Example #1
0
function image_zap($image_id)
{
    $filename = db_getOne("SELECT filename FROM image WHERE id=?", $image_id);
    db_do("DELETE FROM image WHERE id=?", $image_id);
    db_commit();
    unlink(image_path($filename));
}
 /**
  * Show invoicing settings panel
  *
  * @param void
  * @return null
  */
 function index()
 {
     require_once INVOICING_MODULE_PATH . '/models/InvoicePdfGenerator.class.php';
     $paper_formats = array(PAPER_FORMAT_A4, PAPER_FORMAT_A3, PAPER_FORMAT_A5, PAPER_FORMAT_LETTER, PAPER_FORMAT_LEGAL);
     $paper_orientations = array(PAPER_ORIENTATION_PORTRAIT, PAPER_ORIENTATION_LANDSCAPE);
     $pdf_settings_data = $this->request->post('pdf_settings');
     if (!is_array($pdf_settings_data)) {
         $pdf_settings_data = array('paper_format' => ConfigOptions::getValue('invoicing_pdf_paper_format'), 'paper_orientation' => ConfigOptions::getValue('invoicing_pdf_paper_orientation'), 'header_text_color' => ConfigOptions::getValue('invoicing_pdf_header_text_color'), 'page_text_color' => ConfigOptions::getValue('invoicing_pdf_page_text_color'), 'border_color' => ConfigOptions::getValue('invoicing_pdf_border_color'), 'background_color' => ConfigOptions::getValue('invoicing_pdf_background_color'));
     }
     // if
     if ($this->request->isSubmitted()) {
         db_begin_work();
         ConfigOptions::setValue('invoicing_pdf_paper_format', array_var($pdf_settings_data, 'paper_format', 'A4'));
         ConfigOptions::setValue('invoicing_pdf_paper_orientation', array_var($pdf_settings_data, 'paper_orientation', 'Portrait'));
         ConfigOptions::setValue('invoicing_pdf_header_text_color', array_var($pdf_settings_data, 'header_text_color', '000000'));
         ConfigOptions::setValue('invoicing_pdf_page_text_color', array_var($pdf_settings_data, 'page_text_color', '000000'));
         ConfigOptions::setValue('invoicing_pdf_border_color', array_var($pdf_settings_data, 'border_color', '000000'));
         ConfigOptions::setValue('invoicing_pdf_background_color', array_var($pdf_settings_data, 'background_color', 'FFFFFF'));
         db_commit();
         flash_success('Successfully modified PDF settings');
         $this->redirectTo('admin_invoicing_pdf');
     }
     // if
     $this->smarty->assign(array('paper_formats' => $paper_formats, 'paper_orientations' => $paper_orientations, 'pdf_settings_data' => $pdf_settings_data));
 }
Example #3
0
 function __construct($pagepath = null)
 {
     $this->P = person_if_signed_on();
     // "pwb_" prefix means passwordbox
     $this->action = get_http_var('pwb_action');
     $this->pw1 = get_http_var('pw1', null);
     $this->pw2 = get_http_var('pw2', null);
     $this->err = null;
     $this->info = null;
     if (is_null($pagepath)) {
         // no specific page - use the _current_ one.
         $foo = crack_url($_SERVER['REQUEST_URI']);
         $this->pagepath = $foo['path'];
     } else {
         // use the one supplied.
         $this->pagepath = $pagepath;
     }
     if (is_null($this->P)) {
         return;
     }
     if ($this->action == 'set_password') {
         if (is_null($this->pw1) || is_null($this->pw2)) {
             $this->err = "Please type your new password twice";
         } elseif (strlen($this->pw1) < 5 || strlen($this->pw2) < 5) {
             $this->err = "Your password must be at least 5 characters long";
         } elseif ($this->pw1 != $this->pw2) {
             $this->err = "Please type the same password twice";
         } else {
             // all looks good. do it.
             $this->P->password($this->pw1);
             db_commit();
             $this->info = 'Password changed';
         }
     }
 }
Example #4
0
 /**
  * Sets the specified account settings to the current user.
  * A table with | Setting label | value | is expected.
  *
  * @Given /^I set the following account settings values:$/
  * @param TableNode $table
  */
 public function i_set_account_settings(TableNode $table)
 {
     global $USER;
     $prefs = array();
     foreach ($table->getHash() as $accountpref) {
         $prefs[$accountpref['field']] = $accountpref['value'];
     }
     // Validate the settings
     if (isset($prefs['urlid']) && get_config('cleanurls') && $prefs['urlid'] != $USER->get('urlid')) {
         if (strlen($prefs['urlid']) < 3) {
             throw new Exception("Invalid urlid: " . get_string('rule.minlength.minlength', 'pieforms', 3));
         } else {
             if (record_exists('usr', 'urlid', $prefs['urlid'])) {
                 throw new Exception("Invalid urlid: " . get_string('urlalreadytaken', 'account'));
             }
         }
     }
     if (get_config('allowmobileuploads')) {
         foreach ($prefs['mobileuploadtoken'] as $k => $text) {
             if (strlen($text) > 0 && !preg_match('/^[a-zA-Z0-9 !@#$%^&*()\\-_=+\\[{\\]};:\'",<\\.>\\/?]{6,}$/', $text)) {
                 throw new Exception("Invalid mobileuploadtoken: " . get_string('badmobileuploadtoken', 'account'));
             }
         }
     }
     // Update user's account settings
     db_begin();
     // use this as looping through values is not safe.
