function submitForm($elems, $doneFunc = 'AjaxFormObj.checkDone', $errFunc = 'AjaxFormObj.checkError')
{
global $lbl, $txt;
$auth = R3AuthInstance::get();
$fieldDescr = array('app_code' => array(MISSING_FIELD => "Il campo 'applicazione' e' obbligatorio", INVALID_FIELD => "Il campo 'applicazione' contiene caratteri non validi. Solo lettere e numeri sono accettati", PK_ERROR => "Il campo 'codice' immesso esiste gia'"), 'app_name' => array(MISSING_FIELD => "Il campo 'nome' e' obbligatorio"));
$elems = AjaxSplitArray($elems);
$objResponse = new xajaxResponse();
$error = array();
try {
$privileges = array();
if (isset($elems['selectedPrivileges'])) {
foreach (explode(",", $elems['selectedPrivileges']) as $value) {
$a = explode("|", $value);
if (count($a) == 2) {
$privileges[] = array('ac_verb' => $a[0], 'ac_name' => $a[1], 'ga_kind' => 'ALLOW');
}
}
}
if ($elems['act'] == 'add') {
/** add a new application */
$auth->addGroup(strtoupper(trim($elems['app_code'])), strtoupper(trim($elems['gr_name'])), strtoupper(trim($elems['dn_name'])), $elems['gr_descr'], $privileges);
} else {
if ($elems['act'] == 'mod') {
/** modify an application */
$auth->modGroup(strtoupper(trim($elems['old_app_code'])), strtoupper(trim($elems['old_gr_name'])), strtoupper(trim($elems['app_code'])), strtoupper(trim($elems['gr_name'])), strtoupper(trim($elems['dn_name'])), $elems['gr_descr'], $privileges);
} else {
if ($elems['act'] == 'del') {
/** delete an application */
$auth->delGroup($elems['app_code'], $elems['gr_name']);
} else {
throw new Exception('Invalid action');
}
}
}
} catch (EPermissionDenied $e) {
$error['element'][] = '';
$error['message'][] = $e->getMessage();
} catch (EDatabaseError $e) {
$error['element'][] = '';
$error['message'][] = "Database error: " . $e->getMessage();
} catch (EInputError $e) {
$error['element'][] = $e->getField();
if (isset($fieldDescr[$e->getField()][$e->getCode()])) {
$error['message'][] = $fieldDescr[$e->getField()][$e->getCode()];
} else {
$error['message'][] = $e->getMessage();
}
} catch (Exception $e) {
$error['element'][] = '';
$error['message'][] = 'Generic error: ' . $e->getMessage();
}
// Action
if (count($error) > 0) {
$errText = $txt['err_store_failed'] . "\n - " . implode("\n - ", $error['message']);
$objResponse->addScriptCall($errFunc, $errText, $error['element'][0]);
} else {
$objResponse->addScriptCall($doneFunc);
}
return $objResponse->getXML();
}
function submitForm($elems, $doneFunc = 'AjaxFormObj.checkDone', $errFunc = 'AjaxFormObj.checkError')
{
global $lbl, $txt;
$auth = R3AuthInstance::get();
$fieldDescr = array('app_code' => array(MISSING_FIELD => !isset($txt['missing_fld_app']) ? _("Il campo 'applicazione' e' obbligatorio") : $txt['missing_fld_app'], INVALID_FIELD => "Il campo 'codice' contiene caratteri non validi. Solo lettere e numeri sono accettati", PK_ERROR => "Il campo 'codice' immesso esiste gia'"), 'app_name' => array(MISSING_FIELD => "Il campo 'nome' e' obbligatorio"));
// print_r($elems);
$elems = AjaxSplitArray($elems);
//print_r($elems);
$objResponse = new xajaxResponse();
$error = array();
try {
if ($elems['act'] == 'add') {
/** add a new acname */
foreach (explode(',', str_replace(';', ',', $elems['ac_verb'])) as $verb) {
$auth->addACName($elems['app_code'], strtoupper(trim($verb)), strtoupper(trim($elems['ac_name'])), trim($elems['ac_descr']), trim($elems['ac_order']), strtoupper($elems['ac_active']) == 'T', array('ac_type' => strtoupper($elems['ac_type'])));
}
} else {
if ($elems['act'] == 'mod') {
/** modify an acname */
