/**
     * @return string
     */
    private function prepareMessageText()
    {
        $http = BlockDefault::http();

        $title = $http->hasPostVariable( 'salutation' ) ? stripslashes( $http->postVariable( 'salutation' ) ) : '';
        $firstName = $http->hasPostVariable( 'first_name' ) ? stripslashes( $http->postVariable( 'first_name' ) ) : '';
        $lastName = $http->hasPostVariable( 'last_name' ) ? stripslashes( $http->postVariable( 'last_name' ) ) : '';
        $phone = $http->hasPostVariable( 'phone' ) ? stripslashes( $http->postVariable( 'phone' ) ) : '';
        $address = $http->hasPostVariable( 'address1' ) ? stripslashes( $http->postVariable( 'address1' ) . ' - ' . $http->postVariable( 'address2' ) ) : '';
        $postalCode = $http->hasPostVariable( 'cp' ) ? stripslashes( $http->postVariable( 'cp' ) ) : '';
        $location = $http->hasPostVariable( 'country' ) ? stripslashes( $http->postVariable( 'country' ) . ', ' . $http->postVariable( 'city' ) ) : '';
        $email = $http->hasPostVariable( 'email' ) ? stripslashes( $http->postVariable( 'email' ) ) : '';
        $codeTVF = $http->hasPostVariable( 'tvf' ) ? stripslashes( $http->postVariable( 'tvf' ) ) : '';
        $articleTitle = $http->hasPostVariable( 'titleArticle' ) ? stripslashes( $http->postVariable( 'titleArticle' ) ) : '';
        $articleAuthor = $http->hasPostVariable( 'firstAuthor' ) ? stripslashes( $http->postVariable( 'firstAuthor' ) ) : '';
        $journalName = $http->hasPostVariable( 'nameRevue' ) ? stripslashes( $http->postVariable( 'nameRevue' ) ) : '';
        $publicationDate = $http->hasPostVariable( 'publishedDate' ) ? stripslashes( $http->postVariable( 'publishedDate' ) ) : '';
        $issueNumber = $http->hasPostVariable( 'numberRevue' ) ? stripslashes( $http->postVariable( 'numberRevue' ) ) : '';
        $firstPage = $http->hasPostVariable( 'firstPage' ) ? stripslashes( $http->postVariable( 'firstPage' ) ) : '';
        $additionalInfo = $http->hasPostVariable( 'infos' ) ? stripslashes( $http->postVariable( 'infos' ) ) : '';

        $message = ezpI18n::tr( 'application/fulltext', 'MAIL CONTENT', null, array(
            '{0}' => $title, '{1}' => $firstName, '{2}' => $lastName, '{3}' => $phone, '{4}' => $address, '{5}' => $postalCode, '{6}' => $location, '{7}' => $email, '{8}' => $codeTVF, '{9}' => $articleTitle, '{10}' => $articleAuthor, '{11}' => $journalName, '{12}' => $publicationDate, '{13}' => $issueNumber, '{14}' => $firstPage, '{15}' => $additionalInfo
        ) );

        return stripslashes( $message );
    }
    /**
     * @param string[] $params
     * @param string $outputType
     * @param string $blockName
     * @param bool $applicationName
     */
    public function __construct ( $params, $outputType, $blockName, $applicationName = false )
    {
        parent::__construct( $params, $outputType, $blockName, $applicationName );

        if($applicationName)
            $this->_application = ApplicationFactory::fetchByUri( '/'.$applicationName );
    }
 public function __construct($params, $outputType, $blockName, $applicationName)
 {
     parent::__construct($params, $outputType, $blockName, $applicationName);
     
     header('Pragma: no-cache');
     header('cache-Control: no-cache, must-revalidate');
     header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');        
 }
    protected function checkForUserAndTouChecked()
    {
        $user = BlockDefault::user();
        if (!$user) {
            return false;
        }

        if (BlockDefault::iniMerck()->hasVariable('LoginSettings', 'ToUCheck')
            && BlockDefault::iniMerck()->variable( 'LoginSettings', 'ToUCheck') != 'disabled'
            && !$user->toUValidated())
        {
            return false;
        }
        return true;
    }
    /**
     * @return bool
     */
    public function canRead(array $params)
    {
        $isPublic = $params['isPublic'];
        $isFull = $params['isFull'];

