch failed
if ($failedUsers <= 20) {
$success[] = T_("Tickets Successfully Created");
$success[] = "<a target='_tickets' href='export.php?format=html&batch={$batchID}'>" . T_("Print Tickets") . "</a>";
unset($user);
}
}
public function unlockUser($username)
{
/* Remove a lock on a user account */
$sql = sprintf("DELETE FROM radcheck\n WHERE Username=%s\n AND Attribute=%s", $this->db->quote($username), $this->db->quote('Auth-Type'));
$result = $this->db->queryOne($sql);
if (PEAR::isError($result)) {
\Grase\ErrorHandling::fatalDatabaseError(T_('Removing User Lock Query Failed: '), $result);
}
$sql = sprintf("DELETE FROM radreply\n WHERE Username=%s\n AND Attribute=%s", $this->db->quote($username), $this->db->quote('Reply-Message'));
$result = $this->db->queryOne($sql);
if (PEAR::isError($result)) {
\Grase\ErrorHandling::fatalDatabaseError(T_('Removing User Lock Message Query Failed: '), $result);
}
AdminLog::getInstance()->log("Unlocked user {$username}");
}
if ($user_exist->email == $email) {
sleep(2);
echo '<h4 class="alert alert-error">Error</h4>';
echo '<hr>';
echo "The E-mail:<font color='#FF0000'>'" . $user_exist->email . "'</font> already exists in our database";
echo '<br>';
echo 'Use the Close Button to Continue';
} elseif ($user_exist->staff_id == $staff_id) {
sleep(2);
echo '<h4 class="alert alert-error">Error</h4>';
echo '<hr>';
echo "The Staff ID:<font color='#FF0000'> '" . $user_exist->staff_id . "'</font> already exists in our database";
echo '<br>';
echo 'Use the Close Button to Continue';
} else {
$user = new AdminLog();
$user->surname = htmlspecialchars($_POST['surname'], ENT_QUOTES);
$user->othernames = htmlspecialchars($_POST['othernames'], ENT_QUOTES);
$user->password = htmlspecialchars(sha1($_POST['epassword']), ENT_QUOTES);
$user->email = htmlspecialchars($_POST['email'], ENT_QUOTES);
$user->staff_id = htmlspecialchars($_POST['staffid'], ENT_QUOTES);
$user->rank = htmlspecialchars($_POST['rank'], ENT_QUOTES);
$user->role = htmlspecialchars($_POST['role'], ENT_QUOTES);
$user->department_id = htmlspecialchars($_POST['department_id'], ENT_QUOTES);
$user->activated_status = 1;
$user->save();
if ($database->affected_rows() == 1) {
if ($user->sendVerificationMail($_POST['epassword'])) {
sleep(2);
echo '<h4 class="alert alert-success">Success</h4>';
echo '<hr>';
<?php
/* Copyright 2009 Timothy White */
/* This file is part of GRASE Hotspot.
http://grasehotspot.org/
GRASE Hotspot is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GRASE Hotspot is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GRASE Hotspot. If not, see <http://www.gnu.org/licenses/>.
