示例#1
0
 public function upload_sell_order()
 {
     $display = true;
     if (isset($_POST['sell_order_file_submit']) && trim($_POST['sell_order_file_submit']) !== '') {
         try {
             $this->form_validation->set_rules('upload_type', 'Sell Order File Type', 'trim|required|numeric');
             if ($this->form_validation->run() === false) {
                 throw new Exception(validation_errors());
             }
             $validFile = $this->_validateSellOrderFile();
             if ($_POST['upload_type'] == FILE_UPLOAD_TYPE_EBAY) {
                 $output = $this->uploader->uploadEbaySellOrderFile($_FILES['sell_order_file']);
                 $this->load->view('smart_view', array('header' => true, 'footer' => true, 'source' => 'admin/upload_file_result', 'data' => array('output' => $output)));
                 $display = false;
             }
         } catch (Exception $ex) {
             setSessionData('view_error_message', $ex->getMessage());
         }
     }
     if ($display) {
         $param = array('source' => 'admin/upload_file', 'header' => true, 'footer' => true);
         $fileUploadTypeArray = array(FILE_UPLOAD_TYPE_EBAY => 'eBay File Upload', FILE_UPLOAD_TYPE_WEBSITE => 'Website File Upload', FILE_UPLOAD_TYPE_OTHER => 'Other File Upload');
         $param['data'] = array();
         $param['data']['fileUploadTypeArray'] = $fileUploadTypeArray;
         $this->load->view('smart_view', $param);
     }
 }
示例#2
0
 public function create()
 {
     //$this->product->releaseUnusedBookedProducts();
     //die();
     if (isset($_POST['sell_order_create_submit']) && trim($_POST['sell_order_create_submit']) !== '') {
         try {
             /// first check the form inputs ///
             $validData = $this->_validateInputForCreate();
             /// now gather the customer infos and try to find/create customer ///
             $customerOption['first_name'] = $_POST['txt_first_name'];
             $customerOption['last_name'] = $_POST['txt_last_name'];
             $customerOption['ebay_id'] = $_POST['txt_ebay_id'];
             $customerOption['email'] = $_POST['txt_email'];
             $customerOption['phone'] = $_POST['txt_contact_no'];
             $customerOption['address_line_1'] = $_POST['txt_address_line_1'];
             $customerOption['address_line_2'] = $_POST['txt_address_line_2'];
             $customerOption['address_suburb'] = $_POST['txt_suburb'];
             $customerOption['address_postcode'] = $_POST['txt_postcode'];
             $customerOption['address_state_id'] = $_POST['select_state'];
             /////////////////////////////////////////////////////////////
             /// now gather infos for sell order ///
             $sellOrderOption['consignment_no'] = $_POST['txt_consignment_no'];
             $sellOrderOption['delivery_method_id'] = $_POST['select_delivery_method'];
             $sellOrderOption['sell_order_status_id'] = $_POST['select_sell_order_status'];
             $sellOrderOption['additional_comments'] = $_POST['txt_additional_comments'];
             $sellOrderOption['order_total_inc'] = $_POST['txt_price_inc'];
             $sellOrderOption['sell_source_id'] = $_POST['select_sell_source'];
             $sellOrderOption['payment_method_id'] = $_POST['select_payment_method'];
             $sellOrderOption['payment_reference_no'] = $_POST['txt_payment_reference'];
             $sellOrderOption['product_instances'] = $piArray = json_decode(trim($_POST['hdn_pi_ids']));
             /////////////////////////////////////////////////////////////////////////
             $sellOrderId = $this->sell_order->createSellOrder($customerOption, $sellOrderOption);
             setSessionData('view_success_message', "A new Sell order created successfully");
             redirect('sell/create');
         } catch (Exception $ex) {
