示例#1
0
文件: parser.php 项目: nzukoski/Misc
function parseURI()
{
    parse_str($_SERVER['QUERY_STRING'], $params);
    $ustreamUID = $params['ustreamUID'] ? $params['ustreamUID'] : NULL;
    $longitude = $params['longitude'] ? $params['longitude'] : NULL;
    $latitude = $params['latitude'] ? $params['latitude'] : NULL;
    $event = $params['event'] ? $params['event'] : NULL;
    echo "uid: " . $ustreamUID . " latitude: " . $latitude . " longitude: " . $longitude . " event: " . $event . "<br/>";
    if ($ustreamUID && $longitude && $latitude && $event) {
        if (findUser($ustreamUID)) {
            updateUser($ustreamUID, $longitude, $latitude, $event);
        } else {
            insertUser($ustreamUID);
            updateUser($ustreamUID, $longitude, $latitude, $event);
        }
    }
}
示例#2
0
文件: join1.php 项目: razagilani/srrs
include_once $basedir . '/lib/Template.class.php';
include_once $basedir . '/lib/Reservation1.class.php';
include_once $basedir . '/lib/AnonymousUser.class.php';
$t = new Template(translate('Join Reservation'));
$t->printHTMLHeader();
$t->startMain();
$resid = htmlspecialchars($_POST['h_join_resid']);
$userid = htmlspecialchars($_POST['h_join_userid']);
$fname = htmlspecialchars(trim($_POST['h_join_fname']));
$lname = htmlspecialchars(trim($_POST['h_join_lname']));
$email_address = htmlspecialchars(trim($_POST['h_join_email']));
$found_user = false;
// Get the Reservation
$res = new Reservation($resid);
if ($res != null && !empty($resid)) {
    $found_user = findUser($userid);
    // Validate data
    if (validate_data($userid, $fname, $lname, $email) == '') {
        $user = new User();
        // Load get the userid or create one if the data is ok
        // First see if we have a user with this email address
        if (($userid == $user->get_id_by_email($email)) != false) {
            // Invite the user we found in the database
            $user = new User($userid);
            $userid = $user->get_id();
            $found_user = true;
        } else {
            if (($userid == AnonymousUser::get_id_by_email($email)) != false) {
                // There is an anonymous user with this email already, update info
                $a_user = new AnonymousUser($userid);
                $a_user->fname = $fname;
示例#3
0
文件: routes.php 项目: YSTF/vacation
| and give it the controller to call when that URI is requested.
|
*/
Route::get('/', function () {
    return redirect('vacation');
});
Route::get('vacation', function () {
    $id = Input::get('u');
    $idSelected = true;
    if ($id == null) {
        $idSelected = false;
    }
    $VDate = getVDate();
    $myApplies = getMyApplies($id);
    $users = getUsersSimple();
    $user = findUser($users, $id);
    return view('vacation', ['h1' => "내 휴가 현황", 'h1_small' => "내 남은 휴가와 휴가 사용내용을 확인합니다.", 'pagetype' => "user", 'vdate' => $VDate, 'myApplies' => $myApplies, 'users' => $users, 'user' => $user, 'id' => $id, 'idSelected' => $idSelected]);
});
Route::get('admin', function () {
    $appies = getApplies();
    return view('admin', ['h1' => "휴가 관리", 'h1_small' => "전 직원의 휴가신청서를 조회합니다.", 'pagetype' => "admin", 'applies' => $appies]);
});
Route::get('apply', function () {
    $users = getUsersSimple();
    return view('apply', ['pagetype' => "admin", 'users' => $users]);
});
Route::post('apply', function (\Illuminate\Http\Request $request) {
    //    dd($request->all());
    $name = $request->get('name');
    $started_at = $request->get('started_at');
    $ended_at = $request->get('ended_at');
示例#4
0
 /**
  * Pick a reminder type.
