Beispiel #1
0
 public function __construct(database $db, User $user, $menu)
 {
     $this->db =& $db;
     $this->user =& $user;
     $this->ajax = Kit::GetParam('ajax', _REQUEST, _BOOL, false);
     $this->q = Kit::GetParam('q', _REQUEST, _WORD);
     $this->userid = Kit::GetParam('userid', _SESSION, _INT);
     $usertypeid = Kit::GetParam('usertype', _SESSION, _INT);
     if ($menu == '') {
         $this->message = __('No menu provided');
         return false;
     }
     if (!($this->theMenu = $user->MenuAuth($menu))) {
         $this->message = __('No permissions for this menu.');
         return false;
     }
     // Set some information about this menu
     $this->current = 0;
     $this->numberItems = count($this->theMenu);
     // We dont want to do 0 items
     if ($this->numberItems == 0) {
         $this->numberItems = -1;
     }
     $this->message = $this->numberItems . ' menu items loaded';
     return true;
 }
Beispiel #2
0
 function __construct(database $db, user $user)
 {
     $this->db =& $db;
     $this->user =& $user;
     $this->layoutid = Kit::GetParam('layoutid', _REQUEST, _INT);
     // Include the layout data class
     include_once "lib/data/layout.data.class.php";
     //if we have modify selected then we need to get some info
     if ($this->layoutid != '') {
         // get the permissions
         Debug::LogEntry('audit', 'Loading permissions for layoutid ' . $this->layoutid);
         $this->auth = $user->LayoutAuth($this->layoutid, true);
         if (!$this->auth->view) {
             trigger_error(__("You do not have permissions to view this layout"), E_USER_ERROR);
         }
         $sql = " SELECT layout, description, userid, retired, tags, xml FROM layout ";
         $sql .= sprintf(" WHERE layoutID = %d ", $this->layoutid);
         if (!($results = $db->query($sql))) {
             trigger_error($db->error());
             trigger_error(__("Cannot retrieve the Information relating to this layout. The layout may be corrupt."), E_USER_ERROR);
         }
         if ($db->num_rows($results) == 0) {
             $this->has_permissions = false;
         }
         while ($aRow = $db->get_row($results)) {
             $this->layout = Kit::ValidateParam($aRow[0], _STRING);
             $this->description = Kit::ValidateParam($aRow[1], _STRING);
             $this->retired = Kit::ValidateParam($aRow[3], _INT);
             $this->tags = Kit::ValidateParam($aRow[4], _STRING);
             $this->xml = $aRow[5];
         }
     }
 }
 public function __construct()
 {
     // Determine if this is an AJAX call or not
     $this->ajax = Kit::GetParam('ajax', _REQUEST, _BOOL, false);
     // Assume success
     $this->success = true;
     $this->clockUpdate = false;
     $this->focusInFirstInput = true;
     $this->appendHiddenSubmit = true;
     $this->uniqueReference = '';
     $this->buttons = '';
     $this->pageSize = 10;
     $this->pageNumber = 0;
     $this->initialSortColumn = 1;
     $this->initialSortOrder = 1;
     $this->modal = false;
     $this->extra = array();
     $this->dialogClass = '';
     // Start a DB transaction for all returns from the Web Portal
     try {
         $dbh = PDOConnect::init();
         if (!$dbh->inTransaction()) {
             $dbh->beginTransaction();
         }
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage());
         trigger_error(__('Unable to open connection and start transaction'), E_USER_ERROR);
     }
     return true;
 }
Beispiel #4
0
 protected function handle_form_data($file, $index)
 {
     // Handle form data, e.g. $_REQUEST['description'][$index]
     // Link the file to the module
     $name = $_REQUEST['name'][$index];
     $duration = $_REQUEST['duration'][$index];
     $layoutId = Kit::GetParam('layoutid', _REQUEST, _INT);
     $type = Kit::GetParam('type', _REQUEST, _WORD);
     Debug::LogEntry('audit', 'Upload complete for Type: ' . $type . ' and file name: ' . $file->name . '. Name: ' . $name . '. Duration:' . $duration);
     // We want to create a module for each of the uploaded files.