     $expectedprefs = expected_account_preferences();
     if (isset($prefs['maildisabled']) && $prefs['maildisabled'] == 0 && get_account_preference($USER->get('id'), 'maildisabled') == 1) {
         // Reset the sent and bounce counts otherwise mail will be disabled
         // on the next send attempt
         $u = new StdClass();
         $u->email = $USER->get('email');
         $u->id = $USER->get('id');
         update_bounce_count($u, true);
         update_send_count($u, true);
     }
     // Remember the user's language & theme prefs, so we can reload the page if they change them
     $oldlang = $USER->get_account_preference('lang');
     $oldtheme = $USER->get_account_preference('theme');
     $oldgroupsideblockmaxgroups = $USER->get_account_preference('groupsideblockmaxgroups');
     $oldgroupsideblocksortby = $USER->get_account_preference('groupsideblocksortby');
     if (get_config('allowmobileuploads') && isset($prefs['mobileuploadtoken'])) {
         // Make sure the mobile token is formatted / saved correctly
         $prefs['mobileuploadtoken'] = array_filter($prefs['mobileuploadtoken']);
         $new_token_pref = '|' . join('|', $prefs['mobileuploadtoken']) . '|';
         $USER->set_account_preference('mobileuploadtoken', $new_token_pref);
         unset($prefs['mobileuploadtoken']);
     }
     // Set user account preferences
     foreach ($expectedprefs as $eprefkey => $epref) {
         if (isset($prefs[$eprefkey]) && $prefs[$eprefkey] !== get_account_preference($USER->get('id'), $eprefkey)) {
             $USER->set_account_preference($eprefkey, $prefs[$eprefkey]);
         }
     }
     db_commit();
 }
Example #5
0
 function name($name = null)
 {
     if (!is_null($name)) {
         db_query('update person set name = ? where id = ?', array($name, $this->id));
         db_commit();
         $this->name = $name;
     } elseif (is_null($this->name)) {
         err(_("Person has no name in name() function"));
         // try calling name_or_blank or has_name
     }
     return $this->name;
 }
function delete_tag_submit(Pieform $form, $values)
{
    global $SESSION, $USER, $tag;
    if (!($userid = $USER->get('id'))) {
        redirect(get_config('wwwroot') . 'edittags.php?tag=' . urlencode($tag));
    }
    db_begin();
    execute_sql("DELETE FROM {view_tag} WHERE tag = ? AND view IN (SELECT id FROM {view} WHERE \"owner\" = ?)", array($tag, $userid));
    execute_sql("DELETE FROM {artefact_tag} WHERE tag = ? AND artefact IN (SELECT id FROM {artefact} WHERE \"owner\" = ?)", array($tag, $userid));
    db_commit();
    $SESSION->add_ok_msg(get_string('tagdeletedsuccessfully'));
    redirect(get_config('wwwroot') . 'tags.php');
}
Example #7
0
 public static function deleteuser($event, $user)
 {
     db_begin();
     // Before deleting the user's notifications, remove parent pointers to the
     // messages we're about to delete. The temporary table in this query is
     // required by MySQL
     execute_sql("\n            UPDATE {notification_internal_activity}\n            SET parent = NULL\n            WHERE parent IN (\n                SELECT id FROM (\n                   SELECT id FROM {notification_internal_activity} WHERE usr = ?\n                ) AS temp\n            )", array($user['id']));
     delete_records('notification_internal_activity', 'usr', $user['id']);
     // Delete system messages from this user where the url points to their
     // missing profile.  They're mostly friend requests, which are now useless.
