function change_password()
{
global $author_session;
if ($_SESSION['form_data']['status'] != 'admin' && $_SESSION['form_data']['status'] != 'normal' && empty($_SESSION['form_data']['username'])) {
return;
}
// FIXME: include auth type according to 'auth_type' field in DB
// default on 'db' if field not present/set.
$class_auth = 'Auth_db';
include_lcm('inc_auth_db');
$auth = new $class_auth();
if (!$auth->init()) {
lcm_log("pass change: failed auth init: " . $auth->error);
$_SESSION['errors']['password_generic'] = $auth->error;
return;
}
// Is user allowed to change the password?
if (!$auth->is_newpass_allowed(_session('id_author'), _session('username'), $author_session)) {
$_SESSION['errors']['password_generic'] = $auth->error;
return;
}
// Confirm current password only if user is not admin
// (this also applies to the creation of new authors, only admins can do that)
if ($author_session['status'] != 'admin') {
$valid_oldpass = false;
// Try to validate with the MD5s
if (_request('session_password_md5') && _request('next_session_password_md5')) {
$valid_oldpass = $auth->validate_md5_challenge(_session('session_password_md5'), _session('next_session_password_md5'));
}
// If it didn't work, fallback on cleartext
if (!$valid_oldpass) {
$valid_oldpass = $auth->validate_pass_cleartext(_session('username'), _session('usr_old_passwd'));
}
if (!$valid_oldpass) {
$_SESSION['errors']['password_current'] = _T('pass_warning_incorrect');
return;
}
}
// Confirm matching passwords
if (_session('usr_new_passwd') != _session('usr_retype_passwd')) {
$_SESSION['errors']['password_confirm'] = _T('login_warning_password_dont_match');
return;
}
// Change the password
$ok = $auth->newpass(_session('id_author'), _session('username'), _session('usr_new_passwd'), $author_session);
if (!$ok) {
lcm_log("New pass failed: " . $auth->error);
$_SESSION['errors']['password_confirm'] = $auth->error;
return;
}
}
function getQueryParams($map = null)
{
$params = array();
$params['site'] = SITENAME;
$params['page'] = PAGE;
$slug = explode("/", PAGE);
if (count($slug) > 0) {
$params['basepage'] = $slug[0];
} else {
$params['basepage'] = $params['page'];
}
array_shift($slug);
if (is_array($map) && count($map) > 0) {
$params['slug'] = array();
array_unshift($map, "");
foreach ($map as $nx => $key) {
if ($nx == 0) {
continue;
}
if (isset($slug[$nx]) && strlen($slug[$nx]) > 0) {
$params['slug'][$key] = $slug[$nx];
}
}
} else {
$params['slug'] = $slug;
}
$params['query'] = _session('QUERY');
return $params;
}
function LcmOrg($id_org = 0)
{
$id_org = intval($id_org);
$this->cases = null;
$this->case_start_from = 0;
$this->LcmObject();
if ($id_org > 0) {
$query = "SELECT * FROM lcm_org WHERE id_org = {$id_org}";
$result = lcm_query($query);
if ($row = lcm_fetch_array($result)) {
foreach ($row as $key => $val) {
$this->data[$key] = $val;
}
}
}
// If any, populate form values submitted
foreach ($_REQUEST as $key => $value) {
$nkey = $key;
if (substr($key, 0, 7) == 'org_') {
$nkey = substr($key, 4);
}
$this->data[$nkey] = _request($key);
}
// If any, populate with session variables (for error reporting)
if (isset($_SESSION['form_data'])) {
foreach ($_SESSION['form_data'] as $key => $value) {
$nkey = $key;
if (substr($key, 0, 7) == 'org_') {
$nkey = substr($key, 4);
}
$this->data[$nkey] = _session($key);
}
}
}
function LcmClient($id_client = 0)
{
$id_client = intval($id_client);
$this->cases = null;
$this->case_start_from = 0;
$this->LcmObject();
if ($id_client > 0) {
$query = "SELECT * FROM lcm_client WHERE id_client = {$id_client}";
$result = lcm_query($query);
if ($row = lcm_fetch_array($result)) {
foreach ($row as $key => $val) {
$this->data[$key] = $val;
}
}
}
// If any, populate form values submitted
foreach ($_REQUEST as $key => $value) {
$nkey = $key;
if (substr($key, 0, 7) == 'client_') {
$nkey = substr($key, 7);
}
$this->data[$nkey] = _request($key);
}
// If any, populate with session variables (for error reporting)
if (isset($_SESSION['form_data'])) {
foreach ($_SESSION['form_data'] as $key => $value) {
$nkey = $key;
if (substr($key, 0, 7) == 'client_') {
$nkey = substr($key, 7);
}
$this->data[$nkey] = _session($key);
}
}
