function vis_controller() { require "Models/feed_model.php"; global $session, $action, $format; if ($session['read']) { $apikey = get_apikey_read($session['userid']); } if ($action == 'list' && $session['write']) { $user = get_user($session['userid']); $output['content'] = view("api_view.php", array('user' => $user)); } // vis/realtime?feedid=1 if ($action == "realtime" && $session['read']) { $feedid = intval($_GET['feedid']); $output['content'] = view("vis/realtime.php", array('feedid' => $feedid, 'feedname' => get_feed_name($feedid))); } // vis/rawdata?feedid=1 if ($action == "rawdata" && $session['read']) { $feedid = intval($_GET['feedid']); $output['content'] = view("vis/rawdata.php", array('feedid' => $feedid, 'feedname' => get_feed_name($feedid))); } // vis/bargraph?feedid=2 if ($action == "bargraph" && $session['read']) { $feedid = intval($_GET['feedid']); $output['content'] = view("vis/bargraph.php", array('feedid' => $feedidtrystan, 'feedname' => get_feed_name($feedid))); } if ($action == 'smoothie' && $session['read']) { $output['content'] = view("vis/smoothie/smoothie.php", array()); } // vis/histgraph?feedid=3 if ($action == "histgraph" && $session['read']) { $feedid = intval($_GET['feedid']); $output['content'] = view("vis/histgraph.php", array('feedid' => $feedid, 'feedname' => get_feed_name($feedid))); } // vis/dailyhistogram?power= &kwhd= &whw= if ($action == 'dailyhistogram' && $session['read']) { $output['content'] = view("vis/dailyhistogram/dailyhistogram.php", array()); } if ($action == 'zoom' && $session['read']) { $output['content'] = view("vis/zoom/zoom.php", array()); } if ($action == 'comparison' && $session['read']) { $output['content'] = view("vis/comparison/comparison.php", array()); } if ($action == 'stacked' && $session['read']) { $output['content'] = view("vis/stacked.php", array()); } if ($action == 'threshold' && $session['read']) { $output['content'] = view("vis/threshold.php", array()); } if ($action == 'simplezoom' && $session['read']) { $output['content'] = view("vis/simplezoom.php", array()); } if ($action == "orderbars" && $session['read']) { $feedid = intval($_GET['feedid']); $output['content'] = view("vis/orderbars.php", array('feedid' => $feedid, 'feedname' => get_feed_name($feedid))); } if ($action == 'orderthreshold' && $session['read']) { $output['content'] = view("vis/orderthreshold.php", array()); } elseif ($action == 'multigraph' && $session['read']) { if ($session['write']) { $write_apikey = get_apikey_write($session['userid']); } $output['content'] = view("vis/multigraph.php", array('write_apikey' => $write_apikey)); } // vis/rawdata?feedid=1 if ($action == "edit" && $session['write']) { $feedid = intval($_GET['feedid']); $output['content'] = view("vis/edit.php", array('feedid' => $feedid, 'feedname' => get_feed_name($feedid), 'type' => get_feed_datatype($feedid))); } return $output; }
function dashboard_controller() { require "Models/dashboard_model.php"; global $path, $session, $action, $subaction, $format; $output['content'] = ""; $output['message'] = ""; //---------------------------------------------------------------------------------------------------------------------- // New dashboard //---------------------------------------------------------------------------------------------------------------------- if ($action == 'new' && $session['write']) { $dashid = new_dashboard($session['userid']); $output['message'] = _("dashboards new"); if ($format == 'html') { header("Location: ../dashboard/edit?id=" . $dashid); } } elseif ($action == 'delete' && $session['write']) { $output['message'] = delete_dashboard($session['userid'], intval($_POST["id"])); } elseif ($action == 'clone' && $session['write']) { $output['message'] = clone_dashboard($session['userid'], intval($_POST["id"])); } elseif ($action == 'list' && $session['read']) { $_SESSION['editmode'] = TRUE; if ($session['read']) { $apikey = get_apikey_read($session['userid']); } $dashboards = get_dashboard_list($session['userid'], 0, 0); $menu = build_dashboard_menu($session['userid'], "edit"); $user = get_user($session['userid']); if ($format == 'html') { $output['content'] = view("dashboard/dashboard_list_view.php", array('apikey' => $apikey, 'dashboards' => $dashboards, 'menu' => $menu, 'user' => $user)); } } elseif ($action == 'public') { $userlist = get_user_list(); $dashboard_list = array(); foreach ($userlist as $user) { $user_dash_list = get_dashboard_list($user['userid'], 1, 1); foreach ($user_dash_list as $user_dash) { $user_dash['username'] = $user['name']; $dashboard_list[] = $user_dash; } } if ($format == 'html') { $output['content'] = view("dashboard/dashboard_publiclist_view.php", array('dashboards' => $dashboard_list)); } } elseif ($action == 'thumb' && $session['read']) { $_SESSION['editmode'] = TRUE; if ($session['read']) { $apikey = get_apikey_read($session['userid']); } $dashboards = get_dashboard_list($session['userid'], 0, 0); $menu = build_dashboard_menu($session['userid'], "edit"); if ($format == 'html') { $output['content'] = view("dashboard/dashboard_thumb_view.php", array('apikey' => $apikey, 'dashboards' => $dashboards, 'menu' => $menu)); } } elseif (($action == 'run' || $action == 'view') && $session['read']) { $id = intval($_GET['id']); $alias = preg_replace('/[^a-z]/', '', $subaction); if ($action == "run") { $public = !$session['write']; $published = 1; } else { $public = 0; $published = 0; } if ($id) { // If a dashboard id is given we get the coresponding dashboard $dashboard = get_dashboard_id($session['userid'], $id, $public, $published); } elseif ($alias) { $dashboard = get_dashboard_alias($session['userid'], $alias, $public, $published); } else { // Otherwise we get the main dashboard $dashboard = get_main_dashboard($session['userid']); } // URL ENCODE... if ($format == 'json') { $output['content'] = urlencode($dashboard['content']); return $output; } $menu = build_dashboard_menu($session['userid'], $action); if ($action == "run") { // In run mode dashboard menu becomes the main menu $_SESSION['editmode'] = FALSE; $output['runmenu'] = '<div class="nav-collapse collapse">'; $output['runmenu'] .= '<ul class="nav">' . $menu . '</ul>'; if ($session['write']) { $output['runmenu'] .= "<ul class='nav pull-right'><li><a href='" . $GLOBALS['path'] . "user/logout'>" . _("Logout") . "</a></li></ul>"; } $output['runmenu'] .= "</div>"; } else { // Otherwise in view mode the dashboard menu is an additional grey menu $_SESSION['editmode'] = TRUE; $output['submenu'] = view("dashboard/dashboard_menu.php", array('id' => $dashboard['id'], 'menu' => $menu, 'type' => "view")); } //if ($dashboard_arr) //{ $apikey = get_apikey_read($session['userid']); $output['content'] = view("dashboard/dashboard_view.php", array('dashboard' => $dashboard, "apikey_read" => $apikey)); // If run mode avoid include dashboard configuration (this makes dashboard page lighter) if ($action != "run") { $output['content'] .= view("dashboard/dashboard_config.php", array('dashboard' => $dashboard)); } //} //else //{ // $output['content'] = view("dashboard_run_errornomain.php",array()); //} } elseif ($action == 'edit' && $session['write']) { $id = intval($_GET['id']); $alias = preg_replace('/[^a-z]/', '', $subaction); if ($id) { // If a dashboard id is given we get the coresponding dashboard $dashboard = get_dashboard_id($session['userid'], $id, 0, 0); } elseif ($alias) { $dashboard = get_dashboard_alias($session['userid'], $alias, 0, 0); } else { // Otherwise we get the main dashboard $dashboard = get_main_dashboard($session['userid']); } $apikey = get_apikey_read($session['userid']); $menu = build_dashboard_menu($session['userid'], "edit"); $output['content'] = view("dashboard/dashboard_edit_view.php", array('dashboard' => $dashboard, "apikey_read" => $apikey)); $output['content'] .