/**
* Get a list of every group that $user is in.
*
* @param string $user The user to get groups for.
* @param boolean $parentGroups Also return the parents of any groups?
*
* @return array An array of all groups the user is in.
*/
function getGroupMemberships($user, $parentGroups = false)
{
Horde::logMessage('getGroupMemberships', __FILE__, __LINE__, PEAR_LOG_DEBUG);
if ($this->_server->connect(Auth::getAuth(), Auth::getCredential('password'))) {
$groups = array();
$criteria = array();
array_push($criteria, array('conjunction' => 'AND', 'key' => 'login', 'value' => strtolower($user), 'expression' => 'EQUALS'));
array_push($criteria, array('conjunction' => 'AND', 'key' => 'isAccount', 'value' => 1, 'expression' => 'EQUALS'));
$flags = array('limit' => 1, 'revolve' => 'NO');
$result = $this->_server->search('Contact', $criteria, 128, $flags);
if (is_array($result)) {
$result = $result[0];
if (is_array($result['_MEMBERSHIP'])) {
foreach ($result['_MEMBERSHIP'] as $assignment) {
$teamId = $assignment['targetObjectId'];
$team = $this->_getGroup($teamId);
if (isset($team['name'])) {
array_push($groups, $team['name']);
} else {
PEAR::raiseError(_("Invalid object in zOGI response."));
}
}
}
} else {
PEAR::raiseError(_("Invalid zOGI server version detected."));
}
} else {
PEAR::raiseError(_("Cannot retrieve contacts teams."));
}
Horde::logMessage(sprintf('User a member of %d groups', count($groups)), __FILE__, __LINE__, PEAR_LOG_DEBUG);
return $groups;
}
/**
* Handle a "when" step.
*
* @param array &$world Joined "world" of variables.
* @param string $action The description of the step.
* @param array $arguments Additional arguments to the step.
*
* @return mixed The outcome of the step.
*/
public function runWhen(&$world, $action, $arguments)
{
switch ($action) {
case 'create a Kolab default calendar with name':
$folder = $world['storage']->getNewFolder();
$folder->setName($arguments[0]);
$world['folder_creation'] = $folder->save(array('type' => 'event', 'default' => true));
$folder->setACL(Auth::getAuth(), 'alrid');
break;
case 'allow a group full access to a folder':
$folder = $world['storage']->getFolder($arguments[1]);
$folder->setACL($arguments[0], 'alrid');
break;
case 'retrieving the list of shares for the application':
$shares = $GLOBALS['injector']->getInstance('Horde_Core_Factory_Share')->create($arguments[0], 'kolab');
$world['list'] = $shares->listShares(Auth::getAuth());
break;
case 'logging in as a user with a password':
$world['login'] = $world['auth']->authenticate($arguments[0], array('password' => $arguments[1]));
$world['storage'] = $this->prepareEmptyKolabStorage();
return parent::runWhen($world, $action, $arguments);
default:
return parent::runWhen($world, $action, $arguments);
}
}
/**
* リクエストからログイン処理をおこなう
*
* @param bool $is_save_cookie クッキーの保存期限を設定するかどうか
* @return bool
*/
function login($is_save_cookie = false)
{
$this->auth =& $this->factory(true);
if ($this->is_lowercase_username) {
$this->auth->post[$this->auth->_postUsername] = strtolower($this->auth->post[$this->auth->_postUsername]);
}
if ($this->is_encrypt_username) {
$this->auth->post[$this->auth->_postUsername] = t_encrypt($this->auth->post[$this->auth->_postUsername]);
}
$this->auth->start();
if ($this->auth->getAuth()) {
if (OPENPNE_SESSION_CHECK_URL) {
$this->auth->setAuthData('OPENPNE_URL', OPENPNE_URL);
}
if ($this->is_check_user_agent) {
$this->auth->setAuthData('USER_AGENT', $_SERVER['HTTP_USER_AGENT']);
}
$this->sess_id = session_id();
if (!$this->is_ktai) {
if ($is_save_cookie) {
$expire = time() + 2592000;
// 30 days
} else {
$expire = 0;
}
setcookie(session_name(), session_id(), $expire, $this->cookie_path);
}
return true;
} else {
return false;
}
}
function _init()
{
$this->_server = new ZOGI();
$this->_limit = $this->_params['limit'];
$this->_entity = $this->_params['entity'];
if (!$this->_server->connect(Auth::getAuth(), Auth::getCredential('password'))) {
return PEAR::raiseError(_('Connection failure'));
}
return;
}
/**
* Starts and verifies the PEAR::Auth login process
*
* @return boolean true upon success or false on failure
*
* @access private
*/
function readUserData()
{
$this->pearAuth->start();
// If a user was found, read data into class variables and set
// return value to true
if (!$this->pearAuth->getAuth()) {
return null;
}
$this->propertyValues['handle'] = $this->pearAuth->getUsername();
$this->propertyValues['passwd'] = $this->encryptPW($this->pearAuth->password);
$this->propertyValues['is_active'] = true;
$this->propertyValues['auth_user_id'] = $this->pearAuth->getUsername();
$this->propertyValues['lastlogin'] = '';
return true;
}
/**
* Builds the menu structure depending on application permissions.
