public function edit($id)
{
$data['title'] = 'Edit Member';
$data['row'] = $this->model->get_member($id);
if (isset($_POST['submit'])) {
if ($_POST['token'] != Session::get('token')) {
Url::redirect('admin/login');
}
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
if ($username == '') {
$error[] = 'Username is required';
}
if ($password == '') {
$error[] = 'Password is required';
}
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error[] = 'Email is not valid';
}
if (!$error) {
$postdata = array('member_username' => $username, 'member_password' => Password::make($password), 'member_email' => $email);
$where = array('member_id' => $id);
$this->model->update_member($postdata, $where);
Session::set('message', 'Member Updated');
Url::redirect('admin/members');
}
}
View::renderadmintemplate('header', $data);
View::render('admin/members/edit', $data, $error);
View::renderadmintemplate('footer', $data);
}
public function setSession($token, $u_id, $role)
{
Session::set('loggedin', true);
Session::set('fb_token', $token);
Session::set('fb_user_id', $u_id);
Session::set('fb_role', $role);
}
public function login()
{
Hooks::addHook('js', 'Controllers\\auth@js');
Hooks::addHook('css', 'Controllers\\auth@css');
$error = 'hi';
$success = 'hi';
if (Session::get('loggedin')) {
Url::redirect();
}
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
//validation
if (Password::verify($password, $this->_model->getHash($username)) == false) {
$error[] = 'Wrong username or password';
}
//if validation has passed carry on
if (!$error) {
Session::set('loggedin', true);
Session::set('username', $username);
Session::set('memberID', $this->_model->getID($username));
$data = array('lastLogin' => date('Y-m-d G:i:s'));
$where = array('memberID' => $this->_model->getID($username));
$this->_model->update($data, $where);
$error = 'hi';
Url::redirect();
}
}
$data['title'] = 'Login';
View::rendertemplate('header', $data);
View::render('auth/login', $data, $error, $success);
View::rendertemplate('footer', $data);
}
/**
* Define Index page title and load template files
*/
public function index()
{
// Get the selected offering year
$offeringYear = $_POST['courseId'];
// Set view data
$data['title'] = 'Course Selection';
$data['student_name'] = \Helpers\Session::get('Name');
$data['javascript'] = array('course');
$data['course_list'] = $this->course->getCourseOfferings($offeringYear);
// If form has been submitted
if (isset($_POST['submit'])) {
$selectedYear = $_POST['yearDropdown'];
$courses = $_POST['courses'];
\Helpers\Session::set('OfferingYear', $selectedYear);
// If an offering year has been selected
if ($selectedYear) {
// If at least one course has been selected
if (count($courses)) {
// Store the selected courses in the user's session
\Helpers\Session::set('SelectedCourses', $courses);
// Redirect to course confirmation page page
\Helpers\Url::redirect('Confirmation');
} else {
$error[] = 'You must select at least one course';
}
} else {
$error[] = 'You must select an offering year';
}
}
// Render view
View::renderTemplate('header', $data);
View::render('course/selection', $data, $error);
View::renderTemplate('footer', $data);
}
/**
* Define login page title and load template files
*/
public function login()
{
if (Session::get('loggedin')) {
Url::redirect('');
}
$data['title'] = 'Přihlášení';
$model = new \Models\Users();
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
// verify password using helper class Password
if (Password::verify($password, $model->getPass($username))) {
Session::set('loggedin', true);
Session::set('username', $username);
Session::set('role', $model->getRole($username));
Session::set('userID', $model->getID($username));
