Пример #1
0
 /**
  * 确认注册【设定密码】
  * @method registerAction
  * @return [type]         [description]
  * @author NewFuture
  */
 public function registerAction()
 {
     $msg = '信息注册失败!';
     if ($regInfo = Session::get('reg')) {
         Session::del('reg');
         if (Input::post('password', $password, 'trim') === false) {
             /*密码未md5*/
             $this->error('密码错误', '/');
         } elseif (!$password) {
             /*未设置密码*/
             $password = $regInfo['password'];
         }
         $regInfo['password'] = Encrypt::encryptPwd($password, $regInfo['number']);
         if ($id = UserModel::insert($regInfo)) {
             /*注册成功*/
             $regInfo['id'] = $id;
             $token = Auth::token($regInfo);
             Cookie::set('token', [$id => $token]);
             unset($regInfo['password']);
             Session::set('user', $regInfo);
             $msg = '信息注册成功!';
         }
     }
     $this->jump('/', $msg);
 }
Пример #2
0
 /**
  * セッションに保存されたファイルデータをファイルとして保存する
  * 
  * @param Model $model
  * @param string $fieldName
  * @return void
  * @access public
  */
 function moveFileSessionToTmp(&$model, $fieldName)
 {
     $sessionKey = $model->data[$model->alias][$fieldName . '_tmp'];
     $tmpName = $this->savePath . $sessionKey;
     $fileData = $this->Session->read('Upload.' . $sessionKey);
     $fileType = $this->Session->read('Upload.' . $sessionKey . '_type');
     $this->Session->del('Upload.' . $sessionKey);
     $this->Session->del('Upload.' . $sessionKey . '_type');
     // サイズを取得
     if (ini_get('mbstring.func_overload') & 2 && function_exists('mb_strlen')) {
         $fileSize = mb_strlen($fileData, 'ASCII');
     } else {
         $fileSize = strlen($fileData);
     }
     if ($fileSize == 0) {
         return false;
     }
     // ファイルを一時ファイルとして保存
     $file = new File($tmpName, true, 0666);
     $file->write($fileData);
     $file->close();
     // 元の名前を取得
     $pos = strpos($sessionKey, '_');
     $fileName = substr($sessionKey, $pos + 1, strlen($sessionKey));
     // アップロードされたデータとしてデータを復元する
     $uploadInfo['error'] = 0;
     $uploadInfo['name'] = $fileName;
     $uploadInfo['tmp_name'] = $tmpName;
     $uploadInfo['size'] = $fileSize;
     $uploadInfo['type'] = $fileType;
     $model->data[$model->alias][$fieldName] = $uploadInfo;
     unset($model->data[$model->alias][$fieldName . '_tmp']);
 }
Пример #3
0
 public function actionIndex()
 {
     // Запомним адрес откуда пришли (с какого сайта)
     // чтобы после авторизации вернутся на него
     // todo Запомнить HTTP_REFERER
     $this->scripts[] = 'auth';
     Session::del('auth');
     $this->data['authdata'] = false;
     $this->render('form');
 }
Пример #4
0
 public function destroy()
 {
     Session::del('Twitter_Token');
     Session::del('Twitter_TokenSecret');
     Session::del('Twitter_State');
     $this->oauth = new OAuth(self::CONFIG_KEY, self::CONFIG_SECRET);
     $this->state = self::STATE_NOTHING;
     $this->token = '';
     $this->tokenSecret = '';
     TwCensus::redirect('/');
 }
Пример #5
0
 public function clear_status_msg()
 {
     $msg_id = WebApp::get('msg_id');
     if ($msg_id === NULL) {
         $msg_id = WebApp::post('msg_id');
     }
     if ($msg_id === NULL) {
         $this->parent->parent->debug($this::name_space . ': MSG ID was not provided!');
         return new ActionResult($this, '/', 0, 'Failed to clear status message. No ID found.', B_T_FAIL);
     }
     $msg_id = trim(str_replace('alert_', '', $msg_id));
     $msg_id = base64_decode($msg_id);
     Session::del('status_msg', $msg_id);
     $this->parent->parent->debug($this::name_space . ': MSG ID "' . $msg_id . '" was ' . (Session::get('status_msg', $msg_id) === NULL ? '' : 'not ') . 'cleared');
     return new ActionResult($this, '/', 0, 'Cleared status message.', B_T_SUCCESS);
 }
Пример #6
0
/**
 * This file is a part of MyWebSQL package
 *
 * @file:      modules/showcreate.php
 * @author     Samnan ur Rehman
 * @copyright  (c) 2008-2014 Samnan ur Rehman
 * @web        http://mywebsql.net
 * @license    http://mywebsql.net/license
 */
function processRequest(&$db)
{
    Session::del('select', 'result');
    Session::del('select', 'pkey');
    Session::del('select', 'ukey');
    Session::del('select', 'mkey');
    Session::del('select', 'unique_table');
    Session::set('select', 'result', array());
    $extraMsg = '';
    $type = $_REQUEST["id"];
    $name = $_REQUEST["name"];
    $cmd = $db->getCreateCommand($type, $name);
    $cmd = sanitizeCreateCommand($type, $cmd);
    $tm = $db->getQueryTime();
    $sql = $db->getLastQuery();
    $sql = preg_replace("/[\n\r]/", "<br/>", htmlspecialchars($sql));
    $replace = array('TYPE' => $type, 'NAME' => $name, 'COMMAND' => $cmd, 'TIME' => $tm, 'SQL' => $sql, 'MESSAGE' => $extraMsg);
    echo view('showcreate', $replace);
}
Пример #7
0
/**
 * This file is a part of MyWebSQL package
 *
 * @file:      modules/dbcreate.php
 * @author     Samnan ur Rehman
 * @copyright  (c) 2008-2012 Samnan ur Rehman
 * @web        http://mywebsql.net
 * @license    http://mywebsql.net/license
 */
function processRequest(&$db)
{
    Session::del('select', 'result');
    Session::del('select', 'pkey');
    Session::del('select', 'ukey');
    Session::del('select', 'mkey');
    Session::del('select', 'unique_table');
    Session::set('select', 'result', array());
    $dbName = $_REQUEST["name"];
    $dbSelect = $_REQUEST["query"];
    $sql = '';
    if (!$db->createDatabase($dbName)) {
        createErrorGrid($db);
    } else {
        $redirect = '0';
        if ($dbSelect) {
            Session::set('db', 'changed', true);
            Session::set('db', 'name', $dbName);
            $redirect = '1';
        }
        $replace = array('DB_NAME' => htmlspecialchars($dbName), 'SQL' => preg_replace("/[\n\r]/", "<br/>", htmlspecialchars($sql)), 'TIME' => $db->getQueryTime(), 'REDIRECT' => $redirect);
        echo view('dbcreate', $replace);
    }
}
function delSession($id)
{
    $tobeDeleted = new Session($id);
    if ($tobeDeleted->isNew()) {
        return true;
    }
    // item never existed in the first place
    if ($tobeDeleted->del()) {
        return true;
    } else {
        return $tobeDeleted;
    }
}
Пример #9
0
 /**
  * 修改用户手机
  * PUT /user/1/phone {code:"C09E"}
  * @method GET_infoAction
  * @param  integer        $id [description]
  * @author NewFuture
  */
 public function PUT_phoneAction($id = 0)
 {
     $id = $this->auth($id);
     $response['status'] = 0;
     if (!Input::put('code', $code, 'ctype_alnum')) {
         $response['info'] = '验证码格式不对';
     } elseif (!($verify = Session::get('code_phone'))) {
         $response['info'] = '验证码已过期,请重新生成';
     } elseif (!Safe::checkTry('phone_code_' . $id)) {
         $response['info'] = '此验证码尝试次数过多,请重新发送短信';