             setSessionData('view_error_message', $ex->getMessage());
         }
     }
     $stateArray = $this->customer->getStates();
     $productArray = $this->product->getProductsWithSOHCount(false, array(PRODUCT_AVAILABLE));
     $statusArray = $this->sell_order->getSellOrderStatuses();
     $sourceArray = $this->sell_order->getSellSources();
     $deliveryArray = $this->sell_order->getDeliveryMethods();
     $paymentMethodArray = $this->sell_order->getPaymentMethods();
     $data = array('productArray' => $productArray, 'stateArray' => $stateArray, 'statusArray' => $statusArray, 'sourceArray' => $sourceArray, 'deliveryArray' => $deliveryArray, 'paymentMethodArray' => $paymentMethodArray);
     $param = array('header' => true, 'footer' => true, 'source' => 'order/create_order', 'data' => $data);
     $this->load->view('smart_view', $param);
 }
示例#3
0
function checkPassword($login, $password)
{
    $passwordFile = file('passwords.txt');
    foreach ($passwordFile as $string) {
        $usersData[explode('=', $string)[0]] = trim(explode('=', $string)[1]);
    }
    if (array_key_exists($login, $usersData)) {
        if ($usersData[$login] == $password) {
            setSessionData();
        } else {
            header('Location:/auth.php?action=errorWrongUserData');
        }
    } else {
        header('Location:/auth.php?action=errorWrongUserData');
    }
}
示例#4
0
 /**
  * Login processor for admin panel
  */
 function login()
 {
     $this->set("title", "Sevasetu | Login Processor");
     initiateSession();
     $username = sqlSafe($_POST['username']);
     $password = sqlSafe($_POST['password']);
     $adminData = $this->Admin->getAdminByUsername($username);
     if ($adminData == false) {
         $this->set("message", "Database error");
         return;
     }
     if (generateHash($password . $adminData['admins_salt']) == $adminData['admins_password']) {
         setSessionData("admin_hash", md5($adminData['admins_salt']));
         $this->set("message", "Login Successful. You will be redirected in a moment... If not then click here");
     } else {
         $this->set("message", "Username/Password Incorrect");
     }
 }
示例#5
0
文件: users.php 项目: VV0LF/PHPLevel1
function checkLoginPassword($login, $password)
{
    // Проверяем наличие логина в БД
    if (checkLoginExistence($login)) {
        // Логины хранятся в БД в нижнем регистре
        $login = mb_strtolower($login);
        // Получаем пароль для указаного пользователя
        $query = "SELECT password FROM users WHERE login = '******'";
        $result = mysqli_fetch_array(executeQuery($query, "get"))[0];
        // Сверяем пароль и устанавливаем данные сессии, в случае успешной проверки. В случае неудачи возвращаем ошибку
        if (password_verify($password, $result)) {
            setSessionData($login, $result);
        } else {
            header('Location:/?action=authentication&message=errorWrongUserData');
        }
    } else {
        header('Location:/?action=authentication&message=errorWrongUserData');
    }
}
示例#6
0
 public function view_stock_count()
 {
     $param = $dataArray = array();
     if (isset($_POST['view_stock_count_submit']) && trim($_POST['view_stock_count_submit']) !== '') {
         try {
             $this->form_validation->set_rules('product_id', 'Product', 'trim');
             $this->form_validation->set_rules('warehouse_id', 'Warehouse', 'trim');
             $this->_validateStockCountReportInput($_POST);
             //if($this->form_validation->run() === false)
             //	throw new Exception(validation_errors());
             $whProductArray = $this->product->getStockCountReportForProduct($_POST);
             if (($productId = trim($_POST['product_id'])) !== '') {
                 if (($product = $this->product->getProduct($productId)) !== false) {
                     $dataArray['searchProduct'] = $product;
