public function logout() { $response = new AjaxResponse(); System::getSession()->logout(); $response->success = true; $response->send(); }
private function loadFile() { if ($this->file != NULL) { return; } $this->file = File::find('alias', $this->getParam('alias', '')); if ($this->file == NULL) { System::displayError(System::getLanguage()->_('ErrorFileNotFound'), '404 Not Found'); } if (System::getUser() != NULL) { $user_id = System::getUser()->uid; } else { $user_id = -1; } if ($user_id != $this->file->uid) { if ($this->file->permission == FilePermissions::PRIVATE_ACCESS) { System::displayError(System::getLanguage()->_('PermissionDenied'), '403 Forbidden'); exit; } elseif ($this->file->permission == FilePermissions::RESTRICTED_ACCESS) { if (is_array(System::getSession()->getData("authenticatedFiles"))) { if (!in_array($this->file->alias, System::getSession()->getData("authenticatedFiles"))) { System::forwardToRoute(Router::getInstance()->build('AuthController', 'authenticateFile', $this->file)); exit; } } else { System::forwardToRoute(Router::getInstance()->build('AuthController', 'authenticateFile', $this->file)); exit; } } } }
/** * Construct */ public function __construct() { parent::__construct(); $this->JSRMS = new JSRMS(); $this->JSRMS->requireResource('system'); $this->muteExpectedErrors(); $this->setCacheDir(SYSTEM_ROOT . '/classes/smarty/cache/'); $this->setCompileDir(SYSTEM_ROOT . '/classes/smarty/templates_c/'); $this->setTemplateDir(SYSTEM_ROOT . '/view/'); $this->registerObject('Router', Router::getInstance(), array('build'), false); $this->registerObject('L10N', System::getLanguage(), array('_'), false); $this->assign('LoggedIn', System::getUser() != NULL); $this->assign('User', System::getUser()); $this->assign('Navigation', Navigation::$elements); $this->assign('LangStrings', System::getLanguage()->getAllStrings()); // Configuration $this->assign('HTTP_BASEDIR', System::getBaseURL()); $this->assign('MOD_REWRITE', MOD_REWRITE); $this->assign('MAX_UPLOAD_SIZE', Utils::maxUploadSize()); if (System::getSession()->getData('successMsg', '') != '') { $this->assign('successMsg', System::getSession()->getData('successMsg', '')); System::getSession()->setData('successMsg', ''); } if (System::getSession()->getData('errorMsg', '') != '') { $this->assign('errorMsg', System::getSession()->getData('errorMsg', '')); System::getSession()->setData('errorMsg', ''); } if (System::getSession()->getData('infoMsg', '') != '') { $this->assign('infoMsg', System::getSession()->getData('infoMsg', '')); System::getSession()->setData('infoMsg', ''); } }
public function index() { $user = System::getUser(); $form = new Form('form-profile'); $form->setAttribute('data-noajax', 'true'); $form->binding = $user; $fieldset = new Fieldset(System::getLanguage()->_('General')); $firstname = new Text('firstname', System::getLanguage()->_('Firstname')); $firstname->binding = new Databinding('firstname'); $lastname = new Text('lastname', System::getLanguage()->_('Lastname')); $lastname->binding = new Databinding('lastname'); $email = new Text('email', System::getLanguage()->_('EMail'), true); $email->binding = new Databinding('email'); $email->blacklist = $this->getListOfMailAdresses($user); $email->error_msg[4] = System::getLanguage()->_('ErrorMailAdressAlreadyExists'); $language = new Radiobox('lang', System::getLanguage()->_('Language'), L10N::getLanguages()); $language->binding = new Databinding('lang'); $fieldset->addElements($firstname, $lastname, $email, $language); $form->addElements($fieldset); $fieldset = new Fieldset(System::getLanguage()->_('Password')); $password = new Password('password', System::getLanguage()->_('Password')); $password->minlength = PASSWORD_MIN_LENGTH; $password->binding = new Databinding('password'); $password2 = new Password('password2', System::getLanguage()->_('ReenterPassword')); $fieldset->addElements($password, $password2); $form->addElements($fieldset); $fieldset = new Fieldset(System::getLanguage()->_('Settings')); $quota = new Text('quota', System::getLanguage()->_('Quota')); if ($user->quota > 0) { $quota->value = System::getLanguage()->_('QuotaAvailabe', Utils::formatBytes($user->getFreeSpace()), Utils::formatBytes($user->quota)); } else { $quota->value = System::getLanguage()->_('Unlimited'); } $quota->readonly = true; $fieldset->addElements($quota); $form->addElements($fieldset); if (Utils::getPOST('submit', false) !