Example #1
0
 public static function callApi($extra_params = null, $api_url = REDCAP_API_URL, $json_decode = true)
 {
     $default_params = array('token' => REDCAP_API_TOKEN, 'format' => 'json', 'content' => 'record');
     $params = array_merge($default_params, $extra_params);
     //logIt("New Params:" . print_r($params,true), "DEBUG");
     // logIt(json_encode($params,1),"DEBUG");
     $result = self::http_post($api_url, $params);
     // logIt('call API Raw result: ' . print_r($params), "DEBUG");
     if ($json_decode) {
         $result = json_decode($result, true);
         if (isset($result->error)) {
             logIt('Error in writeToApi: ' . $result->error, "DEBUG");
             return false;
         }
     } else {
         // Return raw result
     }
     //logIt('call API result: ' . print_r($result,true), "DEBUG");
     return $result;
 }
Example #2
0
<?php

// ============================================================================
// PREPRINTS/DELETE_PREPRINT.PHP
// ============================================================================
require_once "config.manage.php";
core_declare_input("rowId");
if (!$authClass->isAdmin()) {
    errorPage("Preprints may only be deleted by administrative staff");
}
$deleteRes = $dbClass->query("SELECT * FROM publications WHERE RowId='" . $rowId . "'");
$row = $dbClass->next_record($deleteRes);
$q = $dbClass->query("UPDATE publications SET " . "Status='free', Field='', Location='', Authors='', " . "Title='', PublIn='' WHERE RowId='" . $rowId . "'");
mail2secretary("Deleted");
logIt("delete", pp_preprintID($row["Year"], $row["Report"]), uid2gecos($row["Id"]));
if (file_exists($row["Location"])) {
    unlink($row["Location"]);
}
require "show_preprints.php";
Example #3
0
function appsLog($type, $text, $dummy)
{
    list($to, $fr, $s) = split(" ", $text);
    logIt($type, eregi_replace("^.*=", "", $s), eregi_replace("^.*=", "", $to));
}
Example #4
0
    bugPage("no account found for UID='{$res_UID}'");
}
$res_login = $account["name"];
if (!$authClass->isAdmin() && $res_login != $AUTH_login) {
    errorPage("Reserving of preprint nbrs for others is only " . "permitted for administrative staff.");
}
$res_gecos = $account["gecos"];
$res_ppn = pp_reserveNumber($nor_pp_year, $res_UID, $field, $authors, $title);
// reread back the record
$q = $dbClass->query("SELECT * FROM publications WHERE Year={$nor_pp_year} AND Report={$res_ppn} AND Field='{$field}'");
$row = $dbClass->next_record($q);
$_POST["rowId"] = $row["RowId"];
require "update_preprint.inc.php";
mail2secretary("Reserved");
mail_PPsubmitter("Reserved");
logIt("submit", pp_preprintID($nor_pp_year, $res_ppn), $res_gecos);
echo x("p", x("i", "Preprint number <b>{$res_ppn}</b> has been reserved for {$res_gecos}<br>Please quote:"));
show_preprint($_POST["rowId"], "index.php", $showcancelButton = False);
endPage();
// ==========================================================================
/// @fn void  ( void )
///
/// ...
///
/// @global
/// @parameter ...
/// @return ...
/// @gobals[out] - none
/// @sideeffect  - none
///
/// @calledby ...
Example #5
0
function sendReminder()
{
    global $dbClass, $row;
    $action = "reminder";
    if ($_SESSION[$action][$action]++) {
        return;
    }
    $remindingPeriod = core_getConfig("remindingPeriod", 7 * 24 * 3600);
    // a week
    if ($q = getPendingPreprints("Tm < " . (time() - $remindingPeriod))) {
        while ($row = $dbClass->next_record($q)) {
            $pp = pp_preprintID($row["Year"], $row["Report"]);
            $gecos = uid2gecos($row["Id"]);
            if (core_getoption("CLI")) {
                print sprintf("%-15s %-25s %-15s %s \n", $pp, uid2login($row["Id"]), $gecos, long_date_and_time_string($row["Tm"]));
            }
            $l = $dbClass->query("SELECT * FROM " . PP_LOGTABLE . " WHERE text REGEXP '" . $pp . " ' " . "AND type = '" . $action . "' ORDER BY time DESC");
            $tobeSent = !$dbClass->num_rows($l);
            while ($log = $dbClass->next_record($l)) {
                if ((int) $log["time"] > time() - $remindingPeriod) {
                    break;
                }
                $tobeSent = True;
            }
            if ($tobeSent) {
                logIt($action, $pp, $gecos);
                mailReminder();
            }
        }
    }
}
 public function createNewUser($pass, $verifymail = true)
 {
     if (self::usernameExists()) {
         $this->error = "Error creating user (CODE 001)";
         // Don't create a user if they already exist!