     delete_records_select('notification_internal_activity', '"from" = ? AND type = (SELECT id FROM {activity_type} WHERE name = ?) AND url = ?', array($user['id'], 'maharamessage', get_config('wwwroot') . 'user/view.php?id=' . $user['id']));
     db_commit();
 }
function edit_comment_submit(Pieform $form, $values)
{
    global $viewid, $comment, $SESSION, $goto;
    db_begin();
    $comment->set('description', $values['message']);
    $comment->set('private', 1 - (int) $values['ispublic']);
    $comment->commit();
    require_once 'activity.php';
    $data = (object) array('commentid' => $comment->get('id'), 'viewid' => $viewid);
    activity_occurred('feedback', $data, 'artefact', 'comment');
    db_commit();
    $SESSION->add_ok_msg(get_string('commentupdated', 'artefact.comment'));
    redirect($goto);
}
function addmembers_submit(Pieform $form, $values)
{
    global $SESSION, $group, $USER;
    if (empty($values['users'])) {
        redirect(get_config('wwwroot') . 'group/inviteusers.php?id=' . GROUP);
    }
    db_begin();
    foreach ($values['users'] as $userid) {
        group_invite_user($group, $userid, $USER->get('id'), 'member', true);
    }
    db_commit();
    $SESSION->add_ok_msg(get_string('invitationssent', 'group', count($values['users'])));
    redirect(get_config('wwwroot') . 'group/members.php?id=' . GROUP);
}
Example #10
0
function editgroup_submit(Pieform $form, $values)
{
    global $USER;
    global $SESSION;
    db_begin();
    $now = db_format_timestamp(time());
    list($grouptype, $jointype) = explode('.', $values['grouptype']);
    $values['public'] = isset($values['public']) ? $values['public'] : 0;
    $values['usersautoadded'] = isset($values['usersautoadded']) ? $values['usersautoadded'] : 0;
    update_record('group', (object) array('id' => $values['id'], 'name' => $values['name'], 'description' => $values['description'], 'grouptype' => $grouptype, 'jointype' => $jointype, 'mtime' => $now, 'usersautoadded' => intval($values['usersautoadded']), 'public' => intval($values['public'])), 'id');
    $SESSION->add_ok_msg(get_string('groupsaved', 'group'));
    db_commit();
    redirect('/group/view.php?id=' . $values['id']);
}
function addmembers_submit(Pieform $form, $values)
{
    global $SESSION;
    if (empty($values['users'])) {
        redirect(get_config('wwwroot') . 'group/addmembers.php?id=' . GROUP);
    }
    db_begin();
    foreach ($values['users'] as $userid) {
        group_add_user(GROUP, $userid);
    }
    db_commit();
    $SESSION->add_ok_msg(get_string('newmembersadded', 'group', count($values['users'])));
    redirect(get_config('wwwroot') . 'group/members.php?id=' . GROUP);
}
function license_submit(Pieform $form, $values)
{
    global $SESSION;
    $data = new StdClass();
    foreach (array('name', 'displayname', 'shortname', 'icon') as $f) {
        $data->{$f} = trim($values[$f]);
    }
    db_begin();
    delete_records('artefact_license', 'name', $data->name);
    insert_record('artefact_license', $data);
    db_commit();
    $SESSION->add_ok_msg(get_string('licensesaved', 'admin'));
    redirect('/admin/site/licenses.php');
}
Example #13
0
 /**
  * Link form callback - link the accounts.
  *
  * @param \Pieform $form Pieform instance.
  * @param array $values Submitted values.
  */
 public function loginlink_submit(\Pieform $form, $values)
 {
     global $USER, $SESSION;
     if ($this->authinstance === null || empty($this->oidcusername)) {
         // User is not logged in. They should never reach here, but as a failsafe...
         redirect('/');
     }
     db_begin();
     delete_records('auth_remote_user', 'authinstance', $this->authinstance, 'localusr', $USER->id);
     insert_record('auth_remote_user', (object) array('authinstance' => $this->authinstance, 'remoteusername' => $this->oidcusername, 'localusr' => $USER->id));
     db_commit();
     $SESSION->set('auth_oidc_linkdata', null);
     @session_write_close();
     redirect('/');
 }
Example #14
0
function adminusers_submit(Pieform $form, $values)
{
    global $SESSION;
    db_begin();
    execute_sql('UPDATE {usr}
        SET admin = 0
        WHERE admin = 1');
    execute_sql('UPDATE {usr}
        SET admin = 1
        WHERE id IN (' . join(',', array_map('intval', $values['users'])) . ')');
    activity_add_admin_defaults($values['users']);
    db_commit();
    $SESSION->add_ok_msg(get_string('adminusersupdated', 'admin'));
    redirect('/admin/users/admins.php');
}
function submitview_submit(Pieform $form, $values)
{
    global $SESSION, $USER, $viewid, $groupid, $group;
    db_begin();
    update_record('view', array('submittedgroup' => $groupid, 'submittedtime' => db_format_timestamp(time())), array('id' => $viewid));
