function get_zp_user_id() { $zp_users = OA_Dal::factoryDO('Zpusers'); $zp_user_id = $zp_users->get_zp_user_id(OA_Permission::getUserId()); if (!$zp_user_id) { $zp_user_id = zp_api_common_uuid(); $zp_users->set_zp_user_id($zp_user_id); } return $zp_user_id; }
require_once MAX_PATH . '/lib/max/Admin/Languages.php'; require_once MAX_PATH . '/lib/max/Plugin/Translation.php'; require_once MAX_PATH . '/www/admin/config.php'; // Security check OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER); // Create a new option object for displaying the setting's page's HTML form $oOptions = new OA_Admin_Option('user'); // Prepare an array for storing error messages $aErrormessage = array(); // If the settings page is a submission, deal with the form data if (isset($_POST['submitok']) && $_POST['submitok'] == 'true') { // Register input variables phpAds_registerGlobalUnslashed('pwold', 'pw', 'pw2'); // Get the DB_DataObject for the current user $doUsers = OA_Dal::factoryDO('users'); $doUsers->get(OA_Permission::getUserId()); // Set defaults $changePassword = false; // Get the current authentication plugin instance $oPlugin = OA_Auth::staticGetAuthPlugin(); // Check password if (!isset($pwold) || !$oPlugin->checkPassword(OA_Permission::getUsername(), $pwold)) { $aErrormessage[0][] = $GLOBALS['strPasswordWrong']; } if (isset($pw) && strlen($pw) || isset($pw2) && strlen($pw2)) { if (!strlen($pw) || strstr("\\", $pw)) { $aErrormessage[0][] = $GLOBALS['strInvalidPassword']; } elseif (strcmp($pw, $pw2)) { $aErrormessage[0][] = $GLOBALS['strNotSamePasswords']; } else { $changePassword = true;
/** * A static method to load the current account's preferences from the * database and store them in the global array $GLOBALS['_MAX']['PREF']. * * @static * @param boolean $loadExtraInfo An optional parameter, when set to true, * the array of preferences is loaded as * an array of arrays, indexed by preference * key, containing the preference "value" and * "account_type" information. When not set, * the preferences are loaded as a * one-dimensional array of values, indexed * by preference key. * @param boolean $return An optional parameter, when set to true, * returns the preferences instead of setting * them into $GLOBALS['_MAX']['PREF']. * @param boolean $parentOnly An optional parameter, when set to true, * only loads those preferences that are * inherited from parent accounts, not preferences * at the current account level. If the current * account is the admin account, and this option * is true, no preferences will be loaded! * @param boolean $loadAdminOnly An optional parameter, when set to true, loads * the admin preferences only, EVEN IF NO ACCUONT * IS LOGGED IN. If set to true, REQUIRES that the * $parentOnly parameter is false. Should only * ever be set when called from * OA_Preferences::loadAdminAccountPreferences(). * @param integer $accountId An optional account ID, when set, the preferences * for this account will be loaded, provided there * is no currently logged in account. * @return mixed The array of preferences if $return is true, otherwise null. */ function loadPreferences($loadExtraInfo = false, $return = false, $parentOnly = false, $loadAdminOnly = false, $accountId = null) { $aConf = $GLOBALS['_MAX']['CONF']; // Ensure $parentOnly and $loadAdminOnly are correctly set if ($parentOnly && $loadAdminOnly) { // Cannot both be true! OA_Preferences::_unsetPreferences(); return; } // Only worry about the current account type and if a user is logged // in if $loadAdminOnly == false if ($loadAdminOnly == false) { // Get the type of the current accout $currentAccountType = OA_Permission::getAccountType(); // If no user logged in, and we are supposed to load a specific account's // preferences, load the account type of that specific account if (empty($currentAccountType) && is_numeric($accountId)) { // Get the account type for the specified account $doAccounts = OA_Dal::factoryDO('accounts'); $doAccounts->account_id = $accountId; $doAccounts->find(); if ($doAccounts->getRowCount() > 0) { $aCurrentAccountType = $doAccounts->getAll(array('account_type'), false, true); $currentAccountType = $aCurrentAccountType[0]; } } // If (still) no user logged in or invalid specific account, return if (is_null($currentAccountType) || $currentAccountType == false) { OA_Preferences::_unsetPreferences(); return; } } // Get all of the preference types that exist $doPreferences = OA_Dal::factoryDO('preferences'); $aPreferenceTypes = $doPreferences->getAll(array(), true); // Are there any preference types in the system? if (empty($aPreferenceTypes)) { OA_Preferences::_unsetPreferences(); return; } // Get the admin account's ID, as this will be required $adminAccountId = OA_Dal_ApplicationVariables::get('admin_account_id'); // Get the admin account's preferences, as these are always required $aAdminPreferenceValues = OA_Preferences::_getPreferenceValues($adminAccountId); if (empty($aAdminPreferenceValues)) { OA_Preferences::_unsetPreferences(); return; } // Prepare an array to store the preferences that should // eventually be set in the global array $aPreferences = array(); // Put the admin account's preferences into the temporary // storage array for preferences if ($loadAdminOnly == true || !($currentAccountType == OA_ACCOUNT_ADMIN && $parentOnly)) { OA_Preferences::_setPreferences($aPreferences, $aPreferenceTypes, $aAdminPreferenceValues, $loadExtraInfo); } // Is the current account NOT the admin account? if ($loadAdminOnly == false && $currentAccountType != OA_ACCOUNT_ADMIN) { // Is the current account not a manager account? if ($currentAccountType == OA_ACCOUNT_MANAGER) { // This is a manager account if (!$parentOnly) { // Locate the owning manager account ID if (!is_numeric($accountId)) { $managerAccountId = OA_Permission::getAccountId(); } else { $managerAccountId = $accountId; } if ($managerAccountId == 0) { OA_Preferences::_unsetPreferences(); return; } // Get the manager account's preference values $aManagerPreferenceValues = OA_Preferences::_getPreferenceValues($managerAccountId); // Merge the preference values into the temporary // storage array for preferences OA_Preferences::_setPreferences($aPreferences, $aPreferenceTypes, $aManagerPreferenceValues, $loadExtraInfo); } } else { // This must be an advertiser or trafficker account, so // need to locate the manager account that "owns" this account if (!is_numeric($accountId)) { $owningAgencyId = OA_Permission::getAgencyId(); } else { $owningAgencyId = 0; if ($currentAccountType == OA_ACCOUNT_ADVERTISER) { $doClients = OA_Dal::factoryDO('clients'); $doClients->account_id = $accountId; $doClients->find(); if ($doClients->getRowCount() == 1) { $aOwningAgencyId = $doClients->getAll(array('agencyid'), false, true); $owningAgencyId = $aOwningAgencyId[0]; } } else { if ($currentAccountType == OA_ACCOUNT_TRAFFICKER) { $doAffiliates = OA_Dal::factoryDO('affiliates'); $doAffiliates->account_id = $accountId; $doAffiliates->find(); if ($doAffiliates->getRowCount() == 1) { $aOwningAgencyId = $doAffiliates->getAll(array('agencyid'), false, true); $owningAgencyId = $aOwningAgencyId[0]; } } } } if ($owningAgencyId == 0) { OA_Preferences::_unsetPreferences(); return; } $doAgency = OA_Dal::factoryDO('agency'); $doAgency->agencyid = $owningAgencyId; $doAgency->find(); if ($doAgency->getRowCount() == 1) { // The manager account "owning" the advertiser or // trafficker account has some preferences that // override the admin account preferences $aManagerAccountId = $doAgency->getAll(array('account_id'), false, true); $managerAccountId = $aManagerAccountId[0]; // Get the manager account's preference values $aManagerPreferenceValues = OA_Preferences::_getPreferenceValues($managerAccountId); // Merge the preference values into the temporary // storage array for preferences OA_Preferences::_setPreferences($aPreferences, $aPreferenceTypes, $aManagerPreferenceValues, $loadExtraInfo); } if (!