function loginForm($username = null, $status = null, &$auth = null) { global $templateEngine; $templateEngine->clearAssign('MenuItems'); $templateEngine->clearAssign("LoggedInUsername"); $templateEngine->assign('username', $username); switch ($status) { case 0: break; case -1: case -2: $error = T_("Your session has expired. Please login again"); AdminLog::getInstance()->log("Expired Session"); break; case -3: $error = T_("Incorrect Login"); AdminLog::getInstance()->log("Invalid Login"); break; case -5: $errro = T_("Security Issue. Please login again"); AdminLog::getInstance()->log("Security Issue With Login"); break; default: $error = T_("Authentication Issue. Please report to Admin"); AdminLog::getInstance()->log("Auth Issues: {$status}"); } if (isset($error)) { $templateEngine->assign("error", $error); } $templateEngine->displayPage('loginform.tpl'); exit; }
public static function fatalDatabaseError($error, $pear_error_obj) { if (is_object($pear_error_obj)) { $error .= ": " . $pear_error_obj->toString(); } $AdminLog =& \AdminLog::getInstance(); $AdminLog->log_error($error); global $NONINTERACTIVE_SCRIPT; if (isset($NONINTERACTIVE_SCRIPT) && $NONINTERACTIVE_SCRIPT) { // Non-interactive script running, return error message as comments echo "#error_occured\n"; echo "# An error has occured in the application\n"; echo "# More information may be available in the server logs\n"; echo "# ::{$error}::\n"; echo "# Memory used: " . memory_get_usage() . "\n"; die; } $smarty = new \SmartyBC(); $smarty->compile_check = true; $smarty->register_block('t', 'smarty_block_t'); // Needed even though message will be in English $smarty->assign("Application", APPLICATION_NAME); $smarty->assign("error", $error); $smarty->display("error.tpl"); //var_dump($pear_error_obj); die; }
/** * User manager index */ public function actionIndex() { $model = new AdminLog('search'); $model->unsetAttributes(); if (isset($_GET['AdminLog'])) { $model->attributes = $_GET['AdminLog']; } $this->title[] = at('Admin Logs'); $user = null; if (getRParam('user')) { $user = User::model()->findByPk(getRParam('user')); if ($user) { $this->title[] = at('Viewing logs for {name}', array('{name}' => $user->name)); } } $this->render('index', array('model' => $model, 'user' => $user)); }
<!-- //header --> <br> <br> <!-- Content --> <div class="row-fluid"> <?php include_layout_template('admin_menu.php'); ?> <div class="span9"> <?php if (isset($_POST["uid"])) { $user_id = customDecrypt($_POST["uid"]); $user = AdminLog::find_by_id($user_id); if (isset($user->surname) && isset($user->othernames)) { echo '<h5 align="center">Edit ' . $user->surname . ' ' . $user->othernames . '\'s Profile</h5>'; } } ?> <hr> <form action="" method="POST" class="admin_edit_form form-horizontal" > <div class="control-group"> <label class="control-label" for="inputSurname">Surname</label> <div class="controls"> <div class="input-prepend"> <span class="add-on"><i class="icon-user"></i></span> <input type="text" id="surname" name="surname" placeholder="Enter surname" value="<?php if (isset($user->surname)) { echo $user->surname;
$password = \Grase\Util::randomPassword($Settings->getSetting('passwordLength')); } // Attempt to create user. Will error if it's not a unique username if (DatabaseFunctions::getInstance()->createUser($username, $password, $MaxMb, $MaxTime, expiry_for_group($group, $groupSettings), $groupSettings[$group]['ExpireAfter'], \Grase\Clean::text($_POST['Group']), \Grase\Clean::text($_POST['Comment']))) { AdminLog::getInstance()->log("Created new user {$username}"); $Settings->addUserToBatch($batchID, $username); $createdUsernames[] = $username; } else { // Failed to create. Most likely not a unique username. // Try again but only for so long (i.e. all usernames are in use) $i--; // This really chokes up the logs, maybe don't log this? TODO AdminLog::getInstance()->log("Failed to created new user {$username}. Probably duplicate username"); $failedUsers++; if ($failedUsers > 20) { AdminLog::getInstance()->log("Too many failed