$auth->modACName($elems['old_app_code'], $elems['old_ac_verb'], $elems['old_ac_name'], $elems['app_code'], strtoupper(trim($elems['ac_verb'])), strtoupper(trim($elems['ac_name'])), trim($elems['ac_descr']), trim($elems['ac_order']), strtoupper($elems['ac_active']) == 'T', array('ac_type' => strtoupper($elems['ac_type'])));
} else {
if ($elems['act'] == 'del') {
/** delete an acname */
$auth->delACName($elems['app_code'], $elems['ac_verb'], $elems['ac_name']);
} else {
throw new Exception('Invalid action');
}
}
}
} catch (EPermissionDenied $e) {
$error['element'][] = '';
$error['message'][] = $e->getMessage();
} catch (EDatabaseError $e) {
$error['element'][] = '';
$error['message'][] = "Database error: " . $e->getMessage();
} catch (EInputError $e) {
$error['element'][] = $e->getField();
if (isset($fieldDescr[$e->getField()][$e->getCode()])) {
$error['message'][] = $fieldDescr[$e->getField()][$e->getCode()];
} else {
$error['message'][] = $e->getMessage();
}
} catch (Exception $e) {
$error['element'][] = '';
$error['message'][] = 'Generic error: ' . $e->getMessage();
}
// Action
if (count($error) > 0) {
$errText = (!isset($txt['err_store_failed']) ? _("Salvataggio fallito") . ":" : $txt['err_store_failed']) . "\n - " . implode("\n - ", $error['message']);
$objResponse->addScriptCall($errFunc, $errText, $error['element'][0]);
} else {
$objResponse->addScriptCall($doneFunc);
}
return $objResponse->getXML();
}
function submitForm($elems, $doneFunc = 'AjaxFormObj.checkDone', $errFunc = 'AjaxFormObj.checkError')
{
global $lbl, $txt, $users_extra_fields;
$auth = R3AuthInstance::get();
$fieldDescr = array('app_code' => array(MISSING_FIELD => _("Il campo 'applicazione' e' obbligatorio"), INVALID_FIELD => _("Il campo 'applicazione' contiene caratteri non validi. Solo lettere e numeri sono accettati"), PK_ERROR => _("Il campo 'codice' immesso esiste gia'")), 'app_name' => array(MISSING_FIELD => _("Il campo 'nome' e' obbligatorio")));
// print_r($elems);
$elems = AjaxSplitArray($elems);
// print_r($elems);
$objResponse = new xajaxResponse();
/** User extra field for the common section */
$extra_fields = $auth->getConfigValue('USER_MANAGER', 'EXTRA_FIELDS', array());
if (isset($users_extra_fields)) {
$extra_fields = array_merge($extra_fields, $users_extra_fields);
}
$error = array();
try {
$errors = checkReq($extra_fields, $elems);
if (!empty($errors)) {
$errorMsg = implode('\\n', $errors);
throw new Exception($errorMsg);
}
if ($auth->passwordStatus < 0 && $elems['us_password'] == '') {
throw new Exception('Password must be set');
}
/** Extra fields in user table */
$extras = array();
foreach ($extra_fields as $key => $val) {
if (!isset($val['inistorage']) && !isset($val['kind'])) {
if (isset($elems[$key])) {
$extras[$key] = $elems[$key];
}
}
}
/** password check */
if ($elems['us_password'] != '' && $elems['us_password'] != $elems['us_password2']) {
throw new Exception('Invalid password');
}
if ($elems['us_password'] != '') {
$auth->setParam('us_password', $elems['us_password'], true);
}
foreach ($extras as $key => $val) {
$auth->setParam($key, $val, true);
}
/** Extra fields in user table */
foreach ($extra_fields as $key => $val) {
if (isset($val['inistorage']) && !isset($val['kind'])) {
if (isset($elems[$key])) {
$auth->setConfigValue($val['inistorage'][0], $val['inistorage'][1], $elems[$key]);
}
}
}
} catch (EPermissionDenied $e) {
$error['element'][] = '';
$error['message'][] = $e->getMessage();
} catch (EDatabaseError $e) {
$error['element'][] = '';