     // Do not pass in the region ID so that we only assign to the library and not to the layout
     try {
         $module = ModuleFactory::createForLibrary($type, $layoutId, $this->options['db'], $this->options['user']);
     } catch (Exception $e) {
         $file->error = $e->getMessage();
         exit;
     }
     // We want to add this item to our library
     if (!($storedAs = $module->AddLibraryMedia($file->name, $name, $duration, $file->name))) {
         $file->error = $module->GetErrorMessage();
     }
     // Set new file details
     $file->storedas = $storedAs;
     // Delete the file
     @unlink($this->get_upload_path($file->name));
 }
Beispiel #5
0
 function displayPage()
 {
     $db =& $this->db;
     $user =& $this->user;
     $error = Kit::GetParam('ErrorMessage', _SESSION, _HTMLSTRING, __('Unknown Error'));
     Theme::Set('ErrorMessage', $error);
     Theme::Render('error');
 }
Beispiel #6
0
 function displayPage()
 {
     $db =& $this->db;
     $user =& $this->user;
     $error = Kit::GetParam('ErrorMessage', _SESSION, _HTMLSTRING, __('Unknown Error'));
     echo __('There has been an application error.');
     echo $error;
     exit;
 }
Beispiel #7
0
 function modify()
 {
     $db =& $this->db;
     // Check the token
     if (!Kit::CheckToken()) {
         trigger_error('Token does not match', E_USER_ERROR);
     }
     $refer = Kit::GetParam('refer', _POST, _STRING);
     $usertype = Kit::GetParam('usertype', _SESSION, _INT);
     $ids = Kit::GetParam('id', _POST, _ARRAY);
     $values = Kit::GetParam('value', _POST, _ARRAY);
     $size = count($ids);
     if ($usertype != 1) {
         setMessage(__("Only admin users are allowed to modify settings"));
         return $refer;
     }
     // Get the SettingId for LIBRARY_LOCATION
     $SQL = sprintf("SELECT settingid FROM setting WHERE setting = '%s'", 'LIBRARY_LOCATION');
     if (!($result = $db->query($SQL))) {
         trigger_error($db->error());
         trigger_error(__('Cannot find the Library Location Setting - this is serious.'), E_USER_ERROR);
     }
     if ($db->num_rows($result) == 0) {
         trigger_error(__('Cannot find the Library Location Setting - this is serious.'), E_USER_ERROR);
     }
     $row = $db->get_row($result);
     $librarySettingId = $row[0];
     // Loop through and modify the settings
     for ($i = 0; $i < $size; $i++) {
         $value = Kit::ValidateParam($values[$i], _STRING);
         $id = $ids[$i];
         // Is this the library location setting
         if ($id == $librarySettingId) {
             // Check for a trailing slash and add it if its not there
             $value = rtrim($value, '/') . '/';
             // Attempt to add the directory specified
             if (!file_exists($value . 'temp')) {
                 // Make the directory with broad permissions recursively (so will add the whole path)
                 mkdir($value . 'temp', 0777, true);
             }
             if (!is_writable($value . 'temp')) {
                 trigger_error(__('The Library Location you have picked is not writable'), E_USER_ERROR);
             }
         }
         $SQL = sprintf("UPDATE setting SET value = '%s' WHERE settingid = %d ", $db->escape_string($value), $id);
         if (!$db->query($SQL)) {
             trigger_error($db->error());
             trigger_error(__('Update of settings failed.'), E_USER_ERROR);
         }
     }
     $response = new ResponseManager();
     $response->SetFormSubmitResponse(__('Settings Updated'), false);
     $response->Respond();
 }
 /**
  * Gets and Sets the Local 
  * @return 
  */
 public static function InitLocale()
 {
     $localeDir = 'locale';
     $default = Config::GetSetting('DEFAULT_LANGUAGE');
     global $transEngine;
     global $stream;
     //Debug::LogEntry('audit', 'IN', 'TranslationEngine', 'InitLocal');
     // Try to get the local firstly from _REQUEST (post then get)
     $lang = Kit::GetParam('lang', _REQUEST, _WORD, '');
     // Build an array of supported languages
     $supportedLangs = scandir($localeDir);
     if ($lang != '') {
         // Set the language
         Debug::LogEntry('audit', 'Set the Language from REQUEST [' . $lang . ']', 'TranslationEngine', 'InitLocal');
         // Is this language supported?
         // if not just use the default (eb_GB).
         if (!in_array($lang . '.mo', $supportedLangs)) {
             trigger_error(sprintf('Language not supported. %s', $lang));
             // Use the default language instead.
             $lang = $default;
         }
     } else {
         $langs = Kit::GetParam('HTTP_ACCEPT_LANGUAGE', $_SERVER, _STRING);
         if ($langs != '') {
             //Debug::LogEntry('audit', ' HTTP_ACCEPT_LANGUAGE [' . $langs . ']', 'TranslationEngine', 'InitLocal');
             $langs = explode(',', $langs);
             foreach ($langs as $lang) {
                 // Remove any quality rating (as we aren't interested)
                 $rawLang = explode(';', $lang);
                 $lang = str_replace("-", "_", $rawLang[0]);
                 if (in_array($lang . '.mo', $supportedLangs)) {
                     //Debug::LogEntry('audit', 'Obtained the Language from HTTP_ACCEPT_LANGUAGE [' . $lang . ']', 'TranslationEngine', 'InitLocal');
                     break;
                 }
                 // Set lang as the default
                 $lang = $default;
             }
         } else {
             $lang = $default;
         }
     }
     // We have the language
     //Debug::LogEntry('audit', 'Creating new file streamer for '. $localeDir . '/' . $lang . '.mo', 'TranslationEngine', 'InitLocal');
     if (!($stream = new CachedFileReader($localeDir . '/' . $lang . '.mo'))) {
         trigger_error('Unable to translate this language');
         $transEngine = false;
         return;
     }
     $transEngine = new gettext_reader($stream);
 }
Beispiel #9
0
 /**
  * Audit Log
  * @param string $entity
  * @param int $entityId
  * @param string $message
  * @param string|object|array $object
  */
 public static function audit($entity, $entityId, $message, $object)
 {
     \Debug::Audit(sprintf('Audit Trail message recorded for %s with id %d. Message: %s', $entity, $entityId, $message));
     if (self::$_auditLogStatement == null) {
