function modify()
{
$db =& $this->db;
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$refer = Kit::GetParam('refer', _POST, _STRING);
$usertype = Kit::GetParam('usertype', _SESSION, _INT);
$ids = Kit::GetParam('id', _POST, _ARRAY);
$values = Kit::GetParam('value', _POST, _ARRAY);
$size = count($ids);
if ($usertype != 1) {
setMessage(__("Only admin users are allowed to modify settings"));
return $refer;
}
// Get the SettingId for LIBRARY_LOCATION
$SQL = sprintf("SELECT settingid FROM setting WHERE setting = '%s'", 'LIBRARY_LOCATION');
if (!($result = $db->query($SQL))) {
trigger_error($db->error());
trigger_error(__('Cannot find the Library Location Setting - this is serious.'), E_USER_ERROR);
}
if ($db->num_rows($result) == 0) {
trigger_error(__('Cannot find the Library Location Setting - this is serious.'), E_USER_ERROR);
}
$row = $db->get_row($result);
$librarySettingId = $row[0];
// Loop through and modify the settings
for ($i = 0; $i < $size; $i++) {
$value = Kit::ValidateParam($values[$i], _STRING);
$id = $ids[$i];
// Is this the library location setting
if ($id == $librarySettingId) {
// Check for a trailing slash and add it if its not there
$value = rtrim($value, '/') . '/';
// Attempt to add the directory specified
if (!file_exists($value . 'temp')) {
// Make the directory with broad permissions recursively (so will add the whole path)
mkdir($value . 'temp', 0777, true);
}
if (!is_writable($value . 'temp')) {
trigger_error(__('The Library Location you have picked is not writable'), E_USER_ERROR);
}
}
$SQL = sprintf("UPDATE setting SET value = '%s' WHERE settingid = %d ", $db->escape_string($value), $id);
if (!$db->query($SQL)) {
trigger_error($db->error());
trigger_error(__('Update of settings failed.'), E_USER_ERROR);
}
}
$response = new ResponseManager();
$response->SetFormSubmitResponse(__('Settings Updated'), false);
$response->Respond();
}
function login()
{
$db =& $this->db;
$user =& $this->user;
global $session;
// this page must be called from a form therefore we expect POST variables
$username = Kit::GetParam('username', _POST, _USERNAME);
$password = Kit::GetParam('password', _POST, _PASSWORD);
$referingpage = rawurldecode(Kit::GetParam('referingPage', _GET, _STRING));
// Check the token
if (!Kit::CheckToken()) {
// We would usually issue a HALT error here - but in the case of login we should redirect instead
trigger_error('Token does not match');
// Split on & and rejoin with &
$params = explode('&', $referingpage, 3);
unset($params['message']);
$referingpage = implode('&', $params) . '&message=Token Error';
header('Location:index.php?' . $referingpage);
exit;
}
if ($user->login($username, $password)) {
$userid = Kit::GetParam('userid', _SESSION, _INT);
$username = Kit::GetParam('username', _SESSION, _USERNAME);
setMessage($username . ' logged in');
$session->set_user(session_id(), $userid, 'user');
}
Debug::LogEntry('audit', 'Login with refering page: ' . $referingpage);
if ($referingpage == '') {
header('Location:index.php?p=index');
} else {
// Split on & and rejoin with &
$params = explode('&', $referingpage, 3);
unset($params['message']);
$referingpage = implode('&', $params);
header('Location:index.php?' . $referingpage);
}
exit;
}
/**
* Register a new application with OAuth
*/
public function Register()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
$userid = Kit::GetParam('userid', _SESSION, _INT);
$message = '';
try {
$store = OAuthStore::instance();
$key = $store->updateConsumer($_POST, $userid);
$c = $store->getConsumer($key, $userid);
$message .= sprintf(__('Your consumer key is: %s'), $c['consumer_key']) . '<br />';
$message .= sprintf(__('Your consumer secret is: %s'), $c['consumer_secret']) . '<br />';
} catch (OAuthException $e) {
trigger_error('Error: ' . $e->getMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse($message, false);
$response->Respond();
}
function ManualRegionPosition()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
$layoutid = Kit::GetParam('layoutid', _POST, _INT);
$regionid = Kit::GetParam('regionid', _POST, _STRING);
$regionName = Kit::GetParam('name', _POST, _STRING);
$top = Kit::GetParam('top', _POST, _INT);
$left = Kit::GetParam('left', _POST, _INT);
$width = Kit::GetParam('width', _POST, _INT);
$height = Kit::GetParam('height', _POST, _INT);
$scale = Kit::GetParam('scale', _POST, _DOUBLE);
$zoom = Kit::GetParam('zoom', _POST, _DOUBLE);
// Adjust the dimensions
// For version 2 layouts and above, the scale will always be 1.
