public function index() { $this->load->library('pagination'); $data_table = $this->input->get("data_table"); //$class_table = $this->input->get("class_table"); $page = $this->input->get('page', TRUE); if (!$page) { $page = '1'; } //先取得總共有多少資料 $config['total_rows'] = $this->Message_model->get_classes_count($data_table, $keyword); //該頁的網址 $config['base_url'] = base_url() . 'message/index'; //幾筆為一頁 $config['per_page'] = 15; $start = $config['per_page'] * ($page - 1); //開始撈資料 $query = $this->Message_model->get_classes($table_name, $keyword, $config['per_page'], $start); $data['classes'] = $query; $data['table_name'] = xss_clean($table_name); $data['subject'] = xss_clean($keyword); $this->pagination->initialize($config); $this->load->view('public_program/message/message', $data); // $this->load->view('public_program/ckeditor'); }
function appLogin() { $result['success'] = true; // read request body and decode into array $requestBody = json_decode(file_get_contents('php://input'), true); // check that username/password exists in request if (array_key_exists("username", $requestBody) && array_key_exists("password", $requestBody)) { // clean data $this->load->helper('security'); $username = trim(xss_clean($requestBody["username"])); $password = trim(xss_clean($requestBody["password"])); // send password reset email $this->load->model('User'); if ($this->User->login($username, $password)) { // success, return userID hash $result['userID'] = "1234"; // TODO: hash UserID } else { // failed, return error $result['success'] = false; $result['errorMessage'] = "Sorry duder, that seems to be the wrong username or password. Please try again."; } } else { // something has gone very wrong here $result['success'] = false; $result['errorMessage'] = "This request doesn't look right."; } // return json response $this->output->set_content_type('application/json')->set_output(json_encode($result)); }
public function __construct() { parent::__construct(); $this->_service_url = C('service.s'); $this->data['base_url'] = C('config.base_url'); $this->data['img_url'] = C('config.img_url'); $this->data['api_url'] = C('config.api_url'); $this->data['web_url'] = C('config.web_url'); $this->data['css_version'] = C('version.version.css'); $this->data['js_version'] = C('version.version.js'); $this->load->library(array('UserAuth', 'Http')); $this->data['user_info'] = $this->userauth->current(FALSE); if (empty($this->data['user_info'])) { header("location:" . $this->data['base_url'] . '/user'); exit; } $this->post = json_decode(file_get_contents("php://input"), TRUE); // 从post中json字符串中解析出变量并合并到$_POST if (!empty($this->post)) { $this->post = xss_clean($this->post); $_POST = array_merge($_POST, $this->post); } $this->data['left_nav'] = $this->create_left_nav(); $this->data['top_nav'] = $this->create_top_nav(); $this->data['city_map'] = $this->create_cities_map(); // 激活分析器以调试程序 // $this->output->enable_profiler(TRUE); }
public function index() { //get the posted values $username = $this->input->post("username"); $password = $this->input->post("password"); // validate $this->load->library('form_validation'); $this->form_validation->set_rules('username', 'Username', 'trim|required'); $this->form_validation->set_rules('password', 'Password', 'trim|required'); if ($this->form_validation->run() === FALSE) { $this->load->view('template/login'); } else { if ($this->input->post('btnlogin') == 'login') { $result = $this->login_check->get_user(xss_clean($username), $password); if (count($result) > 0) { $sessiondata = array('user' => $result->name, 'power' => $result->power, 'm_id' => $result->m_id); $this->session->set_userdata($sessiondata); // $this->load->view(print_r($this->session)); redirect('/index'); } else { redirect('/login'); } } } }
