function churchreport__ajax() { $module = new CTChurchReportModule("churchreport"); $ajax = new CTAjaxHandler($module); $res = $ajax->call(); drupal_json_output($res); }
/** * */ function churchresource__ajax() { include_once "churchresource_db.php"; $module = new CTChurchResourceModule("churchresource"); $ajax = new CTAjaxHandler($module); $ajax->addFunction("delException", "administer bookings"); $ajax->addFunction("delBooking", "edit masterdata"); drupal_json_output($ajax->call()); }
function logout_main() { logout_current_user(); // When called per tool (api), then offer a JSEND-answer if (isset($_POST['directtool'])) { include_once CHURCHCORE . '/churchcore_db.php'; drupal_json_output(jsend()->success()); } else { header("Location: ?q=" . getConf("site_startpage", "home")); } }
public function photos_access_multiple_users_autocomplete($string = '') { $array = drupal_explode_tags($string); $last_string = trim(array_pop($array)); $matches = []; if ($last_string != '') { $result = db_select('users') ->fields('users', ['name']) ->condition('name', db_like($last_string) . '%', 'LIKE') ->range(0, 10) ->execute(); $prefix = count($array) ? implode(', ', $array) . ', ' : ''; foreach ($result as $user) { $n = $user->name; $matches[$prefix . $n] = $user->name; } } drupal_json_output($matches); }
public function processRequest($apikey, $getParams, $postParams) { $this->apikey = $apikey; if ($apikey == null && isset($postParams['apikey'])) { $this->apikey = $postParams['apikey']; } $this->getParams = $getParams; $this->postParams = $postParams; $result = array('success' => 1); if (!$this->checkApiKey()) { $result = Nl2go_ResponseHelper::generateErrorResponse('Invalid or missing API key!', Nl2go_ResponseHelper::ERRNO_PLUGIN_CREDENTIALS_WRONG); } else { switch ($this->postParams['action']) { case 'test': $result['message'] = $this->test(); break; case 'getPost': $post = $this->getPost(); if (!$post) { $result = Nl2go_ResponseHelper::generateErrorResponse('Post with given id not found!', Nl2go_ResponseHelper::ERRNO_PLUGIN_OTHER); } else { $result = Nl2go_ResponseHelper::generateSuccessResponse(array('post' => $post)); } break; case 'getPluginVersion': $version = $this->getPluginVersion(); $result = Nl2go_ResponseHelper::generateSuccessResponse(array('version' => $version)); break; default: $result = Nl2go_ResponseHelper::generateErrorResponse('Invalid action!', Nl2go_ResponseHelper::ERRNO_PLUGIN_OTHER); break; } } drupal_json_output($result); drupal_exit(); }
/** * churchdb ajax */ function churchdb_ajax() { include_once "churchdb_db.php"; $module = new CTChurchDBModule("churchdb"); $ajax = new CTAjaxHandler($module); // $t=microtime(true); // $timer="start:".round(microtime(true)-$t,3)." "; drupal_json_output($ajax->call()); }
$params['facet.sort'] = array('count'); $params['facet.mincount'] = 1; $params['facet.field'] = array('{!ex=bundle}bundle'); $params['f.bundle.facet.limit'] = array(50); $params['f.bundle.facet.mincount'] = array(1); $params["start"] = 0; $params["rows"] = 10; $query = apachesolr_drupal_query('apachesolr', $params); apachesolr_search_add_boost_params($query); $response = $query->search(); $results = $response->response->docs; if (!empty($_REQUEST['format']) && strcasecmp('csv', $_REQUEST['format']) !== FALSE) { ob_clean(); $out = fopen('php://output', 'w'); header('Content-Type: text/csv'); header('Content-Disposition: inline'); // Print the results $header_done = FALSE; foreach ($results as $result_object) { $result = (array) $result_object; if (!$header_done) { $header = array_keys($result); fputcsv($out, $header); $header_done = TRUE; } fputcsv($out, $result); } fclose($out); } else { drupal_json_output($results); }
