function get_zp_user_id()
{
    $zp_users = OA_Dal::factoryDO('Zpusers');
    $zp_user_id = $zp_users->get_zp_user_id(OA_Permission::getUserId());
    if (!$zp_user_id) {
        $zp_user_id = zp_api_common_uuid();
        $zp_users->set_zp_user_id($zp_user_id);
    }
    return $zp_user_id;
}
require_once MAX_PATH . '/lib/max/Admin/Languages.php';
require_once MAX_PATH . '/lib/max/Plugin/Translation.php';
require_once MAX_PATH . '/www/admin/config.php';
// Security check
OA_Permission::enforceAccount(OA_ACCOUNT_ADMIN, OA_ACCOUNT_MANAGER, OA_ACCOUNT_ADVERTISER, OA_ACCOUNT_TRAFFICKER);
// Create a new option object for displaying the setting's page's HTML form
$oOptions = new OA_Admin_Option('user');
// Prepare an array for storing error messages
$aErrormessage = array();
// If the settings page is a submission, deal with the form data
if (isset($_POST['submitok']) && $_POST['submitok'] == 'true') {
    // Register input variables
    phpAds_registerGlobalUnslashed('pwold', 'pw', 'pw2');
    // Get the DB_DataObject for the current user
    $doUsers = OA_Dal::factoryDO('users');
    $doUsers->get(OA_Permission::getUserId());
    // Set defaults
    $changePassword = false;
    // Get the current authentication plugin instance
    $oPlugin = OA_Auth::staticGetAuthPlugin();
    // Check password
    if (!isset($pwold) || !$oPlugin->checkPassword(OA_Permission::getUsername(), $pwold)) {
        $aErrormessage[0][] = $GLOBALS['strPasswordWrong'];
    }
    if (isset($pw) && strlen($pw) || isset($pw2) && strlen($pw2)) {
        if (!strlen($pw) || strstr("\\", $pw)) {
            $aErrormessage[0][] = $GLOBALS['strInvalidPassword'];
        } elseif (strcmp($pw, $pw2)) {
            $aErrormessage[0][] = $GLOBALS['strNotSamePasswords'];
        } else {
            $changePassword = true;
 /**
  * A static method to load the current account's preferences from the
  * database and store them in the global array $GLOBALS['_MAX']['PREF'].
  *
  * @static
  * @param boolean $loadExtraInfo An optional parameter, when set to true,
  *                               the array of preferences is loaded as
  *                               an array of arrays, indexed by preference
  *                               key, containing the preference "value" and
  *                               "account_type" information. When not set,
  *                               the preferences are loaded as a
  *                               one-dimensional array of values, indexed
  *                               by preference key.
  * @param boolean $return        An optional parameter, when set to true,
  *                               returns the preferences instead of setting
  *                               them into $GLOBALS['_MAX']['PREF'].
  * @param boolean $parentOnly    An optional parameter, when set to true,
  *                               only loads those preferences that are
  *                               inherited from parent accounts, not preferences
  *                               at the current account level. If the current
  *                               account is the admin account, and this option
  *                               is true, no preferences will be loaded!
  * @param boolean $loadAdminOnly An optional parameter, when set to true, loads
  *                               the admin preferences only, EVEN IF NO ACCUONT
  *                               IS LOGGED IN. If set to true, REQUIRES that the
  *                               $parentOnly parameter is false. Should only
  *                               ever be set when called from
  *                               OA_Preferences::loadAdminAccountPreferences().
  * @param integer $accountId     An optional account ID, when set, the preferences
  *                               for this account will be loaded, provided there
  *                               is no currently logged in account.
  * @return mixed The array of preferences if $return is true, otherwise null.
  */
 function loadPreferences($loadExtraInfo = false, $return = false, $parentOnly = false, $loadAdminOnly = false, $accountId = null)
 {
     $aConf = $GLOBALS['_MAX']['CONF'];
     // Ensure $parentOnly and $loadAdminOnly are correctly set
     if ($parentOnly && $loadAdminOnly) {
         // Cannot both be true!
         OA_Preferences::_unsetPreferences();
         return;
     }
     // Only worry about the current account type and if a user is logged
     // in if $loadAdminOnly == false
     if ($loadAdminOnly == false) {
         // Get the type of the current accout
         $currentAccountType = OA_Permission::getAccountType();
         // If no user logged in, and we are supposed to load a specific account's
         // preferences, load the account type of that specific account
         if (empty($currentAccountType) && is_numeric($accountId)) {
             // Get the account type for the specified account
             $doAccounts = OA_Dal::factoryDO('accounts');
             $doAccounts->account_id = $accountId;
             $doAccounts->find();
             if ($doAccounts->getRowCount() > 0) {
                 $aCurrentAccountType = $doAccounts->getAll(array('account_type'), false, true);
                 $currentAccountType = $aCurrentAccountType[0];
             }
         }
         // If (still) no user logged in or invalid specific account, return
         if (is_null($currentAccountType) || $currentAccountType == false) {
             OA_Preferences::_unsetPreferences();
             return;
         }
     }
     // Get all of the preference types that exist
     $doPreferences = OA_Dal::factoryDO('preferences');
     $aPreferenceTypes = $doPreferences->getAll(array(), true);
     // Are there any preference types in the system?
