public function upgrade()
{
if (php_sapi_name() == "cli") {
// @todo this may screw up some module installers, but we don't have a better answer at
// this time.
$_SERVER["HTTP_HOST"] = "example.com";
} else {
if (!user::active()->admin && !Session::instance()->get("can_upgrade", false)) {
access::forbidden();
}
}
// Upgrade gallery and user first
module::install("gallery");
module::install("user");
// Then upgrade the rest
foreach (module::available() as $id => $module) {
if ($id == "gallery") {
continue;
}
if ($module->active && $module->code_version != $module->version) {
module::install($id);
}
}
if (php_sapi_name() == "cli") {
print "Upgrade complete\n";
} else {
url::redirect("upgrader?done=1");
}
}
public function __construct()
{
parent::__construct('taxon_group');
$this->columns = array('title' => '');
$this->pagetitle = "Taxon Groups";
$this->session = Session::instance();
}
public static function load()
{
if (empty(self::$instance)) {
self::$instance = new Session();
}
return self::$instance;
}
/**
* Loads Session and configuration options.
*
* @return void
*/
public function __construct($config = array())
{
// Load Session
$this->session = Session::instance();
// Append default auth configuration
$config += Eight::config('auth');
// Save the config in the object
$this->config = $config;
// Init Bcrypt if we're using it
if ($this->config['hash_method'] == 'bcrypt') {
$this->bcrypt = new Bcrypt(12);
}
// Set the driver class name
$driver = 'Auth_Driver_' . $config['driver'];
if (!Eight::auto_load($driver)) {
throw new Eight_Exception('core.driver_not_found', $config['driver'], get_class($this));
}
// Load the driver
$driver = new $driver($config);
if (!$driver instanceof Auth_Driver) {
throw new Eight_Exception('core.driver_implements', $config['driver'], get_class($this), 'Auth_Driver');
}
// Load the driver for access
$this->driver = $driver;
Eight::log('debug', 'Auth Library loaded');
}
/**
* Tests Security::token()
*
* @test
* @dataProvider provider_csrf_token
* @covers Security::token
*/
public function test_csrf_token($expected, $input, $iteration)
{
Security::$token_name = 'token_' . $iteration;
$this->assertSame(TRUE, $input);
$this->assertSame($expected, Security::token(FALSE));
Session::instance()->delete(Security::$token_name);
}
public function tearDown()
{
$this->clear_tables();
Session::instance()->destroy();
Session::instance()->create();
parent::tearDown();
}
/**
* Returns an instance of Session object
* @return Session
*/
public static function getInstance()
{
if (self::$instance === null) {
self::$instance = new self();
}
return self::$instance;
}
/**
* Verify the login result and do whatever is needed to access the user data from this provider.
* @return bool
*/
public function verify()
{
// create token
$request_token = OAuth_Token::factory('request', array('token' => Session::instance()->get('oauth_token'), 'secret' => Session::instance()->get('oauth_token_secret')));
// Store the verifier in the token
$verifier = Arr::get($_REQUEST, 'oauth_verifier');
if (empty($verifier)) {
return false;
}
$request_token->verifier($verifier);
// Exchange the request token for an access token
$access_token = $this->provider->access_token($this->consumer, $request_token);
if ($access_token and $access_token->name === 'access') {
$request = OAuth_Request::factory('resource', 'GET', 'https://api.linkedin.com/v1/people/~:(id,first-name,last-name,headline,email-address)?format=json', array('oauth_consumer_key' => $this->consumer->key, 'oauth_signature_method' => "HMAC-SHA1", 'oauth_token' => $access_token->token));
// Sign the request using only the consumer, no token is available yet
$request->sign(new OAuth_Signature_HMAC_SHA1(), $this->consumer, $access_token);
// decode and store data
$data = json_decode($request->execute(), true);
$this->uid = $data['id'];
$this->data = $data;
return true;
} else {
return false;
}
}
/**
* @return void
*/
public function action_index()
{
$this->template->content->active = "options";
$session = Session::instance();
// Check for post
if ($this->request->method() === "POST") {
$bucket_name = trim($this->request->post('bucket_name'));
// Check for updates to the bucket name
if (Valid::not_empty($bucket_name) and strcmp($bucket_name, $this->bucket['name']) !== 0) {
$bucket_id = $this->bucket['id'];
$parameters = array('name' => $bucket_name, 'public' => (bool) $this->request->post('bucket_publish'));
//
if (($bucket = $this->bucket_service->modify_bucket($bucket_id, $parameters, $this->user)) != FALSE) {