if (get_datetime_from_array($_SESSION['form_data'], 'date_birth', 'start', -1) != -1) {
$this->data['date_birth'] = get_datetime_from_array($_SESSION['form_data'], 'date_birth', 'start');
}
}
function LcmExpenseComment($id_expense, $id_comment = 0)
{
$id_expense = intval($id_expense);
$id_comment = intval($id_comment);
$this->LcmObject();
if ($id_comment > 0) {
$query = "SELECT ec.*, ec.id_expense, a.name_first, a.name_middle, a.name_last\n\t\t\t\t\t\tFROM lcm_expense_comment as ec, lcm_author as a\n\t\t\t\t\t\tWHERE ec.id_comment = {$id_comment}\n\t\t\t\t\t\t AND ec.id_expense = {$id_expense}\n\t\t\t\t\t\t AND ec.id_author = a.id_author";
$result = lcm_query($query);
if ($row = lcm_fetch_array($result)) {
foreach ($row as $key => $val) {
$this->data[$key] = $val;
}
} else {
lcm_panic("Comment not found.");
}
} else {
$this->data['id_expense'] = $id_expense;
$this->data['id_author'] = $GLOBALS['author_session']['id_author'];
}
// If any, populate form values submitted
foreach ($_REQUEST as $key => $value) {
$nkey = $key;
if (substr($key, 0, 8) == 'comment_') {
$nkey = substr($key, 8);
}
$this->data[$nkey] = _request($key);
}
// If any, populate with session variables (for error reporting)
if (isset($_SESSION['form_data'])) {
foreach ($_SESSION['form_data'] as $key => $value) {
$nkey = $key;
if (substr($key, 0, 8) == 'comment_') {
$nkey = substr($key, 8);
}
$this->data[$nkey] = _session($key);
}
}
if ($this->getDataInt('id_expense', '__ASSERT__') != $id_expense) {
lcm_panic("id_expense of object does not match comment id_expense");
}
}
echo "</select>\n";
echo "<button name=\"submit\" type=\"submit\" value=\"add_client\" class=\"simple_form_btn\">" . 'Add' . "</button>\n";
// TRAD
echo "</td></tr>\n";
echo "</table>\n";
// Delete appointment
if (_session('id_app', 0)) {
// $checked = ($this->getDataString('hidden') == 'Y' ? ' checked="checked" ' : '');
$checked = $_SESSION['form_data']['hidden'] == 'Y' ? ' checked="checked" ' : '';
echo '<p class="normal_text">';
echo '<input type="checkbox"' . $checked . ' name="hidden" id="box_delete" />';
echo '<label for="box_delete">' . _T('app_info_delete') . '</label>';
echo "</p>\n";
}
// Submit buttons
echo '<button name="submit" type="submit" value="adddet" class="simple_form_btn">' . _T('button_validate') . "</button>\n";
echo '<input type="hidden" name="id_app" value="' . _session('id_app', 0) . '" />' . "\n";
echo '<input type="hidden" name="id_case" value="' . _session('id_case', 0) . '" />' . "\n";
echo '<input type="hidden" name="id_followup" value="' . _session('id_followup', 0) . '" />' . "\n";
// because of XHTML validation...
if (_session('ref_edit_app')) {
$ref_link = new Link(_session('ref_edit_app'));
echo '<input type="hidden" name="ref_edit_app" value="' . $ref_link->getUrl() . '" />' . "\n";
}
echo "</form>\n";
lcm_page_end();
// Clear the errors, in case user jumps to other 'edit' page
$_SESSION['errors'] = array();
$_SESSION['app_data'] = array();
// DEPRECATED since 0.7.0
$_SESSION['form_data'] = array();
function LcmFollowupInfoUI($id_fu = 0)
{
$this->LcmFollowup($id_fu);
// In printEdit(), whether to show "conclusion" fields
$this->show_conclusion = false;
if (_request('submit') == 'set_status' || _request('submit') == 'set_stage') {
$this->show_conclusion = true;
} elseif (_session('type') == 'stage_change' || is_status_change(_session('type'))) {
$this->show_conclusion = true;
}
// In printEdit(), whether to check for sumbilled
$this->show_sum_billed = read_meta('fu_sum_billed');
}
function printEdit()
{
// Read site configuration preferences
$case_assignment_date = read_meta('case_assignment_date');
$case_alledged_crime = read_meta('case_alledged_crime');
$case_legal_reason = read_meta('case_legal_reason');
$case_allow_modif = read_meta('case_allow_modif');
echo '<table class="tbl_usr_dtl">' . "\n";
// Case ID (if editing existing case)
if ($this->getDataInt('id_case')) {
echo "<tr>" . "<td>" . _T('case_input_id') . "</td>" . "<td>" . $this->getDataInt('id_case') . '<input type="hidden" name="id_case" value="' . $this->getDataInt('id_case') . '" />' . "</td></tr>\n";
}
echo '<tr><td><label for="input_case_title">' . f_err_star('title') . _T('case_input_title') . "</label></td>\n";