if (Session::get('role') == "admin") {
Url::redirect('admin');
} else {
if (Session::get('role') == "recenzent") {
Url::redirect('ratings');
} else {
Url::redirect('tales');
}
}
} else {
$error[] = 'Špatné jméno nebo heslo';
}
}
View::renderTemplate('header', $data);
View::render('auth\\login', $data, $error);
View::renderTemplate('footer', $data);
}
public function login()
{
if (Session::get('loggedin')) {
Url::redirect('admin');
}
$model = new \Models\Admin\Auth();
$data['title'] = 'Login';
if (isset($_POST['submit'])) {
$username = $_POST['member_username'];
$password = $_POST['member_password'];
if (Password::verify($_POST['member_password'], $model->getHash($_POST['member_username'])) == 0) {
$error[] = 'Wrong username of password';
} else {
$data['user_infos'] = $model->get_user_infos($_POST['member_username']);
Session::set('member_id', $data['user_infos'][0]->member_id);
Session::set('member_username', $username);
Session::set('member_password', '' . $password . '');
Session::set('loggedin', true);
Url::redirect('admin');
}
}
View::renderadmintemplate('loginheader', $data);
View::render('admin/login', $data, $error);
View::renderadmintemplate('footer', $data);
}
public function runCookieLogin()
{
$cookie = isset($_COOKIE['rememberme']) ? $_COOKIE['rememberme'] : '';
if (!$cookie) {
$error[] = "Invalid cookie. #1";
return $error;
}
list($user_id, $token, $hash) = explode(':', $cookie);
if ($hash !== hash('sha256', $user_id . ':' . $token)) {
$error[] = "Invalid cookie. #2";
return $error;
}
if (empty($token)) {
$error[] = "Invalid cookie. #3";
return $error;
}
$data = $this->getMemberCookie($token);
print_r($data[0]);
if (isset($data[0])) {
Session::set('id', $data[0]->idAutori);
Session::set('username', $data[0]->nume_login);
Session::set('loggedin', true);
Session::set('level', 'teacher');
$error[] = 'Cookie login successful.';
return $error;
} else {
$error[] = "Invalid cookie. #4";
return $error;
}
}
public function login()
{
if (Session::get('loggedin')) {
Url::redirect('admin-panel');
}
$data['title'] = 'Login';
if (isset($_POST['submit'])) {
$correo = $_POST['correo'];
$password = $_POST['password'];
if ($correo == '' || !isset($correo)) {
$data['error'][0] = 'Correo es un campo obligatorio';
}
if ($password == '' || !isset($password)) {
$data['error'][1] = 'Password es un campo obligatorio';
}
if (Password::verify($password, $this->_model->getHash($correo)) == false) {
$data['error'][2] = 'Correo o password incorrectos';
}
if (!$data['error']) {
$data['usuario'] = $this->_model->getUsuario($correo);
Session::set('loggedin', true);
Session::set('idUsuario', $data[usuario][0]->idUsuario);
Session::set('nombre', $data[usuario][0]->nombre);
Session::set('apellidoPaterno', $data[usuario][0]->apellidoPaterno);
$dataUsuario = array('fechaConexion' => date("Y-m-d H:i:s"));
$where = array('correo' => $correo);
$this->_model->updateUsuario($dataUsuario, $where);
Url::redirect('admin-panel');
}
}
View::renderTemplate('header', $data);
View::render('Auth/Login', $data);
View::renderTemplate('footer', $data);
}
/**
* Define Index page title and load template files
*/
public function index()
{
$data['title'] = $this->language->get('welcome_text');
$data['welcome_message'] = $this->language->get('welcome_message');
Session::set('error', 'das');
View::renderTemplate('header', $data);
View::render('dashboard/dashboard', $data);
View::renderTemplate('footer', $data);
}
/**
* Change the Framework Language.
*/
public function change($language)
{
// Only set language if it's in the Languages array
if (preg_match('/[a-z]/', $language) && in_array($language, CoreLanguage::$codes)) {
Session::set('language', ucfirst($language));
// Store the current Language into Cookie.
