/** * Modifies a current reservation, setting new start and end times or deleting it * @param array $all_invited_users array of all invited users to be used for DB insertion * @param array $users_to_invite array of newly invited users to be used for invitation emails * @param array $users_to_remove array of users that will be removed from invitation/participating in this reservation * @param array $unchanged_users array of users who have no status change at all * @param array $resources_to_add array of additional resources to add to this reservation * @param array $resources_to_remove array of additional resources to remove from this reservation * @param bool $del whether to delete it or not * @param boolean $mod_recur whether to modify all recurring reservations in this group */ function mod_res($users_to_invite, $users_to_remove, $unchanged_users, $resources_to_add, $resources_to_remove, $del, $mod_recur) { $recurs = array(); $valid_resids = array(); $this->type = RES_TYPE_MODIFY; $orig_start_date = $this->start_date; // Store the original dates because they will be changed if we repeat $orig_end_date = $this->end_date; $accept_code = $this->db->get_new_id(); if ($del) { // First, check if this should be deleted $this->del_res($mod_recur, mktime(0, 0, 0)); return; } if (!$this->is_blackout) { $this->check_perms(); // Check permissions $this->check_min_max(); // Check min/max reservation times } if ($this->check_startdate()) { $this->check_times(); // Check valid times } $this->is_repeat = $mod_recur; // If the mod_recur flag is set, it must be a recurring reservation $dates = array(); // First, modify the current reservation if ($this->has_errors()) { // Print any errors generated above and kill app $this->print_all_errors(true); } $reminder = new Reminder(); $reminder->setDB(new ReminderDB()); $tmp_valid = false; $this->is_pending = $this->resource->get_property('approval'); if ($this->is_repeat) { // Check and place all recurring reservations $recurs = $this->db->get_recur_ids($this->parentid, mktime(0, 0, 0)); for ($i = 0; $i < count($recurs); $i++) { $this->id = $recurs[$i]['resid']; // Load reservation data $this->start_date = $recurs[$i]['start_date']; if ($this->is_repeat) { // End date will always be the same as the start date for recurring reservations $this->end_date = $this->start_date; } $is_valid = $this->check_res($resources_to_add); // Check overlap (dont kill) if ($is_valid) { $tmp_valid = true; // Only one recurring needs to pass $this->db->mod_res($this, $users_to_invite, $users_to_remove, $resources_to_add, $resources_to_remove, $accept_code); // And place the reservation if (!empty($this->reminderid)) { $reminder->update($this, $this->reminder_minutes_prior); } else { if ($this->reminder_minutes_prior != 0 && empty($this->reminderid)) { $reminder->save($this, $this->reminder_minutes_prior); } } $dates[] = $this->start_date; $valid_resids[] = $this->id; CmnFns::write_log($this->word . ' ' . $this->id . ' modified. machid:' . $this->get_machid() . ', dates:' . $this->start_date . ' - ' . $this->end_date . ', start:' . $this->start . ', end:' . $this->end, $this->memberid, $_SERVER['REMOTE_ADDR']); } } } else { if ($this->check_res($resources_to_add)) { // Check overlap $this->db->mod_res($this, $users_to_invite, $users_to_remove, $resources_to_add, $resources_to_remove, $accept_code); // And place the reservation if (!empty($this->reminderid)) { $reminder->update($this, $this->reminder_minutes_prior); } else { if ($this->reminder_minutes_prior != 0 && empty($this->reminderid)) { $reminder->save($this, $this->reminder_minutes_prior); } } $dates[] = $this->start_date; $valid_resids[] = $this->id; } } // Restore original reservation dates $this->start_date = $orig_start_date; $this->end_date = $orig_end_date; if ($this->has_errors()) { // Print any errors generated when adding the reservations $this->print_all_errors(!$this->is_repeat); } if (!$this->is_blackout) { // Notify the user if they want $this->send_email('e_mod', null, $unchanged_users); } // Send out invites, if needed if (!$this->is_pending && count($users_to_invite) > 0) { $this->invite_users($users_to_invite, $dates, $accept_code); } if (!$this->is_pending && count($users_to_remove) > 0) { $this->remove_users_email($users_to_remove, $dates); } if (!$this->is_repeat || $tmp_valid) { $this->print_success('modified', $dates); } }
