function confirmUser($_POST) { extract($_POST); # validate input require_lib("validate"); $v = new validate(); $v->isOk($oldusrnme, "string", 1, 20, "Invalid old username."); $v->isOk($username, "string", 1, 20, "Invalid username."); $v->isOk($chgpass, "string", 2, 3, "Tempering with 'change pass' detected."); # change to upper case $chgpass = strtoupper($chgpass); # display errors, if any if ($v->isError()) { $theseErrors = ""; $errors = $v->getErrors(); foreach ($errors as $e) { $theseErrors .= "<li class='err'>" . $e["msg"] . "</li>"; } $theseErrors .= "\n\t\t\t<p>\n\t\t\t<input type='button' onClick='JavaScript:history.back();' value='« Correct submission'>\n\t\t\t<table " . TMPL_tblDflts . ">\n\t\t\t\t<tr>\n\t\t\t\t\t<th>Quick Links</th>\n\t\t\t\t</tr>\n\t\t\t\t<script>document.write(getQuicklinkSpecial());</script>\n\t\t\t</table>"; return $theseErrors; } $OUTPUT = ""; db_conn("cubit"); if ($chgpass == "YES") { $v->isOk($password, "string", 1, 20, "Invalid password."); $v->isOk($password2, "string", 1, 20, "Invalid password."); $v->pwMatch($password, $password2, "Passwords do not match."); # display errors, if any if ($v->isError()) { $theseErrors = ""; $errors = $v->getErrors(); foreach ($errors as $e) { $theseErrors .= "<li class='err'>" . $e["msg"] . "</li>"; } $theseErrors .= "<p><input type='button' onClick='JavaScript:history.back();' value='« Correct submission'>"; return $theseErrors; } # make MD#5 of new password $MD5_PASS = md5($password); } else { $sql = db_exec("SELECT password FROM users WHERE username='******'"); if (pg_num_rows($sql) < 1) { errDie("No such user :/", SELF); } $MD5_PASS = pg_result($sql, 0, 0); } $_POST['MD5_PASS'] = $MD5_PASS; $_POST['empnum'] = $empnum; $_POST['tool'] = $tool; // write user $OUTPUT .= writeUser($_POST); db_connect(); #we only remove the department that the user selected ... $get_dept_scripts = "SELECT script FROM deptscripts WHERE dept = '{$old_dept}'"; $run_dept_scripts = db_exec($get_dept_scripts) or errDie("Unable to get department script information."); if (pg_numrows($run_dept_scripts) < 1) { #no scripts for this department } else { while ($ddarr = pg_fetch_array($run_dept_scripts)) { $Sql = "DELETE FROM userscripts WHERE username='******' AND script = '{$ddarr['script']}'"; $Ex = db_exec($Sql) or errDie("Unable to clear old user script permissions."); } } // $Sql = "INSERT INTO userscripts (username, script, div) VALUES ('$username', 'top_menu.php', '".USER_DIV."')"; // $Ex = db_exec ($Sql) or errDie ("Unable to add user to database."); // $Sql = "INSERT INTO userscripts (username, script, div) VALUES ('$username', 'getimg.php', '".USER_DIV."')"; // $Ex = db_exec ($Sql) or errDie ("Unable to add user to database."); // $Sql = "INSERT INTO userscripts (username, script, div) VALUES ('$username', 'diary.php', '".USER_DIV."')"; // $Ex = db_exec ($Sql) or errDie ("Unable to add user to database."); // $Sql = "INSERT INTO userscripts (username, script, div) VALUES ('$username', 'diary-day.php', '".USER_DIV."')"; // $Ex = db_exec ($Sql) or errDie ("Unable to add user to database."); // $Sql = "INSERT INTO userscripts (username, script, div) VALUES ('$username', 'glodiary.php', '".USER_DIV."')"; // $Ex = db_exec ($Sql) or errDie ("Unable to add user to database."); // $Sql = "INSERT INTO userscripts (username, script, div) VALUES ('$username', 'glodiary-day.php', '".USER_DIV."')"; // $Ex = db_exec ($Sql) or errDie ("Unable to add user to database."); // $Sql = "INSERT INTO userscripts (username, script, div) VALUES ('$username', 'todo.php', '".USER_DIV."')"; // $Ex = db_exec ($Sql) or errDie ("Unable to add user to database."); // $Sql = "INSERT INTO userscripts (username, script, div) VALUES ('$username', 'index_die.php', '".USER_DIV."')"; // $Ex = db_exec ($Sql) or errDie ("Unable to add user to database."); // $Sql = "INSERT INTO userscripts (username, script, div) VALUES ('$username', 'index-services.php', '".USER_DIV."')"; // $Ex = db_exec ($Sql) or errDie ("Unable to add user to database."); #add permissions from this department if (isset($perm) and $perm != '') { foreach ($perm as $key => $value) { $sql = "INSERT INTO userscripts (username, script, div) VALUES ('{$username}', '{$value}', '" . USER_DIV . "')"; $nwUsrRslt = db_exec($sql) or errDie("Unable to add user to database."); } } #add whole department if they were selected if (isset($deps)) { foreach ($deps as $key => $value) { $sql = "SELECT script FROM deptscripts WHERE dept = '{$key}'"; $depRs = db_exec($sql); while ($depscr = pg_fetch_array($depRs)) { $sql = "INSERT INTO userscripts (username, script, div) VALUES ('{$username}', '{$depscr['script']}', '" . USER_DIV . "')"; $nwUsrRslt = db_exec($sql) or errDie("Unable to add user to database."); } } } #remove whole departments if they were selected if (isset($depsrem)) { foreach ($depsrem as $key => $value) { $sql = "SELECT script FROM deptscripts WHERE dept = '{$key}'"; $depRs = db_exec($sql); while ($depscr = pg_fetch_array($depRs)) { $sql = "DELETE FROM userscripts WHERE username='******' AND script='{$depscr['script']}'"; $nwUsrRslt = db_exec($sql) or errDie("Unable to add user to database."); } } } // Provide some info on status $OUTPUT = "\n\t\t<table " . TMPL_tblDflts . " width='50%'>\n\t\t\t<tr>\n\t\t\t\t<th>Committed changes to user</th>\n\t\t\t</tr>\n\t\t\t<tr class='" . bg_class() . "'>\n\t\t\t\t<td>User, {$username}, was successfully edited.</td>\n\t\t\t</tr>\n\t\t</table>"; $OUTPUT .= editUser($_POST); return $OUTPUT; }
# # # # # # # admin-usradd.php :: Module to add users to the system ## require "settings.php"; if ($_POST) { switch ($_POST["key"]) { case "confirm": $OUTPUT = confirmUser($_POST); break; case "write": $OUTPUT = writeUser($_POST); break; default: $OUTPUT = enterUser(); } } elseif (isset($_GET["err"])) { # get vars from _GET foreach ($_GET as $key => $value) { ${$key} = $value; } $OUTPUT = enterUser($username, $err); } else { $OUTPUT = enterUser(); } require "template.php"; ##
// PASSWORD EQUAL TO LOGIN NAME $user->utype = "User"; if (($id = existIn($user->login)) > 0) { $user->newid = $id; } else { $largestId++; $user->newid = $largestId; } $users[$row['userid']] = $user; } echo "Part 1: extract data from Bugzilla database, construct users and user_email tables</br>"; //var_dump($users); //up to now the user data is complete and compitable with LDAP, the original //user data in Redmine PostgreSQL. //The next step is write the extra user data into Redmine PostgreSQL writeUser($users); //add content to table, email_address, which indicates the email address of //each user addEmail($users); echo "Part 2: construct member table"; /* several steps are necessary in this part. the first step is importing Developer members into each project, the second * step is importing Reporter members into each project. */ //step 1 $developers = array(); $sql = "SELECT DISTINCT assigned_to,login_name, product_id, name FROM bugs,products,profiles WHERE bugs.product_id = products.id and profiles.userid = assigned_to"; $result = mysqli_query($mysqlCon, $sql) or die(mysqli_error() . $sql); while ($row = mysqli_fetch_array($result)) { $developer = new stdClass(); $developer->id = mapuserid($row['login_name']); $developer->projectid = mapprojectid($row['name']);
function makenews($i_args, &$o_out) { global $FileMaxLength; $news = $i_args['news']; // Ensure that news has a path: if (false == array_key_exists('path', $news)) { $o_out['error'] = 'News can`t be without a path.'; return; } $path = $news['path']; // Path should not be an empty string: if (strlen($path) == 0) { $o_out['error'] = 'Path is an empty string.'; return; } // Ensure that the first path character is '/': if ($path[0] != '/') { $path = '/' . $path; } // Ensure that path last character is not '/' (if path is not just '/' root): if ($path != '/' && $path[strlen($path - 1)] == '/') { $path = substr($path, 0, $strlen($path) - 1); } // Process recent for current and each parent folders till root: for ($i = 0; $i <= 100; $i++) { // Simple loop check: if ($i >= 100) { error_log('News: Recent path loop.'); break; } //error_log('path='.