$session->set('message', __("Bucket settings successfully saved"));
// Reload the settings page using the updated bucket name
$this->redirect($bucket['url'] . '/settings', 302);
} else {
$session->set('error', __("The bucket settings could not be updated"));
}
}
}
// Set the messages and/or error messages
$this->template->content->set('message', $session->get('message'))->set('error', $session->get('error'));
$this->settings_content = View::factory('pages/bucket/settings/display')->bind('bucket', $this->bucket)->bind('collaborators_view', $collaborators_view);
// Collaboraotors view
$collaborators_view = View::factory('/template/collaborators')->bind('fetch_url', $fetch_url)->bind('collaborator_list', $collaborators);
$fetch_url = $this->bucket_base_url . '/collaborators';
$collaborators = json_encode($this->bucket_service->get_collaborators($this->bucket['id']));
$session->delete('message');
$session->delete('error');
}
public function action_index()
{
$auth = Auth::instance();
//si el usuario esta logeado entocnes mostramos el menu
if ($auth->logged_in()) {
//View::set_global('pass', $auth->hash_password('admin'));
$user = ORM::factory('users')->where('id', '=', $auth->get_user())->find();
$session = Session::instance();
$session->set('nombreUsuario', $user->nombre);
} else {
$this->request->redirect(URL::base() . 'login');
if (isset($_POST['submit'])) {
$validate = Validation::factory($this->request->post());
$validate->rule('usuario', 'not_empty')->rule('password', 'not_empty');
if ($validate->check()) {
$user = $auth->login(Arr::get($_POST, 'usuario'), Arr::get($_POST, 'password'));
if ($user) {
$this->request->redirect('index');
} else {
Request::current()->redirect('login');
}
}
}
$this->template->title = 'Login';
//$this->template->header = View::factory ('templates/menu');
$this->template->content = View::factory('admin/login');
}
}
/**
* Возвращает объект для взаимодействия с сессией.
*/
public static function instance()
{
if (null === self::$instance) {
self::$instance = new Session();
}
return self::$instance;
}
/**
* The before() method is called before your controller action.
* In our template controller we override this method so that we can
* set up default values. These variables are then available to our
* controllers if they need to be modified.
*/
public function before()
{
//Run any before if needed
parent::before();
//Open session
$this->session = Session::instance();
//Check user auth and role
$action_name = Request::instance()->action;
if (is_array($this->secure_actions) && array_key_exists($action_name, $this->secure_actions) && Auth::instance()->logged_in($this->secure_actions[$action_name]) === FALSE) {
if (Auth::instance()->logged_in()) {
Request::instance()->redirect('admin/site/noaccess');
} else {
Request::instance()->redirect('admin/site/signin');
}
}
if ($this->auto_render) {
// Initialize empty values
$this->template->title = '';
$this->template->meta_keywords = '';
$this->template->meta_description = '';
$this->template->meta_copywrite = '';
$this->template->header = '';
$this->template->content = '';
$this->template->footer = '';
$this->template->styles = array();
$this->template->scripts = array();
$this->template->section_title = ' ';
}
}
public function action_index()
{
$message = false;
$user = false;
if (Arr::get($_POST, 'hidden') == 'form_sent') {
if (Auth::instance()->login(Arr::get($_POST, 'username'), Arr::get($_POST, 'password'), Arr::get($_POST, 'remember'))) {
$user = Auth::instance()->get_user();
Session::instance()->set('username', $user->name . ' ' . $user->surname)->set('language', $user->language)->set('listsize', $user->listsize);
}
}
if (Auth::instance()->logged_in()) {
$user = Auth::instance()->get_user();
Session::instance()->set('username', $user->name . ' ' . $user->surname)->set('language', $user->language)->set('listsize', $user->listsize);
try {
$server_config = $user->object->as_array();
$fb_config = array('type' => 'pdo', 'connection' => array('dsn' => 'firebird:dbname=' . $server_config['config_server'] . ':' . $server_config['config_bdfile'], 'username' => $server_config['config_bduser'], 'password' => $server_config['config_bdpass']));
Session::instance()->set('fb_config', $fb_config);
$fb = Database::instance('fb', $fb_config);
//$fb->connect();
$this->request->redirect('/admin/');
} catch (Database_Exception $e) {
$message = __('error.connection_db');
Auth::instance()->logout();
}
}
$this->request->response = View::factory('login', array('message' => $message));
}
/**
* Template loading and setup routine.
