Ejemplo n.º 1
0
 function preprocess()
 {
     // check for posts before drawing anything, so we can redirect
     if (isset($_REQUEST['reginput'])) {
         $input = strtoupper(trim($_REQUEST['reginput']));
         // CL always exits
         if ($input == "CL") {
             PaycardLib::paycard_reset();
             CoreLocal::set("msgrepeat", 1);
             CoreLocal::set("strRemembered", 'TO');
             CoreLocal::set("toggletax", 0);
             CoreLocal::set("togglefoodstamp", 0);
             $this->change_page($this->page_url . "gui-modules/pos2.php");
             return False;
         }
         $continue = false;
         // when voiding tenders, the input must be an FEC's passcode
         if (CoreLocal::get("paycard_mode") == PaycardLib::PAYCARD_MODE_VOID && $input != "" && substr($input, -2) != "CL") {
             $db = Database::pDataConnect();
             if (Authenticate::checkPermission($input, 11)) {
                 CoreLocal::set("adminP", $input);
                 $continue = true;
             }
         }
         // when voiding items, no code is necessary, only confirmation
         if (CoreLocal::get("paycard_mode") != PaycardLib::PAYCARD_MODE_VOID && $input == "") {
             $continue = true;
         }
         // go?
         if ($continue) {
             // send the request, then disable the form
             $this->add_onload_command('paycard_submitWrapper();');
             $this->action = "onsubmit=\"return false;\"";
         }
         // if we're still here, display prompt again
     } else {
         if (CoreLocal::get("paycard_mode") == PaycardLib::PAYCARD_MODE_AUTH) {
             // call paycard_void on first load to set up
             // transaction and check for problems
             $id = CoreLocal::get("paycard_id");
             foreach (CoreLocal::get("RegisteredPaycardClasses") as $rpc) {
                 $myObj = new $rpc();
                 if ($myObj->handlesType(CoreLocal::get("paycard_type"))) {
                     $ret = $myObj->paycard_void($id);
                     if (isset($ret['output']) && !empty($ret['output'])) {
                         CoreLocal::set("boxMsg", $ret['output']);
                         $this->change_page($this->page_url . "gui-modules/boxMsg2.php");
                         return False;
                     }
                     break;
                 }
             }
         }
     }
     return True;
 }
Ejemplo n.º 2
0
 function mgrauthenticate($password)
 {
     $ret = array('cancelOrder' => false, 'msg' => _('password invalid'), 'heading' => _('re-enter password'), 'giveUp' => false);
     $password = strtoupper($password);
     $password = str_replace("'", "", $password);
     if (!isset($password) || strlen($password) < 1 || $password == "CL") {
         $ret['giveUp'] = true;
         return $ret;
     }
     $priv = sprintf("%d", CoreLocal::get("SecurityCancel"));
     if (Authenticate::checkPermission($password, $priv)) {
         $this->cancelorder();
         $ret['cancelOrder'] = true;
         $ret['trans_num'] = ReceiptLib::receiptNumber();
         $dbc = Database::tDataConnect();
         $dbc->query("update localtemptrans set trans_status = 'X'");
         TransRecord::finalizeTransaction(true);
         if (CoreLocal::get('LoudLogins') == 1) {
             UdpComm::udpSend('twoPairs');
         }
     } else {
         if (CoreLocal::get('LoudLogins') == 1) {
             UdpComm::udpSend('errorBeep');
         }
     }
     return $ret;
 }
Ejemplo n.º 3
0
 function preprocess()
 {
     $this->box_color = "coloredArea";
     $this->msg = _("enter admin password");
     // get calling class (required)
     $class = isset($_REQUEST['class']) ? $_REQUEST['class'] : '';
     $pos_home = MiscLib::base_url() . 'gui-modules/pos2.php';
     if ($class === '' || !class_exists($class)) {
         $this->change_page($pos_home);
         return False;
     }
     // make sure calling class implements required
     // method and properties
     try {
         $method = new ReflectionMethod($class, 'adminLoginCallback');
         if (!$method->isStatic() || !$method->isPublic()) {
             throw new Exception('bad method adminLoginCallback');
         }
         $property = new ReflectionProperty($class, 'adminLoginMsg');
         if (!$property->isStatic() || !$property->isPublic()) {
             throw new Exception('bad property adminLoginMsg');
         }
