public function newPost($request, $response) { /*{{{*/ $verifyOk = Captcha::verify($request->verifyStr, XIpLocation::getIp(), 'article', $request->article_id, $request->token); DBC::requireTrue($verifyOk, "您输入的验证码有误!"); //禁用词检查 $title = $request->title; $result = DoctorClient::getInstance()->getProfanityCheck($title); DBC::requireFalse($result['CODE'] < 0, "文章 评论添加失败"); DBC::requireFalse($result['CODE'] == 2, "文章 评论添加成功"); $title = $result['CONTENT']; $content = htmlspecialchars($request->getRequest('content'), ENT_COMPAT | ENT_HTML401, 'ISO-8859-1'); $result = DoctorClient::getInstance()->getProfanityCheck($content); DBC::requireFalse($result['CODE'] < 0, "文章 评论添加失败"); DBC::requireFalse($result['CODE'] == 2, "文章 评论添加成功"); $content = $result['CONTENT']; $article = DAL::get()->find('article', $request->article_id); $feilds = array(); $feilds['ip'] = XIpLocation::getIp(); $feilds['ipLocation'] = XIpLocation::getLocationArea(); $userId = $this->user->isNull() == false ? $this->user->id : ''; $comment = ArticleClient::getInstance()->addComment($article, $userId, $title, $content, $feilds); squid::clean($article->getUrl(), true); $this->message('您发表的评论已经提交,待网站审核通过后即可展示。', $response); }
/** * Kontrolliert das Formular auf Standarteinträge, richtige Mailmuster und Captcha-Wort. * Ist alles ordnungsgemäss, wird true zurückgegeben, sonst false. Bei false finden sich die Mängel * in $answer. * * @param array[reference] $answer Antowrt * @return boolean Erfolg */ private function _check_form(&$answer) { $mail_vars = $this->_configvars['Mail']; $error_vars = $this->_configvars['Error']; /* Formularcheck vorbereiten */ $formcheck = new Formularcheck(); $val = array($this->_gpc['POST']['title'], $this->_gpc['POST']['content'], $this->_gpc['POST']['name'], $this->_gpc['POST']['email']); $std = array($mail_vars['entry_title'], $mail_vars['entry_content'], $mail_vars['entry_name'], $mail_vars['entry_email']); $err = array($error_vars['title_error'], $error_vars['content_error'], $error_vars['name_error'], $error_vars['email_error']); $rtn_arr = $formcheck->field_check_arr($val, $std); //Fehlerarray durchgehen foreach ($rtn_arr as $key => $value) { if ($value == false) { $answer[] = $err[$key]; } } //Email-Adresse auf Gültigkeit prüfen if ($this->_gpc['POST']['email'] != "" && $formcheck->mailcheck($this->_gpc['POST']['email']) > 0) { $answer[] = $error_vars['email_checkfailed']; } //Captcha-Image prüfen if (!$this->_captcha->verify($this->_gpc['POST']['captcha_word'])) { $answer[] = $error_vars['captcha_error'] . "<br />"; } if (empty($answer)) { return true; } else { return false; } }
public function execute(CommandContext $context) { PHPWS_Core::initModClass('hms', 'HMS_Lottery.php'); $requestId = $context->get('requestId'); $errorCmd = CommandFactory::getCommand('LotteryShowDenyRoommateRequest'); $errorCmd->setRequestId($requestId); # Confirm the captcha PHPWS_Core::initCoreClass('Captcha.php'); $captcha = Captcha::verify(TRUE); if ($captcha === FALSE) { NQ::simple('hms', hms\NotificationView::ERROR, 'The words you entered were incorrect. Please try again.'); $errorCmd->redirect(); } # Get the roommate request $request = HMS_Lottery::get_lottery_roommate_invite_by_id($context->get('requestId')); # Make sure that the logged in user is the same as the confirming the request if (UserStatus::getUsername() != $request['asu_username']) { NQ::simple('hms', hms\NotificationView::ERROR, 'Invalid roommate request. You can not confirm that roommate request.'); $errorCmd->redirect(); } # Deny the roommate requst try { HMS_Lottery::denyRoommateRequest($requestId); } catch (Exception $e) { NQ::simple('hms', hms\NotificationView::ERROR, 'There was an error denying the roommate request. Please contact University Housing.'); $errorCmd->redirect(); } # Log that it happened PHPWS_Core::initModClass('hms', 'HMS_Activity_Log.php'); HMS_Activity_Log::log_activity(UserStatus::getUsername(), ACTIVITY_LOTTERY_ROOMMATE_DENIED, UserStatus::getUsername(), 'Captcha words: ' . $captcha); # Success NQ::simple('hms', hms\NotificationView::SUCCESS, 'The roommate request was successfully declined.'); $successCmd = CommandFactory::getCommand('ShowStudentMenu'); $successCmd->redirect(); }
/** * Kontrolliert das Formular auf Standarteinträge, richtige Mailmuster und Captcha-Wort. * Ist alles ordnungsgemäss, wird true zurückgegeben, sonst false. Bei false finden sich die Mängel * in $answer. * * @param array[reference] $answer Antwort * @param array $blacklist Array der Schlüssel, die nicht geprüft werden sollen * @return boolean Erfolg */ private function _check_form(&$answer, $blacklist = array()) { $gbook_vars = $this->_configvars['Gbook']; $error_vars = $this->_configvars['Error']; /* Formularcheck vorbereiten */ //$formcheck = new Formularcheck(); /*Formulardaten */ if (!in_array('title', $blacklist)) { /* Titel z.B. bei Kommentar nicht vorhanden */ $val['title'] = $this->_gpc['POST']['title']; } $val = array('content' => $this->_gpc['POST']['content'], 'name' => $this->_gpc['POST']['name'], 'email' => $this->_gpc['POST']['email'], 'hp' => $this->_gpc['POST']['hp']); /* Standart-Strings*/ $std = array('title' => $gbook_vars['entry_title'], 'content' => $gbook_vars['entry_content'], 'name' => $gbook_vars['entry_name'], 'email' => $gbook_vars['entry_email'], 