*/
public function __construct()
{
parent::__construct();
// checke request is ajax
$this->ajax_request = request::is_ajax();
// Load the template
$this->template = new View($this->template);
if ($this->auto_render == TRUE) {
Event::add('system.post_controller', array($this, '_render'));
}
/**
* 判断用户登录情况
*/
if (isset($_REQUEST['session_id'])) {
$session = Session::instance($_REQUEST['session_id']);
$manager = role::get_manager($_REQUEST['session_id']);
} else {
$session = Session::instance();
$manager = role::get_manager();
}
/* 当前请求的URL */
$current_url = urlencode(url::current(TRUE));
//当前用户管理的站点的ID
$this->site_id = site::id();
}
public function instance()
{
if (!isset(self::$instance)) {
self::$instance = new Session();
}
return self::$instance;
}
/**
* On first session instance creation, sets up the driver and creates session.
*
* @param string Force a specific session_id
*/
protected function __construct($session_id = NULL)
{
$this->input = Input::instance();
// This part only needs to be run once
if (Session::$instance === NULL) {
// Load config
Session::$config = Kohana::config('session');
// Makes a mirrored array, eg: foo=foo
Session::$protect = array_combine(Session::$protect, Session::$protect);
// Configure garbage collection
ini_set('session.gc_probability', (int) Session::$config['gc_probability']);
ini_set('session.gc_divisor', 100);
ini_set('session.gc_maxlifetime', Session::$config['expiration'] == 0 ? 86400 : Session::$config['expiration']);
// Create a new session
$this->create(NULL, $session_id);
if (Session::$config['regenerate'] > 0 and $_SESSION['total_hits'] % Session::$config['regenerate'] === 0) {
// Regenerate session id and update session cookie
$this->regenerate();
} else {
// Always update session cookie to keep the session alive
cookie::set(Session::$config['name'], $_SESSION['session_id'], Session::$config['expiration']);
}
// Close the session on system shutdown (run before sending the headers), so that
// the session cookie(s) can be written.