         $dbh = \PDOConnect::newConnection();
         self::$_auditLogStatement = $dbh->prepare('
             INSERT INTO `auditlog` (logDate, userId, entity, message, entityId, objectAfter)
               VALUES (:logDate, :userId, :entity, :message, :entityId, :objectAfter)
         ');
     }
     // If we aren't a string then encode
     if (!is_string($object)) {
         $object = json_encode($object);
     }
     self::$_auditLogStatement->execute(array('logDate' => time(), 'userId' => \Kit::GetParam('userid', _SESSION, _INT, 0), 'entity' => $entity, 'message' => $message, 'entityId' => $entityId, 'objectAfter' => $object));
 }
Beispiel #10
0
 function __construct(database $db, user $user, $page)
 {
     $this->db =& $db;
     $this->user =& $user;
     $this->path = 'lib/pages/' . $page . '.class.php';
     $this->page = $page . 'DAO';
     $this->p = $page;
     $this->ajax = Kit::GetParam('ajax', _REQUEST, _BOOL, false);
     $this->q = Kit::GetParam('q', _REQUEST, _WORD);
     $this->userid = $this->user->userid;
     // Default not authorised
     $this->authed = false;
     // Create a theme
     new Theme($db, $user);
     Theme::SetPagename($this->p);
 }
Beispiel #11
0
 static function Redirect($page, $message = '', $pageIsUrl = false)
 {
     $url = $page;
     $ajax = Kit::GetParam('ajax', _REQUEST, _BOOL, false);
     if ($ajax) {
         echo json_encode($page);
         die;
     }
     // Header or JS redirect
     if (headers_sent()) {
         echo "<script>document.location.href='{$url}';</script>\n";
     } else {
         header('Location: ' . $url);
     }
     die;
 }
Beispiel #12
0
 /**
  * Outputs a help link
  * @return 
  * @param $topic Object[optional]
  * @param $category Object[optional]
  */
 public static function Link($topic = "", $category = "General")
 {
     // if topic is empty use the page name
     $topic = $topic == '' ? Kit::GetParam('p', _REQUEST, _WORD) : $topic;
     $topic = ucfirst($topic);
     // Get the link
     try {
         $dbh = PDOConnect::init();
         $sth = $dbh->prepare('SELECT Link FROM help WHERE Topic = :topic and Category = :cat');
         $sth->execute(array('topic' => $topic, 'cat' => $category));
         if (!($link = $sth->fetchColumn(0))) {
             $sth->execute(array('topic' => $topic, 'cat' => 'General'));
             $link = $sth->fetchColumn(0);
         }
         return Config::GetSetting('HELP_BASE') . $link;
     } catch (Exception $e) {
         return false;
     }
 }
Beispiel #13
0
 function __construct(database $db, user $user)
 {
     $this->db =& $db;
     $this->user =& $user;
     $this->layoutid = Kit::GetParam('layoutid', _REQUEST, _INT);
     //if we have modify selected then we need to get some info
     if ($this->layoutid != '') {
         // get the permissions
         Debug::LogEntry('audit', 'Loading permissions for layoutid ' . $this->layoutid);
         $layout = $this->user->LayoutList(NULL, array('layoutId' => $this->layoutid));
         if (count($layout) <= 0) {
             trigger_error(__('You do not have permissions to view this layout'), E_USER_ERROR);
         }
         $layout = $layout[0];
         $this->layout = $layout['layout'];
         $this->description = $layout['description'];
         $this->retired = $layout['retired'];
         $this->tags = $layout['tags'];
         $this->xml = $layout['xml'];
     }
 }
Beispiel #14
0
 /**
  * What action to perform?
  * @return
  */
 public function Exec()
 {
     // What module has been requested?
     $method = Kit::GetParam('method', _REQUEST, _WORD);
     $raw = Kit::GetParam('raw', _REQUEST, _WORD);
     if (method_exists($this->module, $method)) {
         $response = $this->module->{$method}();
     } else {
         // Set the error to display
         trigger_error(__('This Module does not exist'), E_USER_ERROR);
     }
     if ($raw == 'true') {
         echo $response;
         exit;
     } else {
         $response->Respond();
     }
 }
Beispiel #15
0
 /**
  * Get Resource
  */
 public function GetResource($displayId = 0)
 {
     // Load the HtmlTemplate
     $template = file_get_contents('modules/preview/HtmlTemplateForGetResource.html');
     // What is the data source for this ticker?
     $sourceId = $this->GetOption('sourceId', 1);
     // Information from the Module
     $direction = $this->GetOption('direction');
     $scrollSpeed = $this->GetOption('scrollSpeed');
     $fitText = $this->GetOption('fitText', 0);
     $itemsSideBySide = $this->GetOption('itemsSideBySide', 0);
     $duration = $this->duration;
     $durationIsPerItem = $this->GetOption('durationIsPerItem', 0);
     $numItems = $this->GetOption('numItems', 0);
     $takeItemsFrom = $this->GetOption('takeItemsFrom', 'start');
     $itemsPerPage = $this->GetOption('itemsPerPage', 0);
     // Get the text out of RAW
     $rawXml = new DOMDocument();
     $rawXml->loadXML($this->GetRaw());
     // Get the Text Node
     $textNodes = $rawXml->getElementsByTagName('template');
     $textNode = $textNodes->item(0);
     $text = $textNode->nodeValue;
     // Get the CSS Node
     $cssNodes = $rawXml->getElementsByTagName('css');
     if ($cssNodes->length > 0) {
         $cssNode = $cssNodes->item(0);
         $css = $cssNode->nodeValue;
     } else {
         $css = '';
     }
     $options = array('type' => 'ticker', 'sourceid' => $sourceId, 'direction' => $direction, 'duration' => $duration, 'durationIsPerItem' => $durationIsPerItem == 0 ? false : true, 'numItems' => $numItems, 'takeItemsFrom' => $takeItemsFrom, 'itemsPerPage' => $itemsPerPage, 'scrollSpeed' => $scrollSpeed, 'scaleMode' => $fitText == 0 ? 'scale' : 'fit', 'originalWidth' => $this->width, 'originalHeight' => $this->height, 'previewWidth' => Kit::GetParam('width', _GET, _DOUBLE, 0), 'previewHeight' => Kit::GetParam('height', _GET, _DOUBLE, 0));
     // Generate a JSON string of substituted items.
     if ($sourceId == 2) {
         $items = $this->GetDataSetItems($displayId, $text);
     } else {
         $items = $this->GetRssItems($text);
     }
     // Return empty string if there are no items to show.
     if (count($items) == 0) {
         return '';
     }
     // Work out how many pages we will be showing.