echo '<td><input size="35" name="title" id="input_case_title" value="' . clean_output($this->getDataString('title')) . '" class="search_form_txt" />';
echo "</td></tr>\n";
// Date of earlier assignment
if ($case_assignment_date == 'yes') {
echo "<tr>\n";
echo "<td>" . f_err_star('date_assignment') . _Ti('case_input_date_assigned') . "</td>\n";
echo "<td>" . get_date_inputs('assignment', $this->getDataString('date_assignment'), false) . "</td>\n";
echo "</tr>\n";
}
// Legal reason
if (substr($case_legal_reason, 0, 3) == 'yes') {
echo '<tr><td><label for="input_legal_reason">' . f_err_star('legal_reason') . _T('case_input_legal_reason') . "</label>" . ($case_legal_reason == 'yes_mandatory' ? '<br/>(' . _T('keywords_input_policy_mandatory') . ')' : '') . "</td>\n";
echo '<td>';
echo '<textarea name="legal_reason" id="input_legal_reason" class="frm_tarea" rows="2" cols="60">';
echo clean_output($this->getDataString('legal_reason'));
echo "</textarea>";
echo "</td>\n";
echo "</tr>\n";
}
// Alledged crime
if (substr($case_alledged_crime, 0, 3) == 'yes') {
echo '<tr><td><label for="input_alledged_crime">' . f_err_star('alledged_crime') . _T('case_input_alledged_crime') . "</label>" . ($case_alledged_crime == 'yes_mandatory' ? '<br/>(' . _T('keywords_input_policy_mandatory') . ')' : '') . "</td>\n";
echo '<td>';
echo '<textarea name="alledged_crime" id="input_alledged_crime" class="frm_tarea" rows="2" cols="60">';
echo clean_output($this->getDataString('alledged_crime'));
echo '</textarea>';
echo "</td>\n";
echo "</tr>\n";
}
// Keywords (if any)
show_edit_keywords_form('case', $this->getDataInt('id_case'));
$id_stage = 0;
// new case, stage not yet known
if ($this->getDataString('stage')) {
$stage = get_kw_from_name('stage', $this->getDataString('stage', '__ASSERT__'));
$id_stage = $stage['id_keyword'];
}
show_edit_keywords_form('stage', $this->getDataInt('id_case'), $id_stage);
// Notes
echo "<tr>\n";
echo "<td><label for='input_case_notes'>" . f_err_star('case_notes') . _Ti('case_input_notes') . "</label></td>\n";
echo '<td><textarea name="case_notes" id="input_case_notes" class="frm_tarea" rows="3" cols="60">' . clean_output($this->getDataString('notes')) . "</textarea>\n" . "</td>\n";
echo "</tr>\n";
// Case status
echo '<tr><td><label for="input_status">' . f_err_star('status') . _Ti('case_input_status') . "</label></td>\n";
echo '<td>';
echo '<select name="status" id="input_status" class="sel_frm">' . "\n";
$statuses = $this->getDataInt('id_case') ? array('draft', 'open', 'suspended', 'closed', 'merged') : array('draft', 'open');
foreach ($statuses as $s) {
$sel = $s == $this->getDataString('status') ? ' selected="selected"' : '';
echo '<option value="' . $s . '"' . $sel . ">" . _T('case_status_option_' . $s) . "</option>\n";
}
echo "</select></td>\n";
echo "</tr>\n";
// Case stage
if (!$this->getDataString('stage')) {
$this->data['stage'] = get_suggest_in_group_name('stage');
}
$kws = get_keywords_in_group_name('stage');
echo '<tr><td><label for="input_stage">' . f_err_star('stage') . _T('case_input_stage') . "</label></td>\n";
echo '<td><select name="stage" id="input_stage" class="sel_frm">' . "\n";
foreach ($kws as $kw) {
$sel = $kw['name'] == $this->data['stage'] ? ' selected="selected"' : '';
echo "\t\t\t\t<option value='" . $kw['name'] . "'" . "{$sel}>" . _T(remove_number_prefix($kw['title'])) . "</option>\n";
}
echo "</select></td>\n";
echo "</tr>\n";
// Public access rights
// FIXME FIXME FIXME
if ($this->data['admin'] || read_meta('case_read_always') != 'yes' || read_meta('case_write_always') != 'yes') {
$dis = isDisabled(!allowed($this->getDataInt('id_case'), 'a'));
echo '<tr><td colspan="2">' . _T('case_input_collaboration') . ' <br /><ul>';
if (read_meta('case_read_always') != 'yes' || $GLOBALS['author_session']['status'] == 'admin') {
echo '<li style="list-style-type: none;">';
echo '<input type="checkbox" name="public" id="case_public_read" value="yes"';
if ($_SESSION['form_data']['public']) {
echo ' checked="checked"';
}
echo "{$dis} />";
echo '<label for="case_public_read">' . _T('case_input_collaboration_read') . "</label></li>\n";
}
