function change_password() { global $author_session; if ($_SESSION['form_data']['status'] != 'admin' && $_SESSION['form_data']['status'] != 'normal' && empty($_SESSION['form_data']['username'])) { return; } // FIXME: include auth type according to 'auth_type' field in DB // default on 'db' if field not present/set. $class_auth = 'Auth_db'; include_lcm('inc_auth_db'); $auth = new $class_auth(); if (!$auth->init()) { lcm_log("pass change: failed auth init: " . $auth->error); $_SESSION['errors']['password_generic'] = $auth->error; return; } // Is user allowed to change the password? if (!$auth->is_newpass_allowed(_session('id_author'), _session('username'), $author_session)) { $_SESSION['errors']['password_generic'] = $auth->error; return; } // Confirm current password only if user is not admin // (this also applies to the creation of new authors, only admins can do that) if ($author_session['status'] != 'admin') { $valid_oldpass = false; // Try to validate with the MD5s if (_request('session_password_md5') && _request('next_session_password_md5')) { $valid_oldpass = $auth->validate_md5_challenge(_session('session_password_md5'), _session('next_session_password_md5')); } // If it didn't work, fallback on cleartext if (!$valid_oldpass) { $valid_oldpass = $auth->validate_pass_cleartext(_session('username'), _session('usr_old_passwd')); } if (!$valid_oldpass) { $_SESSION['errors']['password_current'] = _T('pass_warning_incorrect'); return; } } // Confirm matching passwords if (_session('usr_new_passwd') != _session('usr_retype_passwd')) { $_SESSION['errors']['password_confirm'] = _T('login_warning_password_dont_match'); return; } // Change the password $ok = $auth->newpass(_session('id_author'), _session('username'), _session('usr_new_passwd'), $author_session); if (!$ok) { lcm_log("New pass failed: " . $auth->error); $_SESSION['errors']['password_confirm'] = $auth->error; return; } }
function getQueryParams($map = null) { $params = array(); $params['site'] = SITENAME; $params['page'] = PAGE; $slug = explode("/", PAGE); if (count($slug) > 0) { $params['basepage'] = $slug[0]; } else { $params['basepage'] = $params['page']; } array_shift($slug); if (is_array($map) && count($map) > 0) { $params['slug'] = array(); array_unshift($map, ""); foreach ($map as $nx => $key) { if ($nx == 0) { continue; } if (isset($slug[$nx]) && strlen($slug[$nx]) > 0) { $params['slug'][$key] = $slug[$nx]; } } } else { $params['slug'] = $slug; } $params['query'] = _session('QUERY'); return $params; }
function LcmOrg($id_org = 0) { $id_org = intval($id_org); $this->cases = null; $this->case_start_from = 0; $this->LcmObject(); if ($id_org > 0) { $query = "SELECT * FROM lcm_org WHERE id_org = {$id_org}"; $result = lcm_query($query); if ($row = lcm_fetch_array($result)) { foreach ($row as $key => $val) { $this->data[$key] = $val; } } } // If any, populate form values submitted foreach ($_REQUEST as $key => $value) { $nkey = $key; if (substr($key, 0, 7) == 'org_') { $nkey = substr($key, 4); } $this->data[$nkey] = _request($key); } // If any, populate with session variables (for error reporting) if (isset($_SESSION['form_data'])) { foreach ($_SESSION['form_data'] as $key => $value) { $nkey = $key; if (substr($key, 0, 7) == 'org_') { $nkey = substr($key, 4); } $this->data[$nkey] = _session($key); } } }
function LcmClient($id_client = 0) { $id_client = intval($id_client); $this->cases = null; $this->case_start_from = 0; $this->LcmObject(); if ($id_client > 0) { $query = "SELECT * FROM lcm_client WHERE id_client = {$id_client}"; $result = lcm_query($query); if ($row = lcm_fetch_array($result)) { foreach ($row as $key => $val) { $this->data[$key] = $val; } } } // If any, populate form values submitted foreach ($_REQUEST as $key => $value) { $nkey = $key; if (substr($key, 0, 7) == 'client_') { $nkey = substr($key, 7); } $this->data[$nkey] = _request($key); } // If any, populate with session variables (for error reporting) if (isset($_SESSION['form_data'])) { foreach ($_SESSION['form_data'] as $key => $value) { $nkey = $key; if (substr($key, 0, 7) == 'client_') { $nkey = substr($key, 7); } $this->data[$nkey] = _session($key); } } if (get_datetime_from_array($_SESSION['form_data'], 'date_birth', 'start', -1) != -1) { $this->data['date_birth'] = get_datetime_from_array($_SESSION['form_data'], 'date_birth', 'start'); } }