     $pages = $numItems;
     if ($numItems > count($items) || $numItems == 0) {
         $pages = count($items);
     }
     $pages = $itemsPerPage > 0 ? ceil($pages / $itemsPerPage) : $pages;
     $totalDuration = $durationIsPerItem == 0 ? $duration : $duration * $pages;
     $controlMeta = array('numItems' => $pages, 'totalDuration' => $totalDuration);
     // Replace and Control Meta options
     $template = str_replace('<!--[[[CONTROLMETA]]]-->', '<!-- NUMITEMS=' . $pages . ' -->' . PHP_EOL . '<!-- DURATION=' . $totalDuration . ' -->', $template);
     // Replace the head content
     $headContent = '<script type="text/javascript">';
     $headContent .= '   function init() { ';
     $headContent .= '       $("body").xiboRender(options, items);';
     $headContent .= '   } ';
     $headContent .= '	var options = ' . json_encode($options) . ';';
     $headContent .= '	var items = ' . json_encode($items) . ';';
     $headContent .= '</script>';
     if ($itemsSideBySide == 1) {
         $headContent .= '<style type="text/css">';
         $headContent .= ' .item, .page { float: left; }';
         $headContent .= '</style>';
     }
     // Add the CSS if it isn't empty
     if ($css != '') {
         $headContent .= '<style type="text/css">' . $css . '</style>';
     }
     // Replace the View Port Width?
     if (isset($_GET['preview'])) {
         $template = str_replace('[[ViewPortWidth]]', $this->width . 'px', $template);
     }
     // Replace the Head Content with our generated javascript
     $template = str_replace('<!--[[[HEADCONTENT]]]-->', $headContent, $template);
     // Replace the Body Content with our generated text
     $template = str_replace('<!--[[[BODYCONTENT]]]-->', '', $template);
     return $template;
 }
Beispiel #16
0
 public function RequestScreenShot()
 {
     // Check the token
     if (!Kit::CheckToken()) {
         trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
     }
     $db =& $this->db;
     $response = new ResponseManager();
     $displayObject = new Display($db);
     $displayId = Kit::GetParam('displayId', _POST, _INT);
     if (!$displayObject->RequestScreenShot($displayId)) {
         trigger_error($displayObject->GetErrorMessage(), E_USER_ERROR);
     }
     $response->SetFormSubmitResponse(__('Request Sent.'));
     $response->Respond();
 }
Beispiel #17
0
 /**
  * Get Resource
  */
 public function GetResource($displayId = 0)
 {
     $proportional = Kit::GetParam('proportional', _GET, _BOOL, true);
     $thumb = Kit::GetParam('thumb', _GET, _BOOL, false);
     $dynamic = isset($_REQUEST['dynamic']);
     $file = $this->storedAs;
     $width = intval(Kit::GetParam('width', _REQUEST, _DOUBLE, 80));
     $height = intval(Kit::GetParam('height', _REQUEST, _DOUBLE, 80));
     // File upload directory.. get this from the settings object
     $library = Config::GetSetting("LIBRARY_LOCATION");
     $fileName = $library . $file;
     Debug::Audit(sprintf('Image Request %dx%d %s. Thumb: %s', $width, $height, $fileName, $thumb));
     // If we are a thumb request then output the cached thumbnail
     if ($thumb) {
         $fileName = $library . sprintf('tn_%dx%d_%s', $width, $height, $file);
         // If the thumbnail doesn't exist then create one
         if (!file_exists($fileName)) {
             Debug::LogEntry('audit', 'File doesnt exist, creating a thumbnail for ' . $fileName);
             if (!($info = getimagesize($library . $file))) {
                 die($library . $file . ' is not an image');
             }
             ResizeImage($library . $file, $fileName, $width, $height, $proportional, 'file');
         }
     }
     // Get the info for this new temporary file
     if (!($info = getimagesize($fileName))) {
         $fileName = 'theme/default/img/forms/filenotfound.png';
         $this->ReturnFile($fileName);
         exit;
     }
     if ($dynamic && !$thumb && $info[2]) {
         $width = intval(Kit::GetParam('width', _REQUEST, _DOUBLE, 80));
         $height = intval(Kit::GetParam('height', _REQUEST, _DOUBLE, 80));
         // dynamically create an image of the correct size - used for previews
         ResizeImage($fileName, '', $width, $height, $proportional, 'browser');
         exit;
     }
     if (!file_exists($fileName)) {
         //not sure
         Debug::LogEntry('audit', "Cant find: {$uid}", 'module', 'GetResource');
         $fileName = 'theme/default/img/forms/filenotfound.png';
     }
     $this->ReturnFile($fileName);
     exit;
 }
Beispiel #18
0
 /**
  * Logs out a user
  * @return 
  */
 function LogoutUser()
 {
     // Check the token
     if (!Kit::CheckToken()) {
         trigger_error(__('Sorry the form has expired. Please refresh.'), E_USER_ERROR);
     }
     $db =& $this->db;
     //ajax request handler
     $response = new ResponseManager();
     $userID = Kit::GetParam('userid', _POST, _INT);
     $SQL = sprintf("UPDATE session SET IsExpired = 1 WHERE userID = %d", $userID);
     if (!$db->query($SQL)) {
         trigger_error($db->error());
         trigger_error(__("Unable to log out this user"), E_USER_ERROR);
     }
     $response->SetFormSubmitResponse(__('User Logged Out.'));
