<?php /** * $Id$ * * @category Admin * @package Mediboard * @author SARL OpenXtrem <*****@*****.**> * @license GNU General Public License, see http://www.gnu.org/licenses/gpl.html * @version $Revision$ * @link http://www.mediboard.org */ CCanDo::checkEdit(); $token_id = CValue::getOrSession("token_id"); $token = new CViewAccessToken(); $token->load($token_id); $token->loadRefsNotes(); $token->loadRefUser(); $smarty = new CSmartyDP(); $smarty->assign("token", $token); $smarty->display("inc_edit_token.tpl");
$operation_id = CValue::get("operation_id"); $operation = new COperation(); $operation->load($operation_id); $praticien = $operation->loadRefChir(); $email = $praticien->_user_email; if (!$email) { CAppUI::js("alert('" . addslashes(CAppUI::tr("alert-praticien_email")) . "')"); CApp::rip(); } $operation->loadRefPlageOp(); $exchange_source = CExchangeSource::get("mediuser-" . CAppUI::$user->_id, "smtp"); $exchange_source->init(); try { $exchange_source->setRecipient($email); // Création du token $token = new CViewAccessToken(); $token->ttl_hours = 24; $token->user_id = $praticien->_id; $token->params = "m=planningOp&a=vw_edit_urgence&operation_id={$operation_id}"; if ($msg = $token->store()) { CAppUI::displayAjaxMsg($msg, UI_MSG_ERROR); } $url = $token->getUrl(); // Lien vers la DHE $subject = CAppUI::conf("reservation subject_mail"); $content = CAppUI::conf("reservation text_mail"); $from = array("[URL]", "[PRATICIEN - NOM]", "[PRATICIEN - PRENOM]", "[DATE INTERVENTION]", "[HEURE INTERVENTION]"); $to = array($url, $praticien->_user_last_name, $praticien->_user_first_name, CMbDT::dateToLocale(CMbDT::date($operation->_datetime_best)), CMbDT::transform($operation->_datetime_best, null, CAppUI::conf("time"))); $subject = str_replace($from, $to, $subject); $exchange_source->setSubject($subject); $content = str_replace($from, $to, $content);
<?php /** * $Id$ * * @category Admin * @package Mediboard * @author SARL OpenXtrem <*****@*****.**> * @license GNU General Public License, see http://www.gnu.org/licenses/gpl.html * @version $Revision$ * @link http://www.mediboard.org */ CCanDo::checkEdit(); $token = new CViewAccessToken(); $tokens = $token->loadList(); $smarty = new CSmartyDP(); $smarty->assign("tokens", $tokens); $smarty->display("inc_list_tokens.tpl");
/** * Login function, handling standard login, loginas, LDAP connection * Preferences get loaded on success * * @param bool $force_login To allow admin users to login as someone else * * @return boolean Job done */ static function login($force_login = false) { $ldap_connection = CAppUI::conf("admin LDAP ldap_connection"); $allow_login_as_ldap = CAppUI::conf("admin LDAP allow_login_as_admin"); // Login as $loginas = trim(CValue::request("loginas")); $passwordas = trim(CValue::request("passwordas")); // LDAP $ldap_guid = trim(CValue::get("ldap_guid")); // Standard login $username = trim(CValue::request("username")); $password = trim(CValue::request("password")); // Token sign-in $token_hash = trim(CValue::request("token")); // Test login and password validity $user = new CUser(); $user->_is_logging = true; // -------------- Login as: no need to provide a password for administrators if ($loginas) { if (self::$instance->user_type != 1 && !$force_login) { self::setMsg("Auth-failed-loginas-admin", UI_MSG_ERROR); return false; } $username = $loginas; $password = $ldap_connection ? $passwordas : null; if (self::$instance->user_type == 1 && $allow_login_as_ldap) { $password = null; } $user->user_username = $username; $user->_user_password = $password; } elseif ($ldap_connection && $ldap_guid) { try { $user = CLDAP::getFromLDAPGuid($ldap_guid); } catch (Exception $e) { self::setMsg($e->getMessage(), UI_MSG_ERROR); return false; } } elseif ($token_hash) { $token = CViewAccessToken::getByHash($token_hash); if (!$token->isValid()) { self::setMsg("Auth-failed-invalidToken", UI_MSG_ERROR); return false; } $token->useIt(); $token->applyParams(); $user->load($token->user_id); self::$instance->auth_method = "token"; } elseif (self::$auth_info && self::$auth_info->user_id) { $auth = self::$auth_info; $user->load($auth->user_id); self::$instance->auth_method = $auth->auth_method; } else { if (!$username) { self::setMsg("Auth-failed-nousername", UI_MSG_ERROR); return false; } if (!$password) { self::setMsg("Auth-failed-nopassword", UI_MSG_ERROR); return false; } $user->user_username = $username; $user->_user_password = $password; self::$instance->weak_password = self::checkPasswordWeakness($user); } if (!