usernames, stopping batch creation"); $error[] = sprintf(T_("Too many users failed to create. Batch creation stopped. %s users have been successfully created"), $i); break; } } } // Load up user details of created users for displaying $createdUsers = DatabaseFunctions::getInstance()->getMultipleUsersDetails($createdUsernames); $templateEngine->assign("createdusers", $createdUsers); // Check if we managed to create all users or if batch failed if ($failedUsers <= 20) { $success[] = T_("Tickets Successfully Created"); $success[] = "<a target='_tickets' href='export.php?format=html&batch={$batchID}'>" . T_("Print Tickets") . "</a>"; unset($user); } }
public function unlockUser($username) { /* Remove a lock on a user account */ $sql = sprintf("DELETE FROM radcheck\n WHERE Username=%s\n AND Attribute=%s", $this->db->quote($username), $this->db->quote('Auth-Type')); $result = $this->db->queryOne($sql); if (PEAR::isError($result)) { \Grase\ErrorHandling::fatalDatabaseError(T_('Removing User Lock Query Failed: '), $result); } $sql = sprintf("DELETE FROM radreply\n WHERE Username=%s\n AND Attribute=%s", $this->db->quote($username), $this->db->quote('Reply-Message')); $result = $this->db->queryOne($sql); if (PEAR::isError($result)) { \Grase\ErrorHandling::fatalDatabaseError(T_('Removing User Lock Message Query Failed: '), $result); } AdminLog::getInstance()->log("Unlocked user {$username}"); }
if ($user_exist->email == $email) { sleep(2); echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo "The E-mail:<font color='#FF0000'>'" . $user_exist->email . "'</font> already exists in our database"; echo '<br>'; echo 'Use the Close Button to Continue'; } elseif ($user_exist->staff_id == $staff_id) { sleep(2); echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo "The Staff ID:<font color='#FF0000'> '" . $user_exist->staff_id . "'</font> already exists in our database"; echo '<br>'; echo 'Use the Close Button to Continue'; } else { $user = new AdminLog(); $user->surname = htmlspecialchars($_POST['surname'], ENT_QUOTES); $user->othernames = htmlspecialchars($_POST['othernames'], ENT_QUOTES); $user->password = htmlspecialchars(sha1($_POST['epassword']), ENT_QUOTES); $user->email = htmlspecialchars($_POST['email'], ENT_QUOTES); $user->staff_id = htmlspecialchars($_POST['staffid'], ENT_QUOTES); $user->rank = htmlspecialchars($_POST['rank'], ENT_QUOTES); $user->role = htmlspecialchars($_POST['role'], ENT_QUOTES); $user->department_id = htmlspecialchars($_POST['department_id'], ENT_QUOTES); $user->activated_status = 1; $user->save(); if ($database->affected_rows() == 1) { if ($user->sendVerificationMail($_POST['epassword'])) { sleep(2); echo '<h4 class="alert alert-success">Success</h4>'; echo '<hr>';
<?php /* Copyright 2009 Timothy White */ /* This file is part of GRASE Hotspot. http://grasehotspot.org/ GRASE Hotspot is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. GRASE Hotspot is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GRASE Hotspot. If not, see <http://www.gnu.org/licenses/>. */ $PAGE = 'adminlog'; require_once 'includes/pageaccess.inc.php'; require_once 'includes/session.inc.php'; require_once 'includes/misc_functions.inc.php'; // TODO: Add "reset" option that archives old stuff? (Or deletes old stuff) $templateEngine->assign("loglines", AdminLog::getInstance()->getLog()); $templateEngine->assign("lastcron", AdminLog::getInstance()->lastCron()); $templateEngine->displayPage('adminlog.tpl');
$error = "Logo Failed to upload"; } elseif ($_FILES['newlogo']['size'] > 50960) { $error = "Logo too big"; } else { // TODO: test if jpg or png // TODO: test if jpeg/jpg/png extension otherwise browser doesn't know type //print "Attempting to test if png"; if (exif_imagetype($_FILES['newlogo']['tmp_name']) != IMAGETYPE_PNG) { $error = "Logo is not a png"; } else { // TODO: don't overwrite logo.X, upload to logo dir and remember name to add to css/html //print "Attempting to move file"; if (move_uploaded_file($_FILES['newlogo']['tmp_name'], '/usr/share/grase/www/images/logo.png')) { $error = false; $success = "Logo Updated (you may need to refresh your browser to see the change)"; AdminLog::getInstance()->log("New Logo Uploaded"); } else { $error = "Unable to save new logo to server"; } } } } else { $error = \Grase\Util::fileUploadErrorCodeToMessage($_FILES['newlogo']['error']); } } if ($error) { $templateEngine->assign("error", array($error)); } if ($success) { $templateEngine->assign("success", array($success)); }