  * Accessed by sa=picktype
  */
 public function action_picktype()
 {
     global $context, $txt, $scripturl, $user_info, $webmaster_email, $language, $modSettings;
     checkSession();
     validateToken('remind');
     createToken('remind');
     require_once SUBSDIR . '/Auth.subs.php';
     // No where params just yet
     $where_params = array();
     // Coming with a known ID?
     if (!empty($_REQUEST['uid'])) {
         $where = 'id_member = {int:id_member}';
         $where_params['id_member'] = (int) $_REQUEST['uid'];
     } elseif (isset($_POST['user']) && $_POST['user'] != '') {
         $where = 'member_name = {string:member_name}';
         $where_params['member_name'] = $_POST['user'];
         $where_params['email_address'] = $_POST['user'];
     }
     // You must enter a username/email address.
     if (empty($where)) {
         fatal_lang_error('username_no_exist', false);
     }
     // Make sure we are not being slammed
     // Don't call this if you're coming from the "Choose a reminder type" page - otherwise you'll likely get an error
     if (!isset($_POST['reminder_type']) || !in_array($_POST['reminder_type'], array('email', 'secret'))) {
         spamProtection('remind');
     }
     $member = findUser($where, $where_params);
     $context['account_type'] = !empty($member['openid_uri']) ? 'openid' : 'password';
     // If the user isn't activated/approved, give them some feedback on what to do next.
     if ($member['is_activated'] != 1) {
         // Awaiting approval...
         if (trim($member['validation_code']) == '') {
             fatal_error($txt['registration_not_approved'] . ' <a href="' . $scripturl . '?action=activate;user='******'user'] . '">' . $txt['here'] . '</a>.', false);
         } else {
             fatal_error($txt['registration_not_activated'] . ' <a href="' . $scripturl . '?action=activate;user='******'user'] . '">' . $txt['here'] . '</a>.', false);
         }
     }
     // You can't get emailed if you have no email address.
     $member['email_address'] = trim($member['email_address']);
     if ($member['email_address'] == '') {
         fatal_error($txt['no_reminder_email'] . '<br />' . $txt['send_email'] . ' <a href="mailto:' . $webmaster_email . '">webmaster</a> ' . $txt['to_ask_password'] . '.');
     }
     // If they have no secret question then they can only get emailed the item, or they are requesting the email, send them an email.
     if (empty($member['secret_question']) || isset($_POST['reminder_type']) && $_POST['reminder_type'] == 'email') {
         // Randomly generate a new password, with only alpha numeric characters that is a max length of 10 chars.
         $password = generateValidationCode();
         require_once SUBSDIR . '/Mail.subs.php';
         $replacements = array('REALNAME' => $member['real_name'], 'REMINDLINK' => $scripturl . '?action=reminder;sa=setpassword;u=' . $member['id_member'] . ';code=' . $password, 'IP' => $user_info['ip'], 'MEMBERNAME' => $member['member_name'], 'OPENID' => $member['openid_uri']);
         $emaildata = loadEmailTemplate('forgot_' . $context['account_type'], $replacements, empty($member['lngfile']) || empty($modSettings['userLanguage']) ? $language : $member['lngfile']);
         $context['description'] = $txt['reminder_' . (!empty($member['openid_uri']) ? 'openid_' : '') . 'sent'];
         // If they were using OpenID simply email them their OpenID identity.
         sendmail($member['email_address'], $emaildata['subject'], $emaildata['body'], null, null, false, 1);
         if (empty($member['openid_uri'])) {
             // Set the password in the database.
             updateMemberData($member['id_member'], array('validation_code' => substr(md5($password), 0, 10)));
         }
         // Set up the template.
         $context['sub_template'] = 'sent';
         // Dont really.
         return;
     } elseif (isset($_POST['reminder_type']) && $_POST['reminder_type'] == 'secret') {
         return secretAnswerInput();
     }
     // No we're here setup the context for template number 2!