= view("dashboard/dashboard_config.php", array('dashboard' => $dashboard)); $output['submenu'] = view("dashboard/dashboard_menu.php", array('id' => $dashboard['id'], 'menu' => $menu, 'type' => "edit")); } elseif ($action == 'ckeditor' && $session['write']) { $id = intval($_GET['id']); $alias = preg_replace('/[^a-z]/', '', $subaction); if ($id) { // If a dashboard id is given we get the coresponding dashboard $dashboard = get_dashboard_id($session['userid'], $id, 0, 0); } elseif ($alias) { $dashboard = get_dashboard_alias($session['userid'], $alias, 0, 0); } else { // Otherwise we get the main dashboard $dashboard = get_main_dashboard($session['userid']); } $menu = build_dashboard_menu($session['userid'], "ckeditor"); $output['content'] = view("dashboard/dashboard_ckeditor_view.php", array('dashboard' => $dashboard, 'menu' => $menu)); $output['submenu'] = view("dashboard/dashboard_menu.php", array('id' => $dashboard['id'], 'menu' => $menu, 'type' => "ckeditor")); } //---------------------------------------------------------------------------------------------------------------------- // SET dashboard // dashboard/set?content=<h2>HelloWorld</h2> //---------------------------------------------------------------------------------------------------------------------- if ($action == 'set' && $session['write']) { $content = $_POST['content']; if (!$content) { $content = $_GET['content']; } $id = intval($_POST['id']); if (!$id) { $id = intval($_GET['id']); } // IMPORTANT: if you get problems with characters being removed check this line: $content = preg_replace('/[^\\w\\s-.#<>?",;:=&\\/%]/', '', $content); // filter out all except characters usually used $content = db_real_escape_string($content); set_dashboard_content($session['userid'], $content, $id); if ($format == 'html') { $output['message'] = _("dashboard set"); } else { $output['message'] = "ok"; } } elseif ($action == 'setconf' && $session['write']) { $id = intval($_POST['id']); $name = preg_replace('/[^\\w\\s-]/', '', $_POST['name']); $alias = preg_replace('/[^a-z]/', '', $_POST['alias']); $description = preg_replace('/[^\\w\\s-]/', '', $_POST['description']); // Separated functions to allow set values in independent way if (isset($_POST['main'])) { set_dashboard_main($session['userid'], $id, intval($_POST['main'])); } if (isset($_POST['published'])) { set_dashboard_publish($session['userid'], $id, intval($_POST['published'])); } if (isset($_POST['public'])) { set_dashboard_public($session['userid'], $id, intval($_POST['public'])); } if (isset($_POST['name'])) { set_dashboard_name($session['userid'], $id, $name); } if (isset($_POST['alias'])) { set_dashboard_alias($session['userid'], $id, $alias); } if (isset($_POST['description'])) { set_dashboard_description($session['userid'], $id, $description); } if (isset($_POST['showdescription'])) { set_dashboard_showdescription($session['userid'], $id, intval($_POST['showdescription'])); } //set_dashboard_conf($session['userid'],$id,$name,$alias,$description,$main,$public,$published); $output['message'] = _("dashboard set configuration"); } return $output; }
function user_controller() { global $session, $action, $format, $allowusersregister; $output['content'] = ""; $output['message'] = ""; //-------------------------------------------------------------------------- // Login user (PUBLIC ACTION) // http://yoursite/emoncms/user/login?name=john&pass=test //-------------------------------------------------------------------------- if ($action == 'login') { if (isset($_POST['name']) && isset($_POST['pass']) && ($_POST['name'] && $_POST['pass'])) { $username = preg_replace('/[^\\w\\s-.]/', '', $_POST['name']); // filter out all except for alphanumeric white space and dash $username = db_real_escape_string($username); $password = db_real_escape_string($_POST['pass']); $result = user_logon($username, $password); if ($result == 0) { $output['message'] = _('Invalid username or password'); $output['content'] = view("user/login_block.php", array()); } else { $output['message'] = _('Welcome, you are now logged in'); if ($format == 'html') { header('Location: ../dashboard/list'); } } } else { $output['content'] = view('user/login_block.php', array()); } } elseif ($action == 'create' && $allowusersregister) { $username = preg_replace('/[^\\w\\s-.]