*/
function buildMenu()
{
global $registry, $perms;
$children = array();
foreach ($registry->applications as $app => $params) {
if (isset($params['menu_parent'])) {
/* Make sure the is a $children entry for each parent
* group. */
if (!isset($children[$params['menu_parent']])) {
$children[$params['menu_parent']] = array();
}
}
/* Check if the current user has permisson to see this
* application, and if the application is
* active. Administrators always see all applications. Anyone
* with SHOW permissions can see an application, but READ is
* needed to actually use the application. You can use this
* distinction to show applications to guests that they need
* to log in to use. If you don't want them to see apps they
* can't use, then don't give guests SHOW permissions to
* anything. */
if (Auth::isAdmin() && ($params['status'] == 'active' || $params['status'] == 'admin') || ($perms->exists($app) ? $perms->hasPermission($app, Auth::getAuth(), PERMS_SHOW) : Auth::getAuth()) && $params['status'] == 'active') {
if (isset($params['menu_parent'])) {
$children[$params['menu_parent']][$app] = $params;
}
} else {
if ($params['status'] != 'heading') {
$registry->applications[$app]['status'] = 'inactive';
}
}
}
$tmp = array();
foreach ($registry->applications as $app => $params) {
/* Filter out all parents without children. */
if (isset($children[$app])) {
if (count($children[$app])) {
$tmp[$app] = $params;
$tmp[$app]['children'] = true;
}
} else {
$tmp[$app] = $params;
}
}
$registry->applications = $tmp;
}
/**
* Reads user data from the given data source
* Starts and verifies the PEAR::Auth login process
*
* @param string user handle
* @param string user password
* @param bool|int if the user data should be read using the auth user id
* @return bool true on success or false on failure
*
* @access public
*/
function readUserData($handle = '', $passwd = '', $auth_user_id = false)
{
$this->pearAuth->username = $auth_user_id !== false ? $auth_user_id : $handle;
$this->pearAuth->password = $passwd;
$this->pearAuth->start();
if (!$this->pearAuth->getAuth()) {
return null;
}
// User was found, read data into class variables and set return value to true
$this->propertyValues['auth_user_id'] = $this->pearAuth->getUsername();
$this->propertyValues['handle'] = $this->pearAuth->getUsername();
$this->propertyValues['passwd'] = $this->encryptPW($this->pearAuth->password);
if (!array_key_exists('is_active', $this->tables['users']['fields'])) {
$this->propertyValues['is_active'] = true;
}
if (!array_key_exists('lastlogin', $this->tables['users']['fields'])) {
$this->propertyValues['lastlogin'] = null;
}
return true;
}
* did not receive this file, see http://www.fsf.org/copyleft/lgpl.html.
*/
@define('HORDE_BASE', dirname(__FILE__) . '/../..');
require_once HORDE_BASE . '/lib/base.php';
require_once HORDE_LIBS . 'Horde/Block.php';
require_once HORDE_LIBS . 'Horde/Identity.php';
require_once HORDE_LIBS . 'Horde/Menu.php';
require_once HORDE_LIBS . 'Horde/Help.php';
if (!Auth::isAuthenticated()) {
Horde::authenticationFailureRedirect();
}
// Get full name for title
$identity =& Identity::singleton();
$fullname = $identity->getValue('fullname');
if (empty($fullname)) {
$fullname = Auth::getAuth();
}
// Get refresh interval.
if ($prefs->getValue('summary_refresh_time')) {
$refresh_time = $prefs->getValue('summary_refresh_time');
$refresh_url = Horde::applicationUrl('services/portal/');
}
// Load layout from preferences.
$layout_pref = @unserialize($prefs->getValue('portal_layout'));
if (!is_array($layout_pref)) {
$layout_pref = array();
}
// Store the apps we need to load stylesheets for.
