public function new_user()
{
$register_form = parent::load('form', 'LoginForm', $_POST, 'system/contrib/auth');
parent::load('model', 'system/contrib/auth');
$roles = RoleTable::getInstance()->findAll();
$this->smarty->assign('all_roles', $roles);
$groups = GroupTable::getInstance()->findAll();
$groups_cleaned = array();
foreach ($groups as $k => $v) {
$groups_cleaned[$v['id']] = $v['name'];
}
$this->smarty->assign('all_groups', $groups_cleaned);
if ($this->is_post()) {
/*
* 验证表单数据
*/
if ($register_form->is_valid() && Request::$method == 'POST') {
$user = UserTable::findByUsername($register_form->data['username']);
if ($user) {
array_push($register_form->messages, '员工名称已经存在');
} else {
$user = new User();
$user->username = $register_form->data['username'];
$user->password = User::generate_password($register_form->data['password']);
$user->group_id = abs(intval($_POST['group']));
/*
* 用户角色
*/
if ($_POST['roles']) {
foreach ($roles as $k => $role) {
if (in_array($role['id'], $_POST['roles'])) {
$user->Role[$k] = $role;
}
}
}
$user->save();
HTTPRedirect::flash_to('manager/new_user', sprintf('添加新员工 %s 成功', $user->username), $this->smarty);
}
}
}
$this->smarty->assign('register_form', $register_form->output());
$this->smarty->display('manager/users/new');
}
public function change_password()
{
parent::load('model', 'system/contrib/auth.User');
$user = UserTable::getInstance()->find(User::info('id'));
import('system/share/network/redirect');
if ($this->is_post()) {
list($func, $random, $encryped) = explode('$', $user->password);
/*
* 验证原密码
*/
if ($user->password && $user->password === User::generate_password($_POST['old_password'], $random, $func)) {
$user->password = User::generate_password($_POST['new_password']);
$user->save();
User::logout();
$message = '修改密码成功, 请重新登录';
HTTPRedirect::flash_to(url_reverse('auth_login'), $message, $this->smarty);
} else {
$message = '原密码不正确, 请重试';
HTTPRedirect::flash_to('accounts/change_password', $message, $this->smarty);
}
}
$this->smarty->display('auth/change_password');
}
$group = Ini::$r_users_group;
//add new users
$sql = sprintf("SELECT `id` FROM `%s`", User::get_mysql_table());
$z = mysql_query($sql);
while ($r = mysql_fetch_array($z)) {
$name = Ini::$r_users_name_prefix . $r['id'];
$sql = sprintf("SELECT * FROM `%s` WHERE `User_id`=%s", UserR::get_mysql_table(), $r["id"]);
$z2 = mysql_query($sql);
//UNIX user doesn't exist
if (mysql_num_rows($z2) == 0) {
//adgroup
`/usr/sbin/groupadd {$group}`;
//adduser
`/usr/sbin/useradd -d /home/{$name} -s /sbin/nologin -g {$group} {$name}`;
//passwd
$password = User::generate_password();
`/usr/bin/passwd {$name} <<EOF\n{$password}\n{$password}\nEOF`;
//insert UserR record
$user = new UserR();
$user->login = $name;
$user->password = $password;
$user->User_id = $r['id'];
$user->mysql_save();
}
$media_dir = Ini::$path_internal_media . $r["id"];
if (!is_dir($media_dir)) {
mkdir($media_dir, 0775, true);
}
chown($media_dir, $name);
chgrp($media_dir, Ini::$php_user_group);
chmod($media_dir, 0775);
public function contract($order_id, $step = null)
{
AuthPlugins::required($this, array('销售经理', '销售顾问'));
$order_id = abs(intval($order_id));
$order = Order::get_by_id($order_id);
if (!$step) {
$step = 'solution';
}
$smarty = parent::load('smarty');
$smarty->assign('order', $order);
switch ($step) {
case 'solution':
$solution_id = abs(intval($_GET['id']));
if ($solution_id) {
/*
* 全部设为非选定方案
*/
Solution::set_unchecked();
/*
* 选定某个方案
*/
Solution::select($solution_id);
HttpRedirect::to('order/contract/' . $order_id . '/paper');
} else {
$solutions = Solution::get_by_order($order_id);
if (!$solutions) {
$message = '您还没有为此订单添加方案, 请返回添加';
HTTPRedirect::flash_to('order/detail/' . $order_id, $message, $smarty);
}
$smarty->assign('page_title', '签约订单 - 选定方案 Step 1');
$smarty->display('contract/solution');
}
break;
case 'paper':
if (!Solution::get_checked($order_id)) {
$message = '您还没有选择方案, 请返回选择';
HTTPRedirect::flash_to('order/contract/' . $order_id . '/solution', $message, $smarty);
}
if ($this->is_post() || $_FILES) {
import('system/share/io/filesystem');
FileSystem::init();
$http_path = FileSystem::Upload($_FILES['paper_attachment'], false);
if (!FileSystem::$local_path) {
$message = '不支持的附件类型, 请检查';
HTTPRedirect::flash_to('order/detail/' . $order_id, $message, $smarty);
}
$order->paper_attachment = $http_path;
