DAO_Worker::getWhere PHP Code-Beispiele

Beispiel #1

0

Datei anzeigen

Datei: App.php Projekt: rmiddle/usermeet

 function handleRequest(DevblocksHttpRequest $request)
 {
     $stack = $request->path;
     $db = DevblocksPlatform::getDatabaseService();
     // **** BEGIN AUTH
     @($verb = $_SERVER['REQUEST_METHOD']);
     @($header_date = $_SERVER['HTTP_DATE']);
     @($header_signature = $_SERVER['HTTP_PORTSENSOR_AUTH']);
     @($this->_payload = $this->_getRawPost());
     @(list($auth_worker_email, $auth_signature) = explode(":", $header_signature, 2));
     $url_parts = parse_url(DevblocksPlatform::getWebPath());
     $url_path = $url_parts['path'];
     $url_query = $this->_sortQueryString($_SERVER['QUERY_STRING']);
     $string_to_sign_prefix = "{$verb}\n{$header_date}\n{$url_path}\n{$url_query}\n{$this->_payload}";
     if (!$this->_validateRfcDate($header_date)) {
         $this->_error("Access denied! (Invalid timestamp)");
     }
     //		if(strpos($auth_access_key,'@')) { // WORKER-LEVEL AUTH
     $results = DAO_Worker::getWhere(sprintf("%s = %s", DAO_Worker::EMAIL, $db->qstr($auth_worker_email)));
     if (empty($results)) {
         $this->_error("Access denied! (Invalid authentication)");
     } else {
         $worker = array_shift($results);
         $this->setActiveWorker($worker);
     }
     if (null == $this->getActiveWorker()) {
         $this->_error("Access denied! (Invalid worker)");
     }
     if (!$worker->hasPriv('plugin.usermeet.webapi')) {
         $this->_error("Access denied! (No permission)");
     }
     $pass = $this->getActiveWorker()->pass;
     $string_to_sign = "{$string_to_sign_prefix}\n{$pass}\n";
     $compare_hash = base64_encode(sha1($string_to_sign, true));
     if (0 != strcmp($auth_signature, $compare_hash)) {
         $this->_error("Access denied! (Invalid password)");
     }
     // **** END APP AUTH
     // Figure out our format by looking at the last path argument
     @(list($command, $format) = explode('.', array_pop($stack)));
     array_push($stack, $command);
     $this->_format = $format;
     // Call the verb as an action
     $method = strtolower($verb) . 'Action';
     if (method_exists($this, $method)) {
         call_user_func(array(&$this, $method), $stack);
     } else {
         $this->_error("Invalid action.");
     }
 }