$error['message'][] = "Database error: " . $e->getMessage();
} catch (EInputError $e) {
$error['element'][] = $e->getField();
if (isset($fieldDescr[$e->getField()][$e->getCode()])) {
$error['message'][] = $fieldDescr[$e->getField()][$e->getCode()];
} else {
$error['message'][] = $e->getMessage();
}
} catch (Exception $e) {
$error['element'][] = '';
//$error['message'][] = 'Generic error: ' . $e->getMessage();
$error['message'][] = $e->getMessage();
}
// Action
if (count($error) > 0) {
$errText = $txt['err_store_failed'] . "\n - " . implode("\n - ", $error['message']);
$objResponse->addScriptCall($errFunc, $errText, $error['element'][0]);
} else {
$objResponse->addScriptCall($doneFunc);
}
return $objResponse->getXML();
}
function submitForm($elems, $doneFunc = 'AjaxFormObj.checkDone', $errFunc = 'AjaxFormObj.checkError')
{
global $lbl, $txt, $dbini;
$auth = R3AuthInstance::get();
if (!$auth->hasPerm('EDIT', 'CONFIG') && !$auth->hasPerm('MOD', 'CONFIG')) {
die("PERMISSION DENIED [EDIT|MOD/CONFIG]\n");
}
/*$fieldDescr = array('do_names'=>array(MISSING_FIELD=>"Il campo 'nome dominio' e' obbligatorio",
INVALID_FIELD=>"Il campo 'nome dominio' contiene caratteri non validi. Solo lettere e numeri sono accettati",
PK_ERROR=>"Il campo 'nome dominio' immesso esiste gia'"),
'do_auth_type'=>array(MISSING_FIELD=>"Il campo 'tipo autenticazione' e' obbligatorio"),
INVALID_FIELD=>"Il campo 'tipo autenticazione' non è valido",);
*/
$elems = AjaxSplitArray($elems);
if (!isset($elems['old_us_login'])) {
$elems['old_us_login'] = '';
}
// print_r($elems);
$objResponse = new xajaxResponse();
$error = array();
try {
if (($p = strpos($elems['us_login'], '|')) !== false) {
$elems['us_login'] = substr($elems['us_login'], $p + 1);
}
if (($p = strpos($elems['old_us_login'], '|')) !== false) {
$elems['old_us_login'] = substr($elems['old_us_login'], $p + 1);
}
if (!$auth->hasPerm('SHOW', 'ALL_DOMAINS')) {
$elems['dn_name'] = $auth->domain;
}
if (!$auth->hasPerm('SHOW', 'ALL_APPLICATIONS')) {
$elems['app_code'] = $auth->application;
}
if (!$auth->hasPerm('SHOW', 'ALL_USERS')) {
$elems['us_login'] = $auth->login;
}
if ($elems['act'] == 'del') {
$dbini->removeAttribute($elems['dn_name'], $elems['app_code'], $elems['us_login'], $elems['se_section'], $elems['se_param']);
} else {
$se_section = strtoupper(trim($elems['se_section']));
$se_param = strtoupper(trim($elems['se_param']));
if ($elems['se_type'] == 'STRING') {
$se_type_ext = $elems['se_type_ext_STRING'];
} else {
if ($elems['se_type'] == 'ENUM') {
$se_type_ext = $elems['se_type_ext_ENUM'];
} else {
$se_type_ext = '';
}
}
if ($elems['se_type'] == 'ARRAY') {
$se_value = trim($elems['se_value_TEXT']);
@eval('$my_array = array(' . $se_value . ');');
if (!isset($my_array)) {
throw new Exception('Invalid value');
}
$se_value = serialize($my_array);
// echo $se_value;
} else {
if ($elems['se_type'] == 'JSON') {
if (trim($elems['se_value_TEXT']) == '') {
$se_value = null;
} else {
$se_value = $elems['se_value_TEXT'];
$jsonData = @json_decode($se_value, true);
if ($jsonData === null) {
throw new Exception('JSon error: ' . json_last_error_msg());
}
}
} else {
if ($elems['se_type'] == 'TEXT') {
$se_value = $elems['se_value_TEXT'];
} else {
$se_value = $elems['se_value_normal'];
}
}
}
$dbini->replaceAttribute($elems['old_dn_name'], $elems['old_app_code'], $elems['old_us_login'], $elems['old_se_section'], $elems['old_se_param'], $elems['dn_name'], $elems['app_code'], $elems['us_login'], $se_section, $se_param, $se_value, $elems['se_type'], $se_type_ext, $elems['se_private'], $elems['se_order'], $elems['se_descr']);