function LcmExpenseComment($id_expense, $id_comment = 0) { $id_expense = intval($id_expense); $id_comment = intval($id_comment); $this->LcmObject(); if ($id_comment > 0) { $query = "SELECT ec.*, ec.id_expense, a.name_first, a.name_middle, a.name_last\n\t\t\t\t\t\tFROM lcm_expense_comment as ec, lcm_author as a\n\t\t\t\t\t\tWHERE ec.id_comment = {$id_comment}\n\t\t\t\t\t\t AND ec.id_expense = {$id_expense}\n\t\t\t\t\t\t AND ec.id_author = a.id_author"; $result = lcm_query($query); if ($row = lcm_fetch_array($result)) { foreach ($row as $key => $val) { $this->data[$key] = $val; } } else { lcm_panic("Comment not found."); } } else { $this->data['id_expense'] = $id_expense; $this->data['id_author'] = $GLOBALS['author_session']['id_author']; } // If any, populate form values submitted foreach ($_REQUEST as $key => $value) { $nkey = $key; if (substr($key, 0, 8) == 'comment_') { $nkey = substr($key, 8); } $this->data[$nkey] = _request($key); } // If any, populate with session variables (for error reporting) if (isset($_SESSION['form_data'])) { foreach ($_SESSION['form_data'] as $key => $value) { $nkey = $key; if (substr($key, 0, 8) == 'comment_') { $nkey = substr($key, 8); } $this->data[$nkey] = _session($key); } } if ($this->getDataInt('id_expense', '__ASSERT__') != $id_expense) { lcm_panic("id_expense of object does not match comment id_expense"); } }
echo "</select>\n"; echo "<button name=\"submit\" type=\"submit\" value=\"add_client\" class=\"simple_form_btn\">" . 'Add' . "</button>\n"; // TRAD echo "</td></tr>\n"; echo "</table>\n"; // Delete appointment if (_session('id_app', 0)) { // $checked = ($this->getDataString('hidden') == 'Y' ? ' checked="checked" ' : ''); $checked = $_SESSION['form_data']['hidden'] == 'Y' ? ' checked="checked" ' : ''; echo '<p class="normal_text">'; echo '<input type="checkbox"' . $checked . ' name="hidden" id="box_delete" />'; echo '<label for="box_delete">' . _T('app_info_delete') . '</label>'; echo "</p>\n"; } // Submit buttons echo '<button name="submit" type="submit" value="adddet" class="simple_form_btn">' . _T('button_validate') . "</button>\n"; echo '<input type="hidden" name="id_app" value="' . _session('id_app', 0) . '" />' . "\n"; echo '<input type="hidden" name="id_case" value="' . _session('id_case', 0) . '" />' . "\n"; echo '<input type="hidden" name="id_followup" value="' . _session('id_followup', 0) . '" />' . "\n"; // because of XHTML validation... if (_session('ref_edit_app')) { $ref_link = new Link(_session('ref_edit_app')); echo '<input type="hidden" name="ref_edit_app" value="' . $ref_link->getUrl() . '" />' . "\n"; } echo "</form>\n"; lcm_page_end(); // Clear the errors, in case user jumps to other 'edit' page $_SESSION['errors'] = array(); $_SESSION['app_data'] = array(); // DEPRECATED since 0.7.0 $_SESSION['form_data'] = array();
function LcmFollowupInfoUI($id_fu = 0) { $this->LcmFollowup($id_fu); // In printEdit(), whether to show "conclusion" fields $this->show_conclusion = false; if (_request('submit') == 'set_status' || _request('submit') == 'set_stage') { $this->show_conclusion = true; } elseif (_session('type') == 'stage_change' || is_status_change(_session('type'))) { $this->show_conclusion = true; } // In printEdit(), whether to check for sumbilled $this->show_sum_billed = read_meta('fu_sum_billed'); }
function printEdit() { // Read site configuration preferences $case_assignment_date = read_meta('case_assignment_date'); $case_alledged_crime = read_meta('case_alledged_crime'); $case_legal_reason = read_meta('case_legal_reason'); $case_allow_modif = read_meta('case_allow_modif'); echo '<table class="tbl_usr_dtl">' . "\n"; // Case ID (if editing existing case) if ($this->getDataInt('id_case')) { echo "<tr>" . "<td>" . _T('case_input_id') . "</td>" . "<td>" . $this->getDataInt('id_case') . '<input type="hidden" name="id_case" value="' . $this->getDataInt('id_case') . '" />' . "</td></tr>\n"; } echo '<tr><td><label for="input_case_title">' . f_err_star('title') . _T('case_input_title') . "</label></td>\n"; echo '<td><input