/**
* Return array of this $user can do to this user account
*
* @param User $user
* @return NamedList
*/
function getOptions($user)
{
if (!isset($this->options[$user->getId()])) {
$options = new NamedList();
if (User::canAdd($user, $this)) {
$options->add('add_user', array('text' => lang('New User'), 'url' => $this->getAddUserUrl()));
}
// if
if ($this->canEdit($user)) {
$options->add('edit', array('text' => lang('Change Details'), 'url' => $this->getEditUrl()));
$options->add('edit_logo', array('text' => lang('Change Logo'), 'url' => $this->getEditLogoUrl()));
}
// if
if ($this->canArchive($user)) {
if ($this->getIsArchived()) {
$options->add('unarchive', array('text' => lang('Unarchive'), 'url' => $this->getUnarchiveUrl(), 'method' => 'post', 'confirm' => lang('Are you sure that you want to move this company from list of archive into list of active companies?')));
} else {
$options->add('archive', array('text' => lang('Archive'), 'url' => $this->getArchiveUrl(), 'method' => 'post', 'confirm' => lang('Are you sure that you want to move this company to the archive?')));
}
// if
}
// if
if ($this->canDelete($user)) {
$options->add('delete', array('text' => lang('Delete'), 'url' => $this->getDeleteUrl(), 'method' => 'post', 'confirm' => lang('Are you sure that you want to delete this company and all of its users? This cannot be undone!')));
}
// if
// Additional
event_trigger('on_company_options', array(&$this, &$options, &$user));
$this->options[$user->getId()] = $options;
}
// if
return $this->options[$user->getId()];
}
<?php
set_page_title(lang('members'));
administration_tabbed_navigation(ADMINISTRATION_TAB_MEMBERS);
administration_crumbs(lang('members'));
if (User::canAdd(logged_user(), owner_company())) {
add_page_action(array(lang('add user') => owner_company()->getAddUserUrl()));
}
// if
$this->includeTemplate(get_template_path('list_users', 'administration'));
if ($company->isOwner()) {
administration_tabbed_navigation(ADMINISTRATION_TAB_COMPANY);
administration_crumbs(lang('company'));
} else {
administration_tabbed_navigation(ADMINISTRATION_TAB_CLIENTS);
administration_crumbs(array(array(lang('clients'), get_url('administration', 'clients')), array($company->getName())));
}
// if
if ($company->canEdit(logged_user())) {
add_page_action(lang('edit company'), $company->getEditUrl());
add_page_action(lang('edit company logo'), $company->getEditLogoUrl());
if (!$company->isOwner()) {
add_page_action(lang('update permissions'), $company->getUpdatePermissionsUrl());
}
// if
}
// if
if (User::canAdd(logged_user(), $company)) {
add_page_action(lang('add user'), $company->getAddUserUrl());
}
// if
$this->includeTemplate(get_template_path('company_card', 'company'));
?>
<h2><?php
echo lang('users');
?>
</h2>
<?php
$this->assign('users', $company->getUsers());
$this->includeTemplate(get_template_path('list_users', 'administration'));
The hidden field's accessible name cannot be more than one word. PHP cannot access multiple word variables.
Therefore, javascript spTo_(string) (space to underscore) will go through and substitute
all the spaces with the underscore character.
