/** * this function get the fields that are part of the temporal * dynaform file. * * @name getTemporalFields * @author gustavo cruz * @access public * @param $file - the name of the dynaform file * @return invalidFields string */ function getTemporalFields($file) { try { //$G_PUBLISH->AddContent('pagedtable', 'paged-table', 'dynaforms/fields_List', 'display:none', $Parameters , '', SYS_URI.'dynaforms/dynaforms_PagedTableAjax'); $i = 0; $aFields = array(); $aFields[] = array('XMLNODE_NAME' => 'char', 'TYPE' => 'char', 'UP' => 'char', 'DOWN' => 'char'); $oSession = new DBSession(new DBConnection(PATH_DYNAFORM . $file . '_tmp0.xml', '', '', '', 'myxml')); $oDataset = $oSession->Execute('SELECT * FROM dynaForm WHERE NOT( XMLNODE_NAME = "" ) AND TYPE <> "pmconnection"'); $iMaximun = $oDataset->count(); while ($aRow = $oDataset->Read()) { $aFields[] = array('XMLNODE_NAME' => $aRow['XMLNODE_NAME'], 'TYPE' => $aRow['TYPE'], 'UP' => $i > 0 ? G::LoadTranslation('ID_UP') : '', 'DOWN' => $i < $iMaximun - 1 ? G::LoadTranslation('ID_DOWN') : '', 'row__' => $i + 1); $i++; } // print_r($aFields); // die; } catch (Exception $e) { } $invalidFields = validateGridConversion($aFields); if (count($invalidFields) > 0) { return implode(", ", $invalidFields); } else { return "ok"; } }
public static function start(PDO $pdo) { self::$pdo = $pdo; self::$ctime = time(); self::$maxlifetime = ini_get("session.gc_maxlifetime"); self::$uip = !empty($_SERVER['HTTP_CLIENT_IP']) ? $_SERVER['HTTP_CLIENT_IP'] : (!empty($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : (!empty($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : "")); //filter_var(self::$uip, FILTER_VALIDATE_IP) && self::$uip = ''; self::$uagent = !empty($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ""; //注册过程, 让PHP自己处理session时,找这个函数指定的几个周期来完成 session_set_save_handler(array(__CLASS__, "open"), array(__CLASS__, "close"), array(__CLASS__, "read"), array(__CLASS__, "write"), array(__CLASS__, "destroy"), array(__CLASS__, "gc")); session_start(); //开启会话 }
*/ if (($RBAC_Response = $RBAC->userCanAccess("PM_FACTORY")) != 1) { return $RBAC_Response; } //G::genericForceLogin( 'WF_MYINFO' , 'login/noViewPage', $urlLogin = '******' ); G::LoadClass('dynaFormField'); if (!(isset($_POST['A']) && $_POST['A'] !== '')) { return; } $file = G::decrypt($_POST['A'], URL_KEY); $dbc = new DBConnection(PATH_DYNAFORM . $file . '.xml', '', '', '', 'myxml'); $ses = new DBSession($dbc); $fields = new DynaFormField($dbc); if (!isset($_POST['XMLNODE_NAME'])) { return; } $fields->Delete($_POST['XMLNODE_NAME']); G::LoadClass('xmlDb'); $i = 0; $aFields = array(); $aFields[] = array('XMLNODE_NAME' => 'char', 'TYPE' => 'char', 'UP' => 'char', 'DOWN' => 'char'); $oSession = new DBSession(new DBConnection(PATH_DYNAFORM . $file . '.xml', '', '', '', 'myxml')); $oDataset = $oSession->Execute('SELECT * FROM dynaForm WHERE NOT( XMLNODE_NAME = "" )'); $iMaximun = $oDataset->count(); while ($aRow = $oDataset->Read()) { $aFields[] = array('XMLNODE_NAME' => $aRow['XMLNODE_NAME'], 'TYPE' => $aRow['TYPE'], 'UP' => $i > 0 ? G::LoadTranslation('ID_UP') : '', 'DOWN' => $i < $iMaximun - 1 ? G::LoadTranslation('ID_DOWN') : ''); $i++; } global $_DBArray; $_DBArray['fields'] = $aFields; $_SESSION['_DBArray'] = $_DBArray;