     $context['sub_template'] = 'reminder_pick';
     $context['current_member'] = array('id' => $member['id_member'], 'name' => $member['member_name']);
 }
示例#5
0
文件: login.php 项目: Tenjin0/PHP
<?php

session_start();
require_once "connexion.php";
// $email = htmlentities('*****@*****.**');
// $password = sha1('patman00');
// var_dump($password);
// $validation = findUser($email, $password,$db);
// var_dump($validation);
if (!empty($_POST) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) && strlen($_POST['password']) >= 6) {
    // var_dump($_POST);
    $email = htmlentities($_POST['email']);
    $password = sha1($_POST['password']);
    $validation = findUser($email, $password, $db);
    var_dump($validation);
}
?>
 
<!DOCTYPE html>
<html>
<head>
    <title>formulaire de Connexion</title>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css">
    <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css">
    <link href="./css/custom.css" rel="stylesheet">
    <!-- <link href="./css/inconnu.css" rel="stylesheet"> -->
  </head>
<body>
示例#6
0
文件: login.php 项目: yxdj/network
<?php

$username = !empty($_POST['username']) && is_string($_POST['username']) ? $_POST['username'] : '';
$password = !empty($_POST['password']) && is_string($_POST['password']) ? $_POST['password'] : '';
if ($user = findUser($username, $password)) {
    $result = ['status' => 'ok', 'data' => $user];
} else {
    $result = ['status' => 'ng', 'error' => 'username or password error!'];
}
echo json_encode($result);
function findUser($username, $password)
{
    $users = [['username' => 'test', 'password' => md5('test_pwd'), 'info' => 'test login success!'], ['username' => 'yxdj', 'password' => md5('yxdj_pwd'), 'info' => 'yxdj login success!']];
    $find = null;
    foreach ($users as $user) {
        if ($user['username'] == $username) {
            $find = $user;
            break;
        }
    }
    if ($find && $find['password'] == $password) {
        return $find;
    } else {
        return null;
    }
}
示例#7
0
function getUser($localCon, $localEmail, $localName, $localNewsletter, $code = 1)
{
    $findUserResult = findUser($localCon, $localEmail, $localNewsletter);
    if ($findUserResult == false) {
        $userInsert = "INSERT INTO `users` (`email`, `name`, `newsletter`) VALUES ('{$localEmail}', '{$localName}', '{$localNewsletter}');";
        mysqli_query($localCon, $userInsert);
        $userId = mysqli_insert_id($localCon);
        createSession($userId, false, $code);
    } else {
        $userId = $findUserResult['id'];
    }
    return $userId;
}
示例#8
0
    /**
     * Verify the activation code, and activate the user if correct.
     * Accessed by ?action=activate
     */
    public function action_activate()
    {
        global $context, $txt, $modSettings, $scripturl, $language, $user_info;
        require_once SUBSDIR . '/Auth.subs.php';
        // Logged in users should not bother to activate their accounts
        if (!empty($user_info['id'])) {
            redirectexit();
        }
        loadLanguage('Login');
        loadTemplate('Login');
        loadJavascriptFile('sha256.js', array('defer' => true));
        if (empty($_REQUEST['u']) && empty($_POST['user'])) {
            if (empty($modSettings['registration_method']) || $modSettings['registration_method'] == '3') {
                fatal_lang_error('no_access', false);
            }
            $context['member_id'] = 0;
            $context['sub_template'] = 'resend';
            $context['page_title'] = $txt['invalid_activation_resend'];
            $context['can_activate'] = empty($modSettings['registration_method']) || $modSettings['registration_method'] == '1';
            $context['default_username'] = isset($_GET['user']) ? $_GET['user'] : '';
            return;
        }
        // Get the code from the database...
        $row = findUser(empty($_REQUEST['u']) ? '
			member_name = {string:email_address} OR email_address = {string:email_address}' : '
			id_member = {int:id_member}', array('id_member' => isset($_REQUEST['u']) ? (int) $_REQUEST['u'] : 0, 'email_address' => isset($_POST['user']) ? $_POST['user'] : ''), false);
        // Does this user exist at all?
        if (empty($row)) {
            $context['sub_template'] = 'retry_activate';
            $context['page_title'] = $txt['invalid_userid'];
            $context['member_id'] = 0;
            return;
        }
        // Change their email address? (they probably tried a fake one first :P.)
