/** * assumeUser Assume the identity of anothre user - Only admins may do this * * @param numeric $pUserId User ID of the user you want to hijack * @access public * @return TRUE on success, FALSE on failure - mErrors will contain reason for failure */ function assumeUser($pUserId) { global $gBitUser; $ret = FALSE; // make double sure the current logged in user has permission, check for p_users_admin, not admin, as that is all you need for assuming another user. // this enables creating of a non technical site adminstrators group, eg customer support representatives. if ($gBitUser->hasPermission('p_users_admin')) { $assumeUser = new BitPermUser($pUserId); $assumeUser->loadPermissions(); if ($assumeUser->isAdmin()) { $this->mErrors['assume_user'] = tra("User administrators cannot be assumed."); } else { $this->mDb->query("UPDATE `" . BIT_DB_PREFIX . "users_cnxn` SET `user_id`=?, `assume_user_id`=? WHERE `cookie`=?", array($pUserId, $gBitUser->mUserId, $_COOKIE[$this->getSiteCookieName()])); $ret = TRUE; } } return $ret; }
} // Create 'Admin' user has id= 2 $storeHash = array('real_name' => $_SESSION['real_name'], 'login' => $_SESSION['login'], 'password' => $_SESSION['password'], 'email' => $_SESSION['email'], 'pass_due' => FALSE); if (defined('ROLE_MODEL')) { $adminUser = new RolePermUser(); if ($adminUser->store($storeHash)) { // add user to admin role $adminUser->addUserToRole($adminUser->mUserId, 1); // set admin role as default $adminUser->storeUserDefaultRole($adminUser->mUserId, 1); } else { vd($adminUser->mErrors); die; } } else { $adminUser = new BitPermUser(); if ($adminUser->store($storeHash)) { // add user to admin group $adminUser->addUserToGroup($adminUser->mUserId, 1); // set admin group as default $adminUser->storeUserDefaultGroup($adminUser->mUserId, 1); } else { vd($adminUser->mErrors); die; } } // kill admin info in $_SESSION // unset( $_SESSION['real_name'] ); // unset( $_SESSION['login'] ); // unset( $_SESSION['password'] ); // unset( $_SESSION['email'] );
function register($pParamHash) { global $gBitUser, $gBitSmarty; if (!empty($_REQUEST['email']) && $gBitUser->userExists(array('email' => $_REQUEST['email']))) { if ($gBitUser->login($_REQUEST['email'], $_REQUEST['password'], FALSE, FALSE)) { $_REQUEST['customers_id'] = $gBitUser->mUserId; } else { $gBitSmarty->assign_by_ref('userErrors', $newUser->mErrors); } } else { $newUser = new BitPermUser(); if ($newUser->preRegisterVerify($_REQUEST) && $newUser->register($_REQUEST)) { $gBitUser->login($_REQUEST['email'], $_REQUEST['password'], FALSE, FALSE); $_REQUEST['customers_id'] = $gBitUser->mUserId; $this->mCustomerId = $gBitUser->mUserId; $this->syncBitUser($gBitUser->mInfo); $this->load(); } else { $gBitSmarty->assign_by_ref('userErrors', $newUser->mErrors); } } return count($gBitUser->mErrors) == 0; }
function createUser(&$pUserHash) { //$authUserInfo = array( 'login' => $instance->mInfo['login'], 'password' => $instance->mInfo['password'], 'real_name' => $instance->mInfo['real_name'], 'email' => $instance->mInfo['email'] ); $u = new BitPermUser(); if (!$u->store($pUserHash)) { $this->mErrors = array_merge($this->mErrors, $u->mErrors); } return $u->mUserId; }
} } else { if (!empty($_REQUEST['group_id'])) { require_once USERS_PKG_PATH . 'BitPermUser.php'; $permUser = new BitPermUser(); $groupData = $permUser->getGroupInfo($_REQUEST['group_id']); // dont try and fool me if (!empty($groupData)) { $groupName = $groupData['group_name']; $rss->title = $groupName . " Group at " . $gBitSystem->getConfig('site_title'); $listHash['group_id'] = $_REQUEST['group_id']; } } else { if (!empty($_REQUEST['role_id'])) { require_once USERS_PKG_PATH . 'RolePermUser.php'; $permUser = new BitPermUser(); $roleData = $permUser->getRoleInfo($_REQUEST['role_id']); // dont try and fool me if (!empty($roleData)) { $roleName = $roleData['role_name']; $rss->title = $roleName . " Role at " . $gBitSystem->getConfig('site_title'); $listHash['role_id'] = $_REQUEST['role_id']; } } } } if (!empty($_REQUEST['blog_id'])) { $listHash['blog_id'] = $_REQUEST['blog_id']; $gBlog = new BitBlog($_REQUEST['blog_id']); $gBlog->load(); if (isset($gBlog->mContentId)) {
