/**
* Constructor
* Argument: $log_file - The file to which all the log message must be saved to.
*/
function Logger($log_file = '')
{
global $config;
$folder = joinPath($config['site_folder'], 'Logs');
if (!$log_file) {
//Log file not specifed - use default.
if (file_exists($folder)) {
$log_file = joinPath($folder, 'Development.log');
}
} else {
//Use user specified log file
if (file_exists($folder)) {
$log_file = joinPath($folder, $log_file);
}
}
$this->log_file = $log_file;
if ($this->log_file and is_writable($folder)) {
$this->handle = fopen($this->log_file, 'a');
}
if (!$this->handle) {
print "Cannot enable logging: Log File '{$this->log_file}' not writable";
}
}
<?php
/**
* File defines the DeleteAlbumController PageController class
* @package PageController
*/
/**
*/
$current_dir = dirname(__FILE__);
require_once $current_dir . DIRECTORY_SEPARATOR . "shared" . DIRECTORY_SEPARATOR . "bootstrap.php";
require_once joinPath(INCLUDES_DIR, "models", "Album.php");
require_once joinPath(INCLUDES_DIR, "models", "Photo.php");
/**
* ADMIN PAGE. Interface for deleting an album entry
*
* Display confirmation for album deletion. For POST request,
* check user credentials, check if album exists and then delete entry from database.
* Available to admins only.
* @package PageController
*/
class DeleteAlbumController implements Controller
{
protected $template;
public function __construct()
{
$this->template = new PageTemplate();
}
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
function urlload($url, $options = array())
{
$default_options = array('method' => 'get', 'post_data' => false, 'return_info' => false, 'return_body' => true, 'cache' => false, 'referer' => '', 'headers' => array(), 'session' => false, 'session_close' => false);
// Sets the default options.
foreach ($default_options as $opt => $value) {
if (!isset($options[$opt])) {
$options[$opt] = $value;
}
}
$url_parts = parse_url($url);
$ch = false;
$info = array('http_code' => 200);
$response = '';
$send_header = array('Accept' => 'text/*', 'User-Agent' => 'BinGet/1.00.A (http://www.bin-co.com/php/scripts/load/)') + $options['headers'];
// Add custom headers provided by the user.
if ($options['cache']) {
$cache_folder = joinPath(sys_get_temp_dir(), 'php-load-function');
if (isset($options['cache_folder'])) {
$cache_folder = $options['cache_folder'];
}
if (!file_exists($cache_folder)) {
$old_umask = umask(0);
// Or the folder will not get write permission for everybody.
mkdir($cache_folder, 0777);
umask($old_umask);
}
$cache_file_name = md5($url) . '.cache';
$cache_file = joinPath($cache_folder, $cache_file_name);
//Don't change the variable name - used at the end of the function.
if (file_exists($cache_file)) {
// Cached file exists - return that.
$response = file_get_contents($cache_file);
//Seperate header and content
$separator_position = strpos($response, "\r\n\r\n");
$header_text = substr($response, 0, $separator_position);
$body = substr($response, $separator_position + 4);
foreach (explode("\n", $header_text) as $line) {
$parts = explode(": ", $line);
if (count($parts) == 2) {
$headers[$parts[0]] = chop($parts[1]);
}
}
$headers['cached'] = true;
if (!$options['return_info']) {
return $body;
} else {
return array('headers' => $headers, 'body' => $body, 'info' => array('cached' => true));
}
}
}
if (isset($options['post_data'])) {
//There is an option to specify some data to be posted.
$options['method'] = 'post';
if (is_array($options['post_data'])) {
//The data is in array format.
$post_data = array();
foreach ($options['post_data'] as $key => $value) {
$post_data[] = "{$key}=" . urlencode($value);
}
$url_parts['query'] = implode('&', $post_data);
} else {
//Its a string
$url_parts['query'] = $options['post_data'];
}
} elseif (isset($options['multipart_data'])) {
//There is an option to specify some data to be posted.
$options['method'] = 'post';
$url_parts['query'] = $options['multipart_data'];
/*
This array consists of a name-indexed set of options.
For example,
'name' => array('option' => value)
Available options are:
filename: the name to report when uploading a file.
type: the mime type of the file being uploaded (not used with curl).
binary: a flag to tell the other end that the file is being uploaded in binary mode (not used with curl).
contents: the file contents. More efficient for fsockopen if you already have the file contents.
fromfile: the file to upload. More efficient for curl if you don't have the file contents.
Note the name of the file specified with fromfile overrides filename when using curl.
*/
}
///////////////////////////// Curl /////////////////////////////////////
//If curl is available, use curl to get the data.
if (function_exists("curl_init") and !(isset($options['use']) and $options['use'] == 'fsocketopen')) {
//Don't use curl if it is specifically stated to use fsocketopen in the options
if (isset($options['post_data'])) {
//There is an option to specify some data to be posted.
$page = $url;
$options['method'] = 'post';
if (is_array($options['post_data'])) {
//The data is in array format.
$post_data = array();
foreach ($options['post_data'] as $key => $value) {
$post_data[] = "{$key}=" . urlencode($value);
}
$url_parts['query'] = implode('&', $post_data);
} else {
//Its a string
$url_parts['query'] = $options['post_data'];
//.........这里部分代码省略.........