if (sizeof($errors) == 0) { // Access level is set at creation and can't be changed via the Auth class if ($Auth->addUser($_POST['newUsername'], $_POST['newPassword'], array('accesslevel' => $newAccessLevel))) { $success[] = T_("User Created"); AdminLog::getInstance()->log("New Admin User Created, {$_POST['newUsername']}"); } else { $errors[] = T_("Error Creating Admin User"); } } } // Delete admin user if (isset($_POST['deleteadminusersubmit'])) { if ($_POST['deleteusername']) { $success[] = sprintf(T_("User %s Deleted"), $_POST['deleteusername']); $Auth->removeUser($_POST['deleteusername']) or $error_delete = "Error Deleting User"; AdminLog::getInstance()->log("Admin User Deleted, {$_POST['deleteusername']}"); } else { $errors[] = T_("Invalid Delete Request"); } } $templateEngine->assign("error", $errors); $templateEngine->assign("success", $success); $adminUsersDetails = array(); foreach ($Auth->listUsers() as $adminUserDetail) { unset($adminUserDetail['password']); switch ($adminUserDetail['accesslevel']) { case 1: $adminUserDetail['accesslevellabel'] = T_("Admin User"); break; case 2: $adminUserDetail['accesslevellabel'] = T_("Power User");
// TODO: Check return for success $success[] = T_("Max Time Limit Updated"); AdminLog::getInstance()->log(sprintf(T_("Max Time Limit changed for %s"), $username)); } } } if (isset($_POST['unexpiresubmit'])) { DatabaseFunctions::getInstance()->setUserExpiry($username, expiry_for_group(DatabaseFunctions::getInstance()->getUserGroup($username))); $success[] = T_("Expiry updated"); } // Delete User if (isset($_POST['deleteusersubmit'])) { DatabaseFunctions::getInstance()->deleteUser($username); // TODO: Check for success $success[] = sprintf(T_("User '%s' Deleted"), $username); AdminLog::getInstance()->log("User {$username} deleted"); $templateEngine->assign("error", $error); $templateEngine->assign("success", $success); require 'display.php'; die; // TODO: Recode so don't need die (too many nests?) } $templateEngine->assign("error", $error); $templateEngine->assign("success", $success); // if $success we need to reload the info if (sizeof($success) > 0 || sizeof($error) > 0) { $user = DatabaseFunctions::getInstance()->getUserDetails($_GET['username']); } // After potential reload, we can assign it to smarty $templateEngine->assign("user", $user); // After all user details are loaded, we can load our warning
$sql = "SELECT * FROM `admin_users` WHERE `staff_id`='" . $staff_id . "' AND `password`= '" . $password . "' LIMIT 1"; $user = AdminLog::find_by_sql($sql); $user = array_shift($user); if (empty($user)) { // Your don't have an account yet or email and password combination wrong sleep(2); echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo 'Your information does not exist in our database it may be due to the following reasons.'; echo '<ol>'; echo '<li>Your staff_id and password combination is wrong.</li>'; echo '<li>You do not have an account.</li>'; echo '</ol>'; } else { // store applicant_id in session $adminLog = new AdminLog(); $adminLog->user_id = $user->user_id; if ($user->activated_status == 1) { $adminLog->db_fields = array('last_logged_in'); $adminLog->last_logged_in = date('Y-m-d H:i:s'); $adminLog->save(); $session->admin_login($user->user_id); $_SESSION["role"] = $user->role; if ($user->role == 4) { $_SESSION["department_id"] = $user->department_id; } sleep(2); echo '<h4 class="alert alert-success">' . $display_greeting . ', ' . ucfirst($user->surname) . ' ' . ucfirst($user->othernames) . '</h4>'; if ($user->edit_status == 0) { echo '<hr>'; echo 'You must edit your details before you can continue<br>';