/** * calls churchservice => churchservice_main or churchservice/ajax => churchservice_ajax * * @param $q - Complete request URL inkl. suburl e.g. churchservice/ajax * * TODO: should completely rewritten, using some classes */ function churchtools_processRequest($_q) { global $mapping, $config, $q; $content = ""; // include mapped file if (isset($mapping[$_q])) { include_once SYSTEM . "/" . $mapping[$_q]; $param = "main"; if (strpos($_q, "/") > 0) { $param = "_" . substr($_q, strpos($_q, "/") + 1, 99); $_q = substr($_q, 0, strpos($_q, "/")); } if (!user_access("view", $_q) && !in_array($_q, $mapping["page_with_noauth"]) && $_q != "login" && !in_array($_q, isset($config["page_with_noauth"]) ? $config["page_with_noauth"] : array())) { if (!userLoggedIn()) { // only show login if (strrpos($q, "ajax") === false) { $q = "login"; return churchtools_processRequest("login"); } else { drupal_json_output(jsend()->error("Session expired!")); die; } } else { $name = $_q; if (isset($config[$_q . "_name"])) { $name = $config[$_q . "_name"]; } addInfoMessage(t("no.permission.for", $name)); return ""; } } // does the main work? $content .= call_user_func($_q . "_" . $param); if ($content == null) { die; } } else { addErrorMessage(t("mapping.not.found", "<i>{$_q}</i>")); } return $content; }
/** * view external map (ajax) */ function externmapview__ajax() { global $user; $func = $_GET["func"]; if ($func == 'loadMasterData') { $res["home_lat"] = variable_get('churchdb_home_lat', '53.568537'); $res["home_lng"] = variable_get('churchdb_home_lng', '10.03656'); $res["districts"] = churchcore_getTableData("cdb_distrikt", "bezeichnung"); $res["groups"] = getExternalGroupData(); $res["modulespath"] = CHURCHDB; $res["user_pid"] = $user->id; $res["vorname"] = $user->vorname; $res = jsend()->success($res); } else { if ($func == 'addPersonGroupRelation') { include_once CHURCHDB . '/churchdb_ajax.php'; $res = churchdb_addPersonGroupRelation($user->id, $_GET["g_id"], -2, null, null, null, t("request.by.external.mapview")); sendConfirmationMail($user->email, $user->vorname, $_GET["g_id"]); $res = jsend()->success($res); } else { if ($func == 'editPersonGroupRelation') { include_once CHURCHDB . '/churchdb_ajax.php'; $res = _churchdb_editPersonGroupRelation($user->id, $_GET["g_id"], -2, null, "null", t("request.changed.by.external.mapview")); sendConfirmationMail($user->email, $user->vorname, $_GET["g_id"]); $res = jsend()->success($res); } else { if ($func == 'sendEMail') { $db = db_query('select * from {cdb_person} where upper(email) like upper(:email) and upper(vorname) like upper(:vorname) and upper(name) like upper(:name)', array(':email' => $_GET["E-Mail-Adresse"], ':vorname' => $_GET["Vorname"], ':name' => $_GET["Nachname"]))->fetch(); $txt = ""; if ($db != false) { include_once CHURCHDB . '/churchdb_ajax.php'; churchdb_addPersonGroupRelation($db->id, $_GET["g_id"], -2, null, null, null, t("request.by.external.mapview") . ": " . $_GET["Kommentar"]); sendConfirmationMail($_GET["E-Mail-Adresse"], $_GET["Vorname"], $_GET["g_id"]); $txt = t("person.found.and.request.sent"); } else { $res = db_query("select vorname, p.id id, g.bezeichnung from {cdb_gemeindeperson_gruppe} gpg, {cdb_gemeindeperson} gp, \n {cdb_person} p, {cdb_gruppe} g\n where gpg.gemeindeperson_id=gp.id and gp.person_id=p.id and g.id=:gruppe_id \n and gpg.gruppe_id=g.id and status_no>=1 and status_no!=4", array(":gruppe_id" => $_GET["g_id"])); $rec = array(); foreach ($res as $p) { $rec[] = $p->vorname; $content = "<h4>" . t('request.to.group', $p->bezeichnung) . "<h4/>"; $content .= "<ul><li>" . t('surname') . ": " . $_GET["Vorname"]; $content .= "<li>" . t('name') . ": " . $_GET["Nachname"]; $content .= "<li>" . t('email') . ": " . $_GET["E-Mail-Adresse"]; $content .= "<li>" . t('phone') . ": " . $_GET["Telefon"]; $content .