        require_once SUBSDIR . '/Auth.subs.php';
        if (isset($_POST['new_email'], $_REQUEST['passwd']) && validateLoginPassword($_REQUEST['passwd'], $row['passwd'], $row['member_name'], true) && ($row['is_activated'] == 0 || $row['is_activated'] == 2)) {
            if (empty($modSettings['registration_method']) || $modSettings['registration_method'] == 3) {
                fatal_lang_error('no_access', false);
            }
            // @todo Separate the sprintf?
            require_once SUBSDIR . '/DataValidator.class.php';
            if (!Data_Validator::is_valid($_POST, array('new_email' => 'valid_email|required|max_length[255]'), array('new_email' => 'trim'))) {
                fatal_error(sprintf($txt['valid_email_needed'], htmlspecialchars($_POST['new_email'], ENT_COMPAT, 'UTF-8')), false);
            }
            // Make sure their email isn't banned.
            isBannedEmail($_POST['new_email'], 'cannot_register', $txt['ban_register_prohibited']);
            // Ummm... don't even dare try to take someone else's email!!
            // @todo Separate the sprintf?
            if (userByEmail($_POST['new_email'])) {
                fatal_lang_error('email_in_use', false, array(htmlspecialchars($_POST['new_email'], ENT_COMPAT, 'UTF-8')));
            }
            updateMemberData($row['id_member'], array('email_address' => $_POST['new_email']));
            $row['email_address'] = $_POST['new_email'];
            $email_change = true;
        }
        // Resend the password, but only if the account wasn't activated yet.
        if (!empty($_REQUEST['sa']) && $_REQUEST['sa'] == 'resend' && ($row['is_activated'] == 0 || $row['is_activated'] == 2) && (!isset($_REQUEST['code']) || $_REQUEST['code'] == '')) {
            require_once SUBSDIR . '/Mail.subs.php';
            $replacements = array('REALNAME' => $row['real_name'], 'USERNAME' => $row['member_name'], 'ACTIVATIONLINK' => $scripturl . '?action=activate;u=' . $row['id_member'] . ';code=' . $row['validation_code'], 'ACTIVATIONLINKWITHOUTCODE' => $scripturl . '?action=activate;u=' . $row['id_member'], 'ACTIVATIONCODE' => $row['validation_code'], 'FORGOTPASSWORDLINK' => $scripturl . '?action=reminder');
            $emaildata = loadEmailTemplate('resend_activate_message', $replacements, empty($row['lngfile']) || empty($modSettings['userLanguage']) ? $language : $row['lngfile']);
            sendmail($row['email_address'], $emaildata['subject'], $emaildata['body'], null, null, false, 0);
            $context['page_title'] = $txt['invalid_activation_resend'];
            // This will ensure we don't actually get an error message if it works!
            $context['error_title'] = '';
            fatal_lang_error(!empty($email_change) ? 'change_email_success' : 'resend_email_success', false);
        }
        // Quit if this code is not right.
        if (empty($_REQUEST['code']) || $row['validation_code'] != $_REQUEST['code']) {
            if (!empty($row['is_activated'])) {
                fatal_lang_error('already_activated', false);
            } elseif ($row['validation_code'] == '') {
                loadLanguage('Profile');
                fatal_error($txt['registration_not_approved'] . ' <a href="' . $scripturl . '?action=activate;user='******'member_name'] . '">' . $txt['here'] . '</a>.', false);
            }
            $context['sub_template'] = 'retry_activate';
            $context['page_title'] = $txt['invalid_activation_code'];
            $context['member_id'] = $row['id_member'];
            return;
        }
        // Let the integration know that they've been activated!
        call_integration_hook('integrate_activate', array($row['member_name']));
        // Validation complete - update the database!
        updateMemberData($row['id_member'], array('is_activated' => 1, 'validation_code' => ''));
        // Also do a proper member stat re-evaluation.