/', '', $_POST["name"]); // filter out all except for alphanumeric white space and dash $username = db_real_escape_string($username); $password = db_real_escape_string($_POST["pass"]); // New option to return apikey on register - for use with drupal auth integration if ($_GET['returnapikey'] == true) { $returnapikey = true; } else { $returnapikey = false; } if (get_user_id($username) != 0) { $output['message'] = _("Sorry username already exists"); } elseif (strlen($username) < 4 || strlen($username) > 30) { $output['message'] = _("Please enter a username that is 4 to 30 characters long") . "<br/>"; } elseif (strlen($password) < 4 || strlen($password) > 30) { $output['message'] = _("Please enter a password that is 4 to 30 characters long") . "<br/>"; } else { $user = create_user($username, $password); if (!$returnapikey) { $result = user_logon($username, $password); $output['message'] = _("Your new account has been created"); } else { $output['message'] = $user['readapikey']; } if ($format == 'html') { header("Location: ../dashboard/list"); } if ($_SESSION['write']) { create_user_statistics($_SESSION['userid']); } } } elseif ($action == 'changepass' && $_SESSION['write']) { $oldpass = db_real_escape_string($_POST['oldpass']); $newpass = db_real_escape_string($_POST['newpass']); if (strlen($newpass) < 4 || strlen($newpass) > 30) { $output['message'] = _("Please enter a password that is 4 to 30 characters long") . "<br/>"; } elseif (change_password($_SESSION['userid'], $oldpass, $newpass)) { $output['message'] = _("Your password has been changed"); } else { $output['message'] = _("Invalid password"); } } elseif ($action == 'changedetails' && $_SESSION['write']) { $username = preg_replace('/[^\\w\\s-.]/', '', $_POST["username"]); $username = db_real_escape_string($username); $email = preg_replace('/[^\\w\\s-.@]/', '', $_POST["email"]); $email = db_real_escape_string($email); $id = get_user_id($username); if ($id && $id != $_SESSION['userid']) { $output['message'] = _("Sorry username already exists"); } elseif (strlen($username) < 4 || strlen($username) > 30) { $output['message'] = _("Please enter a username that is 4 to 30 characters long") . "<br/>"; } elseif (!$email) { $output['message'] = _("No email address present") . "<br/>"; } else { set_user_username($_SESSION['userid'], $username); set_user_email($_SESSION['userid'], $email); } } elseif ($action == 'newapiread' && $session['write']) { $apikey_read = md5(uniqid(mt_rand(), true)); set_apikey_read($session['userid'], $apikey_read); $output['message'] = _("New read apikey: ") . $apikey_read; if ($format == 'html') { header("Location: view"); } } elseif ($action == 'newapiwrite' && $session['write']) { $apikey_write = md5(uniqid(mt_rand(), true)); set_apikey_write($session['userid'], $apikey_write); $output['message'] = _("New write apikey: ") . $apikey_write; if ($format == 'html') { header("Location: view"); } } elseif ($action == 'logout' && $session['read']) { if ($_POST['CSRF_token'] == $_SESSION['CSRF_token']) { user_logout(); $output['message'] = _("You are logged out"); } else { reset_CSRF_token(); $output['message'] = _("Invalid token"); } if ($format == 'html') { header("Location: ../"); } } elseif ($action == 'getapiread' && $session['read']) { $apikey_read = get_apikey_read($session['userid']); $output = $apikey_read; } elseif ($action == 'getapiwrite' && $session['write']) { $apikey_write = get_apikey_write($session['userid']); $output = $apikey_write; } elseif ($action == 'view' && $session['write']) { $user = get_user($session['userid']); $stats = get_statistics($session['userid']); if ($format == 'json') { $output['content'] = json_encode($user); } if ($format == 'html') { $output['content'] = view("user_view.php", array('user' => $user, 'stats' => $stats)); } } elseif ($action == 'setlang' && $session['write']) { // Store userlang in database set_user_lang($session['userid'], $_GET['lang']); // Reload the page if ($format == 'html') { header("Location: view"); } } return $output; }