/** * hasAdminBlock * * @access public * @return TRUE on success, FALSE on failure * @deprecated i think this isn't used any more */ function hasAdminBlock() { deprecated("i think this isn't used anymore."); global $gBitUser; // Let's find out if we are have admin perm or a root user $ret = TRUE; if (empty($gBitUser) || $gBitUser->isAdmin()) { $ret = FALSE; } else { // let's try to load up user_id - if successful, we know we have one. $rootUser = new BitPermUser(1); $rootUser->load(); if (!$rootUser->isValid()) { $ret = FALSE; } } return $ret; }
<?php // $Header$ // Copyright (c) 2002-2003, Luis Argerich, Garland Foster, Eduardo Polidor, et. al. // All Rights Reserved. See below for details and a complete list of authors. // Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See http://www.gnu.org/copyleft/lesser.html for details. // This script is used to assign groups to a particular user // ASSIGN USER TO GROUPS // Initialization require_once '../../kernel/setup_inc.php'; $gBitSystem->verifyPermission('p_users_admin'); if (!$gBitUser->userExists(array('user_id' => $_REQUEST["assign_user"]))) { $gBitSystem->fatalError(tra("User doesnt exist")); } $assignUser = new BitPermUser($_REQUEST["assign_user"]); $assignUser->setCacheableObject(FALSE); $assignUser->load(TRUE); if ($assignUser->isAdmin() && !$gBitUser->isAdmin()) { $gBitSystem->fatalError(tra('You cannot modify a system administrator.')); } if (isset($_REQUEST["action"])) { $gBitUser->verifyTicket(); if ($_REQUEST["action"] == 'assign') { $assignUser->addUserToGroup($assignUser->mUserId, $_REQUEST["group_id"]); } elseif ($_REQUEST["action"] == 'removegroup') { $assignUser->removeUserFromGroup($_REQUEST["assign_user"], $_REQUEST["group_id"]); } header('Location: ' . $_SERVER['SCRIPT_NAME'] . '?assign_user='******'set_default'])) { $gBitUser->verifyTicket();
$listHash = $_REQUEST; $listHash['max_records'] = !empty($_REQUEST['max_records']) ? $_REQUEST['max_records'] : $gBitSystem->getConfig('max_records'); $users = $gBitUser->getList($listHash); $gBitSmarty->assignByRef('users', $users); $gBitSmarty->assignByRef('usercount', $listHash["cant"]); if (isset($listHash["numrows"])) { $listHash['listInfo']["numrows"] = $listHash["numrows"]; } else { $listHash['listInfo']["numrows"] = 10; } $listHash['listInfo']["URL"] = USERS_PKG_URL . "admin/index.php"; $gBitSmarty->assignByRef('listInfo', $listHash['listInfo']); if (defined('ROLE_MODEL')) { // invoke edit service for the add user feature $userObj = new RolePermUser(); $userObj->invokeServices('content_edit_function'); // Get roles (list of roles) $rolelist = $gBitUser->getRoles('', '', 'role_name_asc'); $gBitSmarty->assign('rolelist', $rolelist); } else { // invoke edit service for the add user feature $userObj = new BitPermUser(); $userObj->invokeServices('content_edit_function'); // Get groups (list of groups) $grouplist = $gBitUser->getGroups('', '', 'group_name_asc'); $gBitSmarty->assign('grouplist', $grouplist); } $gBitSmarty->assign('feedback', $feedback); $gBitSmarty->assign((!empty($_REQUEST['tab']) ? $_REQUEST['tab'] : 'userlist') . 'TabSelect', 'tdefault'); // Display the template $gBitSystem->display('bitpackage:users/admin_list_users.tpl', !empty($title) ? $title : 'Edit Users', array('display_mode' => 'admin'));
function install() { global $gBitDb, $gBitUser; $gBitDb->StartTrans(); $gBitDb->Execute("insert into " . TABLE_CONFIGURATION . " (`configuration_title`, `configuration_key`, `configuration_value`, `configuration_description`, `configuration_group_id`, `sort_order`, `set_function`, `date_added`) values ('Enable AmazonMWS Module', 'MODULE_PAYMENT_AMAZONMWS_STATUS', 'True', 'Do you want enable AmazonMWS integration?', '6', '0', 'zen_cfg_select_option(array(\\'True\\', \\'False\\'), ', now())"); $gBitDb->Execute("insert into " . TABLE_CONFIGURATION . " (`configuration_title`, `configuration_key`, `configuration_value`, `configuration_description`, `configuration_group_id`, `sort_order`, `date_added`) values ('Local Username', 