'hp' => $gbook_vars['entry_hp']); /* Error-Strings */ $err = array('title' => $error_vars['title_error'], 'content' => $error_vars['content_error'], 'name' => $error_vars['name_error'], 'email' => $error_vars['email_error']); /* Unerwünschte Schlüssel nicht kontrollieren und speichern */ if (!empty($blacklist) && is_array($blacklist)) { foreach ($blacklist as $value) { /* Nur löschen, wenn Variable existiert */ if (isset($val[$value])) { unset($val[$value]); } if (isset($std[$value])) { unset($std[$value]); } if (isset($err[$value])) { unset($err[$value]); } } } $rtn_arr = $this->_msbox->formCheck($val, $std); /* Fehlerarray durchgehen */ foreach ($rtn_arr as $key => $value) { if ($value == MSGBOX_FORMCHECK_NONE) { $answer[] = $err[$key]; } if ($value == MSGBOX_FORMCHECK_INVALID && ($key = 'email')) { $answer[] = $error_vars['email_checkfailed']; } elseif ($key == 'hp') { /* Wenn die hp falsch ist, gibt es kein Fehler */ $val[$key] = $rtn_arr[$key]; } } /* Captcha-Image prüfen */ if (!$this->_captcha->verify($this->_gpc['POST']['captcha_word'])) { $answer[] = $error_vars['captcha_error'] . "<br />"; } if (empty($answer)) { if (!in_array('title', $blacklist)) { $answer['title'] = $this->_gpc['POST']['title']; } /*Wenn keine Fehler aufgetaucht sind, werden die Einträge zurückgegeben*/ $answer += array('content' => $val['content'], 'name' => $val['name'], 'time' => 'gbook_time', 'email' => $val['email'], 'hp' => $val['hp']); return true; } else { return false; } }
public function execute(CommandContext $context) { PHPWS_Core::initModClass('hms', 'HousingApplication.php'); PHPWS_Core::initModClass('hms', 'StudentFactory.php'); PHPWS_Core::initModClass('hms', 'RlcMembershipFactory.php'); PHPWS_Core::initModClass('hms', 'RlcAssignmentSelfAssignedState.php'); $requestId = $context->get('requestId'); $mealPlan = $context->get('mealPlan'); $errorCmd = CommandFactory::getCommand('LotteryShowConfirmRoommateRequest'); $errorCmd->setRequestId($requestId); $errorCmd->setMealPlan($mealPlan); // Confirm the captcha PHPWS_Core::initCoreClass('Captcha.php'); $captcha = Captcha::verify(TRUE); if ($captcha === FALSE) { NQ::simple('hms', hms\NotificationView::ERROR, 'The words you entered were incorrect. Please try again.'); $errorCmd->redirect(); } // Check for a meal plan if (!isset($mealPlan) || $mealPlan == '') { NQ::simple('hms', hms\NotificationView::ERROR, 'Please choose a meal plan.'); $errorCmd->redirect(); } $term = PHPWS_Settings::get('hms', 'lottery_term'); $student = StudentFactory::getStudentByUsername(UserStatus::getUsername(), $term); // Update the meal plan field on the application $app = HousingApplication::getApplicationByUser(UserStatus::getUsername(), $term); $app->setMealPlan($mealPlan); try { $app->save(); } catch (Exception $e) { PHPWS_Error::log('hms', $e->getMessage()); NQ::simple('hms', hms\NotificationView::ERROR, 'Sorry, there was an error confirming your roommate invitation. Please contact University Housing.'); $errorCmd->redirect(); } // Try to actually make the assignment PHPWS_Core::initModClass('hms', 'HMS_Lottery.php'); try { HMS_Lottery::confirm_roommate_request(UserStatus::getUsername(), $requestId, $mealPlan); } catch (Exception $e) { PHPWS_Error::log('hms', $e->getMessage()); NQ::simple('hms', hms\NotificationView::ERROR, 'Sorry, there was an error confirming your roommate invitation. Please contact University Housing.'); $errorCmd->redirect(); } # Log the fact that the roommate was accepted and successfully assigned HMS_Activity_Log::log_activity(UserStatus::getUsername(), ACTIVITY_LOTTERY_CONFIRMED_ROOMMATE, UserStatus::getUsername(), "Captcha: \"{$captcha}\""); // Check for an RLC membership and update status if necessary // If this student was an RLC self-select, update the RLC memberhsip state $rlcAssignment = RlcMembershipFactory::getMembership($student, $term); if ($rlcAssignment != null && $rlcAssignment->getStateName() == 'selfselect-invite') { $rlcAssignment->changeState(new RlcAssignmentSelfAssignedState($rlcAssignment)); } $invite = HMS_Lottery::get_lottery_roommate_invite_by_id($requestId); $successCmd = CommandFactory::getCommand('LotteryShowConfirmedRoommateThanks'); $successCmd->setRequestId($requestId); $successCmd->redirect(); }
public function execute(&$value, &$error) { $g = new Captcha(sfContext::getInstance()->getUser()->getAttribute('captcha')); if ($g->verify($value)) { return true; } $error = $this->getParameter('error', sfConfig::get('app_captcha_error', 'You should specify valid Turing number')); return false; }
public function execute(&$value, &$error) { $user = sfContext::getInstance()->getUser(); $g = new Captcha($user->getAttribute('captcha')); if ($g->verify($value)) { return true; } // captcha validation failure => we generate another one $g = new Captcha(); $user->setAttribute('captcha', $g->generate()); $error = $this->getParameter('error'); return false; }
function forgotProcess() { $valid = Validator::make(array('send.email' => 'email|slashes')); if (!$valid) { throw new Exception("Error Processing Request"); } if (!Captcha::verify()) { throw new Exception("Wrong captcha characters."); } $email = Request::get('send.email'); try { Users::forgotPassword($email); } catch (Exception $e) { throw new Exception($e->getMessage()); } }