= "<li>" . t('comment') . ": " . $_GET["Kommentar"]; $content .= "</ul>"; $res = churchcore_sendEMailToPersonIds($p->id, "[" . variable_get('site_name', 'ChurchTools') . "] " . t('form.request.to.group', $p->bezeichnung), $content, variable_get('site_mail'), true, true); } if (count($rec) == 0) { $txt = t("could.not.find.group.leader.please.try.other.ways"); } else { $txt = t("email.send.to", implode($rec, ", ")); sendConfirmationMail($_GET["E-Mail-Adresse"], $_GET["Vorname"], $_GET["g_id"]); } } $res = jsend()->success($txt); } else { $res = jsend()->fail(t("unknown.call", $func)); } } } } drupal_json_output($res); }
function login_main() { global $q, $config; $txt = ""; if (isset($config["admin_message"]) && $config["admin_message"] != "") { addErrorMessage($config["admin_message"]); } if (isset($_GET["message"]) && $_GET["message"] != "") { addInfoMessage($_GET["message"]); } // Sicherstellen, dass keiner eingelogt ist! if (!userLoggedIn()) { if (isset($config["login_message"])) { addInfoMessage($config["login_message"], true); } $model = new CTForm("LoginForm", "prooveLogin", "Login"); $model->setHeader(t("login.headline"), t("please.fill.following.fields")); $model->addField("email", "", "INPUT_REQUIRED", t("email.or.username"), true); $model->addField("password", "", "PASSWORD", t("password")); if (!isset($config["show_remember_me"]) || $config["show_remember_me"] == 1) { $model->addField("rememberMe", "", "CHECKBOX", t("remember.me")); } $model->addButton(t("login"), "ok"); if (isset($_GET["newpwd"])) { $res = db_query("select count(*) c from {cdb_person} where email='" . $_GET["email"] . "' and archiv_yn=0")->fetch(); if ($_GET["email"] == "" || $res->c == 0) { $txt .= '<div class="alert alert-error"><p>Bitte ein gültige EMail-Adresse angeben, an die das neue Passwort gesendet werden kann! Diese Adresse muss im System schon eingerichtet sein. <p>Falls die E-Mail-Adresse schon eingerichtet sein sollte, wende Dich bitte an <a href="' . variable_get("site_mail") . '">' . variable_get("site_mail") . '</a>.</div>'; } else { $newpwd = random_string(8); $scrambled_password = scramble_password($newpwd); db_query("update {cdb_person} set password='******' where email='" . $_GET["email"] . "'"); $content = "<h3>Hallo!</h3><p>Ein neues Passwort wurde für die E-Mail-Adresse <i>" . $_GET["email"] . "</i> angefordert: {$newpwd}"; churchcore_systemmail($_GET["email"], "[" . variable_get('site_name') . "] Neues Passwort", $content, true, 1); churchcore_sendMails(1); $txt .= '<div class="alert alert-info">Hinweis: Ein neues Passwort wurde nun an <i>' . $_GET["email"] . '</i> gesendet.</div>'; ct_log("Neues Passwort angefordert " . $_GET["email"], 2, "-1", "login"); } } else { if (isset($_POST["email"]) && isset($_POST["password"]) && isset($_POST["directtool"])) { include_once CHURCHCORE . "/churchcore_db.php"; $sql = "select * from {cdb_person} where email=:email and active_yn=1 and archiv_yn=0"; $res = db_query($sql, array(":email" => $_POST["email"]))->fetch(); if ($res == false) { drupal_json_output(jsend()->fail("Unbekannte E-Mail-Adresse")); } else { if (user_check_password($_POST["password"], $res)) { login_user($res); ct_log("Login durch Direct-Tool " . $_POST["directtool"] . " mit " . $_POST["email"], 2, "-1", "login"); drupal_json_output(jsend()->success()); } else { drupal_json_output(jsend()->fail("Falsches Passwort")); } } return; } else { if (isset($_GET["loginstr"]) && $_GET["loginstr"] != "" && isset($_GET["id"])) { // L�sche alte cc_loginurrls die �lter sind als 14 tage db_query("delete from {cc_loginstr} where DATEDIFF( current_date, create_date ) > 13"); $sql = "select * from {cc_loginstr} where loginstr=:loginstr and person_id=:id"; $res = db_query($sql, array(":loginstr" => $_GET["loginstr"], ":id" => $_GET["id"]))->fetch(); if ($res == false) { $txt .