*/
$PAGE = 'adminlog';
require_once 'includes/pageaccess.inc.php';
require_once 'includes/session.inc.php';
require_once 'includes/misc_functions.inc.php';
// TODO: Add "reset" option that archives old stuff? (Or deletes old stuff)
$templateEngine->assign("loglines", AdminLog::getInstance()->getLog());
$templateEngine->assign("lastcron", AdminLog::getInstance()->lastCron());
$templateEngine->displayPage('adminlog.tpl');
$error = "Logo Failed to upload";
} elseif ($_FILES['newlogo']['size'] > 50960) {
$error = "Logo too big";
} else {
// TODO: test if jpg or png
// TODO: test if jpeg/jpg/png extension otherwise browser doesn't know type
//print "Attempting to test if png";
if (exif_imagetype($_FILES['newlogo']['tmp_name']) != IMAGETYPE_PNG) {
$error = "Logo is not a png";
} else {
// TODO: don't overwrite logo.X, upload to logo dir and remember name to add to css/html
//print "Attempting to move file";
if (move_uploaded_file($_FILES['newlogo']['tmp_name'], '/usr/share/grase/www/images/logo.png')) {
$error = false;
$success = "Logo Updated (you may need to refresh your browser to see the change)";
AdminLog::getInstance()->log("New Logo Uploaded");
} else {
$error = "Unable to save new logo to server";
}
}
}
} else {
$error = \Grase\Util::fileUploadErrorCodeToMessage($_FILES['newlogo']['error']);
}
}
if ($error) {
$templateEngine->assign("error", array($error));
}
if ($success) {
$templateEngine->assign("success", array($success));
}
if (sizeof($errors) == 0) {
// Access level is set at creation and can't be changed via the Auth class
if ($Auth->addUser($_POST['newUsername'], $_POST['newPassword'], array('accesslevel' => $newAccessLevel))) {
$success[] = T_("User Created");
AdminLog::getInstance()->log("New Admin User Created, {$_POST['newUsername']}");
} else {
$errors[] = T_("Error Creating Admin User");
}
}
}
// Delete admin user
if (isset($_POST['deleteadminusersubmit'])) {
if ($_POST['deleteusername']) {
$success[] = sprintf(T_("User %s Deleted"), $_POST['deleteusername']);
$Auth->removeUser($_POST['deleteusername']) or $error_delete = "Error Deleting User";
AdminLog::getInstance()->log("Admin User Deleted, {$_POST['deleteusername']}");
} else {
$errors[] = T_("Invalid Delete Request");
}
}
$templateEngine->assign("error", $errors);
$templateEngine->assign("success", $success);
$adminUsersDetails = array();
foreach ($Auth->listUsers() as $adminUserDetail) {
unset($adminUserDetail['password']);
switch ($adminUserDetail['accesslevel']) {
case 1:
$adminUserDetail['accesslevellabel'] = T_("Admin User");
break;
case 2:
$adminUserDetail['accesslevellabel'] = T_("Power User");
// TODO: Check return for success
$success[] = T_("Max Time Limit Updated");
AdminLog::getInstance()->log(sprintf(T_("Max Time Limit changed for %s"), $username));
}
}
}
if (isset($_POST['unexpiresubmit'])) {
DatabaseFunctions::getInstance()->setUserExpiry($username, expiry_for_group(DatabaseFunctions::getInstance()->getUserGroup($username)));
$success[] = T_("Expiry updated");
}
// Delete User
if (isset($_POST['deleteusersubmit'])) {
DatabaseFunctions::getInstance()->deleteUser($username);
// TODO: Check for success
$success[] = sprintf(T_("User '%s' Deleted"), $username);
AdminLog::getInstance()->log("User {$username} deleted");
$templateEngine->assign("error", $error);
$templateEngine->assign("success", $success);
require 'display.php';
die;
// TODO: Recode so don't need die (too many nests?)
