/** * Log a user in by checking its username and password */ public function loginAction() { $authHandler = $this->getAuthHandler(); if ($authHandler->isSecured()) { $this->redirectHome(); } $user = $authHandler->login($_POST['username'], $_POST['password']); if ($user === null) { flash_now('error', __('Wrong username or password')); return $this->loginFormAction(); // forward to login form } else { $this->redirectHome(); } }
function html_default_layout($vars) { extract($vars); ?> <!DOCTYPE html> <html lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>Flash features test</title> </head> <body> <article> <?php echo $content; ?> <?php if (!empty($flash)) { ?> <section> <h2>Current flash messages ( flash_now() / $flash )</h2> <pre><code> <?php echo var_dump(flash_now()); ?> </code></pre> </section> <?php } ?> </article> <hr> <nav> <p><strong>Menu:</strong> <a href="<?php echo url_for('/'); ?> ">One</a> | <a href="<?php echo url_for('two'); ?> ">Two</a> | <a href="<?php echo url_for('three'); ?> ">Three</a> | <a href="<?php echo url_for('four'); ?> ">Four</a> | <a href="<?php echo url_for('five'); ?> ">Five</a> | <a href="<?php echo url_for('six'); ?> ">Six</a> </p> </nav> </body> </html> <?php }
/** * Returns a string to output * * It might use a a template file or function, a formatted string (like {@link sprintf()}). * It could be embraced by a layout or not. * Local vars can be passed in addition to variables made available with the {@link set()} * function. * * @param string $content_or_func * @param string $layout * @param string $locals * @return string */ function render($content_or_func, $layout = '', $locals = array()) { $args = func_get_args(); $content_or_func = array_shift($args); $layout = count($args) > 0 ? array_shift($args) : layout(); $view_path = file_path(option('views_dir'), $content_or_func); $vars = array_merge(set(), $locals); $flash = flash_now(); if (array_key_exists('flash', $vars)) { trigger_error('A $flash variable is already passed to view. Flash messages will only be accessible through flash_now()', E_USER_NOTICE); } else { if (!empty($flash)) { $vars['flash'] = $flash; } } $infinite_loop = false; # Avoid infinite loop: this function is in the backtrace ? if (function_exists($content_or_func)) { $back_trace = debug_backtrace(); while ($trace = array_shift($back_trace)) { if ($trace['function'] == strtolower($content_or_func)) { $infinite_loop = true; break; } } } if (function_exists($content_or_func) && !$infinite_loop) { ob_start(); call_user_func($content_or_func, $vars); $content = ob_get_clean(); } elseif (file_exists($view_path)) { ob_start(); extract($vars); include $view_path; $content = ob_get_clean(); } else { if (substr_count($content_or_func, '%') !== count($vars)) { $content = $content_or_func; } else { $content = vsprintf($content_or_func, $vars); } } if (empty($layout)) { return $content; } return render($layout, null, array('content' => $content)); }
private function returnError($msg, $template) { if ($this->isXhrRequest()) { return json(array('status' => 'error', 'statusText' => $msg)); } else { flash_now('error', $msg); return html($template); } }
/** * Removes a specific or all flash values immediately. * * @param string $key Flash key; leave empty to remove all flash values * * @return bool Boolean true on success, false otherwise */ function flash_remove($key = null) { if (func_num_args()) { return !is_null(flash($key, null)); } else { $keys = array_merge(array_keys(flash()), array_keys(flash_now())); foreach ($keys as $key) { flash($key, null); } } return true; }
function contact() { set('route', '/contact'); set('page_title', 'Contact'); layout('forms_layout.php'); set('recaptcha', recaptcha_get_html(Config::get_key('recaptcha_pubkey'))); if (flash_now('fail')) { set('c', $_SESSION['c']); } return html('contact.php'); }
function before() { // Load flash get_flash_messages(flash_now()); /* * Other application tasks */ // Footer $db = option('db'); $footer = array(); if ($result = $db->qry('SELECT username FROM {{users}} WHERE active = 1 ORDER BY username')) { while ($obj = $result->fetch_object()) { $footer[] = array('name' => $obj->username, 'path' => '/picks/' . strtolower($obj->username)); } } option('footer', $footer); }
/** * Action called to update values of an existing user. */ public function updateAction() { // TODO prevent CSRF $this->secure('admin'); $user = Fz_Db::getTable('User')->findById(params('id')); $user->setUsername($_POST['username']); if (0 < strlen($_POST['password'])) { $user->setPassword($_POST['password']); } $user->setFirstname($_POST['firstname']); $user->setLastname($_POST['lastname']); $user->setIsAdmin($_POST['is_admin'] == 'on'); $user->setEmail($_POST['email']); if (0 === count($user->isValid('update'))) { $user->save(); return redirect_to('/admin/users'); } else { $errors = ''; foreach ($user->isValid('update') as $error) { $errors .= $error . "<br />"; } flash_now('error', $errors); return $this->editAction(); } }
</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <link rel="stylesheet" type="text/css" href="css/zebra_form.css" /> </head> <body> <h1><?php echo htmlspecialchars($title); ?> </h1> <?php $info = flash_now('info'); if ($info != null) { printf("<p style=\"color: blue\">%s</p>\n", htmlspecialchars($info)); } $error = flash_now('error'); if ($error != null) { printf("<p style=\"color: red\">%s</p>\n", htmlspecialchars($error)); } ?> <?php echo $content; ?> <script src="js/jquery-1.11.3.min.js"></script> <script src="js/zebra_form.js"></script> </body> </html>
<div class="panel-heading"> <span class="hikaru-mozi">偽画面にご注意ください!</span> </div> <div class="panel-body"> <p>偽のログイン画面を表示しお客様の情報を盗み取ろうとする犯罪が多発しています。</p> <p>ログイン直後にダウンロード中や、見知らぬウィンドウが開いた場合、<br>すでにウィルスに感染している場合がございます。即座に取引を中止してください。</p> <p>また、残高照会のみなど、必要のない場面で乱数表の入力を求められても、<br>絶対に入力しないでください。</p> </div> </div> <div class="page-header"> <h1>ログイン</h1> </div> <?php $flash = flash_now(); if (isset($flash['notice'])) { ?> <div id="notice-message" class="alert alert-danger" role="alert"><?php echo $flash['notice']; ?> </div> <?php } ?> <div class="container"> <form class="form-horizontal" role="form" action="/login" method="POST"> <div class="form-group"> <label for="input-username" class="col-sm-3 control-label">お客様ご契約ID</label> <div class="col-sm-9">