Cookie::set(PREFIX . 'language', $language);
}
Url::redirect();
}
protected function checkCookie()
{
if (isset($_COOKIE['rf_user_cookie']) && isset($_COOKIE['rf_user_id_cookie']) && isset($_COOKIE['rf_user_pass_cookie'])) {
$result = $this->_user->checkUserCookie($_COOKIE['rf_user_cookie']);
if (\Helpers\Password::verify($_COOKIE['rf_user_pass_cookie'], $result[0]['password'])) {
\Helpers\Session::set('user', $_COOKIE['rf_user_cookie']);
\Helpers\Session::set('user_id', $_COOKIE['rf_user_id_cookie']);
}
}
}
/**
* get CSRF token and generate a new one if expired
*
* @access public
* @static static method
* @return string
*/
public static function makeToken()
{
$max_time = 60 * 60 * 24;
// token is valid for 1 day
$stored_time = Session::get('csrf_token');
$csrf_token = Session::get('csrf_token_time');
if ($max_time + $stored_time <= time() || empty($csrf_token)) {
Session::set('csrf_token', md5(uniqid(rand(), true)));
Session::set('csrf_token_time', time());
}
return Session::get('csrf_token');
}
/**
* get CSRF token and generate a new one if expired
*
* @access public
* @static static method
* @return string
*/
public static function makeToken()
{
$max_time = 60 * 60 * 24;
// token is valid for 1 day
$csrf_token = Session::get('csrf_token');
$stored_time = Session::get('csrf_token_time');
if ($max_time + $stored_time <= time() || empty($csrf_token)) {
Session::set('csrf_token', base64_encode(openssl_random_pseudo_bytes(32)));
// Secure Token Gen
Session::set('csrf_token_time', time());
}
return Session::get('csrf_token');
}
/**
* Retrieve the CSRF token and generate a new one if expired.
*
* @access public
* @static static method
* @return string
*/
public static function makeToken($name = 'csrfToken')
{
$max_time = 60 * 60 * 24;
// token is valid for 1 day.
$csrf_token = Session::get($name);
$stored_time = Session::get($name . '_time');
$timestamp = time();
if ($max_time + $stored_time <= $timestamp || empty($csrf_token)) {
$hash = hash('sha512', Str::randomBytes());
Session::set($name, $hash);
Session::set($name . '_time', $timestamp);
}
return Session::get($name);
}
public static function init()
{
if (Session::exists('language')) {
// The Language was already set; nothing to do.
return;
} else {
if (Cookie::exists(PREFIX . 'language')) {
$cookie = Cookie::get(PREFIX . 'language');
if (preg_match('/[a-z]/', $cookie) && in_array($cookie, self::$codes)) {
Session::set('language', ucfirst($cookie));
}
}
}
}
private function render($data, $users)
{
View::renderTemplate("header", $data, 'MetroTemplate');
echo "<h1>";
echo "Hello " . $users->fname;
echo "</h1>";
Session::set('user_name', $users->user_name);
$o = "";
$o .= Form::open(array('action' => 'logout', 'method' => 'post'));
$o .= Form::hidden(array('id' => 'username', 'name' => 'username', 'value' => Session::get('user_name')));
$o .= Form::submit(array());
$o .= Form::close();
echo $o;
View::renderTemplate("footer", $data, 'MetroTemplate');
}
/**
* Pàgina principal per càrrega
**/
public function home($idComanda = 0)
{
//Afegit per editar una comanda
if ($idComanda > 0) {
Session::set('idComanda', $idComanda);
}
//Si entrem amb un usuari que és comptable, anem directament a usuaris
if (!strcmp($this->Credentials, 'U')) {
Url::redirect('admin/usuaris');
}
//Carreguem els templates
View::renderTemplate('admin/headerTemplate', array());
View::renderTemplate('admin/menuTemplate', array('menu' => $this->menu));
View::renderTemplate('admin/homeTemplate', array('menu' => $this->menu, 'idComanda' => $idComanda, 'Credentials' => $this->Credentials));
}
public function action_postRegister()
{
if (!$this->userNotAllowed()) {
return;
}
try {
Model_User::validate($_POST);
Model_User::register($_POST['username'], $_POST['email'], $_POST['password']);
Session::set('message', "Rejestracja przebiegła pomyślnie. Możesz się teraz zalogować.");
$this->redirect(FRONT_CONTROLLER . '/user/login');
} catch (Validation_Exception $exception) {