        $restrictionLevel = $this->applicationLocalized->restrictionLevel();

        if( $restrictionLevel == ApplicationObject::RESTRICTION_LEVEL_LIMITED)
        {
            $id = MMUsers::getCurrentUserId();
            $authorizedUsers = MMLimitedApplicationsAllowedUsers::fetchAllowedUsersByApplication($this->applicationLocalized->application_id);
            if(empty($authorizedUsers) || !in_array($id, $authorizedUsers)){
                return false;
            }
            else
            {
                return true;
            }
        }

        $allowsPublicView = $this->getApplicationCustomParamater('allowsPublicView');
        if( $isPublic && $allowsPublicView && MMUserHeader::tokenExists( isset( $_GET['t'] ) ? $_GET['t'] : false ) != null)
        {
            return true;
        }
        elseif( $isPublic )
        {
            return false;
        }

        if( !BlockDefault::user()
            ||                    // or if ToU not validated
            (      (bool)BlockDefault::user()
                && !BlockDefault::user()->toUValidated()
                && BlockDefault::iniMerck()->hasVariable( 'LoginSettings', 'ToUCheck' )
                && BlockDefault::iniMerck()->variable( 'LoginSettings', 'ToUCheck') != 'disabled'
            ) )
        {
            return !$isFull;
        }

        return null;
    }
Example #6
0
    /**
     * Form submission handler for sending sms
     */
    public function s()
    {
        $http = BlockDefault::http();

        $this->numPatient = $http->postVariable( 'numPatient', null );
        $this->numOffice = $http->postVariable( 'numOffice', null );
        $this->addressOffice = $http->postVariable( 'addressOffice', null );
        if ( !empty( $this->numPatient ) && !empty( $this->numOffice ) && !empty( $this->addressOffice ) )
        {
            if ( $this->user instanceof MMUsers )
            {
                if ( (boolean) $http->postVariable( 'saveAddressOffice' ) )
                {

                    $this->user->setPreference( self::USER_PREFERENCE_KEY, array(
                        'num_office' => $this->numOffice,
                        'address_office' => $this->addressOffice
                    ) );
                }
                else
                {
                    $smsPreferences = $this->user->getPreference( self::USER_PREFERENCE_KEY );
                    if ( !empty( $smsPreferences ) )
                    {
                        $this->user->removePreference( self::USER_PREFERENCE_KEY );
                    }
                }

            }
            $this->sendSms();
        }

        return;
    }
    /**
     * Reset password
     *
     * @return array
     */
    public function r()
    {
        $http = BlockDefault::http();
        $tokenData = self::decryptToken($http->postVariable('Token'));
        $token = $tokenData['token'];
        $userId = $tokenData['userId'];
        $expirationDate = strtotime('+1day',(integer)($tokenData['expirationDate'] / 1000));
        $password = $http->postVariable('new_password');
        $confirmedPassword = $http->postVariable('new_password_check');
        $now = time();
        $isConsult = (bool) $http->postVariable('consult');

        if ($now > $expirationDate)
        {
            if ( $isConsult )
            {
                $redirectUrl = $this->getCustomParameter('ConsultExpiredUrl');  
            }
            else
            {
                $redirectUrl = $this->getCustomParameter('ExpiredUrl');  
            }
            return array(
                'errorCode' => ResponseError::ERROR_TOKEN_EXPIRED,
                'redirectUrl' => $redirectUrl
            );
        }

