/** * ユーザのオートログイン * * @param string $session_id * * @return array */ function service_user_autologin($session_id) { // セッションを取得 $users = select_sessions(array('select' => 'user_id, keep', 'where' => array('id = :id AND expire > :expire', array('id' => $session_id, 'expire' => localdate('Y-m-d H:i:s'))))); $session = false; $user_id = null; if (!empty($users)) { // セッションを更新 $new_session_id = rand_string(); $resource = update_sessions(array('set' => array('id' => $new_session_id, 'agent' => $_SERVER['HTTP_USER_AGENT'], 'expire' => localdate('Y-m-d H:i:s', time() + $GLOBALS['config']['cookie_expire'])), 'where' => array('id = :id', array('id' => $session_id)))); if ($resource) { cookie_set('auth[session]', $new_session_id, time() + $GLOBALS['config']['cookie_expire']); } else { error('データを編集できません。'); } if ($users[0]['keep']) { // ユーザを更新 $resource = update_users(array('set' => array('loggedin' => localdate('Y-m-d H:i:s')), 'where' => array('id = :id', array('id' => $users[0]['user_id'])))); if (!$resource) { error('データを編集できません。'); } $session = true; $user_id = $users[0]['user_id']; } } return array($session, $user_id); }
function action_edit_user() { global $PAGE; $current = isset($_GET['user_id']) && is_numeric($_GET['user_id']) ? $_GET['user_id'] : null; if (!$current) { $PAGE->title = 'Добавить пользователя'; } if (isset($_POST['action']) && $_POST['action'] == 'save') { $temp = $res = array('login' => '', 'code' => '', 'display_name' => '', 'mail' => '', 'groups_ID' => array(), 'rules' => array()); $res = set_merge($res, $_POST); if ($password = $_POST['password']) { $salt = random_salt(); $password = crypt(md5($password), $salt); $res['password'] = $password; $res['salt'] = $salt; } if ($res['login'] && $res['display_name'] && $res['mail'] && $res['code'] && count($res['groups_ID']) && (isset($res['password']) || $current)) { if ($current) { if (update_users($res, "WHERE ID='{$current}'")) { push_output_message(array('title' => 'Обновлено!', 'text' => 'Пользователь успешно обновлён', 'class' => 'alert alert-success')); } else { push_output_message(array('title' => 'Ошибка!', 'text' => 'Произошла неизвестная ошибка', 'class' => 'alert alert-danger')); } $res['ID'] = $current; set_glob_content(array('body' => (object) $res)); } else { if (add_user($res)) { push_output_message(array('title' => 'Добавлено!', 'text' => 'Пользователь успешно добавлен', 'class' => 'alert alert-success')); } else { push_output_message(array('title' => 'Ошибка!', 'text' => 'Произошла неизвестная ошибка', 'class' => 'alert alert-danger')); } } } else { push_output_message(array('title' => 'Ошибка!', 'text' => 'Заполните все обязательные поля', 'class' => 'alert alert-danger')); set_glob_content(array('body' => (object) $res)); } } elseif (isset($_POST['action']) && $_POST['action'] == 'delete' && $current && delete_user($current)) { push_output_message(array('title' => 'Удалено!', 'text' => 'Пользователь успешно удалён', 'class' => 'alert alert-success')); set_glob_content(array('body' => (object) $temp)); } elseif ($current && ($user = get_user($current, 'ID, login, code, display_name, mail, groups_ID, rules', true))) { set_glob_content(array('body' => $user)); } }
case "saveprefs": saveprefs($sid); break; case "update": $stype = ""; if (intval($user) != -1) { $stype = $user; } elseif (intval($entity) != -1) { $stype = $entity; } if ($stype == "") { $stype = Session::get_session_user(); } update_profile($sid, $sname, $sdescription, $stype, $sautoenable, $auto_cat_status, $auto_fam_status, $tracker); break; case "updateusers": update_users($sid, $users); break; case "viewconfig": view_config($sid); break; default: select_profile(); break; } echo " </td></tr>"; echo " </table>"; echo "</td></tr>"; echo "</table>"; $db->close($dbconn); require_once 'footer.php';
