| Current Path : /opt/cpanel/ea-php54/root/usr/share/pear/RVSeagullMod/modules/user/classes/ |
| Current File : //opt/cpanel/ea-php54/root/usr/share/pear/RVSeagullMod/modules/user/classes/UserMgr.php |
<?php
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
// | Copyright (c) 2008, Demian Turner |
// | All rights reserved. |
// | |
// | Redistribution and use in source and binary forms, with or without |
// | modification, are permitted provided that the following conditions |
// | are met: |
// | |
// | o Redistributions of source code must retain the above copyright |
// | notice, this list of conditions and the following disclaimer. |
// | o Redistributions in binary form must reproduce the above copyright |
// | notice, this list of conditions and the following disclaimer in the |
// | documentation and/or other materials provided with the distribution. |
// | o The names of the authors may not be used to endorse or promote |
// | products derived from this software without specific prior written |
// | permission. |
// | |
// | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
// | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
// | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
// | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
// | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
// | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
// | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
// | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
// | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
// | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
// | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
// | |
// +---------------------------------------------------------------------------+
// | Seagull 0.6 |
// +---------------------------------------------------------------------------+
// | UserMgr.php |
// +---------------------------------------------------------------------------+
// | Author: Demian Turner <demian@phpkitchen.com> |
// +---------------------------------------------------------------------------+
// $Id: UserMgr.php,v 1.80 2005/06/05 22:59:48 demian Exp $
require_once SGL_MOD_DIR . '/user/classes/RegisterMgr.php';
require_once SGL_MOD_DIR . '/default/classes/DefaultDAO.php';
require_once SGL_MOD_DIR . '/user/classes/UserDAO.php';
require_once SGL_MOD_DIR . '/user/classes/encrype.php';
require_once SGL_CORE_DIR . '/Delegator.php';
require_once 'Validate.php';
/**
* Manages User objects.
*
* @package User
* @author Demian Turner <demian@phpkitchen.com>
* @author Jacob Hanson <jacdx@jacobhanson.com>
* @version $Revision: 1.80 $
*/
class UserMgr extends RegisterMgr
{
function UserMgr()
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
parent::SGL_Manager();
$this->pageTitle = 'User Manager';
$this->template = 'userManager.html';
$this->sortBy = 'usr_id';
$daUser = UserDAO::singleton();
$daDefault = DefaultDAO::singleton();
$this->da = new SGL_Delegator();
$this->da->add($daUser);
$this->da->add($daDefault);
$this->_aActionsMapping = array(
'add' => array('add'),
'insert' => array('insert', 'redirectToDefault'),
'edit' => array('edit'),
'update' => array('update', 'redirectToDefault'),
'delete' => array('delete', 'redirectToDefault'),
'list' => array('list'),
'requestPasswordReset' => array('requestPasswordReset'),
'resetPassword' => array('resetPassword', 'redirectToDefault'),
'requestChangeUserStatus' => array('requestChangeUserStatus'),
'changeUserStatus' => array('changeUserStatus', 'redirectToDefault'),
'editPerms' => array('editPerms'),
'updatePerms' => array('updatePerms', 'redirectToDefault'),
'syncToRole' => array('syncToRole', 'redirectToDefault'),
'viewLogin' => array('viewLogin'),
'truncateLoginTbl' => array('truncateLoginTbl', 'redirectToDefault'),
'removeExpiredCookies' => array('removeExpiredCookies', 'redirectToDefault')
);
}
function validate($req, &$input)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
parent::validate($req, $input);
$input->action = ($req->get('action')) ? $req->get('action') : 'list';
// determine action based on which button was pressed
if ($req->get('delete')) { $input->action = 'delete';}
if ($req->get('syncToRole')) { $input->action = 'syncToRole';}
$input->masterTemplate = 'masterMinimal.html';
$input->aPerms = $req->get('frmPerms');
$input->moduleId = $req->get('frmModuleId');
$input->from = ($req->get('pageID'))? $req->get('pageID'):0;