         return false;
     }
     if (empty($pass)) {
         $this->error = "Error creating user (CODE 002)";
         // Missing password
         return false;
     }
     // Salt and Hash password
     //$salt = generateRandomString(25, true);
     $password_salt_hash = generateHash($pass);
     //logIt("Hashing $pass with $salt to yield $password_hash","DEBUG");
     $data = array(REDCAP_FIRST_FIELD => $this->next_user_id, getRF('username') => $this->username, getRF('password') => $password_salt_hash, getRF('firstname') => ucfirst($this->firstname), getRF('lastname') => $this->lastname, getRF('zip') => $this->zip, getRF('city') => $this->city, getRF('state') => $this->state, getRF('age') => $this->age, getRF('email') => $this->email, getRF('created_ts') => date('Y-m-d H:i:s'));
     // Add event if longitudinal
     if (REDCAP_PORTAL_EVENT !== NULL) {
         $data['redcap_event_name'] = REDCAP_PORTAL_EVENT;
     }
     logIt("CREATE NEW USER WITH DATA:" . print_r($data, true), "DEBUG");
     $result = RC::writeToApi($data, array('returnContent' => 'ids'));
     $new_user_id = is_array($result) ? current($result) : null;
     if (is_numeric($new_user_id)) {
         $this->new_user_id = $new_user_id;
         if ($verifymail) {
             $newuser = new RedcapPortalUser($new_user_id);
             $newuser->createEmailToken();
             $newuser->emailEmailToken();
         }
     } else {
         logIt("Error creating new user: "******"ERROR");
         $this->error = "Error creating user via API";
     }
     logIt("CREATE NEW USER RESULT:" . json_encode($result), "DEBUG");
     return $new_user_id;
 }
Example #7
0
 public function testLogic($logic)
 {
     logIt('testLogic: ' . $logic);
     if (LogicTester::isValid($logic)) {
         // Append current event details
         if (REDCap::isLongitudinal() && $this->redcap_event_name) {
             $logic = LogicTester::logicPrependEventName($logic, $this->redcap_event_name);
         }
         // Test logic
         logIt('Logic:' . $logic, 'DEBUG');
         if (LogicTester::evaluateLogicSingleRecord($logic, $this->record)) {
             $result = RCView::img(array('class' => 'imgfix', 'src' => 'accept.png')) . " True";
         } else {
             $result = RCView::img(array('class' => 'imgfix', 'src' => 'cross.png')) . " False";
         }
     } else {
         $result = RCView::img(array('class' => 'imgfix', 'src' => 'error.png')) . " Invalid Syntax";
     }
     return $result;
 }
 function updateUser($data = array(), $extra_params = array(), $flushLog = true)
 {
     // Add record ID if not already there
     $data[REDCAP_FIRST_FIELD] = $this->user_id;
     // Add event if longitudinal
     if (REDCAP_PORTAL_EVENT !== NULL) {
         $data['redcap_event_name'] = REDCAP_PORTAL_EVENT;
     }
     logIt("updateUser data1:" . print_r($data, true), "DEBUG");
     if ($flushLog && count($this->log_entry > 0)) {
         $newLog = array(getRF('log') => implode("\n", $this->log_entry));
         $data = array_merge($data, $newLog);
         //$this->log_entry = array();
     }
     //logIt("updateUser data2:".print_r($data,true), "DEBUG");
     $result = RC::writeToApi($data, $extra_params);
     if (isset($result['error'])) {
         logIt('Error updating User: '******'error'] . " with: " . print_r($data, true));
         return false;
     }
     //logIt("updateUser result:".print_r($result,true), "DEBUG");
     // Flush the log
     if ($flushLog) {
         $this->log_entry = array();
     }
     // Reload the session user from the API
     self::refreshUser();
     return true;
     //$result;
 }
Example #9
0
function postTweet($OAuth, $status)
{
    if (empty($status)) {
        return false;
    }
    $connection = new TwitterOAuth($OAuth['consumer_key'], $OAuth['consumer_secret'], $OAuth['access_token'], $OAuth['access_token_secret']);
    $result = $connection->post('statuses/update', array('status' => $status . ' #PinScore'));
    if (empty($result->id)) {
        logIt('Error posting tweet. ' . $result->errors[0]->message);
    } else {
        return true;
    }
}
Example #10
0
function queryAPI($params) {
	global $api_token, $api_url;
	
	// Assuming the following for all queries
	$params['token'] = $api_token;
	$params['format'] = 'json';
	$params['type'] = 'flat';
	logIt('Params: '.print_r($params,true), "DEBUG");
	
	$r = curl_init($api_url);
	curl_setopt($r, CURLOPT_POST, 1);
	curl_setopt($r, CURLOPT_POSTFIELDS, http_build_query($params));
	curl_setopt($r, CURLOPT_RETURNTRANSFER, 1);
	$r_result = curl_exec($r);
	$r_error = curl_error($r);
	curl_close($r);
	if ($r_error) {
		logIt("Curl call failed ($r_error) with params (".json_encode($params).")", 'ERROR');
		exit;
	}
	logIt('r_result: '.print_r($r_result,true), "DEBUG");
	$results = json_decode($r_result,true);
	return $results;
}
Example #11
0
     addSessionAlert(lang("ACCOUNT_PASS_MISMATCH"));
     $valid = false;
 }
 //End data validation
 if ($valid) {
     $salt = $loggedInUser->getSalt();
     //Make a new password from the existing salt
     $entered_pass_new = generateHash($password_new, $salt);
     // Check that things are still good so we should update the password
     if ($valid) {
         //This function will update the hash_pw property.