        $esbClient = self::getEsbClient();
        $isTokenValid = $esbClient->checkToken($userId, $token, $tokenData['expirationDate']);

        if (!$isTokenValid)
        {
            if ( $isConsult )
            {
                $redirectUrl = $this->getCustomParameter('ConsultAlreadyChangedUrl');  
            }
            else
            {
                $redirectUrl = $this->getCustomParameter('AlreadyChangedUrl');  
            }
            return array(
                'errorCode' => ResponseError::ERROR_INVALID_TOKEN,
                'redirectUrl' => $redirectUrl
            );
        }

        try
        {
            $response = $esbClient->changePassword($userId, $password, $confirmedPassword);
            if ($response === true)
            {
                if( SolrSafeOperatorHelper::featureIsActive( 'ExactTarget' ) && SolrSafeOperatorHelper::featureIsActive( 'UUMP' ) )
                {
                    self::sendSuccessMail($tokenData['email'], $userId, $isConsult);
                }
                else
                {
                    self::sendSuccessMail($tokenData['userId'], $userId);
                }
            }

            $esbResult = new ESBResult();
            $userService = ESBFactory::getUserService();
            $result = $userService->read(null, $userId);
            ServiceLoginUUMP::populateESBResult($esbResult, $result);
            $loginResult = MMUserLogin::esbLogin($userId, $esbResult);

            if ( $isConsult )
            {
                $redirectUrl = $this->getCustomParameter('ConsultSuccessUrl');  
            }
            else
            {
                $redirectUrl = $this->getCustomParameter('SuccessUrl');  
            }
            $params = array(
                'uuid' => $userId,
                'h' => sha1( eZINI::instance( 'merck.ini' )->variable( 'TicketLogin', 'DESKey' ) . $userId ),
                'context' => $redirectUrl
            );

            //CookieTool::setCookie('h', sha1( eZINI::instance( 'merck.ini' )->variable( 'TicketLogin', 'DESKey' ) . $userId ), time() + 3600);

            $url = '/service/relog?' . http_build_query($params);
            return array(
                'errorCode' => ResponseError::SUCCESS,
                'redirectUrl' => $url,
            );
        }
        catch (\Exception $e)
        {
            return array(
                'errorCode' => ResponseError::ERROR_REQUEST_EXECUTION,
                'msg' => $e->getMessage()
            );
        }
    }
    /**
     * @return eZHTTPTool
     */
    static public function http()
    {
        if(is_null(self::$_http))
            self::$_http = eZHTTPTool::instance();

        return self::$_http;
    }
 public function canRead()
 {
     if (!$this->isFull) {
         return true;
     }
     if (!$this->trialExists)
     {
         return false;
     }
     if (!BlockDefault::user())
     {
         return false;
     }
     return true;
 }
    /**
     * Form submission handler for reseting user password  
     */
    public function rp()
    {
        $http = BlockDefault::http();

        $oldPassword = $http->hasPostVariable( 'OldPassword' ) ? utf8_decode( stripslashes( $http->postVariable( 'OldPassword' ) ) ) : '';
        $password = $http->hasPostVariable( 'Password' ) ? utf8_decode( stripslashes( $http->postVariable( 'Password' ) ) ) : '';
        $passwordCheck = $http->hasPostVariable( 'Password_check' ) ? utf8_decode( stripslashes( $http->postVariable( 'Password_check' ) ) ) : '';

        eZLog::write( "OldPassword: ****, Password: ****, Password_check: ****", 'changepassword.log' );

        $data = array(
            'OldPassword' => $oldPassword,
            'Password' => $password,
            'Password2' => $password2,
        );
        $postData = http_build_query( $data );