/** * Checks to see if there was a database error, log in file and die if there was * @param object $result result object of query * @param SQL query $query */ function check_for_error($result, $query) { global $conf; if (DB::isError($result)) { $this->err_msg = $result->getMessage(); CmnFns::write_log($this->err_msg, $_SESSION['sessionID']); CmnFns::write_log('There was an error executing your query' . ' ' . $query, $_SESSION['sessionID']); CmnFns::do_error_box(translate('There was an error executing your query') . '<br />' . $this->err_msg . '<br />' . '<a href="javascript: history.back();">' . translate('Back') . '</a>'); } else { if ($conf['app']['debug']) { CmnFns::write_log("[DEBUG SQL QUERY]: {$query}"); } } return false; }
/** * Log the user out of the system * @param none */ function doLogout() { // Check for valid session if (!$this->is_logged_in()) { $this->print_login_msg(); die; } else { $login = $_SESSION['sessionID']; // Destroy all session variables unset($_SESSION['sessionID']); unset($_SESSION['sessionName']); unset($_SESSION['sessionMail']); unset($_SESSION['sessionNav']); if (isset($_SESSION['sessionAdmin'])) { unset($_SESSION['sessionAdmin']); } session_destroy(); // Clear out all cookies setcookie('ID', '', time() - 3600, '/'); // Log in logfile CmnFns::write_log('Logout successful', $login); // Refresh page CmnFns::redirect($_SERVER['PHP_SELF']); } }
/** * Changes a users 'is_locked' status to lock or unlock user * @param none */ function toggle_lock() { global $db; $is_locked = 0; if (isset($_GET['status']) && $_GET['status'] == 1) { $is_locked = 1; } $db->change_lock_status($_GET['memberid'], $is_locked); CmnFns::write_log('User lock status chagned for user: '******'memberid'], $_SESSION['sessionID']); print_success(); }
/** * Edits user data * @param array $data array of user data * @param bool if the admin is updating user data */ function do_edit_user($data, $adminUpdate) { global $conf; $data['timezone'] = $conf['app']['default_timezone']; // Verify user data $msg = $this->check_all_values($data, true); if (!empty($msg)) { return $msg; } $this->db->update_user($data['memberid'], $data); if (!$adminUpdate) { $adminemail = strtolower($conf['app']['adminEmail']); // If it is the admin, set session variable if ($data['emailaddress'] == $adminemail) { $_SESSION['sessionAdmin'] = $adminemail; } // Set other session variables $_SESSION['sessionName'] = $data['fname']; $_SESSION['hourOffset'] = $data['timezone'] - $conf['app']['timezone']; } CmnFns::write_log('User data modified. Data provided: fname- ' . $data['fname'] . ' lname- ' . $data['lname'] . ' email- ' . $data['emailaddress'] . ' phone- ' . $data['phone'] . ' institution- ' . $data['institution'] . ' position- ' . $data['position'], $data['memberid']); $link = CmnFns::getNewLink(); $url = 'ctrlpnl.php'; if ($adminUpdate) { $url = 'admin.php?tool=users'; } $this->success = translate('Your profile has been successfully updated!') . '<br/>' . $link->getLink($url, translate('Continue')); }
<?php //NOT TESTED. NEED TO TEST. @define('BASE_DIR', dirname(__FILE__) . '/../..'); include_once 'AdminDB.class.php'; $db = new AdminDB(); //get users ids to delete $date = date('Y-m-d', time() - 30 * 24 * 60 * 60); $query = 'SELECT memberid FROM' . ' ' . $db->get_table('login') . ' ' . 'WHERE last_login <' . ' ' . $date . ' ' . 'OR last_login IS NULL'; $result = $db->db->query($query); $db->check_for_error($result); $memberids = array(); print $query; while ($id = $result->fetchRow()) { $memberids[] = $id['memberid']; #print $id['memberid']; } //delet users $db->del_users($memberids); CmnFns::write_log('Users deleted based because of inactivity. ' . join(', ', 'memberids'), 'sessionID');
