function login_POST(Web &$w) { if ($_POST['login'] && $_POST['password']) { $client_timezone = "Australia/Sydney"; //$_POST['user_timezone']; $user = $w->Auth->login($_POST['login'], $_POST['password'], $client_timezone); if ($user) { if ($w->session('orig_path') != "auth/login") { $url = $w->session('orig_path'); $w->Log->debug("Original path: " . $url); // If no url specified, go to the users defined url if (empty($url) || $url == "/") { $url = $user->redirect_url; } $w->sessionUnset('orig_path'); $w->redirect($w->localUrl($url)); } else { $w->redirect(!empty($user->redirect_url) ? $w->localUrl($user->redirect_url) : $w->localUrl()); } } else { $w->error("Login or Password incorrect", "/auth/login"); } } else { $w->error("Please enter your login and password", "/auth/login"); } }
function profile_GET(Web &$w) { $p = $w->pathMatch("box"); $user = $w->Auth->user(); $contact = $user->getContact(); if ($user) { $w->ctx("title", "Administration - Profile - " . $user->login); } else { $w->error("User does not exist."); } $lines = array(); $lines[] = array("Change Password", "section"); $lines[] = array("Password", "password", "password", ""); $lines[] = array("Repeat Password", "password", "password2", ""); $lines[] = array("Contact Details", "section"); $lines[] = array("First Name", "text", "firstname", $contact ? $contact->firstname : ""); $lines[] = array("Last Name", "text", "lastname", $contact ? $contact->lastname : ""); $lines[] = array("Communication", "section"); $lines[] = array("Home Phone", "text", "homephone", $contact ? $contact->homephone : ""); $lines[] = array("Work Phone", "text", "workphone", $contact ? $contact->workphone : ""); $lines[] = array("Private Mobile", "text", "priv_mobile", $contact ? $contact->priv_mobile : ""); $lines[] = array("Work Mobile", "text", "mobile", $contact ? $contact->mobile : ""); $lines[] = array("Fax", "text", "fax", $contact ? $contact->fax : ""); $lines[] = array("Email", "text", "email", $contact ? $contact->email : ""); $lines[] = array("Redirect URL", "text", "redirect_url", $user->redirect_url); $f = Html::form($lines, $w->localUrl("/auth/profile"), "POST", "Update"); if ($p['box']) { $w->setLayout(null); $f = "<h2>Edit Profile</h2>" . $f; } $w->out($f); }
function taskAjaxSelectbyTaskGroup_ALL(Web $w) { $p = $w->pathMatch("taskgroup_id"); $taskgroup = $w->Task->getTaskGroup($p['taskgroup_id']); if (empty($taskgroup->id)) { return; } $tasktypes = $taskgroup != "" ? $w->Task->getTaskTypes($taskgroup->task_group_type) : array(); $priority = $taskgroup != "" ? $w->Task->getTaskPriority($taskgroup->task_group_type) : array(); $members = $taskgroup != "" ? $w->Task->getMembersBeAssigned($taskgroup->id) : array(); sort($members); $typetitle = $taskgroup != "" ? $taskgroup->getTypeTitle() : ""; $typedesc = $taskgroup != "" ? $taskgroup->getTypeDescription() : ""; // if user cannot assign tasks in this group, leave 'first_assignee' blank for owner/member to delegate $members = $taskgroup->getCanIAssign() ? $members : array(array("Default", "")); // create dropdowns loaded with respective data $ttype = Html::select("task_type", $tasktypes, null); $prior = Html::select("priority", $priority, null); $mem = Html::select("assignee_id", $members, null); // first_ $taskgroup_link = $taskgroup->isOwner($w->Auth->user()) ? "<a href=\"" . $w->localUrl("task-group/viewmembergroup/" . $taskgroup->id) . "\">" . $taskgroup->title . "</a>" : $taskgroup->title; $tasktext = "<table style='width: 100%;'>" . "<tr><td class=section colspan=2>Task Group Description</td></tr>" . "<tr><td><b>Task Group</td><td>" . $taskgroup_link . "</td></tr>" . "<tr><td><b>Task Type</b></td><td>" . $typetitle . "</td></tr>" . "<tr valign=top><td><b>Description</b></td><td>" . $typedesc . "</td></tr>" . "</table>"; // return as array of arrays $result = array($ttype, $prior, $mem, $tasktext, Html::select("status", $taskgroup->getTypeStatus(), null, null, null, null)); $w->setLayout(null); $w->out(json_encode($result)); }