         Session::del('code_phone');
     } elseif (key($verify) != strtoupper($code)) {
         $response['info'] = '验证码错误';
     } else {
         session::del('code_phone');
         Safe::del('phone_code_' . $id);
         $phone = $verify[strtoupper($code)];
         //读取号码
         if (UserModel::SavePhone($phone)) {
             $response['info'] = '手机号已经更新';
             $response['status'] = 1;
         } else {
             $response['info'] = '手机号保存失败';
         }
     }
     $this->response = $response;
 }
Пример #10
0
 /**
  * Logs a user out
  * @param boolean (optional) parameter given to Auth::redirect()
  * @return void
  * @acess public
  */
 public function logout($from = false)
 {
     $this->session->del(USER_LOGIN_VAR);
     $this->session->del(USER_PASSW_VAR);
     $this->session->del('login_hash');
     $this->redirect($from);
 }
Пример #11
0
 function clearRoles()
 {
     $_xhelpSession = new Session();
     if ($myRoles =& $_xhelpSession->get("xhelp_hasRights")) {
         $_xhelpSession->del("xhelp_hasRights");
         return true;
     }
     return false;
 }
Пример #12
0
echo $DB->name();
?>
;
	var commandEditor = null;
	var commandEditor2 = null;
	var commandEditor3 = null;
<?php 
include BASE_PATH . '/config/updates.php';
if ($AUTOUPDATE_CHECK === TRUE && Session::get('updates', 'check') == '') {
    if (in_array(date('D'), $AUTOUPDATE_DAYS)) {
        echo "\n\t\$(function() { helpCheckUpdates(); });\n";
    }
}
if (Session::get('db', 'changed')) {
    echo 'document.getElementById("messageContainer").innerHTML = "Database changed to: ' . htmlspecialchars(Session::get('db', 'name')) . '";';
    Session::del('db', 'changed');
} else {
    echo 'document.getElementById("messageContainer").innerHTML = "Connected to: ' . DB_HOST . ' as ' . DB_USER . '";';
}
?>
</script>
<script type="text/javascript" language="javascript" src="cache.php?script=layout,ui,dialogs,context,alerts,cookies,select,interface,options,treeview,common,taskbar,settings,query,tables,clipboard"></script>
<?php 
$DB->disconnect();
echo getContextMenusHTML();
updateSqlEditor();
echo getHotkeysHTML();
echo getGeneratedJS();
?>
</body></html>
<?php 
Пример #13
0
function simpleQuery(&$db)
{
    $query = v($_REQUEST["query"]);
    if (!$query) {
        $query = Session::get('select', 'query');
    }
    // try to load from session
    if (!$query) {
        return '';
    }
    // see if user is restricted to a list of databases by configuration
    // if yes, then disallow db use queries
    // it's still possible that the command can contain db prefixes, which will override the db selection
    //$info = getCommandInfo($query);
    //if ($info['dbChanged'])
    //	return '';
    $query_type = getQueryType($query);
    if ($query_type['result'] == TRUE) {
        Session::del('select', 'table');
        Session::del('select', 'limit');
        Session::del('select', 'has_limit');
        Session::del('select', 'page');
        Session::del('select', 'count');
        Session::set('select', 'query', $query);
        Session::set('select', 'has_limit', $query_type['has_limit'] == TRUE);
    }
    // try to find limit clause in the query. If one is not applied, apply now
    /*$regExpr = "/limit [0-9]+((\s)*,(\s)*[0-9]+)/";
    		preg_match($regExpr, $query, $matches);
    		if (isset($matches[1]))
    		{
    			//$query = str_replace($matches[1], "", $query);
    		}
    		else
    		{
    			$limitStart = v($_REQUEST['ls']) && ctype_digit(v($_REQUEST['ls'])) ? v($_REQUEST['ls']) : 0;
    			$limitEnd = v($_REQUEST['le']) && ctype_digit(v($_REQUEST['le'])) ? v($_REQUEST['le']) : MAX_RECORD_TO_DISPLAY;
    			$_SESSION['limit_start'] = $limitStart;
    			$_SESSION['limit_end'] = $limitEnd;
    			$_SESSION['limit_applied'] = 1;
    		}*/
    return $query;
}
Пример #14
0
 public function actionLogout()
 {
     Session::del('auth');
     Session::destroy();
     setcookie('last-item', null, -1, '/');
     // forgot menu item
     $this->redirect('/');
 }
Пример #15
0
function simpleQuery(&$db)
{
    $query = v($_REQUEST["query"]);
    if (!$query) {
        $query = Session::get('select', 'query');
    }
    // try to load from session
    if (!$query) {
        return '';
    }
    // see if user is restricted to a list of databases by configuration
    // if yes, then disallow db use queries
    // it's still possible that the command can contain db prefixes, which will override the db selection
    //$info = getCommandInfo($query);
    //if ($info['dbChanged'])
    //	return '';
    $query_type = getQueryType($query);
    if ($query_type['result'] == FALSE) {
        return $query;
    }
    // only apply limit/sort to select queries with results
    if ($query_type['can_limit'] == FALSE) {
        return $query;
    }
    Session::set('select', 'can_limit', $query_type['can_limit'] == TRUE);
    if (v($_REQUEST["id"]) == 'sort') {
        $field = v($_REQUEST['name']);
        if ($field) {
            $query = sortQuery($query, ctype_digit($field) ? $field : $db->quote($field));
        }
        // clear pagination if sorting is changed
        Session::set('select', 'page', 1);
    }
    // save order clause with query in session, required for pagination
    Session::set('select', 'query', $query);
    // try to find limit clause in the query. If one is not applied, apply now
    // only either sort or pagination request can come at a time
    if (!$query_type['has_limit'] && v($_REQUEST["id"]) != 'sort') {
        $record_limit = Options::get('res-max-count', MAX_RECORD_TO_DISPLAY);
        $page = v($_REQUEST['name']);
        if ($page) {
            $limit_applied = Session::get('select', 'limit');
            if (!ctype_digit($page) | $page < 1 || !$limit_applied) {
                return $query;
            }
            $count = Session::get('select', 'count');
            $total_pages = ceil($count / $record_limit);
            if ($total_pages < $page) {
                return $query;
            }
            Session::set('select', 'page', $page);
            $limit = $db->getLimit($record_limit, ($page - 1) * $record_limit);
            $query .= $limit;
        } else {
            Session::del('select', 'table');
            Session::del('select', 'limit');
            Session::del('select', 'page');
            Session::del('select', 'count');
            Session::del('select', 'sort');
            Session::del('select', 'sortcol');
            if (!$db->query($query)) {
                return $query;
            }
            $count = $db->numRows();
            if ($count > $record_limit) {
                Session::set('select', 'count', $count);
                Session::set('select', 'page', 1);
                Session::set('select', 'limit', true);
                $limit = $db->getLimit($record_limit);