     $response->Respond();
 }
Beispiel #19
0
 /**
  * List of Displays this user has access to view
  */
 public function DisplayList($sort_order = array('displayid'), $filter_by = array(), $auth_level = 'view')
 {
     $SQL = 'SELECT display.displayid, ';
     $SQL .= '    display.display, ';
     $SQL .= '    layout.layout, ';
     $SQL .= '    display.loggedin, ';
     $SQL .= '    IFNULL(display.lastaccessed, 0) AS lastaccessed, ';
     $SQL .= '    display.inc_schedule, ';
     $SQL .= '    display.licensed, ';
     $SQL .= '    display.email_alert, ';
     $SQL .= '    displaygroup.DisplayGroupID, ';
     $SQL .= '    display.ClientAddress, ';
     $SQL .= '    display.MediaInventoryStatus, ';
     $SQL .= '    display.MacAddress, ';
     $SQL .= '    display.client_type, ';
     $SQL .= '    display.client_version, ';
     $SQL .= '    display.client_code ';
     $SQL .= '  FROM display ';
     $SQL .= '    INNER JOIN lkdisplaydg ON lkdisplaydg.DisplayID = display.DisplayID ';
     $SQL .= '    INNER JOIN displaygroup ON displaygroup.DisplayGroupID = lkdisplaydg.DisplayGroupID ';
     $SQL .= '    LEFT OUTER JOIN layout ON layout.layoutid = display.defaultlayoutid ';
     if (Kit::GetParam('displaygroupid', $filter_by, _INT) != 0) {
         // Restrict to a specific display group
         $SQL .= sprintf(' WHERE displaygroup.displaygroupid = %d ', Kit::GetParam('displaygroupid', $filter_by, _INT));
     } else {
         // Restrict to display specific groups
         $SQL .= ' WHERE displaygroup.IsDisplaySpecific = 1 ';
     }
     // Filter by Display ID?
     if (Kit::GetParam('displayid', $filter_by, _INT) != 0) {
         $SQL .= sprintf(' AND display.displayid = %d ', Kit::GetParam('displayid', $filter_by, _INT));
     }
     // Exclude a group?
     if (Kit::GetParam('exclude_displaygroupid', $filter_by, _INT) != 0) {
         $SQL .= " AND display.DisplayID NOT IN ";
         $SQL .= "       (SELECT display.DisplayID ";
         $SQL .= "       FROM    display ";
         $SQL .= "               INNER JOIN lkdisplaydg ";
         $SQL .= "               ON      lkdisplaydg.DisplayID = display.DisplayID ";
         $SQL .= sprintf("   WHERE  lkdisplaydg.DisplayGroupID   = %d ", Kit::GetParam('exclude_displaygroupid', $filter_by, _INT));
         $SQL .= "       )";
     }
     // Sorting?
     if (is_array($sort_order)) {
         $SQL .= 'ORDER BY ' . implode(',', $sort_order);
     }
     if (!($result = $this->db->query($SQL))) {
         trigger_error($this->db->error());
         return false;
     }
     $displays = array();
     while ($row = $this->db->get_assoc_row($result)) {
         $displayItem = array();
         // Validate each param and add it to the array.
         $displayItem['displayid'] = Kit::ValidateParam($row['displayid'], _INT);
         $displayItem['display'] = Kit::ValidateParam($row['display'], _STRING);
         $displayItem['layout'] = Kit::ValidateParam($row['layout'], _STRING);
         $displayItem['loggedin'] = Kit::ValidateParam($row['loggedin'], _INT);
         $displayItem['lastaccessed'] = Kit::ValidateParam($row['lastaccessed'], _STRING);
         $displayItem['inc_schedule'] = Kit::ValidateParam($row['inc_schedule'], _INT);
         $displayItem['licensed'] = Kit::ValidateParam($row['licensed'], _INT);
         $displayItem['email_alert'] = Kit::ValidateParam($row['email_alert'], _INT);
         $displayItem['displaygroupid'] = Kit::ValidateParam($row['DisplayGroupID'], _INT);
         $displayItem['clientaddress'] = Kit::ValidateParam($row['ClientAddress'], _STRING);
         $displayItem['mediainventorystatus'] = Kit::ValidateParam($row['MediaInventoryStatus'], _INT);
         $displayItem['macaddress'] = Kit::ValidateParam($row['MacAddress'], _STRING);
         $displayItem['client_type'] = Kit::ValidateParam($row['client_type'], _STRING);
         $displayItem['client_version'] = Kit::ValidateParam($row['client_version'], _STRING);
         $displayItem['client_code'] = Kit::ValidateParam($row['client_code'], _STRING);
         $auth = $this->DisplayGroupAuth($displayItem['displaygroupid'], true);
         if ($auth->view) {
             // If auth level = edit and we don't have edit, then leave them off
             if ($auth_level == 'edit' && !$auth->edit) {
                 continue;
             }
             $displayItem['view'] = (int) $auth->view;
             $displayItem['edit'] = (int) $auth->edit;
             $displayItem['del'] = (int) $auth->del;
             $displayItem['modifypermissions'] = (int) $auth->modifyPermissions;
             $displays[] = $displayItem;
         }
     }
     return $displays;
 }
Beispiel #20
0
 /**
  * GetParam
  * @param <string> $param
  * @param <int> $type
  * @param <type> $default
  * @return <type>
  */
 protected function GetParam($param, $type, $default = null)
 {
     return Kit::GetParam($param, $this->POST, $type, $default);
 }
Beispiel #21
0
 * the Free Software Foundation, either version 3 of the License, or
 * any later version.
 *
 * Xibo is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with Xibo.  If not, see <http://www.gnu.org/licenses/>.