$this->content = new View("user/register");
$this->content->passData('errorField', $exception->field);
$this->content->passData('error', $exception->error);
}
}
public function handleSearch($post)
{
if (isset($post['search_submit'])) {
$search = $this->runSearch($post['search_username']);
if (is_array($search)) {
Session::set('search_results', $search);
} else {
Session::destroy('search_results');
Session::set('search_message', $search);
if ($search == 0) {
Session::set('search_message', 'no results');
}
}
}
//return $data;
}
protected function before()
{
parent::before();
$this->view->name = "layout/layout";
if (Session::get('message', false)) {
$message = Session::get('message');
$this->view->passData('message', $message);
Session::set('message', false);
}
$this->header = new View("layout/header");
$this->header->passData('user', $this->user);
$this->header->passData('isLogged', $this->user != null);
$this->menu = new View("layout/menu");
$this->menu->passData("controller", $this->controllerName);
$this->menu->passData("action", $this->actionName);
$this->footer = new View("layout/footer");
}
public function login()
{
\helpers\Session::init();
if (!isset($_POST['submit'])) {
header("Location: .");
} else {
$pass = $_POST['pass'];
$uname = htmlspecialchars($_POST['username']);
$auth_data = $this->login->get_admin_auth_by_uname($uname);
$admin = true;
if (!$auth_data->userName) {
$auth_data = $this->login->get_trip_auth_by_uname($uname);
$admin = false;
}
if ($auth_data->userName) {
if ($auth_data->pass == $this->password_model->get_hash($pass, $auth_data->salt)) {
if (!$admin) {
\helpers\Session::set('tripId', $auth_data->tripId);
$trip_info = $this->trip->get_trip_information($auth_data->tripId);
$issueId = $trip_info->issueId;
$seasonId = $trip_info->seasonId;
$issue = $this->tripBoard->trip_issue_information($issueId);
$season = $this->tripBoard->season_information($seasonId);
\helpers\Session::set('season', $season[0]->name);
\helpers\Session::set('issue', $issue[0]->issueName);
\helpers\Session::set('issueId', $issue[0]->issueId);
\helpers\Session::set('nickname', $trip_info->nickname);
//children - DHvix4j2bf
//RUSHGM - ww5oJeFtZz
//mickeyds - mW56oQQ4eD
}
\helpers\Session::set('username', $auth_data->userName);
\helpers\Session::set('admin', $admin);
if ($admin) {
\helpers\url::redirect('exec');
} else {
\helpers\url::redirect('welcome');
}
} else {
header('Location: .?error');
}
} else {
header('Location: .?error');
}
}
}
public function index()
{
//Data voor een actief menu item.
$data['title'] = "Login";
//Zet de email en wachtwoord in variable.
$user = $_POST["username"];
//Sha1 voor een hash van het wachtwoord.
$pass = sha1($_POST["password"]);
//Checkt of er een post is gegeven.
if ($_POST) {
//Haalt informatie van de gebruiker uit de database.
$passw = $this->login->pushUsers($user);
//Checkt of het ingevulde gehashede wachtwoord overeen komt met het gehashede wachtwoord in de database.
if ($pass == $passw[0]->wachtwoord) {
//Checkt of de email validatie voltooid is.
if (!$passw[0]->priviledged == 0) {
//Zet sessies voor de gebruikersnaam klant_id en de gegeven rechten.
\Helpers\Session::set('username', $user);
\Helpers\Session::set('id', $passw[0]->klant_id);
\Helpers\Session::set('rechten', $passw[0]->priviledged);
//Stuurt je door naar de homepagina.
if ($passw[0]->priviledged == 3) {
\Helpers\Url::redirect('beheer');
} elseif ($passw[0]->priviledged == 2) {
\Helpers\Url::redirect('beheerklanten');
} else {
\Helpers\Url::redirect('home');
}
} else {
//Een error melding voor als de email niet geregistreerd is.
$data["error"] = '<div class="alert alert-danger alert-dismissible fade in" role="alert"> <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button> <strong>Activeer uw e-mail.</strong><br>Uw account is nog niet geactiveerd, check uw mail.</div>';
}
} else {
//Een error melding als het wachtwoord niet overeen komt met de ingevulde gebruiker in de database.