public function execute(CommandContext $context) { $id = $context->get('roommateId'); if (is_null($id)) { throw new InvalidArgumentException('Must set roommateId'); } PHPWS_Core::initModClass('hms', 'HMS_Roommate.php'); $roommate = new HMS_Roommate($id); if ($roommate->id == 0) { throw new InvalidArgumentException('Invalid roommateId ' . $id); } $username = UserStatus::getUsername(); if ($username != $roommate->requestee) { PHPWS_Core::initModClass('hms', 'exception/PermissionException.php'); throw new PermissionException("{$username} tried to confirm roommate pairing {$roommate->id}"); } $err = CommandFactory::getCommand('ShowRoommateConfirmAccept'); $err->setRoommateId($id); PHPWS_Core::initCoreClass('Captcha.php'); $verified = Captcha::verify(TRUE); if ($verified === FALSE || is_null($verified)) { NQ::Simple('hms', hms\NotificationView::ERROR, 'Sorry, please try again.'); $err->redirect(); } try { $roommate->confirm(); } catch (RoommateCompatibilityException $rce) { NQ::simple('hms', hms\NotificationView::WARNING, $rce->getMessage()); $err->redirect(); } $roommate->save(); HMS_Activity_Log::log_activity($roommate->requestor, ACTIVITY_ACCEPTED_AS_ROOMMATE, $roommate->requestee, "{$roommate->requestee} accepted request, CAPTCHA: {$verified}"); HMS_Activity_Log::log_activity($roommate->requestee, ACTIVITY_ACCEPTED_AS_ROOMMATE, $roommate->requestor, "{$roommate->requestee} accepted request, CAPTCHA: {$verified}"); // Email both parties PHPWS_Core::initModClass('hms', 'HMS_Email.php'); HMS_Email::send_confirm_emails($roommate); // Remove any other requests for the requestor HMS_Roommate::removeOutstandingRequests($roommate->requestor, $roommate->term); // Remove any other requests for the requestee HMS_Roommate::removeOutstandingRequests($roommate->requestee, $roommate->term); $requestor = StudentFactory::getStudentByUsername($roommate->requestor, $roommate->term); $name = $requestor->getFullName(); NQ::Simple('hms', hms\NotificationView::SUCCESS, "You and {$name} are confirmed as roommates."); $cmd = CommandFactory::getCommand('ShowStudentMenu'); $cmd->redirect(); }
public function newPost($request, $response){ $verifyStr = $request->verifystr; $verifyOk = Captcha::verify($verifyStr, XIpLocation::getIp(), 'article', $request->article_id, $request->token); if($verifyOk == false) { $this->message('您输入的验证码有误!', $response); return false; } //禁用词检查 $title = $request->title; $result = DoctorClient::getInstance()->getProfanityCheck($request->title); if ($result['CODE'] < 0) { $this->message('文章 评论添加失败', $response); return false; } if ($result['CODE'] == 2) { //提示发表成功,但是数据没有入库 $this->message('文章 评论添加成功', $response); return true; } $title = $result['CONTENT']; $content = htmlspecialchars($request->getRequest('content'), ENT_COMPAT | ENT_HTML401, 'ISO-8859-1'); $result = DoctorClient::getInstance()->getProfanityCheck($content); if ($result['CODE'] < 0) { $this->message('文章 评论添加失败', $response); return false; } if ($result['CODE'] == 2) { //提示发表成功,但是数据没有入库 $this->message('文章 评论添加成功', $response); return true; } $content = $result['CONTENT']; $article = DAL::get()->find('article', $request->article_id); $feilds = array(); $feilds['ip'] = XIpLocation::getIp(); $feilds['ipLocation'] = XIpLocation::getLocationArea(); $userId = ($this->_newUser->isNull() == false) ? $this->_newUser->id : ''; $comment = ArticleClient::getInstance()->addComment($article, $userId, $title, $content, $feilds); squid::clean($article->getUrl(), true); $this->message('您发表的评论已经提交,待网站审核通过后即可展示。', $response); }
public function execute(CommandContext $context) { // Get input $requestId = $context->get('requestId'); $participantId = $context->get('participantId'); // Command for showing the request, redirected to on success/error $cmd = CommandFactory::getCommand('ShowManageRoomChange'); $cmd->setRequestId($requestId); // Load the request $request = RoomChangeRequestFactory::getRequestById($requestId); // Load the participant $participant = RoomChangeParticipantFactory::getParticipantById($participantId); // Load the Student $student = StudentFactory::getStudentByBannerId($participant->getBannerId(), $request->getTerm()); // Check permissions. Must be the participant or an admin if (UserStatus::getUsername() != $student->getUsername() && !Current_User::allow('hms', 'admin_approve_room_change')) { throw new PermissionException('You do not have permission to appove this room change.'); } // Check for CAPTCHA if this is the student; admins don't need a CAPTCHA $captchaResult = Captcha::verify(true); if (UserStatus::getUsername() == $student->getUsername() && $captchaResult === false) { // Failed the captcha NQ::simple('hms', hms\NotificationView::ERROR, "You didn't type the magic words correctly. Please try again."); $cmd = CommandFactory::getCommand('ShowRoomChangeRequestApproval'); $cmd->redirect(); } // If there was a captcha, then log the activity if ($captchaResult !== false) { HMS_Activity_Log::log_activity(UserStatus::getUsername(), ACTIVITY_ROOM_CHANGE_AGREED, UserStatus::getUsername(FALSE), 'Request id: ' . $requestId . ' Captcha: ' . $captchaResult); } // Transition to StudentApproved state $participant->transitionTo(new ParticipantStateStudentApproved($participant, time(), null, UserStatus::getUsername())); // If all students have approved, notify RDs if ($request->isApprovedByAllParticipants()) { HMS_Email::sendRoomChangeCurrRDNotice($request); } // If the student is logged in, redirect to the main menu, other wise go back to the room change management view if (UserStatus::getUsername() == $student->getUsername()) { NQ::simple('hms', hms\NotificationView::SUCCESS, 'You have agreed to the room change request. You will be notified by email when the reqeust is approved or denied.'); $menuCmd = CommandFactory::getCommand('ShowStudentMenu'); $menuCmd->redirect(); } else { $cmd->redirect(); } }