size="35" name="title" id="input_case_title" value="' . clean_output($this->getDataString('title')) . '" class="search_form_txt" />'; echo "</td></tr>\n"; // Date of earlier assignment if ($case_assignment_date == 'yes') { echo "<tr>\n"; echo "<td>" . f_err_star('date_assignment') . _Ti('case_input_date_assigned') . "</td>\n"; echo "<td>" . get_date_inputs('assignment', $this->getDataString('date_assignment'), false) . "</td>\n"; echo "</tr>\n"; } // Legal reason if (substr($case_legal_reason, 0, 3) == 'yes') { echo '<tr><td><label for="input_legal_reason">' . f_err_star('legal_reason') . _T('case_input_legal_reason') . "</label>" . ($case_legal_reason == 'yes_mandatory' ? '<br/>(' . _T('keywords_input_policy_mandatory') . ')' : '') . "</td>\n"; echo '<td>'; echo '<textarea name="legal_reason" id="input_legal_reason" class="frm_tarea" rows="2" cols="60">'; echo clean_output($this->getDataString('legal_reason')); echo "</textarea>"; echo "</td>\n"; echo "</tr>\n"; } // Alledged crime if (substr($case_alledged_crime, 0, 3) == 'yes') { echo '<tr><td><label for="input_alledged_crime">' . f_err_star('alledged_crime') . _T('case_input_alledged_crime') . "</label>" . ($case_alledged_crime == 'yes_mandatory' ? '<br/>(' . _T('keywords_input_policy_mandatory') . ')' : '') . "</td>\n"; echo '<td>'; echo '<textarea name="alledged_crime" id="input_alledged_crime" class="frm_tarea" rows="2" cols="60">'; echo clean_output($this->getDataString('alledged_crime')); echo '</textarea>'; echo "</td>\n"; echo "</tr>\n"; } // Keywords (if any) show_edit_keywords_form('case', $this->getDataInt('id_case')); $id_stage = 0; // new case, stage not yet known if ($this->getDataString('stage')) { $stage = get_kw_from_name('stage', $this->getDataString('stage', '__ASSERT__')); $id_stage = $stage['id_keyword']; } show_edit_keywords_form('stage', $this->getDataInt('id_case'), $id_stage); // Notes echo "<tr>\n"; echo "<td><label for='input_case_notes'>" . f_err_star('case_notes') . _Ti('case_input_notes') . "</label></td>\n"; echo '<td><textarea name="case_notes" id="input_case_notes" class="frm_tarea" rows="3" cols="60">' . clean_output($this->getDataString('notes')) . "</textarea>\n" . "</td>\n"; echo "</tr>\n"; // Case status echo '<tr><td><label for="input_status">' . f_err_star('status') . _Ti('case_input_status') . "</label></td>\n"; echo '<td>'; echo '<select name="status" id="input_status" class="sel_frm">' . "\n"; $statuses = $this->getDataInt('id_case') ? array('draft', 'open', 'suspended', 'closed', 'merged') : array('draft', 'open'); foreach ($statuses as $s) { $sel = $s == $this->getDataString('status') ? ' selected="selected"' : ''; echo '<option value="' . $s . '"' . $sel . ">" . _T('case_status_option_' . $s) . "</option>\n"; } echo "</select></td>\n"; echo "</tr>\n"; // Case stage if (!$this->getDataString('stage')) { $this->data['stage'] = get_suggest_in_group_name('stage'); } $kws = get_keywords_in_group_name('stage'); echo '<tr><td><label for="input_stage">' . f_err_star('stage') . _T('case_input_stage') . "</label></td>\n"; echo '<td><select name="stage" id="input_stage" class="sel_frm">' . "\n"; foreach ($kws as $kw) { $sel = $kw['name'] == $this->data['stage'] ? ' selected="selected"' : ''; echo "\t\t\t\t<option value='" . $kw['name'] . "'" . "{$sel}>" . _T(remove_number_prefix($kw['title'])) . "</option>\n"; } echo "</select></td>\n"; echo "</tr>\n"; // Public access rights // FIXME FIXME FIXME if ($this->data['admin'] || read_meta('case_read_always') != 'yes' || read_meta('case_write_always') != 'yes') { $dis = isDisabled(!allowed($this->getDataInt('id_case'), 'a')); echo '<tr><td colspan="2">' . _T('case_input_collaboration') . ' <br /><ul>'; if (read_meta('case_read_always') != 'yes' || $GLOBALS['author_session']['status'] == 'admin') { echo '<li style="list-style-type: none;">'; echo '<input type="checkbox" name="public" id="case_public_read" value="yes"'; if ($_SESSION['form_data']['public']) { echo ' checked="checked"'; } echo "{$dis} />"; echo '<label for="case_public_read">' . _T('case_input_collaboration_read') . "</label></li>\n"; } if (read_meta('case_write_always') != 'yes' || _session('admin')) { echo '<li style="list-style-type: none;">'; echo '<input type="checkbox" name="pub_write" id="case_public_write" value="yes"'; if (_session('pub_write')) { echo ' checked="checked"'; } echo "{$dis} />"; echo '<label for="case_public_write">' . _T('case_input_collaboration_write') . "</label></li>\n"; } echo "</ul>\n"; echo "</td>\n"; echo "</tr>\n"; } echo "</table>\n"; }