                $query .= $limit;
            }
        }
    }
    return $query;
}
Пример #16
0
 /**
  * Renderiza a flash message
  * @return	void
  */
 private function renderFlash()
 {
     $html = '';
     $flash = Session::get('Flash.Message');
     if ($flash) {
         $html = '<div class="' . $flash->type . '">' . $flash->message . '</div>';
     }
     foreach ($this->hook as $hook) {
         $html = $hook->renderFlash($html);
     }
     define('flash', $html);
     define('FLASH', $html);
     Session::del('Flash.Message');
 }
Пример #17
0
 /**
  * 验证验证码
  * @method POST_codeAction
  * @author NewFuture
  */
 public function POST_codeAction()
 {
     $response['status'] = 0;
     if (!Input::post('code', $code, 'char_num')) {
         $response['info'] = '验证码无效';
     } elseif (!($info = Session::get('find_info_p'))) {
         $response['info'] = '验证信息已失效,请重新发送验证码';
     } elseif ($info['code'] != strtoupper($code)) {
         $response['info'] = '验证码错误';
         $times = isset($info['t']) ? $info['t'] + 1 : 1;
         if ($times > 3) {
             /*一个验证码尝试超过三次强制过期*/
             Session::del('find_info_p');
         } else {
             $info['t'] = $times;
             Session::set('find_info_p', $info);
         }
     } else {
         Session::del('find_info_p');
         Session::set('find_printer', ['id' => $info['id'], 'account' => $info['account']]);
         $response['status'] = 1;
         $response['info'] = '验证成功,请重置密码';
     }
     $this->response = $response;
 }
Пример #18
0
 public function purchase()
 {
     $shipping = UID::get('shipping_options', $this->getPost('shipping_option'));
     $address_id = $this->getPost('address_id');
     if (!$address_id) {
         $this->commitReplace('Informe o endereço de entrega', '#submitmsg');
         $this->commitShow('#submitmsg');
         return;
     }
     $order_id = $this->getQueryString('order_id');
     $cartItems = $this->getCartItems($order_id);
     if (!$order_id) {
         $cart = $this->createCart();
         foreach ($cartItems as $item) {
             $this->addCartItem($cart['id'], $item['id']);
         }
     }
     Session::del('cart');
     $hash = String::generateHash();
     if (!$shipping) {
         $this->commitReplace('Informe o tipo de envio', '#submitmsg');
         $this->commitShow('#submitmsg');
         return;
     }
     $shipping_fields = array('Codigo' => 'shipping_code', 'Valor' => 'shipping_value', 'PrazoEntrega' => 'delivery_time', 'ValorMaoPropria' => 'hand_value', 'ValorAvisoRecebimento' => 'notify_value', 'ValorValorDeclarado' => 'recover_value', 'EntregaDomiciliar' => 'home_delivery', 'EntregaSabado' => 'weekend_delivery');
     $orbit = new Orbit();
     $clientAddr = $orbit->get('client/address/' . $address_id);
     $address = $clientAddr['address'];
     $getCart = array('client_id' => UID::get('id'));
     if (isset($cart['id'])) {
         $getCart['id'] = $cart['id'];
     }
     $request = $orbit->get('request/cart', 1, 1, $getCart);
     if (!isset($request['cart']) || $request['cart'] === 0) {
         $this->commitReplace('Ocorreu um problema na sua sessão. Faça o login novamente.', '#submitmsg');
         $this->commitShow('#submitmsg');
         return;
     }
     $cart = $request['cart'];
     $purchaseData = array();
     foreach ($shipping_fields as $key => $field) {
         $purchaseData[$field] = $shipping[$key];
     }
     $requestItems = $orbit->get('client/cartitems', 1, 100, array('id' => UID::get('id'), 'request_id' => $cart['id']));
     if (!isset($requestItems['cart']) || count($requestItems['cart']) == 0) {
         $this->commitReplace('Não foi possível iniciar a transação. Por favor, entre em contato conosco e nos informe: ' . $requestItems['message'], '#submitmsg');
         $this->commitShow('#submitmsg');
     }
     $cartItems = $requestItems['cart'];
     $pagSeguro = new PagSeguro();
     $totalPrice = 0;
     foreach ($cartItems as $item) {
         //TODO: Quantidade variável
         $pagSeguro->addItem($item['id'], $item['product_name'], $item['price'], '1', $item['weight']);
         $totalPrice += $item['price'];
     }
     $orbit->put('request/' . $cart['id'], array('final_price' => $totalPrice));
     $totalPrice += floatval(str_replace(',', '.', $shipping['Valor']));
     $purchaseData['client_id'] = UID::get('id');
     $purchaseData['request_id'] = $cart['id'];
     $purchaseData['address_id'] = $address_id;
     $purchaseData['pay_hash'] = $hash;
     $purchaseData['price'] = $totalPrice;
     $config = $orbit->get('config');
     $config = current($config['config']);
     $phones = UID::get('phones');
     $area = '';
     $phone = '';
     if (count($phones) > 0) {
         $firstPhone = current($phones);
         $phoneInfo = explode(' ', $firstPhone['phone_number'], 2);
         if (count($phoneInfo) > 1) {
             $area = $phoneInfo[0];
             $phone = str_replace('-', '', $phoneInfo[1]);
         }
     }
     $pagSeguro->addSender(UID::get('client_name'), UID::get('email'), $area, $phone);
     $pagSeguro->addShipping(PagSeguro::getShippingType($purchaseData['shipping_code']), $purchaseData['shipping_value'], $address['street_addr'], $address['street_number'], $address['street_additional'], $address['hood'], $address['city'], $address['zip_code'], $address['state']);
     $pagSeguro->setReference($hash);
     $pagSeguro->setRedirectURL(MAINURL . '/cart/confirmed?order=' . $hash);
     $pagSeguro->setAccountEmail($config['payment_account']);
     $pagSeguro->setToken($config['token']);
     UID::set('purchase_data', $hash, $purchaseData);
     $code = $pagSeguro->submit();
     if ($code) {
         $response = $orbit->put('request/' . $cart['id'], array('pay_hash' => $hash, 'pay_token' => $code));
         $pagSeguro->redirect();
     }
     $submit = $pagSeguro->getResponse();
     if (isset($submit['error'])) {
         $this->commitReplace('Não foi possível iniciar a transação. Por favor, entre em contato conosco e nos informe: ' . $submit['error']['message'], '#submitmsg');
         $this->commitShow('#submitmsg');
     }
 }
Пример #19
0
function manageStaff()
{
    global $xoopsModule, $xoopsUser, $oAdminButton, $displayName, $aLimitByS, $aLimitByD;
    require_once XHELP_CLASS_PATH . '/session.php';
    $_xhelpSession = new Session();
    $_xhelpSession->del("xhelp_return_page");
    $start = $limit = 0;
    $dstart = $dlimit = 0;
    $staff_search = false;
    $dept_search = false;
    if (isset($_POST['addRole'])) {
        header("Location: " . XHELP_ADMIN_URL . "/staff.php?op=addRole");
        exit;
    }
    if (isset($_POST['clearRoles'])) {
        header("Location: " . XHELP_ADMIN_URL . "/staff.php?op=clearRoles");
        exit;
    }
    if (isset($_REQUEST['limit'])) {
        $limit = intval($_REQUEST['limit']);