'MODULE_PAYMENT_AMAZONMWS_LOCAL_USERNAME','amazonmws', 'This is the username on this site under which all orders will be processed.', '6', '4', now())"); $gBitDb->Execute("insert into " . TABLE_CONFIGURATION . " (`configuration_title`, `configuration_key`, `configuration_value`, `configuration_description`, `configuration_group_id`, `sort_order`, `date_added`) values ('Merchant ID', 'MODULE_PAYMENT_AMAZONMWS_MERCHANT_ID','', '', '6', '4', now())"); $gBitDb->Execute("insert into " . TABLE_CONFIGURATION . " (`configuration_title`, `configuration_key`, `configuration_value`, `configuration_description`, `configuration_group_id`, `sort_order`, `date_added`) values ('Marketplace ID', 'MODULE_PAYMENT_AMAZONMWS_MARKETPLACE_ID','', '', '6', '4', now())"); $gBitDb->Execute("insert into " . TABLE_CONFIGURATION . " (`configuration_title`, `configuration_key`, `configuration_value`, `configuration_description`, `configuration_group_id`, `sort_order`, `date_added`) values ('AWS Access Key ID', 'MODULE_PAYMENT_AMAZONMWS_AWS_ACCESS_KEY_ID','', '', '6', '4', now())"); $gBitDb->Execute("insert into " . TABLE_CONFIGURATION . " (`configuration_title`, `configuration_key`, `configuration_value`, `configuration_description`, `configuration_group_id`, `sort_order`, `date_added`) values ('Secret Key', 'MODULE_PAYMENT_AMAZONMWS_SECRET_KEY','', '', '6', '4', now())"); $gBitDb->Execute("insert into " . TABLE_CONFIGURATION . " (`configuration_title`, `configuration_key`, `configuration_value`, `configuration_description`, `configuration_group_id`, `sort_order`, `set_function`, `use_function`, `date_added`) values ('Initial Order Status', 'MODULE_PAYMENT_AMAZONMWS_INITIAL_ORDER_STATUS_ID', '20', 'Orders with this status will be processed for fulfillment<br />(\\'Transferred\\' recommended)', '6', '5', 'zen_cfg_pull_down_order_statuses(', 'zen_get_order_status_name', now())"); $gBitDb->Execute("insert into " . TABLE_CONFIGURATION . " (`configuration_title`, `configuration_key`, `configuration_value`, `configuration_description`, `configuration_group_id`, `sort_order`, `date_added`) values ('Default Attributes', 'MODULE_PAYMENT_AMAZONMWS_DEFAULT_ATTRIBUTES','', 'Comma separated list of <a href=\"products_options.php\">product options ids</a> that will be used if amazon SKU has none.', '6', '4', now())"); if (!$gBitUser->lookupHomepage('amazonmws')) { $newUser = new BitPermUser(); $userHash['login'] = '******'; $userHash['email'] = str_replace('@', '+amazonmws@', STORE_OWNER_EMAIL_ADDRESS); $userHash['real_name'] = 'Amazon Marketplace'; $userHash['hash'] = $gBitUser->getField('hash'); $newUser->importUser($userHash); } $gBitDb->CompleteTrans(); }
if (!empty($_REQUEST['users'][$roleId][$userId])) { $gContent->assignUserRoleToGroup($roleId, $userId); } else { $gContent->removeUserRoleFromGroup($roleId, $userId); } } } } // refresh our groupMembers list to get their new roles $groupMembers = $gContent->getMembers(); } elseif (!empty($_REQUEST["action"]) && $_REQUEST['action'] == 'removeuser') { $gBitUser->verifyTicket(); if (!$gBitUser->userExists(array('user_id' => $_REQUEST["assign_user"]))) { $gBitSystem->fatalError(tra("User doesnt exist")); } $assignUser = new BitPermUser($_REQUEST["assign_user"]); $assignUser->load(TRUE); if ($assignUser->isAdmin() && !$gBitUser->isAdmin()) { $gBitSystem->fatalError(tra('You cannot modify a system administrator.')); } // dump the users email prefs $gContent->deleteUserEmailPref($assignUser); // remove the user from the group $gBitUser->removeUserFromGroup($_REQUEST["assign_user"], $_REQUEST["group_id"]); header('Location: ' . $_SERVER['SCRIPT_NAME'] . '?group_id=' . $gContent->mGroupId); die; } $gBitSmarty->assign_by_ref('groupMembers', $groupMembers); // display $gBitSystem->setBrowserTitle($gContent->getTitle() . " " . tra('Group Members')); $gBitSystem->display("bitpackage:group/edit_members_roles.tpl", NULL, array('display_mode' => 'display'));