        updateStats('member', false);
        if (!isset($_POST['new_email'])) {
            require_once SUBSDIR . '/Notification.subs.php';
            sendAdminNotifications('activation', $row['id_member'], $row['member_name']);
        }
        $context += array('page_title' => $txt['registration_successful'], 'sub_template' => 'login', 'default_username' => $row['member_name'], 'default_password' => '', 'never_expire' => false, 'description' => $txt['activate_success']);
    }
     if (!findUser($row2["nick1"], $dbh)) {
         //aggiungi user1 a users
         $q3 = "SELECT DISTINCT u.id as id, u.nick as nick, u.profile_url as pu FROM users u WHERE u.research='" . $research_code . "' AND u.nick='" . str_replace("'", "''", $row2["nick1"]) . "'";
         $r3 = $dbh->query($q3);
         if ($r3) {
             foreach ($r3 as $row3) {
                 $u = array();
                 $u["id"] = $row3["nick"];
                 $u["nick"] = $row3["nick"];
                 $u["pu"] = $row3["pu"];
                 $results["nodes"][] = $u;
             }
             $r3->closeCursor();
         }
     }
     if (!findUser($row2["nick2"], $dbh)) {
         //aggiungi user1 a users
         $q3 = "SELECT DISTINCT u.id as id, u.nick as nick, u.profile_url as pu FROM users u WHERE u.research='" . $research_code . "' AND u.nick='" . $row2["nick2"] . "'";
         $r3 = $dbh->query($q3);
         if ($r3) {
             foreach ($r3 as $row3) {
                 $u = array();
                 $u["id"] = $row3["nick"];
                 $u["nick"] = $row3["nick"];
                 $u["pu"] = $row3["pu"];
                 $results["nodes"][] = $u;
             }
             $r3->closeCursor();
         }
     }
 }
<?php

include '../lib/mysql.php';
include '../../Sender/Email_sender.php';
session_start();
$mysqli = connectToMySQL();
$ownerID = findUser($mysqli, $_SESSION['email'], true);
$surveyName = $_POST['name'];
$query = 'INSERT INTO surveys (name, emails, data, start, end, owner) VALUES (?, ?, ?, ?, ?, ?)';
$stmt = $mysqli->prepare($query);
$null = NULL;
$stmt->bind_param('sbbssi', $surveyName, $null, $null, $_POST['startDate'], $_POST['endDate'], $ownerID);
$stmt->send_long_data(1, mysql_escape_string($_POST['emails']));
$stmt->send_long_data(2, mysql_escape_string($_POST['data']));
if ($stmt->execute()) {
    echo 'true';
} else {
    die('Error : (' . $mysqli->errno . ') ' . $mysqli->error);
}
$survey_id = $mysqli->insert_id;
$stmt->close();
$es = new email_sender();
$send_data = [];
$emailList = str_replace('%2B', '+', htmlspecialchars($_POST['emails']));
$emails = explode(" ", $emailList);
$query = "SELECT username, email FROM users WHERE id = ? LIMIT 1";
$statement = $mysqli->prepare($query);
$statement->bind_param('s', $ownerID);
$statement->execute();
$statement->bind_result($username, $email);
$sender = $statement->fetch();
//only accessible if logged in as instructor
session_start();
if (!isset($_SESSION['loggedInUser']) || $_SESSION['isInstructor'] != '1') {
    redirectTo("index.php");
}
// user to edit
$username = $_GET['user'];
// no access to default user
if ($username == 'admin') {
    redirectTo("index.php");
}
if (isset($_POST['submit'])) {
    // form was submitted
    $username = $_POST['user'];
    $currentpassword = sha1($_POST['inputCurrentPassword']);
    $user = findUser($_SESSION['loggedInUser']);
    $passwordsMatch = $currentpassword == $user['password'] ? true : false;
    if (!$passwordsMatch) {
        $msg = "Your current password was entered incorrectly. " . $username . "'s password was not changed.";
    } else {
        $newpassword = sha1($_POST['inputPassword']);
        modifyUser($username, $newpassword);
        redirectTo("accounts_manage.php");
    }
}
ob_flush();
include_once "templates/page_head.php";
?>
<div class="container">
    <?php 
include_once "templates/navigation.php";
示例#12
0
<?php

include "template-top.php";
$showForm = TRUE;
if (isset($_REQUEST['submit'])) {
    $username = $_REQUEST['username'];
    $password = $_REQUEST['password'];
    if ($username == "" or $password == "") {
        echo '<p class="bg-info">Please enter a username and password to login.</p>';
    } else {
        if (findUser($username, $password) != FALSE) {