    }
    if (isset($_REQUEST['start'])) {
        $start = intval($_REQUEST['start']);
    }
    if (isset($_REQUEST['staff_search'])) {
        $staff_search = $_REQUEST['staff_search'];
    }
    if (isset($_REQUEST['dept_search'])) {
        $dept_search = $_REQUEST['dept_search'];
    }
    if (!$limit) {
        $limit = 20;
    }
    if (isset($_REQUEST['dlimit'])) {
        $dlimit = intval($_REQUEST['dlimit']);
    }
    if (isset($_REQUEST['dstart'])) {
        $dstart = intval($_REQUEST['dstart']);
    }
    if (!$dlimit) {
        $dlimit = 10;
    }
    $_xhelpSession->set("xhelp_return_op", "manageStaff");
    if (!isset($_POST['addStaff'])) {
        $member_handler =& xoops_gethandler('member');
        // Get member handler
        $hStaff =& xhelpGetHandler('staff');
        // Get staff handler
        $hDepartments =& xhelpGetHandler('department');
        // Get department handler
        $hRoles =& xhelpGetHandler('role');
        //Get List of depts in system
        $crit = new Criteria('', '');
        $crit->setSort('department');
        $crit->setOrder('ASC');
        $dept_count = $hDepartments->getCount($crit);
        $dept_obj =& $hDepartments->getObjects($crit);
        xoops_cp_header();
        echo $oAdminButton->renderButtons('manStaff');
        if (isset($_GET['uid'])) {
            $userid = intval($_GET['uid']);
            $uname = $xoopsUser->getUnameFromId($userid);
        } else {
            $userid = 0;
            $uname = '';
        }
        if ($dept_count > 0) {
            $userid = isset($_GET['uid']) ? intval($_GET['uid']) : 0;
            //Get List of staff members
            $crit = new Criteria('', '');
            $crit->setStart($start);
            $crit->setLimit($limit);
            $staff_obj =& $hStaff->getObjects($crit);
            $staff_count = $hStaff->getCount($crit);
            $user_count = $member_handler->getUserCount();
            $nav = new xhelpPageNav($staff_count, $limit, $start, 'start', "op=manageStaff&amp;limit={$limit}");
            //Get List of Staff Roles
            $crit = new Criteria('', '');
            $crit->setOrder('ASC');
            $crit->setSort('name');
            $roles =& $hRoles->getObjects($crit);
            echo '<script type="text/javascript" src="' . XOOPS_URL . '/modules/xhelp/include/functions.js"></script>';
            echo "<form method='post' id='manageStaff' name='manageStaff' action='staff.php?op=manageStaff'>";
            echo "<table width='100%' cellspacing='1' class='outer'>\r\n                  <tr><th colspan='2'>" . _AM_XHELP_ADD_STAFF . "</th></tr>";
            echo "<tr><td class='head' width='20%'>" . _AM_XHELP_TEXT_USER . "</td>\r\n                      <td class='even'>\r\n                          <input type='text' id='fullname' name='fullname' class='formButton' value='" . $uname . "' disabled='disabled' style='background-color:#E1E1E1;' onchange=\"window.location='staff.php?op=manageStaff&amp;uid='+user_id.value;\" />\r\n                          <input type='hidden' id='user_id' name='user_id' class='formButton' value='" . $userid . "' />";
            echo "&nbsp;<a href=\"javascript:openWithSelfMain('" . XHELP_BASE_URL . "/lookup.php?admin=1', 'lookup',400, 300);\" title='" . _AM_XHELP_TEXT_FIND_USERS . "'>" . _AM_XHELP_TEXT_FIND_USERS . "</a>\r\n                      </td>\r\n                  </tr>";
            echo "</td></tr>";
            echo "<tr><td class='head' width='20%'>" . _AM_XHELP_TEXT_ROLES . "</td>\r\n                      <td class='even'><table width='75%'>";
            if ($mainRoles = $_xhelpSession->get("xhelp_mainRoles")) {
                foreach ($roles as $role) {
                    if (!in_array($role->getVar('id'), $mainRoles)) {
                        echo "<tr><td><input type='checkbox' name='roles[]' value='" . $role->getVar('id') . "' onclick=\"xhelpRoleCustOnClick('manageStaff', 'roles[]', 'xhelp_role', '&amp;', 'xhelp_dept_cust');\" />\r\n                              <a href='staff.php?op=editRole&amp;id=" . $role->getVar('id') . "&amp;uid=" . $userid . "'>" . $role->getVar('name') . "</a> - " . $role->getVar('description') . "</td></tr>";
                    } else {
                        echo "<tr><td><input type='checkbox' name='roles[]' value='" . $role->getVar('id') . "' checked='checked' onclick=\"xhelpRoleCustOnClick('manageStaff', 'roles[]', 'xhelp_role', '&amp;', 'xhelp_dept_cust');\" />\r\n                              <a href='staff.php?op=editRole&amp;id=" . $role->getVar('id') . "&amp;uid=" . $userid . "'>" . $role->getVar('name') . "</a> - " . $role->getVar('description') . "</td></tr>";
                    }
                }
            } else {
                foreach ($roles as $role) {
                    echo "<tr><td><input type='checkbox' name='roles[]' value='" . $role->getVar('id') . "' onclick=\"xhelpRoleCustOnClick('manageStaff', 'roles[]', 'xhelp_role', '&amp;', 'xhelp_dept_cust');\" />\r\n                          <a href='staff.php?op=editRole&amp;id=" . $role->getVar('id') . "&amp;uid=" . $userid . "'>" . $role->getVar('name') . "</a> - " . $role->getVar('description') . "</td></tr>";
                }
            }
            echo "<tr><td><input type='checkbox' name='checkallRoles' value='0' onclick='selectAll(this.form,\"roles[]\",this.checked); xhelpRoleCustOnClick(\"manageStaff\", \"roles[]\", \"xhelp_role\", \"&amp;\", \"xhelp_dept_cust\");' /><b>" . _AM_XHELP_TEXT_SELECT_ALL . "</b></td></tr>";
            echo "</table></td></tr>";
            echo "<tr><td class='head' width='20%'>" . _AM_XHELP_TEXT_DEPARTMENTS . "</td>\r\n                  <td class='even' width='50%'><table width='75%'>";
            if ($mainDepts =& $_xhelpSession->get("xhelp_mainDepts")) {
                foreach ($dept_obj as $dept) {
                    $deptid = $dept->getVar('id');
                    $aDept = $_xhelpSession->get("xhelp_dept_{$deptid}");
                    $aDeptRoles = $aDept['roleNames'];
                    if (!empty($aDeptRoles) && is_array($aDeptRoles)) {
                        $deptRoles = implode(", ", $aDeptRoles);
                    } else {
                        $deptRoles = '';
                    }
                    if (!in_array($dept->getVar('id'), $mainDepts)) {
                        echo "<tr><td>\r\n                              <input type='checkbox' name='departments[]' value='" . $dept->getVar('id') . "' onclick=\"xhelpRoleCustOnClick('manageStaff', 'departments[]', 'xhelp_depts', '&amp;', 'xhelp_dept_cust');\" />\r\n                              " . $dept->getVar('department') . " [<a href='staff.php?op=customDept&amp;deptid=" . $dept->getVar('id') . "&amp;uid=" . $userid . "' class='xhelp_dept_cust'>" . _AM_XHELP_TEXT_CUSTOMIZE . "</a>] <i>" . $deptRoles . "</i>\r\n                              </td></tr>";