    $roles = get_column('grouptype_roles', 'role', 'grouptype', $group->grouptype, 'see_submitted_views', 1);
    foreach ($roles as $role) {
        $accessrecord = (object) array('view' => $viewid, 'group' => $groupid, 'role' => $role, 'visible' => 0, 'allowcomments' => 1, 'approvecomments' => 0);
        ensure_record_exists('view_access', $accessrecord, $accessrecord);
    }
    ArtefactType::update_locked($USER->get('id'));
    activity_occurred('groupmessage', array('subject' => get_string('viewsubmitted', 'view'), 'message' => get_string('viewsubmitted', 'view'), 'submittedview' => $viewid, 'viewowner' => $USER->get('id'), 'group' => $groupid, 'roles' => $roles, 'strings' => (object) array('urltext' => (object) array('key' => 'view'))));
    db_commit();
    $SESSION->add_ok_msg(get_string('viewsubmitted', 'view'));
    redirect('/' . returnto());
}
Example #16
0
function staffusers_submit(Pieform $form, $values)
{
    global $SESSION;
    db_begin();
    execute_sql('UPDATE {usr}
        SET staff = 0
        WHERE staff = 1');
    if ($values['users']) {
        execute_sql('UPDATE {usr}
            SET staff = 1
            WHERE id IN (' . join(',', $values['users']) . ')');
    }
    db_commit();
    $SESSION->add_ok_msg(get_string('staffusersupdated', 'admin'));
    redirect('/admin/users/staff.php');
}
Example #17
0
function import_submit(Pieform $form, $values)
{
    global $SESSION;
    $date = time();
    $nicedate = date('Y/m/d h:i:s', $date);
    $uploaddir = get_config('dataroot') . 'import/test-' . $date . '/';
    $filename = $uploaddir . $values['file']['name'];
    check_dir_exists($uploaddir);
    move_uploaded_file($values['file']['tmp_name'], $filename);
    if ($values['file']['type'] == 'application/zip') {
        // Unzip here
        $command = sprintf('%s %s %s %s', escapeshellcmd(get_config('pathtounzip')), escapeshellarg($filename), get_config('unzipdirarg'), escapeshellarg($uploaddir));
        $output = array();
        exec($command, $output, $returnvar);
        if ($returnvar != 0) {
            $SESSION->add_error_msg('Unable to unzip the file');
            redirect('/import/');
        }
        $filename = $uploaddir . 'leap2a.xml';
        if (!is_file($filename)) {
            $SESSION->add_error_msg('No leap2a.xml file detected - please check your export file again');
            redirect('/import/');
        }
    }
    // Create dummy user
    $user = (object) array('username' => 'import_' . $date, 'password' => 'import1', 'firstname' => 'Imported', 'lastname' => 'User (' . $nicedate . ')', 'email' => '*****@*****.**');
    $userid = create_user($user);
    // And we're good to go
    echo '<pre>';
    $filename = substr($filename, strlen(get_config('dataroot')));
    require_once dirname(dirname(__FILE__)) . '/import/lib.php';
    safe_require('import', 'leap');
    db_begin();
    $importer = PluginImport::create_importer(null, (object) array('token' => '', 'usr' => $userid, 'queue' => (int) (!PluginImport::import_immediately_allowed()), 'ready' => 0, 'expirytime' => db_format_timestamp(time() + 60 * 60 * 24), 'format' => 'leap', 'data' => array('filename' => $filename), 'loglevel' => PluginImportLeap::LOG_LEVEL_VERBOSE, 'logtargets' => LOG_TARGET_STDOUT, 'profile' => true));
    $importer->process();
    // Now done, delete the temporary e-mail address if there's a new one
    // A bit sucky, presumes only one email in the import
    $email = artefact_instance_from_id(get_field('artefact', 'id', 'title', '*****@*****.**', 'artefacttype', 'email', 'owner', $userid));
    $email->delete();
    execute_sql('UPDATE {artefact_internal_profile_email} SET principal = 1 WHERE "owner" = ?', array($userid));
    db_commit();
    echo "\n\n";
    echo 'Done. You can <a href="' . get_config('wwwroot') . '/admin/users/changeuser.php?id=' . $userid . '">change to this user</a> to inspect the result, ';
    echo 'or <a href="' . get_config('wwwroot') . 'import/">try importing again</a>';
    echo '</pre>';
    exit;
}
 /**
  * Delete all items for a invoice
  *
  * @param Invoice $invoice
  * @return null
  */
 function deleteByInvoice($invoice)
 {
     db_begin_work();
     $execute = db_execute('DELETE FROM ' . TABLE_PREFIX . 'invoice_time_records WHERE invoice_id = ?', $invoice->getId());
     if ($execute && !is_error($execute)) {
         $delete = InvoiceItems::delete(array('invoice_id = ?', $invoice->getId()));
         if ($delete && !is_error($delete)) {
             db_commit();
         } else {
             db_rollback();
         }
         // if
         return $delete;
     } else {
         db_rollback();
         return $execute;
     }
     // if
 }
function staffusers_submit(Pieform $form, $values)