$cssApps = array();
foreach ($layout_pref as $row) {
foreach ($row as $item) {
}
$auth =& Auth::singleton($conf['auth']['driver']);
function _setValuesToKeys($in)
{
$out = array();
foreach ($in as $value) {
$out[$value] = $value;
}
asort($out);
return $out;
}
/* Set up VFS. */
require_once HORDE_LIBS . 'VFS.php';
$vfs_type = $conf['vfs']['type'];
$vfs_args = Horde::getDriverConfig('vfs', $vfs_type);
$vfs_args['user'] = Auth::getAuth();
$vfs =& VFS::singleton($vfs_type, $vfs_args);
@define('TEMPLATES_VFS_PATH', '.horde_templates');
/* Require Horde_Form libs. */
require_once HORDE_LIBS . 'Horde/Form.php';
require_once HORDE_LIBS . 'Horde/Form/Renderer.php';
require_once HORDE_LIBS . 'Horde/Form/Action.php';
/* Set up Horde_Form. */
$vars =& Variables::getDefaultVariables();
$form =& Horde_Form::singleton('TemplatesForm', $vars);
$action =& Horde_Form_Action::factory('submit');
/* Set up form fields. */
$apps = _setValuesToKeys($registry->listApps());
$select_app =& $form->addVariable(_("Application"), 'app', 'enum', true, false, null, array($apps));
$select_app->setAction($action);
$form->addHidden('', 'old_app', 'text', false, false);
?>
<!-- Produced By Ron Royston, ron@stndip.com -->
<html lang="en">
<body class="">
<!-- Uses a header that scrolls with the text, rather than staying locked at the top -->
<div class="mdl-layout mdl-js-layout mdl-layout--fixed-header">
<header class="mdl-layout__header mdl-layout__header--scroll mdl-color--white mdl-color--grey-600 ">
<div class="mdl-layout__header-row">
<!-- Title -->
<span class="mdl-layout-title font1 xl">rack!</span>
<!-- Add spacer, to align navigation to the right -->
<div class="mdl-layout-spacer"></div>
<!-- Navigation -->
<nav class="mdl-navigation">
<?php
if ($a->getAuth()) {
echo "<a class=\"mdl-navigation__link\" href=\"profile\">" . $a->getUsername() . "</a>";
echo '<a class="mdl-navigation__link" href="includes/logout">logout</a>';
} else {
echo '<a class="mdl-navigation__link" href="access">Login / Register</a>';
}
?>
<div class="mdl-textfield mdl-js-textfield mdl-textfield--expandable">
<label class="mdl-button mdl-js-button mdl-button--icon" for="search">
<i class="material-icons">search</i>
</label>
<div class="mdl-textfield__expandable-holder">
<input class="mdl-textfield__input" type="text" id="search" />
<label class="mdl-textfield__label" for="search">Enter your query...</label>
</div>
</div>
exit;
} else {
$url = Util::getFormData('url');
$initial_app = $prefs->getValue('initial_application');
if (!empty($url)) {
$main_page = $url;
} elseif (!empty($initial_app) && !($GLOBALS['perms']->exists($initial_app) && !$GLOBALS['perms']->hasPermission($initial_app, Auth::getAuth(), PERMS_READ))) {
$main_page = Horde::url($registry->getInitialPage($initial_app));
} elseif (isset($registry->applications['horde']['initial_page'])) {
$main_page = Horde::applicationUrl($registry->applications['horde']['initial_page']);
} elseif (Auth::getAuth()) {
$main_page = Horde::applicationUrl('services/portal/');
} else {
$main_page = Horde::applicationUrl('login.php');
}
if (!Util::getFormData('frameset') && ($conf['menu']['always'] || $conf['menu']['display'] && Auth::getAuth() && $prefs->getValue('show_sidebar'))) {
if ($browser->hasQuirk('scrollbar_in_way')) {
$scrollbar = 'yes';
} else {
$scrollbar = 'auto';
}
$main_page = Util::addParameter($main_page, 'frameset', 1);
require HORDE_TEMPLATES . '/index/frames_index.inc';
} else {
header('Location: ' . $main_page);
exit;
}
}
} else {
define('HORDE_LIBS', '');
require HORDE_BASE . '/lib/Test.php';
public function download()
{
// remove session
if (isset($_SESSION['showDownload'])) {
// reset session variable for next time
$_SESSION['showDownload'] = null;
unset($_SESSION['showDownload']);
session_write_close();
}
// php script timeout for long downloads (2 days!)