if (read_meta('case_write_always') != 'yes' || _session('admin')) {
echo '<li style="list-style-type: none;">';
echo '<input type="checkbox" name="pub_write" id="case_public_write" value="yes"';
if (_session('pub_write')) {
echo ' checked="checked"';
}
echo "{$dis} />";
echo '<label for="case_public_write">' . _T('case_input_collaboration_write') . "</label></li>\n";
}
echo "</ul>\n";
echo "</td>\n";
echo "</tr>\n";
}
echo "</table>\n";
}
<QBXML>
<SignonMsgsRq>
<SignonDesktopRq>
<ClientDateTime>' . date('Y-m-d') . 'T' . date('H:i:s') . '</ClientDateTime>
<ApplicationLogin>' . QBOE_APPLICATIONLOGIN . '</ApplicationLogin>
<ConnectionTicket>' . QBOE_CONNECTION . '</ConnectionTicket>
<Language>English</Language>
<AppID>' . QBOE_APPLICATIONID . '</AppID>
<AppVer>1</AppVer>
</SignonDesktopRq>
</SignonMsgsRq>
</QBXML>';
// Send the request
$response = _request($signon_xml, null, $debug);
// Extract the session ticket
$session = _session($response);
// This is the request we're going to send
$customerquery_xml = '<?xml version="1.0" ?>
<?qbxml version="6.0"?>
<QBXML>
<SignonMsgsRq>
<SignonTicketRq>
<ClientDateTime>' . date('Y-m-d') . 'T' . date('H:i:s') . '</ClientDateTime>
<SessionTicket>' . $session . '</SessionTicket>
<Language>English</Language>
<AppID>' . QBOE_APPLICATIONID . '</AppID>
<AppVer>1</AppVer>
</SignonTicketRq>
</SignonMsgsRq>
<QBXMLMsgsRq onError="stopOnError">
<CustomerQueryRq>
$params[$k] = $k . '=' . urlencode($v);
}
lcm_header('Location: edit_app.php?' . join('&', $params));
exit;
}
// Send user back to add/edit page's referer or (default) to appointment detail page
switch (_session('submit')) {
case 'add_author':
case 'add_client':
// Go back to edit the same appointment. Save the original referer
lcm_header('Location: ' . $_SERVER['HTTP_REFERER']);
break;
case 'add':
// Go back to the edit page's referer
unset($_SESSION['errors']);
lcm_header('Location: ' . _session('ref_edit_app', "app_det.php?app={$id_app}"));
break;
case 'addnew':
// Open new appointment. Save the original referer
unset($_SESSION['errors']);
lcm_header('Location: edit_app.php?app=0&ref=' . _session('ref_edit_app', "app_det.php?app={$id_app}"));
break;
case 'adddet':
case 'submit':
default:
// Go to appointment details
unset($_SESSION['errors']);
lcm_header("Location: app_det.php?app={$id_app}");
}
exit;
}
//
// if (!read_meta('case_read_always') || $admin) {
// echo ' <td><input type="checkbox" name="public" value="yes"';
// if ($_SESSION['form_data']['public']) echo ' checked';
// echo "></td>\n";
// }
//
// if (!read_meta('case_write_always') || $admin) {
// echo ' <td><input type="checkbox" name="pub_write" value="yes"';
// if ($_SESSION['form_data']['pub_write']) echo ' checked';
// echo "></td>\n";
// }
//? > </tr>
// </table>
// </td>
// </tr>
//
//<?php
// }
//echo "</table>\n";
// Submit button
echo '<input type="hidden" name="ref_edit_rep" value="' . _session('ref_edit_rep') . '">' . "\n";
echo '<button name="submit" type="submit" value="submit" class="simple_form_btn">' . _T('button_validate') . "</button>\n";
echo '</form>' . "\n";
echo "</fieldset>";
// Clear errors
$_SESSION['errors'] = array();
$_SESSION['form_data'] = array();
$_SESSION['rep_data'] = array();
// DEPRECATED LCM 0.7.0
lcm_page_end();
function print_registration_form()
{
install_html_start(_T('pass_title_register'), 'login');
$link = new Link();
$url = $link->getUrl();
echo '<p align="left" class="normal_text">' . _T('pass_info_why_register') . "</p>\n";
echo show_all_errors();
echo "<form method='post' action='{$url}' style='border: 0px; margin: 0px;'>\n";
echo '<input type="hidden" name="register" value="data" />' . "\n";
echo "<fieldset><label><b>" . _T('info_your_contact_information') . "</b><br></label>\n";
// [ML] Altough not most problematic, could be better. But if someone
// fixes here, please fix install.php also (step 4)
echo "<table border='0'>\n";
echo "<tr>\n";
echo "<td>\n\t\t\t<label for='name_first'>" . f_err_star('name_first') . _Ti('person_input_name_first') . "</label><br />\n\t\t\t<input type='text' style='width: 100%;' id='name_first' name='name_first' class='formo' value='" . _session('name_first') . "' size='20'>\n\t\t</td>\n";