                    } else {
                        echo "<tr><td>\r\n                              <input type='checkbox' name='departments[]' checked='checked' value='" . $dept->getVar('id') . "' onclick=\"xhelpRoleCustOnClick('manageStaff', 'departments[]', 'xhelp_depts', '&amp;', 'xhelp_dept_cust');\" />\r\n                              " . $dept->getVar('department') . " [<a href='staff.php?op=customDept&amp;deptid=" . $dept->getVar('id') . "&amp;uid=" . $userid . "' class='xhelp_dept_cust'>" . _AM_XHELP_TEXT_CUSTOMIZE . "</a>] <i>" . $deptRoles . "</i>\r\n                              </td></tr>";
                    }
                }
            } else {
                foreach ($dept_obj as $dept) {
                    $deptid = $dept->getVar('id');
                    $aDept = $_xhelpSession->get("xhelp_dept_{$deptid}");
                    $aDeptRoles = $aDept['roleNames'];
                    if (!empty($aDeptRoles)) {
                        $deptRoles = implode(", ", $aDeptRoles);
                    } else {
                        $deptRoles = '';
                    }
                    echo "<tr><td>\r\n                          <input type='checkbox' name='departments[]' value='" . $dept->getVar('id') . "' onclick=\"xhelpRoleCustOnClick('manageStaff', 'departments[]', 'xhelp_depts', '&amp;', 'xhelp_dept_cust');\" />\r\n                          " . $dept->getVar('department') . " [<a href='staff.php?op=customDept&amp;deptid=" . $dept->getVar('id') . "&amp;uid=" . $userid . "' class='xhelp_dept_cust'>" . _AM_XHELP_TEXT_CUSTOMIZE . "</a>] <i>" . $deptRoles . "</i>\r\n                          </td></tr>";
                }
            }
            echo "<tr><td><input type='checkbox' name='checkallDepts' value='0' onclick='selectAll(this.form,\"departments[]\",this.checked);xhelpRoleCustOnClick(\"manageStaff\", \"departments[]\", \"xhelp_depts\", \"&amp;\", \"xhelp_dept_cust\");' /><b>" . _AM_XHELP_TEXT_SELECT_ALL . "</b></td></tr>";
            echo "</table></td></tr>";
            echo "<tr><td colspan='2' class='foot'>\r\n                  <input type='submit' name='addStaff' value='" . _AM_XHELP_BUTTON_ADDSTAFF . "' />\r\n                  <input type='submit' name='addRole' value='" . _AM_XHELP_BUTTON_CREATE_ROLE . "' class='formButton' />\r\n                  <input type='submit' name='clearRoles' value='" . _AM_XHELP_BUTTON_CLEAR_PERMS . "' class='formButton' />\r\n                  </td></tr>";
            echo "</table></form>";
            echo "<form method='post' id='cleanStaff' name='cleanStaff' action='staff.php?op=clearOrphanedStaff'>";
            echo "<table width='100%' cellspacing='1' class='outer'>\r\n                  <tr><th colspan='2'>" . _AM_XHELP_TEXT_MAINTENANCE . "</th></tr>";
            echo "<tr><td class='head' width='40%'>" . _AM_XHELP_TEXT_ORPHANED . "</td>\r\n                      <td class='even'><input type='submit' name='cleanStaff' value='" . _AM_XHELP_BUTTON_SUBMIT . "' /></td>\r\n                  </tr>";
            echo "</table></form>";
            if ($staff_count > 0) {
                //Get User Information for each staff member
                $staff_uids = array();
                foreach ($staff_obj as $obj) {
                    $staff_uids[] = $obj->getVar('uid');
                }
                if ($staff_search == false) {
                    $crit = new Criteria('uid', '(' . implode(',', $staff_uids) . ')', 'IN');
                } else {
                    $crit = new CriteriaCompo(new Criteria('uname', "%{$staff_search}%", 'LIKE'), 'OR');
                    $crit->add(new Criteria('name', "%{$staff_search}%", 'LIKE'), 'OR');
                    $crit->add(new Criteria('email', "%{$staff_search}%", 'LIKE'), 'OR');
                }
                $staff_users = $member_handler->getUsers($crit);
                if ($dept_search == false) {
                    $crit = new Criteria('', '');
                } else {
                    $crit = new Criteria('department', "%{$dept_search}%", 'LIKE');
                }
                $crit->setStart($dstart);
                $crit->setLimit($dlimit);
                $allDepts = $hDepartments->getObjects($crit, true);
                $dnav = new xhelpPageNav($hDepartments->getCount($crit), $dlimit, $dstart, 'dstart', "op=manageStaff&amp;start={$start}&amp;limit={$limit}&amp;dlimit={$dlimit}", "tblManageStaff");
                echo "<form action='" . XHELP_ADMIN_URL . "/staff.php?op=manageStaff' style='margin:0; padding:0;' method='post'>";
                echo "<table width='100%' cellspacing='1' class='outer'>";
                echo "<tr><td align='right'>" . _AM_XHELP_TEXT_STAFF . ": " . _AM_XHELP_BUTTON_SEARCH . " <input type='text' name='staff_search' value='{$staff_search}' />\r\n                          " . _AM_XHELP_TEXT_NUMBER_PER_PAGE . "<select name='limit'>";
                foreach ($aLimitByS as $value => $text) {
                    $limit == $value ? $selected = "selected='selected'" : ($selected = '');
                    echo "<option value='{$value}' {$selected}>{$text}</option>";
                }
                echo "</select>\r\n                            &nbsp;&nbsp;&nbsp;\r\n                            " . _AM_XHELP_TEXT_DEPARTMENTS . ": " . _AM_XHELP_BUTTON_SEARCH . " \r\n                              <input type='text' name='dept_search' value='{$dept_search}' />\r\n                            " . _AM_XHELP_TEXT_NUMBER_PER_PAGE . "\r\n                              <select name='dlimit'>";
                foreach ($aLimitByD as $value => $text) {
                    $dlimit == $value ? $selected = "selected='selected'" : ($selected = '');
                    echo "<option value='{$value}' {$selected}>{$text}</option>";
                }
                echo "</select>\r\n                            &nbsp;&nbsp;\r\n                              <input type='submit' name='staff_select' id='staff_select' value='" . _AM_XHELP_BUTTON_SUBMIT . "' />\r\n                          </td>\r\n                      </tr>";
                echo "</table></form>";
                echo "<table width='100%' cellspacing='1' class='outer' id='tblManageStaff'>\r\n                      <tr><th colspan='" . (3 + count($allDepts)) . "'><label>" . _AM_XHELP_MANAGE_STAFF . "</label></th></tr>";
                echo "<tr class='head'><td rowspan='2'>" . _AM_XHELP_TEXT_ID . "</td><td rowspan='2'>" . _AM_XHELP_TEXT_USER . "</td><td colspan='" . count($allDepts) . "'>" . _AM_XHELP_TEXT_DEPARTMENTS . " " . $dnav->renderNav() . "</td><td rowspan='2'>" . _AM_XHELP_TEXT_ACTIONS . "</td></tr>";
                echo "<tr class='head'>";
                foreach ($allDepts as $thisdept) {