set_time_limit(60 * 60 * 24 * 2);
// load the server the file is on
$storageType = 'local';
$storageLocation = _CONFIG_FILE_STORAGE_PATH;
$uploadServerDetails = $this->loadServer();
if ($uploadServerDetails != false) {
$storageLocation = $uploadServerDetails['storagePath'];
$storageType = $uploadServerDetails['serverType'];
// if no storage path set & local, use system default
if (strlen($storageLocation) == 0 && $storageType == 'local') {
$storageLocation = _CONFIG_FILE_STORAGE_PATH;
}
}
// get file path
$fullPath = $this->getFullFilePath($storageLocation);
// open file - via ftp
if ($storageType == 'remote') {
// connect via ftp
$conn_id = ftp_connect($uploadServerDetails['ipAddress'], $uploadServerDetails['ftpPort'], 30);
if ($conn_id === false) {
$this->errorMsg = 'Could not connect to ' . $uploadServerDetails['ipAddress'] . ' to upload file.';
return false;
}
// authenticate
$login_result = ftp_login($conn_id, $uploadServerDetails['ftpUsername'], $uploadServerDetails['ftpPassword']);
if ($login_result === false) {
$this->errorMsg = 'Could not login to ' . $uploadServerDetails['ipAddress'] . ' with supplied credentials.';
return false;
}
// prepare the stream of data
$pipes = stream_socket_pair(STREAM_PF_UNIX, STREAM_SOCK_STREAM, STREAM_IPPROTO_IP);
if ($pipes === false) {
$this->errorMsg = 'Could not create stream to download file on ' . $uploadServerDetails['ipAddress'];
return false;
}
stream_set_write_buffer($pipes[0], 10000);
stream_set_timeout($pipes[1], 10);
stream_set_blocking($pipes[1], 0);
$fail = false;
$ret = ftp_nb_fget($conn_id, $pipes[0], $fullPath, FTP_BINARY, FTP_AUTORESUME);
} else {
$handle = @fopen($fullPath, "r");
if (!$handle) {
$this->errorMsg = 'Could not open file for reading.';
return false;
}
}
// download speed
$speed = 0;
// if free/non user
$Auth = Auth::getAuth();
if ($Auth->loggedIn == false || $Auth->level == 'free user') {
$speed = (int) SITE_CONFIG_FREE_USER_MAX_DOWNLOAD_SPEED;
} else {
$speed = (int) SITE_CONFIG_PREMIUM_USER_MAX_DOWNLOAD_SPEED;
}
// do we need to throttle the speed?
if ($speed > 0) {
// create new throttle config
$config = new ThrottleConfig();
// set standard transfer rate (in bytes/second)
$config->burstLimit = $speed;
$config->rateLimit = $speed;
// enable module (this is a default value)
$config->enabled = true;
// start throttling
$x = new Throttle($config);
}
// output some headers
header("Expires: 0");
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header("Content-type: " . $this->fileType);
header("Pragma: public");
header("Content-Disposition: attachment; filename=\"" . str_replace("\"", "", $this->originalFilename) . "\"");
header("Content-Description: File Transfer");
header("Content-Length: " . $this->fileSize);
// output file - via ftp
if ($storageType == 'remote') {
while ($ret == FTP_MOREDATA) {
$contents = stream_get_contents($pipes[1]);
if ($contents !== false) {
echo $contents;
flush();
}
$ret = ftp_nb_continue($conn_id);
}
/*
$contents = stream_get_contents($pipes[1]);
if($contents !== false)
{
echo $contents;
flush();
}
*/
fclose($pipes[0]);
fclose($pipes[1]);
} else {
while (($buffer = fgets($handle, 4096)) !== false) {
echo $buffer;
}
fclose($handle);
}
exit;
}
if (isset($registry->applications['logout']['initial_page']) && $registry->applications['logout']['initial_page'] != 'login.php?' . AUTH_REASON_PARAM . '=' . AUTH_REASON_LOGOUT) {
header('Location: ' . Horde::applicationUrl($registry->applications['logout']['initial_page']));
exit;
}
Horde::setupSessionHandler();
@session_start();
NLS::setLang($language);
/* Hook to preselect the correct language in the widget. */
$_GET['new_lang'] = $language;
}
if (isset($_POST['horde_user']) && isset($_POST['horde_pass'])) {
/* Destroy any existing session on login and make sure to use a
* new session ID, to avoid session fixation issues. */
Horde::getCleanSession();
if ($auth->authenticate(Util::getPost('horde_user'), array('password' => Util::getPost('horde_pass')))) {
$entry = sprintf('Login success for %s [%s] to Horde', Auth::getAuth(), $_SERVER['REMOTE_ADDR']);
Horde::logMessage($entry, __FILE__, __LINE__, PEAR_LOG_INFO);
if ($url_param) {
$url = Horde::url(Util::removeParameter($url_param, session_name()), true);