// Version 1 layouts need to use scale because the values in the XLF should be scaled down
$top = $top / $scale;
$left = $left / $scale;
$width = $width / $scale;
$height = $height / $scale;
// Transitions?
$transitionType = Kit::GetParam('transitionType', _POST, _WORD);
$duration = Kit::GetParam('transitionDuration', _POST, _INT, 0);
$direction = Kit::GetParam('transitionDirection', _POST, _WORD, '');
$region = new region($db);
$ownerId = $region->GetOwnerId($layoutid, $regionid);
$regionAuth = $this->user->RegionAssignmentAuth($ownerId, $layoutid, $regionid, true);
if (!$regionAuth->edit) {
trigger_error(__('You do not have permissions to edit this region'), E_USER_ERROR);
}
Debug::LogEntry('audit', sprintf('Layoutid [%d] Regionid [%s]', $layoutid, $regionid), 'layout', 'ManualRegionPosition');
// Remove the "px" from them
$width = str_replace('px', '', $width);
$height = str_replace('px', '', $height);
$top = str_replace('px', '', $top);
$left = str_replace('px', '', $left);
// Create some options
$options = array(array('name' => 'transOut', 'value' => $transitionType), array('name' => 'transOutDuration', 'value' => $duration), array('name' => 'transOutDirection', 'value' => $direction), array('name' => 'loop', 'value' => Kit::GetParam('loop', _POST, _CHECKBOX)));
// Edit the region
if (!$region->EditRegion($layoutid, $regionid, $width, $height, $top, $left, $regionName, $options, Kit::GetParam('zindex', _POST, _INT, NULL))) {
trigger_error($region->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse('Region Resized', true, "index.php?p=layout&modify=true&layoutid={$layoutid}&zoom={$zoom}");
$response->Respond();
}
/**
* Deletes a Group
* @return
*/
function Delete()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$response = new ResponseManager();
$displayProfile = new DisplayProfile();
$displayProfile->displayProfileId = Kit::GetParam('displayprofileid', _POST, _INT);
if (!$displayProfile->Load()) {
trigger_error($displayProfile->GetErrorMessage(), E_USER_ERROR);
}
if ($this->user->usertypeid != 1 && $this->user->userid != $displayProfile->userId) {
trigger_error(__('You do not have permission to edit this profile'), E_USER_ERROR);
}
if (!$displayProfile->Delete($displayProfile->displayProfileId)) {
trigger_error($displayProfile->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('Display Profile Deleted'), false);
$response->Respond();
}
/**
* Logs out a user
* @return
*/
function LogoutUser()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$db =& $this->db;
//ajax request handler
$response = new ResponseManager();
$userID = Kit::GetParam('userid', _POST, _INT);
$SQL = sprintf("UPDATE session SET IsExpired = 1 WHERE userID = %d", $userID);
if (!$db->query($SQL)) {
trigger_error($db->error());
trigger_error(__("Unable to log out this user"), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('User Logged Out.'));
$response->Respond();
}
/**
* Set this templates permissions
*/
public function Permissions()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
$templateId = Kit::GetParam('templateid', _POST, _INT);
if ($templateId == 0) {
trigger_error(__('No template selected'), E_USER_ERROR);
}
// Is this user allowed to delete this template?