                    echo "<td>" . $thisdept->getVar('department') . "</td>";
                }
                echo "</tr>";
                $hMembership =& xhelpGetHandler('membership');
                $hStaffRole =& xhelpGetHandler('staffRole');
                foreach ($staff_users as $staff) {
                    $departments = $hMembership->membershipByStaff($staff->getVar('uid'), true);
                    echo "<tr class='even'><td>" . $staff->getVar('uid') . "</td><td>" . $staff->getVar('uname') . "</td>";
                    foreach ($allDepts as $thisdept) {
                        echo "<td><img src='" . XOOPS_URL . "/modules/xhelp/images/";
                        echo array_key_exists($thisdept->getVar('id'), $departments) ? "on" : "off";
                        echo ".png' /></td>";
                    }
                    echo "<td><a href='staff.php?op=editStaff&amp;uid=" . $staff->getVar('uid') . "'><img src='" . XOOPS_URL . "/modules/xhelp/images/button_edit.png' title='" . _AM_XHELP_TEXT_EDIT . "' name='editStaff' /></a>&nbsp;\r\n                              <a href='delete.php?deleteStaff=1&amp;uid=" . $staff->getVar('uid') . "'><img src='" . XOOPS_URL . "/modules/xhelp/images/button_delete.png' title='" . _AM_XHELP_TEXT_DELETE . "' name='deleteStaff' /></a>\r\n                          </td></tr>";
                }
                echo "</table><br />";
                echo "<div id='staff_nav'>" . $nav->renderNav() . "</div>";
            }
        } else {
            echo "<div id='readOnly' class='errorMsg'>";
            echo _AM_XHELP_TEXT_MAKE_DEPTS;
            echo "</div>";
            echo "<br /><a href='department.php?op=manageDepartments'>" . _AM_XHELP_LINK_ADD_DEPT . "</a>";
        }
        xhelpAdminFooter();
        xoops_cp_footer();
    } else {
        $uid = $_POST['user_id'];
        $depts = $_POST['departments'];
        $roles = $_POST['roles'];
        //$selectAll = $_POST['selectall'];
        $hStaff =& xhelpGetHandler('staff');
        if (!isset($uid) || $uid == '') {
            redirect_header(XHELP_ADMIN_URL . '/staff.php?op=manageStaff', 3, _AM_XHELP_STAFF_ERROR_USERS);
        }
        if (!isset($depts)) {
            redirect_header(XHELP_ADMIN_URL . '/staff.php?op=manageStaff', 3, _AM_XHELP_STAFF_ERROR_DEPTARTMENTS);
        }
        if (!isset($roles)) {
            redirect_header(XHELP_ADMIN_URL . '/staff.php?op=manageStaff', 3, _AM_XHELP_STAFF_ERROR_ROLES);
        }
        if ($hStaff->isStaff($uid)) {
            redirect_header(XHELP_ADMIN_URL . '/staff.php?op=manageStaff', 3, _AM_XHELP_STAFF_EXISTS);
        }
        $member_handler =& xoops_gethandler('member');
        // Get member handler
        $newUser =& $member_handler->getUser($uid);
        $email = $newUser->getVar('email');
        if ($hStaff->addStaff($uid, $email)) {
            // $selectAll
            $message = _XHELP_MESSAGE_ADDSTAFF;
            $hMembership =& xhelpGetHandler('membership');
            //Set Department Membership
            if ($hMembership->addDeptToStaff($depts, $uid)) {
                $message = _XHELP_MESSAGE_ADDSTAFF;
            } else {
                $message = _XHELP_MESSAGE_ADDSTAFF_ERROR;
            }
            //Set Global Roles
            foreach ($roles as $role) {
                $hStaff->addStaffRole($uid, $role, 0);
            }
            //Set Department Roles
            foreach ($depts as $dept) {
                if ($custRoles = $_xhelpSession->get("xhelp_dept_{$dept}")) {
                    if ($custRoles['roles'] != -1) {
                        foreach ($custRoles['roles'] as $role) {
                            $hStaff->addStaffRole($uid, $role, $dept);
                        }
                    } else {
                        // If dept still checked, but no custom depts, give global roles to dept
                        foreach ($roles as $role) {
                            $hStaff->addStaffRole($uid, $role, $dept);
                        }
                    }
                } else {
                    foreach ($roles as $role) {
                        $hStaff->addStaffRole($uid, $role, $dept);
                    }
                }
            }
            $hTicketList =& xhelpGetHandler('ticketList');
            $hasTicketLists = $hTicketList->createStaffGlobalLists($uid);
            header("Location: " . XHELP_ADMIN_URL . "/staff.php?op=clearRoles");
        } else {
            $message = _XHELP_MESSAGE_ADDSTAFF_ERROR;
            redirect_header(XHELP_ADMIN_URL . '/staff.php?op=clearRoles', 3, $message);
        }
    }
    //end if
}
Пример #20
0
 public function login()
 {
     if (Session::get($this::name_space, 'login_attempts') >= 10) {
         $ipBan = new IpBan($this->parent->parent);
         if ($ipBan->ban('Too many authentication failures', 15)) {
             Session::del($this::name_space, 'login_attempts');
             return new ActionResult($this, '/', 1, '', B_T_FAIL);
         }
     }
     $user = WebApp::post('user');
     $pass = WebApp::post('pwd');
     $this->parent->parent->debug($this::name_space . ': Logging in user...');
     $user_query = $this->mySQL_r->prepare("SELECT `id`, `username`, `act_b`, `chgPwd`, `en` FROM `core_users` WHERE `username`=? OR `email`=?");
     $user_query->bind_param('ss', $user, $user);
     $user_query->execute();
     $user_query->bind_result($id, $username, $activated, $chgPwd, $enabled);
     $user_query->store_result();
     // Check we have a user to log into
     if ($user_query->num_rows != 1) {
         $login_attempts = Session::get($this::name_space, 'login_attempts') === NULL ? 0 : Session::get($this::name_space, 'login_attempts');
         $this->parent->parent->logEvent($this::name_space, 'Someone tried to login to user "' . $user . '" except they don\'t exist');
         $this->parent->parent->debug($this::name_space . ': Someone tried to login to user "' . $user . '" except they don\'t exist!');
         $this->parent->parent->debug($this::name_space . ': Number of attempts ' . $login_attempts);
         Session::set($this::name_space, 'login_attempts', $login_attempts + 1);
         return new ActionResult($this, '/user/login', 0, 'Invalid username or password!<br />' . PHP_EOL . 'Usernames and passwords are case sensitive.', B_T_FAIL, array('form' => array('pwd' => '')));
     }
     while ($user_query->fetch()) {
         $active = intval($activated);
         $changePassword = intval($chgPwd);
         $enabled = intval($enabled);
         $id = $id;
     }
     // Have they activated their account?
     if (!$active) {
         $this->parent->parent->logEvent($this::name_space, 'Unactivated user "' . $username . '" tried to log in');
         return new ActionResult($this, '/user/activate', 1, '');
     }
     // Has the user been disabled?