/** * login() */ public function login() { $data['header'] = $this->load->view('system/header', NULL, TRUE); //Obtener y limpiar los datos $username = xss_clean($this->input->post('username')); $password = do_hash(xss_clean($this->input->post('password')), 'md5'); //Validar los datos obtenidos $this->form_validation->set_rules('username', 'User Name', 'required', array('required' => $this->lang->line('error_required_username'))); $this->form_validation->set_rules('password', 'Password', 'required', array('required' => $this->lang->line('error_required_password'))); if ($this->form_validation->run() == FALSE) { //Se despliega el login con mensajes de error $data['content'] = $this->load->view('system/login', NULL, TRUE); } else { try { //Se validan las credenciales de acceso $this->opx_auth->auth_user($username, $password); //Se redirecciona al controlador del dashboard redirect('dashboard'); } catch (Exception $e) { $data_login['error_login_message'] = $this->lang->line('error_login_message'); $data['content'] = $this->load->view('system/login', $data_login, TRUE); } } $data['footer'] = $this->load->view('system/footer', NULL, TRUE); $this->load->view('system/layout', $data); }
function addEditS1($lPID) { $this->load->helper('dl_util/verify_id'); verifyID($this, $lPID, 'people ID'); $displayData = array(); $lPID = (int) $lPID; $params = array('enumStyle' => 'terse'); $this->load->library('generic_rpt', $params); $this->load->model('people/mpeople', 'clsPeople'); $this->load->model('admin/madmin_aco', 'clsACO'); // $this->load->helper('dl_util/email_web'); $this->clsPeople->loadPeopleViaPIDs($lPID, false, false); $displayData['contextSummary'] = $this->clsPeople->peopleHTMLSummary(0); // validation rules $this->form_validation->set_error_delimiters('<div class="formError">', '</div>'); $this->form_validation->set_rules('txtSearch', 'SEARCH', 'trim|required'); $bFormValidated = $this->form_validation->run(); $displayData['title'] = CS_PROGNAME . ' | Relationships'; $displayData['pageTitle'] = anchor('main/menu/people', 'People', 'class="breadcrumb"') . ' | ' . anchor('people/people_record/view/' . $lPID, 'Record', 'class="breadcrumb"') . ' | Relationships'; $displayData['nav'] = $this->mnav_brain_jar->navData(); if (!$bFormValidated) { $displayData['search'] = new stdClass(); $displayData['search']->strButtonLabel = 'Search'; $displayData['search']->strLegendLabel = 'Create a relationship between ' . $this->clsPeople->people[0]->strSafeName . ' and another person'; $displayData['search']->formLink = 'people/relationships/addEditS1/' . $lPID; $displayData['search']->lSearchTableWidth = 240; $displayData['search']->bBiz = false; $displayData['mainTemplate'] = 'util/search_people_biz_view'; $this->load->vars($displayData); $this->load->view('template'); } else { $this->searchSelected($displayData, $lPID, 'People Search', xss_clean(trim($_POST['txtSearch']))); } }
function add_details() { $try = $this->m_files->add_details(); $tags = xss_clean(substr($_SESSION['f_tags'], 0, 255)); $this->m_tags->add_tags($tags, 'files', $try); redirect("files/index", 'refresh'); }
function insert() { $try = $this->m_bookmarks->add_bookmark(); $tags = xss_clean(substr($_SESSION['b_tags'], 0, 255)); $this->m_tags->add_tags($tags, 'bookmarks', $try); redirect("bookmarks/index", 'refresh'); }
public function edit() { $this->load->helper('form'); $this->load->library('form_validation'); $id = $this->uri->segment(3); $post = $this->post->get_by_id($id); $this->form_validation->set_rules('title', 'Title', 'trim|required|max_length[255]'); $this->form_validation->set_rules('body', 'Body', 'trim|required|max_length[500]'); $data['action'] = site_url('blog/edit/' . $id); $data['post'] = $post; if ($_POST) { if ($this->form_validation->run() == FALSE) { $this->load->view('templates/header'); $this->load->view('blog/edit', $data); $this->load->view('templates/footer'); } else { $this->load->helper('security'); $post = new Post_model(); $post->id = xss_clean($this->uri->segment(3)); $post->title = xss_clean($this->input->post('title', TRUE)); $post->body = xss_clean($this->input->post('body', TRUE)); $date = new DateTime(); $post->created = $date->format('Y-m-d H:i:s'); if ($post->save()) { redirect(base_url('blog/details/' . $post->id), 'location'); } } } else { $this->load->view('templates/header'); $this->load->view('blog/edit', $data); $this->load->view('templates/footer'); } }