}
$templateEngine->assign("error", $error);
$templateEngine->assign("success", $success);
// if $success we need to reload the info
if (sizeof($success) > 0 || sizeof($error) > 0) {
$user = DatabaseFunctions::getInstance()->getUserDetails($_GET['username']);
}
// After potential reload, we can assign it to smarty
$templateEngine->assign("user", $user);
// After all user details are loaded, we can load our warning
$sql = "SELECT * FROM `admin_users` WHERE `staff_id`='" . $staff_id . "' AND `password`= '" . $password . "' LIMIT 1";
$user = AdminLog::find_by_sql($sql);
$user = array_shift($user);
if (empty($user)) {
// Your don't have an account yet or email and password combination wrong
sleep(2);
echo '<h4 class="alert alert-error">Error</h4>';
echo '<hr>';
echo 'Your information does not exist in our database it may be due to the following reasons.';
echo '<ol>';
echo '<li>Your staff_id and password combination is wrong.</li>';
echo '<li>You do not have an account.</li>';
echo '</ol>';
} else {
// store applicant_id in session
$adminLog = new AdminLog();
$adminLog->user_id = $user->user_id;
if ($user->activated_status == 1) {
$adminLog->db_fields = array('last_logged_in');
$adminLog->last_logged_in = date('Y-m-d H:i:s');
$adminLog->save();
$session->admin_login($user->user_id);
$_SESSION["role"] = $user->role;
if ($user->role == 4) {
$_SESSION["department_id"] = $user->department_id;
}
sleep(2);
echo '<h4 class="alert alert-success">' . $display_greeting . ', ' . ucfirst($user->surname) . ' ' . ucfirst($user->othernames) . '</h4>';
if ($user->edit_status == 0) {
echo '<hr>';
echo 'You must edit your details before you can continue<br>';
<!-- Content -->
<div class="row-fluid">
<?php
include_layout_template('admin_menu.php');
?>
<div class="span9">
<h2>Read Notification</h2>
<hr>
<?php
$nid = customDecrypt($_POST["nid"]);
$from = customDecrypt($_POST["from"]);
$notification = NotificationLog::find_by_sql("SELECT * FROM `notifications` WHERE notification_id = " . $nid);
$notification = array_shift($notification);
$sender = AdminLog::find_by_id($notification->user_id);
$sender = show_role($sender->role, $sender->staff_id, $sender->department_id);
?>
<form action="<?php
echo $from;
?>
" method="POST" class="form-horizontal" >
<div class="control-group">
<label class="control-label" for="selectRecipient">Sender: </label>
<div class="controls">
<div class="input-prepend">
<span class="add-on"><i class="icon-user"></i></span>
<input type="text" class="input-large" value="<?php
if (isset($sender)) {
echo $sender;
$total_all = array_shift($total_all);
?>
<div class="navbar navbar-fixed-top">
<div class="navbar-inner">
<div class="container">
<a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span></a>
<div class="nav-collapse collapse">
<ul class="nav">
<li class="active">
<a href="#" class="brand">University of Jos</a>
</li>
<li>
<a href="#" class=""><?php
echo greeting() . ', ' . AdminLog::admin_fullname($session->applicant_id) . '.';
?>
</a>
</li>
</ul>
<ul class="nav pull-right">
<li class="dropdown">
<a href="#" id="drop3" role="button" class="dropdown-toggle" data-toggle="dropdown"><span><i class="icon-envelope"></i> </span> Mails<b class="caret"></b></a>
<ul class="dropdown-menu" role="menu" aria-labelledby="drop3">
<li>
<a tabindex="-1" href="sendmail.php">Send Mail</a>
</li>
<li class="divider"></li>
<li>
<a tabindex="-1" target="_blank" href="http://mail.unijos.edu.ng">Go to Unijos Mail<span><i class="icon-chevron-right"></i> </span></a>
public function deleteVoucher($vouchername)
{
$delete = $this->radmin->prepare("DELETE FROM vouchers WHERE VoucherName=?");
$result = $delete->execute(array($vouchername));
if ($result === false) {
ErrorHandling::fatalDatabaseError(T_('Delete Voucher query failed: '), $result);
}