Beispiel #2

0

Datei anzeigen

Datei: setup.php Projekt: rmiddle/feg

 function saveWorkerPeekAction()
 {
     $translate = DevblocksPlatform::getTranslationService();
     $active_worker = FegApplication::getActiveWorker();
     if (!$active_worker || !$active_worker->is_superuser) {
         return;
     }
     @($id = DevblocksPlatform::importGPC($_POST['id'], 'integer'));
     @($view_id = DevblocksPlatform::importGPC($_POST['view_id'], 'string'));
     @($first_name = DevblocksPlatform::importGPC($_POST['first_name'], 'string'));
     @($last_name = DevblocksPlatform::importGPC($_POST['last_name'], 'string'));
     @($title = DevblocksPlatform::importGPC($_POST['title'], 'string'));
     @($email = DevblocksPlatform::importGPC($_POST['email'], 'string'));
     @($password = DevblocksPlatform::importGPC($_POST['password'], 'string'));
     @($is_superuser = DevblocksPlatform::importGPC($_POST['is_superuser'], 'integer', 0));
     @($disabled = DevblocksPlatform::importGPC($_POST['is_disabled'], 'integer', 0));
     //		@$group_ids = DevblocksPlatform::importGPC($_POST['group_ids'],'array');
     //		@$group_roles = DevblocksPlatform::importGPC($_POST['group_roles'],'array');
     @($delete = DevblocksPlatform::importGPC($_POST['do_delete'], 'integer', 0));
     // [TODO] The superuser set bit here needs to be protected by ACL
     if (empty($first_name)) {
         $first_name = "Anonymous";
     }
     if (!empty($id) && !empty($delete)) {
         // Can't delete or disable self
         if ($active_worker->id != $id) {
             DAO_Worker::delete($id);
         }
     } else {
         if (empty($id) && null == DAO_Worker::getWhere(sprintf("%s=%s", DAO_Worker::EMAIL, Feg_ORMHelper::qstr($email)))) {
             $workers = DAO_Worker::getAll();
             $license = FegLicense::getInstance();
             if (!empty($license) && !empty($license['serial']) || count($workers) < 3) {
                 // Creating new worker.  If password is empty, email it to them
                 if (empty($password)) {
                     $settings = DevblocksPlatform::getPluginSettingsService();
                     $replyFrom = $settings->get('feg.core', FegSettings::DEFAULT_REPLY_FROM);
                     $replyPersonal = $settings->get('feg.core', FegSettings::DEFAULT_REPLY_PERSONAL, '');
                     $url = DevblocksPlatform::getUrlService();
                     $password = FegApplication::generatePassword(8);
                 }
                 $fields = array(DAO_Worker::EMAIL => $email, DAO_Worker::PASS => $password);
                 $id = DAO_Worker::create($fields);
             }
         }
         // end create worker
         // Update
         $fields = array(DAO_Worker::FIRST_NAME => $first_name, DAO_Worker::LAST_NAME => $last_name, DAO_Worker::TITLE => $title, DAO_Worker::EMAIL => $email, DAO_Worker::IS_SUPERUSER => $is_superuser, DAO_Worker::IS_DISABLED => $disabled);
         // if we're resetting the password
         if (!empty($password)) {
             $fields[DAO_Worker::PASS] = md5($password);
         }
         // Update worker
         DAO_Worker::update($id, $fields);
         // Custom field saves
         @($field_ids = DevblocksPlatform::importGPC($_POST['field_ids'], 'array', array()));
         DAO_CustomFieldValue::handleFormPost(FegCustomFieldSource_Worker::ID, $id, $field_ids);
     }
     if (!empty($view_id)) {
         $view = Feg_AbstractViewLoader::getView($view_id);
         $view->render();
     }
 }

Beispiel #3

0

Datei anzeigen

Datei: index.php Projekt: rmiddle/feg

 case STEP_DEFAULTS:
     @($form_submit = DevblocksPlatform::importGPC($_POST['form_submit'], 'integer'));
     @($worker_email = DevblocksPlatform::importGPC($_POST['worker_email'], 'string'));
     @($worker_pass = DevblocksPlatform::importGPC($_POST['worker_pass'], 'string'));
     @($worker_pass2 = DevblocksPlatform::importGPC($_POST['worker_pass2'], 'string'));
     $db = DevblocksPlatform::getDatabaseService();
     $settings = DevblocksPlatform::getPluginSettingsService();
     if (!empty($form_submit)) {
         // Persist form scope
         $tpl->assign('worker_email', $worker_email);
         $tpl->assign('worker_pass', $worker_pass);
         $tpl->assign('worker_pass2', $worker_pass2);
         // Sanity/Error checking
         if (!empty($worker_email) && !empty($worker_pass) && $worker_pass == $worker_pass2) {
             // If this worker doesn't exist, create them
             $results = DAO_Worker::getWhere(sprintf("%s = %s", DAO_Worker::EMAIL, $db->qstr($worker_email)));
             if (empty($results)) {
                 $fields = array(DAO_Worker::EMAIL => $worker_email, DAO_Worker::PASS => md5($worker_pass), DAO_Worker::FIRST_NAME => 'Super', DAO_Worker::LAST_NAME => 'User', DAO_Worker::TITLE => 'Administrator', DAO_Worker::IS_SUPERUSER => 1);
                 $worker_id = DAO_Worker::create($fields);
             }
             $tpl->assign('step', STEP_REGISTER);
             $tpl->display('steps/redirect.tpl');
             exit;
         } else {
             $tpl->assign('failed', true);
         }
     } else {
         // Defaults
     }
     $tpl->assign('template', 'steps/step_defaults.tpl');
     break;