function lookup($target) { global $ntarget; $msg = "{$target} => "; //if( eregi("[a-zA-Z]", $target) ) if (preg_match("[a-zA-Z]", $target)) { //Made compatible to PHP 5.3 $ntarget = gethostbyname($target); } else { $ntarget = gethostbyaddr($target); } $msg .= $ntarget; return $msg; } $dbc = new DBConnection(DB_HOST, DB_RBAC_USER, DB_RBAC_PASS, DB_RBAC_NAME); $ses = new DBSession($dbc); $dset = $ses->execute("SELECT VERSION() AS VERSION "); $row = $dset->Read(); if (getenv('HTTP_CLIENT_IP')) { $ip = getenv('HTTP_CLIENT_IP'); } elseif (getenv('HTTP_X_FORWARDED_FOR')) { $ip = getenv('HTTP_X_FORWARDED_FOR'); } else { $ip = getenv('REMOTE_ADDR'); } if (file_exists("/etc/redhat-release")) { $fnewsize = filesize("/etc/redhat-release"); $fp = fopen("/etc/redhat-release", "r"); $redhat = fread($fp, $fnewsize); fclose($fp); }
/** * Obtains number of elements of asociated query * * @author Fernando Ontiveros Lira <*****@*****.**> * @access public * @return int */ function TotalCount() { global $HTTP_GET_VARS; global $HTTP_SESSION_VARS; $stQry = $this->_source; if ($this->WhereClause != "") { $stQry .= " WHERE " . $this->WhereClause; } if ($this->_ordered == true) { $stOrderBy = isset($HTTP_GET_VARS[$this->orderprefix . 'order']) ? $HTTP_GET_VARS[$this->orderprefix . 'order'] : ''; if ($stOrderBy == "") { if ($this->DefaultOrder != "") { $stQry .= " ORDER BY " . $this->DefaultOrder; } } else { $stQry .= " ORDER BY " . $stOrderBy; } } else { if ($this->DefaultOrder != "") { $stQry .= " ORDER BY " . $this->DefaultOrder; } } $dbses = new DBSession($this->_dbc); $dbses->UseDB(DB_NAME); $dset = $dbses->Execute($stQry); return $dset->Count(); }
/** * * @author Fernando Ontiveros Lira <*****@*****.**> * @access public * @param string $permission * @param string $urlNoAccess * @return void */ public function forceLogin($permission = "", $urlNoAccess = "") { global $RBAC; if (isset($_SESSION['USER_LOGGED']) && $_SESSION['USER_LOGGED'] == '') { $sys = ENABLE_ENCRYPT == 'yes' ? SYS_SYS : "sys" . SYS_SYS; $lang = ENABLE_ENCRYPT == 'yes' ? G::encrypt(urldecode(SYS_LANG), URL_KEY) : SYS_LANG; $skin = ENABLE_ENCRYPT == 'yes' ? G::encrypt(urldecode(SYS_SKIN), URL_KEY) : SYS_SKIN; $login = ENABLE_ENCRYPT == 'yes' ? G::encrypt(urldecode('login'), URL_KEY) : 'login'; $loginhtml = ENABLE_ENCRYPT == 'yes' ? G::encrypt(urldecode('login.html'), URL_KEY) : 'login.html'; $direction = "/{$sys}/{$lang}/{$skin}/{$login}/{$loginhtml}"; die; } $Connection = new DBConnection(); $ses = new DBSession($Connection); $stQry = "SELECT LOG_STATUS FROM LOGIN WHERE LOG_SID = '" . session_id() . "'"; $dset = $ses->Execute($stQry); $row = $dset->read(); $sessionPc = defined('SESSION_PC') ? SESSION_PC : ''; $sessionBrowser = defined('SESSION_BROWSER') ? SESSION_BROWSER : ''; if ($sessionPc == "1" or $sessionBrowser == "1") { if ($row['LOG_STATUS'] == 'X') { $sys = ENABLE_ENCRYPT == 'yes' ? SYS_SYS : "sys" . SYS_SYS; $lang = ENABLE_ENCRYPT == 'yes' ? G::encrypt(urldecode(SYS_LANG), URL_KEY) : SYS_LANG; $skin = ENABLE_ENCRYPT == 'yes' ? G::encrypt(urldecode(SYS_SKIN), URL_KEY) : SYS_SKIN; $login = ENABLE_ENCRYPT == 'yes' ? G::encrypt(urldecode('login'), URL_KEY) : 'login'; $loginhtml = ENABLE_ENCRYPT == 'yes' ? G::encrypt(urldecode('login.html'), URL_KEY) : 'login.html'; $direction = "/{$sys}/{$lang}/{$skin}/{$login}/{$loginhtml}"; G::SendMessageXml('ID_CLOSE_SESSION', "warning"); header("location: {$direction}"); die; return; } } if (defined('SIN_COMPATIBILIDAD_RBAC') and SIN_COMPATIBILIDAD_RBAC == 1) { return; } if ($permission == "") { return; } if (is_array($permission)) { $aux = $permission; } else { $aux[0] = $permission; } $sw = 0; for ($i = 0; $i < count($aux); $i++) { $res = $RBAC->userCanAccess($aux[$i]); if ($res == 1) { $sw = 1; } } if ($sw == 0 && $urlNoAccess != "") { $aux = explode('/', $urlNoAccess); $sys = ENABLE_ENCRYPT == 'yes' ? SYS_SYS : "/sys" . SYS_LANG; $lang = ENABLE_ENCRYPT == 'yes' ? G::encrypt(urldecode(SYS_LANG), URL_KEY) : SYS_LANG; $skin = ENABLE_ENCRYPT == 'yes' ? G::encrypt(urldecode(SYS_SKIN), URL_KEY) : SYS_SKIN; $login = ENABLE_ENCRYPT == 'yes' ? G::encrypt(urldecode($aux[0]), URL_KEY) : $aux[0]; $loginhtml = ENABLE_ENCRYPT == 'yes' ? G::encrypt(urldecode($aux[1]), URL_KEY) : $aux[1]; //header ("location: /$sys/$lang/$skin/$login/$loginhtml"); header("location: /fluid/mNE/o9A/mNGm1aLiop3V4qU/dtij4J°gmaLPwKDU3qNn2qXanw"); die; } if ($sw == 0) { header("location: /fluid/mNE/o9A/mNGm1aLiop3V4qU/dtij4J°gmaLPwKDU3qNn2qXanw"); die; } }
* This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * * For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. * */ $G_MAIN_MENU = "rbac"; $G_SUB_MENU = "rbac.userEdit"; $G_MENU_SELECTED = 0; $uid = $HTTP_SESSION_VARS['CURRENT_USER']; $dbc = new DBConnection(DB_HOST, DB_RBAC_USER, DB_RBAC_PASS, DB_RBAC_NAME); $ses = new DBSession($dbc); $stQry = "SELECT UID, USR_USE_LDAP FROM USERS where UID = {$uid} "; $dset = $ses->Execute($stQry); $row = $dset->Read(); $useLdap = $row['USR_USE_LDAP'] == 'Y'; $access = $RBAC->userCanAccess("RBAC_CREATE_USERS"); G::LoadClassRBAC("user"); $obj = new RBAC_User(); $obj->SetTo($dbc); $obj->Load($uid); $G_PUBLISH = new Publisher(); $G_PUBLISH->SetTo($dbc); $G_PUBLISH->AddContent("xmlform", "xmlform", "rbac/userChangeLdap", "", $obj->Fields, "userChangeLdap2"); G::RenderPage("publish");
public function getCurrentDelegationCase($sApplicationUID = '') { $oSession = new DBSession(new DBConnection()); $oDataset = $oSession->Execute(' SELECT DEL_INDEX FROM APP_DELEGATION WHERE APP_UID = "' . $sApplicationUID . '" ORDER BY DEL_DELEGATE_DATE DESC '); $aRow = $oDataset->Read(); return $aRow['DEL_INDEX']; }