            loginUser(findUser($username, $password), $username);
            $showForm = FALSE;
        } else {
            echo "That username password combination was not found.";
        }
    }
}
?>

<?php 
if ($showForm == TRUE) {
    ?>
<form action="login.php" method="GET">
	<input name="username" type="text"><br /><br />
	<input name="password" type="text"><br />
	<input name="submit" type="submit" value="Login">
</form>
<?php 
} else {
    echo "Welcome back " . $_SESSION['username'];
<?php

include './lib/mysql.php';
$mysqli = connectToMySQL();
$postUsername = htmlspecialchars($_POST['username']);
$postEmail = str_replace('%2B', '+', htmlspecialchars($_POST['email']));
$postPassword = hash('sha256', htmlspecialchars($_POST['password']));
if ($postUsername == false || $postEmail == false || $_POST['password'] == false) {
    die('Not all data recieved on registration!');
}
if (findUser($mysqli, $postEmail, false)) {
    echo 'false';
} else {
    //values to be inserted in database table
    $username = '******' . $mysqli->real_escape_string($postUsername) . '"';
    $email = '"' . $mysqli->real_escape_string($postEmail) . '"';
    $password = '******' . $mysqli->real_escape_string($postPassword) . '"';
    $insert_row = $mysqli->query("INSERT INTO users (username, email, password) VALUES({$username}, {$email}, {$password})");
    if ($insert_row) {
        echo 'true';
    } else {
        die('Error : (' . $mysqli->errno . ') ' . $mysqli->error);
    }
}
示例#14
0
        ?>
					<div id="login">
						<form action="<?php 
        echo htmlspecialchars($_SERVER["PHP_SELF"]);
        ?>
" method="post" accept-charset="utf-8">
							<label for="searchName">Enter name:</label>
							<input type="text" name="searchName" value="<?php 
        echo $searchName;
        ?>
" id="searchName"/>
							<input type="submit" value="search"/>
						</form>
					</div>
					<?php 
        findUser($searchName, $thokens);
    } else {
        echo '<p class="error"> toiaga </p>';
    }
} else {
    ?>
				<div id="login">
					<form action="<?php 
    echo htmlspecialchars($_SERVER["PHP_SELF"]);
    ?>
" method="post" accept-charset="utf-8">
						<label for="searchName">Enter name:</label>
						<input type="text" name="searchName" value="" id="searchName"/>
							<input type="submit" name="search" value="search"/>
						
					</form>
示例#15
0
ob_start();
require_once "model.php";
//only accessible if logged in as instructor
session_start();
if (!isset($_SESSION['loggedInUser']) || $_SESSION['isInstructor'] != '1') {
    redirectTo("index.php");
}
if (isset($_POST['submit'])) {
    // form was submitted
    $username = $_POST['inputUsername'];
    $firstname = $_POST['inputFirstName'];
    $lastname = $_POST['inputLastName'];
    $password = sha1($_POST['inputPassword']);
    // check for duplicate user
    // user with that name exists
    if (findUser($username) != null) {
        $msg = "Can't add user {$username}, the user already exists.";
    } else {
        // add user
        addUser($username, $firstname, $lastname, $password);
        $msg = "User {$username} added.";
    }
} else {
    // form was not submitted (GET request)
    $msg = "Add User";
}
ob_flush();
include_once "templates/page_head.php";
?>

<div class="container">
示例#16
0
<?php

ob_start();
require_once "model.php";
// form was submitted
if (isset($_POST['submit'])) {
    $username = $_POST['inputUsername'];
    $passwordEntered = sha1($_POST['inputPassword']);
    // find user in db
    $found_user = findUser($username);
    if (!empty($found_user['username'])) {
        // password matches
        $logged_in = $passwordEntered == $found_user['password'] ? true : false;
        if ($logged_in) {
            session_start();
            $_SESSION['loggedInUser'] = $found_user['username'];
            $_SESSION['isInstructor'] = $found_user['is_instructor'];
            redirectTo("index.php");
        } else {
            //            echo "incorrect pass";
            $msg = "Incorrect Username/Password";
        }
    } else {
        //        echo "incorrect user";
        $msg = "Incorrect Username/Password";
    }
} else {
    $msg = "Please Log In";
}
include_once "templates/page_head.php";
ob_flush();
示例#17
0
<?php

/**
 * Created by PhpStorm.