function resetpassword_GET(Web $w) { $email = $w->request('email'); // email $token = $w->request('token'); // token $user = $w->Auth->getUserForToken($token); //this->getObject("User", array("password_reset_token", $token)); $validData = false; if (!empty($user->id)) { // Check that the password reset hasn't expired $w->Log->setLogger("AUTH")->debug("USER: "******" TIME: " . time() . " USER_RESET: " . $user->dt_password_reset_at . " RESULT: " . (time() - $user->dt_password_reset_at)); if (time() - $user->dt_password_reset_at > 86400) { $w->msg("Your token has expired (max 24 hours), please submit for a new one", "/auth/forgotpassword"); return; } $user_contact = $user->getContact(); if (!empty($user_contact)) { if ($user_contact->email == $email) { // We have passed the test $password_form = Html::form(array(array("Enter new password", "section"), array("New password", "password", "password"), array("Confirm password", "password", "password_confirm")), $w->localUrl("auth/resetpassword?email={$email}&token={$token}"), "POST", "Reset"); $w->out($password_form); $validData = true; } } } if (!$validData) { $w->Log->warn("Password reset attempt failed with email: {$email}, token: {$token}"); $w->out("Invalid email or token, this incident has been logged"); } }
function logout_GET(Web &$w) { if ($w->Auth->loggedIn()) { // Unset all of the session variables. $w->sessionDestroy(); } $w->redirect($w->localUrl("/auth/login")); }
/** * Display an edit form for either creating a new * record for ExampleData or edit an existing form. * * Url: * * /kickstart/edit/{id} * * @param Web $w */ function new_GET(Web $w) { // parse the url into parameters $p = $w->pathMatch("id"); // create the edit form $f = Html::form(array(array("New Module", "section"), array("Module Name", "text", "module_name", ""), array("Module Author", "text", "module_author", ""), array("Module Title", "text", "module_title", ""), array("Actions - one per line", "textarea", "actions", "index", null, null, "basic"), array("SQL Structure", "textarea", "sql", "", null, null, "basic")), $w->localUrl("/kickstart/new/" . $p['id']), "POST", " Save"); // circumvent the template and print straight into the layout $w->out($f); }
function results_GET(Web $w) { $response = array("success" => true, "data" => ""); $w->setLayout(null); $q = $w->request('q'); // query $idx = $w->request('idx'); // index $p = $w->request('p'); // page $ps = $w->request('ps'); // pageSize $tr = $w->request('tr'); // total results if ($q && strlen($q) >= 3) { $results = $w->Search->getResults($q, $idx, $p, $ps); if (empty($p) && empty($ps) && empty($tr)) { $buffer = ""; if (!empty($results[0])) { // Group results by class_name $filter_results = array(); foreach ($results[0] as $res) { $searchobject = $w->Search->getObject($res['class_name'], $res['object_id']); if (!empty($searchobject)) { $filter_results[$res['class_name']][] = $searchobject; } } foreach ($filter_results as $class => $objects) { // Transform class into readable text $t_class = preg_replace('/(?<=\\w)(?=[A-Z])/', " \$1", $class); $buffer .= "<div class='row search-class'><h4 style='padding-top: 10px; font-weight: lighter;'>{$t_class}</h4>"; if (!empty($objects)) { foreach ($objects as $object) { if ($object->canList($w->Auth->user())) { $buffer .= '<div class="panel search-result">'; if ($object->canView($w->Auth->user())) { $buffer .= "<a class=\"row search-title\" href=\"" . $w->localUrl($object->printSearchUrl()) . "\">{$object->printSearchTitle()}</a>" . "<div class=\"row search-listing\">{$object->printSearchListing()}</div>"; } else { $buffer .= "<div class=\"small-12 columns search-title\">{$object->printSearchTitle()}</div><div class=\"row search-listing\">(restricted)</div>"; } $buffer .= "</div>"; } } } $buffer .= "</div>"; } } $response["data"] = $buffer; } } else { $response["success"] = false; $response["data"] = "Please enter at least 3 characters for searching."; } echo json_encode($response); }
