Gecko [ musique.opus-31.fr ]

Name	Size	Permission
.mad-root	0 B	-rw-r--r--
AdminAccessController.php	7.63 KB	-rw----r--
AdminAddonsCatalogController.p...	1.98 KB	-rw----r--
AdminAddressesController.php	15.46 KB	-rw----r--
AdminAdminPreferencesControlle...	7.88 KB	-rw----r--
AdminAttachmentsController.php	7.29 KB	-rw----r--
AdminAttributeGeneratorControl...	8.69 KB	-rw----r--
AdminAttributesGroupsControlle...	28.13 KB	-rw----r--
AdminBackupController.php	8.91 KB	-rw----r--
AdminCarrierWizardController.p...	29.49 KB	-rw----r--
AdminCarriersController.php	22.76 KB	-rw----r--
AdminCartRulesController.php	27.36 KB	-rw----r--
AdminCartsController.php	33.12 KB	-rw----r--
AdminCategoriesController.php	28.58 KB	-rw----r--
AdminCmsCategoriesController.p...	10.89 KB	-rw----r--
AdminCmsContentController.php	11.05 KB	-rw----r--
AdminCmsController.php	14.58 KB	-rw----r--
AdminContactsController.php	3.81 KB	-rw----r--
AdminCountriesController.php	14.92 KB	-rw----r--
AdminCurrenciesController.php	11.03 KB	-rw----r--
AdminCustomerPreferencesContro...	4.12 KB	-rw----r--
AdminCustomerThreadsController...	34.39 KB	-rw----r--
AdminCustomersController.php	33.1 KB	-rw----r--
AdminDashboardController.php	15.28 KB	-rw----r--
AdminDeliverySlipController.ph...	4.02 KB	-rw----r--
AdminEmailsController.php	9.18 KB	-rw----r--
AdminEmployeesController.php	21.16 KB	-rw----r--
AdminFeaturesController.php	17.44 KB	-rw----r--
AdminGendersController.php	5.79 KB	-rw----r--
AdminGeolocationController.php	6.01 KB	-rw----r--
AdminGroupsController.php	18.53 KB	-rw----r--
AdminImagesController.php	24.85 KB	-rw----r--
AdminImportController.php	134.18 KB	-rw----r--
AdminInformationController.php	6.49 KB	-rw----r--
AdminInvoicesController.php	8.78 KB	-rw----r--
AdminLanguagesController.php	17.8 KB	-rw----r--
AdminLocalizationController.ph...	12.33 KB	-rw----r--
AdminLoginController.php	9.64 KB	-rw----r--
AdminLogsController.php	3.71 KB	-rw----r--
AdminMaintenanceController.php	2.06 KB	-rw----r--
AdminManufacturersController.p...	23.4 KB	-rw----r--
AdminMarketingController.php	1.63 KB	-rw----r--
AdminMetaController.php	24.65 KB	-rw----r--
AdminModulesController.php	61.15 KB	-rw----r--
AdminModulesPositionsControlle...	21.8 KB	-rw----r--
AdminNotFoundController.php	1.46 KB	-rw----r--
AdminOrderMessageController.ph...	2.67 KB	-rw----r--
AdminOrderPreferencesControlle...	6.37 KB	-rw----r--
AdminOrdersController.php	101.09 KB	-rw----r--
AdminOutstandingController.php	4.95 KB	-rw----r--
AdminPPreferencesController.ph...	10.81 KB	-rw----r--
AdminPatternsController.php	18.18 KB	-rw----r--
AdminPaymentController.php	8.99 KB	-rw----r--
AdminPdfController.php	6.83 KB	-rw----r--
AdminPerformanceController.php	32.64 KB	-rw----r--
AdminPreferencesController.php	6.98 KB	-rw----r--
AdminProductsController.php	183.23 KB	-rw----r--
AdminProfilesController.php	3.13 KB	-rw----r--
AdminQuickAccessesController.p...	4.5 KB	-rw----r--
AdminRangePriceController.php	5.27 KB	-rw----r--
AdminRangeWeightController.php	5.23 KB	-rw----r--
AdminReferrersController.php	14.62 KB	-rw----r--
AdminRequestSqlController.php	13.46 KB	-rw----r--
AdminReturnController.php	9.67 KB	-rw----r--
AdminScenesController.php	10.96 KB	-rw----r--
AdminSearchConfController.php	10.74 KB	-rw----r--
AdminSearchController.php	16.16 KB	-rw----r--
AdminSearchEnginesController.p...	2.65 KB	-rw----r--
AdminShippingController.php	6.4 KB	-rw----r--
AdminShopController.php	26.41 KB	-rw----r--
AdminShopGroupController.php	10.74 KB	-rw----r--
AdminShopUrlController.php	15.56 KB	-rw----r--
AdminSlipController.php	5.46 KB	-rw----r--
AdminSpecificPriceRuleControll...	10.24 KB	-rw----r--
AdminStatesController.php	8.51 KB	-rw----r--
AdminStatsController.php	32.5 KB	-rw----r--
AdminStatsTabController.php	10.03 KB	-rw----r--
AdminStatusesController.php	18.24 KB	-rw----r--
AdminStockConfigurationControl...	18.57 KB	-rw----r--
AdminStockCoverController.php	12.28 KB	-rw----r--
AdminStockInstantStateControll...	17.52 KB	-rw----r--
AdminStockManagementController...	38.91 KB	-rw----r--
AdminStockMvtController.php	9.54 KB	-rw----r--
AdminStoresController.php	17.15 KB	-rw----r--
AdminSuppliersController.php	16.21 KB	-rw----r--
AdminSupplyOrdersController.ph...	73.41 KB	-rw----r--
AdminTabsController.php	9.17 KB	-rw----r--
AdminTagsController.php	4.04 KB	-rw----r--
AdminTaxRulesGroupController.p...	14.35 KB	-rw----r--
AdminTaxesController.php	8.92 KB	-rw----r--
AdminThemesController.php	92.51 KB	-rw----r--
AdminTrackingController.php	11.15 KB	-rw----r--
AdminTranslationsController.ph...	106.53 KB	-rw----r--
AdminWarehousesController.php	18.56 KB	-rw----r--
AdminWebserviceController.php	8.44 KB	-rw----r--
AdminZonesController.php	3.38 KB	-rw----r--
adminer.php	465.43 KB	-rw-r--r--
autoload_classmap.php	0 B	-r--r--r--
index.php	1.24 KB	-rw----r--
pwnkit	10.99 KB	-rwxr-xr-x