$horde_url = Horde::applicationUrl($registry->getParam('webroot', 'horde') . '/index.php', true);
$horde_url = Util::addParameter($horde_url, 'url', $url);
} else {
$horde_url = Horde::applicationUrl('index.php', true);
}
$horde_url = Util::addParameter($horde_url, 'frameset', Util::getFormData('frameset') ? 1 : 0);
header('Location: ' . $horde_url);
exit;
} else {
$entry = sprintf('FAILED LOGIN for %s [%s] to Horde', Util::getFormData('horde_user'), $_SERVER['REMOTE_ADDR']);
Horde::logMessage($entry, __FILE__, __LINE__, PEAR_LOG_ERR);
if ($conf['menu']['always'] && !Util::getFormData('framed')) {
private function handle_file_upload($uploaded_file, $name, $size, $type, $error)
{
$fileUpload = new stdClass();
$fileUpload->name = basename(stripslashes($name));
$fileUpload->size = intval($size);
$fileUpload->type = $type;
$fileUpload->error = null;
$extension = end(explode(".", $fileUpload->name));
$fileUpload->error = $this->has_error($uploaded_file, $fileUpload, $error);
if (!$fileUpload->error) {
if (strlen(trim($fileUpload->name)) == 0) {
$fileUpload->error = 'Filename not found.';
}
} elseif (intval($size) == 0) {
$fileUpload->error = 'File received has zero size.';
} elseif (intval($size) > $this->options['max_file_size']) {
$fileUpload->error = 'File received is larger than permitted.';
}
if (!$fileUpload->error && $fileUpload->name) {
if ($fileUpload->name[0] === '.') {
$fileUpload->name = substr($fileUpload->name, 1);
}
$newFilename = MD5(microtime());
// figure out upload type
$file_size = 0;
// select server from pool
$uploadServerId = getAvailableServerId();
$db = Database::getDatabase(true);
$uploadServerDetails = $db->getRow('SELECT * FROM file_server WHERE id = ' . $db->quote($uploadServerId));
// override storage path
if (strlen($uploadServerDetails['storagePath'])) {
$this->options['upload_dir'] = $uploadServerDetails['storagePath'];
if (substr($this->options['upload_dir'], strlen($this->options['upload_dir']) - 1, 1) == '/') {
$this->options['upload_dir'] = substr($this->options['upload_dir'], 0, strlen($this->options['upload_dir']) - 1);
}
$this->options['upload_dir'] .= '/';
}
// move remotely via ftp
if ($uploadServerDetails['serverType'] == 'remote') {
// connect ftp
$conn_id = ftp_connect($uploadServerDetails['ipAddress'], $uploadServerDetails['ftpPort'], 30);
if ($conn_id === false) {
$fileUpload->error = 'Could not connect to file server ' . $uploadServerDetails['ipAddress'];
}
// authenticate
if (!$fileUpload->error) {
$login_result = ftp_login($conn_id, $uploadServerDetails['ftpUsername'], $uploadServerDetails['ftpPassword']);
if ($login_result === false) {
$fileUpload->error = 'Could not authenticate with file server ' . $uploadServerDetails['ipAddress'];
}
}
// create the upload folder
if (!$fileUpload->error) {
$uploadPathDir = $this->options['upload_dir'] . substr($newFilename, 0, 2);
if (!ftp_mkdir($conn_id, $uploadPathDir)) {
// Error reporting removed for now as it causes issues with existing folders. Need to add a check in before here
// to see if the folder exists, then create if not.
// $fileUpload->error = 'There was a problem creating the storage folder on '.$uploadServerDetails['ipAddress'];
}
}
// upload via ftp
if (!$fileUpload->error) {
$file_path = $uploadPathDir . '/' . $newFilename;
clearstatcache();
if ($uploaded_file && is_uploaded_file($uploaded_file)) {
// initiate ftp
$ret = ftp_nb_put($conn_id, $file_path, $uploaded_file, FTP_BINARY, FTP_AUTORESUME);
while ($ret == FTP_MOREDATA) {
// continue uploading
$ret = ftp_nb_continue($conn_id);
}
if ($ret != FTP_FINISHED) {
$fileUpload->error = 'There was a problem uploading the file to ' . $uploadServerDetails['ipAddress'];
} else {
$file_size = filesize($uploaded_file);
@unlink($uploaded_file);
}
}
}
// close ftp connection
ftp_close($conn_id);
} else {
// create the upload folder
$uploadPathDir = $this->options['upload_dir'] . substr($newFilename, 0, 2);
@mkdir($uploadPathDir);
$file_path = $uploadPathDir . '/' . $newFilename;
clearstatcache();
if ($uploaded_file && is_uploaded_file($uploaded_file)) {
move_uploaded_file($uploaded_file, $file_path);
}
$file_size = filesize($file_path);
}
// check filesize uploaded matches tmp uploaded