for ($i = 0; $i < count($fields); $i++) { @($ar[$fields[$i]] = $data[$i]); } $userRecords[] = $ar; } } fclose($fhandle); // were there any users in the list? if (!is_array($userRecords)) { $gBitSystem->fatalError(tra("No records were found. Check the file please!")); } // Process user array $added = 0; $i = 1; foreach ($userRecords as $userRecord) { $newUser = new BitPermUser(); if ($newUser->importUser($userRecord)) { if (!empty($userRecord['groups'])) { // groups need to be separated by spaces since this is a csv file $groups = explode(" ", $userRecord['groups']); foreach ($groups as $group) { if ($groupId = $gBitUser->groupExists($group, ROOT_USER_ID)) { $newUser->addUserToGroup($newUser->mUserId, $groupId); } } } if (!empty($userRecord['roles'])) { // roles need to be separated by spaces since this is a csv file $roles = explode(" ", $userRecord['roles']); foreach ($roles as $role) { if ($roleId = $gBitUser->roleExists($role, ROOT_USER_ID)) {
function amazon_process_order($pAmazonOrderId) { global $gAmazonMWS, $gBitUser, $gCommerceSystem, $gBitCustomer, $currencies, $order; $ret = NULL; $request = new MarketplaceWebServiceOrders_Model_GetOrderRequest(); $request->setSellerId(MERCHANT_ID); // @TODO: set request. Action can be passed as MarketplaceWebServiceOrders_Model_GetOrderRequest // object or array of parameters // Set the list of AmazonOrderIds $orderIds = new MarketplaceWebServiceOrders_Model_OrderIdList(); $orderIds->setId(array($pAmazonOrderId)); $request->setAmazonOrderId($orderIds); $holdUser = $gBitUser; $azUser = new BitPermUser($holdUser->lookupHomepage($gCommerceSystem->getConfig('MODULE_PAYMENT_AMAZONMWS_LOCAL_USERNAME', 'amazonmws'))); $azUser->load(); $gBitUser = $azUser; $gBitCustomer = new CommerceCustomer($gBitUser->mUserId); $gBitCustomer->syncBitUser($gBitUser->mInfo); $_SESSION['customer_id'] = $gBitUser->mUserId; try { $response = $gAmazonMWS->getOrder($request); if ($response->isSetGetOrderResult()) { $getOrderResult = $response->getGetOrderResult(); if ($getOrderResult->isSetOrders()) { $oldCwd = getcwd(); chdir(BITCOMMERCE_PKG_PATH); $azOrderList = $getOrderResult->getOrders(); if ($azOrders = $azOrderList->getOrder()) { require_once BITCOMMERCE_PKG_PATH . 'classes/CommerceOrder.php'; $order = new order(); $order->info = array('order_status' => DEFAULT_ORDERS_STATUS_ID, 'subtotal' => 0, 'tax' => 0, 'total' => 0, 'tax_groups' => array(), 'comments' => isset($_SESSION['comments']) ? $_SESSION['comments'] : '', 'ip_address' => $_SERVER['REMOTE_ADDR']); $azOrder = current($azOrders); // Setup delivery address if ($orderTotal = $azOrder->getOrderTotal()) { $order->info['total'] = $orderTotal->getAmount(); $order->info['currency'] = $orderTotal->getCurrencyCode(); $order->info['currency_value'] = $currencies->currencies[$order->info['currency']]['currency_value']; } if ($shippingAddress = $azOrder->getShippingAddress()) { $country = zen_get_countries(zen_get_country_id($shippingAddress->getCountryCode()), TRUE); $zoneName = zen_get_zone_name_by_code($country['countries_id'], $shippingAddress->getStateOrRegion()); $order->delivery = array('firstname' => substr($shippingAddress->getName(), 0, strpos($shippingAddress->getName(), ' ')), 'lastname' => substr($shippingAddress->getName(), strpos($shippingAddress->getName(), ' ') + 1), 'company' => NULL, 'street_address' => $shippingAddress->getAddressLine1(), 'suburb' => trim($shippingAddress->getAddressLine2() . ' ' . $shippingAddress->getAddressLine3()), 'city' => $shippingAddress->getCity(), 'postcode' => $shippingAddress->getPostalCode(), 'state' => $zoneName, 'country' => $country, 'format_id' => $country['address_format_id'], 'telephone' => $shippingAddress->getPhone(), 'email_address' => NULL); $order->customer = $order->delivery; $order->billing = $order->delivery; } // Setup shipping $shipping = array('cost' => 0); switch ($azOrder->getShipServiceLevel()) { case 'Std US Dom': $shipping['id'] = 'usps_MEDIA'; $shipping['title'] = 'United States Postal Service (USPS Media Mail (1 - 2 Weeks))'; $shipping['code'] = 'USPSREG'; break; } $azOrderItems = amazon_mws_get_order_items($azOrder->getAmazonOrderId()); $azOrderItem = $azOrderItems->getOrderItem(); foreach ($azOrderItem as $azi) { $testSku = $azi->getSellerSKU(); list($productsId, $attrString) = explode(':', $testSku, 