$input->passwdResetNotify = ($req->get('frmPasswdResetNotify') == 'on') ? 1 : 0;
$input->changeStatusNotify = ($req->get('frmChangeStatusNotify') == 'on') ? 1 : 0;
$input->user->is_email_public = (isset($input->user->is_email_public)) ? 1 : 0;
$input->user->is_acct_active = (isset($input->user->is_acct_active)) ? 1 : 0;
$input->sortBy = SGL_Util::getSortBy($req->get('frmSortBy'), SGL_SORTBY_USER);
$input->sortOrder = SGL_Util::getSortOrder($req->get('frmSortOrder'));
$input->prefixTemplate = '';
if (class_exists('RVSGLWrapper')) {
$input->isResTemplate = RVSGLWrapper::isResTemplate();
if (RVSGLWrapper::isUikitTemplate() && @$_SESSION['rid'] != SGL_ADMIN) {
$input->prefixTemplate = 'uikit_';
}
} else {
$input->isResTemplate = false;
}
// This will tell HTML_Flexy which key is used to sort data
$input->{ 'sort_' . $input->sortBy } = true;
$input->roleSync = $req->get('roleSync');
if ($input->roleSync == 'null') {
$input->roleSync = null;
}
$input->roleSyncMode = $req->get('roleSyncMode');
// Pager's total items value (maintaining it saves a count(*) on each request)
$input->totalItems = $req->get('totalItems');
if (!isset($aErrors)) {
$aErrors = array();
}
// if errors have occured
if (is_array($aErrors) && count($aErrors)) {
SGL::raiseMsg('Please fill in the indicated fields');
$input->error = $aErrors;
$this->validated = false;
}
}
function display(&$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
// set flag so we can share add/edit templates
if ($output->action == 'add' || $output->action == 'insert') {
$output->isAdd = true;
}
// build country/state select boxes unless any of following methods
$aDisallowedMethods = array(
'list', 'requestPasswordReset',
'resetPassword', 'editPerms', 'updatePerms', 'insertImportedUsers');
if (!in_array($output->action, $aDisallowedMethods)) {
$output->states = SGL::loadRegionList('states');
$output->countries = SGL::loadRegionList('countries');
$output->aSecurityQuestions = SGL_String::translate('aSecurityQuestions', false);
}
if (!in_array($output->action, array(
'requestPasswordReset', 'resetPassword',
'editPerms', 'updatePerms'))) {
$output->aRoles = $this->da->getRoles();
if ($this->conf['OrgMgr']['enabled']) {
$output->aOrgs = $this->da->getOrgs();
}
}
if ($output->action == 'list') {
$aSyncModes = array();
$aSyncModes[SGL_ROLESYNC_ADDREMOVE] = SGL_String::translate('complete sync');
$aSyncModes[SGL_ROLESYNC_REMOVE] = SGL_String::translate('remove extra perms');
$aSyncModes[SGL_ROLESYNC_ADD] = SGL_String::translate('add missing perms');
$output->aSyncModes = $aSyncModes;
}
$output->isAcctActive = ($output->user->is_acct_active) ? ' checked="checked"' : '';
}
function _cmd_add($input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
parent::_cmd_add($input, $output);
$output->pageTitle = $input->pageTitle . ' :: Add';
// get default values for new users
$defaultRoleId = $this->conf['UserMgr']['defaultRoleId'];
$output->user->role_id = $defaultRoleId;
$output->user->username_orig = '';
$output->user->email_orig = '';
}
function _cmd_insert($input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
///start upload image
if($input->userImageUpload['name'] == true) {
$aMatch = parent::matchImageFile($input->userImageUpload['name']);
$pathFile = SGL_THEME_DIR . '/rvtheme/images/' . $input->user->username . '.' . $aMatch;
copy($input->userImageUpload['tmp_name'], $pathFile);
$input->user->image_upload = $input->user->username . '.' . $aMatch;
}
///end
$oUser = $this->da->getUserById();
$oUser->setFrom($input->user);
$oUser->passwd = md5($input->user->passwd);
$oUser->user_expire = isset($input->user->user_expire) ? $input->user->user_expire : '0000-00-00 00:00:00';
if ($this->conf['RegisterMgr']['autoEnable']) {
$oUser->is_acct_active = 1;
}
$oUser->date_created = $oUser->last_updated = SGL_Date::getTime();
$oUser->created_by = $oUser->updated_by = SGL_Session::getUid();
$success = $this->da->addUser($oUser);
$input->user_id = $success;
$crypt = new encryption_class;
$key = $input->user_id;
$password =$input->user->passwd;
//$pswdlen = strlen($password);
$oUser->passwdBase = $crypt->encrypt($key, $password, $pswdlen=0);
$errors = $crypt->errors;
$successUsrTmp =$this->da->addUserTmp($oUser);
//add table ChangePassword
$successChangePassword = $this->da->addChangePassword($oUser);
// check for errors
if (!SGL::isError($success)) {
SGL::raiseMsg('user successfully added', true, SGL_MESSAGE_INFO);