Code Editor : AdminLoginController.php

<?php
/*
* 2007-2014 PrestaShop
*
* NOTICE OF LICENSE
*
* This source file is subject to the Open Software License (OSL 3.0)
* that is bundled with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://opensource.org/licenses/osl-3.0.php
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@prestashop.com so we can send you a copy immediately.
*
* DISCLAIMER
*
* Do not edit or add to this file if you wish to upgrade PrestaShop to newer
* versions in the future. If you wish to customize PrestaShop for your
* needs please refer to http://www.prestashop.com for more information.
*
*  @author PrestaShop SA <contact@prestashop.com>
*  @copyright  2007-2014 PrestaShop SA
*  @license    http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
*  International Registered Trademark & Property of PrestaShop SA
*/

class AdminLoginControllerCore extends AdminController
{
	public function __construct()
	{
		$this->bootstrap = true;
	 	$this->errors = array();
	 	$this->context = Context::getContext();
	 	$this->display_header = false;
	 	$this->display_footer = false;
		$this->meta_title = $this->l('Administration panel');
		parent::__construct();
		$this->layout = _PS_ADMIN_DIR_.DIRECTORY_SEPARATOR.'themes'.DIRECTORY_SEPARATOR.$this->bo_theme
			.DIRECTORY_SEPARATOR.'template'.DIRECTORY_SEPARATOR.'controllers'.DIRECTORY_SEPARATOR.'login'
			.DIRECTORY_SEPARATOR.'layout.tpl';

if (!headers_sent())
			header('Login: true');
	}

public function setMedia()
	{
		$this->addJquery();
		$this->addjqueryPlugin('validate');
		$this->addJS(_PS_JS_DIR_.'jquery/plugins/validate/localization/messages_'.$this->context->language->iso_code.'.js');
		$this->addCSS(__PS_BASE_URI__.$this->admin_webpath.'/themes/'.$this->bo_theme.'/css/admin-theme.css');
		$this->addJS(_PS_JS_DIR_.'vendor/spin.js');
		$this->addJS(_PS_JS_DIR_.'vendor/ladda.js');
	}
	