/** * Queries LDAP for user information * @param string $dn * @return boolean indicating success or failure */ function loadUserData($dn) { $this->emailAddress = array(); // We are instered in getting just the user's first name and his/her mail attribute(s) $attributes = $this->mailAttr; array_push($attributes, strtolower($this->name)); switch ($this->serverType) { case "ldap": $result = ldap_search($this->connection, $dn, "objectclass=*", $attributes); break; case "ad": if (strtolower($this->login) == 'samaccountname') { // dn is of the form 'user@domain' list($samaccountname, $domain) = explode("@", $dn); $result = ldap_search($this->connection, $this->getSearchBase(), $this->login . "=" . $samaccountname, $attributes); } else { // dn is standard LDAP dn $result = ldap_search($this->connection, $dn, "objectclass=*", $attributes); } break; } $entries = ldap_get_entries($this->connection, $result); if ($result and $entries["count"] > 0) { // The search should give a single entry // If several results are found get the first entry $this->firstName = $entries[0][strtolower($this->name)][0]; foreach ($this->mailAttr as $value) { // For single value or multiple value attribute for ($i = 0; $i < $entries[0][strtolower($value)]["count"]; $i++) { # AD proxyAddresses attribute values have 'smtp:' string before the actual email address if (preg_match("/^smtp:/i", strtolower($entries[0][strtolower($value)][$i])) == 1) { array_push($this->emailAddress, preg_replace("/^\\w+:/", '', strtolower($entries[0][strtolower($value)][$i]))); } else { array_push($this->emailAddress, strtolower($entries[0][strtolower($value)][$i])); } } } } else { // If no results returned $this->ldapErrorCode = -1; $this->ldapErrorText = "No entry found matching search criteria"; CmnFns::write_log($this->ldapErrorCode . ': ' . $this->ldapErrorText, ''); return false; } return true; }
/** * Checks to see if there was a database error and die if there was * @param object $result result object of query */ function check_for_error($result) { if (DB::isError($result)) { CmnFns::do_error_box(translate('There was an error executing your query') . '<br />' . $result->getMessage() . ' ' . $result->getDebugInfo() . '<br />' . '<a href="javascript: history.back();">' . translate('Back') . '</a>'); CmnFns::write_log($result->getMessage() . ' ' . $result->getDebugInfo()); } return false; }
/** * Release messages function * @param array $emailaddresses recipient email address(es) * @param array $mail_id_array containing mail_id of messages to be released * @result return array of messages whose release failed */ function releaseMessages($emailaddresses, $mail_id_array) { /*** Array pertaining to the release of messages ***/ // This is an array of array, the key being the $mail_id // and the value being an array containing all the messages info (time, subject, ...) and also the release status. // The reason for this is that we want to keep the ordering of the messages selected for release. $release_messages = array(); // This is an array of array, the key being the host // and the value being an array containing all the release info such as secret_id (one row per message) $hosts = array(); /*** Variables pertaining to the request of release ***/ // This array contains the messages that the logged in user wants the Admins to release $release_req_messages = array(); // Counter for the number of release requests $j = 0; $nb_failure = 0; $db = new DBEngine(); // Set autocommit to false to improve speed of 'RS' flag set up $result = $db->db->autoCommit(false); $db->check_for_error($result, 'PEAR DB autoCommit(false)'); // Fill the arrays foreach ($mail_id_array as $mail_id_recip) { // Get mail_id and recipient email address $temp = preg_split('/_/', $mail_id_recip, 2); $mail_id = $temp[0]; $recip_email = $temp[1]; // Check if logged in user is admin or logged in user is trying to release his own messages if (Auth::isMailAdmin() || in_array($recip_email, $emailaddresses)) { $result = $db->get_message($recip_email, $mail_id); } else { continue; } $rs = $result[0]; // if content type is 'B' or 'V' and the logged in user is not admin // add message to array of release request if (in_array($rs['content'], array('B', 'V')) && !Auth::isMailAdmin()) { $release_req_messages[$j] = array("mail_id" => $mail_id, "from_addr" => $rs['from_addr'], "subject" => $rs['subject'], "time_num" => $rs['time_num'], "spam_level" => $rs['spam_level'], "content" => $rs['content']); // Try to update the RS flag to 'p' for pending if (!