} else {
SGL::raiseError('There was a problem inserting the record',
SGL_ERROR_NOAFFECTEDROWS);
}
//amarin modify begin
$doObserve = new User_DoObserve($input, $output);
$aObservers = explode(',', $this->conf['UserMgr']['observers']);
foreach ($aObservers as $observer) {
$path = SGL_MOD_DIR . "/user/classes/observers/$observer.php";
if (is_file($path)) {
require_once $path;
$doObserve->attach(new $observer());
}
}
$doObserve->run();
//amarin modify end
}
function _cmd_edit(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
parent::_cmd_edit($input, $output);
$output->noEditUser = true;
$output->pageTitle = $this->pageTitle . ' :: Edit';
/// RVS START set template userAdd for compoDB
if (defined('RVS_AUTO_SETUP')) {
//user and admin side
$output->template = $input->prefixTemplate.'userAddUseCompoDB.html';
} else {
$output->template = 'userAdd.html';
}
/// RVS END set template userAdd for compoDB
$oUser = $this->da->getUserById($input->userID);
$output->user = $oUser;
$output->user->username_orig = $oUser->username;
$output->user->email_orig = $oUser->email;
/// start send path image
$output->user->path_image = SGL_BASE_URL .'/themes/rvtheme/images/' . $output->user->image_upload;
/// end
///start send values birthdate
if($output->user->birthdate){
$birth = explode("-", $output->user->birthdate);
$output->user->Bday = $birth[0];
$output->user->Bmonth = $birth[1];
$output->user->Byear = $birth[2];
}else{
$output->user->Byear = '0000';
$output->user->Bmonth = '00';
$output->user->Bday = '00';
}
///end
}
function _cmd_update(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
/// start update images upload
parent::_cmd_update($input, $output);
/// end
$oUser = $this->da->getUserById($input->user->usr_id);
$oUser->setFrom($input->user);
$oUser->last_updated = SGL_Date::getTime();
$oUser->updated_by = SGL_Session::getUid();
$success = $this->da->updateUser($oUser, $input->user->role_id_orig,
$input->user->organisation_id_orig);
if (!SGL::isError($success)) {
SGL::raiseMsg('details successfully updated', true, SGL_MESSAGE_INFO);
} else {
SGL::raiseError('There was a problem inserting the record',
SGL_ERROR_NOAFFECTEDROWS);
}
//amarin modify begin
$doObserve = new User_DoObserve($input, $output);
$aObservers = explode(',', $this->conf['UserMgr']['observers']);
foreach ($aObservers as $observer) {
$path = SGL_MOD_DIR . "/user/classes/observers/$observer.php";
if (is_file($path)) {
require_once $path;
$doObserve->attach(new $observer());
}
}
$doObserve->run();
//amarin modify end
}
function isColumnsExists($columName, $tableName)
{
$dbh = SGL_DB::singleton();
$query = " SHOW COLUMNS FROM " . $tableName . " LIKE '$columName' ";
$res = $dbh->getOne($query);
if ( $res ) {
return true;
}
return false;
}
function _cmd_delete(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
//amarin modify begin
$doObserve = new User_DoObserve($input, $output);
$aObservers = explode(',', $this->conf['UserMgr']['observers']);
foreach ($aObservers as $observer) {
if ($observer != 'EmailConfirmation') {
$path = SGL_MOD_DIR . "/user/classes/observers/$observer.php";
if (is_file($path)) {
require_once $path;
$doObserve->attach(new $observer());
}
}
}
$doObserve->run();
//amarin modify end
/// start select image_upload for delete
$results = array();
if (is_array($input->aDelete)) {
foreach ($input->aDelete as $index => $userId) {
if ($this->isColumnsExists('image_upload', $this->conf['table']['user'])) {
$query = sprintf("
SELECT
image_upload
FROM
{$this->conf['table']['user']}
WHERE usr_id='%s'",
$userId);
$req = $this->dbh->getRow($query);
$pathImageDel = SGL_THEME_DIR . '/rvtheme/images/' . $req->image_upload;
/// start Delete image_upload
if (is_file($pathImageDel)) {
unlink($pathImageDel);
}
}
/// end
// don't allow admin to be deleted
if ($userId == SGL_ADMIN) {
continue;
}
$ret = $this->da->deletePrefsByUserId($userId);
$ret = $this->da->deletePermsByUserId($userId);
$resDeteteUserTmp = $this->da->deleteUserTmp($userId);
$resdeleteChangePassword = $this->da->deleteChangePassword($userId);
if (!empty($this->conf['cookie']['rememberMeEnabled'])) {
$ret = $this->da->deleteUserLoginCookiesByUserId($userId);
}
$query = "DELETE FROM {$this->conf['table']['user']} WHERE usr_id=$userId";
if (is_a($this->dbh->query($query), 'PEAR_Error')) {
$results[$userId] = 0; //log result for user
continue;
}
$results[$userId] = 1;
}
} else {
SGL::raiseError('Incorrect parameter passed to ' .
