PHP Generic::secure示例

示例#1

文件： signup.class.php 项目： fliptechit/kick-notify

 function __construct()
 {
     // Only allow guests to view this page
     parent::guestOnly();
     /* Has the admin disabled user registrations? */
     $disable = parent::getOption('disable-registrations-enable');
     if ($disable) {
         $this->error = sprintf('<div class="alert alert-block alert-error">%s</div>', _('<h4 class="alert-heading">Registrations disabled.</h4><p>Already have an account? <a href="login.php">Sign in here</a>!</p>'));
         parent::displayMessage($this->error, true);
     }
     $this->use_emails = parent::getOption('email-as-username-enable');
     $this->username_type = $this->use_emails ? 'email' : 'username';
     // jQuery form validation
     parent::checkExists();
     // Generate a unique token for security purposes
     parent::generateToken();
     // Has the form been submitted?
     if (!empty($_POST)) {
         // Sign up form post data
         foreach ($_POST as $field => $value) {
             $this->settings[$field] = parent::secure($value);
         }
         $this->process();
     }
     if (isset($_GET['new_social'])) {
         $this->error = sprintf('<div class="alert alert-success">%s</div>', _('We don\'t see you as a registered user. Perhaps you\'d like to sign up :)'));
     }
     parent::displayMessage($this->error, false);
 }

示例#2

文件： activate.php 项目： causefx/MMHTPC-ManageMyHTPC

 function __construct()
 {
     // Assign their username to a variable
     if (isset($_SESSION['jigowatt']['username'])) {
         $this->user = $_SESSION['jigowatt']['username'];
     }
     // Are they clicking from an email?
     if (isset($_GET['key'])) {
         $this->key = parent::secure($_GET['key']);
         $this->getKey();
         // Do they want the key resent?
     } else {
         if (isset($_GET['resend']) && $_GET['resend'] == '1') {
             $this->resendKey();
             // Are they already signed in without a key?
         } else {
             if (isset($this->user) && !isset($this->key)) {
                 $this->signedIn();
             } else {
                 header('location: home.php');
                 exit;
             }
         }
     }
     // Display any errors
     parent::displayMessage($this->error, false);
 }

示例#3

文件： add_user.class.php 项目： causefx/MMHTPC-ManageMyHTPC

 function __construct()
 {
     if (isset($_POST['searchUsers'])) {
         $this->searchUsers();
         exit;
     }
     // jQuery form validation
     parent::checkExists();
     if (isset($_POST['add_user'])) {
         $this->name = parent::secure($_POST['name']);
         $this->username = parent::secure($_POST['username']);
         $this->email = parent::secure($_POST['email']);
         $this->password = substr(md5(rand() . rand()), 0, 6);
         // Confirm all details are correct
         $this->verify();
         // Create the user
         $this->adduser();
         if (!empty($this->error)) {
             parent::displayMessage($this->error);
         } else {
             echo $this->result;
         }
         exit;
     }
 }

示例#4

文件： edit_user.class.php 项目： causefx/MMHTPC-ManageMyHTPC

 private function grabCurrentUser()
 {
     $this->id = parent::secure($_GET['uid']);
     $params = array(':user_id' => $this->id);
     $stmt = parent::query("SELECT user_id, user_level, restricted, username, name, email FROM login_users WHERE user_id = :user_id;", $params);
     if ($stmt->rowCount() < 1) {
         parent::displayMessage("<div class='alert alert-danger'>" . _('No such user!') . "</div>");
     }
     foreach ($stmt->fetch(PDO::FETCH_ASSOC) as $field => $value) {
         $this->options[$field] = $value;
     }
 }

示例#5

文件： settings.class.php 项目： causefx/MMHTPC-ManageMyHTPC

 function __construct()
 {
     // Once the form has been processed
     if (!empty($_POST)) {
         foreach ($_POST as $key => $value) {
             $this->options[$key] = parent::secure($value);
         }
         // Validate fields
         $this->validate();
         // Process form
         echo empty($this->error) ? $this->process() : $this->error;
         exit;
     }
 }