Beispiel #4

0

Datei anzeigen

Datei: setup.php Projekt: jstanden/portsensor

 function saveWorkerPeekAction()
 {
     $translate = DevblocksPlatform::getTranslationService();
     $active_worker = PortSensorApplication::getActiveWorker();
     if (!$active_worker || !$active_worker->is_superuser) {
         return;
     }
     @($id = DevblocksPlatform::importGPC($_POST['id'], 'integer'));
     @($view_id = DevblocksPlatform::importGPC($_POST['view_id'], 'string'));
     @($first_name = DevblocksPlatform::importGPC($_POST['first_name'], 'string'));
     @($last_name = DevblocksPlatform::importGPC($_POST['last_name'], 'string'));
     @($title = DevblocksPlatform::importGPC($_POST['title'], 'string'));
     @($email = DevblocksPlatform::importGPC($_POST['email'], 'string'));
     @($password = DevblocksPlatform::importGPC($_POST['password'], 'string'));
     @($is_superuser = DevblocksPlatform::importGPC($_POST['is_superuser'], 'integer', 0));
     @($disabled = DevblocksPlatform::importGPC($_POST['is_disabled'], 'integer', 0));
     //		@$group_ids = DevblocksPlatform::importGPC($_POST['group_ids'],'array');
     //		@$group_roles = DevblocksPlatform::importGPC($_POST['group_roles'],'array');
     @($delete = DevblocksPlatform::importGPC($_POST['do_delete'], 'integer', 0));
     // [TODO] The superuser set bit here needs to be protected by ACL
     if (empty($first_name)) {
         $first_name = "Anonymous";
     }
     if (!empty($id) && !empty($delete)) {
         // Can't delete or disable self
         if ($active_worker->id != $id) {
             DAO_Worker::delete($id);
         }
     } else {
         if (empty($id) && null == DAO_Worker::getWhere(sprintf("%s=%s", DAO_Worker::EMAIL, Ps_ORMHelper::qstr($email)))) {
             $workers = DAO_Worker::getAll();
             $license = PortSensorLicense::getInstance();
             if (!empty($license) && !empty($license['serial']) || count($workers) < 3) {
                 // Creating new worker.  If password is empty, email it to them
                 if (empty($password)) {
                     $settings = DevblocksPlatform::getPluginSettingsService();
                     $replyFrom = $settings->get('portsensor.core', PortSensorSettings::DEFAULT_REPLY_FROM);
                     $replyPersonal = $settings->get('portsensor.core', PortSensorSettings::DEFAULT_REPLY_PERSONAL, '');
                     $url = DevblocksPlatform::getUrlService();
                     $password = PortSensorApplication::generatePassword(8);
                     //						try {
                     //					        $mail_service = DevblocksPlatform::getMailService();
                     //					        $mailer = $mail_service->getMailer(CerberusMail::getMailerDefaults());
                     //					        $mail = $mail_service->createMessage();
                     //
                     //							$mail->setTo(array($email => $first_name . ' ' . $last_name));
                     //							$mail->setFrom(array($replyFrom => $replyPersonal));
                     //					        $mail->setSubject('Your new helpdesk login information!');
                     //					        $mail->generateId();
                     //
                     //							$headers = $mail->getHeaders();
                     //
                     //					        $headers->addTextHeader('X-Mailer','Cerberus Helpdesk (Build '.APP_BUILD.')');
                     //
                     //						    $body = sprintf("Your new helpdesk login information is below:\r\n".
                     //								"\r\n".
                     //						        "URL: %s\r\n".
                     //						        "Login: %s\r\n".
                     //						        "Password: %s\r\n".
                     //						        "\r\n".
                     //						        "You should change your password from Preferences after logging in for the first time.\r\n".
                     //						        "\r\n",
                     //							        $url->write('',true),
                     //							        $email,
                     //							        $password
                     //						    );
                     //
                     //							$mail->setBody($body);
                     //
                     //							if(!$mailer->send($mail)) {
                     //								throw new Exception('Password notification email failed to send.');
                     //							}
                     //						} catch (Exception $e) {
                     //							// [TODO] need to report to the admin when the password email doesn't send.  The try->catch
                     //							// will keep it from killing php, but the password will be empty and the user will never get an email.
                     //						}
                 }
                 $fields = array(DAO_Worker::EMAIL => $email, DAO_Worker::PASS => $password);
                 $id = DAO_Worker::create($fields);
             }
         }
         // end create worker
         // Update
         $fields = array(DAO_Worker::FIRST_NAME => $first_name, DAO_Worker::LAST_NAME => $last_name, DAO_Worker::TITLE => $title, DAO_Worker::EMAIL => $email, DAO_Worker::IS_SUPERUSER => $is_superuser, DAO_Worker::IS_DISABLED => $disabled);
         // if we're resetting the password
         if (!empty($password)) {
             $fields[DAO_Worker::PASS] = md5($password);
         }
         // Update worker
         DAO_Worker::update($id, $fields);
         // Update group memberships
         //			if(is_array($group_ids) && is_array($group_roles))
         //			foreach($group_ids as $idx => $group_id) {
         //				if(empty($group_roles[$idx])) {
         //					DAO_Group::unsetTeamMember($group_id, $id);
         //				} else {
         //					DAO_Group::setTeamMember($group_id, $id, (2==$group_roles[$idx]));
         //				}
         //			}
         // Add the worker e-mail to the addresses table
         //			if(!empty($email))
         //				DAO_Address::lookupAddress($email, true);
         // Addresses
         //			if(null == DAO_AddressToWorker::getByAddress($email)) {
         //				DAO_AddressToWorker::assign($email, $id);
         //				DAO_AddressToWorker::update($email, array(
         //					DAO_AddressToWorker::IS_CONFIRMED => 1
         //				));
         //			}
         // Custom field saves
         @($field_ids = DevblocksPlatform::importGPC($_POST['field_ids'], 'array', array()));
         DAO_CustomFieldValue::handleFormPost(PsCustomFieldSource_Worker::ID, $id, $field_ids);
     }
     if (!empty($view_id)) {
         $view = Ps_AbstractViewLoader::getView($view_id);
         $view->render();
     }
     //DevblocksPlatform::setHttpResponse(new DevblocksHttpResponse(array('setup','workers')));
 }