$headers = $GLOBALS['config']['mail_headers']; // メールを送信 if (service_mail_send($to, $subject, $message, $headers) === false) { error('メールを送信できません。'); } // トランザクションを終了 db_commit(); } } if ($success) { // 認証成功 $_SESSION['auth']['user'] = array('id' => $id, 'time' => localdate()); // トランザクションを開始 db_transaction(); // 認証失敗回数をリセット $resource = update_users(array('set' => array('loggedin' => localdate('Y-m-d H:i:s'), 'failed' => null, 'failed_last' => null), 'where' => array('username = :username', array('username' => $_POST['username'])))); if (!$resource) { error('データを編集できません。'); } // ログイン状態を保持 $session = rand_string(); if (isset($_POST['session']) && $_POST['session'] === 'keep') { $keep = 1; } else { $keep = 0; } if ($session_twostep == 1 || isset($_POST['twostep_session']) && $_POST['twostep_session'] === 'keep') { $twostep = 1; } else { $twostep = 0; }
<?php require 'model.php'; ?> <!DOCTYPE HTML> <html> <head> <title>Exemple simple de site en PHP </title> </head> <body> <h1>Liste des utilisateurs</h1> <?php if (isset($_GET['action']) && $_GET['action'] == "save") { if (!empty($_GET[id])) { update_users($_GET[nom], $_GET[prenom], $_GET[id]); } else { insert_users($_GET[nom], $_GET[prenom]); } } if (isset($_GET['action']) && $_GET['action'] == "ajouter" || isset($_GET['action']) && $_GET['action'] == "modifier") { $nom = ""; $prenom = ""; $id = ""; if ($_GET['action'] == "modifier") { $result = select_one_user($_GET['id']); $user = mysqli_fetch_assoc($result); $nom = $user['nom']; $prenom = $user['prenom']; $id = $user['id']; } include 'Views/addOrModifyUserView.php';
if (!$resource) { error('指定されたユーザが見つかりません。'); } // ユーザを取得 $users = select_users(array('select' => 'email', 'where' => array('id = :id', array('id' => $_SESSION['auth']['user']['id'])))); // メール送信内容を作成 $_view['url'] = $GLOBALS['config']['http_url'] . MAIN_FILE . '/user/activate?email=' . rawurlencode($users[0]['email']) . '&token=' . $token; $to = $users[0]['email']; $subject = $GLOBALS['config']['mail_subjects']['user/activate']; $message = view('mail/user/activate.php', true); $headers = $GLOBALS['config']['mail_headers']; // メールを送信 if (service_mail_send($to, $subject, $message, $headers) === false) { error('メールを送信できません。'); } // トランザクションを終了 db_commit(); // リダイレクト redirect('/user/home?ok=send'); } else { // ユーザを編集 $resource = update_users(array('set' => array('email_activated' => 1, 'token' => null, 'token_code' => null, 'token_expire' => null), 'where' => array('email = :email AND token = :token', array('email' => $_GET['email'], 'token' => $_GET['token'])))); if (!$resource) { error('データを編集できません。'); } if (db_affected_count($resource) == 0) { error('メールアドレスを確認できません。'); } // リダイレクト redirect('/user/home?ok=activate'); }
db_transaction(); // メールアドレスを取得 $users = select_users(array('select' => 'email', 'where' => array('id = :id', array('id' => $_SESSION['auth']['user']['id'])))); // メールアドレスの変更を確認 if ($_SESSION['post']['user']['email'] === $users[0]['email']) { $email_activated = 1; } else { $email_activated = 0; } // ユーザを編集 $sets = array('username' => $_SESSION['post']['user']['username'], 'email' => $_SESSION['post']['user']['email'], 'email_activated' => $email_activated); if (!empty($_SESSION['post']['user']['password'])) { $sets['password'] = hash_crypt($_SESSION['post']['user']['password'], $password_salt . ':' . $GLOBALS['config']['hash_salt']); $sets['password_salt'] = $password_salt; } $resource = update_users(array('set' => $sets, 'where' => array('id = :id', array('id' => $_SESSION['auth']['user']['id']))), array('id' => intval($_SESSION['auth']['user']['id']), 'update' => $_SESSION['update']['user'])); if (!$resource) { error('データを編集できません。'); } // プロフィールを編集 $resource = update_profiles(array('set' => array('name' => $_SESSION['post']['profile']['name'], 'text' => $_SESSION['post']['profile']['text']), 'where' => array('user_id = :user_id', array('user_id' => $_SESSION['auth']['user']['id']))), array('id' => intval($_SESSION['auth']['user']['id']), 'update' => $_SESSION['update']['user'])); if (!$resource) { error('データを編集できません。'); } // トランザクションを終了 db_commit(); // 投稿セッションを初期化 unset($_SESSION['post']); unset($_SESSION['update']); // リダイレクト redirect('/user/modify_complete');