        $curlHandler = curl_init( $this->passwordResetURL );
        curl_setopt( $curlHandler, CURLOPT_POST, count( $data ) );
        curl_setopt( $curlHandler, CURLOPT_POSTFIELDS, $postData );
        curl_setopt( $curlHandler, CURLOPT_RETURNTRANSFER, TRUE );
        curl_setopt( $curlHandler, CURLOPT_SSL_VERIFYHOST, 0 );
        curl_setopt( $curlHandler, CURLOPT_SSL_VERIFYPEER, 0 );
        curl_setopt( $curlHandler, CURLOPT_HEADER, TRUE );
        curl_setopt( $curlHandler, CURLOPT_FOLLOWLOCATION, TRUE );
        $response = curl_exec( $curlHandler );

        if ( curl_errno( $curlHandler ) )
        {
            eZLog::write( 'Curl error: ' . curl_error( $curlHandler ), 'changepassword.log' );
        }
        else
        {
            eZLog::write( 'Curl ended without any errors', 'changepassword.log' );
        }
        eZLog::write( 'Curl status: ' . print_r( curl_getinfo( $curlHandler ), true ), 'changepassword.log' );
        eZLog::write( "\nUsername: {$data['Username']}\nPassword:****\nURL: {$this->createSessionURL}\nQuery: {$postData}\nResponse: {$response}\n", 'changepassword.log' );

        curl_close( $curlHandler );
    }
    /**
     * @return eZTemplate
     */
    public function tpl()
    {
        parent::tpl();
        if ( $this->app->isSeo )
        {
            $params = "/all";
            if ( isset( $this->app->seoParams["speciality"] ) )
                $params .= "/" . $this->app->seoParams["speciality"];
            if ( isset( $this->app->seoParams["keyword"] ) )
                $params .= "/" . $this->app->seoParams["keyword"];

            $this->_tpl->setVariable( 'application_url', $this->applicationName() . $params );
        }
        return $this->_tpl;
    }
    /**
     * 
     * @return eZTemplate
     */
    public function tpl()
    {
        $tpl = parent::tpl();

        // test if user is logged
        $userId         = MMUsers::getCurrentUserId();
        $currentUser    = MMUsers::fetchById( $userId );
        $isLogged       = !empty($currentUser);

        $salt = eZINI::instance( 'merck.ini' )->variable( 'TicketLogin', 'DESKey' );
        $hash = sha1($this->getApplicationId() . $salt);

        $tpl->setVariable('application_id', $this->getApplicationId());
        $tpl->setVariable('is_logged'     , $isLogged);
        $tpl->setVariable('hash'          , $hash);

        // applications for anonymous users
        $applications_anonymous = array();

        if( !$isLogged )
        {
            $ids = CountryAppsBar::fetchAppsBarApplicationIds();

            // convert ids in string
            $applications_anonymous = explode(',', implode(',', $ids));
        }

        $tpl->setVariable('applications_anonymous', $applications_anonymous);

        if( $isLogged && SolrSafeOperatorHelper::featureIsActive( 'GoogleAnalytics' ) )
        {
            $gtmVariables = array(
                'visitorSpecialtyLabel' => SolrSafeOperatorHelper::getTaxoTranslation( 'user_specialty', $this->user()->userSpecialityId() ),
                'visitorTypeLabel'      => SolrSafeOperatorHelper::getTaxoTranslation( 'customer_type',  $this->user()->customerTypeId() )
            );
            $gtmToPush = isset( $this->_result['gtm_variables'] ) ? array_merge( $this->_result['gtm_variables'], $gtmVariables ) : $gtmVariables;
            $tpl->setVariable( 'gtm_visitorvariables', $gtmToPush );
        }

        return $tpl;
    }
    /**
     * @return string
     */
    private function prepareMessageText()
    {
        $http = BlockDefault::http();

        $firstName = $http->hasPostVariable( 'firstName' ) ? stripslashes( $http->postVariable( 'firstName' ) ) : '';
        $lastName = $http->hasPostVariable( 'lastName' ) ? stripslashes( $http->postVariable( 'lastName' ) ) : '';
        $emailAddress = $http->hasPostVariable( 'emailAddress' ) ? stripslashes( $http->postVariable( 'emailAddress' ) ) : '';
        $phoneNumber = $http->hasPostVariable( 'phoneNumber' ) ? stripslashes( $http->postVariable( 'phoneNumber' ) ) : '';
        $licenseNumber = $http->hasPostVariable( 'licenseNumber' ) ? stripslashes( $http->postVariable( 'licenseNumber' ) ) : '';