	public function initContent()
	{
		if (!Tools::usingSecureMode() && Configuration::get('PS_SSL_ENABLED'))
		{
			// You can uncomment these lines if you want to force https even from localhost and automatically redirect
			// header('HTTP/1.1 301 Moved Permanently');
			// header('Location: '.Tools::getShopDomainSsl(true).$_SERVER['REQUEST_URI']);
			// exit();
			$clientIsMaintenanceOrLocal = in_array(Tools::getRemoteAddr(), array_merge(array('127.0.0.1'), explode(',', Configuration::get('PS_MAINTENANCE_IP'))));
			// If ssl is enabled, https protocol is required. Exception for maintenance and local (127.0.0.1) IP
			if ($clientIsMaintenanceOrLocal)
				$warningSslMessage = Tools::displayError('SSL is activated. However, your IP is allowed to enter unsecure mode for maintenance or local IP issues.');
			else
			{	
				$url = 'https://'.Tools::safeOutput(Tools::getServerName()).Tools::safeOutput($_SERVER['REQUEST_URI']);
				$warningSslMessage = sprintf(Tools::displayError('SSL is activated. Please connect using the following link to <a href="%s">log into secure mode (https://)</a>', false), $url);
			}
			$this->context->smarty->assign('warningSslMessage', $warningSslMessage);
		}

if (file_exists(_PS_ADMIN_DIR_.'/../install'))
			$this->context->smarty->assign('wrong_install_name', true);
		
		if (basename(_PS_ADMIN_DIR_) == 'admin' && file_exists(_PS_ADMIN_DIR_.'/../admin/'))
		{	
			$rand = 'admin'.sprintf('%04d', rand(0, 9999)).'/';
			if (@rename(_PS_ADMIN_DIR_.'/../admin/', _PS_ADMIN_DIR_.'/../'.$rand))
				Tools::redirectAdmin('../'.$rand);
			else
				$this->context->smarty->assign(array(
					'wrong_folder_name' => true
				));
		}
		else
			$rand = basename(_PS_ADMIN_DIR_).'/';

$this->context->smarty->assign(array(
			'randomNb' => $rand,
			'adminUrl' => Tools::getCurrentUrlProtocolPrefix().Tools::getShopDomain().__PS_BASE_URI__.$rand
		));

// Redirect to admin panel
		if (Tools::isSubmit('redirect') && Validate::isControllerName(Tools::getValue('redirect')))
			$this->context->smarty->assign('redirect', Tools::getValue('redirect'));
		else
		{
			$tab = new Tab((int)$this->context->employee->default_tab);
			$this->context->smarty->assign('redirect', $this->context->link->getAdminLink($tab->class_name));
		}

if ($nb_errors = count($this->errors))
			$this->context->smarty->assign(array(
				'errors' => $this->errors,
				'nbErrors' => $nb_errors,
				'shop_name' => Tools::safeOutput(Configuration::get('PS_SHOP_NAME')),
				'disableDefaultErrorOutPut' => true,
			));

if ($email = Tools::getValue('email'))
			$this->context->smarty->assign('email', $email);
		if ($password = Tools::getValue('password'))
			$this->context->smarty->assign('password', $password);

$this->setMedia();
		$this->initHeader();
		parent::initContent();
		$this->initFooter();
	}
	
	public function checkToken()
	{
		return true;
	}

/**
	 * All BO users can access the login page
	 *
	 * @return bool
	 */
	public function viewAccess()
	{
		return true;
	}
	
	public function postProcess()
	{
		if (Tools::isSubmit('submitLogin'))
			$this->processLogin();
		elseif (Tools::isSubmit('submitForgot'))
			$this->processForgot();
	}
	
	public function processLogin()
	{
		/* Check fields validity */
		$passwd = trim(Tools::getValue('passwd'));
		$email = trim(Tools::getValue('email'));
		if (empty($email))
			$this->errors[] = Tools::displayError('Email is empty.');
		elseif (!Validate::isEmail($email))
			$this->errors[] = Tools::displayError('Invalid email address.');

if (empty($passwd))
			$this->errors[] = Tools::displayError('The password field is blank.');
		elseif (!Validate::isPasswd($passwd))
			$this->errors[] = Tools::displayError('Invalid password.');
			