echo "updated user {$user->id}\n"; } } } function update_users($app_id) { $n = 0; $maxid = BoincUser::max("id"); while ($n <= $maxid) { $m = $n + 1000; $users = BoincUser::enum("id>={$n} and id<{$m}"); foreach ($users as $user) { update_user($user, $app_id); } $n = $m; } } if ($argc != 2) { die("usage: app_select_edit.php app_id\n"); } $app_id = $argv[1]; if (!BoincApp::lookup_id($app_id)) { die("No such app: {$app_id}\n"); } // change comments below for testing //echo get_new_prefs(BoincUser::lookup_id(1), $app_id); // show the new project prefs for a user, but don't update DB //update_user(BoincUser::lookup_id(1), $app_id); // update DB for a particular user update_users($app_id); // update DB for all users
<a href="manage_listings.php"><li>Manage Listings</li></a> <a href="logout.php" style="float:right;"><li>Logout</li></a> </ul> </div> <!-- Main page content: --> <div id="mainForm"> <h3>Here you can manage administrators or change your password. (Superuser "admin" cannot be deleted.)</h3> <!-- Manage users table --> <form action="manage_users.php" method="POST"> <?php // Update and show changes to admins upon POST if ($_SERVER['REQUEST_METHOD'] == 'POST') { update_users($dbc); show_users($dbc); } else { show_users($dbc); } ?> </form> <button onclick= "location.href='new_admin.php'">Add New Admin</button> <br><br><br><br><br> <!-- Password change fields --> <form action="manage_users.php" method="POST"> <?php if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Validates password and changes the password if valid if (isset($_POST['pass']) && isset($_POST['pass-repeat']) && strcmp($_POST['pass'], $_POST['pass-repeat']) == 0) {
// Files. update_files(); // Menus will be manually recreated. // Node tables. update_node_table(); // Node fields content. update_node_fields(); update_sequences_table(); // Shortcuts. update_shortcuts(); // Taxonomy terms. update_taxonomy_tables(); // Url aliases. update_url_aliases(); // Users. update_users(); // We do not migrate the watchdog at the moment. // Config update_config(); } catch (Exception $e) { $message = 'If you have just changed code (for example deployed a new module or moved an existing one) read <a href="http://drupal.org/documentation/rebuild">http://drupal.org/documentation/rebuild</a>'; if (Settings::get('rebuild_access', FALSE)) { $rebuild_path = $GLOBALS['base_url'] . '/rebuild.php'; $message .= " or run the <a href=\"{$rebuild_path}\">rebuild script</a>"; } // Set the response code manually. Otherwise, this response will default to a // 200. http_response_code(500); print $message; throw $e; }
<?php import('libs/plugins/hash.php'); // フォワードを確認 if (forward() === null) { error('不正なアクセスです。'); } // 投稿データを確認 if (empty($_SESSION['post'])) { // リダイレクト redirect('/password'); } // トランザクションを開始 db_transaction(); // パスワードのソルトを作成 $password_salt = hash_salt(); // ユーザを編集 $resource = update_users(array('set' => array('password' => hash_crypt($_SESSION['post']['user']['password'], $password_salt . ':' . $GLOBALS['config']['hash_salt']), 'password_salt' => $password_salt, 'token' => null, 'token_code' => null, 'token_expire' => null), 'where' => array('email = :email', array('email' => $_SESSION['post']['user']['key']))), array('id' => intval($_SESSION['post']['user']['id']), 'update' => $_SESSION['update']['user'])); if (!$resource) { error('データを編集できません。'); } // トランザクションを終了 db_commit(); // 投稿セッションを初期化 unset($_SESSION['post']); unset($_SESSION['update']); unset($_SESSION['expect']); // リダイレクト redirect('/password/complete');