function editmember_GET(Web &$w) { $p = $w->pathMatch("repid", "userid"); // get member details for edit $member = $w->Report->getReportMember($p['repid'], $p['userid']); // build editable form for a member allowing change of membership type $f = Html::form(array(array("Member Details", "section"), array("", "hidden", "report_id", $p['repid']), array("Name", "static", "name", $w->Report->getUserById($member->user_id)), array("Role", "select", "role", $member->role, $w->Report->getReportPermissions())), $w->localUrl("/report/editmember/" . $p['userid']), "POST", " Update "); // display form $w->setLayout(null); $w->ctx("editmember", $f); }
function editlookup_GET(Web &$w) { $p = $w->pathMatch("id", "type"); $lookup = $w->Admin->getLookupbyId($p['id']); if ($lookup) { $types = $w->Admin->getLookupTypes(); $f = Html::form(array(array("Edit an Existing Entry", "section"), array("Type", "select", "type", $lookup->type, $types), array("Key", "text", "code", $lookup->code), array("Value", "text", "title", $lookup->title)), $w->localUrl("/admin/editlookup/" . $lookup->id . "/" . $p['type']), "POST", " Update "); $w->setLayout(null); $w->out($f); } else { $w->msg("No such Lookup Item?", "/admin/lookup/"); } }
function forgotpassword_GET(Web $w) { // Check if logged in already $user = $w->Auth->user(); if ($w->Auth->loggedIn() && $w->Auth->allowed($user->redirect_url)) { $w->redirect($w->localUrl(!empty($user->redirect_url) ? $user->redirect_url : "/main")); } // $loginform = Html::form(array( // array("Reset Password","section"), // array("Your Login","text","login"), // ),$w->localUrl("auth/forgotpassword"),"POST","Reset"); // $w->out($loginform); $w->ctx("pagetitle", "Forgot Password"); }
function deletemember_GET(Web &$w) { $p = $w->pathMatch("report_id", "user_id"); // get details of member to be deleted $member = $w->Report->getReportMember($p['report_id'], $p['user_id']); if ($member) { // build a static form displaying members details for confirmation of delete $f = Html::form(array(array("Confirm Delete Member", "section"), array("", "hidden", "is_deleted", "1"), array("Name", "static", "name", $w->Report->getUserById($member->user_id))), $w->localUrl("/report/deletemember/" . $member->report_id . "/" . $member->user_id), "POST", " Delete "); } else { $f = "No such member?"; } // display form $w->setLayout(null); $w->ctx("deletemember", $f); }
/** * Display an edit form for either creating a new * record for ExampleData or edit an existing form. * * Url: * * /example/edit/{id} * * @param Web $w */ function edit_GET(Web $w) { // parse the url into parameters $p = $w->pathMatch("id"); // create either a new or existing object if (isset($p['id'])) { $data = $w->Example->getDataForId($p['id']); } else { $data = new ExampleData($w); } // create the edit form $f = Html::form(array(array("Edit Example Data", "section"), array("Title", "text", "title", $data->title), array("Data", "text", "data", $data->data)), $w->localUrl("/example/edit/" . $p['id']), "POST", " Save "); // circumvent the template and print straight into the layout $w->out($f); }
function comment_POST(Web $w) { $p = $w->pathMatch("comment_id", "tablename", "object_id"); $comment_id = intval($p["comment_id"]); $comment = $comment_id > 0 ? $w->Comment->getComment($comment_id) : new Comment($w); if ($comment === null) { $comment = new Comment($w); } $comment->obj_table = $p["tablename"]; $comment->obj_id = $p["object_id"]; $comment->comment = strip_tags($w->request("comment")); $comment->insertOrUpdate(); $redirectUrl = $w->request("redirect_url"); if (!empty($redirectUrl)) { $w->msg("Comment saved", urldecode($redirectUrl)); } else { $w->msg("Comment saved", $w->localUrl($_SERVER["REQUEST_URI"])); } }