= '<div class="alert alert-info">Fehler: Der verwendete Login-Link ist nicht mehr aktuell und kann deshalb nicht mehr verwendet werden. Bitte mit E-Mail-Adresse und Passwort anmelden!</div>'; } else { // Nehme den LoginStr heraus, damit er nicht mi�braucht werden kann. $sql = "delete from {cc_loginstr} where loginstr=:loginstr and person_id=:id"; $res = db_query($sql, array(":loginstr" => $_GET["loginstr"], ":id" => $_GET["id"])); ct_log("Login User " . $_GET["id"] . " erfolgreich mit loginstr ", 2, "-1", "login"); $res = churchcore_getPersonById($_GET["id"]); login_user($res); } } } } $txt .= $model->render(); $txt .= '<script>jQuery("#newpwd").click(function(k,a) { if (confirm("' . t('want.to.receive.new.password') . '")) { window.location.href="?newpwd=true&email="+jQuery("#LoginForm_email").val()+"&q=' . $q . '"; } });</script>'; } else { // Wenn man sich ummelden m�chte und zur Familie geh�rt (also gleiche E-Mail-Adresse) if (isset($_GET["family_id"])) { if (isset($_SESSION["family"][$_GET["family_id"]])) { //logout_current_user(); login_user($_SESSION["family"][$_GET["family_id"]]); $txt .= '<div class="alert alert-info">Ummelden erfolgreich! Du arbeitest nun mit der Berechtigung von ' . $_SESSION["user"]->vorname . ' ' . $_SESSION["user"]->name . '.</div>'; } else { $txt .= '<div class="alert alert-info">Ummelden zu Id:' . $_GET["family_id"] . ' hat nicht funktioniert, Session ist leer!</div>'; } } else { $txt .= '<div class="alert alert-info"><i>Hinweis:</i> Du bist angemeldet als ' . $_SESSION["user"]->vorname . ', weiter geht es <a href="?q=home">hier</a>!</div>'; } } return $txt; }
/** * churchservice ajax */ function churchservice_ajax() { include_once "churchservice_db.php"; $module = new CTChurchServiceModule("churchservice"); $ajax = new CTAjaxHandler($module); $ajax->addFunction("pollForNews", "view"); $ajax->addFunction("getNewEventData", "view"); $ajax->addFunction("getAllEventData", "view"); $ajax->addFunction("getPersonByGroupIds", "view"); $ajax->addFunction("saveEvent", "edit events"); $ajax->addFunction("deleteEvent", "edit events"); // Facts $ajax->addFunction("getAllFacts", "view facts || edit facts"); $ajax->addFunction("saveFact", "edit facts"); $ajax->addFunction("deleteService"); $ajax->addFunction("editService"); $ajax->addFunction("addOrRemoveServiceToEvent"); drupal_json_output($ajax->call()); }
function churchcal__ajax() { include_once CHURCHCAL . "/churchcal_db.php"; $module = new CTChurchCalModule("churchcal"); $ajax = new CTAjaxHandler($module); $ajax->addFunction("getCalEvents", "view"); $ajax->addFunction("getCalPerCategory", "view"); $ajax->addFunction("getAbsents", "view"); $ajax->addFunction("getMyServices", "view", "churchservice"); $ajax->addFunction("getBirthdays", "view"); $ajax->addFunction("deleteCategory", "view"); $ajax->addFunction("updateEvent", "view"); $ajax->addFunction("createEvent", "view"); $ajax->addFunction("getShares", "view"); $ajax->addFunction("saveShares", "view"); $ajax->addFunction("getResource", "view", "churchresource"); $ajax->addFunction("getAllowedGroups", "view", "churchdb"); $ajax->addFunction("getAllowedPersons", "view", "churchdb"); $ajax->addFunction("saveCategory", "view"); $ajax->addFunction("delAddition", "view"); $ajax->addFunction("deleteEvent", "view"); // not ready $ajax->addFunction("moveCSEvent"); drupal_json_output($ajax->call()); }