\AdminLog::getInstance()->log("Voucher {$vouchername} deleted");
return $result;
}
public function deleteOutOfDataUsers()
{
/* Do select to get list of usernames
* Run deleteUser over each username (this clears all junk easily
* can be condensed into less queries but this removes complexity
* */
$deleted_results = 0;
$sql = sprintf("SELECT UserName\n FROM radcheck\n WHERE Attribute = %s AND\n Value = 0", $this->db->quote('Max-Octets'));
$results = $this->db->queryAll($sql);
if (PEAR::isError($results)) {
return T_('Fetching users to delete failed') . $results->toString();
}
foreach ($results as $user) {
AdminLog::getInstance()->log_cron("Cron Deleting OutOfData {$user['UserName']}");
$this->deleteUser($user['UserName']);
}
$deleted_results += sizeof($results);
if ($deleted_results) {
return "({$deleted_results}) " . T_('OutOfData users deleted');
}
return false;
}
} else {
echo '<h4 class="alert alert-error">Error</h4>';
echo '<hr>';
echo "Failed to insert into news event table.";
echo '<hr>';
}
break;
case 'update_news':
$news = new News_Events();
$news->db_fields = array('title', 'display_line', 'content', 'visible', 'verified_by', 'last_update');
$news->id = customDecrypt($_POST['nid']);
$news->title = $_POST['title'];
$news->display_line = $_POST['display_line'];
$news->content = $_POST['content'];
$news->visible = $_POST['status'];
$admin = AdminLog::find_by_id($_SESSION['applicant_id']);
$news->verified_by = $admin->surname . " " . $admin->othernames;
$time = time();
$news->last_update = date("Y-m-d H:i:s", $time);
if ($news->save()) {
echo '<h4 class="alert alert-success">Success</h4>';
echo '<hr>';
echo "<p>You have successfully updated news event table</p>";
echo '<hr>';
} else {
echo '<h4 class="alert alert-error">Error</h4>';
echo '<hr>';
echo "Failed to update news event table.";
echo '<hr>';
}
break;
echo '<hr>';
echo "The Staff ID:<font color='#FF0000'> '" . $user_exist->staff_id . "'</font> already exists in our database";
echo '<br>';
echo 'Use the Close Button to Continue';
} else {
//get current details from the db
$initial_details = AdminLog::find_by_id($session->applicant_id);
if ($initial_details->edit_status == 0 && $initial_details->password == htmlspecialchars(sha1($_POST['epassword']), ENT_QUOTES)) {
sleep(2);
echo '<h4 class="alert alert-error">Error</h4>';
echo '<hr>';
echo "You cannot use the same password<br> ";
echo '<hr>';
exit;
}
$user = new AdminLog();
$user->user_id = $session->applicant_id;
$user->surname = htmlspecialchars($_POST['surname'], ENT_QUOTES);
$user->othernames = htmlspecialchars($_POST['othernames'], ENT_QUOTES);
$user->password = htmlspecialchars(sha1($_POST['epassword']), ENT_QUOTES);
$user->email = htmlspecialchars($_POST['email'], ENT_QUOTES);
$user->staff_id = htmlspecialchars($_POST['staffid'], ENT_QUOTES);
$user->rank = htmlspecialchars($_POST['rank'], ENT_QUOTES);
$user->edit_status = 1;
$user->db_fields = array('staff_id', 'surname', 'othernames', 'password', 'email', 'rank', 'edit_status');
$user->save();
if ($database->affected_rows() == 1) {
sleep(2);
echo '<h4 class="alert alert-success">Success</h4>';
echo '<hr>';
echo "You have successfully edited your account\n";
function updateSupportLinkSetting($supportLink)
{
global $error, $Settings, $success;
if ($Settings->getSetting('supportContactLink') == $supportLink) {
return true;
}
if ($supportLink == "" || strpos($supportLink, ' ') !== false) {
$error[] = T_("Support link not valid");
} else {
if ($Settings->setSetting('supportContactLink', $supportLink)) {
$success[] = T_("Support link updated");
AdminLog::getInstance()->log(T_("Support link updated"));
} else {
$error[] = T_("Error Saving Support link");
}
}
}
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GRASE Hotspot. If not, see <http://www.gnu.org/licenses/>.
