Example #1
0
function checkReadSecurity($p)
{
    $current_user = BILO_uid();
    if (BILO_isAdmin()) {
        debug("Sec passed by Group Administrador Is God(TM)", 'red');
        return True;
    }
    if ($p->inode == 0) {
        debug("Sec passed by root dir", 'red');
        return True;
    }
    // We are creating a new file or new folder
    // Check if directory has write access for all
    if (strpos($p->p_other, 'r') !== False) {
        debug("Sec passed by Other:r {$p->p_other} {$p->nombre}", 'red');
        return True;
    }
    // Check if directory has write access for group
    if (BILO_checkGroup($p->gid)) {
        if (strpos($p->p_group, 'r') !== False) {
            debug("Sec passed by Group:r", 'red');
            return True;
        }
    }
    // Check if directory has write access for user
    if (BILO_uid() == $p->uid) {
        if (strpos($p->p_owner, 'r') !== False) {
            debug("Sec passed by Owner:r " . BILO_uid() . "|" . $p->uid, 'red');
            return True;
        }
    }
    return false;
}
Example #2
0
function BILO_block_user()
{
    global $SYS;
    ob_start();
    if (BILO_isLogged()) {
        $u = newObject("user", BILO_uid());
        $u->username = BILO_username();
        $u->clase = "login";
        plantHTML($u, "Public/block_ok_login");
    } else {
        $u = newObject("user");
        debug(BILO_username(), "blue");
        $u->clase = "logoff";
        plantHTML($u, "Public/block_no_login");
    }
    $data = ob_get_contents();
    ob_end_clean();
    return $data;
}
Example #3
0
function save()
{
    global $prefix;
    debug("Info: Calling Extended save");
    $old = newObject("gtasklog", $this->ID);
    if ($this->inicio < 3600) {
        $this->inicio = time();
    }
    if ($old->estado == 'No Iniciada' && $this->estado == 'En Curso') {
        // Accion implicita de iniciar tarea.
        debug("Info: Creando pasos", "white");
        $s = newObject("gstep");
        $steps = $s->listAll("ID", false, "gtask_id={$this->gtask_id}", 0, "secuencia ASC");
        foreach ($steps as $sid => $ssid) {
            $fechadeevaluacion = $this->inicio > 3600 ? $this->inicio + $this->diasderetraso * 24 * 60 * 60 : $this->inicio + $this->diasderetraso * 24 * 60 * 60;
            $origstep = newObject("gstep", $sid);
            $step = newObject("gsteplog");
            $step->setAll($origstep->properties);
            $step->ID = 0;
            $step->gtask_id = $this->gtask_id;
            $step->gstep_id = $sid;
            $step->gtasklog_id = $this->ID;
            $step->secuencia = $origstep->secuencia;
            $step->comando = strftime($origstep->comando, $fechadeevaluacion);
            $step->script = preg_replace("/__FECHA{([^\\{]{1,100}?)}/e", 'strftime("$1",' . $fechadeevaluacion . ')', $origstep->script);
            $step->ficheros = strftime($origstep->ficheros, $fechadeevaluacion);
            $step->estado = 'No Iniciada';
            $step->maxreturnstatus = $origstep->maxreturnstatus;
            $step->save();
        }
    }
    if ($old->estado == 'En Curso' && $this->estado == 'Cancelada') {
        $this->enviarAviso("cancelada");
    }
    $this->ejecutor = BILO_uid() > 1 ? BILO_uid() : $this->ejecutor;
    $par = new Ente($this->name);
    $par = typecast($this, "Ente");
    //dataDump($par);
    return $par->save();
}
Example #4
0
function save()
{
    $obj = newObject($this->campos["entity"]);
    $this->usuario_id = BILO_uid();
    $this->vista = $this->campos['entity'];
    foreach ($this->campos as $key => $value) {
        if (!in_array($key, array_keys($obj->properties))) {
            unset($this->campos[$key]);
        }
    }
    $this->campos_ser = serialize($this->campos);
    setLimitRows(15000);
    $this->searchResults = $this->select("usuario_id={$this->usuario_id} AND vista='{$this->vista}'");
    resetLimitRows();
    if ($this->nRes > 0) {
        $this->ID = $this->searchResults[0]->ID;
    } else {
        $this->ID = 1;
    }
    $par = new Ente($this->name);
    $par = typecast($this, "Ente");
    return $par->save();
}
Example #5
0
<?php

require_once "coreg2.php";
HTML("action_header");
$url = urldecode($params);
$b = newObject("bookmark");
$b->url = $url;
$b->nombre = $name;
$b->user_id = BILO_uid();
if (!$b->save()) {
    echo $b->ERROR;
} else {
    echo "Guardado correctamente [{$name}]";
}
HTML("action_footer");
Example #6
0
/*********************** 
Extended URI featuring

