public function access() { if ($_POST) { $user = $_POST['user']; $pass = $_POST['pass']; $login = new Login_Model(); $data_user = $login->systemLogin($user, $pass); $data_company = $login->dataCompany($data_user[0]['id_usuario']); $redirector = new RedirectorHelper(); if ($data_user) { if ($data_company[0][2] == 1) { if ($data_user[0]['nivel'] != 0) { $session = new SessionHelper(); $session->createSession("userData", $data_user[0]); $session->setDataCompany($data_company); $redirector->goToController(""); } else { $this->setMsg('erro', 'Usuário sem acesso.<br /> Entre em contato com o suporte para maiores informações!'); $redirector->goToController(""); } } else { $this->setMsg('erro', 'Acesso negado. Entre em contato com o suporte para maiores informações!'); $redirector->goToController(""); } } else { $this->setMsg('erro', 'Usuário ou Senha errados!'); $redirector->goToController(""); } } else { $redirector->goToController(""); } }
public function init() { $session = new SessionHelper(); $login = $session->checkSession('userData'); if ($login == false) { $this->view('login'); exit; } }
function aclLink($title, $url = null, $htmlAttributes = array(), $confirmMessage = false, $escapeTitle = true) { App::import('Helper', 'Session'); $session = new SessionHelper(); App::import('Component', 'Myacl'); $this->MyAcl = new MyAclComponent(); $AclUrl = implode('/', $url); if ($this->MyAcl->hasAccess($session->read('Auth.User.id'), $AclUrl)) { return $this->link($title, $url, $htmlAttributes, $confirmMessage, $escapeTitle); } else { return null; } }
public static function configurePage(Template $t, $title, $bodyContent = null, $jsExtra = null) { $t->insertSlot("TITLE", $title); $currentPage = DocumentHelper::getCurrentPageName(); if ($bodyContent !== null) { $t->insertSlot("BODY_CONTENT", $bodyContent); } if ($jsExtra !== null) { $t->insertBlock("JS_EXTRA", $jsExtra); } if (SessionHelper::isAdmin()) { // logged in as admin $t->insertSlot("LOGIN_TEXT", "LOG OUT " . SessionHelper::getName()); $t->insertSlot("LOGIN_LINK", "logout.php"); } else { $t->insertBlock("LOGIN", ""); } // menu - highlight current page $t->insertSlot("CLASS_ABOUT", $currentPage == "about.php" ? "current" : ""); $t->insertSlot("CLASS_BOOKINGS", $currentPage == "bookings.php" ? "current" : ""); $t->insertSlot("CLASS_VALET_PARKING", $currentPage == "valet_parking.php" ? "current" : ""); $t->insertSlot("CLASS_VEHICLE_STORAGE", $currentPage == "vehicle_storage.php" ? "current" : ""); $t->insertSlot("CLASS_POOL_CAR", $currentPage == "pool_car.php" ? "current" : ""); $t->insertSlot("CLASS_RATES", $currentPage == "rates.php" ? "current" : ""); $t->insertSlot("CLASS_VIDEO", $currentPage == "video.php" ? "current" : ""); }
/** * Flash * * @param $key string * @param $attrs array * @return string */ public function flash($key = 'flash', $attrs = array()) { if (empty($attrs['params']['class'])) { $attrs['params']['class'] = 'alert'; } return parent::flash($key, $attrs); }
function flash($key = 'flash') { $out = false; if ($this->__active === true && $this->__start()) { if (parent::check('Message.' . $key)) { $flash = parent::read('Message.' . $key); if ($flash['element'] == 'default') { if (!empty($flash['params']['class'])) { $class = $flash['params']['class']; } else { $class = 'message'; } $out = '<script type="text/javascript">$(function(){notify(\'noTitle\', { text:\'' . $flash['message'] . '\'});});</script>'; } elseif ($flash['element'] == '' || $flash['element'] == null) { $out = $flash['message']; } else { $underscore = strpos($flash['element'], '_'); if ($underscore) { $element = substr($flash['element'], ++$underscore); } else { $element = $flash['element']; } $out = '<script type="text/javascript">$(function(){notify("' . $element . '", { title:\'' . ucfirst($element) . '\', text:\'' . $flash['message'] . '\'});});</script>'; } parent::delete('Message.' . $key); } } return $out; }