__CLASS__ . '::' . __FUNCTION__, SGL_ERROR_INVALIDARGS);
}
// could eventually display a list of failed/succeeded user ids--just summarize for now
$results = array_count_values($results);
$succeeded = array_key_exists(1, $results) ? $results[1] : 0;
$failed = array_key_exists(0, $results) ? $results[0] : 0;
if ($succeeded && !$failed) {
$errorType = SGL_MESSAGE_INFO;
} elseif (!$succeeded && $failed) {
$errorType = SGL_MESSAGE_ERROR;
} else {
$errorType = SGL_MESSAGE_WARNING;
}
// redirect on success
SGL::raiseMsg("$succeeded user(s) successfully deleted. $failed user(s) failed.", false, $errorType);
}
function _cmd_list(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$output->pageTitle = $this->pageTitle . ' :: Browse';
$allowedSortFields = array('usr_id','username','is_acct_active');
if ( !empty($input->sortBy)
&& !empty($input->sortOrder)
&& in_array($input->sortBy, $allowedSortFields)) {
$orderBy_query = ' ORDER BY ' . $input->sortBy . ' ' . $input->sortOrder ;
} else {
$orderBy_query = ' ORDER BY u.usr_id ASC ';
}
if ($this->conf[SGL_Inflector::caseFix('OrgMgr')]['enabled']) {
$query = "
SELECT u.*, o.name AS org_name, r.name AS role_name
FROM {$this->conf['table']['user']} u
LEFT JOIN {$this->conf['table']['organisation']} o
ON u.organisation_id = o.organisation_id
JOIN {$this->conf['table']['role']} r
ON r.role_id = u.role_id
$orderBy_query";
} else {
$query = "
SELECT u.*, r.name AS role_name
FROM {$this->conf['table']['user']} u, {$this->conf['table']['role']} r
WHERE r.role_id = u.role_id
AND u.usr_id <> 0
$orderBy_query";
}
$limit = $_SESSION['aPrefs']['resPerPage'];
$pagerOptions = array(
'mode' => 'Sliding',
'delta' => 3,
'perPage' => $limit,
'spacesBeforeSeparator' => 0,
'spacesAfterSeparator' => 0,
'curPageSpanPre' => '<span class="currentPage">',
'curPageSpanPost' => '</span>',
);
$aPagedData = SGL_DB::getPagedData($this->dbh, $query, $pagerOptions);
$aPagedData['data'] = $this->showUserDateExpire($aPagedData);
$aPagedData['data'] = $this->showUserXfer($aPagedData);
$output->aPagedData = $aPagedData;
if (is_array($aPagedData['data']) && count($aPagedData['data'])) {
$output->pager = ($aPagedData['totalItems'] <= $limit) ? false : true;
}
$output->totalItems = $aPagedData['totalItems'];
$output->addOnLoadEvent("switchRowColorOnHover()");
}
function showUserXfer($aPagedData)
{
foreach ($aPagedData['data'] as $key => $value) {
$userAuthHash = $this->da->getUserAuthHashByUserName($value['username']);
$Uid = SGL_Session::getUid();
if ($Uid === $value['usr_id']) {
$aPagedData['data'][$key]['is_owner'] = true;
} else {
$aPagedData['data'][$key]['is_owner'] = false;
}
// check user ยังไม่ยืนยันตัวตน xfer ไม่ได้
// ถ้ามีใน table user_auth_hash คือ ยังไม่ยืนยันตัวตน ปรับ status เป็น 0
$oUser = $this->da->getUserById($value['usr_id']);
// echo "<pre>";print_r($oUser);
if (isset($userAuthHash) && ($userAuthHash)) {
$oUser->is_acct_active = 0;
$success = $oUser->update();
$aPagedData['data'][$key]['is_acct_active'] = 0;
}
$aPagedData['data'][$key]['user_xfer'] = ($this->da->getUserTmpByUserId($value['usr_id']))? true : false;
}
return $aPagedData['data'];
}
function updateSatatusDateExpire($userID, $userExpire, $isAcctActive)
{
$oUser = $this->da->getUserById($userID);
$oUser->is_acct_active = ($isAcctActive)? $isAcctActive : 0;
$oUser->user_expire = ($userExpire)? $userExpire : $oUser->user_expire;
$success = $oUser->update();
$aData = array('is_acct_active'=> $oUser->is_acct_active, 'user_expire'=> $oUser->user_expire);
return $aData;
}
function showUserDateExpire($aPagedData)
{
/* $moduleConfigFile = SGL_MOD_DIR . '/user/conf.ini';
$c = new SGL_Config();
//load file config
$config = $c->load($moduleConfigFile);*/
$config = $this->conf;
$unExpire = '0000-00-00 00:00:00';
foreach($aPagedData['data'] as $key => $value) {
//admin un expire
if ($value['role_id'] == SGL_ADMIN) {
$aPagedData['data'][$key]['user_expire'] = 'unexpired';
$aPagedData['data'][$key]['user_un_expire'] = 1;
$aPagedData['data'][$key]['user_admin'] = 1;
} elseif (!$aPagedData['data'][$key]['user_expire']) { // user_expire in table no value
//check enable_user_expire
if ($config['LoginMgr']['enable_user_expire']) {
$aPagedData['data'][$key]['user_expire'] = $this->checkUserDateExpire(
$aPagedData['data'][$key]['date_created']
