function tpl_datepicker($name, $label = '', $value = 0)
{
global $user, $page;
$date = '';
if ($value) {
if (!is_numeric($value)) {
$value = strtotime($value);
}
if (!$user->isAnon()) {
$st = date('Z') / 3600;
// server GMT timezone
$value += ($user->infos['time_zone'] - $st) * 60 * 60;
}
$date = date('Y-m-d', intval($value));
/* It must "look" as a date..
* XXX : do not blindly copy this code to validate other dates
* this is mostly a tongue-in-cheek validation
* 1. it will fail on 32 bit systems on dates < 1970
* 2. it will produce different results bewteen 32 and 64 bit systems for years < 1970
* 3. it will not work when year > 2038 on 32 bit systems (see http://en.wikipedia.org/wiki/Year_2038_problem)
*
* Fortunately tasks are never opened to be dated on 1970 and maybe our sons or the future flyspray
* coders may be willing to fix the 2038 issue ( in the strange case 32 bit systems are still used by that year) :-)
*/
} elseif (Req::has($name) && strlen(Req::val($name))) {
//strtotime sadly returns -1 on faliure in php < 5.1 instead of false
$ts = strtotime(Req::val($name));
foreach (array('m', 'd', 'Y') as $period) {
//checkdate only accepts arguments of type integer
${$period} = intval(date($period, $ts));
}
// $ts has to be > 0 to get around php behavior change
// false is casted to 0 by the ZE
$date = $ts > 0 && checkdate($m, $d, $Y) ? Req::val($name) : '';
}
$subPage = new FSTpl();
$subPage->setTheme($page->getTheme());
$subPage->assign('name', $name);
$subPage->assign('date', $date);
$subPage->assign('label', $label);
$subPage->assign('dateformat', '%Y-%m-%d');
$subPage->display('common.datepicker.tpl');
}
} else {
// just some extra check here so that never ever an account can get locked when it's already disabled
// ... that would make it easy to get enabled
$db->Query('UPDATE {users} SET login_attempts = login_attempts+1 WHERE account_enabled = 1 AND user_name = ?', array($username));
// Lock account if failed too often for a limited amount of time
$db->Query('UPDATE {users} SET lock_until = ?, account_enabled = 0 WHERE login_attempts > ? AND user_name = ?', array(time() + 60 * $fs->prefs['lock_for'], LOGIN_ATTEMPTS, $username));
if ($db->AffectedRows()) {
Flyspray::show_error(sprintf(L('error71'), $fs->prefs['lock_for']));
Flyspray::Redirect($baseurl);
} else {
Flyspray::show_error(7);
}
}
} else {
// Determine if the user should be remembered on this machine
if (Req::has('remember_login')) {
$cookie_time = time() + 60 * 60 * 24 * 30;
// Set cookies for 30 days
} else {
$cookie_time = 0;
// Set cookies to expire when session ends (browser closes)
}
$user = new User($user_id);
// Set a couple of cookies
$passweirded = md5($user->infos['user_pass'] . $conf['general']['cookiesalt']);
Flyspray::setcookie('flyspray_userid', $user->id, $cookie_time);
Flyspray::setcookie('flyspray_passhash', $passweirded, $cookie_time);
// If the user had previously requested a password change, remove the magic url
$remove_magic = $db->Query("UPDATE {users} SET magic_url = '' WHERE user_id = ?", array($user->id));
// Save for displaying
if ($user->infos['login_attempts'] > 0) {
exit;
}
if ($show_task = Get::val('show_task')) {
// If someone used the 'show task' form, redirect them
if (is_numeric($show_task)) {
Flyspray::Redirect(CreateURL('details', $show_task));
} else {
Flyspray::Redirect($baseurl . '?string=' . $show_task);
}
}
if (Flyspray::requestDuplicated()) {
// Check that this page isn't being submitted twice
Flyspray::show_error(3);
}
# handle all forms request that modify data
if (Req::has('action')) {
# enforcing if the form sent the correct anti csrf token
# only allow token by post
if (!Post::has('csrftoken')) {
die('missingtoken');
} elseif (Post::val('csrftoken') == $_SESSION['csrftoken']) {
require_once BASEDIR . '/includes/modify.inc.php';
} else {
die('wrongtoken');
}
}
# start collecting infos for the answer page
if ($proj->id && $user->perms('manage_project')) {
// Find out if there are any PM requests wanting attention
$sql = $db->Query('SELECT COUNT(*) FROM {admin_requests} WHERE project_id = ? AND resolved_by = 0', array($proj->id));
list($count) = $db->fetchRow($sql);
/**
* show
*
* @access public
* @return void
*/
function show()
{
global $page, $fs, $db;
$page->setTitle($fs->prefs['page_title'] . L('lostpw'));
if (!Req::has('magic_url')) {
// Step One: user requests magic url
$page->pushTpl('lostpw.step1.tpl');
} else {
// Step Two: user enters new password
$check_magic = $db->x->getRow('SELECT user_id, user_name FROM {users} WHERE magic_url = ?', null, array(Req::val('magic_url')));
if ($check_magic) {
$page->assign('userinfo', $check_magic);
$page->pushTpl('lostpw.step2.tpl');
} else {
$page->pushTpl('lostpw.step1.tpl');
}
}
}
<?php
/*********************************************************\
| Deal with lost passwords |
| ~~~~~~~~~~~~~~~~~~~~~~~~ |
\*********************************************************/
if (!defined('IN_FS')) {
die('Do not access this file directly.');
}
$page->setTitle($fs->prefs['page_title'] . L('lostpw'));
if (!Req::has('magic_url') && $user->isAnon()) {
// Step One: user requests magic url
$page->pushTpl('lostpw.step1.tpl');
} elseif (Req::has('magic_url') && $user->isAnon()) {
// Step Two: user enters new password
$check_magic = $db->Query('SELECT * FROM {users} WHERE magic_url = ?', array(Get::val('magic_url')));
if (!$db->CountRows($check_magic)) {
Flyspray::show_error(12);
}
$page->pushTpl('lostpw.step2.tpl');
} else {
Flyspray::Redirect($baseurl);
}
*/
define('IN_FS', true);
header('Content-type: text/html; charset=utf-8');
require_once '../../header.php';
$baseurl = dirname(dirname($baseurl)) . '/';
if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) {
$user = new User(Cookie::val('flyspray_userid'));
$user->check_account_ok();
} else {
$user = new User(0, $proj);
}
// don't allow anonymous users to access this page at all
if ($user->isAnon()) {
die;
}
if (Req::has('name')) {
$searchterm = strtolower(Req::val('name'));
}
// Get the list of users from the global groups above
$get_users = $db->Query(' SELECT count(u.user_name) AS anz_u_user,
count(r.user_name) AS anz_r_user
FROM {users} u
LEFT JOIN {registrations} r ON u.user_name = r.user_name
WHERE Lower(u.user_name) = ?