function loginProcess() { $valid = Validator::make(array('send.username' => 'min:3|slashes', 'send.password' => 'min:3|slashes')); if (!$valid) { throw new Exception("Error Processing Request"); } if (!Captcha::verify()) { throw new Exception("Wrong captcha characters."); } $username = Request::get('send.username'); $password = Request::get('send.password'); try { Users::makeLogin($username, $password); } catch (Exception $e) { throw new Exception($e->getMessage()); } Redirect::to(ADMINCP_URL); }
public function registerAction() { Request::ajax(); $message = ErMessenger::getInstance(); $request = new Request(); $request->initRequest(); $post = $request->getPost(); if (isset($post)) { if (!empty($post['email']) && !empty($post['password']) && !empty($post['pass_confirm']) && !empty($post['captcha'])) { $userMapper = new UserMapper(); $user = $userMapper->getUserByEmail($post["email"]); if (!$user) { if (Captcha::verify()) { $givenEmail = $this->clearStr($post['email']); $givenPassword = $this->clearStr($post["password"]); if (filter_var($givenEmail, FILTER_VALIDATE_EMAIL)) { $user = new User(); $userMapper = new UserMapper(); $user->email = $givenEmail; $user->crdate = date("Y-m-d"); $user->access = 'ps'; $user->userstatus = 1; $user->userpassword = hash("md5", $givenPassword); if ($userMapper->insertNewUser($user)) { $message->setSucceedMessage('201', 'index/index'); ErSession::saveToSession('user', $user->email); if ($user->username != null) { ErSession::saveToSession('username', $user->username); } } else { $message->setErrMessage('101', 'user/signup'); } } else { $message->setErrMessage('103', 'user/signup'); } } else { $message->setErrMessage('104', 'user/signup'); } } else { $message->setErrMessage('102', 'user/signup'); } } } }
public function execute(CommandContext $context) { // Get input $requestId = $context->get('requestId'); $participantId = $context->get('participantId'); // Load the request $request = RoomChangeRequestFactory::getRequestById($requestId); // Load the participant $participant = RoomChangeParticipantFactory::getParticipantById($participantId); // Load the Student $student = StudentFactory::getStudentByBannerId($participant->getBannerId(), $request->getTerm()); // Check permissions. Must be the participant or an admin if (UserStatus::getUsername() != $student->getUsername() && !Current_User::allow('hms', 'admin_approve_room_change')) { throw new PermissionException('You do not have permission to decline this room change.'); } // Check for CAPTCHA if this is the student; admins don't need a CAPTCHA $captchaResult = Captcha::verify(true); if ($captchaResult === false) { // Failed the captcha NQ::simple('hms', hms\NotificationView::ERROR, "You didn't type the magic words correctly. Please try again."); $cmd = CommandFactory::getCommand('ShowRoomChangeRequestApproval'); $cmd->redirect(); } HMS_Activity_Log::log_activity(UserStatus::getUsername(), ACTIVITY_ROOM_CHANGE_DECLINE, UserStatus::getUsername(FALSE), 'Request id: ' . $requestId . ' Captcha: ' . $captchaResult); // Transition request to cancelled status $request->transitionTo(new RoomChangeStateCancelled($request, time(), null, UserStatus::getUsername())); // Transition all participants to cancelled // TODO... Do this in the cancelled transition? $participants = $request->getParticipants(); foreach ($participants as $p) { $p->transitionTo(new ParticipantStateCancelled($p, time(), null, UserStatus::getUsername())); } // TODO Notify everyone that the request was cancelled NQ::simple('hms', hms\NotificationView::SUCCESS, 'You have declined the room change request.'); $menuCmd = CommandFactory::getCommand('ShowStudentMenu'); $menuCmd->redirect(); }
public function execute(CommandContext $context) { $id = $context->get('roommateId'); if (is_null($id)) { throw new InvalidArgumentException('Must set roommateId'); } PHPWS_Core::initModClass('hms', 'HMS_Roommate.php'); $roommate = new HMS_Roommate($id); if ($roommate->id == 0) { throw new InvalidArgumentException('Invalid roommateId ' . $id); } $username = UserStatus::getUsername(); if ($username != $roommate->requestor && $username != $roommate->requestee) { PHPWS_Core::initModClass('hms', 'exception/PermissionException.php'); throw new PermissionException("{$username} tried to break roommate pairing {$roommate->id}"); } $err = CommandFactory::getCommand('ShowRoommateBreak'); $err->setRoommateId($id); PHPWS_Core::initCoreClass('Captcha.php'); $verified = Captcha::verify(TRUE); if ($verified === FALSE || is_null($verified)) { NQ::Simple('hms', hms\NotificationView::ERROR, 'Sorry, please try again.'); $err->redirect(); } $roommate->delete(); $other = StudentFactory::getStudentByUsername($roommate->get_other_guy($username), $roommate->term); HMS_Activity_Log::log_activity($other->getUsername(), ACTIVITY_STUDENT_BROKE_ROOMMATE, $username, "{$username} broke pairing, CAPTCHA: {$verified}"); HMS_Activity_Log::log_activity($username, ACTIVITY_STUDENT_BROKE_ROOMMATE, $other->getUsername(), "{$username} broke pairing, CAPTCHA: {$verified}"); // Email both parties PHPWS_Core::initModClass('hms', 'HMS_Email.php'); HMS_Email::send_break_emails($roommate, $username); $name = $other->getFullName(); NQ::Simple('hms', hms\NotificationView::SUCCESS, "You have removed your roommate request for {$name}."); $cmd = CommandFactory::getCommand('ShowStudentMenu'); $cmd->redirect(); }