function flash() { // init $output = ''; // get the flash msg array from the session $data = parent::read('flash'); // data looks like this // $data = array('flash message', 'success'); // delete the session variable parent::del('flash'); // if the flash message is not empty if (!empty($data[0])) { // switch depending on flash type switch ($data[1]) { case 'success': // print out a div with a success class $output .= '<div class="flash_success">'; break; case 'failure': // print out a div with a failure class $output .= '<div class="flash_failure">'; break; default: // print out a default flash class $output .= '<div class="flash">'; break; } // save the flash message with the closing div $output .= $data[0] . '</div>'; } return $output; }
public static function checkLogin() { if (SessionHelper::checkSession("valid") && SessionHelper::selectSession('valid')) { return true; } else { return false; } }
public function checkAnonAuth(array $content, $modelName, $session) { if ($session->check('Auth.User')) { if ($content['user_id'] == SessionHelper::read('Auth.User.id')) { return true; } } else { if ($session->check("AnonAuth.{$modelName}.{$content['id']}")) { return true; } } return false; }
// disposition / encoding on response body header("Content-Disposition: attachment;filename={$filename}"); header("Content-Transfer-Encoding: binary"); } // **************************************************************** // access check include "includes/startloggedinadmin.inc.php"; require_once "classes/constants.class.php"; //require_once "classes/template.class.php"; //require_once "classes/templatehelper.class.php"; require_once "classes/db.class.php"; require_once "classes/sessionhelper.class.php"; //require_once "classes/jswriter.class.php"; //require_once "classes/validationhelper.class.php"; require_once "classes/bookingshelper.class.php"; if (!SessionHelper::isMaster()) { die("You don't belong here!"); } $db = new Db(); $q = "\nSELECT \n\tb.first_name AS first_name,\n\tb.last_name AS last_name,\n\tb.email AS email\nFROM\n\tbookings b\nGROUP BY \n\temail\nORDER BY \n\temail\n"; //pr($q); // exit(); $rows = $db->getRowsByQuery($q); $rows2 = array(); foreach ($rows as $row) { $rows2[] = array("name" => $row["first_name"], "surname" => $row["last_name"], "email" => $row["email"]); } unset($rows); //pr($rows2); exit; // ********************* export it now *****************9 download_send_headers("aps_emails_export_" . date("Y-m-d") . ".csv"); echo array2csv($rows2);
private function _authenticate() { $session = new SessionHelper(); $formval = new FormHelper(); // Captcha include_once BASE_URI . 'app/vendor/securimage/securimage.php'; $securimage = new Securimage(); if ($securimage->check($formval->testInput($_POST['captcha_code'])) == false) { $session->setMessage('Verification code was incorrect, please try again', 3); return false; } $username = $formval->testInput($_POST['username']); $password = $formval->testInput($_POST['password']); $usermodel = new UserModel(); if ($usermodel->authenticateUser($username, $password)) { return true; } else { $session->setMessage('Username / password incorrect or acount inactive', 3); return false; } }
session_destroy(); session_start(); // $sessionid = session_id(); SessionHelper::setSession($row); CookieHelper::setLoginUser($_POST["email"]); CookieHelper::setLoginPass(md5($_POST["password"])); } } // if ($success) { // they logged in using the form, send redirect headers // echo "SUCCESS " . print_r($_POST); exit; if ($from) { header("Location: " . $from); } else { if (SessionHelper::isAdmin()) { header("Location: report_time.php"); } else { header("Location: ."); } } exit; } } header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past require_once "classes/template.class.php"; require_once "classes/templatehelper.class.php"; require_once "classes/formwriter.class.php";