}
} catch (EPermissionDenied $e) {
$error['element'][] = '';
$error['message'][] = $e->getMessage();
} catch (EDatabaseError $e) {
$error['element'][] = '';
$error['message'][] = "Database error: " . $e->getMessage();
} catch (Exception $e) {
$error['element'][] = '';
$error['message'][] = 'Generic error: ' . $e->getMessage();
}
// Action
if (count($error) > 0) {
$errText = $txt['err_store_failed'] . "\n - " . implode("\n - ", $error['message']);
$objResponse->addScriptCall($errFunc, $errText, $error['element'][0]);
} else {
$objResponse->addScriptCall($doneFunc);
}
return $objResponse->getXML();
}
function submitForm($elems, $doneFunc = 'AjaxFormObj.checkDone', $errFunc = 'AjaxFormObj.checkError')
{
global $lbl, $txt;
$auth = R3AuthInstance::get();
$fieldDescr = array('do_names' => array(MISSING_FIELD => "Il campo 'nome dominio' e' obbligatorio", INVALID_FIELD => "Il campo 'nome dominio' contiene caratteri non validi. Solo lettere e numeri sono accettati", PK_ERROR => "Il campo 'nome dominio' immesso esiste gia'"), 'do_auth_type' => array(MISSING_FIELD => "Il campo 'tipo autenticazione' e' obbligatorio"), INVALID_FIELD => "Il campo 'tipo autenticazione' non è valido");
$elems = AjaxSplitArray($elems);
$objResponse = new xajaxResponse();
$error = array();
try {
if (isset($elems['do_name'])) {
$do_names = array(strtoupper($elems['do_name']));
}
if (isset($elems['do_alias'])) {
foreach (explode("\n", $elems['do_alias']) as $value) {
$s = trim(strtoupper(str_replace("\r", '', $value)));
if ($s != '') {
$do_names[] = $s;
}
}
}
if (isset($elems['selectedApplications'])) {
foreach (explode(",", $elems['selectedApplications']) as $value) {
$applications[] = strtoupper($value);
}
}
if ($elems['act'] == 'add') {
/** add a new somain */
$auth->addDomain($do_names, $elems['do_auth_type'], $elems['do_auth_data'], $applications);
} else {
if ($elems['act'] == 'mod') {
/** modify a domain */
$auth->modDomain($elems['old_do_name'], $do_names, $elems['do_auth_type'], $elems['do_auth_data'], $applications);
} else {
if ($elems['act'] == 'del') {
/** delete an application */
$auth->delDomain($elems['name']);
} else {
throw new Exception('Invalid action');
}
}
}
} catch (EPermissionDenied $e) {
$error['element'][] = '';
$error['message'][] = $e->getMessage();
} catch (EDatabaseError $e) {
$error['element'][] = '';
$error['message'][] = "Database error: " . $e->getMessage();
} catch (EInputError $e) {
$error['element'][] = $e->getField();
if (isset($fieldDescr[$e->getField()][$e->getCode()])) {
$error['message'][] = $fieldDescr[$e->getField()][$e->getCode()];
} else {
$error['message'][] = $e->getMessage();
}
} catch (Exception $e) {
$error['element'][] = '';
$error['message'][] = 'Generic error: ' . $e->getMessage();
}
// Action
if (count($error) > 0) {
$errText = $txt['err_store_failed'] . "\n - " . implode("\n - ", $error['message']);
$objResponse->addScriptCall($errFunc, $errText, $error['element'][0]);
} else {
$objResponse->addScriptCall($doneFunc);
}
return $objResponse->getXML();
}
function submitForm($elems, $doneFunc = 'AjaxFormObj.checkDone', $errFunc = 'AjaxFormObj.checkError')
{
global $lbl, $txt, $users_extra_fields, $mdb2;
$auth = R3AuthInstance::get();