*/
session_start();
include 'odm-load.php';
if (!isset($_SESSION['uid'])) {
redirect_visitor();
}
include 'udf_functions.php';
require_once "AccessLog_class.php";
require_once "File_class.php";
require_once 'Reviewer_class.php';
require_once 'Email_class.php';
$user_obj = new User($_SESSION['uid'], $pdo);
if (!$user_obj->canAdd()) {
redirect_visitor('out.php');
}
if (!isset($_POST['submit'])) {
$last_message = isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : '';
draw_header(msg('area_add_new_file'), $last_message);
$current_user_dept = $user_obj->getDeptId();
$index = 0;
//CHM - Pull in the sub-select values
$query = "SELECT table_name FROM {$GLOBALS['CONFIG']['db_prefix']}udf WHERE field_type = '4'";
$stmt = $pdo->prepare($query);
$stmt->execute();
$result = $stmt->fetchAll();
$num_rows = $stmt->rowCount();
$i = 0;
$t_name = array();
/**
* Check if this user can add new account to this company
*
* @access public
* @param User $user
* @return boolean
*/
function canAddUser(User $user)
{
return User::canAdd($user, $this);
}
/**
* Add user
*
* @access public
* @param void
* @return null
*/
function add()
{
$this->setTemplate('add_user');
$company = Companies::findById(get_id('company_id'));
if (!$company instanceof Company) {
flash_error(lang('company dnx'));
$this->redirectTo('administration');
}
// if
if (!User::canAdd(logged_user(), $company)) {
flash_error(lang('no access permissions'));
$this->redirectToReferer(get_url('dashboard'));
}
// if
$user = new User();
$user_data = array_var($_POST, 'user');
if (!is_array($user_data)) {
$user_data = array('password_generator' => 'random', 'company_id' => $company->getId(), 'timezone' => $company->getTimezone());
// array
}
// if
$projects = $company->getProjects();
$permissions = ProjectUsers::getNameTextArray();
tpl_assign('user', $user);
tpl_assign('company', $company);
tpl_assign('projects', $projects);
tpl_assign('permissions', $permissions);
tpl_assign('user_data', $user_data);
if (is_array(array_var($_POST, 'user'))) {
$user->setFromAttributes($user_data);
$user->setCompanyId($company->getId());
try {
// Generate random password
if (array_var($user_data, 'password_generator') == 'random') {
$password = substr(sha1(uniqid(rand(), true)), rand(0, 25), 13);
// Validate user input
} else {
$password = array_var($user_data, 'password');
if (trim($password) == '') {
throw new Error(lang('password value required'));
}
// if
if ($password != array_var($user_data, 'password_a')) {
throw new Error(lang('passwords dont match'));
}
// if
}
// if
$user->setPassword($password);
DB::beginWork();
$user->save();
ApplicationLogs::createLog($user, null, ApplicationLogs::ACTION_ADD);
if (is_array($projects)) {
foreach ($projects as $project) {
if (array_var($user_data, 'project_permissions_' . $project->getId()) == 'checked') {
$relation = new ProjectUser();
$relation->setProjectId($project->getId());
$relation->setUserId($user->getId());
foreach ($permissions as $permission => $permission_text) {
$permission_value = array_var($user_data, 'project_permission_' . $project->getId() . '_' . $permission) == 'checked';
$setter = 'set' . Inflector::camelize($permission);
$relation->{$setter}($permission_value);
}
// foreach
$relation->save();
}
// if
}
// forech
}
// if
DB::commit();
// Send notification...
try {
if (array_var($user_data, 'send_email_notification')) {
Notifier::newUserAccount($user, $password);
}
// if
} catch (Exception $e) {
}
// try
flash_success(lang('success add user', $user->getDisplayName()));
$this->redirectToUrl($company->getViewUrl());
// Translate to profile page
} catch (Exception $e) {
DB::rollback();
tpl_assign('error', $e);
}
// try
}
// if
}
/**
* Create new user
*
* @param void
* @return null
*/
function add()
{
$this->wireframe->print_button = false;
if ($this->request->isApiCall() && !$this->request->isSubmitted()) {
$this->httpError(HTTP_ERR_BAD_REQUEST);
}
// if
if (!User::canAdd($this->logged_user, $this->active_company)) {
$this->httpError(HTTP_ERR_FORBIDDEN);
}
// if
$user_data = $this->request->post('user');
if (!is_array($user_data)) {
$user_data = array('role_id' => ConfigOptions::getValue('default_role'), 'auto_assign' => false);
}
// if
$this->smarty->assign(array('user_data' => $user_data));
if ($this->request->isSubmitted()) {
db_begin_work();
// Validate password
if ($this->request->isApiCall() || array_var($user_data, 'specify_password')) {
$errors = new ValidationErrors();
$password = array_var($user_data, 'password');
$password_a = array_var($user_data, 'password_a');
if (strlen(trim($password)) < 3) {
$errors->addError(lang('3 Letters or Longer'), 'password');
} else {
if ($password != $password_a) {