function prepare_fields(&$var) { if (!is_array($var)) { $var = remove_tags(xss_clean(trim($var))); } return $var; }
function insert() { $try = $this->m_posts->add_post(); $tags = xss_clean(substr($_SESSION['p_tags'], 0, 255)); $this->m_tags->add_tags($tags, 'posts', $try); redirect("blog/index", 'refresh'); }
public function left() { $userid = $this->session->user_id; $query_level_one = $this->Manage_Template_Model->get_menu(1, 0, $userid); $menu = " <ul class=\"nav navbar-nav side-nav\">"; for ($i = 0; $i < count($query_level_one); $i++) { $level_one_name = xss_clean($query_level_one[$i]['Name']); $level_one_id = xss_clean($query_level_one[$i]['Id']); $level_one_type = xss_clean($query_level_one[$i]['Type']); $level_one_promgram_url = xss_clean($query_level_one[$i]['Promgram_Url']); $menu = $menu . "<li>"; $menu = $menu . "<a href=\"javascript:;\" data-toggle=\"collapse\" data-target=\"#demo" . $i . "\"><i class=\"fa fa-fw fa-folder\"></i> " . $level_one_name; if ($level_one_type == "folder") { if ($this->Manage_Template_Model->has_node($level_one_id)) { $menu = $menu . " <i class=\"fa fa-fw fa-caret-down\"></i></a>"; $menu = $menu . "<ul id=\"demo" . $i . "\" class=\"collapse\">"; $query_level_two = $this->Manage_Template_Model->get_menu(2, $level_one_id, $userid); for ($j = 0; $j < count($query_level_two); $j++) { $level_two_name = xss_clean($query_level_two[$j]['Name']); $level_two_id = xss_clean($query_level_two[$j]['Id']); $level_two_type = xss_clean($query_level_two[$j]['Type']); $level_two_promgram_url = xss_clean($query_level_two[$j]['Promgram_Url']); $menu = $menu . "<li>"; if ($level_two_type == "folder") { $menu = $menu . "<a href=\"javascript:;\" data-toggle=\"collapse\" data-target=\"#demo" . $i . "_" . $j . "\"> <i class=\"fa fa-fw fa-folder\"></i> " . $level_two_name; if ($this->Manage_Template_Model->has_node($level_two_id)) { $menu = $menu . " <i class=\"fa fa-fw fa-caret-down\"></i></a>"; $menu = $menu . "<ul id=\"demo" . $i . "_" . $j . "\" class=\"collapse\">"; $query_level_three = $this->Manage_Template_Model->get_menu(3, $level_two_id, $userid); for ($k = 0; $k < count($query_level_three); $k++) { $level_three_name = xss_clean($query_level_three[$k]['Name']); $level_three_promgram_url = xss_clean($query_level_three[$k]['Promgram_Url']); $menu = $menu . "<a href=\"javascript:change_content('" . base_url($level_three_promgram_url) . "','" . $level_three_name . "')\"><i class=\"fa fa-fw fa-cog\"></i>" . $level_three_name . "</a>"; } $menu = $menu . "</ul>"; } else { $menu = $menu . "</a>"; } } else { $menu = $menu . "<a href=\"javascript:change_content('" . base_url($level_two_promgram_url) . "','" . $level_two_name . "')\"><i class=\"fa fa-fw fa-cog\"></i>" . $level_two_name . "</a>"; } $menu = $menu . "</li>"; } $menu = $menu . "</ul>"; } else { $menu = $menu . "</a>"; } } else { $menu = $menu . "<a href=\"javascript:change_content('" . base_url($level_one_promgram_url) . "','" . $level_one_name . "')\"><i class=\"fa fa-fw fa-cog\"></i>" . $level_one_name . "</a>"; } $menu = $menu . "</li>"; } $menu = $menu . " </ul>"; $data["menu"] = $menu; if ($this->input->post('node_name')) { $this->session->set_userdata('node_name', $this->input->post('node_name')); } $this->load->view('manage_template/template_left', $data); }