2); $productsKey = $productsId . ':ASIN-' . $azi->getASIN(); $order->contents[$productsKey] = $gBitCustomer->mCart->getProductHash($productsKey); $order->contents[$productsKey]['products_quantity'] = $azi->getQuantityOrdered(); $order->contents[$productsKey]['products_name'] = $azi->getTitle(); if ($itemPrice = $azi->getItemPrice()) { // {$itemTax->getCurrencyCode()} $order->contents[$productsKey]['price'] = $itemPrice->getAmount(); $order->contents[$productsKey]['final_price'] = $itemPrice->getAmount(); } if ($itemTax = $azi->getItemTax()) { // {$itemTax->getCurrencyCode()} $order->contents[$productsKey]['tax'] = $itemTax->getAmount(); } if ($shippingPrice = $azi->getShippingPrice()) { // {$itemTax->getCurrencyCode()} $order->info['shipping_cost'] = $shippingPrice->getAmount(); } if (empty($attrString)) { $attrString = $gCommerceSystem->getConfig('MODULE_PAYMENT_AMAZONMWS_DEFAULT_ATTRIBUTES'); } // stock up the attributes if ($attrString && ($attrs = explode(',', $attrString))) { foreach ($attrs as $optionValueId) { $optionId = $order->mDb->getOne("SELECT cpa.`products_options_id` FROM " . TABLE_PRODUCTS_ATTRIBUTES . " cpa WHERE cpa.`products_options_values_id`=?", array($optionValueId)); $order->contents[$productsKey]['attributes'][$optionId . '_' . $optionValueId] = $optionValueId; } } if (!empty($order->contents[$productsKey]['attributes'])) { $attributes = $order->contents[$productsKey]['attributes']; $order->contents[$productsKey]['attributes'] = array(); $subindex = 0; foreach ($attributes as $option => $value) { $optionValues = zen_get_option_value(zen_get_options_id($option), (int) $value); // Determine if attribute is a text attribute and change products array if it is. if ($value == PRODUCTS_OPTIONS_VALUES_TEXT_ID) { $attr_value = $order->contents[$productsKey]['attributes_values'][$option]; } else { $attr_value = $optionValues['products_options_values_name']; } $order->contents[$productsKey]['attributes'][$subindex] = array('option' => $optionValues['products_options_name'], 'value' => $attr_value, 'option_id' => $option, 'value_id' => $value, 'prefix' => $optionValues['price_prefix'], 'price' => $optionValues['options_values_price']); $subindex++; } } $shown_price = zen_add_tax($order->contents[$productsKey]['final_price'], $order->contents[$productsKey]['tax']) * $order->contents[$productsKey]['products_quantity'] + zen_add_tax($order->contents[$productsKey]['onetime_charges'], $order->contents[$productsKey]['tax']); $order->subtotal += $shown_price; $products_tax = $order->contents[$productsKey]['tax']; $products_tax_description = $order->contents[$productsKey]['tax_description']; if (DISPLAY_PRICE_WITH_TAX == 'true') { $order->info['tax'] += $shown_price - $shown_price / ($products_tax < 10 ? "1.0" . str_replace('.', '', $products_tax) : "1." . str_replace('.', '', $products_tax)); if (isset($order->info['tax_groups']["{$products_tax_description}"])) { $order->info['tax_groups']["{$products_tax_description}"] += $shown_price - $shown_price / ($products_tax < 10 ? "1.0" . str_replace('.', '', $products_tax) : "1." . str_replace('.', '', $products_tax)); } else { $order->info['tax_groups']["{$products_tax_description}"] = $shown_price - $shown_price / ($products_tax < 10 ? "1.0" . str_replace('.', '', $products_tax) : "1." . str_replace('.', '', $products_tax)); } } else { $order->info['tax'] += $products_tax / 100 * $shown_price; if (isset($order->info['tax_groups']["{$products_tax_description}"])) { $order->info['tax_groups']["{$products_tax_description}"] += $products_tax / 100 * $shown_price; } else { $order->info['tax_groups']["{$products_tax_description}"] = $products_tax / 100 * $shown_price; } } $order->info['tax'] = zen_round($order->info['tax'], 2); if ($azi->isSetShippingPrice()) { $shippingPrice = $azi->getShippingPrice(); $shipping['cost'] += $shippingPrice->getAmount(); } } foreach (array('cc_type', 'cc_owner', 'cc_number', 'cc_expires', 'coupon_code') as $key) { $order->info[$key] = NULL; } $order->info['shipping_method'] = $shipping['title']; $order->info['shipping_method_code'] = $shipping['code']; $order->info['shipping_module_code'] = $shipping['id']; $order->info['payment_module_code'] = 'amazonmws'; $order->info['payment_method'] = 'Amazon Order'; $_SESSION['sendto'] = NULL; $_SESSION['shipping'] = $shipping; unset($_SESSION['cot_gv']); require_once DIR_FS_CLASSES . 