{
    global $SESSION, $USER;
    $inst = $values['institution'];
    if (empty($inst) || !$USER->can_edit_institution($inst)) {
        $SESSION->add_error_msg(get_string('notadminforinstitution', 'admin'));
        redirect('/admin/users/institutionstaff.php');
    }
    db_begin();
    execute_sql('UPDATE {usr_institution}
        SET staff = 0
        WHERE staff = 1 AND institution = ' . db_quote($inst));
    if ($values['users']) {
        execute_sql('UPDATE {usr_institution}
            SET staff = 1
            WHERE usr IN (' . join(',', array_map('intval', $values['users'])) . ') AND institution = ' . db_quote($inst));
    }
    db_commit();
    $SESSION->add_ok_msg(get_string('staffusersupdated', 'admin'));
    redirect('/admin/users/institutionstaff.php?institution=' . $inst);
}
 /**
  * Set $currency as default
  *
  * @param Currency $currency
  * @return boolean
  */
 function setDefault($currency)
 {
     if ($currency->getIsDefault()) {
         return true;
     }
     // if
     db_begin_work();
     $currency->setIsDefault(true);
     $update = $currency->save();
     if ($update && !is_error($update)) {
         $update = db_execute('UPDATE ' . TABLE_PREFIX . 'currencies SET is_default = ? WHERE id != ?', false, $currency->getId());
         cache_remove_by_pattern(TABLE_PREFIX . 'currencies_id_*');
         if ($update && !is_error($update)) {
             db_commit();
             return true;
         }
         // if
     }
     // if
     db_rollback();
     return $update;
 }
Example #21
0
function groupadminsform_submit(Pieform $form, $values)
{
    global $SESSION, $group, $admins;
    $newadmins = array_diff($values['admins'], $admins);
    $demoted = array_diff($admins, $values['admins']);
    db_begin();
    if ($demoted) {
        $demoted = join(',', array_map('intval', $demoted));
        execute_sql("\n            UPDATE {group_member}\n            SET role = 'member'\n            WHERE role = 'admin' AND \"group\" = ?\n                AND member IN ({$demoted})", array($group->id));
    }
    $dbnow = db_format_timestamp(time());
    foreach ($newadmins as $id) {
        if (group_user_access($group->id, $id)) {
            group_change_role($group->id, $id, 'admin');
        } else {
            group_add_user($group->id, $id, 'admin');
        }
    }
    db_commit();
    $SESSION->add_ok_msg(get_string('groupadminsupdated', 'admin'));
    redirect(get_config('wwwroot') . 'admin/groups/groups.php');
}
function groupadminsform_submit(Pieform $form, $values)
{
    global $SESSION, $group, $admins;
    $newadmins = array_diff($values['admins'], $admins);
    $demoted = array_diff($admins, $values['admins']);
    db_begin();
    if ($demoted) {
        $demoted = join(',', array_map('intval', $demoted));
        execute_sql("\n            UPDATE {group_member}\n            SET role = 'member'\n            WHERE role = 'admin' AND \"group\" = ?\n                AND member IN ({$demoted})", array($group->id));
    }
    $dbnow = db_format_timestamp(time());
    foreach ($newadmins as $id) {
        if (record_exists('group_member', 'group', $group->id, 'member', $id)) {
            execute_sql("\n                UPDATE {group_member}\n                SET role = 'admin'\n                WHERE \"group\" = ? AND member = ?", array($group->id, $id));
        } else {
            insert_record('group_member', (object) array('group' => $group->id, 'member' => $id, 'role' => 'admin', 'ctime' => $dbnow, 'mtime' => $dbnow));
        }
    }
    db_commit();
    $SESSION->add_ok_msg(get_string('groupadminsupdated', 'admin'));
    redirect(get_config('wwwroot') . 'admin/groups/groups.php');
}
Example #23
0
function adminusers_submit(Pieform $form, $values)
{
    global $SESSION, $USER;
    $inst = $values['institution'];
    if (empty($inst) || !$USER->can_edit_institution($inst)) {
        $SESSION->add_error_msg(get_string('notadminforinstitution', 'admin'));
        redirect('/admin/users/institutionadmins.php');
    }
    db_begin();
    execute_sql('UPDATE {usr_institution}
        SET admin = 0
        WHERE admin = 1 AND institution = ' . db_quote($inst));
    if ($values['users']) {
        execute_sql('UPDATE {usr_institution}
            SET admin = 1
            WHERE usr IN (' . join(',', $values['users']) . ') AND institution = ' . db_quote($inst));
    }
    require_once 'activity.php';
    activity_add_admin_defaults($values['users']);
    db_commit();
    $SESSION->add_ok_msg(get_string('adminusersupdated', 'admin'));
    redirect('/admin/users/institutionadmins.php?institution=' . $inst);
}
/**
 * Add the users to the system. Make sure that they have to change their
 * password on next login also.