OR
Lower(r.user_name) = ?', array($searchterm, $searchterm));
while ($row = $db->FetchRow($get_users)) {
if ($row['anz_u_user'] > '0' || $row['anz_r_user'] > '0') {
$html = 'false|' . eL('usernametaken');
} else {
$html = 'true';
function val($key, $default = null)
{
return Req::has($key) ? $_REQUEST[$key] : $default;
}
function show()
{
global $page, $db, $user, $fs;
$page->setTitle($fs->prefs['page_title'] . L('registernewuser'));
if (Get::val('regdone')) {
$page->pushTpl('register.ok.tpl');
} else {
if ($user->can_register()) {
// 32 is the length of the magic_url
if (Req::has('magic_url')) {
// If the user came here from their notification link
$sql = $db->x->GetOne('SELECT reg_id FROM {registrations} WHERE magic_url = ?', null, Req::val('magic_url'));
if (!$sql) {
FlysprayDo::error(array(ERROR_INPUT, L('error18')));
}
$page->pushTpl('register.magic.tpl');
} else {
$page->pushTpl('register.no-magic.tpl');
}
} else {
$page->pushTpl('common.newuser.tpl');
}
}
}
<?php
/*********************************************************\
| Register a new user (when confirmation codes is used) |
| ~~~~~~~~~~~~~~~~~~~ |
\*********************************************************/
if (!defined('IN_FS')) {
die('Do not access this file directly.');
}
$page->setTitle($fs->prefs['page_title'] . L('registernewuser'));
if (!$user->isAnon()) {
Flyspray::Redirect($baseurl);
}
if ($user->can_register()) {
// 32 is the length of the magic_url
if (Req::has('magic_url') && strlen(Req::val('magic_url')) == 32) {
// If the user came here from their notification link
$sql = $db->Query('SELECT * FROM {registrations} WHERE magic_url = ?', array(Get::val('magic_url')));
if (!$db->CountRows($sql)) {
Flyspray::show_error(18);
}
$page->pushTpl('register.magic.tpl');
} else {
$page->pushTpl('register.no-magic.tpl');
}
} elseif ($user->can_self_register()) {
$page->pushTpl('common.newuser.tpl');
} else {
Flyspray::show_error(22);
}
public function getLogDetails($dbh, $args)
{
$from_ts = isset($args['from_ts']) ? trim($args['from_ts']) : date("Y-m-d", mktime(0, 0, 0, date("m"), date("d") - 1, date("Y")));
$to_ts = isset($args['to_ts']) ? trim($args['to_ts']) : date("Y-m-d");
$today = date("Y-m-d");
$params[] = date("Y-m-d", strtotime($from_ts));
$params[] = date("Y-m-d", strtotime($to_ts));
if ($args['caltype'] == '0') {
$str_config = " SELECT u.name as oname,u.username,oncall_to,oncall_from,'P' as octype,'US' as timezone \n\t\t\t\tFROM backupTapeopencalCalendar as btc \n\t\t\t\tLEFT JOIN opencal.user as u on (btc.user_id=u.user_id) \n\t\t\t\tWHERE oncall_to BETWEEN ? AND ?";
} else {
$str_config = "SELECT \n\t\t\t\t\tu.name as oname,u.username,d.name as timezone,if(oncall_type=1,'P','S') as octype,oncall_to,oncall_from \n\t\t\t FROM backupAssigneeConfig as bac \n\t\t\t LEFT JOIN opencal.user as u on (bac.user_id=u.user_id) \n\t\t\t LEFT JOIN opencal.dictionary as d on (bac.assign_time=d.dict_id) \n\t\t\t WHERE oncall_to BETWEEN ? AND ?";
}
if (trim($args['search']) != 'any' && trim($args[search]) != '') {
$str_config .= " AND u.username like ?";
$params[] = "%" . trim($args['search']) . "%";
}
if (isset($args[timezone]) && $args[timezone] != -1) {
$str_config .= " AND bac.assign_time=?";
$params[] = $args[timezone];
}
$options = array('page' => array('per_page' => Req::has('per_page') ? Req::get('per_page') : 50, 'current_page' => Req::get('page'), 'order_by' => Req::get('order_by') ? Req::get('order_by') : 'oncall_from'));
$options['page']['query'] = $str_config;
$options['page']['db'] = $dbh;
$options['page']['params'] = $params;
$recs = Pager::paginate($options['page']);
return $recs;
}