function add_post() { $userid = $_SESSION['userid']; $now = date("Y-m-d h:i:s"); $data = array('title' => xss_clean(substr($this->input->post('title'), 0, 255)), 'body' => xss_clean(substr($this->input->post('body'), 0, 5000)), 'user_id' => $userid, 'created' => $now); $this->db->insert("posts", $data); $_SESSION['p_tags'] = $this->input->post('tags'); return $this->db->insert_id(); }
function filter_string($string) { $result = str_replace("'", "", $string); $result = str_replace('"', "", $result); $result = strip_tags($result); $result = trim($result); $result = xss_clean($result); return $result; }
function add_bookmark() { $userid = $_SESSION['userid']; $now = date("Y-m-d h:i:s"); $data = array('url' => xss_clean(substr($this->input->post('url'), 0, 255)), 'description' => xss_clean(substr($this->input->post('description'), 0, 255)), 'user_id' => $userid, 'created' => $now); $this->db->insert("bookmarks", $data); $_SESSION['b_tags'] = $this->input->post('tags'); return $this->db->insert_id(); }
function update_profile() { $id = $_SESSION['userid']; $try = $this->m_users->update_user($id); $tags = xss_clean(substr($_SESSION['tags'], 0, 255)); $this->m_tags->add_tags($tags, 'users', $try); // Update the session and redirect the user $_SESSION['logged_in_user'] = $this->m_users->get_user($id); redirect("agilan/index", 'refresh'); }
public function fields($fields) { $this->load->helper('security'); $data = array(); if (count($fields)) { foreach ($fields as $key => $value) { $data[$key] = xss_clean(strip_tags($value)); } } return $data; }
function verifyUniqueUserID($strUserName, $id) { $id = (int) $id; $strUserName = xss_clean(trim($strUserName)); $this->load->model('util/mverify_unique', 'clsUnique'); if (!$this->clsUnique->bVerifyUniqueText($strUserName, 'us_strUserName', $id, 'us_lKeyID', true, 'us_bInactive', false, null, null, false, null, null, 'admin_users')) { return false; } else { return true; } }
public function index() { // включаем библиотеку для работы с сессиями $this->load->library('session'); $success_send = false; // если был пост запрос if ($this->input->server('REQUEST_METHOD') == 'POST') { // подключение библиотеки для валидации форм $this->load->library('form_validation'); // подулючение хелпера для обработки элементов форм $this->load->helper('security'); // установка правил валидации $this->form_validation->set_rules($this->config->item('contact_validation')); $this->form_validation->set_rules('captcha', 'Captcha', 'callback_validate_captcha'); // проверка каптчи // если данные прошли проверку if ($this->form_validation->run() === TRUE) { // получаем данные из формы $email = xss_clean($this->input->post('email')); $subject = xss_clean($this->input->post('subject')); $message = xss_clean($this->input->post('message')); // включаем библиотеку для отправки писем $this->load->library('email'); $this->email->from($this->config->item('from_email'), 'Сайт дизайн студии'); $this->email->to($this->config->item('to_email'), 'Администратору сайта'); $this->email->subject($subject); $this->email->message($message); $this->email->send(); // в сессию записываем данные о том, что письмо отправлено $this->session->set_flashdata('success_send', true); redirect('/contacts'); } } if ($this->session->flashdata('success_send')) { $success_send = $this->session->flashdata('success_send'); } // здесь место для тебя ... передавай каптчу в массив ниже в шаблон $this->load->helper('captcha'); $original_string = array_merge(range(0, 9), range('a', 'z'), range('A', 'Z')); $original_string = implode("", $original_string); $captcha = substr(str_shuffle($original_string), 0, 6); $vals = array('word' => $captcha, 'img_path' => './captcha/', 'img_url' => base_url() . '/captcha/', 'img_width' => 150, 'img_height' => 50, 'expiration' => 7200); $cap = create_captcha($vals); $data['image'] = $cap['image']; if (file_exists(BASEPATH . "../captcha/" . $this->session->userdata['image'])) { unlink(BASEPATH . "../captcha/" . $this->session->userdata['image']); } $this->session->set_userdata(array('captcha' => $captcha, 'image' => $cap['time'] . '.jpg')); $form_html = $this->renderHTML('contacts/contact_form', $data, true); $this->setToData('title', 'Связаться с нами'); $this->setToData('form', $form_html); $this->setToData('success_send', $success_send); $this->display('contacts/index'); }