*/
$NONINTERACTIVE_SCRIPT = true;
require_once __DIR__ . '/../../vendor/autoload.php';
require_once 'includes/misc_functions.inc.php';
// Special case for stale sessions, don't log it
/*if(isset($_GET['clearstalesessions']))
{
CronFunctions::getInstance()->clearStaleSessions();
exit;
}*/
AdminLog::getInstance()->log_cron("CRON");
$DBs = new DatabaseConnections();
$radiusDB = new \Grase\Database\Database();
$radminDB = new \Grase\Database\Database('/etc/grase/radmin.conf');
$upgradeDB = new \Grase\Database\Upgrade($radiusDB, $radminDB, new \Grase\Database\Radmin($radminDB), CronFunctions::getInstance());
$upgradeDatabaseResults = $upgradeDB->upgradeDatabase();
if ($upgradeDatabaseResults) {
echo "{$upgradeDatabaseResults}\n";
}
$staleSessionsResult = CronFunctions::getInstance()->clearStaleSessions();
if ($staleSessionsResult) {
echo "{$staleSessionsResult}\n";
}
$expiredUsersResults = CronFunctions::getInstance()->deleteExpiredUsers();
if ($expiredUsersResults) {
echo "{$expiredUsersResults}\n";
$groupSettings = $Settings->getGroup($user['Group']);
// TODO: Create function to make these the same across all locations
// Check if we are using the dropdown, or inherit to override the input field
if (is_numeric($user['Max_Mb'])) {
$user['MaxMb'] = $user['Max_Mb'];
} elseif ($user['Max_Mb'] == 'inherit') {
$user['MaxMb'] = $groupSettings[$user['Group']]['MaxMb'];
}
// Check if we are using the dropdown, or inherit to override the input field
if (is_numeric($user['Max_Time'])) {
$user['MaxTime'] = $user['Max_Time'];
} elseif ($user['Max_Time'] == 'inherit') {
$user['MaxTime'] = $groupSettings[$user['Group']]['MaxTime'];
}
// TODO: Check if valid
DatabaseFunctions::getInstance()->createUser($user['Username'], $user['Password'], $user['MaxMb'], $user['MaxTime'], expiry_for_group($user['Group'], $groupSettings), $groupSettings[$user['Group']]['ExpireAfter'], $user['Group'], $user['Comment']);
$success[] = sprintf(T_("User %s Successfully Created"), $user['Username']);
$success[] = "<a target='_tickets' href='export.php?format=html&user={$user['Username']}'>" . sprintf(T_("Print Ticket for %s"), $user['Username']) . "</a>";
AdminLog::getInstance()->log(sprintf(T_("Created new user %s"), $user['Username']));
$templateEngine->assign("success", $success);
// We are now loading the form afresh, ensure we clear the $user array
$user = array();
}
}
$user['Password'] = \Grase\Util::randomPassword($Settings->getSetting('passwordLength'));
// TODO: make default settings customisable
$user['Max_Mb'] = 'inherit';
$user['Max_Time'] = 'inherit';
$user['Expiration'] = "--";
$templateEngine->assign("user", $user);
$templateEngine->displayPage($templateFile);
<?php
include_layout_template('admin_menu.php');
?>
<div class="span9">
<h2>Send Mail To Admin</h2>
<hr>
<h3>Note:</h3>
<ul>
<li>This function is used for sending of mails to other admins</li>
<li>You will be required to enter your unijos mail password before you can send the mail</li>
</ul>
<?php
$database = new MySQLDatabase();
$sql_all_users = $database->query("SELECT * FROM admin_users");
$admin_details = AdminLog::find_by_sql("SELECT * FROM admin_users WHERE user_id='" . $session->applicant_id . "'");
$admin_details = array_shift($admin_details);
?>
<form action="" method="POST" class="form-horizontal sendmail" id="sendmail" >
<div class="control-group">