<!-- Content --> <div class="row-fluid"> <?php include_layout_template('admin_menu.php'); ?> <div class="span9"> <h2>Read Notification</h2> <hr> <?php $nid = customDecrypt($_POST["nid"]); $from = customDecrypt($_POST["from"]); $notification = NotificationLog::find_by_sql("SELECT * FROM `notifications` WHERE notification_id = " . $nid); $notification = array_shift($notification); $sender = AdminLog::find_by_id($notification->user_id); $sender = show_role($sender->role, $sender->staff_id, $sender->department_id); ?> <form action="<?php echo $from; ?> " method="POST" class="form-horizontal" > <div class="control-group"> <label class="control-label" for="selectRecipient">Sender: </label> <div class="controls"> <div class="input-prepend"> <span class="add-on"><i class="icon-user"></i></span> <input type="text" class="input-large" value="<?php if (isset($sender)) { echo $sender;
$total_all = array_shift($total_all); ?> <div class="navbar navbar-fixed-top"> <div class="navbar-inner"> <div class="container"> <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span></a> <div class="nav-collapse collapse"> <ul class="nav"> <li class="active"> <a href="#" class="brand">University of Jos</a> </li> <li> <a href="#" class=""><?php echo greeting() . ', ' . AdminLog::admin_fullname($session->applicant_id) . '.'; ?> </a> </li> </ul> <ul class="nav pull-right"> <li class="dropdown"> <a href="#" id="drop3" role="button" class="dropdown-toggle" data-toggle="dropdown"><span><i class="icon-envelope"></i> </span> Mails<b class="caret"></b></a> <ul class="dropdown-menu" role="menu" aria-labelledby="drop3"> <li> <a tabindex="-1" href="sendmail.php">Send Mail</a> </li> <li class="divider"></li> <li> <a tabindex="-1" target="_blank" href="http://mail.unijos.edu.ng">Go to Unijos Mail<span><i class="icon-chevron-right"></i> </span></a>
public function deleteVoucher($vouchername) { $delete = $this->radmin->prepare("DELETE FROM vouchers WHERE VoucherName=?"); $result = $delete->execute(array($vouchername)); if ($result === false) { ErrorHandling::fatalDatabaseError(T_('Delete Voucher query failed: '), $result); } \AdminLog::getInstance()->log("Voucher {$vouchername} deleted"); return $result; }
public function deleteOutOfDataUsers() { /* Do select to get list of usernames * Run deleteUser over each username (this clears all junk easily * can be condensed into less queries but this removes complexity * */ $deleted_results = 0; $sql = sprintf("SELECT UserName\n FROM radcheck\n WHERE Attribute = %s AND\n Value = 0", $this->db->quote('Max-Octets')); $results = $this->db->queryAll($sql); if (PEAR::isError($results)) { return T_('Fetching users to delete failed') . $results->toString(); } foreach ($results as $user) { AdminLog::getInstance()->log_cron("Cron Deleting OutOfData {$user['UserName']}"); $this->deleteUser($user['UserName']); } $deleted_results += sizeof($results); if ($deleted_results) { return "({$deleted_results}) " . T_('OutOfData users deleted'); } return false; }
} else { echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo "Failed to insert into news event table."; echo '<hr>'; } break; case 'update_news': $news = new News_Events(); $news->db_fields = array('title', 'display_line', 'content', 'visible', 'verified_by', 'last_update'); $news->id = customDecrypt($_POST['nid']); $news->title = $_POST['title']; $news->display_line = $_POST['display_line']; $news->content = $_POST['content']; $news->visible = $_POST['status']; $admin = AdminLog::find_by_id($_SESSION['applicant_id']); $news->verified_by = $admin->surname . " " . $admin->othernames; $time = time(); $news->last_update = date("Y-m-d H:i:s", $time); if ($news->save()) { echo '<h4 class="alert alert-success">Success</h4>'; echo '<hr>'; echo "<p>You have successfully updated news event table</p>"; echo '<hr>'; } else { echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo "Failed to update news event table."; echo '<hr>'; } break;