$fieldDescr = array('dn_name' => array(MISSING_FIELD => _("Il campo 'Dominio' è obbligatorio."), INVALID_FIELD => _("Il campo 'Dominio' non è valido.")), 'app_code' => array(MISSING_FIELD => _("Il campo 'Applicazione' è obbligatorio."), INVALID_FIELD => _("Il campo 'Applicazione' contiene caratteri non validi. Prego inserire solo lettere e numeri."), PK_ERROR => _("Il campo 'Applicazione' immesso è già presente in banca dati.")), 'us_login' => array(IN_USE => _("Impossibile cancellare questo utente perchè in uso."), MISSING_FIELD => _("Il campo 'Login' è obbligatorio."), INVALID_FIELD => _("Il campo 'Login' non è valido.")), 'us_name' => array(MISSING_FIELD => _("Il campo 'Nome' è obbligatorio.")));
// print_r($elems);
$elems = AjaxSplitArray($elems);
if (!isset($elems['us_ip'])) {
$elems['us_ip'] = null;
}
if (!isset($elems['us_start_date'])) {
$elems['us_start_date'] = null;
}
if (!isset($elems['us_expire_date'])) {
$elems['us_expire_date'] = null;
}
// print_r($elems);
$objResponse = new xajaxResponse();
/** User extra field for the common section */
$extra_fields = $auth->getConfigValue('USER_MANAGER', 'EXTRA_FIELDS', array());
if (isset($users_extra_fields)) {
$extra_fields = array_merge($extra_fields, $users_extra_fields);
}
$error = array();
try {
if ($elems['act'] != 'del') {
$errors = checkReq($extra_fields, $elems);
if (!empty($errors)) {
$errorMsg = implode('\\n', $errors);
throw new Exception($errorMsg);
}
}
/** extract the selected groups and permissions */
$dn_name = strtoupper(trim($elems['dn_name']));
$a = $auth->getDomainData($dn_name, true);
$appList = $a['applications'];
$groups = array();
$perms = array();
//$perms_n = array();
if (is_array($appList)) {
foreach ($appList as $appKey => $appVal) {
if (isset($elems['selectedGroups_' . $appKey])) {
$elemValues = $elems['selectedGroups_' . $appKey];
foreach (explode(",", $elemValues) as $value) {
if ($value != '') {
$groups[] = array('app_code' => $appKey, 'gr_name' => $value);
}
}
}
if (isset($elems['selectedPerms_' . $appKey])) {
$elemValues = $elems['selectedPerms_' . $appKey];
foreach (explode(",", $elemValues) as $value) {
if ($value != '') {
$a = explode('|', $value);
$perms[] = array('app_code' => $appKey, 'ac_verb' => $a[0], 'ac_name' => $a[1], 'ua_kind' => 'ON');
}
}
}
if (isset($elems['selectedPerms_n_' . $appKey])) {
$elemValues = $elems['selectedPerms_n_' . $appKey];
foreach (explode(",", $elemValues) as $value) {
if ($value != '') {
$a = explode('|', $value);
$perms[] = array('app_code' => $appKey, 'ac_verb' => $a[0], 'ac_name' => $a[1], 'ua_kind' => 'OFF');
}
}
}
}
}
/** Extra fields in user table */
$extras = array();
foreach ($extra_fields as $key => $val) {
if (!isset($val['inistorage']) && isset($elems[$key])) {
if (isset($val['storagetable'])) {
$extras[$key] = array('table' => $val['storagetable'], 'data' => $elems[$key]);
} else {
$extras[$key] = $elems[$key];
}
}
}
global $dbini;
if ($elems['act'] == 'add') {
/** add a new application */
if ($elems['us_password'] != $elems['us_password2']) {
throw new Exception('Invalid password');
}
$data = array('us_name' => $elems['us_name'], 'us_password' => $elems['us_password'], 'us_status' => $elems['us_status'], 'groups' => $groups, 'perms' => $perms, 'ip' => $auth->strToIPArray($elems['us_ip']), 'us_start_date' => dateToISO($elems['us_start_date']), 'us_expire_date' => dateToISO($elems['us_expire_date']), 'us_pw_expire' => $elems['us_pw_expire'], 'us_pw_expire_alert' => $elems['us_pw_expire_alert'], 'as_code' => isset($elems['as_code']) ? $elems['as_code'] : null, 'forceChangePassword' => isset($elems['us_force_password_change']) && $elems['us_force_password_change'] == 'T');
$auth->addUserFromArray($dn_name, trim($elems['us_login']), $data, $extras, true);
} else {
if ($elems['act'] == 'mod') {