 * User: Tuan
 * Date: 10/14/2015
 * Time: 16:52
 */
if (isLoggedIn()) {
    redirect('index');
}
if (isPostRequest()) {
    $email = _post('email');
    $password = hashPassword(_post('password'));
    $user = findUser($email);
    if (!empty($user) && $user['password'] == $password) {
        loggedIn($user);
        redirect('index');
    } else {
        $G['errors'][] = 'login fail';
    }
}
render('login', array('header' => false, 'footer' => false));
示例#18
0
         if (isset($_POST['index'])) {
             $startIndex = $_POST['index'];
         } else {
             $startIndex = 1;
         }
     } else {
         $cid = $_GET['CID'];
         $memberID = $_GET['MID'];
         $data = $_GET['data'];
         if (isset($_GET['index'])) {
             $startIndex = $_GET['index'];
         } else {
             $startIndex = 1;
         }
     }
     $result = findUser($data, $memberID, $cid, $startIndex);
     if ($result == 'No Friend Found') {
     } else {
         $content['Friends'] = $result;
         echo json_encode($content);
     }
 } else {
     if ($reason == "Send Request") {
         if (isset($_POST['reason'])) {
             $memberID = $_POST['MID'];
             $myID = $_POST['UID'];
         } else {
             $memberID = $_GET['MID'];
             $myID = $_GET['UID'];
         }
         cancelRequest($myID, $memberID);
    exit(1);
}
// Get course id
$cid = getCID();
// Test permissions
if (!$user->hasPrivilege("canAssignExaminator")) {
    header("Location: ?view=accessdenied");
    exit;
}
// Namespaces to use
use PFBC\Form;
use PFBC\Element;
use PFBC\Validation;
// If form is submitted and correct
if (!empty($_POST) && Form::isValid("assignExaminator", false)) {
    $uid = findUser($_POST['username']);
    // Get current Course
    $course = $user->getCourse($cid);
    if ($uid == -1) {
        Form::setError('assignExaminator', 'Error: Unable to find that user.');
        header("Location: ?view=assignexaminator&cid={$cid}");
        exit;
    } else {
        Form::clearValues('assignExaminator');
    }
    // Add user to examinators
    $course->addExaminator($uid);
    echo '<h3>Success!</h3><a href="?view=course&cid=' . $cid . '"><button class="btn btn-success">Go back</button></a>';
} else {
    $form = new Form("assignExaminator");
    $form->configure(array("action" => "?view=assignexaminator&cid={$cid}"));
示例#20
0
<?php

/*处理登录操作*/
header('Content-Type:text/html;charset=utf-8');
require_once '../conn/user.dao.php';
$msg = "";
if (isset($_POST["uName"])) {
    //用户名不能为空
    $curUser = findUser($_POST["uName"]);
    //根据用户名查询用户信息
    if (isset($curUser) && $curUser["uPass"] == $_POST["uPass"]) {
        //判断用户名与密码是否正确
        $_SESSION["current_user"] = $curUser;
        //将用户信息保存到会话中
        header("location: ../index.php");
        //成功登陆到首页
        return;
    } else {
        $msg = "用户名或密码错误";
    }
} else {
    $msg = "用户名不能为空";
}
header("location: ../error.php?msg={$msg}");