<QBXML> <SignonMsgsRq> <SignonDesktopRq> <ClientDateTime>' . date('Y-m-d') . 'T' . date('H:i:s') . '</ClientDateTime> <ApplicationLogin>' . QBOE_APPLICATIONLOGIN . '</ApplicationLogin> <ConnectionTicket>' . QBOE_CONNECTION . '</ConnectionTicket> <Language>English</Language> <AppID>' . QBOE_APPLICATIONID . '</AppID> <AppVer>1</AppVer> </SignonDesktopRq> </SignonMsgsRq> </QBXML>'; // Send the request $response = _request($signon_xml, null, $debug); // Extract the session ticket $session = _session($response); // This is the request we're going to send $customerquery_xml = '<?xml version="1.0" ?> <?qbxml version="6.0"?> <QBXML> <SignonMsgsRq> <SignonTicketRq> <ClientDateTime>' . date('Y-m-d') . 'T' . date('H:i:s') . '</ClientDateTime> <SessionTicket>' . $session . '</SessionTicket> <Language>English</Language> <AppID>' . QBOE_APPLICATIONID . '</AppID> <AppVer>1</AppVer> </SignonTicketRq> </SignonMsgsRq> <QBXMLMsgsRq onError="stopOnError"> <CustomerQueryRq>
$params[$k] = $k . '=' . urlencode($v); } lcm_header('Location: edit_app.php?' . join('&', $params)); exit; } // Send user back to add/edit page's referer or (default) to appointment detail page switch (_session('submit')) { case 'add_author': case 'add_client': // Go back to edit the same appointment. Save the original referer lcm_header('Location: ' . $_SERVER['HTTP_REFERER']); break; case 'add': // Go back to the edit page's referer unset($_SESSION['errors']); lcm_header('Location: ' . _session('ref_edit_app', "app_det.php?app={$id_app}")); break; case 'addnew': // Open new appointment. Save the original referer unset($_SESSION['errors']); lcm_header('Location: edit_app.php?app=0&ref=' . _session('ref_edit_app', "app_det.php?app={$id_app}")); break; case 'adddet': case 'submit': default: // Go to appointment details unset($_SESSION['errors']); lcm_header("Location: app_det.php?app={$id_app}"); } exit; }
// // if (!read_meta('case_read_always') || $admin) { // echo ' <td><input type="checkbox" name="public" value="yes"'; // if ($_SESSION['form_data']['public']) echo ' checked'; // echo "></td>\n"; // } // // if (!read_meta('case_write_always') || $admin) { // echo ' <td><input type="checkbox" name="pub_write" value="yes"'; // if ($_SESSION['form_data']['pub_write']) echo ' checked'; // echo "></td>\n"; // } //? > </tr> // </table> // </td> // </tr> // //<?php // } //echo "</table>\n"; // Submit button echo '<input type="hidden" name="ref_edit_rep" value="' . _session('ref_edit_rep') . '">' . "\n"; echo '<button name="submit" type="submit" value="submit" class="simple_form_btn">' . _T('button_validate') . "</button>\n"; echo '</form>' . "\n"; echo "</fieldset>"; // Clear errors $_SESSION['errors'] = array(); $_SESSION['form_data'] = array(); $_SESSION['rep_data'] = array(); // DEPRECATED LCM 0.7.0 lcm_page_end();
function print_registration_form() { install_html_start(_T('pass_title_register'), 'login'); $link = new Link(); $url = $link->getUrl(); echo '<p align="left" class="normal_text">' . _T('pass_info_why_register') . "</p>\n"; echo show_all_errors(); echo "<form method='post' action='{$url}' style='border: 0px; margin: 0px;'>\n"; echo '<input type="hidden" name="register" value="data" />' . "\n"; echo "<fieldset><label><b>" . _T('info_your_contact_information') . "</b><br></label>\n"; // [ML] Altough not most problematic, could be better. But if someone // fixes here, please fix install.php also (step 4) echo "<table border='0'>\n"; echo "<tr>\n"; echo "<td>\n\t\t\t<label for='name_first'>" . f_err_star('name_first') . _Ti('person_input_name_first') . "</label><br />\n\t\t\t<input type='text' style='width: 100%;' id='name_first' name='name_first' class='formo' value='" . _session('name_first') . "' size='20'>\n\t\t</td>\n"; echo "<td>\n\t\t\t<label for='name_last'>" . f_err_star('name_last') . _Ti('person_input_name_last') . "</label><br />\n\t\t\t<input type='text' style='width: 100%;' id='name_last' name='name_last' class='formo' value='" . _session('name_last') . "' size='20'>\n\t\t</td>\n"; echo "</tr>\n"; echo "<tr>\n"; echo "<td colspan='2'>"; echo "<p><label for='email'>" . f_err_star('email') . _Ti('input_email') . "</label><br />"; echo "<input type='text' id='email' name='email' class='formo' value='" . _session('email') . "' size='40'></p>\n"; echo "<p><label for='username'>" . f_err_star('username') . _Ti('authoredit_input_username') . "</label> "; echo "<small>" . _T('info_more_than_three') . "</small><br />"; echo "<input type='text' id='username' name='username' class='formo' value='" . _session('username') . "' size='40'></p>\n"; echo "<small>" . _T('pass_info_password_by_mail') . "</small>\n"; echo "</fieldset>\n"; echo "<p align=\"right\">"; echo '<button type="submit" name="Validate">' . _T('button_validate') . "</button>"; echo "</p>"; echo "</form>\n"; $_SESSION['form_data'] = array(); $_SESSION['errors'] = array(); }
// Check access rights // if (!allowed($id_report,'e')) die("You don't have permission to change this case's information!"); // If admin access is allowed, set all fields if (true) { $q = "UPDATE lcm_report SET {$fl} WHERE id_report = " . _session('id_report'); } else { $q = "UPDATE lcm_report SET {$fl} WHERE id_report = " . _session('id_report'); } lcm_query($q); } else { $q = "INSERT INTO lcm_report\n\t\t\tSET date_creation=NOW(),\n\t\t\t\tline_src_type = '',\n\t\t\t\tline_src_name = '',\n\t\t\t\tcol_src_type = '',\n\t\t\t\tcol_src_name = '',\n\t\t\t\tfilecustom = '',\n\t\t\t\t{$fl}"; $result = lcm_query($q); $_SESSION['form_data']['id_report'] = lcm_insert_id('lcm_report', 'id_report'); // Insert new case_author relation //$q = "INSERT INTO lcm_case_author SET // id_case=$id_case, // id_author=$id_author, // ac_read=1, // ac_write=1, // ac_admin=1"; } // Some advanced ideas for future use //$q="INSERT INTO lcm_case SET id_case=$id_case,$fl ON DUPLICATE KEY UPDATE $fl"; //$q="INSERT INTO lcm_case $cl VALUES $vl ON DUPLICATE KEY UPDATE $fl"; // $result = lcm_query($q); // Forward to upd_rep_field.php if custom_report if (_session('filecustom')) { lcm_header("Location: upd_rep_field.php?" . "rep=" . _session('id_report') . "&filecustom=" . _session('filecustom')); } else { lcm_header("Location: rep_det.php?rep=" . _session('id_report')); }
} // // Create or update case data // $case = new LcmCase($id_case); $errs = $case->save(); if (count($errs)) { $_SESSION['errors'] = array_merge($_SESSION['errors'], $errs); lcm_header("Location: " . $_SERVER['HTTP_REFERER']); exit; } // // Create follow-up data // if (_request('add_fu')) { include_lcm('inc_obj_fu'); $fu = new LcmFollowup(0, $case->getDataInt('id_case')); $errs = $fu->save(); if (count($errs)) { $_SESSION['errors'] = array_merge($_SESSION['errors'], $errs); lcm_header("Location: " . $_SERVER['HTTP_REFERER']); exit; } } $send_to = _request('ref_edit_case', "case_det.php?case=" . $case->getDataInt('id_case')); // Send to add_client if any client/org to attach if (_session('attach_client') || _session('attach_org')) { lcm_header("Location: add_client.php?case=" . $case->getDataInt('id_case') . (_session('attach_client') ? "&clients[]=" . _session('attach_client') : '') . (_session('attach_org') ? "&orgs[]=" . _session('attach_org') : '') . "&ref_sel_client=" . rawurlencode($send_to)); exit; } lcm_header("Location: " . $send_to);
public static function get_login_user() { return _session('user'); }
// $obj_client = new LcmClient(_session('id_client')); $errs = $obj_client->save(); if (count($errs)) { $_SESSION['errors'] = array_merge($_SESSION['errors'], $errs); lcm_header("Location: " . $ref_upd_client); exit; } // // Attach to case // if (_session('attach_case')) { lcm_query("INSERT INTO lcm_case_client_org\n\t\t\t\tSET id_case = " . _session('attach_case') . ",\n\t\t\t\t\tid_client = " . $obj_client->getDataInt('id_client')); } // // Add organisation // [ML] 2007-01-11: not clear what this does. probably w.r.t "client represents orgs". // if (_session('new_org')) { $q = "REPLACE INTO lcm_client_org\n\t\tVALUES (" . _session('id_client') . ',' . _session('new_org') . ")"; $result = lcm_query($q); } // // Go to the 'view details' page of the author // // small reminder, if the client was created from the "add client to case" (Case details) $attach = ""; if (_session('attach_case')) { $attach = "&attach_case=" . _session('attach_case'); } lcm_header('Location: client_det.php?client=' . $obj_client->getDataInt('id_client', '__ASSERT__') . $attach);