$errors->addError(lang('Passwords Mismatch'), 'password_a');
}
// if
}
// if
if ($errors->hasErrors()) {
if ($this->request->getFormat() == FORMAT_HTML) {
$this->smarty->assign('errors', $errors);
$this->render();
} else {
$this->serveData($errors);
}
// if
}
// if
} else {
$password = make_password(11);
}
// if
$this->active_user = new User();
$this->active_user->setAttributes($user_data);
$this->active_user->setPassword($password);
$this->active_user->setCompanyId($this->active_company->getId());
if ($this->logged_user->isPeopleManager()) {
$this->active_user->setAutoAssignData((bool) array_var($user_data, 'auto_assign'), (int) array_var($user_data, 'auto_assign_role_id'), array_var($user_data, 'auto_assign_permissions'));
} else {
$this->active_user->setRoleId(ConfigOptions::getValue('default_role'));
}
// if
$save = $this->active_user->save();
if ($save && !is_error($save)) {
$welcome_message_sent = false;
if (array_var($user_data, 'send_welcome_message')) {
$welcome_message = trim(array_var($user_data, 'welcome_message'));
if ($welcome_message) {
UserConfigOptions::setValue('welcome_message', $welcome_message, $this->active_user);
}
// if
$welcome_message_sent = ApplicationMailer::send(array($this->active_user), 'system/new_user', array('created_by_id' => $this->logged_user->getId(), 'created_by_name' => $this->logged_user->getDisplayName(), 'created_by_url' => $this->logged_user->getViewUrl(), 'email' => $this->active_user->getEmail(), 'password' => $password, 'login_url' => assemble_url('login'), 'welcome_body' => $welcome_message ? nl2br(clean($welcome_message)) : ''));
}
// if
$title = trim(array_var($user_data, 'title'));
if ($title) {
UserConfigOptions::setValue('title', $title, $this->active_user);
}
// if
db_commit();
if ($this->request->isApiCall()) {
$this->serveData($this->active_user, 'user');
} else {
if ($welcome_message_sent) {
flash_success('New user account has been created. Login information has been sent to :email', array('email' => $this->active_user->getEmail()));
} else {
flash_success('New user account has been created');
}
// if
$this->redirectToUrl($this->active_user->getViewUrl());
}
// if
} else {
db_rollback();
if ($this->request->isApiCall()) {
$this->serveData($save);
} else {
$this->smarty->assign('errors', $save);
}
// if
}
// if
}
// if
}
/**
* Add user
*
* @access public
* @param void
* @return null
*/
function add()
{
$this->setTemplate('add_user');
$company = Companies::findById(get_id('company_id'));
if (!$company instanceof Company) {
flash_error(lang('company dnx'));
$this->redirectTo('administration');
}
// if
if (!User::canAdd(logged_user(), $company)) {
flash_error(lang('no access permissions'));
$this->redirectToReferer(get_url('dashboard'));
}
// if
$user = new User();
$user_data = array_var($_POST, 'user');
if (!is_array($user_data)) {
$user_data = array('password_generator' => 'random', 'company_id' => $company->getId(), 'timezone' => $company->getTimezone());
// array
}
// if
$projects = $company->getProjects();
$permissions = PermissionManager::getPermissionsText();
tpl_assign('user', $user);
tpl_assign('company', $company);
tpl_assign('projects', $projects);
tpl_assign('permissions', $permissions);
tpl_assign('user_data', $user_data);
if (is_array(array_var($_POST, 'user'))) {
$user->setFromAttributes($user_data);
$user->setCompanyId($company->getId());
try {
// Generate random password
if (array_var($user_data, 'password_generator') == 'random') {
$password = substr(sha1(uniqid(rand(), true)), rand(0, 25), 13);
// Validate user input
} else {
$password = array_var($user_data, 'password');
if (trim($password) == '') {
throw new Error(lang('password value required'));
}
// if
if ($password != array_var($user_data, 'password_a')) {
throw new Error(lang('passwords dont match'));
}
// if
}
// if
$user->setPassword($password);
if (config_option('check_email_unique', '1') == '1') {
if (!$user->validateUniquenessOf('email')) {
throw new Error(lang('email address is already used'));
}
}
DB::beginWork();
$user->save();
ApplicationLogs::createLog($user, null, ApplicationLogs::ACTION_ADD);
if (is_array($projects)) {
foreach ($projects as $project) {
if (array_var($user_data, 'project_permissions_' . $project->getId()) == 'checked') {
$relation = new ProjectUser();
$relation->setProjectId($project->getId());
$relation->setUserId($user->getId());
foreach ($permissions as $permission => $permission_text) {
$permission_value = array_var($user_data, 'project_permission_' . $project->getId() . '_' . $permission) == 'checked';
$user->setProjectPermission($project, $permission, $permission_value);
}
// foreach
$relation->save();
}
// if
}
// foreach
}
// if
DB::commit();
// Send notification...