        $message = "";
        if($this->researchType == "102.1"){
            $requestPurpose = $http->hasPostVariable( 'requestPurpose' ) ? stripslashes( $http->postVariable( 'requestPurpose' ) ) : '';
            $medicalTerms = $http->hasPostVariable( 'medicalTerms' ) ? stripslashes( $http->postVariable( 'medicalTerms' ) ) : '';
            $studyGroup = $http->hasPostVariable( 'studyGroup' ) ? stripslashes( $http->postVariable( 'studyGroup' ) ) : '';
            $ageGroup = $http->hasPostVariable( 'ageGroup' ) ? stripslashes( $http->postVariable( 'ageGroup' ) ) : '';
            $publicationType = $http->hasPostVariable( 'publicationType' ) ? stripslashes( $http->postVariable( 'publicationType' ) ) : '';
            $languageOfArticles = $http->hasPostVariable( 'languageOfArticles' ) ? stripslashes( $http->postVariable( 'languageOfArticles' ) ) : '';
            $yearsFrom = $http->hasPostVariable( 'yearsFrom' ) ? stripslashes( $http->postVariable( 'yearsFrom' ) ) : '';
            $yearsTo = $http->hasPostVariable( 'yearsTo' ) ? stripslashes( $http->postVariable( 'yearsTo' ) ) : '';

            $message = ezpI18n::tr( 'application/doc-request', 'MAIL CONTENT 102.1', null, array(
                '{0}' => $firstName,
                '{1}' => $lastName,
                '{2}' => $emailAddress,
                '{3}' => $phoneNumber,
                '{4}' => $licenseNumber,
                '{5}' => $requestPurpose,
                '{6}' => $medicalTerms,
                '{7}' => $studyGroup,
                '{8}' => $ageGroup,
                '{9}' => $publicationType,
                '{10}' => $languageOfArticles,
                '{11}' => $yearsFrom,
                '{12}' => $yearsTo
            ) );
        } else if($this->researchType == "102.2") {
            $journalTitle = $http->hasPostVariable( 'journalTitle' ) ? stripslashes( $http->postVariable( 'journalTitle' ) ) : '';
            $volume = $http->hasPostVariable( 'volume' ) ? stripslashes( $http->postVariable( 'volume' ) ) : '';
            $issue = $http->hasPostVariable( 'issue' ) ? stripslashes( $http->postVariable( 'issue' ) ) : '';
            $supplement = $http->hasPostVariable( 'supplement' ) ? stripslashes( $http->postVariable( 'supplement' ) ) : '';
            $monthyear = $http->hasPostVariable( 'monthyear' ) ? stripslashes( $http->postVariable( 'monthyear' ) ) : '';
            $pages = $http->hasPostVariable( 'pages' ) ? stripslashes( $http->postVariable( 'pages' ) ) : '';
            $articleAuthor = $http->hasPostVariable( 'articleAuthor' ) ? stripslashes( $http->postVariable( 'articleAuthor' ) ) : '';
            $articleTitle = $http->hasPostVariable( 'articleTitle' ) ? stripslashes( $http->postVariable( 'articleTitle' ) ) : '';
            $furtherComments = $http->hasPostVariable( 'furtherComments' ) ? stripslashes( $http->postVariable( 'furtherComments' ) ) : '';

            $message = ezpI18n::tr( 'application/doc-request', 'MAIL CONTENT 102.2', null, array(
                '{0}' => $firstName,
                '{1}' => $lastName,
                '{2}' => $emailAddress,
                '{3}' => $phoneNumber,
                '{4}' => $licenseNumber,
                '{5}' => $journalTitle,
                '{6}' => $volume,
                '{7}' => $issue,
                '{8}' => $supplement,
                '{9}' => $monthyear,
                '{10}' => $pages,
                '{11}' => $articleAuthor,
                '{12}' => $articleTitle,
                '{13}' => $furtherComments
            ) );
        }

        return stripslashes( $message );
    }
    /**
     * @return array
     */
    public function stc()
    {
        if( !self::user() ) {
            return false;
        }
        $http = BlockDefault::http();