public function domobileBindUser($request, $response) {/*{{{*/ if (Captcha::verify($request->key, XIpLocation::getIp(), 'password', $request->mobile, $request->token)) { $newToken = Captcha::generate('password', $request->mobile, ContentFactory::TYPE_NUM, 4, XIpLocation::getIp(), 10); $cacher = Cacher::get()->getCache(Cacher::CACHETYPE_CAPTCHA); $captchaInfos = $cacher->get($newToken); $newKey = strtolower($captchaInfos['question']); $bindRes = WeixClient::getInstance()->bindUser($this->weixSpaceUser->id,$request->spaceId, WeixUser::WEIXINTYPE_SPACE); if($bindRes == true ) { $user = UserClient::getInstance()->login4Weix($request->spaceId); $res = "success"; $forward = (empty($forward)) ? $response->router->urlfor('weixindoctor/bindsuccess') : $forward; } else { $res = "hasbind"; //该用户已绑定 } $results = array('res' => $res, 'msg' => ''); } else { $results = array('res' => 'failure', 'msg' => mb_convert_encoding('验证码输入有误', 'UTF-8', 'GBK'), 'next' => ''); } echo json_encode($results); return self::DIRECT_OUTPUT; }/*}}}*/
function _formAction() { if (PHATFORM_CAPTCHA) { PHPWS_Core::initCoreClass('Captcha.php'); } if (isset($_REQUEST['PHAT_Next'])) { if ($this->isSaved()) { $error = $this->_saveFormData(); if (PHPWS_Error::isError($error)) { javascript('alert', array('content' => PHPWS_Error::printError($error))); } } else { $this->_position += $this->_pageLimit; } if (Current_User::allow('phatform')) { $content = $_SESSION['PHAT_FormManager']->menu() . $this->view(); } else { $content = $this->view(); } return $content; } elseif (isset($_REQUEST['PHAT_Back'])) { $this->_position = $this->_position - $this->_pageLimit; if (Current_User::allow('phatform')) { $content = $_SESSION['PHAT_FormManager']->menu() . $this->view(); } else { $content = $this->view(); } return $content; } elseif ($_REQUEST['PHAT_Submit']) { if (PHATFORM_CAPTCHA && $this->_anonymous && !Current_User::isLogged() && !Captcha::verify()) { javascript('alert', array('content' => dgettext('phatform', 'CAPTCHA word was not correct.'))); return $this->view(false); } if ($this->isSaved()) { $error = $this->_saveFormData(); if (PHPWS_Error::isError($error)) { javascript('alert', array('content' => PHPWS_Error::printError($error))); if (Current_User::allow('phatform')) { $content = $_SESSION['PHAT_FormManager']->menu() . $this->view(false, $error); } else { $content = $this->view(false, $error); } return $content; } else { if (Current_User::allow('phatform')) { $content = $_SESSION['PHAT_FormManager']->menu() . $this->_thanks(); } else { $content = $this->_thanks(); } $this->_emailData(); return $content; } } else { $_SESSION['PHAT_FormManager']->_list(); return NULL; } } }
public function sendDocotrAppDownSMS($request, $response) {/*{{{*/ $mobile = $request->mobile; if(false == XString::isMobileNew($mobile)) { $result = '{"code":"error_mobile"}'; } else if(Captcha::verify($request->door, XIpLocation::getIp(), $request->kind, 0, $request->token) == false) { $result = '{"code":"error_door"}'; } else { $content = "全新的医生专用版客户端下载地址:http://m.haodf.com/sd ,建议在Wi-Fi环境下下载。如您在使用过程中遇到问题,请与医生助理联系010-56707226"; SMSClient::getInstance()->sendSMSNoSignature(array($mobile) , $content); $result = '{"code":"success"}'; } $callback = $request->callback; if ($callback) { $result = $callback.'('.$result.');'; header('Content-Type: text/javascript;'); } else { header('Content-Type: application/json;'); } header("Content-Type: text/html; charset=GBK"); echo $result; return parent::DIRECT_OUTPUT; }/*}}}*/
public function doFindPwd($request, $response) {/*{{{*/ if ($request->password1 != $request->password2) { $results = array('res' => 'failure', 'msg' => mb_convert_encoding('输入的密码不一致,请重新输入', 'UTF-8', 'GBK'), 'next' => ''); echo json_encode($results); return self::DIRECT_OUTPUT; } if (Captcha::verify($request->key, XIpLocation::getIp(), 'password', $request->mobile, $request->token)) { $user = Dal::get()->find('user', $request->userId); UserClient::getInstance()->updatePassword($user->id, $request->password1); $results = array('res' => 'success', 'msg' => '', 'next' => $response->router->urlfor('user/login', array('userId' => $request->userId, 'forward' => $request->forward))); } else { $results = array('res' => 'failure', 'msg' => mb_convert_encoding('验证码过期,请重新获取', 'UTF-8', 'GBK'), 'next' => ''); } echo json_encode($results); return self::DIRECT_OUTPUT; }/*}}}*/