== false) { if (!empty($password->value) && $password->value != $password2->value) { $password2->error = System::getLanguage()->_('ErrorInvalidPasswords'); } else { if ($form->validate()) { $form->save(); System::getUser()->save(); System::getSession()->setData('successMsg', System::getLanguage()->_('ProfileUpdated')); System::forwardToRoute(Router::getInstance()->build('ProfileController', 'index')); exit; } } } else { $form->fill(); } $form->setSubmit(new Button(System::getLanguage()->_('Save'), 'floppy-disk')); $smarty = new Template(); $smarty->assign('title', System::getLanguage()->_('MyProfile')); $smarty->assign('heading', System::getLanguage()->_('MyProfile')); $smarty->assign('form', $form->__toString()); $smarty->display('form.tpl'); }
/** * Initialises the system * @static */ public static function init() { self::redirectHTTPS(); Router::getInstance()->init(HOST_PATH, MOD_REWRITE); self::$database = new Database('mysql:dbname=' . DATABASE_NAME . ';host=' . DATABASE_HOST, DATABASE_USER, DATABASE_PASS); self::$session = new Session(); self::$user = System::getSession()->getUID() != NULL ? User::find('_id', System::getSession()->getUID()) : NULL; self::$language = new L10N(System::getUser() != NULL ? System::getUser()->lang : LANGUAGE); self::buildNavigation(); }
public function addComment($topic_id, array $data) { $prep = $this->db->prepare(' INSERT INTO forum_messages (message,date,id_createur,id_topic) VALUES (:message,NOW(),:id_createur,:id_topic) '); $session = System::getSession(); if ($session->isConnected()) { $user_id = $_SESSION['userid']; } $prep->bindParam(':message', $data['message']); $prep->bindParam(':id_createur', $user_id); $prep->bindParam(':id_topic', $topic_id); if ($prep->execute()) { return $this->db->lastInsertId('id'); } else { return false; } }
function modif(array $params) { if (isset($params[0])) { $article_id = intval($params[0]); // Récupérer l'evenement lié depuis le model if (!($data = $this->model->getArticle($article_id))) { return array(); } // Get creator's name and id $data['creator'] = $this->model->getCreatorForArticle($data['id']); //recupere id utilisateur $session = System::getSession(); if ($session->isConnected()) { $user_id = $_SESSION['userid']; } //recupere infos sur evenements crees par utilisateur $data['evenements'] = $this->model->getUserEvents($user_id); return $data; } else { return false; } }
public function contactorganisateur(array $params) { if (isset($params[0])) { $id_event = intval($params[0]); $data = $this->model->getEvent($id_event); } else { return array('success' => false); } $message = Request::get('message'); $sujet = Request::get('subject'); $organisateur = $this->model->getUser($data['id_createur']); $session = System::getSession(); if ($session->isConnected()) { $user_id = $_SESSION['userid']; } else { return array('data' => $data, 'not_register' => 'Vous n\'êtes pas connecté'); } $mail_envoyeur = $this->model->getUser($user_id); $headers = "From: " . strip_tags($mail_envoyeur['email']) . "\r\n"; $headers .= "Reply-To: " . strip_tags($mail_envoyeur['email']) . "\r\n"; $headers .= "MIME-Version: 1.0\r\n"; $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n"; if (!empty($message) && !empty($sujet)) { $html_message = 'Bonjour <strong>' . $organisateur['nickname'] . '</strong>,<br><br>' . "\r\n"; $html_message .= 'Vous avez reçu un message au sujet de votre événement <a href="' . Config::get('config.base') . '/events/detail/' . $data['id'] . '">' . $data['nom'] . '</a> sur <strong>Event-You-All</strong>.<br><br>' . "\r\n"; $html_message .= $message; mail($organisateur['email'], $sujet, $html_message, $headers); return array('data' => $data, 'success' => true); } else { return array('data' => $data, 'success' => ''); } }