                 }
             }
             $dataArray['result'] = $whProductArray;
         } catch (Exception $ex) {
             setSessionData('view_error_message', $ex->getMessage());
         }
     }
     $param['header'] = true;
     $param['footer'] = true;
     $param['source'] = 'product/view_stock_count';
     $param['data'] = $dataArray;
     $this->load->view('smart_view', $param);
 }
示例#7
0
    header("Location:?");
}
if ($_SESSION["installType"] == "BASIC") {
    header("Location:?page=3");
}
/*********************************************************
  This script is used to autogenerate the ADVANCE pages
*********************************************************/
include "lib/parameters.inc";
$group = isset($_POST["group"]) && $_POST["group"] > 0 && $_POST["group"] < sizeof($parameters) ? $_POST["group"] : 0;
$msg = "";
getSessionData($parameters[$group]["parameters"]);
if (isset($_POST['option']) && $_POST['option'] != "") {
    if ($_POST['option'] != 'Back') {
        getPostVariables($parameters[$group - 1]["parameters"]);
        setSessionData($parameters[$group - 1]["parameters"]);
        if ($_POST['option'] == "Finish") {
            header("Location:?page=3");
        }
    }
}
$withAdvanced = 0;
while (!$withAdvanced) {
    $estruct = $parameters[$group]["parameters"];
    $title = $GLOBALS["I18N"]->get($parameters[$group]['name']);
    $HTMLElements = getHTMLElements($estruct, "ADVANCED");
    $JSElements = getJSValidations($estruct, "ADVANCED");
    if (is_bool($HTMLElements) && !$HTMLElements) {
        $withAdvanced = 0;
    } else {
        $withAdvanced = 1;
示例#8
0
/**
 * Pure FileMaker login function to authenticate user with login form and FileMaker
 * @param $dbHandle -- FileMaker DB connection handle
 * @param $post -- $_POST[] array
 * @param $site_prefix -- Site prefix to include port type SSL or 80
 */
function authenticateFMOnly($dbHandle, $post, $site_prefix)
{
    global $log, $bypassPassword;
    $loginLayout = '[WEB] Login';
    $log->debug("Now entering FileMaker Authentication processing");
    $ePassword = encryptPassowrdKey($post['password']);
    $searchHandle = $dbHandle->newFindCommand($loginLayout);
    $searchHandle->addFindCriterion('User_Name_ct', "==" . $post['username']);
    $loginResult = $searchHandle->execute();
    if (FileMaker::isError($loginResult)) {
        $error = "Authentication Failure";
        $log->error("authenticateFMOnly - Login Error: " . $loginResult->getMessage() . " username " . $post['username']);
        header("location: " . $site_prefix . "login.php?error=" . $error);
        exit;
    }
    //More than one user record with the same username value is a serious error
    //TODO: redirect this error to the access error page as this is not something the user can correct on their own
    if ($loginResult->getFoundSetCount() > 1) {
        $error = "Contact System Adminstrator";
        $log->error("authenticateFMOnly - More than 1 username Error: " . $error . " username: "******"location: " . $site_prefix . "login.php?error=" . $error);
        exit;
    }
    $userRecord = $loginResult->getFirstRecord();
    $log->debug("Now have user record check if Pin or password matches");
    //TODO revisit this once the LDAP issuer is resolved at FOX this is temporary to bypass the validation
    //TODO the bypass flag should be removed once the LDAP is resolved
    if ($bypassPassword || isPasswordPinMatch($userRecord->getField('User_Password_Hash_t'), $ePassword) || isPasswordPinMatch($userRecord->getField('User_Pin_Hash_t'), $ePassword)) {
        $log->debug("Now call session creation for FM full authentication");
        setSessionData($userRecord, $site_prefix);
    } else {
        $error = "Authentication Failure";