try {
if (array_var($user_data, 'send_email_notification')) {
Notifier::newUserAccount($user, $password);
}
// if
} catch (Exception $e) {
}
// try
// Add task to Welcome project...
try {
if (array_var($user_data, 'add welcome task')) {
$task_data = array('text' => lang('welcome task text', $user->getName(), get_url('account', 'edit')), 'due date' => DateTimeValueLib::now() + 7 * 24 * 60 * 60, 'assigned_to_company_id' => $user->getCompanyId(), 'assigned_to_user_id' => $user->getId());
$task_list = ProjectTaskLists::instance()->findById(2, true);
DB::beginWork();
$task = new ProjectTask();
$task->setFromAttributes($task_data);
$task_list->attachTask($task);
$task->save();
DB::commit();
}
// if
} catch (Exception $e) {
DB::rollback();
}
// try
flash_success(lang('success add user', $user->getDisplayName()));
$projects = $company->getProjects();
if (is_array($projects) || count($projects)) {
$this->redirectToUrl(get_url('account', 'update_permissions', $user->getId()));
// Continue to permissions page
}
// if
$this->redirectToUrl($company->getViewUrl());
} catch (Exception $e) {
DB::rollback();
tpl_assign('error', $e);
}
// try
}
// if
}
/**
* Show company details
*
* @param void
* @return null
*/
function view()
{
if ($this->active_company->isNew()) {
$this->httpError(HTTP_ERR_NOT_FOUND);
}
// if
if ($this->request->isApiCall()) {
$this->serveData($this->active_company, 'company', array('describe_users' => true, 'describe_logo' => true));
} else {
if (User::canAdd($this->logged_user, $this->active_company)) {
$this->wireframe->addPageAction(lang('New User'), $this->active_company->getAddUserUrl());
}
// if
$this->smarty->assign(array('users' => $this->active_company->getUsers($this->logged_user->visibleUserIds()), 'add_user_url' => User::canAdd($this->logged_user, $this->active_company) ? $this->active_company->getAddUserUrl() : false));
}
// if
}
/**
* Add user
*
* @access public
* @param void
* @return null
*/
function add()
{
if (logged_user()->isGuest()) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
}
$max_users = config_option('max_users');
if ($max_users && Users::count() >= $max_users) {
flash_error(lang('maximum number of users reached error'));
ajx_current("empty");
return;
}
$this->setTemplate('add_user');
$company = Companies::findById(get_id('company_id'));
if (!$company instanceof Company) {
$company = owner_company();
}
// if
if (!User::canAdd(logged_user(), $company)) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
}
// if
$user = new User();
$user_data = array_var($_POST, 'user');
if (!is_array($user_data)) {
//if it is a new user
$contact_id = get_id('contact_id');
$contact = Contacts::findById($contact_id);
if ($contact instanceof Contact) {
//if it will be created from a contact
$user_data = array('username' => $this->generateUserNameFromContact($contact), 'display_name' => $contact->getFirstname() . $contact->getLastname(), 'email' => $contact->getEmail(), 'contact_id' => $contact->getId(), 'password_generator' => 'random', 'company_id' => $company->getId(), 'timezone' => $contact->getTimezone(), 'create_contact' => false, 'type' => 'normal', 'can_manage_time' => true);
// array
} else {
// if it is new, and created from admin interface
$user_data = array('password_generator' => 'random', 'company_id' => $company->getId(), 'timezone' => $company->getTimezone(), 'create_contact' => true, 'send_email_notification' => true, 'type' => 'normal', 'can_manage_time' => true);
// array
}
}
// if
$permissions = ProjectUsers::getNameTextArray();
tpl_assign('user', $user);
tpl_assign('company', $company);
tpl_assign('permissions', $permissions);
tpl_assign('user_data', $user_data);
tpl_assign('billing_categories', BillingCategories::findAll());
if (is_array(array_var($_POST, 'user'))) {
if (!array_var($user_data, 'createPersonalProject')) {
$user_data['personal_project'] = 0;
}
try {
DB::beginWork();
$user = $this->createUser($user_data, array_var($_POST, 'permissions'));
$object_controller = new ObjectController();
$object_controller->add_custom_properties($user);
DB::commit();
flash_success(lang('success add user', $user->getDisplayName()));
ajx_current("back");
} catch (Exception $e) {
DB::rollback();
ajx_current("empty");
flash_error($e->getMessage());
}
// try
}
// if
}