echo "<td>\n\t\t\t<label for='name_last'>" . f_err_star('name_last') . _Ti('person_input_name_last') . "</label><br />\n\t\t\t<input type='text' style='width: 100%;' id='name_last' name='name_last' class='formo' value='" . _session('name_last') . "' size='20'>\n\t\t</td>\n";
echo "</tr>\n";
echo "<tr>\n";
echo "<td colspan='2'>";
echo "<p><label for='email'>" . f_err_star('email') . _Ti('input_email') . "</label><br />";
echo "<input type='text' id='email' name='email' class='formo' value='" . _session('email') . "' size='40'></p>\n";
echo "<p><label for='username'>" . f_err_star('username') . _Ti('authoredit_input_username') . "</label> ";
echo "<small>" . _T('info_more_than_three') . "</small><br />";
echo "<input type='text' id='username' name='username' class='formo' value='" . _session('username') . "' size='40'></p>\n";
echo "<small>" . _T('pass_info_password_by_mail') . "</small>\n";
echo "</fieldset>\n";
echo "<p align=\"right\">";
echo '<button type="submit" name="Validate">' . _T('button_validate') . "</button>";
echo "</p>";
echo "</form>\n";
$_SESSION['form_data'] = array();
$_SESSION['errors'] = array();
}
// Check access rights
// if (!allowed($id_report,'e')) die("You don't have permission to change this case's information!");
// If admin access is allowed, set all fields
if (true) {
$q = "UPDATE lcm_report SET {$fl} WHERE id_report = " . _session('id_report');
} else {
$q = "UPDATE lcm_report SET {$fl} WHERE id_report = " . _session('id_report');
}
lcm_query($q);
} else {
$q = "INSERT INTO lcm_report\n\t\t\tSET date_creation=NOW(),\n\t\t\t\tline_src_type = '',\n\t\t\t\tline_src_name = '',\n\t\t\t\tcol_src_type = '',\n\t\t\t\tcol_src_name = '',\n\t\t\t\tfilecustom = '',\n\t\t\t\t{$fl}";
$result = lcm_query($q);
$_SESSION['form_data']['id_report'] = lcm_insert_id('lcm_report', 'id_report');
// Insert new case_author relation
//$q = "INSERT INTO lcm_case_author SET
// id_case=$id_case,
// id_author=$id_author,
// ac_read=1,
// ac_write=1,
// ac_admin=1";
}
// Some advanced ideas for future use
//$q="INSERT INTO lcm_case SET id_case=$id_case,$fl ON DUPLICATE KEY UPDATE $fl";
//$q="INSERT INTO lcm_case $cl VALUES $vl ON DUPLICATE KEY UPDATE $fl";
// $result = lcm_query($q);
// Forward to upd_rep_field.php if custom_report
if (_session('filecustom')) {
lcm_header("Location: upd_rep_field.php?" . "rep=" . _session('id_report') . "&filecustom=" . _session('filecustom'));
} else {
lcm_header("Location: rep_det.php?rep=" . _session('id_report'));
}
}
//
// Create or update case data
//
$case = new LcmCase($id_case);
$errs = $case->save();
if (count($errs)) {
$_SESSION['errors'] = array_merge($_SESSION['errors'], $errs);
lcm_header("Location: " . $_SERVER['HTTP_REFERER']);
exit;
}
//
// Create follow-up data
//
if (_request('add_fu')) {
include_lcm('inc_obj_fu');
$fu = new LcmFollowup(0, $case->getDataInt('id_case'));
$errs = $fu->save();
if (count($errs)) {
$_SESSION['errors'] = array_merge($_SESSION['errors'], $errs);
lcm_header("Location: " . $_SERVER['HTTP_REFERER']);
exit;
}
}
$send_to = _request('ref_edit_case', "case_det.php?case=" . $case->getDataInt('id_case'));
// Send to add_client if any client/org to attach
if (_session('attach_client') || _session('attach_org')) {
lcm_header("Location: add_client.php?case=" . $case->getDataInt('id_case') . (_session('attach_client') ? "&clients[]=" . _session('attach_client') : '') . (_session('attach_org') ? "&orgs[]=" . _session('attach_org') : '') . "&ref_sel_client=" . rawurlencode($send_to));
exit;
}
lcm_header("Location: " . $send_to);
public static function get_login_user()
{
return _session('user');
}
//
$obj_client = new LcmClient(_session('id_client'));
$errs = $obj_client->save();
if (count($errs)) {
$_SESSION['errors'] = array_merge($_SESSION['errors'], $errs);
lcm_header("Location: " . $ref_upd_client);
exit;
}
//
// Attach to case
//
if (_session('attach_case')) {
lcm_query("INSERT INTO lcm_case_client_org\n\t\t\t\tSET id_case = " . _session('attach_case') . ",\n\t\t\t\t\tid_client = " . $obj_client->getDataInt('id_client'));
}
//
// Add organisation
// [ML] 2007-01-11: not clear what this does. probably w.r.t "client represents orgs".