// Load our config settings $Config = Config::getConfig(); /* load db config settings into constants */ $db = Database::getDatabase(); $rows = $db->getRows("SELECT config_key, config_value FROM site_config ORDER BY config_group, config_key"); if (COUNT($rows)) { foreach ($rows as $row) { $constantName = "SITE_CONFIG_" . strtoupper($row['config_key']); define($constantName, $row['config_value']); } } /* setup translations */ translate::setUpTranslationConstants(); // Store session info in the database? if ($Config->useDBSessions === true) { DBSession::register(); } // Initialize our session session_name($Config->sessionName); session_start(); // Initialize current user $Auth = Auth::getAuth(); // Object for tracking and displaying error messages $Error = Error::getError(); define("SITE_IMAGE_PATH", WEB_ROOT . "/themes/" . SITE_CONFIG_SITE_THEME . "/images"); define("SITE_CSS_PATH", WEB_ROOT . "/themes/" . SITE_CONFIG_SITE_THEME . "/styles"); define("SITE_JS_PATH", WEB_ROOT . "/themes/" . SITE_CONFIG_SITE_THEME . "/js"); /* check for banned ip */ $bannedIP = bannedIP::getBannedType(); if (strtolower($bannedIP) == "whole site") { header('HTTP/1.1 404 Not Found');
/** * execute a xml query * * @param &$owner reference of owner * @param $row * @return $result array of results */ private function executeXmlDB(&$owner, $row = -1) { if (!$this->sqlConnection) { $dbc = new DBConnection(); } else { if (defined('DB_' . $this->sqlConnection . '_USER')) { if (defined('DB_' . $this->sqlConnection . '_HOST')) { eval('$res[\'DBC_SERVER\'] = DB_' . $this->sqlConnection . '_HOST;'); } else { $res['DBC_SERVER'] = DB_HOST; } if (defined('DB_' . $this->sqlConnection . '_USER')) { eval('$res[\'DBC_USERNAME\'] = DB_' . $this->sqlConnection . '_USER;'); } if (defined('DB_' . $this->sqlConnection . '_PASS')) { eval('$res[\'DBC_PASSWORD\'] = DB_' . $this->sqlConnection . '_PASS;'); } else { $res['DBC_PASSWORD'] = DB_PASS; } if (defined('DB_' . $this->sqlConnection . '_NAME')) { eval('$res[\'DBC_DATABASE\'] = DB_' . $this->sqlConnection . '_NAME;'); } else { $res['DBC_DATABASE'] = DB_NAME; } if (defined('DB_' . $this->sqlConnection . '_TYPE')) { eval('$res[\'DBC_TYPE\'] = DB_' . $this->sqlConnection . '_TYPE;'); } else { $res['DBC_TYPE'] = defined('DB_TYPE') ? DB_TYPE : 'mysql'; } $dbc = new DBConnection($res['DBC_SERVER'], $res['DBC_USERNAME'], $res['DBC_PASSWORD'], $res['DBC_DATABASE'], $res['DBC_TYPE']); } else { $dbc0 = new DBConnection(); $dbs0 = new DBSession($dbc0); $res = $dbs0->execute("select * from DB_CONNECTION WHERE DBC_UID=" . $this->sqlConnection); $res = $res->read(); $dbc = new DBConnection($res['DBC_SERVER'], $res['DBC_USERNAME'], $res['DBC_PASSWORD'], $res['DBC_DATABASE']); } } $query = G::replaceDataField($this->sql, $owner->values); $dbs = new DBSession($dbc); $res = $dbs->execute($query); $result = array(); while ($row = $res->Read()) { $result[] = $row; } return $result; }
* This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as * published by the Free Software Foundation, either version 3 of the * License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * * For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. * */ <?php $frm = $HTTP_POST_VARS; $dbc = new dbconnection(); $ses = new DBSession($dbc); $sql = "update tickets set tipo = ' " . $frm['tipo'] . "', resultado = ' " . $frm['curso'] . "' where ticket = '" . $frm['ticket'] . "' "; $ses->Execute($sql); ?> <script language = "JavaScript"> window.close(); </script>