        $log->info("loginProcessing.php - processLogin() - Last Check Authentication Error: " . $error . " username: "******"location: " . $site_prefix . "login.php?error=" . $error);
        exit;
    }
}
示例#9
0
 /**
  * Log in processor
  *
  * Starts the session if the user is validated
  */
 function loginauth()
 {
     $this->set("title", "IEEE NIEC | User Login");
     $username = sqlSafe($_POST['username']);
     $password = sqlSafe($_POST['password']);
     $salt = $this->User->getUserSalt($username);
     if ($salt == false) {
         $this->set("message", "Username/Password Invalid");
     } else {
         $inPass = $this->User->getUserPassword($username);
         if ($inPass == generateHash($password . $salt) && $this->User->getUserStatus($username) == 1) {
             $userID = $this->User->getUserID($username);
             initiateSession();
             setSessionData("user_id", md5($userID));
             setSessionData("user_username", $username);
             setSessionData("user_identifier", md5($_SERVER['HTTP_USER_AGENT'] . $_SERVER['REMOTE_ADDR']));
             $this->set("message", "Login successful");
             header("LOCATION: /indexs/home");
         } else {
             $this->set("message", "Username/Password Invalid or Account not activate.");
         }
     }
 }
示例#10
0
function checkLoginPassword($login, $password)
{
    // Проверяем наличие логина в БД
    if (checkLoginExistence($login)) {
        // Логины хранятся в БД в нижнем регистре
        $login = mb_strtolower($login);
        // Создаем подключени е БД и проверяем его. Если подключения нет прекращаем всю работу и выводим ошибку
        $galleryDbConnect = mysqli_connect('localhost', 'root', '', 'gallery_db');
        if (!$galleryDbConnect) {
            die(mysqli_connect_error());
        }
        // Получаем пароль для указаного пользователя
        $query = "SELECT password FROM users WHERE login = '******'";
        $result = mysqli_fetch_array(mysqli_query($galleryDbConnect, $query))[0];
        // Сверяем пароль и устанавливаем данные сессии, в случае успешной проверки. В случае неудачи возвращаем ошибку
        if (password_verify($password, $result)) {
            setSessionData($login);
        } else {
            header('Location:/auth.php?action=errorWrongUserData');
        }
    } else {
        header('Location:/auth.php?action=errorWrongUserData');
    }
}
示例#11
0
if ($submited) {
    /* The code above take the mission to check some mail data
          enter by the user in the Step 1.
       */
    echo "<!-- " . __FILE__ . " -->\n";
    getPostVariables($bounce_def);
    $mail_test = processPopTest($message_envelope, $bounce_mailbox_host, $bounce_mailbox_user, $bounce_mailbox_password);
    echo "<!-- mail test: " . __FILE__ . " -->\n";
    if (!$mail_test) {
        echo "<!-- getting HTML elements: " . __FILE__ . " -->\n";
        $HTMLElements = getHTMLElements($bounce_def);
        $inTheSame = 1;
        echo "<!-- AFTER getting HTML elements: " . __FILE__ . " -->\n";
        $msg = $GLOBALS["I18N"]->get("Connection refused, check your host, user or password");
    } else {
        setSessionData($bounce_def);
        //$_SESSION["bounce_envelope"] = $bm_mail;
        //$_SESSION["bounce_host"]     = $bm_host;
        //$_SESSION["bounce_user"]     = $bm_user;
        //$_SESSION["bounce_pass"]     = $bm_pass;
        $inTheSame = 0;
        header("Location:?page=" . ($page + 1));
    }
} else {
    $msg = "";
    $inTheSame = 1;
    getSessionData($bounce_def);
    $HTMLElements = getHTMLElements($bounce_def);
    $JSElements = getJSValidations($bounce_def, $_SESSION["installType"]);
}
include "installer/lib/js_nextPage.inc";
示例#12
0
include "lib/parameters.inc";
genPHPVariables($database_def, "BASIC");
if ($submited) {
    /* The code above take the mission to validate the database data
          enter by the user in the Step 0.