$auth = $this->user->TemplateAuth($templateId, true);
$groupIds = Kit::GetParam('groupids', _POST, _ARRAY);
// Unlink all
Kit::ClassLoader('templategroupsecurity');
$security = new TemplateGroupSecurity($db);
if (!$security->UnlinkAll($templateId)) {
trigger_error(__('Unable to set permissions'), E_USER_ERROR);
}
// Some assignments for the loop
$lastGroupId = 0;
$first = true;
$view = 0;
$edit = 0;
$del = 0;
// List of groupIds with view, edit and del assignments
foreach ($groupIds as $groupPermission) {
$groupPermission = explode('_', $groupPermission);
$groupId = $groupPermission[0];
if ($first) {
// First time through
$first = false;
$lastGroupId = $groupId;
}
if ($groupId != $lastGroupId) {
// The groupId has changed, so we need to write the current settings to the db.
// Link new permissions
if (!$security->Link($templateId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'), E_USER_ERROR);
}
// Reset
$lastGroupId = $groupId;
$view = 0;
$edit = 0;
$del = 0;
}
switch ($groupPermission[1]) {
case 'view':
$view = 1;
break;
case 'edit':
$edit = 1;
break;
case 'del':
$del = 1;
break;
}
}
// Need to do the last one
if (!$first) {
if (!$security->Link($templateId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'), E_USER_ERROR);
}
}
$response->SetFormSubmitResponse(__('Permissions Changed'));
$response->Respond();
}
/**
* Deletes a template
* @return
*/
function DeleteTemplate()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
$templateId = Kit::GetParam('templateId', _POST, _INT);
if ($templateId == 0) {
trigger_error(__('No template selected'), E_USER_ERROR);
}
// Is this user allowed to delete this template?
$auth = $this->user->TemplateAuth($templateId, true);
if (!$auth->del) {
trigger_error(__('Access denied'), E_USER_ERROR);
}
// Use the data class
$template = new Layout();
// Delete the template
if (!$template->Delete($templateId)) {
trigger_error($template->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('The Template has been Deleted'));
$response->Respond();
}
/**
* Wake on LAN
*/
public function WakeOnLan()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$response = new ResponseManager();
$displayObject = new Display($db);
$displayId = Kit::GetParam('DisplayId', _POST, _INT);
if (!$displayObject->WakeOnLan($displayId)) {
trigger_error($displayObject->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('Wake on Lan command sent.'));
$response->Respond();
}
public function Permissions()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
Kit::ClassLoader('datasetgroupsecurity');
$dataSetId = Kit::GetParam('datasetid', _POST, _INT);
$groupIds = Kit::GetParam('groupids', _POST, _ARRAY);
$auth = $this->user->DataSetAuth($dataSetId, true);
if (!$auth->modifyPermissions) {
trigger_error(__('You do not have permissions to edit this dataset'), E_USER_ERROR);
}
// Unlink all
$security = new DataSetGroupSecurity($db);
if (!$security->UnlinkAll($dataSetId)) {
trigger_error(__('Unable to set permissions'));
}
// Some assignments for the loop
$lastGroupId = 0;
$first = true;
$view = 0;
$edit = 0;
$del = 0;
// List of groupIds with view, edit and del assignments
foreach ($groupIds as $groupPermission) {
$groupPermission = explode('_', $groupPermission);
$groupId = $groupPermission[0];
if ($first) {
// First time through
$first = false;
$lastGroupId = $groupId;
}
if ($groupId != $lastGroupId) {
// The groupId has changed, so we need to write the current settings to the db.