function evote() { parent::Controller(); $this->load->helper(array('fdcore_framework', 'office_framework', 'rf_framework_helper')); $this->load->helper(array('language', 'url', 'file', 'security', 'date', 'form', 'html', 'pay')); $this->load->library(array('session', 'table', 'parser', 'ajax', 'cache')); $this->lang->load('office', get_lang()); $this->login = xss_clean($this->session->userdata('login')); RunFunc('connectdb|connectmydb|allow_ip|check_offline|check_sql_inject'); $this->limit = config('vote_limit', 'core'); $this->output->enable_profiler(config('profiler', 'core')); }
function add_comment() { if ($this->input->post('object_id') <= 0 or strlen($this->input->post('comment')) <= 0 or strlen($this->input->post('object')) <= 0) { return 0; } else { $userid = $_SESSION['userid']; $now = date("Y-m-d h:i:s"); $data = array('comment' => xss_clean(substr($this->input->post('comment'), 0, 255)), 'object' => xss_clean($this->input->post('object')), 'object_id' => $this->input->post('object_id'), 'user_id' => $userid, 'created' => $now); $this->db->insert("comments", $data); return 1; } }
function do_upload($risk_id) { // $upload_path = realpath(APPPATH . '../uploads') /var/www/shhasan.ddns.net/uploads/; $config['upload_path'] = '/var/www.v1.riskmp.com/public_html/assets/images/uploads/'; $config['allowed_types'] = 'gif|jpg|png'; $config['max_size'] = '10000KB'; $config['max_width'] = '102400'; $config['max_height'] = '76800'; //$config['file_name'] = 'name'; $confirm_member = $this->User_model->confirm_member(true, false); if (!$confirm_member['success']) { $this->print_jtable_error(self::ERROR_NOT_LOGGED_IN); return; } $user_id = $_SESSION['user_id']; $this->load->model('Risk_model'); $permission = $this->Risk_model->initialize($risk_id, $user_id); if ($permission != "Admin" && $permission != "Owner" && $permission != "Write") { $this->print_jtable_error(self::ERROR_NO_EDIT_PERMISSION); return; } $this->load->library('upload', $config); if (!$this->upload->do_upload()) { $error = array('error' => $this->upload->display_errors()); $this->load->view('upload_form', $error); } else { $data = array('upload_data' => $this->upload->data()); // $this->load->view('upload_success', $data); $this->load->helper('security'); foreach ($data as &$val) { xss_clean($val); } $previous_data = $this->Risk_model->get(); $media_items = explode(',', $previous_data['img_url']); if (sizeof($media_items) == 3) { echo "<script>alert('More than 3 images for a risk are not permitted.'); window.location = '" . $_SERVER['HTTP_REFERER'] . "';</script>"; return; } if (isset($previous_data['img_url']) && $previous_data['img_url'] != null && $previous_data['img_url'] != '') { $risk_data['img_url'] = $previous_data['img_url'] . ',' . $data['upload_data']['file_name']; } else { $risk_data['img_url'] = $data['upload_data']['file_name']; } if ($this->Risk_model->upload_media($risk_data) == false) { echo "<script>alert('An ERROR occurred while uploading your file. Please try again.'); window.location = '" . $_SERVER['HTTP_REFERER'] . "';</script>"; return; } else { echo "<script>alert('Upload Successful!'); window.location = '" . $_SERVER['HTTP_REFERER'] . "';</script>"; return; } } }
public function __construct() { parent::__construct(); $this->load->library(array('UserAuth')); $this->post = json_decode(file_get_contents("php://input"), TRUE); // 从post中json字符串中解析出变量并合并到$_POST if (!empty($this->post)) { $this->post = xss_clean($this->post); $_POST = array_merge($_POST, $this->post); } // 激活分析器以调试程序 // $this->output->enable_profiler(TRUE); }