/** * Check whether or not the current user has access to the asked module * * @param string $module Module to check * @return bool True if the user has access, false if not */ public function hasAccess($module) { $session = System::getSession(); $required_level = $this->getAccessLevel($module); $user_level = $session->isConnected() ? $_SESSION['access'] : 0; return $user_level >= $required_level; }
public function createTopic($id) { $data = $this->getEvent($id); $prep = $this->db->prepare(' INSERT INTO forum_topics (titre,description,date_creation,id_createur) VALUES (:titre,:description,NOW(),:id_createur) '); $session = System::getSession(); if ($session->isConnected()) { $user_id = $_SESSION['userid']; } $title = '[Evénement] ' . $data['nom']; $descri = $data['description'] . '<p><a href="' . Config::get('config.base') . '/events/detail/' . $data['id'] . '">Voir la page de l\'événement</a></p>'; $prep->bindParam(':titre', $title); $prep->bindParam(':description', $descri); $prep->bindParam(':id_createur', $user_id); if ($prep->execute()) { return $this->db->lastInsertId('id'); } else { return false; } }
public function lostpw_check() { $hash = $this->getParam('hash', ''); if (!LostPW::hashExists($hash)) { System::getSession()->setData('errorMsg', System::getLanguage()->_('HashNotFound')); System::forwardToRoute(Router::getInstance()->build('BrowserController', 'index')); } $password = Utils::getPOST('password', ''); $password2 = Utils::getPOST('password2', ''); $errorMsg = ''; if (Utils::getPOST('submit', false) != false) { if (strlen($password) < PASSWORD_MIN_LENGTH) { $errorMsg = sprintf(System::getLanguage()->_('PasswordMinLength'), PASSWORD_MIN_LENGTH); } else { if ($password != $password2) { $errorMsg = System::getLanguage()->_('ErrorInvalidPasswords'); } else { LostPW::resetPassword($hash, $password); System::getSession()->setData('successMsg', System::getLanguage()->_('LostPWSuccess')); System::forwardToRoute(Router::getInstance()->build('BrowserController', 'index')); } } } $smarty = new Template(); $smarty->assign('title', System::getLanguage()->_('LostPW')); $smarty->assign('successMsg', ''); $smarty->assign('form_url', Router::getInstance()->build('AuthController', 'lostpw_check', array('hash' => $hash))); $smarty->assign('errorMsg', $errorMsg); $smarty->requireResource('auth'); $smarty->display('auth/lostpw.newpw.tpl'); }
public function contact(array $params) { if (isset($params[0])) { $id_user = intval($params[0]); $user = $this->model->getUser($id_user); } else { return array('success' => false); } $message = Request::get('message'); $sujet = Request::get('subject'); $session = System::getSession(); if ($session->isConnected()) { $expediteur_id = $_SESSION['userid']; } else { return array('data' => $data, 'not_register' => 'Vous n\'êtes pas connecté'); } $expediteur = $this->model->getUser($expediteur_id); $headers = "From: " . strip_tags($expediteur['email']) . "\r\n"; $headers .= "Reply-To: " . strip_tags($expediteur['email']) . "\r\n"; $headers .= "MIME-Version: 1.0\r\n"; $headers .= "Content-Type: text/html; charset=ISO-8859-1\r\n"; if (!empty($message) && !empty($sujet)) { $html_message = 'Bonjour <strong>' . $user['nickname'] . '</strong>,<br><br>' . "\r\n"; $html_message .= 'Vous avez reçu un message de la part de <strong>' . $expediteur['nickname'] . '</strong> sur <strong>Event-You-All</strong>.<br><br>' . "\r\n"; $html_message .= '<blockquote>' . $message . '</blockquote>'; mail($user['email'], $sujet, $html_message, $headers); return array('user' => $user, 'success' => true); } else { return array('user' => $user, 'success' => ''); } }
/** * Initializes session */ private function setupSession() { // Instanciates it $session = System::getSession(); }
/** * Login with clearpaswd * @param String Cleartext Password * @return bool Success */ public function login($clearPswd) { if (Utils::createPasswordHash($clearPswd, $this->salt) == $this->curPassword) { System::getSession()->setUID($this->uid); $this->last_login = time(); $this->save(); return true; } return false; }
function deleted(array $params) { if (isset($params[0])) { $id_event = intval($params[0]); $articles = $this->model->getArticle($id_event); $session = System::getSession(); $user_id = $_SESSION['userid']; if ($articles['id_createur'] == $user_id) { $this->model->deleteArticle($id_event); return 1; } else { return 0; } } }