//
if (_session('new_org')) {
$q = "REPLACE INTO lcm_client_org\n\t\tVALUES (" . _session('id_client') . ',' . _session('new_org') . ")";
$result = lcm_query($q);
}
//
// Go to the 'view details' page of the author
//
// small reminder, if the client was created from the "add client to case" (Case details)
$attach = "";
if (_session('attach_case')) {
$attach = "&attach_case=" . _session('attach_case');
}
lcm_header('Location: client_det.php?client=' . $obj_client->getDataInt('id_client', '__ASSERT__') . $attach);
function moveFile($file)
{
if (strlen($file['name']) == 0 && $file['size'] == 0 && strlen($file['tmp_name']) == 0) {
return array();
}
$lnk = "";
$maxFileSize = $_POST['MAX_FILE_SIZE'];
$ifFileExists = $_POST['IF_FILE_EXISTS'];
//replace,noreplace
$fileAct = $_POST['FILE_ACTION'];
//create,replace,delete
$storeTxtToDB = $_POST['TEXT_EXTRACTION'];
//true,false,yes,no
$storeType = "fs";
$storePath = "attachments/";
if (strlen($file['src']) == 0) {
$file['src'] = "fs#attachments/";
}
if (strpos($file['src'], "fs#") === 0) {
$storePath = substr($file['src'], 3);
$storeType = "fs";
if (strlen($storePath) <= 0) {
$storePath = "attachments/";
}
} elseif (strpos($file['src'], "db#") === 0) {
$storePath = substr($file['src'], 3);
$storeType = "db";
if (strlen($storePath) <= 0) {
$storePath = _dbtable("files");
}
} else {
$file['src'] = "fs#attachments/";
$storePath = substr($file['src'], 3);
$storeType = "fs";
if (strlen($storePath) <= 0) {
$storePath = "attachments/";
}
}
$exts = explode(".", $file['name']);
if (count($exts) > 1) {
$ext = $exts[count($exts) - 1];
} else {
$ext = "";
}
$fname = substr($file['name'], 0, strlen($file['name']) - strlen($ext));
if (strpos($fname, ".") === strlen($fname) - 1) {
$fname = substr($fname, 0, strlen($fname) - 1);
}
if ($storeType == "fs") {
$newName = md5(rand() * time()) . "-" . str_replace(" ", "_", $fname);
$targetPath = APPROOT . APPS_USERDATA_FOLDER . "{$storePath}/{$newName}.{$ext}";
$targetPath = str_replace("//", "/", $targetPath);
if (!file_exists(dirname($targetPath))) {
mkdir(dirname($targetPath), 0777, true);
chmod(dirname($targetPath), 0777);
}
if (!file_exists(dirname($targetPath))) {
return array("Error" => "Failed To Create TargetPath Folder.");
}
if (file_exists($targetPath)) {
if ($ifFileExists == "replace") {
unlink($targetPath);
} elseif ($ifFileExists == "noreplace") {
return array("Error" => "File Exists At The Target.");
}
}
if ($fileSize < $maxFileSize) {
if (@move_uploaded_file($file['tmp_name'], $targetPath)) {
return str_replace("//", "/", "{$storePath}/{$newName}.{$ext}");
} else {
return array("Error" => "Failed To Move File To Destination.");
}
} else {
return array("Error" => "File Size Is More Then Max.");
}
} elseif ($storeType == "db") {
$date = date("Y-m-d");
$usr = getUserInfo();
$defData['date'] = $date;
$defData['time'] = date('H:i:s');
$defData['doc'] = $date;
$defData['doe'] = $date;
$defData['datestamp'] = date('Y-m-d H:i:s');
$defData['username'] = $usr['SESS_USER_NAME'];
$defData['userid'] = $usr['SESS_USER_ID'];
$defData['privilegeid'] = _session('SESS_PRIVILEGE_ID');
$defData['scanBy'] = _session('SESS_USER_ID');
$defData['site'] = SITENAME;
$fileName = $file['name'];
$fileType = $file['type'];
$fileSize = $file['size'];
$fileData = "";
$meta = "";
$txtData = "";
if (isset($_POST['tags'])) {
$tags = $_POST['tags'];
} else {
$tags = "";
}
if (isset($_POST['remarks'])) {
$remarks = $_POST['remarks'];
} else {
$remarks = "";
}
if ($fileSize < $maxFileSize) {
$fileData = file_get_contents($file['tmp_name']);
$fileData = mysql_real_escape_string($fileData);
if ($storeTxtToDB || $storeTxtToDB == "true") {
$txtData = getTextData($fileData, $fileType);
}
} else {
return array("Error" => "File Size Is More Then Max.");
}
if (strpos("#" . $storePath, $GLOBALS["DBCONFIG"]["DB_SYSTEM"]) == 1) {
$sysDb = true;
} else {
$sysDb = false;
}
$insertQuery = "INSERT INTO {$storePath} ";
$insertQuery .= "(datestamp,title,txt_data,file_name,file_data,file_type,file_size,remarks,tags,meta,site,userid,doc,doe) VALUES ";
$insertQuery .= "('{$defData['datestamp']}','{$fname}',\"{$txtData}\",'{$fileName}',\"{$fileData}\",'{$fileType}','{$fileSize}','{$remarks}','{$tags}',";