         $property = new ReflectionProperty($class, 'adminLoginLevel');
         if (!$property->isStatic() || !$property->isPublic()) {
             throw new Exception('bad property adminLoginLevel');
         }
     } catch (Exception $e) {
         $this->change_page($pos_home);
         return False;
     }
     $this->heading = $class::$adminLoginMsg;
     if (isset($_REQUEST['reginput']) || isset($_REQUEST['userPassword'])) {
         $passwd = '';
         if (isset($_REQUEST['reginput']) && !empty($_REQUEST['reginput'])) {
             $passwd = $_REQUEST['reginput'];
         } else {
             if (isset($_REQUEST['userPassword']) && !empty($_REQUEST['userPassword'])) {
                 $passwd = $_REQUEST['userPassword'];
             }
         }
         if (strtoupper($passwd) == "CL") {
             $class::adminLoginCallback(False);
             $this->change_page($this->page_url . "gui-modules/pos2.php");
             return False;
         } else {
             if (empty($passwd)) {
                 $this->box_color = "errorColoredArea";
                 $this->msg = _("re-enter admin password");
             } else {
                 $db = Database::pDataConnect();
                 if (Authenticate::checkPermission($passwd, $class::$adminLoginLevel)) {
                     $row = Authenticate::getEmployeeByPassword($passwd);
                     TransRecord::add_log_record(array('upc' => $row['emp_no'], 'description' => substr($class::$adminLoginMsg . ' ' . $row['FirstName'], 0, 30), 'charflag' => 'PW', 'num_flag' => $row['emp_no']));
                     if (CoreLocal::get('LoudLogins') == 1) {
                         UdpComm::udpSend('twoPairs');
                     }
                     $result = $class::adminLoginCallback(True);
                     if ($result === True) {
                         $this->change_page(MiscLib::base_url() . 'gui-modules/pos2.php');
                     } else {
                         $this->change_page($result);
                     }
                     return False;
                 } else {
                     $this->box_color = "errorColoredArea";
                     $this->msg = _("re-enter admin password");
                     TransRecord::add_log_record(array('upc' => $passwd, 'description' => substr($class::$adminLoginMsg, 0, 30), 'charflag' => 'PW'));
                     if (CoreLocal::get('LoudLogins') == 1) {
                         UdpComm::udpSend('errorBeep');
                     }
                 }
             }
         }
     } else {
         // beep on initial page load
         if (CoreLocal::get('LoudLogins') == 1) {
             UdpComm::udpSend('twoPairs');
         }
     }
     return True;
 }
Ejemplo n.º 4
0
 public function testAuthenticate()
 {
     CoreLocal::set('scaleDriver', '');
     // don't interact w/ scale
     Database::setglobalvalue('LoggedIn', 1);
     Database::setglobalvalue('CashierNo', 1);
     $fail = Authenticate::checkPassword('9999');
     $this->assertEquals(False, $fail);
     Database::setglobalvalue('CashierNo', 9999);
     $pass = Authenticate::checkPassword('9999');
     $this->assertEquals(True, $pass);
     Database::setglobalvalue('LoggedIn', 0);
     Database::setglobalvalue('CashierNo', 1);
     $pass = Authenticate::checkPassword('9999');
     $this->assertEquals(True, $pass);
     Database::setglobalvalue('LoggedIn', 0);
     Database::setglobalvalue('CashierNo', 1);
     $pass = Authenticate::checkPassword('56');
     $this->assertEquals(True, $pass);
     Database::setglobalvalue('LoggedIn', 0);
     Database::setglobalvalue('CashierNo', 1);
     $fail = Authenticate::checkPassword('invalid password');
     $this->assertEquals(false, $fail);
     $this->assertEquals(false, Authenticate::checkPermission('56', 50));
     $this->assertEquals(false, Authenticate::checkPermission('56', 21));
     $this->assertEquals(true, Authenticate::checkPermission('56', 20));
     $this->assertEquals(true, Authenticate::checkPermission('56', 10));
     $this->assertEquals(false, Authenticate::getEmployeeByPassword('asdf'));
     $this->assertInternalType('array', Authenticate::getEmployeeByPassword('56'));
     $this->assertEquals(false, Authenticate::getEmployeeByNumber(75));
     $this->assertInternalType('array', Authenticate::getEmployeeByNumber(56));
     $this->assertEquals(0, Authenticate::getPermission(55));
     $this->assertEquals(20, Authenticate::getPermission(56));
 }