$order->save();
HTTPRedirect::flash_to('order/contract/' . $order_id . '/payment', '上传合同成功', $this->smarty);
} else {
$smarty->assign('page_title', '签约订单 - 上传合同附件 Step 2');
$smarty->display('contract/paper');
}
break;
case 'payment':
if ($this->is_post()) {
/*
* 获取选定的订单方案
*/
$solution = Solution::get_checked($order_id);
/*首付款*/
$first_pay = new Payment();
$first_pay->order_id = $order_id;
$first_pay->type = 'first';
$first_pay->price = abs(intval($_POST['deposit']));
$first_pay->invoice = abs(intval($_POST['invoice']));
$first_pay->public = abs(intval($_POST['pub']));
$first_pay->bank = trim(strip_tags($_POST['bank']));
$first_pay->is_payed = abs(intval($_POST['is_deposit']));
$first_pay->save();
/*二期款*/
$second_pay = new Payment();
$second_pay->order_id = $order_id;
$second_pay->type = 'second';
$second_pay->price = abs(intval($_POST['payment']));
$second_pay->invoice = abs(intval($_POST['invoice']));
$second_pay->public = abs(intval($_POST['pub']));
$second_pay->bank = trim(strip_tags($_POST['bank']));
$second_pay->is_payed = abs(intval($_POST['is_payment']));
$second_pay->save();
/*尾款*/
$last_pay = new Payment();
$last_pay->order_id = $order_id;
$last_pay->type = 'last';
$last_pay->price = abs(intval($_POST['last_pay']));
$last_pay->invoice = abs(intval($_POST['invoice']));
$last_pay->public = abs(intval($_POST['pub']));
$last_pay->bank = trim(strip_tags($_POST['bank']));
$last_pay->is_payed = abs(intval($_POST['is_last_pay']));
$last_pay->save();
$old_workflow = $order->Workflow->action;
$workflow = Workflow::get_by_alias('新增财务订单');
$order->Workflow = $workflow;
$order->save();
/*
* 在用户表中写入客户的登录信息
* 登录名为客户填写的名字加订单ID
* 密码为'MG-客服ID-订单号'
*/
$user = new User();
$user->username = $order->Customer->name . $order->id;
$user->password = User::generate_password(sprintf('MG-%s-%s', $order->customer_service_id, $order->id));
$user->Role[0] = Role::get_by_alias('客户');
$user->save();
$order->Customer->CustomerUser = $user;
$order->Customer->save();
$message = '恭喜您签约订单成功, 目前订单已转入财务管理页面';
HTTPRedirect::flash_to('order/list/6', $message, $smarty);
} else {
$smarty->assign('page_title', '签约订单 - 付款信息 Step 3');
$smarty->display('contract/payment');
}
break;
}
}
public function create_db_user()
{
$user = Ini::$db_users_name_prefix . $this->id;
$password = User::generate_password();
$db_name = Ini::$db_users_db_name_prefix . $this->id;
$sql = sprintf("CREATE USER '%s'@'localhost' IDENTIFIED BY '%s';", $user, $password);
mysql_query($sql);
$this->db_login = $user;
$this->db_password = $password;
$this->db_name = $db_name;
parent::mysql_save();
$sql = sprintf("CREATE DATABASE `%s` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci", $db_name);
mysql_query($sql);
$sql = sprintf("GRANT ALL PRIVILEGES ON `%s`.* TO '%s'@'localhost'", $db_name, $user);
mysql_query($sql);
Ini::create_db_structure();
}
/**
* @see AuthInterface::forgot_password()
* @param string $username
* @param string $name
* @return bool
*/
public function forgot_password($username, $mail)
{
if ($username and $mail) {
$system_log = new SystemLog(null);
if (User::exist_username($username)) {
$user_id = User::get_user_id_by_username($username);
$user = new User($user_id);
if ($user->check_mail(strtolower($mail))) {
if ($user->get_boolean_user_entry("user_inactive") == false) {
$new_password = User::generate_password();
$mail = new Mail();
$mail->set_recipient($user_id);
$mail->set_subject("Your New Open-LIMS Password");
$mail->set_text("Your new password: "******"must_change_password", true);
// Password sended successfully
$system_log->create($user_id, 1, 1, "Password Send", "Forgot Password", "auth.php", null, null);
return true;
} else {
// Error via sending
throw new AuthForgotPasswordSendFailedException("", 0);
}
} else {
// Inactive User
$system_log->create($user_id, 1, 1, "Inactive User", "Forgot Password", "auth.php", null, null);
throw new AuthUserNotFoundException("", 0);
}
} else {
// Wrong E-Mail
$system_log->create($user_id, 1, 0, "Wrong E-Mail", "Forgot Password", "auth.php", null, null);
throw new AuthUserNotFoundException("", 0);
}
} else {
// User Not Found
$system_log->create(null, 1, 0, "User \"" . $username . "\" Not Found", "Forgot Password", "auth.php", null, null);
throw new AuthUserNotFoundException("", 0);
}
} else {
throw new AuthUserNotFoundException("", 0);
}
}