function moveFile($file) { if (strlen($file['name']) == 0 && $file['size'] == 0 && strlen($file['tmp_name']) == 0) { return array(); } $lnk = ""; $maxFileSize = $_POST['MAX_FILE_SIZE']; $ifFileExists = $_POST['IF_FILE_EXISTS']; //replace,noreplace $fileAct = $_POST['FILE_ACTION']; //create,replace,delete $storeTxtToDB = $_POST['TEXT_EXTRACTION']; //true,false,yes,no $storeType = "fs"; $storePath = "attachments/"; if (strlen($file['src']) == 0) { $file['src'] = "fs#attachments/"; } if (strpos($file['src'], "fs#") === 0) { $storePath = substr($file['src'], 3); $storeType = "fs"; if (strlen($storePath) <= 0) { $storePath = "attachments/"; } } elseif (strpos($file['src'], "db#") === 0) { $storePath = substr($file['src'], 3); $storeType = "db"; if (strlen($storePath) <= 0) { $storePath = _dbtable("files"); } } else { $file['src'] = "fs#attachments/"; $storePath = substr($file['src'], 3); $storeType = "fs"; if (strlen($storePath) <= 0) { $storePath = "attachments/"; } } $exts = explode(".", $file['name']); if (count($exts) > 1) { $ext = $exts[count($exts) - 1]; } else { $ext = ""; } $fname = substr($file['name'], 0, strlen($file['name']) - strlen($ext)); if (strpos($fname, ".") === strlen($fname) - 1) { $fname = substr($fname, 0, strlen($fname) - 1); } if ($storeType == "fs") { $newName = md5(rand() * time()) . "-" . str_replace(" ", "_", $fname); $targetPath = APPROOT . APPS_USERDATA_FOLDER . "{$storePath}/{$newName}.{$ext}"; $targetPath = str_replace("//", "/", $targetPath); if (!file_exists(dirname($targetPath))) { mkdir(dirname($targetPath), 0777, true); chmod(dirname($targetPath), 0777); } if (!file_exists(dirname($targetPath))) { return array("Error" => "Failed To Create TargetPath Folder."); } if (file_exists($targetPath)) { if ($ifFileExists == "replace") { unlink($targetPath); } elseif ($ifFileExists == "noreplace") { return array("Error" => "File Exists At The Target."); } } if ($fileSize < $maxFileSize) { if (@move_uploaded_file($file['tmp_name'], $targetPath)) { return str_replace("//", "/", "{$storePath}/{$newName}.{$ext}"); } else { return array("Error" => "Failed To Move File To Destination."); } } else { return array("Error" => "File Size Is More Then Max."); } } elseif ($storeType == "db") { $date = date("Y-m-d"); $usr = getUserInfo(); $defData['date'] = $date; $defData['time'] = date('H:i:s'); $defData['doc'] = $date; $defData['doe'] = $date; $defData['datestamp'] = date('Y-m-d H:i:s'); $defData['username'] = $usr['SESS_USER_NAME']; $defData['userid'] = $usr['SESS_USER_ID']; $defData['privilegeid'] = _session('SESS_PRIVILEGE_ID'); $defData['scanBy'] = _session('SESS_USER_ID'); $defData['site'] = SITENAME; $fileName = $file['name']; $fileType = $file['type']; $fileSize = $file['size']; $fileData = ""; $meta = ""; $txtData = ""; if (isset($_POST['tags'])) { $tags = $_POST['tags']; } else { $tags = ""; } if (isset($_POST['remarks'])) { $remarks = $_POST['remarks']; } else { $remarks = ""; } if ($fileSize < $maxFileSize) { $fileData = file_get_contents($file['tmp_name']); $fileData = mysql_real_escape_string($fileData); if ($storeTxtToDB || $storeTxtToDB == "true") { $txtData = getTextData($fileData, $fileType); } } else { return array("Error" => "File Size Is More Then Max."); } if (strpos("#" . $storePath, $GLOBALS["DBCONFIG"]["DB_SYSTEM"]) == 1) { $sysDb = true; } else { $sysDb = false; } $insertQuery = "INSERT INTO {$storePath} "; $insertQuery .= "(datestamp,title,txt_data,file_name,file_data,file_type,file_size,remarks,tags,meta,site,userid,doc,doe) VALUES "; $insertQuery .= "('{$defData['datestamp']}','{$fname}',\"{$txtData}\",'{$fileName}',\"{$fileData}\",'{$fileType}','{$fileSize}','{$remarks}','{$tags}',"; $insertQuery .= "'{$meta}','{$defData['site']}','{$defData['userid']}','{$defData['doc']}','{$defData['doe']}')"; //echo $insertQuery; $a = _dbQuery($insertQuery, $sysDb); if ($a) { return _db($sysDb)->insert_id(); } return array("Error" => "Error In MySQL Query."); } return array("Error" => "StorageType Not Supported."); }