, $config['LoginMgr']['user_expire']
);
$this->updateSatatusDateExpire($aPagedData['data'][$key]['usr_id']
, $aPagedData['data'][$key]['user_expire']
, $aPagedData['data'][$key]['is_acct_active']);
} else {
$aPagedData['data'][$key]['user_expire'] = 'unexpire';
$aPagedData['data'][$key]['user_un_expire'] = 1;
}
//case 0000-00-00 00:00:00 show un expire
} elseif ($aPagedData['data'][$key]['user_expire'] == $unExpire) {
$aPagedData['data'][$key]['user_expire'] = 'unexpire';
$aPagedData['data'][$key]['user_un_expire'] = 1;
$aDataIaAcctive = $this->updateSatatusDateExpire($aPagedData['data'][$key]['usr_id'], $aPagedData['data'][$key]['user_expire'], $aPagedData['data'][$key]['is_acct_active']);
$aPagedData['data'][$key]['is_acct_active'] = $aDataIaAcctive['is_acct_active'];
} elseif ($aPagedData['data'][$key]['user_expire'] != $unExpire && $aPagedData['data'][$key]['user_expire'] != '' && $value['role_id'] != SGL_ADMIN) {
$dateExpired = strtotime($aPagedData['data'][$key]['user_expire']);
$today = getdate();
if($dateExpired < $today[0]){
$aDataIaAcctive = $this->updateSatatusDateExpire($aPagedData['data'][$key]['usr_id'], $aPagedData['data'][$key]['user_expire'], 0);
$aPagedData['data'][$key]['is_acct_active'] = $aDataIaAcctive['is_acct_active'];
$aPagedData['data'][$key]['user_expire'] = $aDataIaAcctive['user_expire'];
} else {
$aDataIaAcctive = $this->updateSatatusDateExpire($aPagedData['data'][$key]['usr_id'], $aPagedData['data'][$key]['user_expire'], $aPagedData['data'][$key]['is_acct_active']);
$aPagedData['data'][$key]['is_acct_active'] = $aDataIaAcctive['is_acct_active'];
$aPagedData['data'][$key]['user_expire'] = $aDataIaAcctive['user_expire'];
}
}
}
return $aPagedData['data'];
}
function checkUserDateExpire($dateCreated, $configUserExpire)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$timestamp = strtotime($dateCreated);
$timestamp = $timestamp + ($configUserExpire * 86400);
$checktime = @strftime("%Y-%m-%d %H:%M:%S", $timestamp);
$user_expire = $checktime;
return $user_expire;
}
function _cmd_viewLogin(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$output->template = 'userManagerLogins.html';
$output->pageTitle = $this->pageTitle . ' :: Login Data';
$allowedSortFields = array('date_time','remote_ip');
if ( !empty($input->sortBy)
&& !empty($input->sortOrder)
&& in_array($input->sortBy, $allowedSortFields)) {
$orderBy_query = ' ORDER BY ' . $input->sortBy . ' ' . $input->sortOrder ;
} else {
$orderBy_query = ' ORDER BY date_time DESC ';
}
if (!empty($input->userID) ) {
$query = "
SELECT date_time, remote_ip, login_id
FROM {$this->conf['table']['login']}
WHERE usr_id = $input->userID" .
$orderBy_query;
} else {
SGL::raiseError('Incorrect parameter passed to ' .
__CLASS__ . '::' . __FUNCTION__, SGL_ERROR_INVALIDARGS);
return false;
}
$limit = $_SESSION['aPrefs']['resPerPage'];
$pagerOptions = array(
'mode' => 'Sliding',
'delta' => 3,
'perPage' => $limit,
'spacesBeforeSeparator' => 0,
'spacesAfterSeparator' => 0,
'curPageSpanPre' => '<span class="currentPage">',
'curPageSpanPost' => '</span>',
);
$aPagedData = SGL_DB::getPagedData($this->dbh, $query, $pagerOptions);
$output->aPagedData = $aPagedData;
if (is_array($aPagedData['data']) && count($aPagedData['data'])) {
$output->pager = ($aPagedData['totalItems'] <= $limit) ? false : true;
}
$output->addOnLoadEvent("switchRowColorOnHover()");
}
function _cmd_truncateLoginTbl(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
if (is_array($input->aDelete)) {
foreach ($input->aDelete as $v){
$query = "DELETE FROM {$this->conf['table']['login']} WHERE login_id = $v";
$this->dbh->query($query);
}
// redirect on success
SGL::raiseMsg('Deleted successfully', true, SGL_MESSAGE_INFO);
} else {
SGL::raiseError('Incorrect parameter passed to '.__CLASS__.'::'.__FUNCTION__,
SGL_ERROR_NOAFFECTEDROWS);
}
}
function _cmd_requestChangeUserStatus(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$output->pageTitle = $this->pageTitle . ' :: Change status';
$output->template = 'userStatusChange.html';
$oUser = $this->da->getUserById($input->userID);
$output->user = $oUser;
}
function _cmd_changeUserStatus(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$unExpire = '0000-00-00 00:00:00';
$oUser = $this->da->getUserById($input->userID);