function topsms() { parent::Controller(); $this->load->helper(array('fdcore_framework', 'office_framework', 'rf_framework_helper')); $this->load->helper(array('language', 'url', 'security', 'form', 'html', 'pay', 'date')); $this->load->library(array('session', 'parser', 'table', 'ajax')); $this->lang->load('office', get_lang()); $this->login = xss_clean($this->session->userdata('login')); RunFunc('connectdb|connectmydb|check_offline|check_sql_inject'); $this->output->enable_profiler(config('profiler', 'core')); if (!is_logged()) { redirect(base_url()); } }
public function index() { $query_level_one = $this->Maintain_menu_model->get_menu(1, 0); $menu = ""; for ($i = 0; $i < count($query_level_one); $i++) { $level_one_name = xss_clean($query_level_one[$i]['Name']); $level_one_id = xss_clean($query_level_one[$i]['Id']); $level_one_type = xss_clean($query_level_one[$i]['Type']); $menu = $menu . "<li>"; if ($level_one_type == "folder") { $menu = $menu . "<span class=\"badge badge-success\" onclick=\"load_folder('" . $level_one_id . "','modify')\"><i class=\"icon-folder-close\"></i> " . $level_one_name . "</span><a href=\"#\"><i class=\"icon-plus\"></i></a>"; $menu = $menu . "<ul>"; if ($this->Maintain_menu_model->has_node($level_one_id)) { $query_level_two = $this->Maintain_menu_model->get_menu(2, $level_one_id); for ($j = 0; $j < count($query_level_two); $j++) { $level_two_name = xss_clean($query_level_two[$j]['Name']); $level_two_id = xss_clean($query_level_two[$j]['Id']); $level_two_type = xss_clean($query_level_two[$j]['Type']); $menu = $menu . "<li>"; if ($level_two_type == "folder") { $menu = $menu . "<span class=\"badge badge-success\" onclick=\"load_folder('" . $level_two_id . "','modify')\"><i class=\"icon-folder-close\"></i> " . $level_two_name . "</span><a href=\"#\"><i class=\"icon-plus\"></i></a>"; $menu = $menu . "<ul>"; if ($this->Maintain_menu_model->has_node($level_two_id)) { $query_level_three = $this->Maintain_menu_model->get_menu(3, $level_two_id); for ($k = 0; $k < count($query_level_three); $k++) { $menu = $menu . "<li>"; $level_three_name = xss_clean($query_level_three[$k]['Name']); $level_three_id = xss_clean($query_level_three[$k]['Id']); $menu = $menu . "<a href=\"javascript:load_function('" . $level_three_id . "','modify')\" ><span><i class=\"icon-cog\"></i> " . $level_three_name . "</span></a>"; $menu = $menu . "</li>"; } } $menu = $menu . "</ul>"; } else { $menu = $menu . "<a href=\"javascript:load_function('" . $level_two_id . "','modify')\" ><span><i class=\"icon-cog\"></i> " . $level_two_name . "</span></a>"; } $menu = $menu . "</li>"; } } $menu = $menu . "</ul>"; } else { $menu = $menu . "<a href=\"javascript:load_function('" . $level_one_id . "','modify')\" ><span><i class=\"icon-cog\"></i> " . $level_one_name . "</span></a>"; } $menu = $menu . "</li>"; } $menu = $menu . " </ul>"; $data["menu"] = $menu; $this->load->view('maintain_menu/maintain_menu', $data); }
public function new_password() { $this->form_validation->set_rules('code', $this->lang->line('signin_new_pwd_code'), 'required|min_length[4]|max_length[8]'); $this->form_validation->set_rules('usr_email', $this->lang->line('signin_new_pwd_email'), 'required|min_length[5]|max_length[125]'); $this->form_validation->set_rules('usr_password1', $this->lang->line('signin_new_pwd_email'), 'required|min_length[5]|max_length[125]'); $this->form_validation->set_rules('usr_password2', $this->lang->line('signin_new_pwd_email'), 'required|min_length[5]|max_length[125]|matches[usr_password1]'); if ($this->input->post()) { $data['code'] = xss_clean($this->input->post('code')); } else { $data['code'] = xss_clean($this->uri->segment(3)); } if ($this->form_validation->run() == FALSE) { $data['usr_email'] = array('name' => 'usr_email', 'class' => 'form-control', 