$db->update_msgrcpt_rs($mail_id, $recip_email, 'p')) { $release_req_messages[$j]["status"] = "Error: " . $db->get_err(); } else { $release_req_messages[$j]["status"] = "Pending"; } $j++; // Other cases where: // - content type is 'B' or 'V' but the logged in user is admin, therefore allowed to release message // - content type is 'S' or 'H' } else { // add message to be released to $hosts array $release_messages[$mail_id_recip] = array("mail_id" => $mail_id, "time" => $rs['time_num'], "subject" => $rs['subject'], "from_addr" => $rs['from_addr'], "spam_level" => $rs['spam_level'], "content" => $rs['content']); $hosts[$rs['host']][$mail_id_recip] = array("secret_id" => $rs['secret_id'], "quar_type" => $rs['quar_type'], "quar_loc" => $rs['quar_loc'], "recip_email" => $rs['email']); } } global $conf; // If release request needs to be sent to Admins if (is_array($release_req_messages) && !empty($release_req_messages) && $conf['app']['notifyAdmin']) { sendMailToAdmin(translate('Request release'), $release_req_messages); } // If release needs to be done if (is_array($hosts) && !empty($hosts)) { // For each host create socket, connect and release all messages pertaining to that host foreach ($hosts as $host => $message_info) { // Create new TCP/IP socket and try to connect to $host using this socket $am = new AmavisdEngine($host); if (!$am->connected) { foreach ($message_info as $mail_id_recip => $release_info) { $release_messages[$mail_id_recip]['error_code'] = 1; $release_messages[$mail_id_recip]['status'] = $am->last_error; $nb_failure++; } } else { foreach ($message_info as $mail_id_recip => $release_info) { $socket_binding_result = $am->release_message($release_messages[$mail_id_recip]['mail_id'], $release_info['secret_id'], $release_info['recip_email'], $release_info['quar_type'], $release_info['quar_loc']); if (preg_match('/^setreply=250/', $socket_binding_result)) { if ($db->update_msgrcpt_rs($release_messages[$mail_id_recip]['mail_id'], $release_info['recip_email'], 'R')) { $release_messages[$mail_id_recip]['error_code'] = "0"; CmnFns::write_log('Message Released [' . $release_messages[$mail_id_recip]['content'] . ']: ' . $release_messages[$mail_id_recip]['mail_id'], $_SESSION['sessionID']); } else { $release_messages[$mail_id_recip]['error_code'] = 2; $release_messages[$mail_id_recip]['status'] = "Error: " . $db->get_err(); $nb_failure++; } } else { $release_messages[$mail_id_recip]['error_code'] = 3; $release_messages[$mail_id_recip]['status'] = $am->last_error; $nb_failure++; } } // Shuting down and closing socket $am->disconnect(); } } } // Commit, then set autocommit back to true $result = $db->db->commit(); $db->check_for_error($result, 'PEAR DB commit()'); $result = $db->db->autoCommit(true); $db->check_for_error($result, 'PEAR DB autoCommit(true)'); // Build array of messages whose release failed $failed_array = array(); $i = 0; if ($nb_failure > 0) { foreach ($mail_id_array as $mail_id_recip) { if ($release_messages[$mail_id_recip]['error_code'] != 0) { $failed_array[$i] = array("mail_id" => $release_messages[$mail_id_recip]['mail_id'], "from_addr" => $release_messages[$mail_id_recip]['from_addr'], "subject" => $release_messages[$mail_id_recip]['subject'], "time_num" => $release_messages[$mail_id_recip]['time'], "spam_level" => $release_messages[$mail_id_recip]['spam_level'], "content" => $release_messages[$mail_id_recip]['content'], "status" => $release_messages[$mail_id_recip]['status']); CmnFns::write_log($release_messages[$mail_id_recip]['status'], $_SESSION['sessionID']); $i++; } } } // Return array of messages whose release failed return $failed_array; }