 */
function uploadcsv_submit(Pieform $form, $values)
{
    global $SESSION, $CSVDATA, $FORMAT;
    $formatkeylookup = array_flip($FORMAT);
    $authinstance = (int) $values['authinstance'];
    $authobj = get_record('auth_instance', 'id', $authinstance);
    $institution = new Institution($authobj->institution);
    $maxusers = $institution->maxuseraccounts;
    if (!empty($maxusers)) {
        $members = count_records_sql('
            SELECT COUNT(*) FROM {usr} u INNER JOIN {usr_institution} i ON u.id = i.usr
            WHERE i.institution = ? AND u.deleted = 0', array($institution->name));
        if ($members + count($CSVDATA) > $maxusers) {
            $SESSION->add_error_msg(get_string('uploadcsvfailedusersexceedmaxallowed', 'admin'));
            redirect('/admin/users/uploadcsv.php');
        }
    }
    log_info('Inserting users from the CSV file');
    db_begin();
    $addedusers = array();
    foreach ($CSVDATA as $record) {
        log_debug('adding user ' . $record[$formatkeylookup['username']]);
        $user = new StdClass();
        $user->authinstance = $authinstance;
        $user->username = $record[$formatkeylookup['username']];
        $user->firstname = $record[$formatkeylookup['firstname']];
        $user->lastname = $record[$formatkeylookup['lastname']];
        $user->password = $record[$formatkeylookup['password']];
        $user->email = $record[$formatkeylookup['email']];
        if (isset($formatkeylookup['studentid'])) {
            $user->studentid = $record[$formatkeylookup['studentid']];
        }
        if (isset($formatkeylookup['preferredname'])) {
            $user->preferredname = $record[$formatkeylookup['preferredname']];
        }
        $user->passwordchange = (int) $values['forcepasswordchange'];
        $profilefields = new StdClass();
        foreach ($FORMAT as $field) {
            if ($field == 'username' || $field == 'password') {
                continue;
            }
            $profilefields->{$field} = $record[$formatkeylookup[$field]];
        }
        $user->id = create_user($user, $profilefields, $institution, $authobj);
        if ($values['emailusers']) {
            $addedusers[] = $user;
        }
    }
    db_commit();
    // Only send e-mail to users after we're sure they have been inserted
    // successfully
    $straccountcreatedtext = $values['forcepasswordchange'] ? 'accountcreatedchangepasswordtext' : 'accountcreatedtext';
    $straccountcreatedhtml = $values['forcepasswordchange'] ? 'accountcreatedchangepasswordhtml' : 'accountcreatedhtml';
    if ($values['emailusers'] && $addedusers) {
        foreach ($addedusers as $user) {
            $failedusers = array();
            try {
                email_user($user, null, get_string('accountcreated', 'mahara', get_config('sitename')), get_string($straccountcreatedtext, 'mahara', $user->firstname, get_config('sitename'), $user->username, $user->password, get_config('wwwroot'), get_config('sitename')), get_string($straccountcreatedhtml, 'mahara', $user->firstname, get_config('wwwroot'), get_config('sitename'), $user->username, $user->password, get_config('wwwroot'), get_config('wwwroot'), get_config('sitename')));
            } catch (EmailException $e) {
                log_info($e->getMessage());
                $failedusers[] = $user;
            }
        }
        if ($failedusers) {
            $message = get_string('uploadcsvsomeuserscouldnotbeemailed', 'admin') . "\n<ul>\n";
            foreach ($failedusers as $user) {
                $message .= '<li>' . full_name($user) . ' &lt;' . hsc($user->email) . "&gt;</li>\n";
            }
            $message .= "</ul>\n";
            $SESSION->add_info_msg($message, false);
        }
    }
    log_info('Inserted ' . count($CSVDATA) . ' records');
    $SESSION->add_ok_msg(get_string('uploadcsvusersaddedsuccessfully', 'admin'));
    redirect('/admin/users/uploadcsv.php');
}
Example #25
0
function newsDelete($post)
{
    db_do("DELETE FROM news WHERE id=?", $post['id']);
    db_commit();
    ?>
<div class="action_summary">Deleted '<?php 
    echo $post['title'];
    ?>
'</div>
<?php 
}
Example #26
0
        break;
    case PRINTIMPORTITEMSFORM_ACT:
        print_import_items_form();
        break;
    case DOIMPORT_ACT:
        db_begin();
        if (isset($_POST['import_submit'])) {
            save_decisions();
            // Do import and print the results
            do_import();