 */
DEFINE('XIBO', true);
include_once "lib/xmds.inc.php";
$method = Kit::GetParam('method', _REQUEST, _WORD, '');
$service = Kit::GetParam('service', _REQUEST, _WORD, 'rest');
$response = Kit::GetParam('response', _REQUEST, _WORD, 'xml');
$serviceResponse = new XiboServiceResponse();
// Is the WSDL being requested.
if (isset($_GET['wsdl']) || isset($_GET['WSDL'])) {
    $serviceResponse->WSDL();
}
// Is the XRDS being requested
if (isset($_GET['xrds'])) {
    $serviceResponse->XRDS();
}
if (defined('XMDS')) {
    $service = 'soap';
}
// Check to see if we are going to consume a service (if we came from xmds.php then we will always use the SOAP service)
if (defined('XMDS') || $method != '') {
    // Create a service to handle the method
Beispiel #22
0
 /**
  * Return file based media items to the browser for Download/Preview
  * @return
  * @param $download Boolean
  */
 public function ReturnFile($fileName = '')
 {
     // Return the raw flash file with appropriate headers
     $library = Config::GetSetting("LIBRARY_LOCATION");
     # If we weren't passed in a filename then use the default
     if ($fileName == '') {
         $fileName = $library . $this->storedAs;
     }
     $download = Kit::GetParam('download', _REQUEST, _BOOLEAN, false);
     $downloadFromLibrary = Kit::GetParam('downloadFromLibrary', _REQUEST, _BOOLEAN, false);
     $size = filesize($fileName);
     if ($download) {
         header('Content-Type: application/octet-stream');
         header("Content-Transfer-Encoding: Binary");
         header("Content-disposition: attachment; filename=\"" . ($downloadFromLibrary ? $this->originalFilename : basename($fileName)) . "\"");
     } else {
         $fi = new finfo(FILEINFO_MIME_TYPE);
         $mime = $fi->file($fileName);
         header("Content-Type: {$mime}");
     }
     //Output a header
     header('Pragma: public');
     header('Cache-Control: max-age=86400');
     header('Expires: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', time() + 86400));
     header('Content-Length: ' . $size);
     // Send via Apache X-Sendfile header?
     if (Config::GetSetting('SENDFILE_MODE') == 'Apache') {
         header("X-Sendfile: {$fileName}");
         exit;
     }
     // Send via Nginx X-Accel-Redirect?
     if (Config::GetSetting('SENDFILE_MODE') == 'Nginx') {
         header("X-Accel-Redirect: /download/" . basename($fileName));
         exit;
     }
     // Return the file with PHP
     // Disable any buffering to prevent OOM errors.
     @ob_end_clean();
     readfile($fileName);
 }
Beispiel #23
0
 /**
  * Edit Media in the Database
  * @return
  */
 public function EditMedia()
 {
     $this->response = new ResponseManager();
     $db =& $this->db;
     $layoutid = $this->layoutid;
     $regionid = $this->regionid;
     $mediaid = $this->mediaid;
     if (!$this->auth->edit) {
         $this->response->SetError('You do not have permission to edit this assignment.');
         $this->response->keepOpen = false;
         return $this->response;
     }
     $windowsCommand = Kit::GetParam('windowsCommand', _POST, _STRING);
     $linuxCommand = Kit::GetParam('linuxCommand', _POST, _STRING);
     if ($windowsCommand == '' && $linuxCommand == '') {
         $this->response->SetError('You must enter a command');
         $this->response->keepOpen = true;
         return $this->response;
     }
     // Any Options
     $this->duration = 1;
     $this->SetOption('windowsCommand', urlencode($windowsCommand));
     $this->SetOption('linuxCommand', urlencode($linuxCommand));
     // Should have built the media object entirely by this time
     // This saves the Media Object to the Region
     $this->UpdateRegion();
     // Set this as the session information
     setSession('content', 'type', 'shellcommand');
     if ($this->showRegionOptions) {
         // We want to load a new form
         $this->response->loadForm = true;
         $this->response->loadFormUri = "index.php?p=timeline&layoutid={$layoutid}&regionid={$regionid}&q=RegionOptions";
     }
     return $this->response;
 }
Beispiel #24
0
 /**
  * Set this templates permissions
  */
 public function Permissions()
 {
     // Check the token
     if (!Kit::CheckToken()) {
         trigger_error('Token does not match', E_USER_ERROR);
     }
     $db =& $this->db;
     $user =& $this->user;
     $response = new ResponseManager();
     $templateId = Kit::GetParam('templateid', _POST, _INT);
     if ($templateId == 0) {
         trigger_error(__('No template selected'), E_USER_ERROR);
     }
     // Is this user allowed to delete this template?
     $auth = $this->user->TemplateAuth($templateId, true);
     $groupIds = Kit::GetParam('groupids', _POST, _ARRAY);
     // Unlink all
     Kit::ClassLoader('templategroupsecurity');
     $security = new TemplateGroupSecurity($db);
     if (!$security->UnlinkAll($templateId)) {
         trigger_error(__('Unable to set permissions'), E_USER_ERROR);
     }
     // Some assignments for the loop
     $lastGroupId = 0;
     $first = true;
     $view = 0;
     $edit = 0;
     $del = 0;
     // List of groupIds with view, edit and del assignments
     foreach ($groupIds as $groupPermission) {
         $groupPermission = explode('_', $groupPermission);
         $groupId = $groupPermission[0];
         if ($first) {
             // First time through
             $first = false;
             $lastGroupId = $groupId;
         }
         if ($groupId != $lastGroupId) {
             // The groupId has changed, so we need to write the current settings to the db.