示例#6

文件： add_level.class.php 项目： causefx/MMHTPC-ManageMyHTPC

 function __construct()
 {
     // jQuery form validation
     parent::checkExists();
     if (isset($_POST['searchLevels'])) {
         $this->searchLevels();
         exit;
     }
     if (isset($_POST['add_level'])) {
         $this->auth = parent::secure($_POST['auth']);
         $this->level = parent::secure($_POST['level']);
         // Confirm all details are correct
         $this->verify();
         // Create the level
         $this->addlevel();
     }
 }

示例#7

文件： edit_level.class.php 项目： causefx/MMHTPC-ManageMyHTPC

 function __construct()
 {
     // Save level and auth
     if (!empty($_GET['lid'])) {
         $this->retrieveInfo();
     }
     if (isset($_POST['do_edit'])) {
         foreach ($_POST as $key => $value) {
             $this->options[$key] = parent::secure($value);
         }
         $this->options['level_disabled'] = !empty($_POST['disable']) ? 'checked' : '';
         $this->options['welcome_email'] = !empty($_POST['welcome_email']) ? 'checked' : '';
         // Validate fields
         $this->validate();
     }
     if (!empty($this->error)) {
         parent::displayMessage("<div class='alert alert-warning'>{$this->error}</div>", false);
     }
     if (!empty($this->result)) {
         parent::displayMessage("<div class='alert alert-success'>{$this->result}</div>", false);
     }
 }

示例#8

文件： profile.class.php 项目： fliptechit/kick-notify

 private function retrieveFields()
 {
     $params = array(':user_id' => $this->user_id);
     $stmt = parent::query("SELECT `user_id`, `username`, `name`, `email` FROM `accounts` WHERE `user_id` = :user_id;", $params);
     if ($stmt->rowCount() < 1) {
         $this->error = sprintf('<div class="alert alert-warning">%s</div>', _('Sorry, that user does not exist.'));
         parent::displayMessage($this->error, true);
         return false;
     }
     foreach ($stmt->fetch(PDO::FETCH_ASSOC) as $field => $value) {
         $this->settings[$field] = parent::secure($value);
     }
 }

示例#9

文件： forgot.class.php 项目： causefx/MMHTPC-ManageMyHTPC

 public function modal_process()
 {
     if (isset($_POST['usernamemail'])) {
         $usernamemail = parent::secure($_POST['usernamemail']);
         // The input field wasn't filled out
         if (empty($usernamemail)) {
             $this->error = '<div class="alert alert-danger">' . _('Please enter your username or email address.') . '</div>';
         } else {
             $params = array(':usernameEmail' => $usernamemail);
             $stmt = parent::query("SELECT * FROM `login_users` WHERE `username` = :usernameEmail OR `email` = :usernameEmail;", $params);
             if ($stmt->rowCount() > 0) {
                 $row = $stmt->fetch();
                 // Reuse the email variable.
                 $email = $row['email'];
                 // Check that a recovery key doesn't already exist, if it does, remove it.
                 $params = array(':email' => $email);
                 $stmt = parent::query("SELECT * FROM `login_confirm` WHERE `email` = :email AND `type` = 'forgot_pw';", $params);
                 if ($stmt->rowCount() > 0) {
                     parent::query("DELETE FROM `login_confirm` WHERE email = :email AND `type` = 'forgot_pw';", $params);
                 }
                 // Generate a new recovery key
                 $key = md5(uniqid(mt_rand(), true));
                 $params = array(':email' => $email, ':key' => $key);
                 parent::query("INSERT INTO `login_confirm` (`email`, `key`, `type`) VALUES (:email, :key, 'forgot_pw');", $params);
                 $shortcodes = array('site_address' => SITE_PATH, 'full_name' => $row['name'], 'username' => $row['username'], 'reset' => SITE_PATH . "forgot.php?key={$key}");
                 $subj = parent::getOption('email-forgot-subj');
                 $msg = parent::getOption('email-forgot-msg');
                 // Send an email confirming their password reset
                 if (!parent::sendEmail($email, $subj, $msg, $shortcodes)) {
                     $this->error = '<div class="alert alert-danger">' . _('ERROR. Mail not sent') . '</div>';
                 } else {
                     $this->error = "<div class='alert alert-success'>" . _('We\'ve emailed you password reset instructions. Check your email.') . "</div>";
                 }
             } else {
                 $this->error = '<div class="alert alert-danger">' . _('This account does not exist.') . '</div>';
             }
         }
         echo $this->error;
     }
 }