/** * Function prepareQuery * @author David S. Callizaya S. <*****@*****.**> * @access public * @return string */ function prepareQuery() { //DBConnection if (!$this->sqlConnection) { $this->dbc = new DBConnection(); } else { if (defined('DB_' . $this->sqlConnection . '_USER')) { if (defined('DB_' . $this->sqlConnection . '_HOST')) { eval('$res[\'DBC_SERVER\'] = DB_' . $this->sqlConnection . '_HOST;'); } else { $res['DBC_SERVER'] = DB_HOST; } if (defined('DB_' . $this->sqlConnection . '_USER')) { eval('$res[\'DBC_USERNAME\'] = DB_' . $this->sqlConnection . '_USER;'); } if (defined('DB_' . $this->sqlConnection . '_PASS')) { eval('$res[\'DBC_PASSWORD\'] = DB_' . $this->sqlConnection . '_PASS;'); } else { $res['DBC_PASSWORD'] = DB_PASS; } if (defined('DB_' . $this->sqlConnection . '_NAME')) { eval('$res[\'DBC_DATABASE\'] = DB_' . $this->sqlConnection . '_NAME;'); } else { $res['DBC_DATABASE'] = DB_NAME; } if (defined('DB_' . $this->sqlConnection . '_TYPE')) { eval('$res[\'DBC_TYPE\'] = DB_' . $this->sqlConnection . '_TYPE;'); } else { $res['DBC_TYPE'] = defined('DB_TYPE') ? DB_TYPE : 'mysql'; } $this->dbc = new DBConnection($res['DBC_SERVER'], $res['DBC_USERNAME'], $res['DBC_PASSWORD'], $res['DBC_DATABASE'], $res['DBC_TYPE']); } else { $dbc = new DBConnection(); $dbs = new DBSession($dbc); $res = $dbs->execute("select * from DB_CONNECTION WHERE DBC_UID=" . $this->sqlConnection); $res = $res->read(); $this->dbc = new DBConnection($res['DBC_SERVER'], $res['DBC_USERNAME'], $res['DBC_PASSWORD'], $res['DBC_DATABASE']); } } $this->ses = new DBSession($this->dbc); //Query //Filter if (is_array($this->filter)) { $filterFields = $this->filter; } else { parse_str($this->filter, $filterFields); } $this->aFilter = $filterFields; $filter = ''; foreach ($filterFields as $field => $like) { if ($like != '') { if ($filter !== '') { $filter .= ' AND '; } if (isset($this->filterType[$field])) { switch ($this->filterType[$field]) { case '=': $filter .= $field . ' = "' . mysql_real_escape_string($like) . '"'; break; case '<>': $filter .= $field . ' <> "' . mysql_real_escape_string($like) . '"'; break; case 'contains': $filter .= $field . ' LIKE "%' . mysql_real_escape_string($like) . '%"'; break; case 'like': $filter .= $field . ' LIKE "' . mysql_real_escape_string($like) . '"'; break; } } else { $filter .= $field . ' = "' . mysql_real_escape_string($like) . '"'; } } } /* * QuickSearch */ if ($this->searchBy !== '') { $aSB = explode('|', $this->searchBy); $subFilter = ''; foreach ($aSB as $sBy) { $subFilter .= $subFilter !== '' ? ' OR ' : ''; $subFilter .= $sBy . ' LIKE "%' . G::sqlEscape($this->fastSearch, $this->dbc->type) . '%"'; } if ($subFilter !== '') { $filter .= $filter !== '' ? ' AND ' : ''; $filter .