MODULE
APP
ACTION
************************/
require_once "coreg2.php";
set_include_dir(dirname(__FILE__) . "/local/Tmpl/-");
require_once "Bilo/API_exports.php";
set_include_dir(dirname(__FILE__) . "/Bilo/-");
require_once "Lib/lib_session.php";
setLimitRows(20);
$up = newobject("user_pref");
$up->getPrefByUser(BILO_uid());
$up->setPrefs();
if (!$isLoginScreen && !$SYS["GLOBAL"]["void_login"]) {
    if (BILO_isLogged() == false) {
        PlantHTML(array("location" => $SYS["ROOT"] . "/Login/login.php"), "opener");
        die;
    } else {
        if (BILO_isOperator() || BILO_isAdmin()) {
            echo '';
        } else {
            PlantHTML(array("location" => $SYS["ROOT"] . "/Login/login.php"), "opener");
            die;
        }
    }
}
if (!BILO_isAdmin() && !BILo_isOperator()) {
Example #7
0
function BILO_checkGroup($group)
{
    global $SYS;
    if ($SYS["config"]["authentication"] === false) {
        debug(__FILE__ . " " . __LINE__ . ' Auth disabled by $SYS["config"]["authentication"]', "red");
        return true;
    }
    $user = newObject("user", BILO_uid());
    if ($user->inGroup($group)) {
        return True;
    } else {
        return False;
    }
}
Example #8
0
<?php

if (!isset($_SESSION['fecha'])) {
    $us = newObject("user", BILO_uid());
    //BILO-uid nos da el id del usuario actual.
    $us->searchResults = $us->select("ID = 'BILO_uid'");
    //$_SESSION['fecha']=$us->fecha_hoy;
    $_SESSION['fecha'] = $us->fecha_hoy;
}
require_once "Forus.php";
setNavVars(array("ID", "foro_id"));
$sort = isset($sort) ? $sort : "fecha DESC";
$us = newObject("user", BILO_uid());
//BILO-uid nos da el id del usuario actual.
$us->searchResults = $us->select("ID = 'BILO_uid'");
//$_SESSION['fecha']=$us->fecha_hoy;
//$_COOKIE['fecha']=$us->fecha_hoy;
$us->fecha_hoy = date(time());
$us->save();
$u = newObject("foro");
$u->searchResults = $u->selectAll($offset, $sort);
if ($u->nRes == 0) {
    echo "<tr><td colspan=\"6\" ALIGN=\"CENTER\">NO EXISTE EN ESTE MOMENTO NINGÚN FORO DISPONIBLE</TD></TR></TABLE>";
} else {
    $total = $u->sumaMsg();
    $external_data = array("grafica" => 'code#return $object->msgBar(' . $total . ');', "nuevo" => 'code#if ($object->fecha >= ' . ($_SESSION['fecha'] + 1) . ') return "Nuevos Mensajes";');
    listList($u, $external_data, "list_foro");
}
Example #9
0
require_once "Memo.php";
require_once "security.php";
HTML("action_header");
if (isset($_POST["ID"])) {
    if ($ID < 2) {
        $form = newObject("data_object", $ID);
        $form->setAll($_POST);
        if (!BILO_isAdmin()) {
            $form->uid = BILO_uid();
        }
        if ($form->save()) {
            echo $form->nombre . _(" guardado");
            frameGo("fbody", "list.php?inode=" . $form->inode);
        } else {
            echo $form->nombre . _(" no guardado");
        }
    } else {
        $form = newObject("data_object", $ID);
        $form->setAll($_POST);
        if (!BILO_isAdmin()) {
            $form->uid = BILO_uid();
        }
        if ($form->save()) {
            echo $form->nombre . _(" guardado");
            frameGo("fbody", "list.php?inode=" . $form->inode);
        } else {
            echo $form->nombre . _(" no guardado");
        }
    }
}
HTML("action_footer");
Example #10
0
<?php

require_once "coreg2.php";
HTML("action_header");
$form = newObject("bookmark", $ID);
if ($form->user_id == BILO_uid()) {
    if ($form->delete()) {
        echo _("Borrado correctamente");
    } else {
        echo _("No borrado");
    }
} else {
    echo _("Sin permiso");
}
Example #11
0
<?php

require_once "Memo.php";
require_once "security.php";
if (!BILO_isAdmin()) {
    $p->security_option = "disabled";
}
$auth = newObject("user");
$uuids = $auth->listAll("username");
$gauth = newObject("group");
$guids = $gauth->listAll("groupname");
$external_data = array("gid" => $guids, "uid" => $uuids);
$p = newObject("data_object", $ID);
$p->inode = $inode;
if (empty($p->uid)) {
    $p->uid = BILO_uid();
}
if (empty($type)) {
    $type = $p->type;
} else {
    $p->type = $type;
}
if (!BILO_isAdmin()) {
    $p->security_option = disabled;
}
if (checkSecurity($p)) {
    formAction("action_save.php", "footer", "editForm");
    $p->boton0 = gfxBotonAction("Guardar", "getElementById('editForm').submit()", True);
    debug("type of edit element: {$type} ", "red");
    if ($type == "archive") {
        plantHTML($p, "add_form", $external_data);
Example #12
0
<?php

require_once "coreg2.php";
setNavVars(array("void_framming"));
$u = newObject("bookmark", 1);
$uid = BILO_uid();
$u->searchResults = $u->select("user_id={$uid}", $offset, $sort);
listList($u, array(), "lbookmarks");
?>