$parentOnly) { // Get the current account's ID if (!is_numeric($accountId)) { $currentAccountId = OA_Permission::getAccountId(); } else { $currentAccountId = $accountId; } if ($currentAccountId <= 0) { OA_Preferences::_unsetPreferences(); return; } // Get the current account's preference values $aCurrentPreferenceValues = OA_Preferences::_getPreferenceValues($currentAccountId); // Merge the preference values into the temporary // storage array for preferences OA_Preferences::_setPreferences($aPreferences, $aPreferenceTypes, $aCurrentPreferenceValues, $loadExtraInfo); } } } // Set the initial (default) language to conf value or english $aPreferences['language'] = !empty($aConf['max']['language']) ? $aConf['max']['language'] : 'en'; // Add user preferences (currently language) to the prefs array if ($userId = OA_Permission::getUserId()) { $doUser = OA_Dal::factoryDO('users'); $doUser->get('user_id', $userId); if (!empty($doUser->language)) { $aPreferences['language'] = $doUser->language; } } // Return or store the preferences if ($return) { return $aPreferences; } else { $GLOBALS['_MAX']['PREF'] = $aPreferences; } }
/** * Enter description here... * * @param integer $actionid One of the following: * - 1 for INSERT * - 2 for UPDATE * - 3 for DELETE * @param unknown_type $oDataObject * @param unknown_type $parentid * @return unknown */ function audit($actionid, $oDataObject = null, $parentid = null) { if (OA::getConfigOption('audit', 'enabled', false)) { if ($this->_auditEnabled()) { if (is_null($this->doAudit)) { $this->doAudit = $this->factory('audit'); } $this->doAudit->actionid = $actionid; $this->doAudit->context = $this->getTableWithoutPrefix(); $this->doAudit->contextid = $this->_getContextId(); $this->doAudit->parentid = $parentid; $this->doAudit->username = OA_Permission::getUsername(); $this->doAudit->userid = OA_Permission::getUserId(); if (!isset($this->doAudit->usertype)) { $this->doAudit->usertype = 0; } // Set the account IDs that need to be used in auditing // this type of entity record $aAccountIds = $this->getOwningAccountIds(); // Set the primary account ID if (isset($aAccountIds[OA_ACCOUNT_MANAGER])) { $this->doAudit->account_id = $aAccountIds[OA_ACCOUNT_MANAGER]; } else { $this->doAudit->account_id = $aAccountIds[OA_ACCOUNT_ADMIN]; } // Set the advertiser account ID, if required if (isset($aAccountIds[OA_ACCOUNT_ADVERTISER])) { $this->doAudit->advertiser_account_id = $aAccountIds[OA_ACCOUNT_ADVERTISER]; } // Set the trafficker account ID, if required if (isset($aAccountIds[OA_ACCOUNT_TRAFFICKER])) { $this->doAudit->website_account_id = $aAccountIds[OA_ACCOUNT_TRAFFICKER]; } // Prepare a generic array of data to be stored in the audit record $aAuditFields = $this->_prepAuditArray($actionid, $oDataObject); // Individual objects can customise this data (add, remove, format...) $this->_buildAuditArray($actionid, $aAuditFields); // Do not audit if nothing has changed if (count($aAuditFields)) { // Serialise the data $this->doAudit->details = serialize($aAuditFields); $this->doAudit->updated = OA::getNowUTC(); // Finally, insert the audit record $id = $this->doAudit->insert(); // Perform post-audit actions $this->_postAuditTrigger($actionid, $oDataObject, $id); return $id; } } } return false; }
/** * Store user rights per account * * @param array $aPermissions Array of permission IDs * @param integer $accountId account ID * @param integer $userId user ID * @param array $aAllowedPermissions Array of allowed permissions - keys of array are permissions IDs * @return true on success else false */ function storeUserAccountsPermissions($aPermissions, $accountId = null, $userId = null, $aAllowedPermissions = null) { if (empty($userId)) { $userId = OA_Permission::getUserId(); } if (empty($accountId)) { $accountId = OA_Permission::getAccountId(); } OA_Permission::deleteExistingPermissions($accountId, $userId, $aAllowedPermissions); // add new permissions foreach ($aPermissions as $permissionId) { if (!is_null($aAllowedPermissions) && !isset($aAllowedPermissions[$permissionId])) { // check if permission is on the list of allowed permissions continue; } $doAccount_user_permission_assoc = OA_Dal::factoryDO('account_user_permission_assoc'); $doAccount_user_permission_assoc->account_id = $accountId; $doAccount_user_permission_assoc->user_id = $userId; $doAccount_user_permission_assoc->permission_id = $permissionId; $doAccount_user_permission_assoc->is_allowed = 1; if (!$doAccount_user_permission_assoc->insert()) { return false; } } return true; }