     if (!$enabled) {
         $this->parent->parent->logEvent($this::name_space, 'Disabled user "' . $username . '" tried to log in');
         return new ActionResult($this, '/user/login', 0, 'Your account has been disabled. Contact the webmaster for further information.', B_T_FAIL, array('form' => array('user' => '', 'pwd' => '')));
     }
     // Now we can see if they got the password correct
     if (!$this->parent->parent->user->authenticate($pass, $id, $username)) {
         $login_attempts = Session::get($this::name_space, 'login_attempts') === NULL ? 0 : Session::get($this::name_space, 'login_attempts');
         $this->parent->parent->logEvent($this::name_space, $username . ' failed to log in');
         $this->parent->parent->debug($this::name_space . ': ' . $username . ' failed to log in');
         $this->parent->parent->debug($this::name_space . ': Number of attempts ' . $login_attempts);
         Session::set($this::name_space, 'login_attempts', $login_attempts + 1);
         return new ActionResult($this, '/user/login', 0, 'Invalid username or password!<br />' . PHP_EOL . 'Usernames and passwords are case sensitive.', B_T_FAIL, array('form' => array('pwd' => '')));
     }
     // Now we can log them in
     Session::del($this::name_space, 'login_attempts');
     $this->parent->parent->logEvent($this::name_space, $username . ' logged in');
     //Session::regen();
     if (!$this->parent->parent->user->session->create($id)) {
         $this->parent->parent->logEvent($this::name_space, 'Failed to create token!');
         return new ActionResult($this, '/user/login', 0, 'Login failed, please speak to webmaster', B_T_FAIL);
     }
     Session::set('WebApp.User', 'loggedIn', true);
     Session::set('WebApp.User', 'username', $username);
     Session::set('WebApp.User', 'userID', $id);
     if ($changePassword == 1) {
         return new ActionResult($this, '/user/profile/password', 1, '');
     }
     if (WebApp::post('r') !== NULL && WebApp::post('r') !== '') {
         $url = urldecode(WebApp::post('r'));
     } else {
         $url = '/user';
     }
     return new ActionResult($this, $url, 1, '');
 }
Пример #21
0
<?php

/**
 * This file is a part of MyWebSQL package
 *
 * @file:      modules/showinfo.php
 * @author     Samnan ur Rehman
 * @copyright  (c) 2008-2012 Samnan ur Rehman
 * @web        http://mywebsql.net
 * @license    http://mywebsql.net/license
 */
$type = $_REQUEST["id"];
if ($type == 'table' || $type == 'view') {
    $_REQUEST["id"] = 'table';
    $_REQUEST["query"] = $_REQUEST["name"];
    unset($_REQUEST['name']);
    Session::del('select');
    include 'query.php';
} else {
    function processRequest(&$db)
    {
        $extraMsg = '';
        $type = $_REQUEST["id"];
        $name = $_REQUEST["name"];
        $cmd = $db->getCreateCommand($type, $name);
        $cmd = sanitizeCreateCommand($type, $cmd);
        //$tm = $db->getQueryTime();
        $replace = array('TYPE' => $type, 'NAME' => $name, 'COMMAND' => $cmd);
        echo view('showinfo', $replace);
    }
}
Пример #22
0
 function clearFlash()
 {
     Session::del("flashdata");
     Session::del("flashtype");
 }
Пример #23
0
function createInfoGrid(&$db, $query = "", $numQueries = 1, $affectedRows = -1, $addHistory = true, $executionTime = false)
{
    Session::del('select', 'pkey');
    Session::del('select', 'ukey');
    Session::del('select', 'mkey');
    Session::del('select', 'unique_table');
    if ($affectedRows == -1) {
        $affectedRows = $db->getAffectedRows();
    }
    if ($query == "") {
        $query = $_REQUEST["query"];
    }
    print "<div id='results'>\n";
    print "<div class=\"message ui-state-default\">";
    $msg = $numQueries == 1 ? __('1 query successfully executed') : str_replace('{{NUM}}', $numQueries, __('{{NUM}} queries successfully executed'));
    print $msg . ".</div>";
    print "<div class=\"message ui-state-highlight\">" . str_replace('{{NUM}}', $affectedRows, __('{{NUM}} record(s) were affected')) . "</div>";
    if ($numQueries == 1) {
        $formatted_query = preg_replace("/[\\n|\\r]?[\\n]+/", "<br>", htmlspecialchars($query));
        print "<div class='sql-text ui-state-default'>" . $formatted_query . "</div>";
        $warnings = $db->getWarnings();
        if (count($warnings) > 0) {
            print '<div class="message ui-state-error">';
            foreach ($warnings as $warning) {
                print htmlspecialchars($warning) . '<br />';
            }
            print '</div>';
        }
    }
    print "</div>";
    $tm = $executionTime ? $executionTime : $db->getQueryTime();
    print "<script type=\"text/javascript\" language='javascript'> parent.transferResultMessage(-1, '{$tm}', '" . str_replace('{{NUM}}', $affectedRows, __('{{NUM}} record(s) updated')) . "');\n";
    if ($addHistory) {
        print "parent.addCmdHistory(\"" . preg_replace("/[\n\r]/", "<br/>", htmlspecialchars($query)) . "\");\n";
    }
    if (Session::get('db', 'altered')) {
        Session::del('db', 'altered');
        print "parent.objectsRefresh();\n";
    }
    print "parent.resetFrame();\n";
    print "</script>\n";
}
Пример #24
0
 private function getAuthSecureLogin()
 {
     if (isset($_POST['mywebsql_auth'])) {
         $enc_lib = BASE_PATH . (extension_loaded('openssl') && extension_loaded('gmp') ? "/lib/external/jcryption.php" : "/lib/external/jcryption-legacy.php");
         require_once $enc_lib;
         $jCryption = new jCryption();
         $d = Session::get('auth_enc', 'd');
         $n = Session::get('auth_enc', 'n');
         if (!isset($d['int']) || !isset($n['int'])) {
             return $this->setError('Invalid Credentials');
         }
         $decoded = $jCryption->decrypt($_POST['mywebsql_auth'], $d['int'], $n['int']);
         if (!$decoded) {
             return $this->setError('Invalid Credentials');
         }
         parse_str($decoded, $info);
         // custom server variables are included in the decoded array
         if (isset($info['server_name'])) {
             $_POST['server_name'] = $info['server_name'];
         }
         if (isset($info['server_type'])) {
             $_POST['server_type'] = $info['server_type'];
         }
         $server = $this->getServer(v($info['server']));
         $this->username = v($info['auth_user']);
         $this->password = v($info['auth_pwd']);
         // extract encrypted variables for splash screen
         $_REQUEST['server'] = v($info['server']);
         $_REQUEST['lang'] = v($info['lang']);
         if ($this->db->connect($server[1], $this->username, $this->password)) {
             Session::del('auth_enc');
             Session::set('auth', 'valid', true);
             Session::set('auth', 'server_name', $server[0], true);
             Session::set('auth', 'host', $server[1]['host'], true);
             Session::set('auth', 'user', $this->username, true);
             Session::set('auth', 'pwd', $this->password, true);
             Session::set('db', 'driver', $server[1]['driver']);
             $this->db->disconnect();
             header('Location: ' . EXTERNAL_PATH);
             return true;
         } else {
             $this->setError($this->db->getError());
         }
     }
     return false;
 }
Пример #25
0
        print '      </ul>' . PHP_EOL;
    } else {
        print '      <a href="/user/login" class="btn btn-default">Log In&nbsp;&nbsp;&nbsp;&nbsp;<span class="pull-right ' . B_ICON . ' ' . B_ICON . '-log-in"></span></a>' . PHP_EOL;