$oUser->is_acct_active = ($oUser->is_acct_active) ? 0 : 1;
$success = $oUser->update();
if ($input->changeStatusNotify && $success !== false) {
$success = $this->_sendStatusNotification($oUser, $oUser->is_acct_active);
}
if ($success) {
SGL::raiseMsg('Status changed successfully', true, SGL_MESSAGE_INFO);
} else {
$output->template = 'userManager.html';
SGL::raiseError('There was a problem modifying the record',
SGL_ERROR_NOAFFECTEDROWS);
}
$doObserve = new User_DoObserve($input, $output);
$aObservers = explode(',', $this->conf['UserMgr']['observers']);
foreach ($aObservers as $observer) {
$path = SGL_MOD_DIR . "/user/classes/observers/$observer.php";
if (is_file($path)) {
require_once $path;
$doObserve->attach(new $observer());
}
}
SGL::logMessage('*-*---********--------***-------***---'. $oUser->is_acct_active, PEAR_LOG_DEBUG);
$doObserve->run();
}
function _cmd_requestPasswordReset(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
if (isset($this->conf['tuples']['demoMode'])
&& $this->conf['tuples']['demoMode'] == true
&& $input->userID == 1) {
SGL::raiseMsg('Admin password cannot be reset in demo mode',
false, SGL_MESSAGE_WARNING);
return false;
}
$output->pageTitle = $this->pageTitle . ' :: Reset password';
$output->template = 'userPasswordReset.html';
$oUser = $this->da->getUserById($input->userID);
$output->user = $oUser;
}
function _cmd_resetPassword(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
require_once 'Text/Password.php';
$oPassword = new Text_Password();
///fix PHP 5.3
$oPassword = &$oPassword;
$passwd = $oPassword->create();
$oUser = $this->da->getUserById($input->userID);
$oUser->passwd = md5($passwd);
$success = $oUser->update();
//update set password table user_tmp
$crypt = new encryption_class;
$key = $input->userID;
$password = $passwd;
$passwdTmp = $crypt->encrypt($key, $password, $pswdlen=0);
$successUpdate = $this->da->updateUserTmpByUserId($input->userID, $passwdTmp);
if ($input->passwdResetNotify && $success !== false) {
require_once SGL_MOD_DIR . '/user/classes/PasswordMgr.php';
$success = PasswordMgr::sendPassword($oUser, $passwd);
}
// redirect on success
if ($success) {
SGL::raiseMsg('Password updated successfully', true, SGL_MESSAGE_INFO);
} else {
$output->template = 'userManager.html';
SGL::raiseError('There was a problem inserting the record',
SGL_ERROR_NOAFFECTEDROWS);
}
}
function _cmd_editPerms(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$output->pageTitle = $this->pageTitle . ' :: Edit permissions';
$output->template = 'userPermsEdit.html';
// build module filter
$aModules = $this->da->getModuleHash(SGL_RET_ID_VALUE);
$output->currentModule = $input->moduleId;
$aUserPerms = $this->da->getPermsByUserId($input->userID);
foreach ($aModules as $moduleId => $moduleName) {
$hAllPerms = $this->da->getPermsByModuleId($moduleId);
$output->aModules[$moduleId]['id'] = $moduleId;
$output->aModules[$moduleId]['name'] = $moduleName;
$output->aModules[$moduleId]['perms'] = SGL_Output::generateCheckboxList(
$hAllPerms, $aUserPerms, 'frmPerms[]');
$output->aModulesList = $aModules;
}
}
function _cmd_updatePerms(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$output->template = 'userPermsEdit.html';
// delete existing perms
// if we're dealing with a single view of all perms
if (!$input->moduleId) {
if (SGL_DB_DRIVER === 'DB') {
$this->dbh->autocommit(false);
} else {
if ($this->dbh->supports('transactions')) {
$this->dbh->beginTransaction();
}
}
// first delete old perms
$res1 = $this->da->deletePermsByUserId($input->user->usr_id);
// then add new perms
$res2 = $this->da->addPermsByUserId($input->aPerms, $input->user->usr_id);
/*fix PHP 5.3 :: nipaporn : ปรับ DB::isError */
if (SGL::isError($res1) || SGL::isError($res2)) {
///FIX PHP 5.3(use MDB2) by Witoon+Puttipong
if (SGL_DB_DRIVER === 'DB') {
$this->dbh->rollBack();
$this->dbh->autocommit(true);
} else {
if ($this->dbh->in_transaction) {
$this->dbh->rollBack();
}
}
SGL::raiseError('There was a problem inserting the record',
SGL_ERROR_DBTRANSACTIONFAILURE);
} else {
///FIX PHP 5.3(use MDB2) by Witoon+Puttipong
if (SGL_DB_DRIVER === 'DB') {
$this->dbh->commit();
$this->dbh->autocommit(true);
} else {
if ($this->dbh->in_transaction) {
$this->dbh->commit();
}
}