        } else {
            if (isset($_POST['cancel_import_submit'])) {
                cancel_import();
            }
        }
        db_commit();
        break;
}
function print_upload_form()
{
    $form = pieform(array('name' => 'import', 'method' => 'post', 'plugintype ' => 'core', 'pluginname' => 'import', 'elements' => array('leap2afile' => array('type' => 'file', 'title' => get_string('uploadleap2afile', 'admin'), 'rules' => array('required' => true)), 'submit' => array('type' => 'submit', 'value' => get_string('Import', 'import')))));
    $smarty = smarty();
    $smarty->assign('PAGEHEADING', get_string('importyourportfolio', 'import'));
    $smarty->assign('pagedescription', get_string('importportfoliodescription', 'import'));
    $smarty->assign('form', $form);
    $smarty->display('form.tpl');
}
function import_validate(Pieform $form, $values)
{
    global $USER, $TRANSPORTER;
    if (!isset($values['leap2afile'])) {
Example #27
0
function editgoalsandskills_submit(Pieform $form, array $values)
{
    global $SESSION, $artefact, $USER;
    require_once 'embeddedimage.php';
    $newdescription = EmbeddedImage::prepare_embedded_images($values['description'], $values['artefacttype'], $USER->get('id'));
    db_begin();
    $artefact->set('title', get_string($values['artefacttype'], 'artefact.resume'));
    $artefact->set('description', $newdescription);
    $artefact->commit();
    // Attachments
    $old = $artefact->attachment_id_list();
    $new = is_array($values['filebrowser']) ? $values['filebrowser'] : array();
    // only allow the attaching of files that exist and are editable by user
    foreach ($new as $key => $fileid) {
        $file = artefact_instance_from_id($fileid);
        if (!$file instanceof ArtefactTypeFile || !$USER->can_publish_artefact($file)) {
            unset($new[$key]);
        }
    }
    if (!empty($new) || !empty($old)) {
        foreach ($old as $o) {
            if (!in_array($o, $new)) {
                try {
                    $artefact->detach($o);
                } catch (ArtefactNotFoundException $e) {
                }
            }
        }
        foreach ($new as $n) {
            if (!in_array($n, $old)) {
                try {
                    $artefact->attach($n);
                } catch (ArtefactNotFoundException $e) {
                }
            }
        }
    }
    db_commit();
    $result = array('error' => false, 'message' => get_string('goalandskillsaved', 'artefact.resume'), 'goto' => get_config('wwwroot') . 'artefact/resume/goalsandskills.php');
    if ($form->submitted_by_js()) {
        // Redirect back to the resume goals and skills page from within the iframe
        $SESSION->add_ok_msg($result['message']);
        $form->json_reply(PIEFORM_OK, $result, false);
    }
    $form->reply(PIEFORM_OK, $result);
}
Example #28
0
 /**
  *	create - use this function to create a new entry in the database.
  *
  *	@param	string	The filename of this document. Can be a URL.
  *	@param	string	The filetype of this document. If filename is URL, this should be 'URL';
  *	@param	string	The contents of this document (should be addslashes()'d before entry).
  *	@param	int	The doc_group id of the doc_groups table.
  *	@param	string	The title of this document.
  *	@param	int	The language id of the supported_languages table.
  *	@param	string	The description of this document.
  *	@return	boolean	success.
  */
 function create($filename, $filetype, $data, $doc_group, $title, $language_id, $description)
 {
     if (strlen($title) < 5) {
         $this->setError(_('Title Must Be At Least 5 Characters'));
         return false;
     }
     if (strlen($description) < 10) {
         $this->setError(_('Document Description Must Be At Least 10 Characters'));
         return false;
     }
     /*
     		$perm =& $this->Group->getPermission( session_get_user() );
     		if (!$perm || !is_object($perm) || !$perm->isDocEditor()) {
     			$this->setPermissionDeniedError();
     			return false;
     		}
     */
     $user_id = session_loggedin() ? user_getid() : 100;
     $doc_initstatus = '3';
     // If Editor - uploaded Documents are ACTIVE
     if (session_loggedin()) {
         $perm =& $this->Group->getPermission(session_get_user());
         if ($perm && is_object($perm) && $perm->isDocEditor()) {
             $doc_initstatus = '1';
         }
     }
     // If $filetype is "text/plain", $body convert UTF-8 encoding.