/** * Process a chunk of items form the queue and respond in JSON. * * @return string * Statistics array encoded as JSON, including a 'widget' HTML snippet. */ public static function pathCallback() { $service = _acquia_purge_service(); $stats = $service->stats(); $stats['error'] = FALSE; $stats['widget'] = ' '; // Deny access when the current user didn't initiate queue processing. if (!self::isUserOwningTheQueue($service)) { $stats['running'] = FALSE; return drupal_json_output($stats); } // Test for blocking diagnostic issues and report any if found. if (!_acquia_purge_are_we_allowed_to_purge()) { $err = current(_acquia_purge_get_diagnosis(ACQUIA_PURGE_SEVLEVEL_ERROR)); _acquia_purge_get_diagnosis_logged($err); $stats['error'] = $err['description']; return drupal_json_output($stats); } // Attempt to process a chunk from the queue. if ($service->lockAcquire()) { $service->process(); foreach ($service->stats() as $key => $value) { $stats[$key] = $value; } // When processing stalled, the history breadcrumb often stays empty and // this is a clear indication that errors occurred. if (empty($stats['purgehistory'])) { $stats['error'] = t("The system seems to be having difficulties\r\n refreshing recent content changes. Your work won't be lost, but please\r\n do ask your technical administrator to check the logs."); } $service->lockRelease(); } else { $stats['locked'] = TRUE; } // Render the status widget and render as JSON response. if (!$stats['error']) { $stats['widget'] = theme('acquia_purge_status_bar_widget', $stats); } return drupal_json_output($stats); }
/** * view external map (ajax) */ function externmapview__ajax() { global $user; $func = getVar("func"); $groupId = getVar("g_id"); $surname = getVar("Vorname"); $name = getVar("Nachname"); $groupId = getVar("g_id"); $email = getVar("E-Mail-Adresse"); $fon = getVar("Telefon"); $comment = getVar("Kommentar"); if ($func == 'loadMasterData') { $res["home_lat"] = getConf('churchdb_home_lat', '53.568537'); $res["home_lng"] = getConf('churchdb_home_lng', '10.03656'); $res["districts"] = churchcore_getTableData("cdb_distrikt", "bezeichnung"); $res["groups"] = getExternalGroupData(); $res["modulespath"] = CHURCHDB; $res["user_pid"] = $user->id; $res["vorname"] = $user->vorname; $res = jsend()->success($res); } else { if ($func == 'addPersonGroupRelation') { include_once CHURCHDB . '/churchdb_ajax.php'; $res = churchdb_addPersonGroupRelation($user->id, $groupId, -2, null, null, null, t("request.by.external.mapview")); sendConfirmationMail($user->email, $user->vorname, $groupId); $res = jsend()->success($res); } else { if ($func == 'editPersonGroupRelation') { include_once CHURCHDB . '/churchdb_ajax.php'; $res = _churchdb_editPersonGroupRelation($user->id, $groupId, -2, null, "null", t("request.changed.by.external.mapview")); sendConfirmationMail($user->email, $user->vorname, $groupId); $res = jsend()->success($res); } else { if ($func == 'sendEMail') { $db = db_query('SELECT * FROM {cdb_person} WHERE UPPER(email) LIKE UPPER(:email) AND UPPER(vorname) LIKE UPPER(:vorname) AND UPPER(name) LIKE UPPER(:name)', array(':email' => $email, ':vorname' => $surname, ':name' => $name))->fetch(); $txt = ""; if ($db) { include_once CHURCHDB . '/churchdb_ajax.php'; churchdb_addPersonGroupRelation($db->id, $groupId, -2, null, null, null, t("request.by.external.mapview") . ": {$comment}"); sendConfirmationMail($email, $surname, $groupId); $txt = t("person.found.and.request.sent"); } else { $res = db_query("SELECT vorname, p.id id, g.bezeichnung\n FROM {cdb_gemeindeperson_gruppe} gpg, {cdb_gemeindeperson} gp, {cdb_person} p, {cdb_gruppe} g\n WHERE gpg.gemeindeperson_id = gp.id AND gp.person_id = p.id AND g.id = :gruppe_id\n AND gpg.gruppe_id = g.id AND email!