'order_total.php'; global $order_total_modules; $order_total_modules = new order_total(); $order_totals = $order_total_modules->pre_confirmation_check(); require_once DIR_WS_MODULES . 'payment/amazonmws.php'; $amazon = new amazonmws($azOrder->getAmazonOrderId()); $amazonOutput = $amazon->process(); $order_totals = $order_total_modules->process(); array_splice($order_totals, count($order_totals) - 1, 0, array($amazonOutput)); if ($ordersId = $order->create($order_totals, 2)) { $order->create_add_products($ordersId); $ret = $ordersId; $order->updateStatus(array('status' => MODULE_PAYMENT_AMAZONMWS_INITIAL_ORDER_STATUS_ID)); } } chdir($oldCwd); } } } catch (MarketplaceWebServiceOrders_Exception $ex) { echo "Caught Exception: " . $ex->getMessage() . "\n"; echo "Response Status Code: " . $ex->getStatusCode() . "\n"; echo "Error Code: " . $ex->getErrorCode() . "\n"; echo "Error Type: " . $ex->getErrorType() . "\n"; echo "Request ID: " . $ex->getRequestId() . "\n"; echo "XML: " . $ex->getXML() . "\n"; } $gBitUser = $holdUser; $gBitCustomer = new CommerceCustomer($gBitUser->mUserId); $_SESSION['customer_id'] = $gBitUser->mUserId; return $ret; }
/** * Imports a user record from csv file * This is a admin specific function * * @param $pParamHash an array with user data * @return TRUE if import succeed **/ function importUser(&$pParamHash) { global $gBitUser; if (!$gBitUser->hasPermission('p_users_admin')) { return FALSE; } if ($this->verifyUserImport($pParamHash)) { $this->StartTrans(); $pParamHash['content_type_guid'] = BITUSER_CONTENT_TYPE_GUID; if (!empty($pParamHash['user_store']) && count($pParamHash['user_store'])) { // lookup and asign the default group for user $defaultGroups = BitPermUser::getDefaultGroup(); if (!empty($defaultGroups)) { $pParamHash['user_store']['default_group_id'] = key($defaultGroups); } if ($this->isValid()) { $userId = array("user_id" => $this->mUserId); $result = $this->mDb->associateUpdate(BIT_DB_PREFIX . 'users_users', $pParamHash['user_store'], $userId); } else { if (empty($pParamHash['user_store']['user_id'])) { $pParamHash['user_store']['user_id'] = $this->mDb->GenID('users_users_user_id_seq'); } $this->mUserId = $pParamHash['user_store']['user_id']; $result = $this->mDb->associateInsert(BIT_DB_PREFIX . 'users_users', $pParamHash['user_store']); } // make sure user is added into the default group map if (!empty($pParamHash['user_store']['default_group_id'])) { BitPermUser::addUserToGroup($pParamHash['user_store']['user_id'], $pParamHash['user_store']['default_group_id']); } } // Prevent liberty from assuming ANONYMOUS_USER_ID while storing $pParamHash['user_id'] = $this->mUserId; if (LibertyContent::store($pParamHash)) { if (empty($this->mInfo['content_id']) || $pParamHash['content_id'] != $this->mInfo['content_id']) { $query = "UPDATE `" . BIT_DB_PREFIX . "users_users` SET `content_id`=? WHERE `user_id`=?"; $result = $this->mDb->query($query, array($pParamHash['content_id'], $this->mUserId)); $this->mInfo['content_id'] = $pParamHash['content_id']; } } $this->CompleteTrans(); // store any uploaded images $this->storeImages($pParamHash); $this->load(TRUE); } return count($this->mErrors) == 0; }
/** * verifyScore Make sure the data is safe to store * @param pParamHash be sure to pass by reference in case we need to make modifcations to the hash * * @param array $pParamHash reference to hash of values that will be used to store the score, they will be modified where necessary * @access private * @return boolean TRUE on success, FALSE on failure - $this->mErrors will contain reason for failure */ function verifyScore(&$pParamHash) { // make sure we're loaded up if editing an existing score if ($this->verifyId($this->mScoreId)) { $this->loadScore(); // make sure the score we're editing matches the game type