= '(' . $subFilter . ')'; } } //Merge sort array defined by USER with the array defined by SQL parse_str($this->order, $orderFields); parse_str($this->orderBy, $orderFields2); //User sort is more important (first in merge). $orderFields3 = array_merge($orderFields2, $orderFields); //User sort is overwrites XMLs definition. $orderFields = array_merge($orderFields3, $orderFields2); //Order (BY SQL DEFINITION AND USER'S DEFINITION) $this->aOrder = array(); $order = ''; foreach ($orderFields as $field => $fieldOrder) { $field = G::getUIDName($field, ''); $fieldOrder = strtoupper($fieldOrder); if ($fieldOrder === 'A') { $fieldOrder = 'ASC'; } if ($fieldOrder === 'D') { $fieldOrder = 'DESC'; } switch ($fieldOrder) { case 'ASC': case 'DESC': if ($order !== '') { $order .= ', '; } $order .= $field . ' ' . $fieldOrder; $this->aOrder[$field] = $fieldOrder; } } $this->sql = $this->sqlSelect . ($this->sqlWhere != '' || $filter != '' ? ' WHERE ' : '') . ($this->sqlWhere != '' ? '(' . $this->sqlWhere . ')' : '') . ($this->sqlWhere != '' && $filter != '' ? ' AND ' : '') . ($filter != '' ? '(' . $filter . ')' : '') . ($this->sqlGroupBy != '' ? ' GROUP BY ' . $this->sqlGroupBy : '') . ($order != '' ? ' ORDER BY ' . $order : ''); //$this->query=$this->ses->execute($this->sql); //$this->totpages=ceil($this->query->count()/$this->rowsPerPage); return; }
* * For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. * */ if (($RBAC_Response = $RBAC->userCanAccess("PM_SETUP")) != 1) { return $RBAC_Response; } G::LoadInclude('ajax'); $G_ENABLE_BLANK_SKIN = true; $ARR_WEEKDAYS[0] = array('SUNDAY', 'MONDAY', 'TUESDAY', 'WEDNESDAY', 'THURSDAY', 'FRIDAY', 'SATURDAY'); $ARR_WEEKDAYS['es'] = array("Domingo?", "Lunes?", "Martes?", "Miércoles?", "Jueves?", "Viernes?", "Sábado?"); $ARR_WEEKDAYS['en'] = array("Sunday?", "Monday?", "Tuesday?", "Wednesday?", "Thursday?", "Friday?", "Saturday?"); $ARR_WEEKDAYS['fa'] = array('یکشنبه', 'دوشنبه', 'سه شنبه', 'چهارشنبه', 'پنجشنبه ', 'جمعه', 'آدینه'); $dbc = new DBConnection(); $ses = new DBSession($dbc); $holidays = $ses->execute("SELECT LEX_VALUE FROM LEXICO WHERE LEX_TOPIC ='NOWORKINGDAY' "); $config = array(); for ($id = 0; $id < 7; $id++) { $res = $ses->execute(" SELECT * FROM LEXICO WHERE LEX_KEY = '" . $ARR_WEEKDAYS[0][$id] . "' AND LEX_TOPIC ='HOLIDAY' "); $res = $res->read(); $config[$ARR_WEEKDAYS[0][$id]] = $res['LEX_VALUE']; } $G_PUBLISH = new Publisher(); $G_PUBLISH->AddContent('xmlform', 'xmlform', 'setup/weekend', '', $config, ''); G::RenderPage('publish'); ?> <script language="JavaScript"> function var_dump(obj) { msg='';
/** * loadRoleProp.php * * ProcessMaker Open Source Edition * Copyright (C) 2004 - 2008 Colosa Inc.23 * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as * published by the Free Software Foundation, either version 3 of the * License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * * For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. * */ $_SESSION['CURRENT_ROLE'] = $_GET['ROL_UID']; $dbc = new DBConnection(DB_HOST, DB_RBAC_USER, DB_RBAC_PASS, DB_RBAC_NAME); $ses = new DBSession(); $ses->SetTo($dbc); $dset = $ses->Execute('SELECT ROL_APPLICATION FROM USER_ROLE LEFT JOIN ROLE ON (ROL_UID = UID) WHERE ROL_UID = ' . $_SESSION['CURRENT_ROLE']); $row = $dset->Read(); $_SESSION['CURRENT_APPLICATION'] = $row['ROL_APPLICATION']; header('location: userRoleProp.htm');