='' AND gpg.status_no BETWEEN 1 AND 3 ", array(":gruppe_id" => $groupId)); $rec = array(); foreach ($res as $p) { $rec[] = $p->vorname; $data = array('title' => t('request.to.group', $p->bezeichnung), 'request' => array('surname' => $surname, 'name' => $name, 'email' => $email, 'phone' => $fon, 'comment' => $comment)); $lang = getUserLanguage($p->id); $content = getTemplateContent('email/groupRequest', 'churchdb', $data, null, $lang); $res = churchcore_sendEMailToPersonIDs($p->id, "[" . getConf('site_name') . "] " . t2($lang, 'form.request.to.group', $p->bezeichnung), $content, getConf('site_mail'), true, true); } if (!count($rec)) { $txt = t("could.not.find.group.leader.please.try.other.ways"); } else { $txt = t2($lang, "email.send.to", implode($rec, ", ")); sendConfirmationMail($email, $surname, $groupId); } } $res = jsend()->success($txt); } else { $res = jsend()->fail(t("unknown.call", $func)); } } } } drupal_json_output($res); }
/** * function for ajax calls */ function churchauth__ajax() { $module = new CTAuthModule("churchauth"); $ajax = new CTAjaxHandler($module); drupal_json_output($ajax->call()); }
function admin__ajax() { $module = new CTAdminModule("admin"); $ajax = new CTAjaxHandler($module); drupal_json_output($ajax->call()); }
function about__ajax() { global $config, $user; $params = $_POST; if ($params["func"] == "sendEmailToAdmin") { churchcore_systemmail(variable_get("admin_mail", $config["site_mail"]), $params["subject"], $params["text"], true, 1); $res = jsend()->success(); } else { if ($params["func"] == "amILoggedIn") { if ($user == null) { $res = jsend()->success(false); } else { $res = jsend()->success($user->id != -1); } } else { $res = jsend()->error("Unkown call: " . $params["func"]); } } drupal_json_output($res); }
function churchwiki__ajax() { global $user, $files_dir, $base_url, $mapping, $config; $auth = churchwiki_getAuthForAjax(); if (!user_access("view", "churchwiki") && !in_array("churchwiki", $mapping["page_with_noauth"]) && !in_array("churchwiki", $config["page_with_noauth"])) { throw new CTNoPermission("view", "churchwiki"); } $module = new CTChurchWikiModule("churchwiki"); $ajax = new CTAjaxHandler($module); $res = $ajax->call(); drupal_json_output($res); }
function home__ajax() { $module = new CTHomeModule("home"); $ajax = new CTAjaxHandler($module); drupal_json_output($ajax->call()); }
/** * For footer e-mail function */ function about__ajax() { global $config, $user; $params = $_POST; if ($params["func"] == "sendEmailToAdmin") { if (getConf("mail_enabled")) { $recipients = explode(",", getConf("admin_mail", $config["site_mail"])); foreach ($recipients as $recipient) { churchcore_mail("{$user->vorname} {$user->name} <{$user->email}>", trim($recipient), $params["subject"], $params["text"], true, true, 0); } $res = jsend()->success(); } else { $res = jsend()->fail("EMails sind deaktivert!"); } } else { if ($params["func"] == "amILoggedIn") { if ($user == null) { $res = jsend()->success(false); } else { $res = jsend()->success($user->id != -1); } } else { $res = jsend()->error("Unkown call: " . $params["func"]); } } drupal_json_output($res); }
*/ // Do basic bootstrap to make sure the database can be accessed. drupal_bootstrap(DRUPAL_BOOTSTRAP_DATABASE); // Prevent Devel from hi-jacking our output in any case. $GLOBALS['devel_shutdown'] = FALSE; $return = js_execute_callback(); // Menu status constants are integers; page content is a string. if (is_int($return)) { // Make sure the full bootstrap has ran. drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL); // Deliver error page. drupal_deliver_page($return); } elseif (isset($return)) { // If JavaScript callback did not exit, print any value (including an empty // string) except NULL or undefined. drupal_json_output($return); } /** * Loads the requested module and executes the requested callback. * * @return * The callback function's return value or one of the JS_* constants. */ function js_execute_callback() { $args = explode('/', $_GET['q']); // If i18n is enabled and therefore the js module should boot // to DRUPAL_BOOTSTRAP_LANGUAGE. $i18n = FALSE; // Validate if there is a language prefix in the path. if (!empty($args[0]) && !empty($args[1]) && $args[1] == 'js_callback') {