         $loggedInUser->updatePassword($entered_pass_new);
         addSessionMessage("Password Updated", "success");
     }
 } else {
     logIt("Change Password: Invalid Request", "INFO");
 }
 //PASSWORD SECURITY QUESTIONS
 $password_reset_data = array();
 $all_valid = true;
 foreach ($password_reset_pairs as $i => $pair) {
     $q = isset($_POST[$pair['question']]) ? $_POST[$pair['question']] : null;
     $a = isset($_POST[$pair['answer']]) ? $_POST[$pair['answer']] : null;
     $password_reset_data[$i]['question'] = $q;
     $password_reset_data[$i]['answer'] = $a;
     if (empty($q) || empty($a)) {
         // Invalid responses
         addSessionAlert("Invalid password reset values for question {$i}");
         $all_valid = false;
     } else {
         $a = hashSecurityAnswer($a);
Example #12
0
function add_SQLuser()
{
    global $t, $links, $tabs, $dbClass, $authClass;
    if (!$_REQUEST["t"]) {
        $_REQUEST["t"] = "event";
    }
    $accE = $_REQUEST["t"] == "event";
    $error = array();
    if ($_REQUEST["button"]) {
        $users = getSQLusers();
        if ($v = $_REQUEST["full_name"]) {
            foreach ($users as $k => $u) {
                if (strToLower($u["gecos"]) == strToLower($v)) {
                    $error[] = x("li", "'{$v}' is already known as '{$u['email']}'");
                }
            }
            if ($accE && !eregi("20[0-9][0-9]\$", $v)) {
                $error[] = x("li", "'event title' must have the year at the end");
            }
        }
        if ($v = strToLower($_REQUEST["username"])) {
            foreach ($users as $k => $u) {
                if (strToLower($u["email"]) == strToLower($v)) {
                    $error[] = x("li", "'{$v}' is already known as '{$u['gecos']}'");
                }
            }
            if ($accE && !eregi("^[a-z0-9]*\$", $v)) {
                $error[] = x("li", "'{$v}' is not a valid login name");
            }
            if (!$accE && !eregi("@", $v)) {
                $error[] = x("li", "'{$v}' is not a valid e-mail address");
            }
        }
    }
    if ($error || !$_REQUEST["username"] || !$_REQUEST["full_name"]) {
        /*
         * (re)send the form
         */
        $tt = new table("cellpadding='10'", "<center>" . x("h3", "Adding new external user"));
        $tt->tr("", "valign='top' colspan='3'", x("i", "The external user account is associated either with a <ul>" . "<li> a person (identified by his e-mail and password) or</li>" . "<li> a Nordita event (program, conference, etc.)</li></ul>"));
        $tt->tro();
        $tt->td($accE ? "Both the <b>event title</b> and <b>login name</b><br>must end by the 4-digits Year." . "<br><br><b>contact e-mail</b> is a comma-separated list<br>of the organizer e-mails" : "");
        $tt->tdo("valign='top'");
        $t = new table("", "<form action='" . $links[$tabs->active] . "' method='post'>");
        if ($error) {
            str(False, "errors detected:" . x("ul", join("\n", $error)), "colspan='3' class='registered'");
        }
        $r = "input type ='radio' name='t' onchange='submit()'";
        str("account type", "<{$r} value='human' " . ($accE ? "" : "checked") . ">personal account <{$r} value='event' " . ($accE ? "checked" : "") . ">event account");
        str($accE ? "event title" : "full name", "<input type='text' name='full_name' value='{$_REQUEST['full_name']}' size='35'>");
        str($accE ? "login name" : "e-mail", "<input type='text' name='username'  value='{$_REQUEST['username']}'  size='35'>");
        if ($accE) {
            str("proposed password", "<input type='password' name='pwd'  value='{$_REQUEST['pwd']}'  size='35'>");
        }
        if ($accE) {
            str("confirm password", "<input type='password' name='pwd2' value='{$_REQUEST['pwd2']}' size='35'>");
        }
        if ($accE) {