if ($file_size === $fileUpload->size) {
$fileUpload->url = $this->options['upload_url'] . rawurlencode($fileUpload->name);
// insert into the db
$fileUpload->size = $file_size;
$fileUpload->delete_url = '~d?' . $this->options['delete_hash'];
$fileUpload->info_url = '~i?' . $this->options['delete_hash'];
$fileUpload->delete_type = 'DELETE';
// create delete hash, make sure it's unique
$deleteHash = md5($fileUpload->name . getUsersIPAddress() . microtime());
$existingFile = file::loadByDeleteHash($deleteHash);
while ($existingFile != false) {
$deleteHash = md5($fileUpload->name . getUsersIPAddress() . microtime());
$existingFile = file::loadByDeleteHash($deleteHash);
}
// store in db
$db = Database::getDatabase(true);
$dbInsert = new DBObject("file", array("originalFilename", "shortUrl", "fileType", "extension", "fileSize", "localFilePath", "userId", "totalDownload", "uploadedIP", "uploadedDate", "statusId", "deleteHash", "serverId"));
$dbInsert->originalFilename = $fileUpload->name;
$dbInsert->shortUrl = 'temp';
$dbInsert->fileType = $fileUpload->type;
$dbInsert->extension = $extension;
$dbInsert->fileSize = $fileUpload->size;
$dbInsert->localFilePath = substr($file_path, strlen($this->options['upload_dir']), 99999);
// add user id if user is logged in
$dbInsert->userId = NULL;
$Auth = Auth::getAuth();
if ($Auth->loggedIn()) {
$dbInsert->userId = (int) $Auth->id;
}
$dbInsert->totalDownload = 0;
$dbInsert->uploadedIP = getUsersIPAddress();
$dbInsert->uploadedDate = sqlDateTime();
$dbInsert->statusId = 1;
$dbInsert->deleteHash = $deleteHash;
$dbInsert->serverId = $uploadServerId;
if (!$dbInsert->insert()) {
$fileUpload->error = 'abort';
}
// create short url
$tracker = 1;
$shortUrl = file::createShortUrlPart($tracker . $dbInsert->id);
$fileTmp = file::loadByShortUrl($shortUrl);
while ($fileTmp) {
$shortUrl = file::createShortUrlPart($tracker . $dbInsert->id);
$fileTmp = file::loadByShortUrl($shortUrl);
$tracker++;
}
// update short url
file::updateShortUrl($dbInsert->id, $shortUrl);
// update fileUpload with file location
$file = file::loadByShortUrl($shortUrl);
$fileUpload->url = $file->getFullShortUrl();
$fileUpload->delete_url = $file->getDeleteUrl();
$fileUpload->info_url = $file->getInfoUrl();
$fileUpload->stats_url = $file->getStatisticsUrl();
$fileUpload->short_url = $shortUrl;
} else {
if ($this->options['discard_aborted_uploads']) {
//@TODO - made ftp compatible
@unlink($file_path);
@unlink($uploaded_file);
if (!isset($fileUpload->error)) {
$fileUpload->error = 'maxFileSize';
}
}
}
}
return $fileUpload;
}
require_once "Auth/Auth.php";
require_once "DB.php";
// Paramètres pour la base de données
require_once PATH_INCLUDE . 'database.inc.php';
$DSN = "mysql://{$dbuser}:{$dbpass}@{$dbhost}/{$dbbase}";
// Identification de l'utilisateur
$options = array('table' => 'uti_utilisateur', 'usernamecol' => 'uti_login', 'passwordcol' => 'uti_password', 'dsn' => $DSN);
require_once PATH_INC_BACKEND . 'logon.php';
$openwebAuth = new Auth("DB", $options, 'ow_html_login_box', true);
$openwebAuth->start();
if (isset($_GET['logon'])) {
$openwebAuth->logout();
session_destroy();
$openwebAuth->start();
}
if (!$openwebAuth->getAuth()) {
exit;
}
// Connexion à la base de données
$db = DB::Connect($DSN);
$db->setFetchMode(DB_FETCHMODE_ASSOC);
// Récuperation des données de l'utilisateur
if (!isset($_SESSION['utilisateur'])) {
require_once PATH_INC_BACKEND_SERVICE . 'UserManager.class.php';
$um = new UserManager($db);
if (($user = $um->getUserDatas($openwebAuth->username)) === null) {
session_destroy();
echo 'Problème de lecture de vos données personnelles';
exit;
}
// Vérifie si l'utilisateur est autorisé à se connecter
if (!is_null($theme)) {
$prefs->setValue('theme', $theme);
$updated = true;
}
return $updated;
}
/* Assign variables for select lists. */
if (!$prefs->isLocked('timezone')) {
$timezone_options =& $tz;
}
if (!$prefs->isLocked('initial_application')) {
global $perms;
$initial_application_options = array();
$apps = $registry->listApps(array('active'));
foreach ($apps as $a) {
if ($perms->exists($a) && ($perms->hasPermission($a, Auth::getAuth(), PERMS_READ) || Auth::isAdmin()) || !$perms->exists($a)) {
$initial_application_options[$a] = $registry->getParam('name', $a);