'id' => 'usr_email', 'type' => 'text', 'value' => set_value('usr_email', ''), 'maxlength' => '100', 'size' => '35', 'placeholder' => $this->lang->line('signin_new_pwd_email')); $data['usr_password1'] = array('name' => 'usr_password1', 'class' => 'form-control', 'id' => 'usr_password1', 'type' => 'password', 'value' => set_value('usr_password1', ''), 'maxlength' => '100', 'size' => '35', 'placeholder' => $this->lang->line('signin_new_pwd_pwd')); $data['usr_password2'] = array('name' => 'usr_password2', 'class' => 'form-control', 'id' => 'usr_password2', 'type' => 'password', 'value' => set_value('usr_password2', ''), 'maxlength' => '100', 'size' => '35', 'placeholder' => $this->lang->line('signin_new_pwd_confirm')); $this->load->view('common/login_header', $data); $this->load->view('users/new_password', $data); $this->load->view('common/footer', $data); } else { // Does code from input match the code against the email $email = xss_clean($this->input->post('usr_email')); if (!$this->Users_model->does_code_match($data, $email)) { // Code doesn't match redirect('users/forgot_password'); } else { // Code does match $hash = $this->encrypt->sha1($this->input->post('usr_password1')); $data = array('usr_hash' => $hash, 'usr_email' => $email); if ($this->Users_model->update_user_password($data)) { $link = 'http://www.domain.com/signin'; $result = $this->Users_model->get_user_details_by_email($email); foreach ($result->result() as $row) { $usr_fname = $row->usr_fname; $usr_lname = $row->usr_lname; } $path = '/path/to/codeigniter/application/controllers/../views/email_scripts/new_password.txt'; $file = read_file($path); $file = str_replace('%usr_fname%', $usr_fname, $file); $file = str_replace('%usr_lname%', $usr_lname, $file); $file = str_replace('%password%', $password, $file); $file = str_replace('%link%', $link, $file); if (mail($email, $this->lang->line('email_subject_new_password'), $file, 'From: me@domain.com')) { redirect('signin'); } } } } }
function create() { $try = $this->m_users->add_user(); if ($try) { $data['title'] = 'Thanks for registering'; $data['main_view'] = 'welcome/thanks'; //add tags $tags = xss_clean(substr($_SESSION['tags'], 0, 255)); $this->m_tags->add_tags($tags, 'users', $try); } else { $data['title'] = 'There was a problem!'; $data['main_view'] = 'welcome/oops'; } $this->load->vars($data); $this->load->view('template'); }
function search_updates($input) { $term = xss_clean(substr($input, 0, 255)); $this->db->select('id,user_id,udpate'); $this->db->like('udpate', $term); $Q = $this->db->get("updates"); if ($Q->num_rows() > 0) { foreach ($Q->result_array() as $row) { $data[] = $row; } } else { $data = array(); } $Q->free_result(); return $data; }
public function create_location($client_id, $location_name, $enabled = false) { $response_messages = array(); if (!$this->check_valid_location_name(xss_clean(base64_decode($location_name)))) { array_push($response_messages, 'location_name_exists'); } if (!$this->check_valid_client_id($client_id)) { array_push($response_messages, 'client_id_invalid'); } if (count($response_messages) > 0) { return false; } $location = array('client_id' => $client_id, 'name' => xss_clean(base64_decode($location_name)), 'enabled' => $enabled === 'true' ? 1 : 0); $this->db->insert('locations', $location); return $this->get_client_locations($client_id, true, false); }
public function __construct() { parent::__construct(); $this->load->model(['MLog']); $this->load->library(array('UserAuth', 'Http')); $this->post = json_decode(file_get_contents("php://input"), TRUE); // 从post中json字符串中解析出变量并合并到$_POST if (!empty($this->post)) { $this->post = xss_clean($this->post); $_POST = array_merge($_POST, $this->post); } $this->_service_url = C('service.s'); // 记录系统日志 $this->MLog->record($this->userauth->current(FALSE)); // 激活分析器以调试程序 // $this->output->enable_profiler(TRUE); }