Example #1
0
/**
* Return if the user can access the update page
* @param User $user the user to evaluate
* @param string $function the requested function
* @return if the user can access the update page
*/
function validate_function(&$user, $function)
{
    if (Auth::isAdmin() || $user->get_isadmin()) {
        return true;
    }
    if ($function == 'editPerms' || $function == 'resetPass') {
        return $user->is_group_admin();
    }
    return false;
}
Example #2
0
* License: GPL, see LICENSE
*/
include_once 'lib/Template.class.php';
include_once 'lib/Utility.class.php';
include_once 'templates/cpanel.template.php';
if (!Auth::is_logged_in()) {
    Auth::print_login_msg();
    // Check if user is logged in
}
$t = new Template(translate('My Control Panel'));
$db = new DBEngine();
$t->printHTMLHeader();
$t->printWelcome();
$t->startMain();
$user = new User(Auth::getCurrentID());
$is_group_admin = $user->is_group_admin();
$t->startNavLinkTable();
$t->showNavLinksTable(Auth::isAdmin());
$t->endNavLinkTable();
$t->splitTable();
$order = array('number');
$announcements = $db->get_announcements(mktime());
if ($announcements) {
    showAnnouncementTable($announcements, $db->get_err());
    printCpanelBr();
}
// Valid order values in reservation retreival
$order = array('start_date', 'name', 'starttime', 'endtime', 'created', 'modified');
$res = $db->get_user_reservations(Auth::getCurrentID(), CmnFns::get_value_order($order), CmnFns::get_vert_order());
showReservationTable($res, $db->get_err());
// Print out My Reservations
Example #3
0
/**
* Prints out reservation info depending on what parameters
*  were passed in through the query string
* @param none
*/
function present_reservation($resid)
{
    global $Class;
    // Get info about this reservation
    $res = new $Class($resid, false, false, $_GET['scheduleid']);
    // Load the properties
    if ($resid == null) {
        $res->resource = new Resource($_GET['machid']);
        $res->start_date = $_GET['start_date'];
        $res->end_date = $_GET['start_date'];
        $res->user = new User(Auth::getCurrentID());
        $res->is_pending = $_GET['pending'];
        $res->start = $_GET['starttime'];
        $res->end = $_GET['endtime'];
    }
    $cur_user = new User(Auth::getCurrentID());
    $res->adminMode = Auth::isAdmin() || $cur_user->get_isadmin() || $cur_user->is_group_admin($res->user->get_groupids());
    if (Auth::isAdmin() || $cur_user->get_isadmin()) {
        $res->is_pending = false;
    }
    $res->set_type($_GET['type']);
    $res->print_res();
}
Example #4
0
* Copyright (C) 2003 - 2007 phpScheduleIt
* License: GPL, see LICENSE
*/
include_once 'lib/Template.class.php';
include_once 'lib/Group.class.php';
include_once 'lib/User.class.php';
include_once 'lib/Utility.class.php';
include_once 'templates/usergroup.template.php';
$t = new Template(translate('Manage Groups'));
$t->printHTMLHeader();
$t->startMain();
if (!isset($_POST['submit'])) {
    $user = new User($_GET['memberid']);
    $cur_user = new User();
    $cur_user->userid = Auth::getCurrentID();
    if (!Auth::isAdmin() && !$cur_user->is_group_admin($user->get_groupids())) {
        CmnFns::do_error_box(translate('This is only accessable to the administrator'));
        die;
    }
    print_edit((bool) $_GET['edit'] && Auth::isAdmin(), $user);
} else {
    if (!Auth::isAdmin()) {
        CmnFns::do_error_box(translate('This is only accessable to the administrator'));
        die;
    }
    $to_add = isset($_POST['add_groups']) ? $_POST['add_groups'] : array();
    update_groups($_POST['memberid'], $to_add);
}
$t->endMain();
$t->printHTMLFooter();
/**
Example #5
0
if (isset($_SESSION['sessionID']) && !empty($_SESSION['sessionID'])) {
    if ($id == null) {
        // No id was passed in, so use the current user's id
        $id = $_SESSION['sessionID'];
    }
}
$msg = '';
$show_form = true;
// Check login status
if ($edit && !Auth::is_logged_in()) {
    $auth->print_login_msg(true);
    $auth->clean();
    // Clean out any lingering sessions
} else {
    if (!$edit && !(bool) $conf['app']['allowSelfRegistration']) {
        $isAdmin = $curUser->is_group_admin(array($id)) || Auth::isAdmin();
        if (!$isAdmin) {
            // Only the administrator can create users
            CmnFns::do_error_box(translate('This is only accessable to the administrator'), '', true);
        }
    }
}
// If we are editing and have not yet submitted an update
if ($edit && !isset($_POST['update'])) {
    $user = new User($id);
    $data = $user->get_user_data();
    $data['emailaddress'] = $data['email'];
    // Needed to be the same as the form
} else {
    $data = CmnFns::cleanPostVals();
}
Example #6
0
include_once 'lib/Auth.class.php';
include_once 'lib/Utility.class.php';
if (!Auth::is_logged_in()) {
    die;
}
$id = isset($_POST['resid']) ? $_POST['resid'] : null;
$is_blackout = isset($_GET['is_blackout']) && $_GET['is_blackout'] == '1';
if ($is_blackout) {
    $Class = 'Blackout';
} else {
    $Class = 'Reservation';
}
$res = new $Class($id);
if ($id != null) {
    $cur_user = new User(Auth::getCurrentID());
    $res->adminMode = Auth::isAdmin() || $cur_user->get_isadmin() || $cur_user->is_group_admin($res->user->get_groupids());
} else {
    $res->adminMode = Auth::isAdmin();
}
$repeat_dates = process_reservation($res);
$errors = array();
$helper = new Utility();
$orig_resources = isset($_POST['orig_resources']) && count($_POST['orig_resources']) > 0 ? $_POST['orig_resources'] : array();
$selected_resources = isset($_POST['selected_resources']) && count($_POST['selected_resources']) > 0 ? $_POST['selected_resources'] : array();
$resources_to_add = $helper->getAddedItems($orig_resources, $selected_resources);
if ($res->check_startdate()) {
    if ($res->check_times()) {
        if ($res->check_min_max()) {
            for ($i = 0; $i < count($repeat_dates); $i++) {
                $res->start_date = $repeat_dates[$i];
                if ($res->is_repeat) {