             // Link new permissions
             if (!$security->Link($templateId, $lastGroupId, $view, $edit, $del)) {
                 trigger_error(__('Unable to set permissions'), E_USER_ERROR);
             }
             // Reset
             $lastGroupId = $groupId;
             $view = 0;
             $edit = 0;
             $del = 0;
         }
         switch ($groupPermission[1]) {
             case 'view':
                 $view = 1;
                 break;
             case 'edit':
                 $edit = 1;
                 break;
             case 'del':
                 $del = 1;
                 break;
         }
     }
     // Need to do the last one
     if (!$first) {
         if (!$security->Link($templateId, $lastGroupId, $view, $edit, $del)) {
             trigger_error(__('Unable to set permissions'), E_USER_ERROR);
         }
     }
     $response->SetFormSubmitResponse(__('Permissions Changed'));
     $response->Respond();
 }
Beispiel #25
0
}
// Setup the translations for gettext
TranslationEngine::InitLocale();
// Create login control system
require_once 'modules/' . Config::GetSetting("userModule");
// Page variable set? Otherwise default to index
$page = Kit::GetParam('p', _REQUEST, _WORD, 'index');
$function = Kit::GetParam('q', _REQUEST, _WORD);
// Does the version in the DB match the version of the code?
// If not then we need to run an upgrade. Change the page variable to upgrade
if (DBVERSION != WEBSITE_VERSION && !($page == 'index' && $function == 'login' || $page == 'error')) {
    require_once 'install/upgradestep.class.php';
    $page = 'upgrade';
    if (Kit::GetParam('includes', _POST, _BOOL)) {
        $upgradeFrom = Kit::GetParam('upgradeFrom', _POST, _INT);
        $upgradeTo = Kit::GetParam('upgradeTo', _POST, _INT);
        for ($i = $upgradeFrom + 1; $i <= $upgradeTo; $i++) {
            if (file_exists('install/database/' . $i . '.php')) {
                include_once 'install/database/' . $i . '.php';
            }
        }
    }
}
// Create a Session
$session = new Session();
// Work out the location of this service
$serviceLocation = Kit::GetXiboRoot();
// OAuth
require_once 'lib/oauth.inc.php';
// Assign the page name to the session
$session->set_page(session_id(), $page);
Beispiel #26
0
 public function Import()
 {
     $db =& $this->db;
     $response = new ResponseManager();
     // What are we importing?
     $template = Kit::GetParam('template', _POST, _STRING, 'false');
     $template = $template == 'true';
     $layout = Kit::GetParam('layout', _POST, _STRING);
     $replaceExisting = Kit::GetParam('replaceExisting', _POST, _CHECKBOX);
     $importTags = Kit::GetParam('importTags', _POST, _CHECKBOX, !$template);
     // File data
     $tmpName = Kit::GetParam('hidFileID', _POST, _STRING);
     if ($tmpName == '') {
         trigger_error(__('Please ensure you have picked a file and it has finished uploading'), E_USER_ERROR);
     }
     // File name and extension (orignial name)
     $fileName = Kit::GetParam('txtFileName', _POST, _STRING);
     $fileName = basename($fileName);
     $ext = strtolower(substr(strrchr($fileName, "."), 1));
     // File upload directory.. get this from the settings object
     $fileLocation = Config::GetSetting('LIBRARY_LOCATION') . 'temp/' . $tmpName;
     Kit::ClassLoader('layout');
     $layoutObject = new Layout($this->db);
     if (!$layoutObject->Import($fileLocation, $layout, $this->user->userid, $template, $replaceExisting, $importTags)) {
         trigger_error($layoutObject->GetErrorMessage(), E_USER_ERROR);
     }
     $response->SetFormSubmitResponse(__('Layout Imported'));
     $response->Respond();
 }
 /**
  * Deletes a Group
  * @return 
  */
 function Delete()
 {
     // Check the token
     if (!Kit::CheckToken()) {
         trigger_error('Token does not match', E_USER_ERROR);
     }
     $response = new ResponseManager();
     $displayProfile = new DisplayProfile();
     $displayProfile->displayProfileId = Kit::GetParam('displayprofileid', _POST, _INT);
     if (!$displayProfile->Load()) {
         trigger_error($displayProfile->GetErrorMessage(), E_USER_ERROR);
     }
     if ($this->user->usertypeid != 1 && $this->user->userid != $displayProfile->userId) {
         trigger_error(__('You do not have permission to edit this profile'), E_USER_ERROR);
     }
     if (!$displayProfile->Delete($displayProfile->displayProfileId)) {
         trigger_error($displayProfile->GetErrorMessage(), E_USER_ERROR);
     }
     $response->SetFormSubmitResponse(__('Display Profile Deleted'), false);
     $response->Respond();
 }
Beispiel #28
0
 function forgotten()
 {
     //Called by a submit to the Forgotten Details form
     //	Checks the validity of the data provided, and emails a new password to the user
     $db =& $this->db;
     $username = Kit::GetParam('f_username', _POST, _USERNAME);
     $email = Kit::GetParam('f_email', _POST, _STRING);
     $return = "index.php";
     if ($username == "" || $email == "") {
         setMessage("Username and Email address need to be filled in");
         return $return;
     }
     //send the email
     $from = Config::GetSetting("mail_from");
     if ($from == "") {
         setMessage("Email is not set up, please contact your IT manager");
         return $return;
     }
     //check the user details