        if (!$page->parent->config->config['core']['maintenance']) {
            print '      <a href="#" class="btn btn-default dropdown-toggle" data-toggle="dropdown">' . PHP_EOL;
            print '        <span class="caret"></span>' . PHP_EOL;
            print '        <span class="sr-only">Toggle Dropdown</span>' . PHP_EOL;
            print '      </a>' . PHP_EOL;
            print '      <ul class="dropdown-menu" role="menu">' . PHP_EOL;
            print '        <li><a href="/user/recover" class="btn btn-default">Forgot Details?</a></li>' . PHP_EOL;
            print '        <li><a href="/user/register">Registration</a></li>' . PHP_EOL;
            print '      </ul>' . PHP_EOL;
        }
    }
}
?>
    </div>
  </div>
</div>
<div id="alert_working" class="hidden">
<?php 
$working = $page->getPlugin('alert');
$working->setAlert('Processing...', B_T_INFO, 'working', false);
print $working->getAlert();
?>
</div>
<?php 
foreach (Session::getAll('status_msg') as $id => $message) {
    print $message . PHP_EOL;
    Session::del('status_msg', $id);
}
Пример #26
0
 public function logout()
 {
     Session::del('username');
     echo 'berhasil logout';
 }
Пример #27
0
 public function remove()
 {
     $Site = new \system\model\Site();
     if (service('user')->isManage()) {
         $Site->remove(SITEID);
         Session::del('siteid');
         message('网站删除成功', 'back', 'success');
     }
     message('你不是站长不可以删除网站', 'back', 'error');
 }
Пример #28
0
 function add()
 {
     $f_name = WebApp::post('f_name') === NULL ? '' : WebApp::post('f_name');
     $s_name = WebApp::post('s_name') === NULL ? '' : WebApp::post('s_name');
     $username = WebApp::post('username') === NULL ? '' : WebApp::post('username');
     $email = WebApp::post('email') === NULL ? '' : WebApp::post('email');
     $p_group = WebApp::post('p_group') === NULL ? '' : WebApp::post('p_group');
     if ($f_name == '') {
         return new ActionResult($this, '/admin/user/user_add', 0, 'Failed to add user.<br />Error: <code>First Name must not be blank</code>', B_T_FAIL);
     }
     if ($s_name == '') {
         return new ActionResult($this, '/admin/user/user_add', 0, 'Failed to add user.<br />Error: <code>Surname must not be blank</code>', B_T_FAIL);
     }
     if ($username == '') {
         return new ActionResult($this, '/admin/user/user_add', 0, 'Failed to add user.<br />Error: <code>Username must not be blank</code>', B_T_FAIL);
     }
     if ($email == '') {
         return new ActionResult($this, '/admin/user/user_add', 0, 'Failed to add user.<br />Error: <code>Email must not be blank</code>', B_T_FAIL);
     }
     if ($p_group == '') {
         return new ActionResult($this, '/admin/user/user_add', 0, 'Failed to add user.<br />Error: <code>Primary Group must not be blank</code>', B_T_FAIL);
     }
     $user_query = $this->mySQL_r->prepare("SELECT `username`,`email` FROM `core_users` WHERE `username`=? OR `email`=?");
     if ($user_query === false) {
         return new ActionResult($this, '/admin/user/user_add', 0, 'Failed add user!<br />Error: <code>Add query failed</code>', B_T_FAIL);
     }
     $user_query->bind_param('ss', $username, $email);
     $user_query->execute();
     $user_query->store_result();
     if ($user_query->num_rows != 0) {
         return new ActionResult($this, '/admin/user/user_add', 0, 'Failed to add user.<br />Error: <code>User with that username/email already exists</code>', B_T_FAIL);
     }
     $user_add = $this->mySQL_w->prepare("INSERT INTO `core_users` (`f_name`,`s_name`,`username`,`email`,`p_group`, `pass`) VALUES(?,?,?,?,?,?)");
     if ($user_add == false) {
         return new ActionResult($this, '/admin/user/user_add', 0, 'Failed to add user.<br />Error: <code>Query failed</code>', B_T_FAIL);
     }
     $user = $this->parent->parent->user;
     $time = microtime(true);
     $pass = $user->pwd_hash($time, $user->ranHash()) . ':' . $user->ranHash();
     $user_add->bind_param('ssssis', $f_name, $s_name, $username, $email, $p_group, $pass);
     $user_add->execute();
     $user_add->store_result();
     if ($user_add->affected_rows == 1) {
         $this->parent->parent->logEvent($this::name_space, 'Added new user "' . $username . '"');
         $activationEmail = $this->genActivation($email, 'add', array('f' => '/admin/user/user_add', 's' => '/admin/user/user_view'));
         Session::del('status_msg', $activationEmail->id);
         if ($activationEmail->status == 1) {
             return new ActionResult($this, '/admin/user/user_view', 1, 'Successfully added user!', B_T_SUCCESS);
         } else {
             return new ActionResult($this, '/admin/user/user_view', 1, 'Successfully added user, but could not generate activation details!', B_T_WARNING);
         }
     } else {
         return new ActionResult($this, '/admin/user/user_add', 0, 'Failed to add user.<br />Error: <code>' . $this->mySQL_w->error . '</code>', B_T_FAIL);
     }
 }
Пример #29
0
 private function receive_form($options)
 {
     if (empty($options['action'])) {
         return null;
     }
     $data['errors'] = array();
     $data['notifications'] = array();
     $data['form'] = array();
     if (!empty($this->request->data)) {
         Session::set('saveForm', $this->request->data);
         unset($this->request->data);
         switch ($options['action']) {
             case 'index':
                 $this->redirect('?home/' . $options['action']);
                 break;
             case 'groupe':
                 $this->redirect('?home/' . $options['action'] . '/' . $options['params'][0]);
                 break;
             case 'reseau':
                 $this->redirect('?home/' . $options['action'] . '/' . $options['params'][0]);
                 break;
         }
     }
     $donnees = Session::get('saveForm');
     if (!empty($donnees)) {
         Session::del('saveForm');
         $form['resume'] = PregFucntions::sanitize_string($donnees['resume']);
         $v = $donnees['visibility'];
         $n = $donnees['net'];
         $g = $donnees['gr'];
         switch ($v[0]) {
             case '0':
                 $n = 0;
                 $g = 0;
                 $form['concerne'] = 'Tous';
                 break;
             case 'r':
                 $n = substr($v, 2, strlen($v));
                 $g = 0;
                 $form['concerne'] = $n;
                 break;
             case 'g':
                 $n = 0;
                 $g = substr($v, 2, strlen($v));
                 $form['concerne'] = $g;
                 break;
         }
         if (!$this->history->add(array('tables' => 'history', 'values' => '\'\',' . $options['user']['mem_id'] . ',' . Functions::squote($form['concerne']) . ',' . Functions::squote($form['resume']) . ',' . 'NOW(),' . $n . ',' . $g))) {
             $data['errors'][] = "Le post n'a pas été  soumis correctement, veuillez ressayer plus tard.";
         } else {
             $data['notifications'][] = "Le message a correctement été envoyé.";
         }
     }
     return $data;
 }
Пример #30
0
 /**
  * Uninstaller::_clearUninstallID()
  * 
  * @return
  */
 private function _clearUninstallID()
 {
     $hash = WebApp::get('id');
     Session::del($this::name_space, 'uninstall_from_' . $hash . '_id');
     Session::del($this::name_space, 'uninstall_from_' . $hash . '_dir');
     Session::del($this::name_space, 'uninstall_from_' . $hash . '_ns');
 }