if (!empty($_POST['s']) && !empty($_POST['p']) && !empty($_POST['u'])) { $errors = array(); $u = strtolower(trim($_POST['u'])); $p = $_POST['p']; if (empty($u)) { $errors[] = L\get('Specify_username'); } if (empty($p)) { $errors[] = L\get('Specify_password'); } if (empty($errors)) { DB\connect(); $user = new User(); $r = $user->Login($u, $p); if ($r['success'] == false) { $errors[] = L\get('Auth_fail'); } else { $cfg = $user->getTSVConfig(); if (!empty($cfg['method'])) { $_SESSION['check_TSV'] = time(); } else { $_SESSION['user']['TSV_checked'] = true; } } } $_SESSION['message'] = array_shift($errors); } elseif (!empty($_SESSION['check_TSV']) && !empty($_POST['c'])) { $u = new User(); $cfg = $u->getTSVConfig(); $authenticator = $u->getTSVAuthenticator($cfg['method'], $cfg['sd']); $verificationResult = $authenticator->verifyCode($_POST['c']);
/** * mark all notifications as read for given user * @param int $userId * @return void */ public static function markAllAsRead($userId) { //validate params if (!is_numeric($userId)) { trigger_error(L\get('ErroneousInputData'), E_USER_ERROR); } DB\dbQuery('UPDATE `' . static::$tableName . '` SET `read` = 1 WHERE user_id = $1 AND `read` = 0', $userId) or die(DB\dbQueryError()); }
<script type="text/javascript">setProgress('<?php echo L\get('Loading_ExtJS_UI'); ?> ', '60%')</script> <?php echo '<script type="text/javascript" src="' . $coreUrl . '/remote/api.php"></script>'; echo '<script type="text/javascript" src="' . $coreUrl . getMinifyGroupUrl('js') . $debugQueryParam . '"></script>'; echo '<script type="text/javascript" src="' . $coreUrl . getMinifyGroupUrl('jsdev') . $debugQueryParam . '"></script>'; echo '<script type="text/javascript" src="' . $coreUrl . getMinifyGroupUrl('jsoverrides') . $debugQueryParam . '"></script>'; $js = Config::getJsList(); if (!empty($js)) { echo '<script type="text/javascript" src="' . $coreUrl . getMinifyGroupUrl($coreName . '_js') . $debugQueryParam . '"></script>'; } $prc = Config::getPluginsRemoteConfig(); if (!empty($prc)) { echo '<script type="text/javascript">CB.plugin.config = ' . Util\jsonEncode($prc) . ';</script>'; } echo '<script type="text/javascript" src="' . $coreUrl . '/js/CB.DB.php"></script>'; ?> <script type="text/javascript">setProgress('<?php echo L\get('Initialization'); ?> ', '100%')</script> </body> </html> <?php saveMinifyUris();
for ($j = 0; $j < sizeof($lp); $j++) { $lp[$j] = str_replace(array('%', '\\/'), array('', '/'), $lp[$j]); } $arr[] = $lp; } echo "\n" . 'CB.DB.languages = new Ext.data.ArrayStore({' . 'model: \'Language\'' . ', data: ' . (empty($arr) ? '[]' : Util\jsonEncode($arr)) . '});' . "\n"; /* end of languages */ /* Security questions */ $arr = array(); for ($i = 0; $i < 10; $i++) { $sq = L\get('SecurityQuestion' . $i); if (!empty($sq)) { $arr[] = array($i, $sq); } } $osq = L\get('OwnSecurityQuestion'); if (!empty($osq)) { $arr[] = array(-1, $osq); } echo "\n" . 'CB.DB.securityQuestions = new Ext.data.ArrayStore({' . 'model: \'SecurityQuestion\'' . ',data: ' . (empty($arr) ? '[]' : Util\jsonEncode($arr)) . '});' . "\n"; /* end of Security questions */ /* templates */ $templatesClass = new Templates(); $data = $templatesClass->getTemplatesStructure(); $templates = array(); foreach ($data['data'] as $t => $fields) { $templates[$t] = array(); foreach ($fields as $f) { $templates[$t][$f['pid']][] = $f; } }
/** * return default configs for known grid columns * @return array */ public static function getDefaultGridColumnConfigs() { $instance = static::getInstance(); if (empty($instance->defaultGridColumnConfigs)) { $userConfig =& $_SESSION['user']['cfg']; $dateFormat = $userConfig['short_date_format']; $dateTimeFormat = $dateFormat . ' ' . $userConfig['time_format']; $instance->defaultGridColumnConfigs = array('nid' => array('title' => 'ID', 'width' => 80), 'name' => array('title' => L\get('Name'), 'width' => 300), 'path' => array('title' => L\get('Path'), 'width' => 150), 'case' => array('title' => L\get('Project'), "solr_column_name" => "case_id", "fieldType" => "_objects", 'width' => 150), 'date' => array('title' => L\get('Date'), 