     $SQL = sprintf("SELECT userid FROM user WHERE username = '******' AND email = '%s'", $db->escape_string($username), $db->escape_string($email));
     if (!($results = $db->query($SQL))) {
         trigger_error($db->error);
         trigger_error("Can not get the user information", E_USER_ERROR);
     }
     if ($db->num_rows($results) < 0 || $db->num_rows($results) > 1) {
         setMessage("The details you entered are incorrect.");
         return $return;
     }
     $row = $db->get_row($results);
     $userid = Kit::ValidateParam($row[0], _INT);
     //user ID for the user that wants a new password
     $password_plain = $this->random_word(8);
     //generate a new password
     $password = md5($password_plain);
     //update the password
     $SQL = sprintf("UPDATE user SET UserPassword = '******' WHERE userid = %d", $db->escape_string($password), $userid);
     if (!$db->query($SQL)) {
         trigger_error($db->error());
         trigger_error("Unable to send new password", E_USER_ERROR);
     }
     $headers = "From: {$from}" . "\r\n" . "Reply-To: {$from}" . "\r\n" . "X-Mailer: PHP/" . phpversion();
     if (!@mail($email, "Xibo: New Password request for {$username}", "Your new password is {$password_plain} \n  . You may now login with these details.", $headers)) {
         setMessage("Email is not set up, please contact your IT manager");
         return $return;
     }
     setMessage("New Password Sent to your email address");
     return $return;
 }
Beispiel #29
0
 /**
  * Show the library
  * @return 
  */
 function LayoutAssignView()
 {
     $db =& $this->db;
     $user =& $this->user;
     $response = new ResponseManager();
     //Input vars
     $name = Kit::GetParam('filter_name', _POST, _STRING);
     $tags = Kit::GetParam('filter_tags', _POST, _STRING);
     // Get a list of media
     $layoutList = $user->LayoutList(NULL, array('layout' => $name, 'tags' => $tags));
     $cols = array(array('name' => 'layout', 'title' => __('Name')));
     Theme::Set('table_cols', $cols);
     $rows = array();
     // Add some extra information
     foreach ($layoutList as $row) {
         $row['list_id'] = 'LayoutID_' . $row['layoutid'];
         $row['assign_icons'][] = array('assign_icons_class' => 'layout_assign_list_select');
         $row['dataAttributes'] = array(array('name' => 'rowid', 'value' => $row['list_id']), array('name' => 'litext', 'value' => $row['layout']));
         $rows[] = $row;
     }
     Theme::Set('table_rows', $rows);
     // Render the Theme
     $response->SetGridResponse(Theme::RenderReturn('table_render'));
     $response->callBack = 'LayoutAssignCallback';
     $response->pageSize = 5;
     $response->Respond();
 }
Beispiel #30
0
 /**
  * Outputs a CSV of stats
  * @return 
  */
 public function OutputCSV()
 {
     $db =& $this->db;
     $output = '';
     // We are expecting some parameters
     $fromdt = Kit::GetParam('fromdt', _POST, _STRING);
     $todt = Kit::GetParam('todt', _POST, _STRING);
     $displayID = Kit::GetParam('displayid', _POST, _INT);
     if ($fromdt == $todt) {
         $todt = date("Y-m-d", strtotime($todt) + 86399);
     }
     // We want to output a load of stuff to the browser as a text file.
     header('Content-Type: text/csv');
     header('Content-Disposition: attachment; filename="stats.csv"');
     header("Content-Transfer-Encoding: binary");
     header('Accept-Ranges: bytes');
     // Get an array of display id this user has access to.
     $displays = $this->user->DisplayList();
     $display_ids = array();
     foreach ($displays as $display) {
         $display_ids[] = $display['displayid'];
     }
     if (count($display_ids) <= 0) {
         echo __('No displays with View permissions');
         exit;
     }
     $SQL = 'SELECT stat.*, display.Display, layout.Layout, media.Name AS MediaName ';
     $SQL .= '  FROM stat ';
     $SQL .= '  INNER JOIN display ON stat.DisplayID = display.DisplayID ';
     $SQL .= '  INNER JOIN layout ON layout.LayoutID = stat.LayoutID ';
     $SQL .= '  LEFT OUTER JOIN media ON media.mediaID = stat.mediaID ';
     $SQL .= ' WHERE 1=1 ';
     $SQL .= sprintf("  AND stat.end > '%s' ", $fromdt);
     $SQL .= sprintf("  AND stat.start <= '%s' ", $todt);
     $SQL .= ' AND stat.displayID IN (' . implode(',', $display_ids) . ') ';
     if ($displayID != 0) {
         $SQL .= sprintf("  AND stat.displayID = %d ", $displayID);
     }
     $SQL .= " ORDER BY stat.start ";
     Debug::LogEntry('audit', $SQL, 'Stats', 'OutputCSV');
     if (!($result = $db->query($SQL))) {
         trigger_error($db->error());
         trigger_error('Failed to query for Stats.', E_USER_ERROR);
     }
     // Header row
     $output .= "Type, FromDT, ToDT, Layout, Display, Media, Tag\n";
     while ($row = $db->get_assoc_row($result)) {
         // Read the columns
         $type = Kit::ValidateParam($row['Type'], _STRING);
         $fromdt = Kit::ValidateParam($row['start'], _STRING);
         $todt = Kit::ValidateParam($row['end'], _STRING);
         $layout = Kit::ValidateParam($row['Layout'], _STRING);
         $display = Kit::ValidateParam($row['Display'], _STRING);
         $media = Kit::ValidateParam($row['MediaName'], _STRING);
         $tag = Kit::ValidateParam($row['Tag'], _STRING);
         $output .= "{$type}, {$fromdt}, {$todt}, {$layout}, {$display}, {$media}, {$tag}\n";
     }
     //Debug::LogEntry('audit', 'Output: ' . $output, 'Stats', 'OutputCSV');
     echo $output;
     exit;
 }