// Link new permissions
if (!$security->Link($dataSetId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'), E_USER_ERROR);
}
// Reset
$lastGroupId = $groupId;
$view = 0;
$edit = 0;
$del = 0;
}
switch ($groupPermission[1]) {
case 'view':
$view = 1;
break;
case 'edit':
$edit = 1;
break;
case 'del':
$del = 1;
break;
}
}
// Need to do the last one
if (!$first) {
if (!$security->Link($dataSetId, $lastGroupId, $view, $edit, $del)) {
trigger_error(__('Unable to set permissions'), E_USER_ERROR);
}
}
$response->SetFormSubmitResponse(__('Permissions Changed'));
$response->Respond();
}
/**
* Truncate the Log
*/
public function Truncate()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$db =& $this->db;
if ($this->user->usertypeid != 1) {
trigger_error(__('Only Administrator Users can truncate the log'), E_USER_ERROR);
}
$db->query("TRUNCATE TABLE log");
$response = new ResponseManager();
$response->SetFormSubmitResponse('Log Truncated');
$response->Respond();
}
/**
* Menu Item Security Assignment to Groups
* @return
*/
function MenuItemSecurityAssign()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$groupid = Kit::GetParam('groupid', _POST, _INT);
$pageids = $_POST['pageids'];
foreach ($pageids as $menuItemId) {
$row = explode(",", $menuItemId);
$menuItemId = $row[1];
// If the ID is 0 then this menu item is not currently assigned
if ($row[0] == "0") {
//it isnt assigned and we should assign it
$SQL = sprintf("INSERT INTO lkmenuitemgroup (GroupID, MenuItemID) VALUES (%d, %d)", $groupid, $menuItemId);
if (!$db->query($SQL)) {
trigger_error($db->error());
Kit::Redirect(array('success' => false, 'message' => __('Can\'t assign this menu item to this group')));
}
} else {
//it is already assigned and we should remove it
$SQL = sprintf("DELETE FROM lkmenuitemgroup WHERE groupid = %d AND MenuItemID = %d", $groupid, $menuItemId);
if (!$db->query($SQL)) {
trigger_error($db->error());
Kit::Redirect(array('success' => false, 'message' => __('Can\'t remove this menu item from this group')));
}
}
}
// Response
$response = new ResponseManager();
$response->SetFormSubmitResponse(__('User Group Menu Security Edited'));
$response->keepOpen = true;
$response->Respond();
}
/**
* Edit Transition
*/
public function Edit()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$response = new ResponseManager();
// Can we edit?
if (Config::GetSetting('TRANSITION_CONFIG_LOCKED_CHECKB') == 'Checked') {
trigger_error(__('Transition Config Locked'), E_USER_ERROR);
}
$transitionId = Kit::GetParam('TransitionID', _POST, _INT);
$enabledForIn = Kit::GetParam('EnabledForIn', _POST, _CHECKBOX);
$enabledForOut = Kit::GetParam('EnabledForOut', _POST, _CHECKBOX);
// Validation
if ($transitionId == 0 || $transitionId == '') {
trigger_error(__('Transition ID is missing'), E_USER_ERROR);
}
// Deal with the Edit
$SQL = "UPDATE `transition` SET AvailableAsIn = %d, AvailableAsOut = %d WHERE TransitionID = %d";
$SQL = sprintf($SQL, $enabledForIn, $enabledForOut, $transitionId);
if (!$db->query($SQL)) {
trigger_error($db->error());
trigger_error(__('Unable to update transition'), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('Transition Edited'), false);
$response->Respond();
}
public function Delete()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$response = new ResponseManager();
$helpId = Kit::GetParam('HelpID', _POST, _INT);
// Deal with the Edit
Kit::ClassLoader('help');
$helpObject = new Help($db);
if (!$helpObject->Delete($helpId)) {
trigger_error($helpObject->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('Help Link Deleted'), false);
$response->Respond();
}
function ManualRegionPosition()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
$layoutid = Kit::GetParam('layoutid', _POST, _INT);
$regionid = Kit::GetParam('regionid', _POST, _STRING);
$regionName = Kit::GetParam('name', _POST, _STRING);
$top = Kit::GetParam('top', _POST, _INT);
$left = Kit::GetParam('left', _POST, _INT);
$width = Kit::GetParam('width', _POST, _INT);
$height = Kit::GetParam('height', _POST, _INT);
$scale = Kit::GetParam('scale', _POST, _DOUBLE);
// Adjust the dimensions
$top = $top / $scale;
$left = $left / $scale;
$width = $width / $scale;
$height = $height / $scale;
// Transitions?