<label class="control-label" for="inputEmail">Email: </label>
<div class="controls">
<div class="input-prepend">
<span class="add-on"><i class="icon-envelope"></i></span>
<input type="text" class="input-large" value="<?php
echo $admin_details->email;
?>
" id="email" name="email" readonly />
</div>
</div>
<?php
require_once "../../inc/initialize.php";
// print_r($_POST);
// die();
if (isset($_POST['uid'])) {
$user = new AdminLog();
$user->user_id = customDecrypt($_POST['uid']);
$user->surname = $_POST['surname'];
$user->othernames = $_POST['othernames'];
if ($_POST['epassword'] != '') {
$user->password = sha1($_POST['epassword']);
$user->db_fields = array('surname', 'othernames', 'password', 'email', 'staff_id', 'rank', 'activated_status', 'role', 'department_id');
} else {
$user->db_fields = array('surname', 'othernames', 'email', 'staff_id', 'rank', 'activated_status', 'role', 'department_id');
}
$user->email = $_POST['email'];
$user->staff_id = $_POST['staffid'];
$user->rank = $_POST['rank'];
$user->activated_status = $_POST['activated_status'];
$user->role = $_POST['role'];
if ($user->role != 4) {
$user->department_id = 0;
} else {
$user->department_id = $_POST['department_id'];
}
// print_r($user);
// die();
//$database->affected_rows() == 1
if ($user->save()) {
echo '<h4 class="alert alert-success">Success</h4>';
/**
* Log an admin log
* @param string $messsage
* @return boolean
*/
function alog($message)
{
if (!trim($message)) {
return false;
}
$userId = Yii::app()->user->id ? Yii::app()->user->id : 0;
$note = trim($message);
$ipAddress = Yii::app()->request ? Yii::app()->request->getUserHostAddress() : '';
$controller = Yii::app()->getController() ? Yii::app()->getController()->id : '';
$action = $controller && Yii::app()->getController()->getAction() ? Yii::app()->getController()->getAction()->id : '';
// Add to db
$model = new AdminLog();
$model->user_id = $userId;
$model->note = $note;
$model->ip_address = $ipAddress;
$model->controller = $controller;
$model->action = $action;
return $model->save();
}
function traderoute_check_compatible($type1, $type2, $move, $circuit, $src, $dest)
{
global $playerinfo;
global $l_tdr_nowlink1, $l_tdr_nowlink2, $l_tdr_sportissrc, $l_tdr_notownplanet, $l_tdr_planetisdest;
global $l_tdr_samecom, $l_tdr_sportcom, $color_line1, $color_line2, $color_header, $servertimezone;
global $db;
global $db_logging;
// Check circuit compatibility (we only use types 1 and 2 so block anything else)
if ($circuit != "1" && $circuit != "2") {
AdminLog::writeLog($db, LOG_RAW, "{$playerinfo['ship_id']}|Tried to use an invalid circuit_type of '{$circuit}', This is normally a result from using an external page and should be banned.");
traderoute_die("Invalid Circuit type!<br>*** Possible Exploit has been reported to the admin. ***");
}
// Check warp links compatibility
if ($move == 'warp') {
$query = $db->Execute("SELECT link_id FROM {$db->prefix}links WHERE link_start=? AND link_dest=?;", array($src['sector_id'], $dest['sector_id']));
db_op_result($db, $query, __LINE__, __FILE__, $db_logging);
if ($query->EOF) {
$l_tdr_nowlink1 = str_replace("[tdr_src_sector_id]", $src['sector_id'], $l_tdr_nowlink1);
$l_tdr_nowlink1 = str_replace("[tdr_dest_sector_id]", $dest['sector_id'], $l_tdr_nowlink1);
traderoute_die($l_tdr_nowlink1);
}
if ($circuit == '2') {