/**
* Run method with main page logic
*
* Populate template and display form for registration. For POST requests, check if the user
* already exists. If not, create new User and AuthToken entries and send an email notification to the user
* @access public
*/
public function run()
{
$form_errors = array();
$form_values = array("username" => "", "password" => "", "password2" => "", "ulid" => "");
$session = Session::getInstance();
$user = $session->getUser();
// Session should not have a defined user
if ($user != null) {
$session->setMessage("You are already a user", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
if (!empty($_POST)) {
$form_values["username"] = isset($_POST["username"]) ? trim($_POST["username"]) : "";
$form_values["password"] = isset($_POST["password"]) ? trim($_POST["password"]) : "";
$form_values["password2"] = isset($_POST["password2"]) ? trim($_POST["password2"]) : "";
$form_values["ulid"] = isset($_POST["ulid"]) ? trim($_POST["ulid"]) : "";
if (empty($form_values["username"])) {
$form_errors["username"] = "No username specified";
}
if (empty($form_values["password"])) {
$form_errors["password"] = "No password specified";
}
if (empty($form_values["password2"])) {
$form_errors["password"] = "Password must be entered twice";
}
if (empty($form_values["ulid"])) {
$form_errors["ulid"] = "No ulid specified";
} else {
if (!preg_match("/[a-z]{5,7}/", $form_values["ulid"])) {
$form_errors["ulid"] = "Ulid is not in the proper format.";
}
}
$userDAO = UserDAO::getInstance();
$user = $userDAO->loadByUsername($form_values["username"]);
// User already exists
if ($user != null) {
$form_errors["username"] = "User already exists";
}
if (strcmp($form_values["password"], $form_values["password2"]) != 0) {
$form_errors["password"] = "Passwords do not match";
}
$user = $userDAO->loadByUlid($form_values["ulid"]);
// User already exists
if ($user != null) {
$form_errors["ulid"] = "Ulid is already registered";
}
if (empty($form_errors)) {
$user = new User();
$user->setUsername($form_values["username"]);
$user->setPassHash(sha1($form_values["password"]));
$user->setUlid($form_values["ulid"]);
$status = $userDAO->insert($user);
if ($status) {
$token = new AuthToken();
$token->setUser($user);
$tokenDAO = AuthTokenDAO::getInstance();
$status = $tokenDAO->insert($token);
if ($status) {
$session->setMessage("Registration started. Check your email for a message to continue");
if (defined("SMTP_HOST") && strcmp(SMTP_HOST, "") != 0) {
$from_addr = EMAIL_ADDRESS;
//$to = "[email protected]";
$to = "{$form_values["ulid"]}@" . User::ISU_EMAIL_DOMAIN;
$subject = "Verify registration with " . SITE_NAME;
$body = "To start the next step of the registration process, click the verify link below and enter the requested information. If the URL does not appear as a link, copy the URL, paste it into your browser's address bar and proceed to the web page.\n\n" . joinPath(BASE_URL, "verify.php") . "?token={$token->getToken()}\n";
$headers = array("From" => $from_addr, "To" => $to, "Subject" => $subject);
$stmp = Mail::factory("smtp", array("host" => SMTP_HOST, "auth" => true, "username" => SMTP_USERNAME, "password" => SMTP_PASSWORD));
$mail = $stmp->send($to, $headers, $body);
}
header("Location: " . BASE_URL);
return;
}
}
}
}
$user = $session->getUser();
$this->template->render(array("title" => "Register", "main_page" => "register_tpl.php", "user" => $user, "session" => $session, "form_errors" => $form_errors, "form_values" => $form_values));
}
<?php
/**
* File defines the CreateAlbumController PageController class
* @package PageController
*/
/**
*/
$current_dir = dirname(__FILE__);
require_once $current_dir . DIRECTORY_SEPARATOR . "shared" . DIRECTORY_SEPARATOR . "bootstrap.php";
require_once joinPath(INCLUDES_DIR, "models", "Album.php");
/**
* ADMIN PAGE. Interface for creating a new album entry
*
* Display form for creating a new album entry. For POST request,
* validate form data and save information to database. Available to admins only
* @package PageController
*/
class CreateAlbumController implements Controller
{
/**
* PageTemplate object used to render page
* @access protected
* @var PageTemplate
*/
protected $template;
/**
* Constructor. Create instance of PageTemplate using default index_tpl.php file
* @access public
*/
public function __construct()
<?php
require_once joinPath($config['site_folder'], 'models/Task.php');
require_once joinPath($config['site_folder'], 'models/User.php');
$User = new User();
checkUser();
//////////////////////////////////// Authenitication Checks ////////////////////////////////////
function checkUser($redirect = true)
{
global $config;
if (isset($config['single_user']) and $config['single_user']) {
$_SESSION['user_id'] = $config['single_user'];
return true;
}
if (!isset($_SESSION['user_id']) or !$_SESSION['user_id']) {
if ($redirect) {
showMessage("Please login to use this feature", $config['site_url'] . 'user/login.php', "error");
}
return false;
}
return true;
}
/// See if the given task's owner is the currently logined user.
function checkTaskOwnership($task_id, $return_only = false)
{
global $sql;
if (empty($_SESSION['user_id'])) {
$correct_owner = 0;
} else {
$task_owner = $sql->getOne("SELECT user_id FROM Task WHERE id={$task_id}");
$correct_owner = $task_owner == $_SESSION['user_id'];
/**
* Return the edit URL of the user
*
* @access public
* @return string
*/
public function getEditProfileUrl()
{
return joinPath(BASE_URL, "edit_profile.php?id={$this->id}");
}
请发表评论