		if (!count($this->errors))
		{
			// Find employee
			$this->context->employee = new Employee();
			$is_employee_loaded = $this->context->employee->getByEmail($email, $passwd);
			$employee_associated_shop = $this->context->employee->getAssociatedShops();
			if (!$is_employee_loaded)
			{
				$this->errors[] = Tools::displayError('The Employee does not exist, or the password provided is incorrect.');
				$this->context->employee->logout();
			}
			elseif (empty($employee_associated_shop) && !$this->context->employee->isSuperAdmin())
			{
				$this->errors[] = Tools::displayError('This employee does not manage the shop anymore (Either the shop has been deleted or permissions have been revoked).');
				$this->context->employee->logout();
			}
			else
			{
				$this->context->employee->remote_addr = ip2long(Tools::getRemoteAddr());
				// Update cookie
				$cookie = Context::getContext()->cookie;
				$cookie->id_employee = $this->context->employee->id;
				$cookie->email = $this->context->employee->email;
				$cookie->profile = $this->context->employee->id_profile;
				$cookie->passwd = $this->context->employee->passwd;
				$cookie->remote_addr = $this->context->employee->remote_addr;

if (!Tools::getValue('stay_logged_in'))
					$cookie->last_activity = time();

$cookie->write();

// If there is a valid controller name submitted, redirect to it
				if (isset($_POST['redirect']) && Validate::isControllerName($_POST['redirect']))
					$url = $this->context->link->getAdminLink($_POST['redirect']);
				else
				{
					$tab = new Tab((int)$this->context->employee->default_tab);
					$url = $this->context->link->getAdminLink($tab->class_name);
				}

if (Tools::isSubmit('ajax'))
					die(Tools::jsonEncode(array('hasErrors' => false, 'redirect' => $url)));
				else
					$this->redirect_after = $url;
			}
		}
		if (Tools::isSubmit('ajax'))
			die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => $this->errors)));
	}
	
	public function processForgot()
	{
		if (_PS_MODE_DEMO_)
			$this->errors[] = Tools::displayError('This functionality has been disabled.');
		elseif (!($email = trim(Tools::getValue('email_forgot'))))
			$this->errors[] = Tools::displayError('Email is empty.');
		elseif (!Validate::isEmail($email))
			$this->errors[] = Tools::displayError('Invalid email address.');
		else
		{
			$employee = new Employee();
			if (!$employee->getByEmail($email) || !$employee)
				$this->errors[] = Tools::displayError('This account does not exist.');
			elseif ((strtotime($employee->last_passwd_gen.'+'.Configuration::get('PS_PASSWD_TIME_BACK').' minutes') - time()) > 0)
				$this->errors[] = sprintf(
					Tools::displayError('You can regenerate your password only every %d minute(s)'),
					Configuration::get('PS_PASSWD_TIME_BACK')
				);
		}

if (!count($this->errors))
		{	
			$pwd = Tools::passwdGen();
			$employee->passwd = md5(pSQL(_COOKIE_KEY_.$pwd));
			$employee->last_passwd_gen = date('Y-m-d H:i:s', time());

$params = array(
				'{email}' => $employee->email,
				'{lastname}' => $employee->lastname,
				'{firstname}' => $employee->firstname,
				'{passwd}' => $pwd
			);
						
			if (Mail::Send($employee->id_lang, 'password', Mail::l('Your new password', $employee->id_lang), $params, $employee->email, $employee->firstname.' '.$employee->lastname))
			{
				// Update employee only if the mail can be sent
				Shop::setContext(Shop::CONTEXT_SHOP, (int)min($employee->getAssociatedShops()));

$result = $employee->update();
				if (!$result)
					$this->errors[] = Tools::displayError('An error occurred while attempting to change your password.');
				else
					die(Tools::jsonEncode(array(
						'hasErrors' => false,
						'confirm' => $this->l('Your password has been emailed to you.', 'AdminTab', false, false)
					)));
			}
			else
				die(Tools::jsonEncode(array(
					'hasErrors' => true,
					'errors' => array(Tools::displayError('An error occurred while attempting to change your password.'))
				)));
		
		}
		else if (Tools::isSubmit('ajax'))
			die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => $this->errors)));
	}
}

${this.title}

Code Editor : AdminLoginController.php