$result = lcm_query($q); // Process the output of the query if ($row = lcm_fetch_array($result)) { // Get org details foreach ($row as $key => $value) { $_SESSION['form_data'][$key] = $value; } } } } if ($org) { lcm_page_start(_T('title_org_edit'), '', '', 'clients_neworg'); } else { lcm_page_start(_T('title_org_new'), '', '', 'clients_neworg'); } echo show_all_errors($_SESSION['errors']); echo '<form action="upd_org.php" method="post">' . "\n"; if (_request('attach_case')) { echo '<input type="hidden" name="attach_case" id="attach_case" value="' . _request('attach_case') . '" />' . "\n"; } $obj_org = new LcmOrgInfoUI($org); $obj_org->printEdit(); echo '<input type="hidden" name="ref_edit_org" value="' . _session('ref_edit_org') . '" />' . "\n"; echo '<p><button name="submit" type="submit" value="submit" class="simple_form_btn">' . _T('button_validate') . "</button></p>\n"; echo "</form>\n"; // Clear errors and form data $_SESSION['errors'] = array(); $_SESSION['form_data'] = array(); $_SESSION['org_data'] = array(); // DEPRECATED since 0.6.4 lcm_page_end();
function get_date_inputs($name = 'select', $date = '', $blank = true, $table = false) { // $table parameter above is deprecated // Extract date values // First check in session variable (if error), fallback on $date $split_date = recup_date($date); $default_month = _session($name . '_month', $split_date[1]); $default_day = _session($name . '_day', $split_date[2]); $default_year = _session($name . '_year', $split_date[0]); if ($default_day == '0' || $default_day == '00') { $default_day = ''; } if ($default_year == '0000') { $default_year = ''; } // If name is empty, disable fields $dis = $name ? '' : 'disabled="disabled"'; $ret = "<input size=\"4\" type=\"text\" {$dis} value=\"{$default_day}\" name=\"" . $name . "_day\" id=\"" . $name . "_day\" />\n"; // Month of year $ret .= "<select {$dis} name=\"" . $name . "_month\" id=\"" . $name . "_month\">"; for ($i = 1; $i <= 12; $i++) { $default = isSelected($i == $default_month); $ret .= "<option" . $default . " value=\"" . $i . "\">" . _T('date_month_' . $i) . "</option>"; } if ($blank) { $default = isSelected($default_month == 0); $ret .= '<option' . $default . ' value=""></option>'; } $ret .= "</select>\n"; // Year $ret .= "<input size=\"4\" type=\"text\" {$dis} value=\"{$default_year}\" name=\"" . $name . "_year\" id=\"" . $name . "_year\" />\n"; return $ret; }
function install_step_1() { install_html_start('AUTO', '', 1); echo "<h3><small>" . _T('install_step_one') . "</small> " . _T('install_title_sql_connection') . "</h3>\n"; echo show_all_errors($_SESSION['errors']); echo "<p class='simple_text'>" . _T('install_info_sql_connection') . " " . lcm_help("install_database") . "</p>\n"; $db_address = _session('db_address', 'localhost'); $db_login = _session('db_login'); $db_password = _session('db_password'); $db_choice = _session('db_choice'); // Fetch the previous configuration data to make things easier (if possible) $lcm_config_prefix = isset($_SERVER['LcmConfigDir']) ? $_SERVER['LcmConfigDir'] : 'inc/config'; if (@file_exists($lcm_config_prefix . '/inc_connect_install.php')) { $s = @join('', @file($lcm_config_prefix . '/inc_connect_install.php')); if (ereg("mysql_connect\\([\"'](.*)[\"'],[\"'](.*)[\"'],[\"'](.*)[\"']\\)", $s, $regs)) { $db_address = $regs[1]; $db_login = $regs[2]; } else { if (ereg("lcm_connect_db\\('(.*)','(.*)','(.*)','(.*)','(.*)'\\)", $s, $regs)) { $db_address = $regs[1]; if ($port_db = $regs[2]) { $db_address .