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'size' => array('title' => L\get('Size'), 'width' => 80), 'cid' => array('title' => L\get('Creator'), 'width' => 200), 'oid' => array('title' => L\get('Owner'), 'width' => 200), 'uid' => array('title' => L\get('UpdatedBy'), 'width' => 200), 'did' => array('title' => L\get('UpdatedBy'), 'width' => 200), 'comment_user_id' => array('title' => L\get('CommentedBy'), 'width' => 200), 'cdate' => array('title' => L\get('CreatedDate'), 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'udate' => array('title' => L\get('UpdatedDate'), 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'ddate' => array('title' => L\get('DeletedDate'), 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'comment_date' => array('title' => L\get('CommentedDate'), 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'date_end' => array('title' => L\get('EndDate'), 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'order' => array('title' => L\get('Order'), "align" => "center", "width" => 10, "columnWidth" => 10), 'task_u_assignee' => array('title' => L\get('Assignee'), 'width' => 200), 'task_u_started' => array('title' => L\get('StartedBy'), 'width' => 200), 'task_u_ongoing' => array('title' => L\get('Ongoing'), 'width' => 200), 'task_u_done' => array('title' => L\get('DoneBy'), 'width' => 200), 'task_u_blocker' => array('title' => L\get('Blocker'), 'width' => 200), 'task_u_all' => array('title' => L\get('All'), 'width' => 200), 'task_d_closed' => array('title' => L\get('ClosedDate'), "solr_column_name" => "task_d_closed", 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'task_status' => array('title' => L\get('Status'), 'width' => 70)); } return $instance->defaultGridColumnConfigs; }
/** * update a record by username param * @param array $p array with properties * @return boolean */ public static function updateByName($p) { if (empty($p['name'])) { trigger_error(L\get('ErroneousInputData') . ' no username specified for updateByName function', E_USER_ERROR); } $p['id'] = static::getIdByName($p['name']); return static::update($p); }
<input type="text" name="c" id="c" placeholder="<?php echo L\get('EnterCode'); ?> "> <?php echo isset($_SESSION['message']) ? '<div class="alert alert-error">' . $_SESSION['message'] . '</div>' : ''; ?> <span class="icon-lock"></span> </label> <?php //dont show login button for yubikey authentication $cfg = User::getTSVConfig(); if ($cfg['method'] !== 'ybk') { echo '<input type="submit" name="s" id="s" value="' . L\get('Verify') . '" class="btn btn-info" style="margin-top: 26px;" disabled>'; } echo '<a href="/' . $coreName . '/login/auth/?l=1" style="margin-top: 30px;" class="pull-right">' . L\get('Exit') . '</a>'; } ?> </form> </div> </div> <div class="footer"> <?php echo Config::get('login_footer_text'); ?> </div> <div class="footer" style="right: 0px;"> <a href="https://www.casebox.org/">www.casebox.org</a> <span style="color: #AAA; padding-left: 2px; padding-right: 5px">•</span> <a href="http://forum.casebox.org/">Support forum</a> </div>
if (!is_numeric($id)) { exit(0); } $toolbarItems = array('<a href="' . $coreUrl . '?locate=' . $id . '">' . L\get('OpenInCasebox') . '</a>'); $obj = Objects::getCachedObject($id); $objData = $obj->getData(); $objType = $obj->getType(); // if external window then print the toolbar if (empty($_GET['i'])) { echo '<html><head> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <link rel="stylesheet" type="text/css" href="/css/tasks.css" /></head> <body> '; if ($objType == 'file') { $toolbarItems[] = '<a href="' . $coreUrl . 'download/' . $id . '/">' . L\get('Download') . '</a>'; } echo '<table border="0" cellspacing="12" cellpading="12"><tr><td>' . implode('</td><td>', $toolbarItems) . '</td></tr></table>'; } $preview = array(); switch ($obj->getType()) { case 'file': $sql = 'SELECT p.filename FROM files f JOIN file_previews p ON f.content_id = p.id WHERE f.id = $1'; if (!empty($version_id)) { $sql = 'SELECT p.filename FROM files_versions f JOIN file_previews p ON f.content_id = p.id WHERE f.file_id = $1