Beispiel #5

0

Datei anzeigen

Datei: login.php Projekt: rmiddle/usermeet

 function doRecoverStep3Action()
 {
     @($password = DevblocksPlatform::importGPC($_REQUEST['password'], 'string'));
     $email = $_SESSION[self::KEY_FORGOT_EMAIL];
     $sentcode = $_SESSION[self::KEY_FORGOT_SENTCODE];
     $code = $_SESSION[self::KEY_FORGOT_CODE];
     $worker = null;
     $results = DAO_Worker::getWhere(sprintf("%s = %s", DAO_Worker::EMAIL, Um_ORMHelper::qstr($email)));
     if (!empty($results)) {
         $worker = array_shift($results);
     }
     if (empty($email) || empty($code) || empty($worker)) {
         return;
     }
     if (0 == strcmp($sentcode, $code)) {
         // passed
         DAO_Worker::update($worker->id, array(DAO_Worker::PASS => md5($password)));
         unset($_SESSION[self::KEY_FORGOT_EMAIL]);
         unset($_SESSION[self::KEY_FORGOT_CODE]);
         unset($_SESSION[self::KEY_FORGOT_SENTCODE]);
         DevblocksPlatform::redirect(new DevblocksHttpResponse(array('login')));
     } else {
         DevblocksPlatform::redirect(new DevblocksHttpResponse(array('login', 'forgot', 'step2')));
     }
 }

PHP DAO_Worker::getWhere Beispiele