$insertQuery .= "'{$meta}','{$defData['site']}','{$defData['userid']}','{$defData['doc']}','{$defData['doe']}')";
//echo $insertQuery;
$a = _dbQuery($insertQuery, $sysDb);
if ($a) {
return _db($sysDb)->insert_id();
}
return array("Error" => "Error In MySQL Query.");
}
return array("Error" => "StorageType Not Supported.");
}
$result = lcm_query($q);
// Process the output of the query
if ($row = lcm_fetch_array($result)) {
// Get org details
foreach ($row as $key => $value) {
$_SESSION['form_data'][$key] = $value;
}
}
}
}
if ($org) {
lcm_page_start(_T('title_org_edit'), '', '', 'clients_neworg');
} else {
lcm_page_start(_T('title_org_new'), '', '', 'clients_neworg');
}
echo show_all_errors($_SESSION['errors']);
echo '<form action="upd_org.php" method="post">' . "\n";
if (_request('attach_case')) {
echo '<input type="hidden" name="attach_case" id="attach_case" value="' . _request('attach_case') . '" />' . "\n";
}
$obj_org = new LcmOrgInfoUI($org);
$obj_org->printEdit();
echo '<input type="hidden" name="ref_edit_org" value="' . _session('ref_edit_org') . '" />' . "\n";
echo '<p><button name="submit" type="submit" value="submit" class="simple_form_btn">' . _T('button_validate') . "</button></p>\n";
echo "</form>\n";
// Clear errors and form data
$_SESSION['errors'] = array();
$_SESSION['form_data'] = array();
$_SESSION['org_data'] = array();
// DEPRECATED since 0.6.4
lcm_page_end();
function get_date_inputs($name = 'select', $date = '', $blank = true, $table = false)
{
// $table parameter above is deprecated
// Extract date values
// First check in session variable (if error), fallback on $date
$split_date = recup_date($date);
$default_month = _session($name . '_month', $split_date[1]);
$default_day = _session($name . '_day', $split_date[2]);
$default_year = _session($name . '_year', $split_date[0]);
if ($default_day == '0' || $default_day == '00') {
$default_day = '';
}
if ($default_year == '0000') {
$default_year = '';
}
// If name is empty, disable fields
$dis = $name ? '' : 'disabled="disabled"';
$ret = "<input size=\"4\" type=\"text\" {$dis} value=\"{$default_day}\" name=\"" . $name . "_day\" id=\"" . $name . "_day\" />\n";
// Month of year
$ret .= "<select {$dis} name=\"" . $name . "_month\" id=\"" . $name . "_month\">";
for ($i = 1; $i <= 12; $i++) {
$default = isSelected($i == $default_month);
$ret .= "<option" . $default . " value=\"" . $i . "\">" . _T('date_month_' . $i) . "</option>";
}
if ($blank) {
$default = isSelected($default_month == 0);
$ret .= '<option' . $default . ' value=""></option>';
}
$ret .= "</select>\n";
// Year
$ret .= "<input size=\"4\" type=\"text\" {$dis} value=\"{$default_year}\" name=\"" . $name . "_year\" id=\"" . $name . "_year\" />\n";
return $ret;
}
function install_step_1()
{
install_html_start('AUTO', '', 1);
echo "<h3><small>" . _T('install_step_one') . "</small> " . _T('install_title_sql_connection') . "</h3>\n";
echo show_all_errors($_SESSION['errors']);
echo "<p class='simple_text'>" . _T('install_info_sql_connection') . " " . lcm_help("install_database") . "</p>\n";
$db_address = _session('db_address', 'localhost');
$db_login = _session('db_login');
$db_password = _session('db_password');
$db_choice = _session('db_choice');
// Fetch the previous configuration data to make things easier (if possible)
$lcm_config_prefix = isset($_SERVER['LcmConfigDir']) ? $_SERVER['LcmConfigDir'] : 'inc/config';
if (@file_exists($lcm_config_prefix . '/inc_connect_install.php')) {
$s = @join('', @file($lcm_config_prefix . '/inc_connect_install.php'));
if (ereg("mysql_connect\\([\"'](.*)[\"'],[\"'](.*)[\"'],[\"'](.*)[\"']\\)", $s, $regs)) {
$db_address = $regs[1];
$db_login = $regs[2];
} else {
if (ereg("lcm_connect_db\\('(.*)','(.*)','(.*)','(.*)','(.*)'\\)", $s, $regs)) {
$db_address = $regs[1];
if ($port_db = $regs[2]) {
$db_address .= ':' . $port_db;
}
$db_login = $regs[3];
}
}
}
echo "<form action='install.php' method='post'>\n";
echo "<input type='hidden' name='step' value='2' />\n";
echo "<fieldset class='fs_box'>\n";
echo "<div><label for='db_address'><strong>" . f_err_star('address') . _T('install_database_address') . "</strong></label></div>\n";
echo "<input type='text' id='db_address' name='db_address' value=\"{$db_address}\" size='40' class='txt_lmnt' />\n";
echo "<br />\n";
echo "<br />\n";