we've loaded if ($this->mScore['game_type'] == $this->mGame->getGameType()) { $this->mErrors['store_score']['game_type'] = "Mismatched game type on existing score."; } } $pParamHash['store_score'] = array('game_type' => $this->mGame->getGameType()); if (!empty($pParamHash['user_id'])) { $user = new BitPermUser($pParamHash["user_id"]); $user->load(TRUE); if ($user->isValid()) { $pParamHash['store_score']['user_id'] = $pParamHash['user_id']; } else { $this->mErrors['user_id'] = tra('Invalid user id'); } } else { $this->mErrors['user_id'] = tra('Invalid user id'); } if (!empty($pParamHash['score'])) { $pParamHash['store_score']['score'] = (int) $pParamHash['score']; } else { $this->mErrors['score'] = tra('No score submitted'); } if (!empty($pParamHash['comment'])) { $pParamHash['store_score']['comment'] = $pParamHash['comment']; } return count($this->mErrors) == 0; }
function calculateUserWeight($pUserId = NULL) { global $gBitUser, $gBitSystem; if ($gBitSystem->isFeatureActive('stars_user_weight')) { // allow overriding of currently loaded user if (@BitBase::verifyId($pUserId)) { $tmpUser = new BitPermUser($pUserId); $tmpUser->load(TRUE); } else { $tmpUser =& $gBitUser; } // age relative to site age $query = "SELECT MIN( `registration_date` ) FROM `" . BIT_DB_PREFIX . "users_users`"; $age['site'] = BitDate::getUTCTime() - $this->mDb->getOne($query); $age['user'] = BitDate::getUTCTime() - $tmpUser->getField('registration_date'); $userWeight['age'] = $age['user'] / $age['site']; // permissioning relative to full number of permissions $query = "SELECT COUNT( `perm_name` ) FROM `" . BIT_DB_PREFIX . "users_permissions`"; if ($tmpUser->isAdmin()) { $userWeight['permission'] = 1; } else { $userWeight['permission'] = count($tmpUser->mPerms) / $this->mDb->getOne($query); } // activity - we could to the same using the history as well. $query = "SELECT COUNT( `content_id` ) FROM `" . BIT_DB_PREFIX . "liberty_content` WHERE `user_id`=?"; $activity['user'] = $this->mDb->getOne($query, array($tmpUser->getField('user_id'))); $query = "SELECT COUNT( `content_id` ) FROM `" . BIT_DB_PREFIX . "liberty_content`"; $activity['site'] = $this->mDb->getOne($query); $userWeight['activity'] = $activity['user'] / $activity['site']; // here we can add some weight to various areas $custom['age'] = $gBitSystem->getConfig('stars_weight_age'); $custom['permission'] = $gBitSystem->getConfig('stars_weight_permission'); $custom['activity'] = $gBitSystem->getConfig('stars_weight_activity'); foreach ($userWeight as $type => $value) { ${$type} = 10 * $value * $custom[$type]; if (empty(${$type})) { ${$type} = 1; } } // TODO: run some tests to see if this is a good way of evaluating power of a user // ensure that we always have a positive number here to avoid chaos - this also makes sure new users have at least a bit of a say if (($ret = round(log($age * $permission * $activity, 2))) < 1) { $ret = 1; } } else { $ret = 1; } return $ret; }
function store($pParamHash) { if ($this->verify($pParamHash)) { global $gBitSystem, $gBitSmarty; $now = $gBitSystem->getUTCTime(); $shoutSum = md5($pParamHash['shout_message']); if (!empty($pParamHash['shout_id'])) { // since this is an update, we need to make sure the cache file is removed $this->mCache->expungeCacheFile($pParamHash['shout_id']); $bindvars = array($pParamHash['shout_message'], $shoutSum, (int) $pParamHash['shout_id']); $query = "UPDATE `" . BIT_DB_PREFIX . "shoutbox` SET `shout_message`=?, `shout_sum`=?\n\t\t\t\t\t\t WHERE `shout_id`=?"; } else { $query = "DELETE FROM `" . BIT_DB_PREFIX . "shoutbox` where `shout_user_id`=? and `shout_time`=? and `shout_sum`=?"; $bindvars = array($pParamHash['shout_user_id'], (int) $now, $shoutSum); $this->mDb->query($query, $bindvars); $query = "INSERT INTO `" . BIT_DB_PREFIX . "shoutbox`( `shout_message`, `shout_user_id`, `to_user_id`, `shout_time`, `shout_sum`, `shout_ip`) VALUES (?,?,?,?,?,?)"; $bindvars = array($pParamHash['shout_message'], $pParamHash['shout_user_id'], $pParamHash['to_user_id'], (int) $now, $shoutSum, $_SERVER['REMOTE_ADDR']); // inform the user user that a message