<?php session_start(); $pageName = basename($_SERVER["PHP_SELF"]); require_once "classes/sessionhelper.class.php"; if (!SessionHelper::isLoggedIn() && $pageName != "login.php") { require_once "classes/documenthelper.class.php"; // echo "NOT LOGGED IN "; // exit; header("Location: login.php?from=" . $pageName . DocumentHelper::getQueryString(true, true)); exit; } header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
<?php namespace Home; require __DIR__ . '../../../../core/initialize.php'; $session = \SessionHelper::getSession(); $etaitAdmin = $session->get("estAdmin"); \SessionHelper::destroySession(); ?> <script type="text/javascript"> <?php if ($etaitAdmin !== null) { ?> $("#overlayMt2").html('<div style="position: relative;top: 45%;width: 431px; margin: 0 auto 0 auto;"><h2>Sortie de l\'administration...</h2></div>'); $("#overlayMt2").css('display', "inline"); location.reload(false); <?php } else { ?> Ajax('pages/_LegacyPages/News.php'); $("#Menu_Inscription_MonCompte").css("display", "none"); $("#Menu_Inscription_MonCompte2").css("display", "inline"); $("#Menu_Telechargement_ItemShop").css("display", "none"); $("#Menu_Telechargement_ItemShop2").css("display", "inline"); $("#Menu_Support").css("display", "none"); $("#Menu_Support2").css("display", "inline");
/** * トークン取得 * @param SessionHelper $session * @param string $dataAlias * @return string */ public static function getToken(SessionHelper $session, $dataAlias = self::DEFAULT_KEY) { $sessionKey = self::SESSION_KEY_BASE . $dataAlias; return $session->read($sessionKey); }
public function deleteCategory() { $session = new SessionHelper(); $categoryid = htmlspecialchars($_GET['id']); $user = new User(); $category = new Category($categoryid); $categorymodel = new CategoryModel(); // Only an admin or moderator of this category may delete a category if ($user->role == 1 || $user->id == $category->moderator_id) { if ($categorymodel->deleteCategory($categoryid)) { $session->setMessage('Category (and all posts) removed', 4); redirectTo('index.php?c=user&a=viewallcategories'); } else { $session->setMessage('Category not removed', 3); redirectTo('index.php?c=user&a=viewallcategories'); } } else { $session->setMessage('You are not an admin or the moderator of this category.', 3); redirectTo('index.php?c=user&a=viewallcategories'); } }
/** * トークン送信フォーム用Input * @param FormHelper $form * @param SessionHelper $session * @param string $dataAlias * @param string $tokenKey * @return string */ public static function getTokenInput(FormHelper $form, SessionHelper $session, $dataAlias, $tokenField = self::TOKEN_FIELD) { $sessionKey = self::SESSION_KEY_BASE . $dataAlias; $options = array('type' => 'hidden', 'value' => $session->read($sessionKey), 'refer' => false); return $form->input($dataAlias . '.' . $tokenField, $options); }
public function disableUser($userid) { $session = new SessionHelper(); $db = DbModel::getInstance(); $sql_disable = 'UPDATE users SET disabled = :disable WHERE id = :id'; $sql_setinactive = 'UPDATE users SET is_active = :is_active WHERE id = :id'; $db->beginTransaction(); $db->query($sql_disable); $db->bind(':disable', 1); $db->bind(':id', $userid); $db->execute(); if (!$db->rowCount()) { $db->cancelTransaction(); $session->setMessage("Can't disable user", 3); return false; } else { $db->query($sql_setinactive); $db->bind(':is_active', 0); $db->bind(':id', $userid); $db->execute(); if (!$db->rowCount()) { $db->cancelTransaction(); $session->setMessage('User is inactive, please set active first.', 2); return false; } else { $db->endTransaction(); $session->setMessage("User is disabled and can't login anymore.", 4); return true; } } }