= ':' . $port_db; } $db_login = $regs[3]; } } } echo "<form action='install.php' method='post'>\n"; echo "<input type='hidden' name='step' value='2' />\n"; echo "<fieldset class='fs_box'>\n"; echo "<div><label for='db_address'><strong>" . f_err_star('address') . _T('install_database_address') . "</strong></label></div>\n"; echo "<input type='text' id='db_address' name='db_address' value=\"{$db_address}\" size='40' class='txt_lmnt' />\n"; echo "<br />\n"; echo "<br />\n"; echo "<div><label for='db_login'><strong>" . f_err_star('login') . _T('install_connection_login') . "</strong></label></div>\n"; echo "<input type='text' id='db_login' name='db_login' value=\"{$db_login}\" size='40' class='txt_lmnt' />\n"; echo "<br />\n"; echo "<br />\n"; echo "<div><label for='db_password'><strong>" . f_err_star('password') . _T('install_connection_password') . "</strong></label></div>\n"; echo "<input type='password' id='db_password' name='db_password' value=\"{$db_password}\" size='40' class='txt_lmnt' />\n"; // Afaik, there is no way to get a list of databases in PgSQL // without logging in first, and to login, you must provide DBname if (preg_match("/^PostgreSQL/", lcm_sql_server_info())) { echo "<br />\n"; echo "<br />\n"; echo "<div><label for='db_choice'><strong>" . f_err_star('dbname') . "Database name" . "</strong></label></div>\n"; // TRAD echo "<input type='text' id='db_choice' name='db_choice' value=\"{$db_choice}\" size='40' class='txt_lmnt' />\n"; } echo "</fieldset>\n"; echo "<div align='" . $GLOBALS['lcm_lang_right'] . "'>" . "<button type='submit' name='Next'>" . _T('button_next') . " >></button> " . "</div>\n"; echo "</form>\n"; install_html_end(); }
echo '<div id="case_data">'; $obj_case = new LcmCaseInfoUI($id_case); $obj_case->printEdit(); echo "</div>\n"; /* div case_data */ echo "<script type=\"text/javascript\">\n\t\tautocomplete('casesearchkey', 'autocomplete-case-popup', 'ajax.php', 'autocomplete-case-data', 'case_data')\n\t</script>\n"; // // Follow-up data (only for new case, not edit case) // if (!$id_case) { echo '<p class="normal_text">'; echo '<input type="checkbox"' . isChecked(_session('add_fu')) . 'name="add_fu" id="box_new_followup" onclick="display_block(\'new_followup\', \'flip\')" />'; echo '<label for="box_new_followup">' . "Add a follow-up to the case" . '</label>'; // TRAD echo "</p>\n"; echo '<div id="new_followup" ' . (_session('add_fu') ? '' : ' style="display: none;"') . '>'; show_page_subtitle("Follow-up information", 'followups_intro'); // TRAD echo '<div id="autocomplete-fu-alt">'; $fu = new LcmFollowupInfoUI(); $fu->printEdit(); echo "</div>\n"; echo "</div>\n"; } echo '<p><button name="submit" type="submit" value="submit" class="simple_form_btn">' . _T('button_validate') . "</button></p>\n"; echo '<input type="hidden" name="admin" value="' . $_SESSION['form_data']['admin'] . "\" />\n"; echo '<input type="hidden" name="ref_edit_case" value="' . $_SESSION['form_data']['ref_edit_case'] . "\" />\n"; echo "</form>\n\n"; // Reset error messages and form data $_SESSION['errors'] = array(); $_SESSION['case_data'] = array();
show_context_stage($case, $id_stage); } else { // Normal follow-up $result = lcm_query("SELECT stage FROM lcm_case WHERE id_case = " . $case); $row = lcm_fetch_array($result); if ($row['stage']) { $stage_info = get_kw_from_name('stage', $row['stage']); $id_stage = $stage_info['id_keyword']; show_context_stage($case, $id_stage); } } show_context_end(); // Show the errors (if any) echo show_all_errors($_SESSION['errors']); // Disable inputs when edit is not allowed for the field $dis = $admin || $edit ? '' : 'disabled="disabled"'; echo '<form action="upd_fu.php" method="post">' . "\n"; $obj_fu = new LcmFollowupInfoUI($_SESSION['follow']); $obj_fu->printEdit(); echo '<button name="submit" type="submit" value="submit" class="simple_form_btn">' . _T('button_validate') . "</button>\n"; echo '<input type="hidden" name="id_followup" value="' . _session('id_followup') . '" />'; echo '<input type="hidden" name="id_case" value="' . _session('id_case') . '">'; echo '<input type="hidden" name="id_app" value="' . _session('id_app', 0) . '">'; echo '<input type="hidden" name="ref_edit_fu" value="' . _session('ref_edit_fu') . '">'; echo "</form>\n"; lcm_page_end(); // Clear the errors, in case user jumps to other 'edit' page $_SESSION['errors'] = array(); $_SESSION['form_data'] = array(); $_SESSION['fu_data'] = array(); // DEPRECATED LCM 0.7.0
function _randomid($d = "", $hash = true) { $s = SITENAME . "_" . date("Y-m-d-G:i:s") . "_" . _server('REMOTE_ADDR') . "_" . rand(1000, 9999999); if (_session('SESS_USER_ID')) { $s .= "_" . _session('SESS_USER_ID'); } if ($hash) { return $d . md5($s); } else { return $d . $s; } }