echo "<div><label for='db_login'><strong>" . f_err_star('login') . _T('install_connection_login') . "</strong></label></div>\n";
echo "<input type='text' id='db_login' name='db_login' value=\"{$db_login}\" size='40' class='txt_lmnt' />\n";
echo "<br />\n";
echo "<br />\n";
echo "<div><label for='db_password'><strong>" . f_err_star('password') . _T('install_connection_password') . "</strong></label></div>\n";
echo "<input type='password' id='db_password' name='db_password' value=\"{$db_password}\" size='40' class='txt_lmnt' />\n";
// Afaik, there is no way to get a list of databases in PgSQL
// without logging in first, and to login, you must provide DBname
if (preg_match("/^PostgreSQL/", lcm_sql_server_info())) {
echo "<br />\n";
echo "<br />\n";
echo "<div><label for='db_choice'><strong>" . f_err_star('dbname') . "Database name" . "</strong></label></div>\n";
// TRAD
echo "<input type='text' id='db_choice' name='db_choice' value=\"{$db_choice}\" size='40' class='txt_lmnt' />\n";
}
echo "</fieldset>\n";
echo "<div align='" . $GLOBALS['lcm_lang_right'] . "'>" . "<button type='submit' name='Next'>" . _T('button_next') . " >></button> " . "</div>\n";
echo "</form>\n";
install_html_end();
}
echo '<div id="case_data">';
$obj_case = new LcmCaseInfoUI($id_case);
$obj_case->printEdit();
echo "</div>\n";
/* div case_data */
echo "<script type=\"text/javascript\">\n\t\tautocomplete('casesearchkey', 'autocomplete-case-popup', 'ajax.php', 'autocomplete-case-data', 'case_data')\n\t</script>\n";
//
// Follow-up data (only for new case, not edit case)
//
if (!$id_case) {
echo '<p class="normal_text">';
echo '<input type="checkbox"' . isChecked(_session('add_fu')) . 'name="add_fu" id="box_new_followup" onclick="display_block(\'new_followup\', \'flip\')" />';
echo '<label for="box_new_followup">' . "Add a follow-up to the case" . '</label>';
// TRAD
echo "</p>\n";
echo '<div id="new_followup" ' . (_session('add_fu') ? '' : ' style="display: none;"') . '>';
show_page_subtitle("Follow-up information", 'followups_intro');
// TRAD
echo '<div id="autocomplete-fu-alt">';
$fu = new LcmFollowupInfoUI();
$fu->printEdit();
echo "</div>\n";
echo "</div>\n";
}
echo '<p><button name="submit" type="submit" value="submit" class="simple_form_btn">' . _T('button_validate') . "</button></p>\n";
echo '<input type="hidden" name="admin" value="' . $_SESSION['form_data']['admin'] . "\" />\n";
echo '<input type="hidden" name="ref_edit_case" value="' . $_SESSION['form_data']['ref_edit_case'] . "\" />\n";
echo "</form>\n\n";
// Reset error messages and form data
$_SESSION['errors'] = array();
$_SESSION['case_data'] = array();
show_context_stage($case, $id_stage);
} else {
// Normal follow-up
$result = lcm_query("SELECT stage FROM lcm_case WHERE id_case = " . $case);
$row = lcm_fetch_array($result);
if ($row['stage']) {
$stage_info = get_kw_from_name('stage', $row['stage']);
$id_stage = $stage_info['id_keyword'];
show_context_stage($case, $id_stage);
}
}
show_context_end();
// Show the errors (if any)
echo show_all_errors($_SESSION['errors']);
// Disable inputs when edit is not allowed for the field
$dis = $admin || $edit ? '' : 'disabled="disabled"';
echo '<form action="upd_fu.php" method="post">' . "\n";
$obj_fu = new LcmFollowupInfoUI($_SESSION['follow']);
$obj_fu->printEdit();
echo '<button name="submit" type="submit" value="submit" class="simple_form_btn">' . _T('button_validate') . "</button>\n";
echo '<input type="hidden" name="id_followup" value="' . _session('id_followup') . '" />';
echo '<input type="hidden" name="id_case" value="' . _session('id_case') . '">';
echo '<input type="hidden" name="id_app" value="' . _session('id_app', 0) . '">';
echo '<input type="hidden" name="ref_edit_fu" value="' . _session('ref_edit_fu') . '">';
echo "</form>\n";
lcm_page_end();
// Clear the errors, in case user jumps to other 'edit' page
$_SESSION['errors'] = array();
$_SESSION['form_data'] = array();
$_SESSION['fu_data'] = array();
// DEPRECATED LCM 0.7.0
function _randomid($d = "", $hash = true)
{
$s = SITENAME . "_" . date("Y-m-d-G:i:s") . "_" . _server('REMOTE_ADDR') . "_" . rand(1000, 9999999);
if (_session('SESS_USER_ID')) {
$s .= "_" . _session('SESS_USER_ID');
}
if ($hash) {
return $d . md5($s);
} else {
return $d . $s;
}
}