            str("contact e-mail(s)", "<input type='text' name='contact' value='{$_REQUEST['contact']}'  size='35'>");
        }
        str(" ", "<input type='submit' name='button' value='submit'> <input type='submit' name='button' value='cancel'>");
        $t->close("</form>");
        $tt->tdc();
        $tt->trc();
        $tt->close("</center>");
    } else {
        /*
         * the form is ok. Create the account, send info mail
         */
        $users = getSQLusers();
        $uid = -1000;
        while ($users[$uid]) {
            --$uid;
        }
        if (!$_REQUEST["pwd"]) {
            $_REQUEST["pwd"] = $authClass->random_password(8);
        }
        $dbClass->query("INSERT INTO accounts (id,username,password,new_password,full_name,status,superviser) " . "VALUES ('{$uid}','{$_REQUEST['username']}','{$_REQUEST['pwd']}','{$_REQUEST['pwd']}','{$_REQUEST['full_name']}',1,'{$_REQUEST['contact']}')");
        logIt("newuser", $_REQUEST["username"], $_REQUEST["full_name"]);
        print x("h3", "New user for the Preprints Database");
        $t = new table();
        #   $t->tr("","",$uid,"uid:");
        $t->tr("", "", $_REQUEST["full_name"], "name:");
        $t->tr("", "", $_REQUEST["username"], x("b", "login name:"));
        if ($_REQUEST["contact"]) {
            $t->tr("", "", $_REQUEST["contact"], x("b", "contact e-mail:"));
        } else {
            $t->tr("", "colspan='2'", x("i", "The password is sent to " . $_REQUEST["username"]));
        }
        $t->close();
        mail2newUser($_REQUEST["username"]);
    }
}
Example #13
0
        default:
            errorExit("An unknown error occured during file upload.");
    }
}
$q = $dbClass->query("SELECT * FROM publications WHERE RowId=" . $dbClass->quote($rowId));
$row = $dbClass->next_record($q);
$status = $row["Status"];
if ($status == "reserved" && !(empty($location) && empty($journal)) && !empty($authors) && !empty($title)) {
    $status = "registered";
    mail2secretary("Registered");
    logIt("register", pp_preprintID($row["Year"], $row["Report"]), uid2gecos($res_UID));
    unset($pp_id);
}
$dbClass->query("UPDATE publications SET " . " Field=" . $dbClass->quote($field) . ",Location=" . $dbClass->quote($location) . ",Authors=" . $dbClass->quote($authors) . ",Title=" . $dbClass->quote($title) . ",PublIn=" . $dbClass->quote($journal) . ",Id=" . $dbClass->quote($res_UID) . ",Status=" . $dbClass->quote($status) . " WHERE RowId=" . $dbClass->quote($rowId));
if ($pp_id) {
    logIt("edit", $pp_id, uid2gecos($res_UID));
}
// ==========================================================================
/// @fn void  ( void )
///
/// ...
///
/// @global
/// @parameter ...
/// @return ...
/// @gobals[out] - none
/// @sideeffect  - none
///
/// @calledby ...
// ==========================================================================
function errorExit($text)
Example #14
0
function getRF($property)
{
    global $redcap_field_map;
    if (isset($redcap_field_map[$property])) {
        return $redcap_field_map[$property];
    } else {
        logIt("Error finding {$property} in redcap_field_map", "ERROR");
        return false;
    }
}
Example #15
0
<?php

// ============================================================================
// PREPRINTS/ACCEPT_PREPRINT.PHP
// ============================================================================
include_once "config.manage.php";
core_declare_input("rowId");
if (!$authClass->isAdmin()) {
    errorPage("Preprints may only be accepted by administrative staff");
}
$time = time();
$dbClass->query("update publications set Status='ok', Tm=" . $time . " where RowId=" . $rowId);
$res = $dbClass->query("select * from publications where RowId=" . $rowId);
while ($row = $dbClass->next_record($res)) {
    mail2secretary("Accepted");
    logIt("accept", pp_preprintID($row["Year"], $row["Report"]), uid2gecos($row["Id"]));
}
header("Location: show_preprints.php");