$data["error"] = '<div class="alert alert-danger alert-dismissible fade in" role="alert"> <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button> <strong>Er is een fout opgetreden.</strong><br>Dit account wordt niet herkent.</div>';
}
}
//Geeft de user door naar de view.
$data["user"] = $user;
//Laad de view bij de login pagina.
View::renderTemplate('header', $data);
View::render('user/login', $data);
View::renderTemplate('footer', $data);
}
/**
* Define Index page title and load template files
*/
public function index()
{
$data = array('login_text' => 'User', 'password_text' => 'Password');
if (filter_has_var(INPUT_POST, 'submit')) {
$user = filter_input(INPUT_POST, 'login');
$password = filter_input(INPUT_POST, 'passowrd');
$ds = $this->users->exist($user, $password);
if (empty($ds)) {
$data['error'] = 'User not found';
} else {
Session::set('auth', true);
Session::set("us_id", $ds[0]['id']);
Url::redirect();
}
}
View::renderTemplate('header', array('title' => 'Login'));
View::renderTemplate('login', $data);
View::renderTemplate('footer');
}
public function index()
{
if (!Auth::isLogged()) {
Url::redirect('login');
}
$data['js'] = array(Url::assetPath('js') . 'plugins/forms/selects/select2.min.js', Url::assetPath('js') . 'plugins/forms/validation/validate.min.js', Url::assetPath('js') . 'plugins/notifications/bootbox.min.js', Url::assetPath('js') . 'pages/settings.js');
$settings = $this->setting->getSettings();
if (isset($settings)) {
foreach ($settings as $obj) {
$data[$obj->name] = $obj->value;
}
}
if (isset($_POST['update'])) {
$site_name = $_POST['site_name'];
$site_email = $_POST['site_email'];
$domains = $_POST['domains'];
if ($site_name == '') {
$error[] = $this->language->get('site_name_required');
}
if ($site_email == '') {
$error[] = $this->language->get('site_email_required');
}
if ($domains == '') {
$error[] = $this->language->get('domains_required');
}
if (!$error) {
foreach ($_POST as $key => $value) {
$data2 = array('value' => $value);
$where = array('name' => $key);
$log[$key] = $value;
if (!empty($value) && $data[$key] != $log[$key]) {
$this->setting->updateSettings($data2, $where);
Log::notice('log_settings_edit', json_encode(array($data2, $where)));
}
}
Session::set('success', $this->language->get('msg_settings_edit'));
Url::redirect('settings');
}
}
View::renderTemplate('header', $data);
View::render('settings/index', $data, $error);
View::renderTemplate('footer', $data);
}
public static function block()
{
if (Session::get('user_id') == '') {
$uri = parse_url($_SERVER['QUERY_STRING'], PHP_URL_PATH);
$uri = trim($uri, ' /');
$parts = explode('/', $uri);
if (isset($parts[0]) && $parts[0] != '') {
$redirect_url = $parts[0];
}
if (isset($parts[1]) && $parts[1] != '') {
$redirect_url = $redirect_url . '/' . $parts[1];
}
if (isset($parts[2]) && $parts[2] != '') {
$redirect_url = $redirect_url . '/' . $parts[2];
}
Session::set('redirectLogin', $redirect_url);
Url::redirect('account/signin');
return true;
}
}
public function login()
{
if (Session::get('loggedin')) {
Url::redirect();
}
$data['title'] = 'Login';
if (isset($_POST['submit'])) {
$user = $_POST['user'];
$password = $_POST['password'];
if (Password::verify($password, $this->_model->getHash($user)) == false) {
$error[] = 'Wrong username or password';
}
if (!$error) {
Session::set('loggedin', true);
Session::set('userId', $this->_model->getId($user));
Url::redirect();
}
}
View::renderTemplate('header', $data);
View::render('auth/login', $data, $error);
View::renderTemplate('footer', $data);
}
public function login()
{
Auth::redirect();
if (isset($_POST) && !empty($_POST)) {
$user_model = new User();
$login = $user_model->login($_POST['email'], md5($_POST['password']));
if (!is_bool($login)) {
Session::set('user_id', $login->user_id);
Session::set('user', $login);
switch ($login->role_title) {
case 'admin':
Url::redirect('dashboard');
break;
// case 'business':
// Url::redirect('user');
// break;
// case 'user1':
// Url::redirect('user/dashboard');
// break;
// case 'business':
// Url::redirect('user');
// break;
// case 'user1':
// Url::redirect('user/dashboard');
// break;
default:
# code...
break;
}
} else {
$this->data['error'] = 'Login Fails!';
}
}
$this->data['title'] = 'Sign In';
// View::rendertemplate('header',$this->data);
View::render('account/login', $this->data);
// View::rendertemplate('footer',$this->data);
}
/**
* Shows the contact view, and send an email to the supplied email (mr.otto.1@hotmail.com) with user input
*
*/
public function contact()
{
$data['title'] = "Contact";
if (isset($_POST["contact_button"])) {
$name = $_POST["contact_name"];
$email = $_POST["contact_email"];
$subject = $_POST["contact_subject"];
$comment = $_POST["contact_comment"];
if ($name == "") {
$error["no_name"] = "Name is required";
}
if ($email == "") {
$error["no_email"] = "Email is required";
} else {
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error["not_valid_email"] = "Not a valid email";
}
}
if ($subject == "") {
$error["no_subject"] = "Subject is required";
}
if ($comment == "") {
$error["no_comment"] = "Comment is required";
}
// For the captcha
$rainCaptcha = new \Helpers\RainCaptcha();
if (!$rainCaptcha->checkAnswer($_POST['captcha'])) {
$error["captcha"] = "Not valid captcha.";
}
if (!$error) {
$this->_model->sendContactForm($name, $email, $subject, $comment);
Session::set("message", "Your comment has been sent successfully! You'll be hearing from us shortly.");
}
}
View::renderTemplate('header', $data);
View::render('site/contact', $data, $error);
View::renderTemplate('footer', $data);
}
public function activate($id, $key)
{
if ($id > 0 && strlen($key) == 32) {
$user = $this->model->getMemberId($id, $key);
if ($user[0]->idStudenti == 0) {
$error[] = 'No such account.';
} elseif ($user[0]->activare == 'da') {
$error[] = 'Account has already been activated.';
} else {
$postdata = array('activare' => 'da');
$where = array('idStudenti' => $id);
$this->model->updateMember($postdata, $where);
}
} else {
$error[] = 'Invalid activation key provided.';
}
if (!isset($error)) {
Session::set('activation_success', true);
} else {
Session::set('activation_error', $error);
}
Url::redirect(DIR, true);
}
public function robots()
{
$data['title'] = 'Edit robots.txt';
$data['robots_url'] = 'robots.txt';
if (!file_exists($data['robots_url'])) {
$data['robots_status'] = '
<button type="button" class="btn btn-danger">Empty file</button>
<button type="button" class="btn btn-danger">File doesn\'t exist</button>
';
} else {
//fichier existe
$data['robots_content'] = file_get_contents($data['robots_url']);
if (!empty($data['robots_content'])) {
$data['robots_status'] = '
<button type="button" class="btn btn-success">File not empty</button>
<button type="button" class="btn btn-success">File exist</button>
';
} else {
$data['robots_status'] = '
<button type="button" class="btn btn-danger">Empty file</button>
<button type="button" class="btn btn-success">File exist</button>
';
}
}
if (isset($_POST['submit'])) {
if ($_POST['token'] != Session::get('token')) {
Url::redirect('admin/login');
}
file_put_contents($data['robots_url'], $_POST['robots']);
Session::set('message', 'File updated');
Url::redirect('admin/seo/robots');
}
View::renderadmintemplate('header', $data);
View::render('admin/seo/robots', $data, $error);
View::renderadmintemplate('footer', $data);
}