private static function session_id() { return DBSession::truncated_session_id(); }
public static function read($name) { $name = self::truncated_session_id($name); //main session switch (self::$session_type) { case 'file': if (!file_exists(FILE_SESSION_DIR)) { mkdir(FILE_SESSION_DIR); } $sess_file = rtrim(FILE_SESSION_DIR, '\\/') . '/' . FILE_SESSION_TOKEN . $name; if (!file_exists($sess_file)) { file_put_contents($sess_file, ''); } self::$session_fp = fopen($sess_file, 'r+'); if (!READ_ONLY_SESSION && !flock(self::$session_fp, LOCK_EX)) { trigger_error('Unable to get lock on session file=' . $sess_file, E_USER_ERROR); } $ret = stream_get_contents(self::$session_fp); break; case 'memcache': if (!READ_ONLY_SESSION && !self::$memcached->lock(MEMCACHE_SESSION_TOKEN . $name, self::$memcached_lock_time)) { trigger_error('Unable to get lock on session mem=' . $name, E_USER_ERROR); } $ret = ''; for ($i = 0;; $i++) { $rr = self::$memcached->get(MEMCACHE_SESSION_TOKEN . $name . '/' . $i); if ($rr === '' || $rr === false || $rr === null) { break; } $ret .= $rr; } break; case 'sql': $ret = DB::GetCol('SELECT data FROM session WHERE name = %s AND expires > %d' . (READ_ONLY_SESSION ? '' : ' FOR UPDATE'), array($name, time() - self::$lifetime)); if ($ret) { $ret = $ret[0]; } break; } if ($ret) { $_SESSION = unserialize($ret); } if (CID !== false) { if (!is_numeric(CID)) { trigger_error('Invalid client id.', E_USER_ERROR); } switch (self::$session_type) { case 'file': $sess_file = rtrim(FILE_SESSION_DIR, '\\/') . '/' . FILE_SESSION_TOKEN . $name . '_' . CID; if (!file_exists($sess_file)) { file_put_contents($sess_file, ''); } self::$session_client_fp = fopen($sess_file, 'r+'); if (!READ_ONLY_SESSION && !flock(self::$session_client_fp, LOCK_EX)) { trigger_error('Unable to get lock on session file=' . $sess_file, E_USER_ERROR); } $ret = stream_get_contents(self::$session_client_fp); break; case 'memcache': if (!READ_ONLY_SESSION && !self::$memcached->lock(MEMCACHE_SESSION_TOKEN . $name . '_' . CID, self::$memcached_lock_time)) { trigger_error('Unable to get lock on session mem=' . $name . '_' . CID, E_USER_ERROR); } $ret = ''; for ($i = 0;; $i++) { $rr = self::$memcached->get(MEMCACHE_SESSION_TOKEN . $name . '_' . CID . '/' . $i); if ($rr === '' || $rr === false || $rr === null) { break; } $ret .= $rr; } break; case 'sql': $ret = DB::GetCol('SELECT data FROM session_client WHERE session_name = %s AND client_id=%d' . (READ_ONLY_SESSION ? '' : ' FOR UPDATE'), array($name, CID)); if ($ret) { $ret = $ret[0]; } break; } if ($ret) { $_SESSION['client'] = unserialize($ret); } if (!isset($_SESSION['client']['__module_vars__'])) { $_SESSION['client']['__module_vars__'] = array(); } } return ''; }