       */
    getPostVariables($database_def);
    $errno = check_connection($database_host, $database_user, $database_password, $database_name);
    $errno_arr = explode("|", $errno);
    $msg = $errno_arr[1];
    $_SESSION['dbCreatedSuccesfully'] = $errno_arr[2];
    if ($errno_arr[0] > 0) {
        $HTMLElements = getHTMLElements($database_def);
        $inTheSame = 1;
    } else {
        setSessionData($database_def);
        $inTheSame = 0;
        header("Location:?page=" . ($page + 1));
    }
} else {
    $msg = "";
    $inTheSame = 1;
    getSessionData($database_def);
    $HTMLElements = getHTMLElements($database_def, "BASIC");
}
include "installer/lib/js_nextPage.inc";
$dbname = $GLOBALS["I18N"]->get($GLOBALS['strJsDbName']);
$dbhost = $GLOBALS["I18N"]->get($GLOBALS['strJsDbHost']);
$dbuser = $GLOBALS["I18N"]->get($GLOBALS['strJsDbUser']);
$dbpass = $GLOBALS["I18N"]->get($GLOBALS['strJsDbPass']);
?>
示例#13
0
<?php

require_once '../include/share.php';
if ($_GET["func"] == "login") {
    $db = connectDB();
    $userid = $_POST["user_id"];
    $password = $_POST["password"];
    $userinfo = login($db, $userid, $password);
    if ($userinfo != null) {
        setSessionData("userinfo", $userinfo);
        header("Location: index.php");
    }
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<title>SYSTEM MANAGEMENT LOGIN PAGE</title>

	<link rel="stylesheet" type="text/css" href="css/styles.css" />

	<script language="JavaScript">
		
		function onCompletedLoad()
		{
			document.getElementById('user_id').focus();
			document.getElementById('user_id').select();
		}
	</script>
示例#14
0
         } else {
             $item["type" . $no] = "channel-stop";
         }
         // check if abi	is constant
         $session_abi_key = "abi_" . $row["channelid"] . "_" . $row["serverid"];
         if ($session_abi != null && $session_abi[$session_abi_key . 'time'] != null && time() - $session_abi[$session_abi_key . 'time'] > ABI_CHECK_TIMEOUT && $session_abi[$session_abi_key] != null && $session_abi[$session_abi_key] == $row["abi"] && $row["abi"] != '' && $item["type" . $no] == "channel-play" && $item["grouptype"] != 2) {
             $item["type" . $no] = "channel-alert";
         }
         if ($session_abi == null || $session_abi[$session_abi_key] != $row["abi"] || $session_abi[$session_abi_key . 'time'] == null) {
             $session_new_abi[$session_abi_key . 'time'] = time();
         } else {
             $session_new_abi[$session_abi_key . 'time'] = $session_abi[$session_abi_key . 'time'];
         }
         $session_new_abi[$session_abi_key] = $row["abi"];
     }
     setSessionData('abi_list', $session_new_abi);
     if ($item != null) {
         $data[] = $item;
     }
     responseData(true, null, $data);
     break;
 case 'get_server_setting':
     $id = getQueryData('serverid');
     $sql = "select name, ip, memo from tbl_server where delete_flag=0 and id=" . $id;
     $result = querySQL($db, $sql);
     $data = array();
     $row = mysql_fetch_assoc($result);
     if ($row) {
         /*
         					$req = array('func' => 'get_server_setting');
         					$ret = SendSocketRequest($row["ip"], STREAMSERVERPORT, $req);
示例#15
0
function checkPassword($login, $password)
{
    // Считываем строки из файла с паролями, разбиваем на имя пользователя и пароль
    $passwordFile = file('passwords.txt');
    foreach ($passwordFile as $string) {
        $usersData[explode('=', $string)[0]] = trim(explode('=', $string)[1]);
    }
    // Проверяем наличие логина в файле паролей, если такого логина нет, возвращаем на страницу авторизациис оповещением об ошибке
    if (array_key_exists($login, $usersData)) {
        // Проверяем совпадение сочетания логина и пароля, если не совпадает, возвращаем на страницу авторизациис оповещением об ошибке
        if ($usersData[$login] == $password) {
            // Вызываем функцию установки параметров сессии
            setSessionData();
        } else {
            header('Location:/auth.php?action=errorWrongUserData');
        }
    } else {
        header('Location:/auth.php?action=errorWrongUserData');
    }
}