$transitionType = Kit::GetParam('transitionType', _POST, _WORD);
$duration = Kit::GetParam('transitionDuration', _POST, _INT, 0);
$direction = Kit::GetParam('transitionDirection', _POST, _WORD, '');
Kit::ClassLoader('region');
$region = new region($db);
$ownerId = $region->GetOwnerId($layoutid, $regionid);
$regionAuth = $this->user->RegionAssignmentAuth($ownerId, $layoutid, $regionid, true);
if (!$regionAuth->edit) {
trigger_error(__('You do not have permissions to edit this region'), E_USER_ERROR);
}
Debug::LogEntry('audit', sprintf('Layoutid [%d] Regionid [%s]', $layoutid, $regionid), 'layout', 'ManualRegionPosition');
// Remove the "px" from them
$width = str_replace('px', '', $width);
$height = str_replace('px', '', $height);
$top = str_replace('px', '', $top);
$left = str_replace('px', '', $left);
// Create some options
$options = array(array('name' => 'transOut', 'value' => $transitionType), array('name' => 'transOutDuration', 'value' => $duration), array('name' => 'transOutDirection', 'value' => $direction));
// Edit the region
if (!$region->EditRegion($layoutid, $regionid, $width, $height, $top, $left, $regionName, $options)) {
trigger_error($region->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse('Region Resized', true, "index.php?p=layout&modify=true&layoutid={$layoutid}");
$response->Respond();
}
function Delete()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
$resolutionID = Kit::GetParam('resolutionid', _POST, _INT);
// Remove the resolution
$resObject = new Resolution($db);
if (!$resObject->Delete($resolutionID)) {
trigger_error($resObject->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse('Resolution deleted');
$response->Respond();
}
function ExchangeGridTokenForFormToken()
{
// Check our grid token against the one provided.
if (!Kit::CheckToken('gridToken')) {
die(__('Sorry the form has expired. Please refresh.'));
}
echo Kit::Token('token', false);
exit;
}
public function Verify()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$response = new ResponseManager();
try {
$dbh = PDOConnect::init();
$dbh->exec('UPDATE `media` SET valid = 0 WHERE moduleSystemFile = 1');
} catch (Exception $e) {
Debug::LogEntry('error', $e->getMessage());
if (!$this->IsError()) {
$this->SetError(1, __('Unknown Error'));
}
return false;
}
Media::installAllModuleFiles();
$response->SetFormSubmitResponse(__('Verified'), false);
$response->Respond();
}
function Edit()
{
$response = new ResponseManager();
// Check the token
if (!Kit::CheckToken()) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$data = new Setting();
// Get all of the settings in an array
$settings = Config::GetAll(NULL, array('userChange' => 1, 'userSee' => 1));
// Go through each setting, validate it and add it to the array
foreach ($settings as $setting) {
// Check to see if we have a setting that matches in the provided POST vars.
$value = Kit::GetParam($setting['setting'], _POST, $setting['type'], $setting['type'] == 'checkbox' ? NULL : $setting['default']);
// Check the library location setting
if ($setting['setting'] == 'LIBRARY_LOCATION') {
// Check for a trailing slash and add it if its not there
$value = rtrim($value, '/');
$value = rtrim($value, '\\') . DIRECTORY_SEPARATOR;
// Attempt to add the directory specified
if (!file_exists($value . 'temp')) {
// Make the directory with broad permissions recursively (so will add the whole path)
mkdir($value . 'temp', 0777, true);
}
if (!is_writable($value . 'temp')) {
trigger_error(__('The Library Location you have picked is not writeable'), E_USER_ERROR);
}
}
// Actually edit
if (!$data->Edit($setting['setting'], $value)) {
trigger_error($data->GetErrorMessage(), E_USER_ERROR);
}
}
$response->SetFormSubmitResponse(__('Settings Updated'), false);
$response->callBack = 'settingsUpdated';
$response->Respond();
}
/**
* Copys a layout
*/
public function Copy()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
$layoutid = Kit::GetParam('layoutid', _POST, _INT);
$layout = Kit::GetParam('layout', _POST, _STRING);
$description = Kit::GetParam('description', _POST, _STRING);
$copyMedia = Kit::GetParam('copyMediaFiles', _POST, _CHECKBOX);
Kit::ClassLoader('Layout');
$layoutObject = new Layout($db);
if (!$layoutObject->Copy($layoutid, $layout, $description, $user->userid, (bool) $copyMedia)) {
trigger_error($layoutObject->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('Layout Copied'));
$response->Respond();
}
/**
* Sets the Members of a group
* @return
*/
public function SetMembers()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$response = new ResponseManager();
Kit::ClassLoader('campaign');
$campaignObject = new Campaign($db);
$campaignId = Kit::GetParam('CampaignID', _REQUEST, _INT);
$layouts = Kit::GetParam('LayoutID', _POST, _ARRAY, array());
// Authenticate this user
$auth = $this->user->CampaignAuth($campaignId, true);
if (!$auth->edit) {
trigger_error(__('You do not have permission to edit this campaign'), E_USER_ERROR);
}
// Remove all current members
$campaignObject->UnlinkAll($campaignId);
// Add all new members
$displayOrder = 1;
foreach ($layouts as $layoutId) {
// Authenticate
$auth = $this->user->LayoutAuth($layoutId, true);
if (!$auth->view) {
trigger_error(__('Your permissions to view a layout you are adding have been revoked. Please reload the Layouts form.'), E_USER_ERROR);
}
$campaignObject->Link($campaignId, $layoutId, $displayOrder);
$displayOrder++;
}
$response->SetFormSubmitResponse(__('Layouts Added to Campaign'), false);
$response->Respond();
}
public function Edit()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$response = new ResponseManager();
// Can we edit?