$user->_id) { $user->loadMatchingObject(); self::$instance->auth_method = "basic"; } // User template case if ($user->template) { self::setMsg("Auth-failed-template", UI_MSG_ERROR); return false; } // LDAP case (when not using a ldap_guid), we check is the user in the LDAP directory is still allowed // TODO we shoud check it when using ldap_guid too if ($ldap_connection && $username) { $user_ldap = new CUser(); $user_ldap->user_username = $username; $user_ldap->loadMatchingObject(); $idex = $user_ldap->loadLastId400(CAppUI::conf("admin LDAP ldap_tag")); // The user in linked to the LDAP if ($idex->_id) { $ldap_guid = $idex->id400; $user_ldap->_user_password = $password; $user_ldap->_bound = false; try { $user = CLDAP::login($user_ldap, $ldap_guid); if (!$user->_bound) { self::setMsg("Auth-failed-combination", UI_MSG_ERROR); return false; } } catch (CMbInvalidCredentialsException $e) { self::setMsg($e->getMessage(), UI_MSG_WARNING); return false; } catch (CMbException $e) { // No UI_MSG_ERROR nor $e->stepAjax as it needs to run through! self::setMsg($e->getMessage(), UI_MSG_WARNING); } } } if (!$user->_bound && !self::checkPasswordAttempt($user)) { return false; } $user->user_login_errors = 0; $user->store(); // Put user_group in AppUI self::$instance->user_remote = 1; $ds = CSQLDataSource::get("std"); // We get the user's group if the Mediusers module is installed if ($ds->loadTable("users_mediboard") && $ds->loadTable("groups_mediboard")) { $sql = "SELECT `remote` FROM `users_mediboard` WHERE `user_id` = '{$user->_id}'"; self::$instance->user_remote = $ds->loadResult($sql); $sql = "SELECT `groups_mediboard`.`group_id`\n FROM `groups_mediboard`, `functions_mediboard`, `users_mediboard`\n WHERE `groups_mediboard`.`group_id` = `functions_mediboard`.`group_id`\n AND `functions_mediboard`.`function_id` = `users_mediboard`.`function_id`\n AND `users_mediboard`.`user_id` = '{$user->_id}'"; self::$instance->user_group = $ds->loadResult($sql); } // Test if remote connection is allowed // Get the client and the proxy IP $adress = get_remote_address(); self::$instance->ip = $adress["client"]; self::$instance->proxy = $adress["proxy"]; self::$instance->_is_intranet = is_intranet_ip(self::$instance->ip) && self::$instance->ip != self::conf("system reverse_proxy"); if (!self::$instance->_is_intranet && self::$instance->user_remote == 1 && $user->user_type != 1) { self::setMsg("Auth-failed-user-noremoteaccess", UI_MSG_ERROR); return false; } self::$instance->user_id = $user->_id; // save the last_login dateTime CUserAuthentication::logAuth($user); // <DEPRECATED> self::$instance->user_first_name = $user->user_first_name; self::$instance->user_last_name = $user->user_last_name; self::$instance->user_email = $user->user_email; self::$instance->user_type = $user->user_type; self::$instance->user_last_login = $user->getLastLogin(); // </DEPRECATED> // load the user preferences self::buildPrefs(); return true; }
* @package Mediboard * @subpackage developpement * @author SARL OpenXtrem <*****@*****.**> * @license GNU General Public License, see http://www.gnu.org/licenses/gpl.html * @version $Revision$ */ CCanDo::checkRead(); $file = CValue::get("file"); list($module, $view) = explode("/", $file, 2); list($action, $extention) = explode(".", $view); $user = CUser::get(); $params["m"] = $module; $params["raw"] = $action; $params["info"] = 1; // Could be done throw session cookie forwarding too $token = new CViewAccessToken(); $token->_spec->loggable = false; $token->user_id = $user->_id; $token->params = CMbString::toQuery($params); $token->datetime_start = "now"; $token->ttl_hours = 1; $token->store(); $base = CAppUI::conf("base_url"); $url = "{$base}/?token={$token->hash}"; $content = file_get_contents($url); $token->delete(); // Try and get view properties if (null == ($props = json_decode($content))) { CAppUI::stepMessage(UI_MSG_ERROR, "regression_checker-noviewinfo"); return; }
} // Update session lifetime CSessionHandler::setUserDefinedLifetime(); /* try { include __DIR__."/classes/CAuth.class.php"; //CAuth::login(); } catch (AuthenticationFailedException $e) { CAppUI::setMsg($e->getMessage()); } */ // If the user uses a token, his session should not be reset, but only redirected $token_hash = CValue::get("token"); if ($token_hash) { $token = CViewAccessToken::getByHash($token_hash); // If the user is already logged in (in a normal session), keep his session, but use the params if (CAppUI::$instance->user_id && !CAppUI::$token_expiration) { if ($token->isValid() && CAppUI::$instance->user_id == $token->user_id) { $token->useIt(); CAppUI::redirect($token->params); CApp::rip(); } } else { $do_login = true; } } // We force the dialog view if in a token session if (CAppUI::$token_expiration || $do_login) { $dialog = 1; }