public function execute(CommandContext $context) { PHPWS_Core::initModClass('hms', 'StudentFactory.php'); $roomId = $context->get('roomId'); $roommates = $context->get('roommates'); $mealPlan = $context->get('mealPlan'); $term = PHPWS_Settings::get('hms', 'lottery_term'); $student = StudentFactory::getStudentByUsername(UserStatus::getUsername(), $term); $errorCmd = CommandFactory::getCommand('LotteryShowConfirm'); $errorCmd->setRoomId($roomId); $errorCmd->setRoommates($roommates); $errorCmd->setMealPlan($mealPlan); $successCmd = CommandFactory::getCommand('LotteryShowConfirmed'); $successCmd->setRoomId($roomId); PHPWS_Core::initCoreClass('Captcha.php'); $captcha = Captcha::verify(TRUE); // returns the words entered if correct, FALSE otherwise //$captcha = TRUE; if ($captcha === FALSE) { NQ::simple('hms', hms\NotificationView::ERROR, 'Sorry, the words you eneted were incorrect. Please try again.'); $errorCmd->redirect(); } PHPWS_Core::initModClass('hms', 'HousingApplication.php'); PHPWS_Core::initModClass('hms', 'HMS_Room.php'); PHPWS_Core::initModClass('hms', 'HMS_Bed.php'); PHPWS_Core::initModClass('hms', 'HMS_Assignment.php'); PHPWS_Core::initModClass('hms', 'HMS_Lottery.php'); PHPWS_Core::initModClass('hms', 'StudentFactory.php'); PHPWS_Core::initModClass('hms', 'HMS_Email.php'); PHPWS_Core::initModClass('hms', 'HMS_Activity_Log.php'); PHPWS_Core::initModClass('hms', 'HMS_Util.php'); PHPWS_Core::initModClass('hms', 'RlcMembershipFactory.php'); PHPWS_Core::initModClass('hms', 'RlcAssignmentSelfAssignedState.php'); $room = new HMS_Room($roomId); // Check for an RLC assignment in the self-select status $rlcAssignment = RlcMembershipFactory::getMembership($student, $term); // Check roommates for validity foreach ($roommates as $bed_id => $username) { // Double check the student is valid try { $roommate = StudentFactory::getStudentByUsername($username, $term); } catch (StudentNotFoundException $e) { NQ::simple('hms', hms\NotificationView::ERROR, "{$username} is not a valid student. Please choose a different roommate."); $errorCmd->redirect(); } // Make sure the bed is still empty $bed = new HMS_Bed($bed_id); if ($bed->has_vacancy() != TRUE) { NQ::simple('hms', hms\NotificationView::ERROR, 'One or more of the beds in the room you selected is no longer available. Please try again.'); $errorCmd->redirect(); } // Make sure none of the needed beds are reserved if ($bed->is_lottery_reserved()) { NQ::simple('hms', hms\NotificationView::ERROR, 'One or more of the beds in the room you selected is no longer available. Please try again.'); $errorCmd->redirect(); } // Double check the genders are all the same as the person logged in if ($student->getGender() != $roommate->getGender()) { NQ::simple('hms', hms\NotificationView::ERROR, "{$username} is a different gender. Please choose a roommate of the same gender."); $errorCmd->redirect(); } // Double check the genders are the same as the room (as long as the room isn't AUTO) if ($room->gender_type != AUTO && $roommate->getGender() != $room->gender_type) { NQ::simple('hms', hms\NotificationView::ERROR, "{$username} is a different gender. Please choose a roommate of the same gender."); $errorCmd->redirect(); } // If this student is an RLC-self-selection, then each roommate must be in the same RLC and in the selfselect-invite state too if ($rlcAssignment != null && $rlcAssignment->getStateName() == 'selfselect-invite') { // This student is an RLC-self-select, so check the roommate's RLC status $roommateRlcAssign = RlcMembershipFactory::getMembership($roommate, $term); // Make sure the roommate is a member of the same RLC and is eligible for self-selection if ($roommateRlcAssign == null || $roommateRlcAssign->getStateName() != 'selfselect-invite' || $rlcAssignment->getRlc()->getId() != $roommateRlcAssign->getRlc()->getId()) { NQ::simple('hms', hms\NotificationView::ERROR, "{$roommate} must be a member of the same learning community as you, and must also be eligible for self-selction."); $errorCmd->redirect(); } // Otherwise (if not RLC members), make sure each roommate is eligible } else { if (HMS_Lottery::determineEligibility($username) !== TRUE) { NQ::simple('hms', hms\NotificationView::ERROR, "{$username} is not eligible for assignment."); $errorCmd->redirect(); } } // If this student is a self-select RLC member, then this student must also be a self-select RLC member of the same RLC if ($rlcAssignment != null && $rlcAssignment->getStateName() == 'selfselect-invite') { $roommateRlcAssign = RlcMembershipFactory::getMembership($roommate, $term); if ($roommateRlcAssign == null || $roommateRlcAssign->getStateName() != 'selfselect-invite' || $rlcAssignment->getRlc()->getId() != $roommateRlcAssign->getRlc()->getId()) { NQ::simple('hms', hms\NotificationView::ERROR, "{$username} must be a member of the same learning community as you, and must also be eligible for self-selction."); $errorCmd->redirect(); } } } // If the room's gender is 'AUTO' and no one is assigned to it yet, switch it to the student's gender if ($room->gender_type == AUTO && $room->get_number_of_assignees() == 0) { $room->gender_type = $student->getGender(); $room->save(); } // Assign the student to the requested bed $bed_id = array_search(UserStatus::getUsername(), $roommates); // Find the bed id of the student who's logged in try { $result = HMS_Assignment::assignStudent($student, PHPWS_Settings::get('hms', 'lottery_term'), NULL, $bed_id, $mealPlan, 'Confirmed lottery invite', TRUE, ASSIGN_LOTTERY); } catch (Exception $e) { NQ::simple('hms', hms\NotificationView::ERROR, 'Sorry, there was an error creating your room assignment. Please try again or contact University Housing.'); $errorCmd->redirect(); } // Log the assignment HMS_Activity_Log::log_activity(UserStatus::getUsername(), ACTIVITY_LOTTERY_ROOM_CHOSEN, UserStatus::getUsername(), 'Captcha: ' . $captcha); // Update the student's meal plan in the housing application, just for future reference $app = HousingApplication::getApplicationByUser($student->getUsername(), $term); $app->setMealPlan($mealPlan); $app->save(); // If this student was an RLC self-select, update the RLC memberhsip state if ($rlcAssignment != null && $rlcAssignment->getStateName() == 'selfselect-invite') { $rlcAssignment->changeState(new RlcAssignmentSelfAssignedState($rlcAssignment)); } foreach ($roommates as $bed_id => $username) { // Skip the current user if ($username == $student->getUsername()) { continue; } # Reserve the bed for the roommate $expires_on = time() + INVITE_TTL_HRS * 3600; $bed = new HMS_Bed($bed_id); if (!