Event::add('system.shutdown', array($this, 'write_close'));
// Singleton instance
Session::$instance = $this;
}
Kohana_Log::add('debug', 'Session Library initialized');
}
public function __construct($config = array())
{
$config['salt_pattern'] = preg_split('/,\\s*/', $config['salt_pattern']);
$this->_config = $config;
$this->_session = Session::instance();
$this->user = $this->_session->get($this->_config['session_key'], FALSE);
}
public function action_index()
{
$view = View::factory('home/my/profile');
$clients = new Model_Client();
$user_email = Session::instance()->get('email');
$get_user_data = $clients->get_user_data($user_email);
$view->valute = $clients->get_user_valute($user_email);
$view->data = $get_user_data;
$this->template->content = $view->render();
if ($this->request->method() === Request::POST) {
$valute = $this->request->post('valute');
$name = $this->request->post('name');
$surname = $this->request->post('surname');
if (empty($valute) || empty($name)) {
$this->request->redirect('profile');
}
$clients = new Model_Client();
$email = Session::instance()->get('email');
$data = array('valute' => $valute, 'name' => $name, 'surname' => $surname);
$change_user_data = $clients->change_user_data($data, $email);
if (!$change_user_data) {
throw new Exception("Error");
}
$this->request->redirect('profile');
}
}
public function __construct()
{
// Load cache
$this->cache = new Cache();
// Load Session
$this->session = Session::instance();
}
public function action_stats()
{
$data = array();
$errors = array();
$filter = Session::instance()->get('statFilter', array());
if ($this->isPressed('btnFilter')) {
$filter['FIO'] = Arr::get($_POST, 'FIO');
$filter['dateFrom'] = Arr::get($_POST, 'dateFrom');
$filter['dateTo'] = Arr::get($_POST, 'dateTo');
Session::instance()->set('statFilter', $filter);
if ($filter['dateFrom'] != '' && !Valid::mydate($filter['dateFrom'])) {
$errors['dateFrom'] = 'Дата должна быть в формате dd.mm.yyyy';
}
if ($filter['dateTo'] != '' && !Valid::mydate($filter['dateTo'])) {
$errors['dateTo'] = 'Дата должна быть в формате dd.mm.yyyy';
}
}
$material_id = $this->request->param('id', NULL);
$material = ORM::factory('material', $material_id);
$data['materialName'] = $material->materialName;
$data['stats'] = $material->getStats($material_id, $filter);
$data['count'] = count($data['stats']);
$data['filter'] = $filter;
$data['errors'] = $errors;
$this->tpl->content = View::factory('materials/stats', $data);
}
public function __construct()
{
parent::__construct();
// This must be included
$this->session = Session::instance();
$this->profiler = new Profiler();
}
public function __construct($config)
{
$this->_objects['app'] = App::instance();
$this->_objects['router'] = Router::instance();
$this->_objects['inputs'] = Inputs::instance();
$this->_objects['session'] = Session::instance();
$this->_objects['log'] = Log::factory();
if (!isset($this->app->config['database']['redis'][$config['serverId']])) {
$config['serverId'] = 0;
}
$current = $this->app->config['database']['redis'][$config['serverId']];
$current['serverId'] = $config['serverId'];
$this->_objects['db'] = Db::factory($current);
$this->_objects['infoModel'] = new Info_Model($current);
$info = $this->db->info();
$dbs = $this->infoModel->getDbs($info);
if (!isset($current['max_databases'])) {
$databasesConfig = $this->_objects['db']->config('GET', 'databases');
$current['max_databases'] = $databasesConfig['databases'];
}
// Take care of invalid dbId's. If invalid, set to first available database
if (!is_numeric($config['dbId']) || $config['dbId'] < 0 || $config['dbId'] >= $current['max_databases']) {
$config['dbId'] = $dbs[0];
}
$current['newDB'] = !in_array($config['dbId'], $dbs) ? true : false;
$current['database'] = $config['dbId'];
// Extract number of keys
foreach ($dbs as $i) {
if (preg_match('/^keys=([0-9]+),expires=([0-9]+)/', $info["db{$i}"], $matches)) {
$current['dbs'][$i] = array('id' => $i, 'keys' => $matches[1], 'name' => isset($current['dbNames'][$i]) ? $current['dbNames'][$i] : null);
}
}
$this->db->select($current['database']);
$this->app->current = $current;
}
/**
* Require the user to log in if they are not yet logged in
* @Developer Brandon Hansen
* @Date April 06, 2010
* @Return void
*/
public static function require_login()
{
if (!self::logged_in()) {
Session::instance()->set('redirect', url::current(true));
url::redirect('login');
}
}
public function session($key)
{
access::verify_csrf();
$input = Input::instance();
Session::instance()->set($key, $input->get("value"));
url::redirect($input->server("HTTP_REFERER"));
}
public function action_accessDenied()
{
$image = url::site('static/img/accessDenied.gif');
$this->session = Session::instance();
$email = $this->session->get('account_email');
if ($email) {
$email = " <b>({$email})</b>";
} else {
$email = "";
}
$this->request->response = <<<HEREDOC
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title>Access Denied</title>
</head>
<body>
<div style="text-align: center">
<h1>Access Denied</h1>
<img src="{$image}" alt="accessDenied" />
<p>Your login is not permitted in this section.</p>
<p>Let the admin know what your email{$email} address is.</p>
</div>
</body>
</html>
HEREDOC;
}
/**
* Loads Session and configuration options.