<?php import('libs/plugins/hash.php'); // フォワードを確認 if (forward() === null) { error('不正なアクセスです。'); } // 投稿データを確認 if (empty($_SESSION['post'])) { // リダイレクト redirect('/user/twostep'); } // トランザクションを開始 db_transaction(); // ユーザを編集 $resource = update_users(array('set' => array('twostep' => $_SESSION['post']['user']['twostep'], 'twostep_email' => $_SESSION['post']['user']['twostep_email']), 'where' => array('id = :id', array('id' => $_SESSION['auth']['user']['id']))), array('id' => intval($_SESSION['auth']['user']['id']), 'update' => $_SESSION['update']['user'])); if (!$resource) { error('データを編集できません。'); } // トランザクションを終了 db_commit(); // 投稿セッションを初期化 unset($_SESSION['post']); unset($_SESSION['update']); // リダイレクト redirect('/user/twostep_complete');
function vm_edit_users_check() { $IDs = array(); $Delete_IDs = array(); $dirty_IDs = array(); // Get all IDs from Form foreach ($_POST as $index => $value) { if (startsWith($index, "ID_")) { $IDs[] = str_replace("ID_", "", $index); } elseif (startsWith($index, "Delete_")) { $Delete_IDs[] = str_replace("Delete_", "", $index); } } // Now check for dirty elements foreach ($IDs as $id) { if ($_POST['username_' . $id] != $_POST['username_new_' . $id] || $_POST['debt_' . $id] != $_POST['debt_new_' . $id] || $_POST['state_' . $id] != $_POST['state_new_' . $id] || $_POST['comment_' . $id] != $_POST['comment_new_' . $id]) { // This is a dirty ID $dirty_IDs[] = $id; } } $edited_users = array(); // create User Objects for edited users foreach ($dirty_IDs as $id) { $user = new User(); $user->comment = $_POST['comment_new_' . $id]; $user->username = $_POST['username_new_' . $id]; $user->debt = floatval(str_replace(",", ".", $_POST['debt_new_' . $id])); $user->state = $_POST['state_new_' . $id]; $user->iD = $id; $edited_users[] = $user; } if (count($edited_users) > 0) { $response = update_users($edited_users); } if (count($Delete_IDs) > 0) { $response2 = delete_users($Delete_IDs); } $resp; if (isset($response) && !isset($response2)) { $resp = $response; } elseif (isset($response2) && !isset($response)) { $resp = $response2; } elseif (isset($response2) && isset($response)) { $resp = $response; $resp->status &= $response2->status; $resp->errorDescription = $resp->errorDescription . " " . $response2->errorDescription; } else { return ""; } return $resp; }
} else { $warnings = array(); } // 入力データを検証&登録 if (isset($_POST['_type']) && $_POST['_type'] === 'json') { if (empty($warnings)) { ok(); } else { warning($warnings); } } else { if (empty($warnings)) { // トランザクションを開始 db_transaction(); // パスワード再発行用URLを通知 $resource = update_users(array('set' => array('token' => rand_string(), 'token_code' => rand_number(1000, 9999), 'token_expire' => localdate('Y-m-d H:i:s', time() + 60 * 60 * 24)), 'where' => array('email = :email', array('email' => $_POST['email'])))); if (!$resource) { error('指定されたメールアドレスが見つかりません。'); } $users = select_users(array('where' => array('email = :email', array('email' => $_POST['email'])))); // メール送信内容を作成 $_view['url'] = $GLOBALS['config']['http_url'] . MAIN_FILE . '/password/form?key=' . rawurlencode($users[0]['email']) . '&token=' . $users[0]['token']; $_SESSION['expect']['token_code'] = $users[0]['token_code']; $to = $users[0]['email']; $subject = $GLOBALS['config']['mail_subjects']['password/send']; $message = view('mail/password/send.php', true); $headers = $GLOBALS['config']['mail_headers']; // メールを送信 if (service_mail_send($to, $subject, $message, $headers) === false) { error('メールを送信できません。'); }