echo '<hr>'; echo "The Staff ID:<font color='#FF0000'> '" . $user_exist->staff_id . "'</font> already exists in our database"; echo '<br>'; echo 'Use the Close Button to Continue'; } else { //get current details from the db $initial_details = AdminLog::find_by_id($session->applicant_id); if ($initial_details->edit_status == 0 && $initial_details->password == htmlspecialchars(sha1($_POST['epassword']), ENT_QUOTES)) { sleep(2); echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo "You cannot use the same password<br> "; echo '<hr>'; exit; } $user = new AdminLog(); $user->user_id = $session->applicant_id; $user->surname = htmlspecialchars($_POST['surname'], ENT_QUOTES); $user->othernames = htmlspecialchars($_POST['othernames'], ENT_QUOTES); $user->password = htmlspecialchars(sha1($_POST['epassword']), ENT_QUOTES); $user->email = htmlspecialchars($_POST['email'], ENT_QUOTES); $user->staff_id = htmlspecialchars($_POST['staffid'], ENT_QUOTES); $user->rank = htmlspecialchars($_POST['rank'], ENT_QUOTES); $user->edit_status = 1; $user->db_fields = array('staff_id', 'surname', 'othernames', 'password', 'email', 'rank', 'edit_status'); $user->save(); if ($database->affected_rows() == 1) { sleep(2); echo '<h4 class="alert alert-success">Success</h4>'; echo '<hr>'; echo "You have successfully edited your account\n";
function updateSupportLinkSetting($supportLink) { global $error, $Settings, $success; if ($Settings->getSetting('supportContactLink') == $supportLink) { return true; } if ($supportLink == "" || strpos($supportLink, ' ') !== false) { $error[] = T_("Support link not valid"); } else { if ($Settings->setSetting('supportContactLink', $supportLink)) { $success[] = T_("Support link updated"); AdminLog::getInstance()->log(T_("Support link updated")); } else { $error[] = T_("Error Saving Support link"); } } }
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GRASE Hotspot. If not, see <http://www.gnu.org/licenses/>. */ $NONINTERACTIVE_SCRIPT = true; require_once __DIR__ . '/../../vendor/autoload.php'; require_once 'includes/misc_functions.inc.php'; // Special case for stale sessions, don't log it /*if(isset($_GET['clearstalesessions'])) { CronFunctions::getInstance()->clearStaleSessions(); exit; }*/ AdminLog::getInstance()->log_cron("CRON"); $DBs = new DatabaseConnections(); $radiusDB = new \Grase\Database\Database(); $radminDB = new \Grase\Database\Database('/etc/grase/radmin.conf'); $upgradeDB = new \Grase\Database\Upgrade($radiusDB, $radminDB, new \Grase\Database\Radmin($radminDB), CronFunctions::getInstance()); $upgradeDatabaseResults = $upgradeDB->upgradeDatabase(); if ($upgradeDatabaseResults) { echo "{$upgradeDatabaseResults}\n"; } $staleSessionsResult = CronFunctions::getInstance()->clearStaleSessions(); if ($staleSessionsResult) { echo "{$staleSessionsResult}\n"; } $expiredUsersResults = CronFunctions::getInstance()->deleteExpiredUsers(); if ($expiredUsersResults) { echo "{$expiredUsersResults}\n";
$groupSettings = $Settings->getGroup($user['Group']); // TODO: Create function to make these the same across all locations // Check if we are using the dropdown, or inherit to override the input field if (is_numeric($user['Max_Mb'])) { $user['MaxMb'] = $user['Max_Mb']; } elseif ($user['Max_Mb'] == 'inherit') { $user['MaxMb'] = $groupSettings[$user['Group']]['MaxMb']; } // Check if we are using the dropdown, or inherit to override the input field if (is_numeric($user['Max_Time'])) { $user['MaxTime'] = $user['Max_Time']; } elseif ($user['Max_Time'] == 'inherit') { $user['MaxTime'] = $groupSettings[$user['Group']]['MaxTime']; } // TODO: Check if valid DatabaseFunctions::getInstance()->createUser($user['Username'], $user['Password'], $user['MaxMb'], $user['MaxTime'], expiry_for_group($user['Group'], $groupSettings), $groupSettings[$user['Group']]['ExpireAfter'], $user['Group'], $user['Comment']); $success[] = sprintf(T_("User %s Successfully Created"), $user['Username']); $success[] = "<a target='_tickets' href='export.php?format=html&user={$user['Username']}'>" . sprintf(T_("Print Ticket for %s"), $user['Username']) . "</a>"; AdminLog::getInstance()->log(sprintf(T_("Created new user %s"), $user['Username'])); $templateEngine->assign("success", $success); // We are now loading the form afresh, ensure we clear the $user array $user = array(); } } $user['Password'] = \Grase\Util::randomPassword($Settings->getSetting('passwordLength')); // TODO: make default settings customisable $user['Max_Mb'] = 'inherit'; $user['Max_Time'] = 'inherit'; $user['Expiration'] = "--"; $templateEngine->assign("user", $user); $templateEngine->displayPage($templateFile);