/** modify an application */
if ($elems['us_password'] != '' && $elems['us_password'] != $elems['us_password2']) {
throw new Exception('Invalid password');
}
$data = array('us_name' => $elems['us_name'], 'us_password' => $elems['us_password'], 'us_status' => $elems['us_status'], 'groups' => $groups, 'perms' => $perms, 'ip' => $auth->strToIPArray($elems['us_ip']), 'us_start_date' => dateToISO($elems['us_start_date']), 'us_expire_date' => dateToISO($elems['us_expire_date']), 'us_pw_expire' => $elems['us_pw_expire'], 'us_pw_expire_alert' => $elems['us_pw_expire_alert'], 'as_code' => isset($elems['as_code']) ? $elems['as_code'] : null, 'forceChangePassword' => isset($elems['us_force_password_change']) && $elems['us_force_password_change'] == 'T');
$auth->modUserFromArray($elems['old_dn_name'], $elems['old_us_login'], $dn_name, trim($elems['us_login']), $data, $extras, true);
} else {
if ($elems['act'] == 'del') {
/** delete an application */
// Check constraint
$a = $auth->getConfigValue('USER_MANAGER', 'USER_CONSTRAINTS', array());
if (is_array($a)) {
$userData = $auth->getUserData($elems['dn_name'], null, $elems['us_login']);
if ($userData !== null) {
foreach ($a as $val) {
if (isset($val['sql'])) {
$sql = $val['sql'];
$sql = str_replace('<UID>', $userData['us_id'], $sql);
$res =& $mdb2->query($sql);
if (PEAR::isError($res)) {
throw new EDatabaseError($res->getMessage() . $sql);
}
if ($row = $res->fetchRow()) {
if ($row[0] > 0) {
if (isset($val['error_message'])) {
$s = $val['error_message'];
} else {
$s = $val['Constraint error'];
}
if (isset($txt[$s])) {
$s = $txt[$s];
}
throw new EConstraintError($s);
}
}
}
}
}
}
$auth->delUser($elems['dn_name'], $elems['us_login'], false, true);
} else {
throw new Exception('Invalid action');
}
}
}
/** Extra fields in user table */
foreach ($extra_fields as $key => $val) {
if (isset($val['inistorage'])) {
if (isset($elems[$key])) {
// Creo il parametro per ogni applicazione
//SS: TODO: Salvare solo un valore nella banca dati
$domainData = $auth->getDomainData($dn_name, true);
foreach ($domainData['applications'] as $appKey => $appVal) {
$auth->setConfigValueFor($dn_name, $appKey, trim($elems['us_login']), $val['inistorage'][0], $val['inistorage'][1], $elems[$key]);
}
}
}
}
} catch (EPermissionDenied $e) {
$error['element'][] = '';
$error['message'][] = _('Permesso negato');
//$e->getMessage();
} catch (EDatabaseError $e) {
//SS: E' sempre la login?
if (strpos($e->getMessage(), 'constraint violation') !== false) {
$error['element'][] = 'us_login';
if ($elems['act'] == 'del') {
$error['message'][] = _("Impossibile cancellare l'utente perchè vi sono dei dati ad esso legati");
} else {
$error['message'][] = "Database error: " . $e->getMessage();
}
} else {
$error['element'][] = '';
$error['message'][] = "Database error: " . $e->getMessage();
}
} catch (EConstraintError $e) {
$error['element'][] = '';
$error['message'][] = $e->getMessage();
} catch (EInputError $e) {
$error['element'][] = $e->getField();
if (isset($fieldDescr[$e->getField()][$e->getCode()])) {
$error['message'][] = $fieldDescr[$e->getField()][$e->getCode()];
} else {
$error['message'][] = $e->getMessage();
}
} catch (Exception $e) {
$error['element'][] = '';
$error['message'][] = 'Generic error: ' . $e->getMessage();
}
// Action
if (count($error) > 0) {
$errText = _('Attenzione!') . "\n - " . implode("\n - ", $error['message']);
$objResponse->addScriptCall($errFunc, $errText, $error['element'][0]);
} else {
$objResponse->addScriptCall($doneFunc);
}
return $objResponse->getXML();
}