     if (empty($aPreferenceTypes)) {
         OA_Preferences::_unsetPreferences();
         return;
     }
     // Get the admin account's ID, as this will be required
     $adminAccountId = OA_Dal_ApplicationVariables::get('admin_account_id');
     // Get the admin account's preferences, as these are always required
     $aAdminPreferenceValues = OA_Preferences::_getPreferenceValues($adminAccountId);
     if (empty($aAdminPreferenceValues)) {
         OA_Preferences::_unsetPreferences();
         return;
     }
     // Prepare an array to store the preferences that should
     // eventually be set in the global array
     $aPreferences = array();
     // Put the admin account's preferences into the temporary
     // storage array for preferences
     if ($loadAdminOnly == true || !($currentAccountType == OA_ACCOUNT_ADMIN && $parentOnly)) {
         OA_Preferences::_setPreferences($aPreferences, $aPreferenceTypes, $aAdminPreferenceValues, $loadExtraInfo);
     }
     // Is the current account NOT the admin account?
     if ($loadAdminOnly == false && $currentAccountType != OA_ACCOUNT_ADMIN) {
         // Is the current account not a manager account?
         if ($currentAccountType == OA_ACCOUNT_MANAGER) {
             // This is a manager account
             if (!$parentOnly) {
                 // Locate the owning manager account ID
                 if (!is_numeric($accountId)) {
                     $managerAccountId = OA_Permission::getAccountId();
                 } else {
                     $managerAccountId = $accountId;
                 }
                 if ($managerAccountId == 0) {
                     OA_Preferences::_unsetPreferences();
                     return;
                 }
                 // Get the manager account's preference values
                 $aManagerPreferenceValues = OA_Preferences::_getPreferenceValues($managerAccountId);
                 // Merge the preference values into the temporary
                 // storage array for preferences
                 OA_Preferences::_setPreferences($aPreferences, $aPreferenceTypes, $aManagerPreferenceValues, $loadExtraInfo);
             }
         } else {
             // This must be an advertiser or trafficker account, so
             // need to locate the manager account that "owns" this account
             if (!is_numeric($accountId)) {
                 $owningAgencyId = OA_Permission::getAgencyId();
             } else {
                 $owningAgencyId = 0;
                 if ($currentAccountType == OA_ACCOUNT_ADVERTISER) {
                     $doClients = OA_Dal::factoryDO('clients');
                     $doClients->account_id = $accountId;
                     $doClients->find();
                     if ($doClients->getRowCount() == 1) {
                         $aOwningAgencyId = $doClients->getAll(array('agencyid'), false, true);
                         $owningAgencyId = $aOwningAgencyId[0];
                     }
                 } else {
                     if ($currentAccountType == OA_ACCOUNT_TRAFFICKER) {
                         $doAffiliates = OA_Dal::factoryDO('affiliates');
                         $doAffiliates->account_id = $accountId;
                         $doAffiliates->find();
                         if ($doAffiliates->getRowCount() == 1) {
                             $aOwningAgencyId = $doAffiliates->getAll(array('agencyid'), false, true);
                             $owningAgencyId = $aOwningAgencyId[0];
                         }
                     }
                 }
             }
             if ($owningAgencyId == 0) {
                 OA_Preferences::_unsetPreferences();
                 return;
             }
             $doAgency = OA_Dal::factoryDO('agency');
             $doAgency->agencyid = $owningAgencyId;
             $doAgency->find();
             if ($doAgency->getRowCount() == 1) {
                 // The manager account "owning" the advertiser or
                 // trafficker account has some preferences that
                 // override the admin account preferences
                 $aManagerAccountId = $doAgency->getAll(array('account_id'), false, true);
                 $managerAccountId = $aManagerAccountId[0];
                 // Get the manager account's preference values
                 $aManagerPreferenceValues = OA_Preferences::_getPreferenceValues($managerAccountId);
                 // Merge the preference values into the temporary
                 // storage array for preferences
                 OA_Preferences::_setPreferences($aPreferences, $aPreferenceTypes, $aManagerPreferenceValues, $loadExtraInfo);
             }
             if (!$parentOnly) {
                 // Get the current account's ID
                 if (!is_numeric($accountId)) {
                     $currentAccountId = OA_Permission::getAccountId();
                 } else {
                     $currentAccountId = $accountId;
                 }
                 if ($currentAccountId <= 0) {
                     OA_Preferences::_unsetPreferences();
                     return;
                 }
                 // Get the current account's preference values
                 $aCurrentPreferenceValues = OA_Preferences::_getPreferenceValues($currentAccountId);
                 // Merge the preference values into the temporary
                 // storage array for preferences
                 OA_Preferences::_setPreferences($aPreferences, $aPreferenceTypes, $aCurrentPreferenceValues, $loadExtraInfo);
             }
         }
     }
     // Set the initial (default) language to conf value or english
     $aPreferences['language'] = !empty($aConf['max']['language']) ? $aConf['max']['language'] : 'en';
     // Add user preferences (currently language) to the prefs array
     if ($userId = OA_Permission::getUserId()) {
         $doUser = OA_Dal::factoryDO('users');
         $doUser->get('user_id', $userId);
         if (!empty($doUser->language)) {
             $aPreferences['language'] = $doUser->language;
         }
     }
     // Return or store the preferences
     if ($return) {
         return $aPreferences;
     } else {
         $GLOBALS['_MAX']['PREF'] = $aPreferences;
     }
 }
 /**
  * Enter description here...