        //get current user infos
        $serviceUser = ServiceUser::getInstance();
        $parameters = $serviceUser->getFormParameters();
        $userInfos = $serviceUser->callWSHandler( $serviceUser->getEsbInterface( 'read' ), $parameters );

        $appname = $http->hasPostVariable( 'appname' ) ? stripslashes( $http->postVariable( 'appname' ) ) : '';

        $sender = $userInfos['Data']['Params']['Firstname'] . $userInfos['Data']['Params']['Lastname'];
        $senderName = $userInfos['Data']['Params']['Firstname'] . $userInfos['Data']['Params']['Lastname'];
        $senderEmail = $userInfos['Data']['Params']['Email_address'];

        //get comment

        if(!$http->hasPostVariable( 'token' ) || !SecurityTool::isUserTokenValid($http->postVariable( 'token' )))
        {
            return array(
                'Error' =>  'Invalid token',
            );
        }

        $message = $http->hasPostVariable( 'comment' ) ? stripslashes( $http->postVariable( 'comment' ) ) : '';

        //get recipient email
        $recipient = $http->hasPostVariable( 'Recipient_email' ) ? stripslashes( preg_replace( '/\s/', '', $http->postVariable( 'Recipient_email' ) ) ) : '';
        $recipients = array_unique( explode( ';', $recipient ) );

        //get Article nodeID
        $extract = $title = '';
        $articleRemoteID = $http->hasPostVariable( 'remote_id' ) ? $http->postVariable( 'remote_id' ) : null;
        if(!is_null($articleRemoteID))
        {
            $fieldsQuery = array (
                '(meta_remote_id_ms:' . $articleRemoteID . ')',
                '(meta_class_identifier_ms:article)'
            );

            $fields = array (
                'attr_promo_description_t',
                'attr_headline_t',
            );

            //fetch solr
            $params = array(
                'indent'        => 'on',
                'q'             => '*:*',
                'start'         => 0,
                'rows'          => 1,
                'fq'            => implode(' AND ', $fieldsQuery),
                'fl'            => implode(',', $fields),
                'qt'            => '',
                'explainOther'  => '',
                'hl.fl'         => '',
            );

            $raw = SolrTool::rawSearch($params);
            $article = $raw['response']['docs'][0];

            if(strlen($article['attr_promo_description_t']) > 150)
            {
                $extract = mb_substr($article['attr_promo_description_t'], 0, 150, 'utf-8') . '...';
            }
            else
            {
                $extract = $article['attr_promo_description_t'];
            }

            $title = $article['attr_headline_t'];
        }

        $destUrl = $http->hasPostVariable( 'destURL' ) ? stripslashes( filter_var($http->postVariable( 'destURL' ), FILTER_VALIDATE_URL) ) : '';

        $preparedMessage = $this->prepareMessage( $sender, htmlentities( $message ), $extract, $destUrl );

        if( SolrSafeOperatorHelper::featureIsActive( 'ExactTarget' ) && SolrSafeOperatorHelper::featureIsActive( 'UUMP' ) )
        {
            $message = nl2br($message);
            
            foreach( $recipients as $recipient )
            {
                ExactTarget::sendToAColleague(
                    self::user()->attribute( 'uuid' ),
                    $recipient,
                    $message,
                    $appname,
                    $destUrl,
                    $extract,
                    $title
                );
            }
        }
        else
        {
            // Below code is no longer used, since all clusters are using ExactTarget feature.
            $email = new MailTool( $title, $senderName, array(), $preparedMessage, 'sendtocolleague_email.log');
            foreach ( $recipients as $recipient )
            {
                $to = filter_var( $recipient, FILTER_VALIDATE_EMAIL );
                if ( $to === false ) {
                    continue;
                }
                $email->setRecipients( $to );
                $email->sendMail();
            }
        }

        return array(
            'redirect_url' => $this->redirectUrl
        );
    }