<?php include_layout_template('admin_menu.php'); ?> <div class="span9"> <h2>Send Mail To Admin</h2> <hr> <h3>Note:</h3> <ul> <li>This function is used for sending of mails to other admins</li> <li>You will be required to enter your unijos mail password before you can send the mail</li> </ul> <?php $database = new MySQLDatabase(); $sql_all_users = $database->query("SELECT * FROM admin_users"); $admin_details = AdminLog::find_by_sql("SELECT * FROM admin_users WHERE user_id='" . $session->applicant_id . "'"); $admin_details = array_shift($admin_details); ?> <form action="" method="POST" class="form-horizontal sendmail" id="sendmail" > <div class="control-group"> <label class="control-label" for="inputEmail">Email: </label> <div class="controls"> <div class="input-prepend"> <span class="add-on"><i class="icon-envelope"></i></span> <input type="text" class="input-large" value="<?php echo $admin_details->email; ?> " id="email" name="email" readonly /> </div> </div>
<?php require_once "../../inc/initialize.php"; // print_r($_POST); // die(); if (isset($_POST['uid'])) { $user = new AdminLog(); $user->user_id = customDecrypt($_POST['uid']); $user->surname = $_POST['surname']; $user->othernames = $_POST['othernames']; if ($_POST['epassword'] != '') { $user->password = sha1($_POST['epassword']); $user->db_fields = array('surname', 'othernames', 'password', 'email', 'staff_id', 'rank', 'activated_status', 'role', 'department_id'); } else { $user->db_fields = array('surname', 'othernames', 'email', 'staff_id', 'rank', 'activated_status', 'role', 'department_id'); } $user->email = $_POST['email']; $user->staff_id = $_POST['staffid']; $user->rank = $_POST['rank']; $user->activated_status = $_POST['activated_status']; $user->role = $_POST['role']; if ($user->role != 4) { $user->department_id = 0; } else { $user->department_id = $_POST['department_id']; } // print_r($user); // die(); //$database->affected_rows() == 1 if ($user->save()) { echo '<h4 class="alert alert-success">Success</h4>';
/** * Log an admin log * @param string $messsage * @return boolean */ function alog($message) { if (!trim($message)) { return false; } $userId = Yii::app()->user->id ? Yii::app()->user->id : 0; $note = trim($message); $ipAddress = Yii::app()->request ? Yii::app()->request->getUserHostAddress() : ''; $controller = Yii::app()->getController() ? Yii::app()->getController()->id : ''; $action = $controller && Yii::app()->getController()->getAction() ? Yii::app()->getController()->getAction()->id : ''; // Add to db $model = new AdminLog(); $model->user_id = $userId; $model->note = $note; $model->ip_address = $ipAddress; $model->controller = $controller; $model->action = $action; return $model->save(); }
function traderoute_check_compatible($type1, $type2, $move, $circuit, $src, $dest) { global $playerinfo; global $l_tdr_nowlink1, $l_tdr_nowlink2, $l_tdr_sportissrc, $l_tdr_notownplanet, $l_tdr_planetisdest; global $l_tdr_samecom, $l_tdr_sportcom, $color_line1, $color_line2, $color_header, $servertimezone; global $db; global $db_logging; // Check circuit compatibility (we only use types 1 and 2 so block anything else) if ($circuit != "1" && $circuit != "2") { AdminLog::writeLog($db, LOG_RAW, "{$playerinfo['ship_id']}|Tried to use an invalid circuit_type of '{$circuit}', This is normally a result from using an external page and should be banned."); traderoute_die("Invalid Circuit type!