$v){ $_SESSION[SITE_KEY]['cfx:user']['param'][$k] = $v; } self::saveparam(); } } public function saveparam(){ $param = json_encode($_SESSION[SITE_KEY]['cfx:user']['param']); $sql='UPDATE '.PREFIX.'cfxuser SET param = \''.$param.'\' WHERE id ="'.self::id().'"'; BD::E($sql); } public function autoLogin(){ if(user::auto()){ $code = _VAR::FILTER(cfx_cookie::get(self::$CFX_COOKIE_USER),FILTER_SANITIZE_URLKEY); $validate=_VAR::FILTER(cfx_cookie::get(self::$CFX_COOKIE_USER_VALIDATE),FILTER_SANITIZE_URLKEY); if(md5($code.SITE_KEY_COOKIE)==$validate){ $code = str_replace('-', ':', $code ); self::login($code,user::auto()); } } } public function login($key, $auto=0){ if( self::logged() ) return true; $sql='SELECT * FROM '.PREFIX.'cfxuser WHERE pass ="'.$key.'"'; $res=BD::C($sql); if(BD::N()){ if((int)$res['active']==1){ unset($res['pass']); $res['param'] = json_decode($res['param'],true); $_SESSION[SITE_KEY]['cfx:user']=$res; $sql='UPDATE '.PREFIX.'cfxuser SET seccion = "'.date("Y-m-d H:i:s").'" WHERE pass ="'.$key.'"'; BD::E($sql); $key = str_replace(':', '-', $key ); cfx_cookie::set(self::$CFX_COOKIE_USER_AUTOLOGIN, $auto, COOKIE_TIMER_SESSION,"/"); cfx_cookie::set(self::$CFX_COOKIE_USER, $key, COOKIE_TIMER_SESSION,"/"); cfx_cookie::set(self::$CFX_COOKIE_USER_VALIDATE, md5($key.SITE_KEY_COOKIE), COOKIE_TIMER_SESSION,"/"); $_SESSION[SITE_KEY]['cfx:user']['login']=true; } }else{ self::close(); } } public function close(){ unset($_SESSION[SITE_KEY]['cfx:user']); cfx_cookie::set(self::$CFX_COOKIE_USER_AUTOLOGIN, false, time()-3666,"/"); cfx_cookie::set(self::$CFX_COOKIE_USER, false, time()-3666,"/"); cfx_cookie::set(self::$CFX_COOKIE_USER_VALIDATE, false, time()-3666,"/"); } public function access( $user = 'all', $admin = 'all'){ if( $user == 'all' ) return true; if( $admin == 'all' && user::admin() ) return true; $user=explode(',', $user); foreach( $user as $nivel ) if( user::nivel() == (int)trim($nivel) )return true; $admin=explode(',', $admin); foreach( $admin as $nivel_admin ) if( user::admin() == (int)trim($nivel_admin) )return true; return false; } public function get($id, $p='*'){ if($id){ $sql='SELECT '.$p.' FROM '.PREFIX.'cfxuser WHERE id ="'.$id.'"'; $res=BD::C($sql); if(BD::N()){ unset($res['pass']); if($res['param']) $res['param'] = json_decode($res['param'] , true); return $res; }else return NULL; }else return NULL; } } class admin{ public static function logged(){ return self::_get_p('login'); } public static function id(){ return self::_get_p('id'); } public static function level(){ return self::_get_p('level'); } public static function email(){ return self::_get_p('email'); } public static function name(){ return self::_get_p('name'); } public static function param(){ return self::_get_p('param'); } public static function ext(){ return self::_get_p('ext'); } private static function _get_p($name){ return $_SESSION[SITE_KEY]['cfx:user_admin'][$name]; } public static function login($key){ if( self::logged() ) return true; $sql='SELECT * FROM '.PREFIX.'cfxuser_admin WHERE pass ="'.$key.'"'; $res=BD::C($sql); if((int)$res['id_admin'] && (int)$res['active']==1){ unset($res['pass']); $res['param'] = json_decode($res['param'],true); $res['ext'] = json_decode($res['ext'],true); $_SESSION[SITE_KEY]['cfx:user_admin']=$res; $sql='UPDATE '.PREFIX.'cfxuser_admin SET seccion = "'.date("Y-m-d H:i:s").'" WHERE pass ="'.$key.'"'; BD::E($sql); $_SESSION[SITE_KEY]['cfx:user_admin']['login']=true; }else{ self::close(); } } public static function close(){ unset($_SESSION[SITE_KEY]['cfx:user_admin']); } } if ( !function_exists('sys_get_temp_dir') ){ function sys_get_temp_dir(){ if ( !empty($_ENV['TMP']) ){ return realpath( $_ENV['TMP'] ); } else if ( !empty($_ENV['TMPDIR']) ){ return realpath( $_ENV['TMPDIR'] ); } else if ( !empty($_ENV['TEMP']) ){ return realpath( $_ENV['TEMP'] ); } else{ $temp_file = tempnam( md5(uniqid(rand(), TRUE)), '' ); if ( $temp_file ){ $temp_dir = realpath( dirname($temp_file) ); unlink( $temp_file ); return $temp_dir; }else{ return FALSE; } } } } class token{ public function set($token_name='cfx'){ $_SESSION['token-'.$token_name] = md5(date('Y-m-d H:i:s').rand()); } public function validate($token_name,$token_code){ $token = self::get($token_name); self::set($token_name); return ($token == $token_code)?true:false; } public function get($token_name){ if(!$_SESSION['token-'.$token_name]){ self::set($token_name); } return $_SESSION['token-'.$token_name]; } } ?>
Warning: Cannot modify header information - headers already sent by (output started at /var/www/vhosts/indolestudio.es/httpdocs/proyectos/www.posadaspa/core/lib/cfx/cfx.php:289) in /var/www/vhosts/indolestudio.es/httpdocs/proyectos/www.posadaspa/core/cfx.config.ini.php on line 93
()]]>