  *
  * @param integer $actionid One of the following:
  *                              - 1 for INSERT
  *                              - 2 for UPDATE
  *                              - 3 for DELETE
  * @param unknown_type $oDataObject
  * @param unknown_type $parentid
  * @return unknown
  */
 function audit($actionid, $oDataObject = null, $parentid = null)
 {
     if (OA::getConfigOption('audit', 'enabled', false)) {
         if ($this->_auditEnabled()) {
             if (is_null($this->doAudit)) {
                 $this->doAudit = $this->factory('audit');
             }
             $this->doAudit->actionid = $actionid;
             $this->doAudit->context = $this->getTableWithoutPrefix();
             $this->doAudit->contextid = $this->_getContextId();
             $this->doAudit->parentid = $parentid;
             $this->doAudit->username = OA_Permission::getUsername();
             $this->doAudit->userid = OA_Permission::getUserId();
             if (!isset($this->doAudit->usertype)) {
                 $this->doAudit->usertype = 0;
             }
             // Set the account IDs that need to be used in auditing
             // this type of entity record
             $aAccountIds = $this->getOwningAccountIds();
             // Set the primary account ID
             if (isset($aAccountIds[OA_ACCOUNT_MANAGER])) {
                 $this->doAudit->account_id = $aAccountIds[OA_ACCOUNT_MANAGER];
             } else {
                 $this->doAudit->account_id = $aAccountIds[OA_ACCOUNT_ADMIN];
             }
             // Set the advertiser account ID, if required
             if (isset($aAccountIds[OA_ACCOUNT_ADVERTISER])) {
                 $this->doAudit->advertiser_account_id = $aAccountIds[OA_ACCOUNT_ADVERTISER];
             }
             // Set the trafficker account ID, if required
             if (isset($aAccountIds[OA_ACCOUNT_TRAFFICKER])) {
                 $this->doAudit->website_account_id = $aAccountIds[OA_ACCOUNT_TRAFFICKER];
             }
             // Prepare a generic array of data to be stored in the audit record
             $aAuditFields = $this->_prepAuditArray($actionid, $oDataObject);
             // Individual objects can customise this data (add, remove, format...)
             $this->_buildAuditArray($actionid, $aAuditFields);
             // Do not audit if nothing has changed
             if (count($aAuditFields)) {
                 // Serialise the data
                 $this->doAudit->details = serialize($aAuditFields);
                 $this->doAudit->updated = OA::getNowUTC();
                 // Finally, insert the audit record
                 $id = $this->doAudit->insert();
                 // Perform post-audit actions
                 $this->_postAuditTrigger($actionid, $oDataObject, $id);
                 return $id;
             }
         }
     }
     return false;
 }
Beispiel #5
0
 /**
  * Store user rights per account
  *
  * @param array $aPermissions  Array of permission IDs
  * @param integer $accountId  account ID
  * @param integer $userId  user ID
  * @param array $aAllowedPermissions  Array of allowed permissions - keys of array are permissions IDs
  * @return true on success else false
  */
 function storeUserAccountsPermissions($aPermissions, $accountId = null, $userId = null, $aAllowedPermissions = null)
 {
     if (empty($userId)) {
         $userId = OA_Permission::getUserId();
     }
     if (empty($accountId)) {
         $accountId = OA_Permission::getAccountId();
     }
     OA_Permission::deleteExistingPermissions($accountId, $userId, $aAllowedPermissions);
     // add new permissions
     foreach ($aPermissions as $permissionId) {
         if (!is_null($aAllowedPermissions) && !isset($aAllowedPermissions[$permissionId])) {
             // check if permission is on the list of allowed permissions
             continue;
         }
         $doAccount_user_permission_assoc = OA_Dal::factoryDO('account_user_permission_assoc');
         $doAccount_user_permission_assoc->account_id = $accountId;
         $doAccount_user_permission_assoc->user_id = $userId;
         $doAccount_user_permission_assoc->permission_id = $permissionId;
         $doAccount_user_permission_assoc->is_allowed = 1;
         if (!$doAccount_user_permission_assoc->insert()) {
             return false;
         }
     }
     return true;
 }