function addmembers_GET(Web &$w) { $p = $w->pathMatch("id"); // get the list of report editors and admins $members1 = $w->Auth->getUsersForRole("report_editor"); $members2 = $w->Auth->getUsersForRole("report_user"); // merge into single array $members12 = array_merge($members1, $members2); // strip the dumplicates. dealing with an object so no quick solution $members = array(); foreach ($members12 as $member) { if (!in_array($member, $members)) { $members[] = $member; } } // build form $addUserForm = array(array("", "hidden", "report_id", $p['id']), array("Add Member", "select", "member", null, $members), array("With Role", "select", "role", "", $w->Report->getReportPermissions())); $w->setLayout(null); $w->ctx("addmembers", Html::form($addUserForm, $w->localUrl("/report/updatemembers/"), "POST", " Submit ")); }
function updateusergroupnotify_GET(Web &$w) { $p = $w->pathMatch("id"); // get task title $title = $w->Task->getTaskGroupTitleById($p['id']); // get member $member = $w->Task->getMemberGroupById($p['id'], $_SESSION['user_id']); // get user notify settings for Task Group $notify = $w->Task->getTaskGroupUserNotify($_SESSION['user_id'], $p['id']); if ($notify) { foreach ($notify as $n) { $v[$n->role][$n->type] = $n->value; $task_creation = $n->task_creation; $task_details = $n->task_details; $task_comments = $n->task_comments; $time_log = $n->time_log; $task_documents = $n->task_documents; $task_pages = $n->task_pages; } } else { $notify = $w->Task->getTaskGroupNotify($p['id']); if ($notify) { foreach ($notify as $n) { $v[$n->role][$n->type] = $n->value; $task_creation = 1; $task_details = 1; $task_comments = 1; $time_log = 1; $task_documents = 1; $task_pages = 1; } } } // if no user notifications and no group defaults // set blank form - all task events on - so user can create their user notifications if (!$v) { $v['guest']['creator'] = 0; $v['member']['creator'] = 0; $v['member']['assignee'] = 0; $v['owner']['creator'] = 0; $v['owner']['assignee'] = 0; $v['owner']['other'] = 0; $task_creation = 1; $task_details = 1; $task_comments = 1; $time_log = 1; $task_documents = 1; $task_pages = 1; } $f = array(array($title . " - Notifications", "section")); // so foreach role/type lets get the values and create checkboxes foreach ($v as $role => $types) { if ($role == strtolower($member->role)) { foreach ($types as $type => $value) { $f[] = array(ucfirst($type), "checkbox", $role . "_" . $type, $value); } } } // add Task Events to form $f[] = array("For which events should you receive Notification?", "section"); $f[] = array("Task Creation", "checkbox", "task_creation", $task_creation); $f[] = array("Task Details Update", "checkbox", "task_details", $task_details); $f[] = array("Comments Added", "checkbox", "task_comments", $task_comments); $f[] = array("Time Log Entry", "checkbox", "time_log", $time_log); $f[] = array("Documents Added", "checkbox", "task_documents", $task_documents); $f[] = array("Pages Added", "checkbox", "task_pages", $task_pages); $f = Html::form($f, $w->localUrl("/task/updateusergroupnotify/" . $p['id']), "POST", "Save"); $w->setLayout(null); $w->out($f); }
function deletegroupmember_GET(Web &$w) { $p = $w->pathMatch("id"); // get details of member to be deleted $member = $w->Task->getMemberById($p['id']); // build a static form displaying members details for confirmation of delete $f = Html::form(array(array("Member Details", "section"), array("", "hidden", "is_active", "1"), array("Name", "static", "name", $w->Task->getUserById($member->user_id)), array("Role", "static", "role", $member->role)), $w->localUrl("/task-group/deletegroupmember/" . $member->id), "POST", " Delete "); // display form $w->setLayout(null); $w->ctx("deletegroupmember", $f); }