File: WIAdmin/WICore/WIClass/WIAjax1.php

Recommend this page to a friend!
  Classes of Jules Warner  >  WICMS  >  WIAdmin/WICore/WIClass/WIAjax1.php  >  Download  
File: WIAdmin/WICore/WIClass/WIAjax1.php
Role: Example script
Content type: text/plain
Description: Example script
Class: WICMS
Database driven content management system with PDO
Author: By
Last change:
Date: 3 years ago
Size: 4,745 bytes
 

Contents

Class file image Download
<?php
include_once 'WI.php';
require_once
'WIA.php';
//csrf protection
if(empty($_SERVER['HTTP_X_REQUESTED_WITH']) || strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) != 'xmlhttprequest')
    die(
"Sorry bro!");

$url = parse_url( isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '');
if( !isset(
$url['host']) || ($url['host'] != $_SERVER['SERVER_NAME']))
    die(
"Sorry bro!");

$action = $_POST['action'];

switch (
$action) {

        case
'checkLogin':
       
$logged = $login->userLogin($_POST['username'], $_POST['password']);
        if(
$logged === true)
            echo
json_encode(array(
               
'status' => 'success',
               
'page' => get_redirect_page()
            ));
        break;

         case
"registerUser":
       
$register->register($_POST['User']);
        break;
       
    case
"resetPassword":
       
$register->resetPassword($_POST['newPass'], $_POST['key']);
        break;
       
    case
"forgotPassword":
       
$result = $register->forgotPassword($_POST['email']);
        if (
$result !== TRUE )
            echo
$result;
        break;
       
    case
"postComment":
       
$WIComment = new WIComment();
        echo
$WIComment->insertComment(WISession::get("user_id"), $_POST['comment']);
        break;
       
    case
"updatePassword":

       
$user = new WIUser(WISession::get("user_id"));
       
$user->updatePassword($_POST['oldpass'], $_POST['newpass']);
        break;
       
    case
"updateDetails":

       
$user = new WIUser(WISession::get("user_id"));
       
$user->updateDetails($_POST['details']);
        break;
       
    case
"changeRole":
       
onlyAdmin();

       
$user = new WIUser($_POST['userId']);
        echo
ucfirst($user->changeRole());
        break;
       
    case
"deleteUser":
       
onlyAdmin();

       
$user = new WIUser($_POST['userId']);
       
$user->deleteUser();
        break;
   
    case
"getUserDetails":
       
onlyAdmin();

       
$user = new WIUser($_POST['userId']);
        echo
json_encode( $user->getAll() );
        break;

    case
"addRole":
       
onlyAdmin();

       
$role = new WIRole();
        echo
json_encode( $role->add($_POST['role']) );
        break;

    case
"deleteRole":
       
onlyAdmin();

       
$role = new WIRole();
       
$role->delete($_POST['roleId']);
        break;


    case
"addUser":
       
onlyAdmin();

       
$user = new WIUser(null);
        echo
json_encode( $user->add($_POST) );
        break;

    case
"updateUser":
       
onlyAdmin();
       
$user = new WIUser($_POST['userId']);
       
$user->updateUser($_POST);
        break;

    case
"banUser":
       
onlyAdmin();

       
$user = new WIUser($_POST['userId']);
       
$user->updateInfo(array( 'banned' => 'Y' ));
        break;

         case
"unbanUser":
       
onlyAdmin();

       
$user = new WIUser($_POST['userId']);
       
$user->updateInfo(array( 'banned' => 'N' ));
        break;

    case
"getUser":
       
onlyAdmin();

       
$user = new WIUser($_POST['userId']);
        echo
json_encode($user->getAll());
        break;

        case
"site_settings":

       
$site = new WISite();
       
$site->Site_Settings($_POST['settings']);
        break;

    case
"database_settings":

       
$site = new WISite();
       
$site->DataBase_settings($_POST['settings']);
        break;

     case
"email_settings":

       
$site = new WISite();
       
$site->Email_settings($_POST['settings']);
        break;
      
    case
"login_settings":

       
$site = new WISite();
       
$site->Login_settings($_POST['settings']);
        break;

       case
"session_settings":

       
$site = new WISite();
       
$site->Session_Settings($_POST['settings']);
        break;

        case
"social_settings":

       
$site = new WISite();
       
$site->social_settings($_POST['settings']);
        break;

      case
"header_settings":
       
$web->headerSettings($_POST['settings']);
        break;


      case
"footer_settings":
       
$web->FooterSettings($_POST['settings']);
        break;

     case
"enable_plugin":
    
$plug = new WIPlugin();
       
$plug->Activate($_POST['plug']));
        break;

     case
"install_plugin":
    
$plug = new WIPlugin();
       
$plug->Install($_POST['plug']));
        break;

        default:

        break;
}

switch(
$_GET['action']){
       
      
// case "getEvents":
       // $calendar = new WICalendar();
       // $calendar->getEvents($_GET['date']) ;
       // break;
       
       
default:
        break;
    }

function
onlyAdmin() {
   
$login = new WILogin();
    if ( !
$login->isLoggedIn() ) exit();

   
$loggedUser = new WIUser(WISession::get("user_id"));
    if( !
$loggedUser->isAdmin() ) exit();
}


For more information send a message to info at phpclasses dot org.