$bed->lottery_reserve($username, $student->getUsername(), $expires_on)) { NQ::smiple('hms', hms\NotificationView::WARNING, "You were assigned, but there was a problem reserving space for your roommates. Please contact University Housing."); $successCmd->redirect(); } HMS_Activity_Log::log_activity($username, ACTIVITY_LOTTERY_REQUESTED_AS_ROOMMATE, $student->getUsername(), 'Expires: ' . HMS_Util::get_long_date_time($expires_on)); # Invite the selected roommates $roomie = StudentFactory::getStudentByUsername($username, $term); $term = PHPWS_Settings::get('hms', 'lottery_term'); $year = Term::toString($term) . ' - ' . Term::toString(Term::getNextTerm($term)); HMS_Email::send_lottery_roommate_invite($roomie, $student, $expires_on, $room->where_am_i(), $year); } HMS_Email::send_lottery_assignment_confirmation($student, $room->where_am_i(), $term); $successCmd->redirect(); }
public function ajaxCheckSum($request, $response) {/*{{{*/ $verifyOk = Captcha::verify($request->door, XIpLocation::getIp(), 'suggestion', $request->userid, $request->token); echo $verifyOk ? 0 : 1; exit; }/*}}}*/
/** * Controller of user requests. Based on the command request variable * defaults to my_page */ public static function userAction() { $auth = Current_User::getAuthorization(); $content = $title = null; if (isset($_REQUEST['command'])) { $command = $_REQUEST['command']; } else { $command = 'my_page'; } switch ($command) { case 'login': if (!Current_User::isLogged() && isset($_POST['phpws_username']) && isset($_POST['phpws_password'])) { $result = Current_User::loginUser($_POST['phpws_username'], $_POST['phpws_password']); // here if (!$result) { $title = dgettext('users', 'Login page'); $message = dgettext('users', 'Username and password combination not found.'); $content = User_Form::loginPage(); } elseif (PHPWS_Error::isError($result)) { if (preg_match('/L\\d/', $result->code)) { $title = dgettext('users', 'Sorry'); $content = $result->getMessage(); $content .= ' ' . sprintf('<a href="mailto:%s">%s</a>', PHPWS_User::getUserSetting('site_contact'), dgettext('users', 'Contact the site administrator')); } else { PHPWS_Error::log($result); $message = dgettext('users', 'A problem occurred when accessing user information. Please try again later.'); } } else { Current_User::getLogin(); PHPWS_Core::returnToBookmark(); } } else { PHPWS_Core::errorPage('403'); } break; // This is used by auth scripts if they need to return the user to // where they left off after redirection to another site for SSO // This is used by auth scripts if they need to return the user to // where they left off after redirection to another site for SSO case 'return_bookmark': PHPWS_Core::popUrlHistory(); break; // reset user password // reset user password case 'rp': $user_id = User_Action::checkResetPassword(); if ($user_id) { $title = dgettext('users', 'Reset my password'); $content = User_Form::resetPassword($user_id, $_GET['auth']); } else { $title = dgettext('users', 'Sorry'); $content = dgettext('users', 'Your password request was not found or timed out. Please apply again.'); } break; case 'my_page': if ($auth->local_user) { PHPWS_Core::initModClass('users', 'My_Page.php'); $my_page = new My_Page(); $my_page->main(); } else { Layout::add(PHPWS_ControlPanel::display(dgettext('users', 'My Page unavailable to remote users.'), 'my_page')); } break; case 'signup_user': $title = dgettext('users', 'New Account Sign-up'); if (Current_User::isLogged()) { $content = dgettext('users', 'You already have an account.'); break; } $user = new PHPWS_User(); if (PHPWS_User::getUserSetting('new_user_method') == 0) { $content = dgettext('users', 'Sorry, we are not accepting new users at this time.'); break; } $content = User_Form::signup_form($user); break; case 'submit_new_user': $title = dgettext('users', 'New Account Sign-up'); $user_method = PHPWS_User::getUserSetting('new_user_method'); if ($user_method == 0) { Current_User::disallow(dgettext('users', 'New user signup not allowed.')); return; } $user = new PHPWS_User(); $result = User_Action::postNewUser($user); if (is_array($result)) { $content = User_Form::signup_form($user, $result); } else { $content = User_Action::successfulSignup($user); } break; case 'logout': $auth = Current_User::getAuthorization(); $auth->logout(); PHPWS_Core::killAllSessions(); PHPWS_Core::reroute('index.php?module=users&action=reset'); break; case 'login_page': if (Current_User::isLogged()) { PHPWS_Core::home(); } $title = dgettext('users', 'Login Page'); $content = User_Form::loginPage(); break; case 'confirm_user': if (Current_User::isLogged()) { PHPWS_Core::home(); } if (User_Action::confirmUser()) { $title = dgettext('users', 'Welcome!'); $content = dgettext('users', 'Your account has been successfully activated. Please log in.'); } else { $title = dgettext('users', 'Sorry'); $content = dgettext('users', 'This authentication does not exist.