$path); $rarray = array(); // Get existing recent: $rfile = $i_args['root'] . $path . '/' . $i_args['rufolder'] . '/' . $i_args['recent_file']; if (is_file($rfile)) { if ($rhandle = fopen($rfile, 'r')) { flock($rhandle, LOCK_SH); $rdata = fread($rhandle, $FileMaxLength); flock($rhandle, LOCK_UN); fclose($rhandle); $rarray = json_decode($rdata, true); if (is_null($rarray)) { $rarray = array(); } $count = count($rarray); if ($count) { if ($i) { // Remove all news with the same path from all parent folders, // so folder has only one recent from each child: for ($j = 0; $j < $count; $j++) { if ($rarray[$j]['path'] == $news['path']) { array_splice($rarray, $j, 1); $count = count($rarray); $j--; } } } else { // Remove latest recent news if it is the same: if ($rarray[0]['path'] == $news['path'] && $rarray[0]['title'] == $news['title'] && $rarray[0]['user'] == $news['user']) { array_splice($rarray, 0, 1); } } while (count($rarray) >= $i_args['recent_max']) { array_pop($rarray); } } } } // Add new recent: array_unshift($rarray, $news); // Save recent: if (false == is_dir(dirname($rfile))) { mkdir(dirname($rfile)); } if ($rhandle = fopen($rfile, 'w')) { flock($rhandle, LOCK_EX); fwrite($rhandle, jsonEncode($rarray)); flock($rhandle, LOCK_UN); fclose($rhandle); } // Exit cycle if path is root: if (strlen($path) == 0) { break; } // Set path to parent folder: $path_prev = $path; $path = substr($path, 0, strrpos($path, '/')); // Stop cycle if can't go to parent folder: if ($path == $path_prev) { break; } } // Process users subsriptions: // Read users: $users = array(); getallusers($users); if (array_key_exists('error', $users)) { $o_out['error'] = $users['error']; return; } $users = $users['users']; if (count($users) == 0) { $o_out['error'] = 'No users found.'; return; } // User may be does not want to receive own news: $ignore_own = false; if (isset($i_args['ignore_own']) && $i_args['ignore_own']) { $ignore_own = true; } // Get subscribed users: $sub_users = array(); $o_out['users'] = array(); foreach ($users as &$user) { // If this is news owner: if ($news['user'] == $user['id']) { // Store last news time: $user['ntime'] = time(); writeUser($user); // If user does not want to receive own news: if ($ignore_own) { continue; } } if (array_key_exists('artists', $news)) { if (in_array($user['id'], $news['artists'])) { array_push($sub_users, $user); if (false === array_search($user['id'], $o_out['users'])) { array_push($o_out['users'], $user['id']); } continue; } } if (array_key_exists('channels', $user)) { foreach ($user['channels'] as $channel) { if (strpos($news['path'], $channel['id']) === 0) { array_push($sub_users, $user); array_push($o_out['users'], $user['id']); break; } } } } // Add news and write files: foreach ($sub_users as &$user) { // Delete older news with the same path: for ($i = 0; $i < count($user['news']); $i++) { if ($user['news'][$i]['path'] == $news['path']) { array_splice($user['news'], $i, 1); break; } } // Add news to the beginning of array: array_unshift($user['news'], $news); // Delete news above the limit: $limit = $i_args['limit']; if (array_key_exists('news_limit', $user)) { if ($user['news_limit'] > 0) { $limit = $user['news_limit']; } } while (count($user['news']) > $limit) { array_pop($user['news']); } // Write user file: writeUser($user); // Send emails if (array_key_exists('email', $user) == false) { continue; } if (array_key_exists('email_news', $user) == false) { continue; } if ($user['email_news'] != true) { continue; } $mail = array(); $mail['from_title'] = $i_args['email_from_title']; $mail['address'] = $user['email']; $mail['subject'] = $i_args['email_subject']; $mail['body'] = $i_args['email_body']; $out = array(); jsf_sendmail($mail, $out); } }
// If form was submitted, edit entry or confirm entry or write entry if ($_GET) { if ($_GET['username']) { // print form for data entry $OUTPUT = editUser($_GET['username']); } else { // Invalid use, display error errDie("ERROR: Invalid use of module.", SELF); } } elseif ($_POST) { if ($_POST['a'] == "confirm") { // ask for confirmation $OUTPUT = confirmUser($_POST['oldusrnme'], $_POST['username'], $_POST['chgpass'], $_POST['password'], $_POST['password2'], $_POST['perm'], $_POST['depart']); } elseif ($_POST['a'] == "write") { // write changes to database $OUTPUT = writeUser($_POST['oldusrnme'], $_POST['username'], $_POST['MD5_PASS'], $_POST['depart']); } else { // Invalid use, display error errDie("ERROR: Invalid use of module.", SELF); } } else { // Invalid use, display error errDie("ERROR: Invalid use of module.", SELF); } # require template require "libs/template.php"; /* * Functions * */ // Prints a form to edit user with