if (Config::GetSetting('MODULE_CONFIG_LOCKED_CHECKB') == 'Checked') {
trigger_error(__('Module Config Locked'), E_USER_ERROR);
}
$moduleId = Kit::GetParam('ModuleID', _POST, _INT);
$validExtensions = Kit::GetParam('ValidExtensions', _POST, _STRING, '');
$imageUri = Kit::GetParam('ImageUri', _POST, _STRING);
$enabled = Kit::GetParam('Enabled', _POST, _CHECKBOX);
$previewEnabled = Kit::GetParam('PreviewEnabled', _POST, _CHECKBOX);
// Validation
if ($moduleId == 0 || $moduleId == '') {
trigger_error(__('Module ID is missing'), E_USER_ERROR);
}
if ($imageUri == '') {
trigger_error(__('Image Uri is a required field.'), E_USER_ERROR);
}
// Deal with the Edit
$SQL = "UPDATE `module` SET ImageUri = '%s', ValidExtensions = '%s', Enabled = %d, PreviewEnabled = %d WHERE ModuleID = %d";
$SQL = sprintf($SQL, $db->escape_string($imageUri), $db->escape_string($validExtensions), $enabled, $previewEnabled, $moduleId);
if (!$db->query($SQL)) {
trigger_error($db->error());
trigger_error(__('Unable to update module'), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('Module Edited'), false);
$response->Respond();
}
/**
* Deletes an Event from all displays
* @return
*/
public function DeleteDay()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
$displayGroupIds = Kit::GetParam('DisplayGroupIDs', _POST, _ARRAY, Kit::GetParam('DisplayGroupIDs', _SESSION, _ARRAY));
$date = Kit::GetParam('date', _POST, _INT, 0);
$dateString = date('Y-m-d', $date);
if ($date == 0) {
trigger_error(__('Day not selected'), E_USER_ERROR);
}
$events = $this->GetEventsForDay($date, $displayGroupIds);
// Create an object to use for the delete
$scheduleObject = new Schedule($db);
foreach ($events as $event) {
if ($event->editPermission) {
// Delete the entire schedule.