     if (strcasecmp($filetype, "text/plain") === 0 && function_exists('mb_convert_encoding') && function_exists('mb_detect_encoding')) {
         $data = mb_convert_encoding($data, 'UTF-8', mb_detect_encoding($data));
     }
     $data1 = $data;
     // key words for in-document search
     $kw = new Parsedata($this->engine_path);
     $kwords = $kw->get_parse_data(stripslashes($data1), htmlspecialchars($title1), htmlspecialchars($description), $filetype);
     // $kwords = "";
     $filesize = strlen($data);
     $sql = "INSERT INTO doc_data (group_id,title,description,createdate,doc_group,\n\t\t\tstateid,language_id,filename,filetype,filesize,data,data_words,created_by)\n\t\t\tVALUES ('" . $this->Group->getId() . "',\n\t\t\t'" . htmlspecialchars($title) . "',\n\t\t\t'" . htmlspecialchars($description) . "',\n\t\t\t'" . time() . "',\n\t\t\t'{$doc_group}',\n\t\t\t'{$doc_initstatus}',\n\t\t\t'{$language_id}',\n\t\t\t'{$filename}',\n\t\t\t'{$filetype}',\n\t\t\t'{$filesize}',\n\t\t\t'" . base64_encode(stripslashes($data)) . "',\n\t\t\t'{$kwords}',\n\t\t\t'{$user_id}')";
     db_begin();
     $result = db_query($sql);
     if (!$result) {
         $this->setError('Error Adding Document: ' . db_error());
         db_rollback();
         return false;
     }
     $docid = db_insertid($result, 'doc_data', 'docid');
     if (!$this->fetchData($docid)) {
         db_rollback();
         return false;
     }
     $this->sendNotice(true);
     db_commit();
     return true;
 }
Example #29
0
function editpost_submit(Pieform $form, $values)
{
    global $USER, $SESSION, $blogpost, $blog;
    require_once 'embeddedimage.php';
    db_begin();
    $postobj = new ArtefactTypeBlogPost($blogpost, null);
    $postobj->set('title', $values['title']);
    $postobj->set('description', $values['description']);
    $postobj->set('tags', $values['tags']);
    if (get_config('licensemetadata')) {
        $postobj->set('license', $values['license']);
        $postobj->set('licensor', $values['licensor']);
        $postobj->set('licensorurl', $values['licensorurl']);
    }
    $postobj->set('published', !$values['draft']);
    $postobj->set('allowcomments', (int) $values['allowcomments']);
    if (!$blogpost) {
        $postobj->set('parent', $blog);
        $blogobj = new ArtefactTypeBlog($blog);
        if ($blogobj->get('institution')) {
            $postobj->set('institution', $blogobj->get('institution'));
        } else {
            if ($blogobj->get('group')) {
                $postobj->set('group', $blogobj->get('group'));
            } else {
                $postobj->set('owner', $USER->id);
            }
        }
    }
    $postobj->commit();
    $blogpost = $postobj->get('id');
    // Need to wait until post is saved in case we are a new blogpost before we can sort out embedded images as we need an id
    $postobj->set('description', EmbeddedImage::prepare_embedded_images($values['description'], 'blogpost', $postobj->get('id')));
    // Attachments
    $old = $postobj->attachment_id_list();
    // $new = is_array($values['filebrowser']['selected']) ? $values['filebrowser']['selected'] : array();
    $new = is_array($values['filebrowser']) ? $values['filebrowser'] : array();
    // only allow the attaching of files that exist and are editable by user
    foreach ($new as $key => $fileid) {
        $file = artefact_instance_from_id($fileid);
        if (!$file instanceof ArtefactTypeFile || !$USER->can_publish_artefact($file)) {
            unset($new[$key]);
        }
    }
    if (!empty($new) || !empty($old)) {
        foreach ($old as $o) {
            if (!in_array($o, $new)) {
                try {
                    $postobj->detach($o);
                } catch (ArtefactNotFoundException $e) {
                }
            }
        }
        foreach ($new as $n) {
            if (!in_array($n, $old)) {
                try {
                    $postobj->attach($n);
                } catch (ArtefactNotFoundException $e) {
                }
            }
        }
    }
    db_commit();
    $result = array('error' => false, 'message' => get_string('blogpostsaved', 'artefact.blog'), 'goto' => get_config('wwwroot') . 'artefact/blog/view/index.php?id=' . $blog);
    if ($form->submitted_by_js()) {
        // Redirect back to the blog page from within the iframe
        $SESSION->add_ok_msg($result['message']);
        $form->json_reply(PIEFORM_OK, $result, false);
    }
    $form->reply(PIEFORM_OK, $result);
}
Example #30
0
 /**
  * Makes a literal copy of a list of collections for this user.
  *
  * @param array $templateids A list of collectionids to copy.
  */
 public function copy_collections($templateids, $checkviewaccess = true)
 {
     if (!$templateids) {
         // Nothing to do
         return;
     }
     if (!is_array($templateids)) {
         throw new SystemException('User->copy_collections: templateids must be a list of templates to copy for the user');
     }
     require_once get_config('libroot') . 'collection.php';
     $collections = array();
     $results = get_records_select_array('collection', 'id IN (' . implode(', ', db_array_to_ph($templateids)) . ')', $templateids, '', 'id, name');
     foreach ($results as $result) {
         $collections[$result->id] = $result;
     }
     db_begin();
     foreach ($templateids as $tid) {
         Collection::create_from_template(array('owner' => $this->get('id'), 'title' => $collections[$tid]->name), $tid, $this->get('id'), $checkviewaccess);
     }
     db_commit();
 }