/** * main function for login * @return string */ function login_main() { global $q, $config, $user; $txt = ""; if ($t = getConf("admin_message")) { addErrorMessage($t); } if ($t = getVar("message")) { addInfoMessage($t); } // Sicherstellen, dass keiner eingelogt ist! if (!userLoggedIn()) { if ($t = getVar("login_message")) { addInfoMessage($t, true); } $form = new CTForm("LoginForm", "validateLogin", "Login"); $form->setHeader(t("login.headline"), t("please.fill.following.fields")); $form->addField("email", "", "INPUT_REQUIRED", t("email.or.username"), true); if (getVar("email")) { $form->fields["email"]->setValue(getVar("email")); } $form->addField("password", "", "PASSWORD", t("password")); // TODO: when is this false? if (getConf("show_remember_me", 1) == 1) { $form->addField("rememberMe", "", "CHECKBOX", t("remember.me")); } $form->addButton(t("login"), "ok"); // access through externale tools through GET and additional direct // POST so no GET is used , so it is not visible in the URL if (getVar("email", false, $_POST) && getVar("password", false, $_POST) && getVar("directtool", false, $_POST)) { include_once CHURCHCORE . "/churchcore_db.php"; $email = getVar("email", false, $_POST); $password = getVar("password", false, $_POST); $directTool = getVar("directtool", false, $_POST); $res = db_query("SELECT * FROM {cdb_person}\n WHERE email=:email AND active_yn=1 AND archiv_yn=0", array(":email" => $email))->fetch(); if (!$res) { drupal_json_output(jsend()->fail(t('email.unknown'))); } else { if (user_check_password($password, $res)) { login_user($res, null, false); ct_log("Login by Direct-Tool {$directTool} with {$email}", 2, "-1", "login"); drupal_json_output(jsend()->success()); } else { drupal_json_output(jsend()->fail(t('wrong.password'))); } } return; } else { if (($loginstr = getVar("loginstr")) && ($id = getVar('id'))) { // delete login strings older then 14 days db_query("DELETE FROM {cc_loginstr}\n WHERE DATEDIFF( current_date, create_date ) > 13"); $res = db_query("SELECT * FROM {cc_loginstr}\n WHERE loginstr=:loginstr AND person_id=:id", array(":loginstr" => $loginstr, ":id" => $id))->fetch(); if (!$res) { $txt .= '<div class="alert alert-info">' . t('login.string.too.old') . '</div>'; } else { // delete current loginKey to prevent misuse $res = db_query("DELETE FROM {cc_loginstr}\n WHERE loginstr=:loginstr AND person_id=:id", array(":loginstr" => $loginstr, ":id" => $id)); ct_log("Login User {$id} erfolgreich mit loginstr ", 2, "-1", "login"); $res = churchcore_getPersonById($id); login_user($res); } } } $txt .= $form->render(); $txt .= '<script>jQuery("#newpwd").click(function(k,a) { if (confirm("' . t('want.to.receive.new.password') . '")) { window.location.href="?q=login/newpwd&email="+jQuery("#LoginForm_email").val(); } });</script>'; } else { // switch to another family user (same email) if ($familyId = getVar("family_id")) { if (isset($_SESSION["family"][$familyId])) { // logout_current_user(); login_user($_SESSION["family"][$familyId]); $txt .= '<div class="alert alert-info">' . t('user.succesfully.changed.now.you.work.with.permissions.of.x', $_SESSION["user"]->vorname . ' ' . $_SESSION["user"]->name) . '</div>'; } else { $txt .= "<div class='alert alert-info'>" . t('user.change.to.familyX.failed.session.is.empty', $familyId) . "</div>"; } } else { if (getVar("directtool", false, $_POST)) { drupal_json_output(jsend()->success("Already logged in")); } else { $txt .= '<div class="alert alert-info">' . t('you.are.logged.in.as.x.click.y.to.continue', $_SESSION["user"]->vorname, '<a href="?q=home">' . t('home') . '</a>') . '</div>'; } } } return $txt; }