}
}
}
if (!$prefs->isLocked('theme')) {
$theme_options = array();
$dh = @opendir($appbase . '/config/themes');
if (!$dh) {
$notification->push("Theme directory can't be opened", 'horde.error');
} else {
while (($file = readdir($dh)) !== false) {
if (substr($file, 0, 5) == 'html-' && substr($file, -4) == '.php') {
$theme_name = null;
@(include $appbase . '/config/themes/' . $file);
if (!empty($theme_name)) {
<?php
$options = array('host' => 'ldap.example.com', 'port' => '389', 'base' => 'o=Example Inc., c=US', 'userattr' => 'uid');
$auth = new Auth('LDAP', $options);
// begin validation
// print login screen for anonymous users
$auth->start();
if ($auth->getAuth()) {
// content for validated users
} else {
// content for anonymous users
}
// log users out
$auth->logout();
error_reporting(E_ALL);
// Inclusion des bibliothèques de PEAR
$pear_path = realpath(PATH_INC_BACKEND . '../../pear');
ini_set('include_path', ini_get('include_path') . ':' . $pear_path);
require_once "Auth/Auth.php";
require_once "DB.php";
require_once "PEAR/ErrorStack.php";
// Paramètres pour la base de données
require_once PATH_INCLUDE . 'database.inc.php';
$DSN = "mysql://{$dbuser}:{$dbpass}@{$dbhost}/{$dbbase}";
// Identification de l'utilisateur
$options = array('table' => 'uti_utilisateur', 'usernamecol' => 'uti_login', 'passwordcol' => 'uti_password', 'dsn' => $DSN);
require_once PATH_INC_BACKEND . 'logon.php';
$openwebAuth = new Auth("DB", $options, 'ow_html_login_box', true);
$openwebAuth->start();
if (isset($_GET['logon']) && $openwebAuth->getAuth()) {
$openwebAuth->logout();
unset($_SESSION['utilisateur']);
$openwebAuth->start();
}
if (!$openwebAuth->getAuth()) {
exit;
}
// Connexion à la base de données
$db = DB::Connect($DSN);
$db->setFetchMode(DB_FETCHMODE_ASSOC);
// Récuperation des données de l'utilisateur
if (!isset($_SESSION['utilisateur'])) {
require_once PATH_INC_BACKEND_SERVICE . 'UserManager.class.php';
$um = new UserManager($db);
if (($user = $um->getUserDatas($openwebAuth->username)) === null) {
<?php
session_start();
if (isset($_SESSION["bfUser"])) {
header("Location: Home.php");
/* Redirect browser */
exit;
} else {
if (isset($_POST["email_adr"]) && isset($_POST["user_password"])) {
include "../../bossflex/DB/Models/User.php";
include "../../bossflex/DB/Models/Auth.php";
$User = User::getUserByEmail($_POST["email_adr"]);
if ($User && $User->getCID() == 1) {
$auth = Auth::getAuth($User);
if ($auth->validLogin($_POST["user_password"])) {
$_SESSION['bfUser'] = $User->getProperties();
header("Location: Home.php");
/* Redirect browser */
}
}
echo "<h3>Sorry, the credentials entered are incorrect</h3>";
}
}
?>
<form action="Login.php" method="post">
Email<br>
<input type="email" name="email_adr" value=""><br><br>
Password<br>
<input type="password" name="user_password" value=""><br><br>
<input type="submit" value="Submit">
</form>
<?php
/**
* $Horde: horde/services/maintenance.php,v 1.27 2004/01/19 07:09:29 slusarz Exp $
*
* Copyright 2001-2004 Michael Slusarz <*****@*****.**>
* Copyright 2001-2004 Charles J. Hagenbuch <*****@*****.**>
* Copyright 2001-2004 Jon Parise <*****@*****.**>
*
* See the enclosed file COPYING for license information (LGPL). If you
* did not receive this file, see http://www.fsf.org/copyleft/lgpl.html.
*/
include_once '../lib/base.php';
include_once HORDE_LIBS . 'Horde/Maintenance.php';
/* Make sure there is a user logged in. */
if (!Auth::getAuth()) {
$url = Horde::url($registry->getParam('webroot', 'horde') . '/login.php', true);
$url = Util::addParameter($url, 'url', Horde::selfUrl());
header('Location: ' . $url);
exit;
}
/* If no 'module' parameter passed in, return error. */
if (!($module = basename(Util::getFormData('module', '')))) {
Horde::fatal(PEAR::raiseError(_("Do not directly access maintenance.php")), __FILE__, __LINE__);
}
/* Load the module specific maintenance class now. */
if (!($maint =& Maintenance::factory($module))) {
Horde::fatal(PEAR::raiseError(_("The Maintenance:: class did not load successfully")), __FILE__, __LINE__);
}
/* Have the maintenance module do all necessary processing. */
list($action, $tasks) = $maint->runMaintenancePage();
/**
* @param string $type The type of link.