<br /> If you did not log in within the time frame specified in your email, please apply for another account.'); } User_Action::cleanUpConfirm(); break; case 'forgot_password': if (Current_User::isLogged()) { PHPWS_Core::home(); } $title = dgettext('users', 'Forgot Password'); $content = User_Form::forgotForm(); break; case 'post_forgot': $title = dgettext('users', 'Forgot Password'); if (ALLOW_CAPTCHA) { PHPWS_Core::initCoreClass('Captcha.php'); if (!Captcha::verify()) { $content = dgettext('users', 'Captcha information was incorrect.'); $content .= User_Form::forgotForm(); } else { if (!User_Action::postForgot($content)) { $content .= User_Form::forgotForm(); } } } elseif (!User_Action::postForgot($content)) { $content .= User_Form::forgotForm(); } break; case 'reset_pw': $pw_result = User_Action::finishResetPW(); switch ($pw_result) { case PHPWS_Error::isError($pw_result): $title = dgettext('users', 'Reset my password'); $content = dgettext('users', 'Passwords were not acceptable for the following reason:'); $content .= '<br />' . $pw_result->getmessage() . '<br />'; $content .= User_Form::resetPassword($_POST['user_id'], $_POST['authhash']); break; case 0: $title = dgettext('users', 'Sorry'); $content = dgettext('users', 'A problem occurred when trying to update your password. Please try again later.'); break; case 1: PHPWS_Core::home(); break; } break; default: PHPWS_Core::errorPage('404'); break; } if (isset($message)) { $tag['MESSAGE'] = $message; } if (isset($title)) { $tag['TITLE'] = $title; } if (isset($content)) { $tag['CONTENT'] = $content; } if (isset($tag)) { $final = PHPWS_Template::process($tag, 'users', 'user_main.tpl'); Layout::add($final); } }
private function doRegister($request, $response) {/*{{{*/ $result = array('err' => array(), 'user' => new NullEntity()); $name = mb_strtolower($request->username, 'GB2312'); $pass1 = $request->password; $pass2 = $request->password2; $phone = $request->phone; $mobile = $request->mobile; $email = $request->email; $city = $request->city; $question = $request->pwdQ; $answer = $request->pwdA; $isDoctor = $request->is_doctor; $patientCardNO = $request->patientCardNO; $verifyOk = Captcha::verify($request->verifyStr, XIpLocation::getIp(), 'login', $request->captchaId, $request->token); //username $utf8name = mb_convert_encoding($name, 'utf8', 'gbk'); $result['err'] = $this->checkUsername(self::ERROR_RESULT_ARRAY, $name, $utf8name); //verifycode if($verifyOk == false) { $result['err'][] = "验证码错误"; } //password if (!preg_match("/^[0-9a-zA-Z]{4,16}$/", $pass1)) $result['err'][] = "密码格式错误, 只能为4-16位数字或字母"; if ($pass1 != $pass2) $result['err'][] = "密码校验错误"; //others if ($phone && false == XString::isPhone($phone)) { $result['err'][] = "电话格式错误"; } if ($mobile && false == XString::isMobile($mobile)) { $result['err'][] = "您填写的手机号码不合要求,请修改后重新提交";} if ($email && false == XString::isEmail($email)) { $result['err'][] = "邮件格式错误"; } //patient card if(empty($patientCardNO) == false && $this->checkPatientCardNO($patientCardNO) == false) { $result['err'][] = "您输入的随访码不正确,请核对医生发放的随访码"; } if (false == empty($result['err'])) { return $result; } $data = array( 'realName' => '', 'sex' => 1, 'phone' => $phone, 'mobile' => $mobile, 'email' => $email, 'birthday' => '0', 'idcard' => '', 'province' => '', 'city' => $city, 'district' => '', 'question' => $question, 'answer' => $answer, 'ip' => UserClient::getInstance()->getIp(), ); if (!$data['email']) unset($data['email']); if (!$data['mobile']) unset($data['mobile']); $user = UserClient::getInstance()->register($name, $pass1, $data); if ($user->isNull()) { $result['err'][] = "请稍后重新注册"; } else { $result['user'] = $user; } return $result; }/*}}}*/
function isValid() { $cid = (string)request::get($this->getKey().'_cid', null); $cval = (string)request::get($this->getKey(), null); if ($cid) { if (Captcha::verify($cval,$cid)) return true; } return false; }
} if( '' == $mobtel ) { MsgHtml::msg('请填写您的手机,以便与您联系。', '', array('button'=>'back')); } if( '' == $email ) { MsgHtml::msg('请填写您的邮箱,以便与您联系。', '', array('button'=>'back')); } elseif (!Xstring::isEmail($email)) { MsgHtml::msg('邮件格式错误,请正确填写您的邮箱。', '', array('button'=>'back')); } $verifyOk = Captcha::verify($request->door, XIpLocation::getIp(), 'dcapply', $user->id, $request->token); if($verifyOk != 1) { MsgHtml::msg('验证码输入错误', '', array('button'=>'back')); } $recipients = "*****@*****.**"; $title = "医生基本信息 (".date("y-m-d H:i").")"; $content = ""; $content .= "来自 ".$_SERVER['REMOTE_ADDR']." 的用户发送了一条医生信息, 内容如下:\n"; if ($from == 'search') $content .= "从搜索来的\n"; $content .= "所提交的医院科室: <a href='".$hospitalFaculty->getUrl()."' target=\"_blank\">".$hospitalFaculty->hospital->name.$hospitalFaculty->name."</a>\n"; $content .= "----------------------------------------------------------------------------\n"; $content .= "姓名: ".$name."\n"; $content .= "性别: ".(($sex) ? '男' : '女')."\n"; if ($birthday) $content .= "出生日期: ".$birthday."\n"; if ($duty) $content .= "行政职务: ".$duty."\n";