public function new_user() { $register_form = parent::load('form', 'LoginForm', $_POST, 'system/contrib/auth'); parent::load('model', 'system/contrib/auth'); $roles = RoleTable::getInstance()->findAll(); $this->smarty->assign('all_roles', $roles); $groups = GroupTable::getInstance()->findAll(); $groups_cleaned = array(); foreach ($groups as $k => $v) { $groups_cleaned[$v['id']] = $v['name']; } $this->smarty->assign('all_groups', $groups_cleaned); if ($this->is_post()) { /* * 验证表单数据 */ if ($register_form->is_valid() && Request::$method == 'POST') { $user = UserTable::findByUsername($register_form->data['username']); if ($user) { array_push($register_form->messages, '员工名称已经存在'); } else { $user = new User(); $user->username = $register_form->data['username']; $user->password = User::generate_password($register_form->data['password']); $user->group_id = abs(intval($_POST['group'])); /* * 用户角色 */ if ($_POST['roles']) { foreach ($roles as $k => $role) { if (in_array($role['id'], $_POST['roles'])) { $user->Role[$k] = $role; } } } $user->save(); HTTPRedirect::flash_to('manager/new_user', sprintf('添加新员工 %s 成功', $user->username), $this->smarty); } } } $this->smarty->assign('register_form', $register_form->output()); $this->smarty->display('manager/users/new'); }
public function change_password() { parent::load('model', 'system/contrib/auth.User'); $user = UserTable::getInstance()->find(User::info('id')); import('system/share/network/redirect'); if ($this->is_post()) { list($func, $random, $encryped) = explode('$', $user->password); /* * 验证原密码 */ if ($user->password && $user->password === User::generate_password($_POST['old_password'], $random, $func)) { $user->password = User::generate_password($_POST['new_password']); $user->save(); User::logout(); $message = '修改密码成功, 请重新登录'; HTTPRedirect::flash_to(url_reverse('auth_login'), $message, $this->smarty); } else { $message = '原密码不正确, 请重试'; HTTPRedirect::flash_to('accounts/change_password', $message, $this->smarty); } } $this->smarty->display('auth/change_password'); }
$group = Ini::$r_users_group; //add new users $sql = sprintf("SELECT `id` FROM `%s`", User::get_mysql_table()); $z = mysql_query($sql); while ($r = mysql_fetch_array($z)) { $name = Ini::$r_users_name_prefix . $r['id']; $sql = sprintf("SELECT * FROM `%s` WHERE `User_id`=%s", UserR::get_mysql_table(), $r["id"]); $z2 = mysql_query($sql); //UNIX user doesn't exist if (mysql_num_rows($z2) == 0) { //adgroup `/usr/sbin/groupadd {$group}`; //adduser `/usr/sbin/useradd -d /home/{$name} -s /sbin/nologin -g {$group} {$name}`; //passwd $password = User::generate_password(); `/usr/bin/passwd {$name} <<EOF\n{$password}\n{$password}\nEOF`; //insert UserR record $user = new UserR(); $user->login = $name; $user->password = $password; $user->User_id = $r['id']; $user->mysql_save(); } $media_dir = Ini::$path_internal_media . $r["id"]; if (!is_dir($media_dir)) { mkdir($media_dir, 0775, true); } chown($media_dir, $name); chgrp($media_dir, Ini::$php_user_group); chmod($media_dir, 0775);
public function contract($order_id, $step = null) { AuthPlugins::required($this, array('销售经理', '销售顾问')); $order_id = abs(intval($order_id)); $order = Order::get_by_id($order_id); if (!$step) { $step = 'solution'; } $smarty = parent::load('smarty'); $smarty->assign('order', $order); switch ($step) { case 'solution': $solution_id = abs(intval($_GET['id'])); if ($solution_id) { /* * 全部设为非选定方案 */ Solution::set_unchecked(); /* * 选定某个方案 */ Solution::select($solution_id); HttpRedirect::to('order/contract/' . $order_id . '/paper'); } else { $solutions = Solution::get_by_order($order_id); if (!$solutions) { $message = '您还没有为此订单添加方案, 请返回添加'; HTTPRedirect::flash_to('order/detail/' . $order_id, $message, $smarty); } $smarty->assign('page_title', '签约订单 - 选定方案 Step 1'); $smarty->display('contract/solution'); } break; case 'paper': if (!Solution::get_checked($order_id)) { $message = '您还没有选择方案, 请返回选择'; HTTPRedirect::flash_to('order/contract/' . $order_id . '/solution', $message, $smarty); } if ($this->is_post() || $_FILES) { import('system/share/io/filesystem'); FileSystem::init(); $http_path = FileSystem::Upload($_FILES['paper_attachment'], false); if (!FileSystem::$local_path) { $message = '不支持的附件类型, 请检查'; HTTPRedirect::flash_to('order/detail/' . $order_id, $message, $smarty); } $order->paper_attachment = $http_path; $order->save(); HTTPRedirect::flash_to('order/contract/' . $order_id . '/payment', '上传合同成功', $this->smarty); } else { $smarty->assign('page_title', '签约订单 - 上传合同附件 Step 2'); $smarty->display('contract/paper'); } break; case 'payment': if ($this->is_post()) { /* * 获取选定的订单方案 */ $solution = Solution::get_checked($order_id); /*首付款*/ $first_pay = new Payment(); $first_pay->order_id = $order_id; $first_pay->type = 'first'; $first_pay->price = abs(intval($_POST['deposit'])); $first_pay->invoice = abs(intval($_POST['invoice'])); $first_pay->public = abs(intval($_POST['pub'])); $first_pay->bank = trim(strip_tags($_POST['bank'])); $first_pay->is_payed = abs(intval($_POST['is_deposit'])); $first_pay->save(); /*二期款*/ $second_pay = new Payment(); $second_pay->order_id = $order_id; $second_pay->type = 'second'; $second_pay->price = abs(intval($_POST['payment'])); $second_pay->invoice = abs(intval($_POST['invoice'])); $second_pay->public = abs(intval($_POST['pub'])); $second_pay->bank = trim(strip_tags($_POST['bank'])); $second_pay->is_payed = abs(intval($_POST['is_payment'])); $second_pay->save(); /*尾款*/ $last_pay = new Payment(); $last_pay->order_id = $order_id; $last_pay->type = 'last'; $last_pay->price = abs(intval($_POST['last_pay'])); $last_pay->invoice = abs(intval($_POST['invoice'])); $last_pay->public = abs(intval($_POST['pub'])); $last_pay->bank = trim(strip_tags($_POST['bank'])); $last_pay->is_payed = abs(intval($_POST['is_last_pay'])); $last_pay->save(); $old_workflow = $order->Workflow->action; $workflow = Workflow::get_by_alias('新增财务订单'); $order->Workflow = $workflow; $order->save(); /* * 在用户表中写入客户的登录信息 * 登录名为客户填写的名字加订单ID * 密码为'MG-客服ID-订单号' */ $user = new User(); $user->username = $order->Customer->name . $order->id; $user->password = User::generate_password(sprintf('MG-%s-%s', $order->customer_service_id, $order->id)); $user->Role[0] = Role::get_by_alias('客户'); $user->save(); $order->Customer->CustomerUser = $user; $order->Customer->save(); $message = '恭喜您签约订单成功, 目前订单已转入财务管理页面'; HTTPRedirect::flash_to('order/list/6', $message, $smarty); } else { $smarty->assign('page_title', '签约订单 - 付款信息 Step 3'); $smarty->display('contract/payment'); } break; } }
public function create_db_user() { $user = Ini::$db_users_name_prefix . $this->id; $password = User::generate_password(); $db_name = Ini::$db_users_db_name_prefix . $this->id; $sql = sprintf("CREATE USER '%s'@'localhost' IDENTIFIED BY '%s';", $user, $password); mysql_query($sql); $this->db_login = $user; $this->db_password = $password; $this->db_name = $db_name; parent::mysql_save(); $sql = sprintf("CREATE DATABASE `%s` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci", $db_name); mysql_query($sql); $sql = sprintf("GRANT ALL PRIVILEGES ON `%s`.* TO '%s'@'localhost'", $db_name, $user); mysql_query($sql); Ini::create_db_structure(); }
/** * @see AuthInterface::forgot_password() * @param string $username * @param string $name * @return bool */ public function forgot_password($username, $mail) { if ($username and $mail) { $system_log = new SystemLog(null); if (User::exist_username($username)) { $user_id = User::get_user_id_by_username($username); $user = new User($user_id); if ($user->check_mail(strtolower($mail))) { if ($user->get_boolean_user_entry("user_inactive") == false) { $new_password = User::generate_password(); $mail = new Mail(); $mail->set_recipient($user_id); $mail->set_subject("Your New Open-LIMS Password"); $mail->set_text("Your new password: "******"must_change_password", true); // Password sended successfully $system_log->create($user_id, 1, 1, "Password Send", "Forgot Password", "auth.php", null, null); return true; } else { // Error via sending throw new AuthForgotPasswordSendFailedException("", 0); } } else { // Inactive User $system_log->create($user_id, 1, 1, "Inactive User", "Forgot Password", "auth.php", null, null); throw new AuthUserNotFoundException("", 0); } } else { // Wrong E-Mail $system_log->create($user_id, 1, 0, "Wrong E-Mail", "Forgot Password", "auth.php", null, null); throw new AuthUserNotFoundException("", 0); } } else { // User Not Found $system_log->create(null, 1, 0, "User \"" . $username . "\" Not Found", "Forgot Password", "auth.php", null, null); throw new AuthUserNotFoundException("", 0); } } else { throw new AuthUserNotFoundException("", 0); } }