if (!$scheduleObject->Delete($event->eventID)) {
trigger_error($scheduleObject->GetErrorMessage(), E_USER_ERROR);
}
}
}
$response->SetFormSubmitResponse(sprintf(__('All events for %s have been deleted'), $dateString));
$response->callBack = 'CallGenerateCalendar';
$response->Respond();
}
public function RequestScreenShot()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$db =& $this->db;
$response = new ResponseManager();
$displayObject = new Display($db);
$displayId = Kit::GetParam('displayId', _POST, _INT);
if (!$displayObject->RequestScreenShot($displayId)) {
trigger_error($displayObject->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('Request Sent.'));
$response->Respond();
}
public function ScheduleNow()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$db =& $this->db;
$user =& $this->user;
$response = new ResponseManager();
$campaignId = Kit::GetParam('CampaignID', _POST, _INT, 0);
$displayGroupIds = Kit::GetParam('DisplayGroupIDs', _POST, _ARRAY);
$isPriority = Kit::GetParam('is_priority', _POST, _CHECKBOX);
$fromDt = time();
$hours = Kit::GetParam('hours', _POST, _INT, 0);
$minutes = Kit::GetParam('minutes', _POST, _INT, 0);
$seconds = Kit::GetParam('seconds', _POST, _INT, 0);
$duration = $hours * 3600 + $minutes * 60 + $seconds;
$displayOrder = Kit::GetParam('DisplayOrder', _POST, _INT);
// Validate
if ($campaignId == 0) {
trigger_error(__('No layout selected'), E_USER_ERROR);
}
if ($duration == 0) {
trigger_error(__('You must enter a duration'), E_USER_ERROR);
}
// check that at least one display has been selected
if ($displayGroupIds == '') {
trigger_error(__('No displays selected'), E_USER_ERROR);
}
if ($fromDt < time() - 86400) {
trigger_error(__('Your start time is in the past. Cannot schedule events in the past'), E_USER_ERROR);
}
$toDt = $fromDt + $duration;
// Ready to do the add
$scheduleObject = new Schedule($db);
if (!$scheduleObject->Add($displayGroupIds, $fromDt, $toDt, $campaignId, '', '', '', $isPriority, $this->user->userid, $displayOrder)) {
trigger_error($scheduleObject->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('The Event has been Scheduled'));
$response->Respond();
}
/**
* Sets the Members of a group
* @return
*/
public function SetMembers()
{
// Check the token
if (!Kit::CheckToken('assign_token')) {
trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
}
$db =& $this->db;
$response = new ResponseManager();
$campaignObject = new Campaign();
$campaignId = Kit::GetParam('CampaignID', _REQUEST, _INT);
$layouts = Kit::GetParam('LayoutID', _POST, _ARRAY, array());
// Authenticate this user
$auth = $this->user->CampaignAuth($campaignId, true);
if (!$auth->edit) {
trigger_error(__('You do not have permission to edit this campaign'), E_USER_ERROR);
}
// Get all current members
$currentMembers = Layout::Entries(NULL, array('campaignId' => $campaignId));
// Flatten
$currentLayouts = array_map(function ($element) {
return $element->layoutId;
}, $currentMembers);
// Work out which ones are NEW
$newLayouts = array_diff($currentLayouts, $layouts);
// Check permissions to all new layouts that have been selected
foreach ($newLayouts as $layoutId) {
// Authenticate
$auth = $this->user->LayoutAuth($layoutId, true);
if (!$auth->view) {
trigger_error(__('Your permissions to view a layout you are adding have been revoked. Please reload the Layouts form.'), E_USER_ERROR);
}
}
// Remove all current members
$campaignObject->UnlinkAll($campaignId);
// Add all new members
$displayOrder = 1;
foreach ($layouts as $layoutId) {
// By this point everything should be authenticated
$campaignObject->Link($campaignId, $layoutId, $displayOrder);
$displayOrder++;
}
$response->SetFormSubmitResponse(__('Layouts Added to Campaign'), false);
$response->Respond();
}
/**
* Set a users password
*/
public function SetPassword()
{
// Check the token
if (!Kit::CheckToken()) {
trigger_error('Token does not match', E_USER_ERROR);
}
$db =& $this->db;
$response = new ResponseManager();
$newPassword = Kit::GetParam('newPassword', _POST, _STRING);
$retypeNewPassword = Kit::GetParam('retypeNewPassword', _POST, _STRING);
$userId = Kit::GetParam('UserId', _POST, _INT);
// Check we are an admin
if ($this->user->usertypeid != 1) {
trigger_error(__('Trying to change the password for another user denied'), E_USER_ERROR);
}
Kit::ClassLoader('userdata');
$userData = new Userdata($db);
if (!$userData->ChangePassword($userId, null, $newPassword, $retypeNewPassword, true)) {
trigger_error($userData->GetErrorMessage(), E_USER_ERROR);
}
$response->SetFormSubmitResponse(__('Password Changed'));
$response->Respond();
}