/** * Loads the requested URL * * @access public * @author Renie Siqueira da Silva * @since 1.0 * @return void */ public function run() { $controller_path = CONTROLLERS . $this->_controller . "Controller.php"; if (!file_exists($controller_path)) { $this->dispatch404(); } require_once $controller_path; $controller = $this->_controller . "Controller"; $app = new $controller(); if (!method_exists($app, $this->_action)) { $this->dispatch404(); } $action = $this->_action; if (defined('AUTHENABLE') && AUTHENABLE) { $refM = new ReflectionMethod($controller, $action); $refC = new ReflectionClass($controller); $authMNeeded = array(); preg_match("/@OdinAuth /", $refM->getDocComment(), $authMNeeded); $authCNeeded = array(); preg_match("/@OdinAuth /", $refC->getDocComment(), $authCNeeded); $authLogin = array(); preg_match("/@OdinAuthLogin /", $refM->getDocComment(), $authLogin); if (isset($authMNeeded[0]) || isset($authCNeeded[0])) { if (!AuthHelper::checkLogin()) { if (defined('AUTHCONTROLLERERROR') && AUTHCONTROLLERERROR != "") { SessionHelper::setSystemSession('requiredController', $this->_controller); SessionHelper::setSystemSession('requiredAction', $this->_action); SessionHelper::setSystemSession('requiredURL', true); if (defined('AUTHCONTROLLERACTION') && AUTHCONTROLLERACTION != "") { RedirectHelper::goToControllerAction(AUTHCONTROLLERERROR, AUTHACTIONERROR); } else { RedirectHelper::goToController(AUTHCONTROLLERERROR); } } else { RedirectHelper::goToIndex(); } } } elseif (isset($authLogin[0])) { if (AuthHelper::checkLogin()) { if (defined('AUTHCONTROLLERHOME') && AUTHCONTROLLERHOME != "") { if (defined('AUTHACTIONHOME') && AUTHACTIONHOME != "" && (AUTHCONTROLLERHOME != AUTHCONTROLLERERROR && AUTHACTIONHOME != AUTHACTIONERROR || AUTHACTIONHOME != AUTHACTIONERROR || AUTHCONTROLLERHOME != AUTHCONTROLLERERROR)) { RedirectHelper::goToControllerAction(AUTHCONTROLLERHOME, AUTHACTIONHOME); exit; } else { RedirectHelper::goToUrl("odinphp.com/Fury"); exit; } } else { RedirectHelper::goToUrl("odinphp.com/Fury"); exit; } } } } try { $app->{$action}(); } catch (Exception $e) { echo $e; } }
/** *@OdinAuth */ public function gtfo() { AuthHelper::logout(); SessionHelper::setSystemSession('msg', 'You are not logged anymore.'); RedirectHelper::goToController("TestAuthentication"); }
/** * Loads the requested URL * * @access public * @author Renie Siqueira da Silva * @since 1.0 * @return void */ public function run() { $controller_path = CONTROLLERS . $this->_controller . CONTROLLERSUFIX . ".php"; if (!file_exists($controller_path)) { $this->dispatch404(); } require_once $controller_path; $controller = $this->_controller . CONTROLLERSUFIX; $app = new $controller(); $action = $this->_action; if (defined('RESTFULENABLE') && RESTFULENABLE) { if ($action == DEFAULTACTION || $action == null) { $found = false; $controllerMethods = get_class_methods($controller); foreach ($controllerMethods as $key => $value) { $refM = new ReflectionMethod($controller, $value); $methodArr = array(); preg_match("/(@REQUEST_METHOD )(.*)/", $refM->getDocComment(), $methodArr); if (isset($methodArr[0])) { if (trim(strtolower($methodArr[2])) == trim(strtolower(SYSTEM::$SERVER['REQUEST_METHOD']))) { $action = $value; } } } } else { if (!method_exists($app, $action)) { $this->dispatch404(true); die; } $refM = new ReflectionMethod($controller, $action); $methodArr = array(); preg_match("/(@REQUEST_METHOD )(.*)/", $refM->getDocComment(), $methodArr); if (isset($methodArr[0])) { if (trim(strtolower($methodArr[2])) != trim(strtolower(SYSTEM::$SERVER['REQUEST_METHOD']))) { $action = null; } } } if ($action == null) { header(':', true, 405); die; } } $this->_action = $action; if (!method_exists($app, $this->_action)) { $this->dispatch404(); die; } if (defined('AUTHENABLE') && AUTHENABLE) { $refC = new ReflectionClass($controller); $authMNeeded = array(); preg_match("/@OdinAuth /", $refM->getDocComment(), $authMNeeded); $authCNeeded = array(); preg_match("/@OdinAuth /", $refC->getDocComment(), $authCNeeded); $authLogin = array(); preg_match("/@OdinAuthLogin /", $refM->getDocComment(), $authLogin); if (isset($authMNeeded[0]) || isset($authCNeeded[0])) { if (!AuthHelper::checkLogin()) { if (defined('AUTHCONTROLLERERROR') && AUTHCONTROLLERERROR != "") { SessionHelper::setSystemSession('requiredController', $this->_controller); SessionHelper::setSystemSession('requiredAction', $this->_action); SessionHelper::setSystemSession('requiredURL', true); if (defined('AUTHCONTROLLERACTION') && AUTHCONTROLLERACTION != "") { RedirectHelper::goToControllerAction(AUTHCONTROLLERERROR, AUTHACTIONERROR); } else { RedirectHelper::goToController(AUTHCONTROLLERERROR); } } else { RedirectHelper::goToIndex(); } } } elseif (isset($authLogin[0])) { if (AuthHelper::checkLogin()) { if (defined('AUTHCONTROLLERHOME') && AUTHCONTROLLERHOME != "") { if (defined('AUTHACTIONHOME') && AUTHACTIONHOME != "" && (AUTHCONTROLLERHOME != AUTHCONTROLLERERROR && AUTHACTIONHOME != AUTHACTIONERROR || AUTHACTIONHOME != AUTHACTIONERROR || AUTHCONTROLLERHOME != AUTHCONTROLLERERROR)) { RedirectHelper::goToControllerAction(AUTHCONTROLLERHOME, AUTHACTIONHOME); exit; } else { echo "FURY OF ODIN!!!!!"; exit; } } else { echo "FURY OF ODIN!!!!!"; exit; } } } } try { $app->{$action}(); } catch (Exception $e) { echo $e; } }
<?php session_start(); $pageName = basename($_SERVER["PHP_SELF"]); require_once "classes/sessionhelper.class.php"; if (!(SessionHelper::isLoggedIn() && SessionHelper::isAdmin()) && $pageName != "login.php") { require_once "classes/documenthelper.class.php"; // echo "NOT LOGGED IN "; // exit; header("Location: login.php?from=" . $pageName . DocumentHelper::getQueryString(true, true)); exit; } header("Cache-Control: no-cache, must-revalidate"); // HTTP/1.1 header("Expires: Sat, 26 Jul 1997 05:00:00 GMT"); // Date in the past
public function deleteTopPost() { $postid = htmlspecialchars($_GET['id']); $session = new SessionHelper(); $user = new User(); $post = new Post($postid); $postmodel = new PostModel(); $categorymodel = new CategoryModel(); $category = new Category($post->category_id); // Only an admin or the moderator of this category may delete a toppost if ($user->role == 1 || $user->id == $category->moderator_id) { // This method will remove child posts (replies) as well if ($postmodel->deleteTopPost($postid)) { $session->setMessage('Post removed', 4); redirectTo('index.php?c=user&a=viewdashboard'); } else { $session->setMessage('Post not removed', 3); redirectTo('index.php?c=user&a=viewdashboard'); } } else { $session->setMessage('You are not an admin or you are not the moderator of this category', 2); redirectTo('index.php?c=user&a=viewdashboard'); } }
$values = array(); $values[] = Utils::truncate(Utils::insertStrip($_POST["firstname"]), 255); $values[] = Utils::truncate(Utils::insertStrip($_POST["lastname"]), 255); $types = "ss"; // will not get here if any password field is filled and all are not filled if ($enteredAllPass && $isOldPassCorrect && $matchOldPass && $matchNewPass) { $keys[] = "passhash"; $values[] = md5(trim($_POST["newpass1"])); $types .= "s"; } $updateResult = $db->update("users_id", $users_id, "i", "users", $keys, $values, $types); $submitSuccess = $updateResult; if ($updateResult === false) { $error = "Could not update your details"; } else { SessionHelper::updateName($values[0], $values[1]); } $message = "Your details have been updated"; } } } } } } } // common $firstnameValue = $submitted && $submitSuccess ? $_POST["firstname"] : $userData["first_name"]; $lastnameValue = $submitted && $submitSuccess ? $_POST["lastname"] : $userData["last_name"]; $message = $error ? "<span class=\"feedback_negative\">{$error}</span>" : "<span class=\"feedback_positive\">{$message}</span>"; $jsExtra = "<script src='js/settings.js' type='text/javascript'></script>"; $t = new Template("templates/admin_page.tpl.html");
<?php session_start(); require_once "classes/sessionhelper.class.php"; require_once "classes/cookiehelper.class.php"; CookieHelper::clearLogin(); if (SessionHelper::isLoggedIn()) { session_unset(); session_destroy(); session_start(); } header("Location: login.php");