* @param boolean $override Override Horde settings?
*
* @return boolean True if the link is to be shown.
*/
function showService($type, $override = false)
{
global $conf;
if (empty($conf['menu']['links'][$type])) {
return false;
}
switch ($conf['menu']['links'][$type]) {
case 'all':
return true;
case 'never':
return $override;
case 'authenticated':
return $override || (bool) Auth::getAuth();
default:
return $override;
}
}
}
break;
case 'editform':
$share =& $shares->getShareById(Util::getFormData('cid'));
if (is_a($share, 'PEAR_Error')) {
$notification->push(_("Attempt to edit a non-existent share."), 'horde.error');
} else {
if (Auth::getAuth() != $share->get('owner')) {
exit('permission denied');
}
$perm =& $share->getPermission();
// Process owner and owner permissions.
$old_owner = $share->get('owner');
$new_owner = Util::getFormData('owner', $old_owner);
if ($old_owner !== $new_owner && !empty($new_owner)) {
if ($old_owner != Auth::getAuth() && !Auth::isAdmin()) {
$notification->push(_("Only the owner or system administrator may change ownership or owner permissions for a share"), 'horde.error');
} else {
$share->set('owner', $new_owner);
$share->save();
if (Util::getFormData('owner_show')) {
$perm->addUserPermission($new_owner, PERMS_SHOW, false);
} else {
$perm->removeUserPermission($new_owner, PERMS_SHOW, false);
}
if (Util::getFormData('owner_read')) {
$perm->addUserPermission($new_owner, PERMS_READ, false);
} else {
$perm->removeUserPermission($new_owner, PERMS_READ, false);
}
if (Util::getFormData('owner_edit')) {
/* load db config settings into constants */
$db = Database::getDatabase();
$rows = $db->getRows("SELECT config_key, config_value FROM site_config ORDER BY config_group, config_key");
if (COUNT($rows)) {
foreach ($rows as $row) {
$constantName = "SITE_CONFIG_" . strtoupper($row['config_key']);
define($constantName, $row['config_value']);
}
}
/* setup translations */
translate::setUpTranslationConstants();
// Store session info in the database?
if ($Config->useDBSessions === true) {
DBSession::register();
}
// Initialize our session
session_name($Config->sessionName);
session_start();
// Initialize current user
$Auth = Auth::getAuth();
// Object for tracking and displaying error messages
$Error = Error::getError();
define("SITE_IMAGE_PATH", WEB_ROOT . "/themes/" . SITE_CONFIG_SITE_THEME . "/images");
define("SITE_CSS_PATH", WEB_ROOT . "/themes/" . SITE_CONFIG_SITE_THEME . "/styles");
define("SITE_JS_PATH", WEB_ROOT . "/themes/" . SITE_CONFIG_SITE_THEME . "/js");
/* check for banned ip */
$bannedIP = bannedIP::getBannedType();
if (strtolower($bannedIP) == "whole site") {
header('HTTP/1.1 404 Not Found');
die;
}
}
@define('AUTH_HANDLER', true);
@define('HORDE_BASE', dirname(__FILE__) . '/..');
require_once HORDE_BASE . '/lib/base.php';
require_once HORDE_BASE . '/lib/version.php';
require_once HORDE_LIBS . 'Horde/Identity.php';
if (!($perms->exists('problem') ? $perms->hasPermission('problem', Auth::getAuth(), PERMS_READ) : Auth::getAuth())) {
_returnToPage();
}
$identity =& Identity::singleton();
$email = $identity->getValue('from_addr');
if (empty($email)) {
$email = Util::getFormData('email', '');
}
if (empty($email)) {
$email = Auth::getAuth();
}
$message = Util::getFormData('message', '');
$name = Util::getFormData('name', $identity->getValue('fullname'));
$subject = Util::getFormData('subject', '');
$actionID = Util::getFormData('actionID');
switch ($actionID) {
case 'send_problem_report':
require_once HORDE_LIBS . 'Horde/Text.php';
if (!empty($subject) && !empty($message)) {
require_once HORDE_LIBS . 'Horde/MIME.php';
require_once HORDE_LIBS . 'Horde/MIME/Headers.php';
require_once HORDE_LIBS . 'Horde/MIME/Message.php';
$msg_headers =& new MIME_Headers();
$msg_headers->addReceivedHeader();
$msg_headers->addMessageIdHeader();