public function basicsearchindatabase($search) { $prep = $this->db->prepare('SELECT ev.id_createur, ev.nom, ev.ville, ev.date_debut,ev.poster,ev.id_theme,ev.id_type,ev.id FROM evenements AS ev LEFT OUTER JOIN evenements_vip AS v ON v.id_evenement = ev.id WHERE nom LIKE :search OR date_debut = :search OR description LIKE :search OR adresse LIKE :search OR ville LIKE :search OR region LIKE :search OR pays LIKE :search ORDER BY ville '); $filtered = '%' . $search['search'] . '%'; $prep->bindParam(':search', $filtered); $prep->execute(); $resultat = $prep->fetchAll(PDO::FETCH_ASSOC); $filtered = array(); //recupere tableau vip $prep2 = $this->db->prepare('SELECT * FROM evenements_vip'); $prep2->execute(); $priv = $prep2->fetchAll(PDO::FETCH_ASSOC); //recupere id event vip $id_vip = array(); foreach ($priv as $vipid) { $id_vip[] = $vipid['id_evenement']; } //regarder si privé si le cas enlever si pas dans vip foreach ($resultat as $result) { if (!in_array($result['id'], $id_vip)) { $filtered[] = $result; } else { //recupere tableau vip d'users $prep21 = $this->db->prepare('SELECT id_utilisateur FROM evenements_vip'); $prep21->execute(); $priv1 = $prep21->fetchAll(PDO::FETCH_ASSOC); $id_vip2 = array(); foreach ($priv1 as $vipid) { $id_vip2[] = $vipid['id_utilisateur']; } $session = System::getSession(); if ($session->isConnected()) { $user_id = $_SESSION['userid']; if (in_array($user_id, $id_vip2) or $_SESSION['access'] == 3 or $result['id_createur'] == $user_id) { $filtered[] = $result; } } } } return $filtered; }
?> " /> </div> <?php } ?> <div id="entete"> <h1> <?php echo $model['nom']; ?> </h1> </div> <div class="bouton"> <?php $session = System::getSession(); if ($session->isConnected()) { // User is logged in $user_id = $_SESSION['userid']; if ($model['creator']['id'] == $user_id) { // User is the creator ?> <a class="button" href="<?php echo Config::get('config.base'); ?> /article/modif/<?php echo $model['id']; ?> ">Modifier l'article</a> <?php }
public function getArticles($from = 0, $number = 9999999, $order = 'date_creation', $asc = true, $where_clause = '') { $prep = $this->db->prepare(' SELECT * FROM articles ' . $where_clause . ' ORDER BY ' . $order . ' ' . ($asc ? 'ASC' : 'DESC') . ' LIMIT :from, :number '); $prep->bindParam(':from', $from, PDO::PARAM_INT); $prep->bindParam(':number', $number, PDO::PARAM_INT); $prep->execute(); $events = $prep->fetchAll(PDO::FETCH_ASSOC); foreach ($events as &$event) { // Get event linked for the article if (!empty($event['id_evenement'])) { $prep = $this->db->prepare('SELECT * FROM evenements WHERE id = :id_theme'); $prep->bindParam(':id_theme', $event['id_evenement']); $prep->execute(); $event['event'] = $prep->fetch(PDO::FETCH_ASSOC); } // Get creator of the article infos if (!empty($event['id_createur'])) { $prep = $this->db->prepare('SELECT * FROM users WHERE id = :id_user'); $prep->bindParam(':id_user', $event['id_createur']); $prep->execute(); $event['author'] = $prep->fetch(PDO::FETCH_ASSOC); } } //---------filtre------------- $resultat = $events; $filtered = array(); //recupere tableau vip $prep2 = $this->db->prepare('SELECT * FROM evenements_vip'); $prep2->execute(); $priv = $prep2->fetchAll(PDO::FETCH_ASSOC); //recupere id event vip $id_vip = array(); foreach ($priv as $vipid) { $id_vip[] = $vipid['id_evenement']; } //regarder si privé si le cas enlever si pas dans vip foreach ($resultat as $result) { if (!in_array($result['id_evenement'], $id_vip)) { $filtered[] = $result; } else { //recupere tableau vip d'users $prep21 = $this->db->prepare('SELECT id_utilisateur FROM evenements_vip'); $prep21->execute(); $priv1 = $prep21->fetchAll(PDO::FETCH_ASSOC); $id_vip2 = array(); foreach ($priv1 as $vipid) { $id_vip2[] = $vipid['id_utilisateur']; } $session = System::getSession(); if ($session->isConnected()) { $user_id = $_SESSION['userid']; if (in_array($user_id, $id_vip2) or $_SESSION['access'] == 3 or $result['id_createur'] == $user_id) { $filtered[] = $result; } } } } return $filtered; }