has been posted if ($pParamHash['to_user_id'] != ROOT_USER_ID && $pParamHash['to_user_id'] != ANONYMOUS_USER_ID && $gBitSystem->isFeatureActive('shoutbox_email_notice')) { $gToUser = new BitPermUser($pParamHash['to_user_id']); $gToUser->load(); $gFromUser = new BitPermUser($pParamHash['shout_user_id']); $gFromUser->load(); $gBitSmarty->assign('fromUser', $gFromUser->getDisplayName(TRUE)); $gBitSmarty->assign('sendShoutMessage', $pParamHash['shout_message']); $mail_data = $gBitSmarty->fetch('bitpackage:shoutbox/shoutbox_send_notice.tpl'); $headers = 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n"; $headers .= "From: " . $gBitSystem->getConfig('site_sender_email') . "\r\n"; mail($gToUser->mInfo['email'], tra('A new shoutbox message for you at') . ' ' . $_SERVER["SERVER_NAME"] . ' ' . date('Y-m-d'), $mail_data, $headers); } } $result = $this->mDb->query($query, $bindvars); } return count($this->mErrors) == 0; }
<?php // $Id$ // if (!empty($_REQUEST['user_id']) && $_REQUEST['user_id'] != $gBitUser->mUserId) { $gQueryUser = new BitPermUser($_REQUEST['user_id']); $gQueryUser->load(); } else { $gQueryUser =& $gBitUser; } define('NAVBAR_TITLE', tra('Products by') . ' ' . $gQueryUser->getDisplayName(FALSE)); define('HEADING_TITLE', tra('Products by') . ' ' . $gQueryUser->getDisplayName(FALSE)); require_once DIR_FS_MODULES . 'require_languages.php'; $breadcrumb->add(NAVBAR_TITLE); if ($gQueryUser->mUserId == $gBitUser->mUserId) { $listHash['all_status'] = TRUE; } $listHash['user_id'] = $gQueryUser->mUserId; $listHash['thumbnail_size'] = 'small'; /* The cool bitweaver way will have to happen later... - spiderr */ $listHash['user_id'] = $gQueryUser->mUserId; $userProducts = $gBitProduct->getList($listHash); $gBitProduct->invokeServices('content_list_function', $listHash); $gBitSmarty->assign('listProducts', $userProducts); $gBitSmarty->assign('listTitle', tra('Products by') . ' ' . $gQueryUser->getDisplayName(TRUE)); $gBitSmarty->assign('listInfo', $listHash); $gBitSmarty->assign_by_ref('gQueryUser', $gQueryUser); print $gBitSmarty->fetch('bitpackage:bitcommerce/list_products.tpl');
/** * StaffRecordLoad( $data ); * Staff file import */ function StaffRecordLoad(&$data) { $table = BIT_DB_PREFIX . "task_staff"; $pDataHash['data_store']['user_id'] = $data[0]; $pDataHash['login_store']['user_id'] = $data[0]; $pDataHash['data_store']['surname'] = $data[1]; $pDataHash['data_store']['forename'] = $data[2]; $pDataHash['data_store']['initials'] = $data[3]; $pDataHash['login_store']['login'] = strtolower($data[1] . substr($data[2], 0, 1)); $pDataHash['login_store']['real_name'] = ucfirst($data[2]) . ' ' . ucfirst($data[1]); $pDataHash['login_store']['password'] = $pDataHash['login_store']['login']; // Need to link this to system settings but manual will work for now $pDataHash['login_store']['email'] = ucfirst($data[2]) . '.' . ucfirst($data[1]) . '@rother.gov.uk'; if ($data[4] == '[null]') { $pDataHash['data_store']['direct'] = ''; } else { $pDataHash['data_store']['direct'] = $data[4]; } $pDataHash['data_store']['team'] = $data[5]; if ($data[6] == '[null]') { $pDataHash['data_store']['ext'] = ''; } else { $pDataHash['data_store']['ext'] = $data[6]; } $pDataHash['data_store']['category'] = $data[7]; $pDataHash['data_store']['logon'] = $data[8]; if ($data[9] == '[null]') { $pDataHash['data_store']['note'] = ''; } else { $pDataHash['data_store']['note'] = $data[9]; } $pDataHash['data_store']['logged'] = 0; $pDataHash['data_store']['content_id'] = 0; $pDataHash['data_store']['office'] = $data[14]; // Need to map category to role/group setting $newUser = new BitPermUser(); $result = $newUser->ImportUser($pDataHash['login_store']); $newUser->storePreference('phone_no', $data[4]); $newUser->storePreference('team', $data[5]); // This should be populated by the system from site defaults $newUser->storePreference('site_display_timezone', 'Europe/London'); $newUser->storePreference('site_display_utc', 'Fixed'); $newUser->storePreference('users_country', 'United_Kingdom'); // $result = $this->mDb->associateInsert( $table, $pDataHash['data_store'] ); }