$query = $db->Execute("SELECT link_id FROM {$db->prefix}links WHERE link_start=? AND link_dest=?;", array($dest['sector_id'], $src['sector_id']));
db_op_result($db, $query, __LINE__, __FILE__, $db_logging);
if ($query->EOF) {
$l_tdr_nowlink2 = str_replace("[tdr_src_sector_id]", $src['sector_id'], $l_tdr_nowlink2);
$l_tdr_nowlink2 = str_replace("[tdr_dest_sector_id]", $dest['sector_id'], $l_tdr_nowlink2);
traderoute_die($l_tdr_nowlink2);
}
}
}
// Check ports compatibility
if ($type1 == 'port') {
if ($src['port_type'] == 'special') {
if ($type2 != 'planet' && $type2 != 'corp_planet') {
traderoute_die($l_tdr_sportissrc);
}
if ($dest['owner'] != $playerinfo['ship_id'] && ($dest['corp'] == 0 || $dest['corp'] != $playerinfo['team'])) {
traderoute_die($l_tdr_notownplanet);
}
} else {
if ($type2 == 'planet') {
traderoute_die($l_tdr_planetisdest);
}
if ($src['port_type'] == $dest['port_type']) {
traderoute_die($l_tdr_samecom);
}
}
} else {
if (array_key_exists('port_type', $dest) == true && $dest['port_type'] == 'special') {
traderoute_die($l_tdr_sportcom);
}
}
}
/* Copyright 2008 Timothy White */
/* This file is part of GRASE Hotspot.
http://grasehotspot.org/
GRASE Hotspot is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
GRASE Hotspot is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GRASE Hotspot. If not, see <http://www.gnu.org/licenses/>.
*/
$PAGE = 'login';
require_once 'includes/pageaccess.inc.php';
$from_page = 'login';
require_once 'includes/session.inc.php';
AdminLog::getInstance()->log("Log in");
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
if (isset($_GET['page'])) {
$uri = $_GET['page'];
}
// Sanity check
header("Location: http://{$host}{$uri}");
exit;
function dismissNamsari()
{
if (!F3::get('SESSION.asid')) {
F3::reroute("/admin");
}
$id = F3::get("PARAMS.id");
$vrs = new Axon("vehicle");
$vrs->load(array("id=:id", array(":id" => $id)));
$zone = Admin::getZone($vrs->zone_id);
$symbol = Admin::getSymbolType($vrs->vehicle_symbol_type);
$vehicleNo = $zone . $vrs->lot_number . $symbol . $vrs->number;
AdminLog::add($vehicleNo, $vrs->form_type, "dismissed");
$vrs->erase();
F3::reroute("/admin/ownershipTransfer/s");
}
<?php
$session = new Session();
//the $session->applicant_id is the user_id of the admin
$user = AdminLog::find_by_id($session->applicant_id);
?>
<h5 align="center">Edit Profile</h5>
<hr>
<h6 align="center">All Fields are Required</h6>
<form action="" method="POST" class="create_form form-horizontal" >
<div class="control-group">
<label class="control-label" for="inputEmail">Surname</label>
<div class="controls">
<div class="input-prepend">
<span class="add-on"><i class="icon-user"></i></span>
<input type="text" id="surname" name="surname" placeholder="Enter surname" value="<?php
if (isset($user->surname)) {
echo $user->surname;
}
?>
" required />
</div>
</div>
</div>
<div class="control-group">
<label class="control-label" for="inputEmail">Other Names</label>
<div class="controls">
<div class="input-prepend">
<span class="add-on"><i class="icon-user"></i></span>
<input type="text" id="othernames" name="othernames" placeholder="Enter other names" value="<?php
public static function gerarLog($dir, $tabela, $msg)
{
$diretorio = Kernel::get_conf('sys_path') . DIRECTORY_SEPARATOR . '_log' . DIRECTORY_SEPARATOR . $dir;
Uteis::criarDir($diretorio);
$log = new AdminLog($dir);
$log->addValorXML('acao', $msg);
$log->addValorXML('tabela', $tabela);
return $log;
}