<br>*** Possible Exploit has been reported to the admin. ***"); } // Check warp links compatibility if ($move == 'warp') { $query = $db->Execute("SELECT link_id FROM {$db->prefix}links WHERE link_start=? AND link_dest=?;", array($src['sector_id'], $dest['sector_id'])); db_op_result($db, $query, __LINE__, __FILE__, $db_logging); if ($query->EOF) { $l_tdr_nowlink1 = str_replace("[tdr_src_sector_id]", $src['sector_id'], $l_tdr_nowlink1); $l_tdr_nowlink1 = str_replace("[tdr_dest_sector_id]", $dest['sector_id'], $l_tdr_nowlink1); traderoute_die($l_tdr_nowlink1); } if ($circuit == '2') { $query = $db->Execute("SELECT link_id FROM {$db->prefix}links WHERE link_start=? AND link_dest=?;", array($dest['sector_id'], $src['sector_id'])); db_op_result($db, $query, __LINE__, __FILE__, $db_logging); if ($query->EOF) { $l_tdr_nowlink2 = str_replace("[tdr_src_sector_id]", $src['sector_id'], $l_tdr_nowlink2); $l_tdr_nowlink2 = str_replace("[tdr_dest_sector_id]", $dest['sector_id'], $l_tdr_nowlink2); traderoute_die($l_tdr_nowlink2); } } } // Check ports compatibility if ($type1 == 'port') { if ($src['port_type'] == 'special') { if ($type2 != 'planet' && $type2 != 'corp_planet') { traderoute_die($l_tdr_sportissrc); } if ($dest['owner'] != $playerinfo['ship_id'] && ($dest['corp'] == 0 || $dest['corp'] != $playerinfo['team'])) { traderoute_die($l_tdr_notownplanet); } } else { if ($type2 == 'planet') { traderoute_die($l_tdr_planetisdest); } if ($src['port_type'] == $dest['port_type']) { traderoute_die($l_tdr_samecom); } } } else { if (array_key_exists('port_type', $dest) == true && $dest['port_type'] == 'special') { traderoute_die($l_tdr_sportcom); } } }
/* Copyright 2008 Timothy White */ /* This file is part of GRASE Hotspot. http://grasehotspot.org/ GRASE Hotspot is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. GRASE Hotspot is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with GRASE Hotspot. If not, see <http://www.gnu.org/licenses/>. */ $PAGE = 'login'; require_once 'includes/pageaccess.inc.php'; $from_page = 'login'; require_once 'includes/session.inc.php'; AdminLog::getInstance()->log("Log in"); $host = $_SERVER['HTTP_HOST']; $uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\'); if (isset($_GET['page'])) { $uri = $_GET['page']; } // Sanity check header("Location: http://{$host}{$uri}"); exit;
function dismissNamsari() { if (!F3::get('SESSION.asid')) { F3::reroute("/admin"); } $id = F3::get("PARAMS.id"); $vrs = new Axon("vehicle"); $vrs->load(array("id=:id", array(":id" => $id))); $zone = Admin::getZone($vrs->zone_id); $symbol = Admin::getSymbolType($vrs->vehicle_symbol_type); $vehicleNo = $zone . $vrs->lot_number . $symbol . $vrs->number; AdminLog::add($vehicleNo, $vrs->form_type, "dismissed"); $vrs->erase(); F3::reroute("/admin/ownershipTransfer/s"); }
<?php $session = new Session(); //the $session->applicant_id is the user_id of the admin $user = AdminLog::find_by_id($session->applicant_id); ?> <h5 align="center">Edit Profile</h5> <hr> <h6 align="center">All Fields are Required</h6> <form action="" method="POST" class="create_form form-horizontal" > <div class="control-group"> <label class="control-label" for="inputEmail">Surname</label> <div class="controls"> <div class="input-prepend"> <span class="add-on"><i class="icon-user"></i></span> <input type="text" id="surname" name="surname" placeholder="Enter surname" value="<?php if (isset($user->surname)) { echo $user->surname; } ?> " required /> </div> </div> </div> <div class="control-group"> <label class="control-label" for="inputEmail">Other Names</label> <div class="controls"> <div class="input-prepend"> <span class="add-on"><i class="icon-user"></i></span> <input type="text" id="othernames" name="othernames" placeholder="Enter other names" value="<?php
public static function gerarLog($dir, $tabela, $msg) { $diretorio = Kernel::get_conf('sys_path') . DIRECTORY_SEPARATOR . '_log' . DIRECTORY_SEPARATOR . $dir; Uteis::criarDir($diretorio); $log = new AdminLog($dir); $log->addValorXML('acao', $msg); $log->addValorXML('tabela', $tabela); return $log; }