SGL::raiseMsg('perm successfully updated', true, SGL_MESSAGE_INFO);
}
// else we're dealing with one module's perms
} else {
if (SGL_DB_DRIVER === 'DB') {
$this->dbh->autocommit(false);
} else {
if ($this->dbh->supports('transactions')) {
$this->dbh->beginTransaction();
}
}
// generate list of the superset of perms for given module id
$aPermsSuperset = $this->da->getPermsByModuleId($input->moduleId);
foreach ($aPermsSuperset as $permId => $permName) {
$res1 = $this->da->deletePermByUserIdAndPermId($input->user->usr_id, $permId);
}
// add new module-specific perms
$res2 = $this->da->addPermsByUserId($input->aPerms, $input->user->usr_id);
/*fix PHP 5.3 :: nipaporn : ปรับ DB::isError */
if (SGL::isError($res1) || SGL::isError($res2)) {
if (SGL_DB_DRIVER === 'DB') {
///FIX PHP 5.3(use MDB2) by Witoon+Puttipong
$this->dbh->rollBack();
$this->dbh->autocommit(true);
} else {
if ($this->dbh->in_transaction) {
$this->dbh->rollBack();
}
}
SGL::raiseError('There was a problem inserting the record',
SGL_ERROR_DBTRANSACTIONFAILURE);
} else {
///FIX PHP 5.3(use MDB2) by Witoon+Puttipong
if (SGL_DB_DRIVER === 'DB') {
$this->dbh->commit();
$this->dbh->autocommit(true);
} else {
if ($this->dbh->in_transaction) {
$this->dbh->commit();
}
}
SGL::raiseMsg('perm successfully updated', true, SGL_MESSAGE_INFO);
}
}
}
function _cmd_syncToRole(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$results = $this->syncUsersToRole($input->aDelete, $input->roleSync, $input->roleSyncMode);
// could eventually display a list of failed/succeeded user ids--just
// summarize for now
$results = array_count_values($results);
$succeeded = array_key_exists(1, $results) ? $results[1] : 0;
$failed = array_key_exists(0, $results) ? $results[0] : 0;
if ($succeeded && !$failed) {
$errorType = SGL_MESSAGE_INFO;
} elseif (!$succeeded && $failed) {
$errorType = SGL_MESSAGE_ERROR;
} else {
$errorType = SGL_MESSAGE_WARNING;
}
SGL::raiseMsg("$succeeded user(s) were synched successfully. $failed user(s) failed.",
false, $errorType);
}
function _cmd_removeExpiredCookies(&$input, &$output)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
if (!empty($this->conf['cookie']['rememberMeEnabled'])) {
$this->da->deleteExpiredUserLoginCookies();
SGL::raiseMsg('Expired persistent cookies successfully removed',
true, SGL_MESSAGE_INFO);
}
}
function _sendStatusNotification($oUser, $isEnabled)
{
SGL::logMessage('----------------' . $isEnabled , PEAR_LOG_DEBUG);
require_once SGL_CORE_DIR . '/Emailer.php';
$realName = $oUser->first_name . ' ' . $oUser->last_name;
$recipientName = (trim($realName)) ? $realName : 'no name supplied';
$options = array(
'toEmail' => $oUser->email,
'toRealName' => $recipientName,
'isEnabled' => $isEnabled,
'fromEmail' => $this->conf['email']['admin'],
'replyTo' => $this->conf['email']['admin'],
'subject' => 'Account Status Notification from ' . $this->conf['site']['name'],
'template' => SGL_THEME_DIR . '/' . $_SESSION['aPrefs']['theme']
. '/user/email_status_notification.php',
'username' => $oUser->username,
);
$message = new SGL_Emailer($options);
///fix PHP 5.3
$message = &$message;
$ok = $message->prepare();
return ($ok) ? $message->send() : $ok;
}
/**
* Syncs user(s) perms to role(s). Can do a complete sync or
* only add perms that user is missing from role or only delete perms
* that don't exist in role. If roleId s/xmjn
*
* @author Jacob Hanson <jacdx@jacobhanson.com>
* @copyright Jacob Hanson 2004
* @access public
* @param array users array of user(s) ids
* @param integer roleId role to assign to users. If null, each user is sync'ed to their existing role
* @param integer mode mode constant (SGL_ROLESYNC_ADD: only add perms user is missing,
* SGL_ROLESYNC_REMOVE: only remove extra perms user has, SGL_ROLESYNC_ADDREMOVE: do both)
* @return array array of results (userId=>true/false)
*/
function syncUsersToRole($aUsers, $roleId = null, $mode = SGL_ROLESYNC_ADDREMOVE)
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
// force user to be an array if it's a single value
if (!is_array($aUsers)) {
$aUsers = array($aUsers);
}
// container role(s) perms
$aRolesPerms = array();
// use specified roleId for all users (each user's own roleId is used if
// $roleId = null
$userRoleId = $roleId;
$results = array();
foreach ($aUsers as $userId) {
if (SGL_DB_DRIVER === 'DB') {