*
* @param array $config
*/
public function __construct($config = array())
{
$config['salt_pattern'] = Arr::get($config, 'salt_pattern', Kohana::$config->load('visitor')->get('salt_pattern'));
!is_array($config['salt_pattern']) and $config['salt_pattern'] = preg_split('/,\\s*/', $config['salt_pattern']);
$this->_config = $config;
$this->_session = Session::instance();
}
static function change_provider($new_provider)
{
$current_provider = module::get_var("gallery", "identity_provider");
if (!empty($current_provider)) {
module::uninstall($current_provider);
}
try {
IdentityProvider::reset();
$provider = new IdentityProvider($new_provider);
module::set_var("gallery", "identity_provider", $new_provider);
if (method_exists("{$new_provider}_installer", "initialize")) {
call_user_func("{$new_provider}_installer::initialize");
}
module::event("identity_provider_changed", $current_provider, $new_provider);
auth::login($provider->admin_user());
Session::instance()->regenerate();
} catch (Exception $e) {
static $restore_already_running;
// In case of error, make an attempt to restore the old provider. Since that's calling into
// this function again and can fail, we should be sure not to get into an infinite recursion.
if (!$restore_already_running) {
$restore_already_running = true;
// Make sure new provider is not in the database
module::uninstall($new_provider);
// Lets reset to the current provider so that the gallery installation is still
// working.
module::set_var("gallery", "identity_provider", null);
IdentityProvider::change_provider($current_provider);
module::activate($current_provider);
message::error(t("Error attempting to enable \"%new_provider\" identity provider, " . "reverted to \"%old_provider\" identity provider", array("new_provider" => $new_provider, "old_provider" => $current_provider)));
$restore_already_running = false;
}
throw $e;
}
}
public function before()
{
parent::before();
$this->session = Session::instance();
# Check user authentication
$auth_result = true;
$action_name = Request::instance()->action;
if (array_key_exists($action_name, $this->auth)) {
$auth_result = $this->_check_auth($action_name);
} else {
if (array_key_exists('*', $this->auth)) {
$auth_result = $this->_check_auth('*');
}
}
if (!$auth_result) {
if (Auth::instance()->logged_in()) {
//! \todo Flash message.
Request::instance()->redirect('user');
} else {
Request::instance()->redirect('login');
}
}
// Try to pre-fetch the template. Doesn't have to succeed.
try {
$this->template->content = View::factory(Request::instance()->controller . '/' . Request::instance()->action);
} catch (Kohana_View_Exception $e) {
}
$this->template->title = ucwords(Request::instance()->action);
$this->template->left = null;
$this->template->right = null;
$this->template->footer = null;
$this->template->no_back_button = true;
$this->template->menu = array();
}
protected function _login($username, $password, $remember)
{
$pwHash = "";
do {
$res = MyDB::loginStudent($username);
$pwHash = $res['pwHash'];
$type = 'student';
if ($pwHash != "") {
break;
}
$res = MyDB::loginCompany($username);
$pwHash = $res['CompanyPass'];
$type = 'company';
if ($pwHash != "") {
break;
}
$res = MyDB::loginAdmin($username);
$pwHash = $res['Password'];
$type = 'admin';
if ($pwHash != "") {
break;
}
} while ($pwHash == -1);
//echo $pwHash." ".$this->hash($password.$username);
if ($pwHash == $this->hash($password . $username)) {
$session = Session::instance();
$session->set('userType', $type);
$session->set('userId', $res['id_pk']);
return $this->complete_login($username);
}
return false;
}
/**
* Retrieve instance of a Session or create one if it does
* not exist.
*
* @access protected
* @return Session
*/
public static function getInstance()
{
if (!isset(self::$instance)) {
self::$instance = new self();
}
return self::$instance;
}