$this->dbh->autocommit(false);
} else {
if ($this->dbh->supports('transactions')) {
$this->dbh->beginTransaction();
}
} // a transaction for each user
// get user's roleId, if null
if ($roleId == null) {
$query = "SELECT role_id FROM {$this->conf['table']['user']} WHERE usr_id={$userId}";
$userRoleId = $this->dbh->getOne($query);
if (is_a($userRoleId, 'PEAR_Error')) {
///FIX PHP 5.3(use MDB2) by Witoon+Puttipong
if (SGL_DB_DRIVER === 'DB') {
$this->dbh->rollBack();
$this->dbh->autocommit(true);
} else {
if ($this->dbh->in_transaction) {
$this->dbh->rollBack();
}
}
$results[$userId] = 0; // log result for user
continue;
}
}
// get user's role's perms, if not already loaded
if (array_key_exists($userRoleId, $aRolesPerms) === false) {
// perms for this role haven't been loaded yet
$aRolesPerms[$userRoleId] = $this->da->getPermsByRoleId($userRoleId);
if (is_a($aRolesPerms[$userRoleId], 'PEAR_Error')) {
///FIX PHP 5.3(use MDB2) by Witoon+Puttipong
if (SGL_DB_DRIVER === 'DB') {
$this->dbh->rollBack();
$this->dbh->autocommit(true);
} else {
if ($this->dbh->in_transaction) {
$this->dbh->rollBack();
}
}
$results[$userId] = 0; //log result for user
continue;
}
}
$rolePerms = $aRolesPerms[$userRoleId];
// get user's perms
$userPerms = $this->da->getPermsByUserId($userId);
if (is_a($userPerms, 'PEAR_Error')) {
///FIX PHP 5.3(use MDB2) by Witoon+Puttipong
if (SGL_DB_DRIVER === 'DB') {
$this->dbh->rollBack();
$this->dbh->autocommit(true);
} else {
if ($this->dbh->in_transaction) {
$this->dbh->rollBack();
}
}
$results[$userId] = 0; //log result for user
continue;
}
// remove extra perms (remove extra or complete sync)
if ($mode == SGL_ROLESYNC_ADDREMOVE || $mode == SGL_ROLESYNC_REMOVE) {
$toRemove = array_diff($userPerms, $rolePerms);
foreach ($toRemove as $k => $permId) {
$res = $this->da->deletePermByUserIdAndPermId($userId, $permId);
if (is_a($res, 'PEAR_Error')) {
///FIX PHP 5.3(use MDB2) by Witoon+Puttipong
if (SGL_DB_DRIVER === 'DB') {
$this->dbh->rollBack();
$this->dbh->autocommit(true);
} else {
if ($this->dbh->in_transaction) {
$this->dbh->rollBack();
}
}
$results[$userId] = 0; //log result for user
continue 2;
}
}
}
// add missing perms (add missing or complete sync)
if ($mode == SGL_ROLESYNC_ADDREMOVE || $mode == SGL_ROLESYNC_ADD) {
$toAdd = array_diff($rolePerms, $userPerms);
$res = $this->da->addPermsByUserId($toAdd, $userId);
if (is_a($res, 'PEAR_Error')) {
///FIX PHP 5.3(use MDB2) by Witoon+Puttipong
if (SGL_DB_DRIVER === 'DB') {
$this->dbh->rollBack();
$this->dbh->autocommit(true);
} else {
if ($this->dbh->in_transaction) {
$this->dbh->rollBack();
}
}
$results[$userId] = 0; //log result for user
continue;
}
}
// if we make it here, we're all good (for this user)
///FIX PHP 5.3(use MDB2) by Witoon+Puttipong
if (SGL_DB_DRIVER === 'DB') {
$this->dbh->commit();
$this->dbh->autocommit(true);
} else {
if ($this->dbh->in_transaction) {
$this->dbh->commit();
}
}
$results[$userId] = 1;
}
return $results;
}
}
class User_DoObserve extends SGL_Observable
{
function User_DoObserve(&$input, &$output)
{
$this->input = $input;
$this->output = $output;
}
function &_getDb()
{
$locator = SGL_ServiceLocator::singleton();
$dbh = $locator->get('DB');
if (!$dbh) {
$dbh = SGL_DB::singleton();
$locator->register('DB', $dbh);
}
return $dbh;
}
function run()
{
SGL::logMessage(null, PEAR_LOG_DEBUG);
$crypt = new encryption_class;
$this->conf = $this->input->getConfig();
$this->dbh = $this->_getDb();
$da = UserDAO::singleton();
// $oUser = $da->getUserById($this->input->userID);
$this->input->userID = (isset($this->input->userID) && $this->input->userID) ? $this->input->userID : $this->input->user_id;
if (isset($this->input->importUser) && $this->input->importUser == true) {
$this->input->userID = $this->input->user_id;
}
SGL::logMessage('RVS userID ' . $this->input->userID, PEAR_LOG_DEBUG);
$query = "
SELECT *
FROM {$this->conf['table']['user']}
WHERE usr_id = '{$this->input->userID}'
";
$oUser = $this->dbh->getrow($query);
$oUserB = $da->getUserTmpByUserId($this->input->userID);
$key = $this->input->userID;
$password = $oUserB->passwd;
$oUser->passwdClear = $crypt->decrypt($key, $password);
$this->oUser = $oUser;
// invoke observers
$this->notify();
}
}
?>
Copyright 2K16 - 2K18 Indonesian Hacker Rulez
;?>)