* along with this program. If not, see <http://www.gnu.org/licenses/>. * * For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. */ if (($RBAC_Response = $RBAC->userCanAccess("PM_FACTORY")) != 1) { return $RBAC_Response; } //G::genericForceLogin( 'WF_MYINFO' , 'login/noViewPage', $urlLogin = '******' ); G::LoadClass('xmlDb'); $G_MAIN_MENU = 'processmaker'; $G_SUB_MENU = 'processes'; $G_ID_MENU_SELECTED = 'PROCESSES'; $G_ID_SUB_MENU_SELECTED = 'DYNAFORMS'; $dbc = new DBConnection(); $ses = new DBSession($dbc); $xdbc = new DBConnection(PATH_XMLFORM . 'dynaforms/dynaform_Fields.xml', '', '', '', 'myxml'); $xses = new DBSession($xdbc); $res = $xses->execute('SELECT * FROM dynaForm'); for ($r = 0; $r < $res->count(); $r++) { $row = $res->read(); // var_dump( $row );echo('<br/>'); } define('DB_XMLDB_HOST', PATH_XMLFORM . 'dynaforms/dynaforms_List.xml'); define('DB_XMLDB_USER', ''); define('DB_XMLDB_PASS', ''); define('DB_XMLDB_NAME', ''); define('DB_XMLDB_TYPE', 'myxml'); $G_PUBLISH = new Publisher(); $G_PUBLISH->AddContent('pagedtable', 'paged-table', 'dynaforms/dynaform_Fields', '', array('SYS_LANG' => SYS_LANG), 'dynaforms_Save', 'dynaforms_PagedTableAjax'); G::RenderPage("publish");
* Coral Gables, FL, 33134, USA, or email info@colosa.com. */ if (($RBAC_Response = $RBAC->userCanAccess("PM_SETUP")) != 1) { return $RBAC_Response; } G::ForceLogin('WF_PROCESS'); G::LoadInclude('ajax'); $G_HELP_PAGE = "setup-environment-time-controls-weekend"; $G_MAIN_MENU = "processmaker"; $G_SUB_MENU = "setupPM"; $G_THIRD_MENU = "workingTime"; $G_ID_MENU_SELECTED = "SETUP"; $G_ID_SUB_MENU_SELECTED = "ENVIRONMENT"; $G_ID_THIRD_MENU_SELECTED = "WEEKEND"; $dbc = new DBConnection(); $ses = new DBSession($dbc); $holidays = $ses->execute('SELECT LEX_VALUE FROM LEXICO WHERE LEX_TOPIC ="HOLIDAY"'); $funcion = strtolower(get_ajax_value('function')); $funcions = get_defined_functions(); if (in_array($funcion, $funcions['user'])) { eval($funcion . '();'); } function setDays() { $days = get_ajax_value('days'); $values = get_ajax_value('values'); $days = explode(',', $days); $values = explode(',', $values); for ($r = 1; $r < sizeof($days); $r++) { setDay($days[$r], $values[$r]); }
$ntarget = gethostbyname($target); } else { $ntarget = gethostbyaddr($target); } $msg .= $ntarget; return $msg; } $G_MAIN_MENU = 'rbac.login'; $G_MENU_SELECTED = 1; if (file_exists(PATH_METHODS . 'login/version-rbac.php')) { include 'version-rbac.php'; } else { define('RBAC_VERSION', 'Development Version'); } $dbc = new DBConnection(DB_HOST, DB_RBAC_USER, DB_RBAC_PASS, DB_RBAC_NAME); $ses = new DBSession($dbc); $dset = $ses->execute('SELECT VERSION() AS VERSION '); $row = $dset->Read(); if (getenv('HTTP_CLIENT_IP')) { $ip = getenv('HTTP_CLIENT_IP'); } elseif (getenv('HTTP_X_FORWARDED_FOR')) { $ip = getenv('HTTP_X_FORWARDED_FOR'); } else { $ip = getenv('REMOTE_ADDR'); } if (file_exists('/etc/redhat-release')) { $fnewsize = filesize('/etc/redhat-release'); $fp = fopen('/etc/redhat-release', 'r'); $redhat = fread($fp, $fnewsize); fclose($fp); }
global $G_ENVIRONMENTS; if (isset($G_ENVIRONMENTS)) { $dbfile = $G_ENVIRONMENTS[G_TEST_ENV]['dbfile']; if (!file_exists($dbfile)) { printf("%s \n", pakeColor::colorize("dbfile {$dbfile} doesn't exist for environment " . G_ENVIRONMENT, 'ERROR')); exit(200); } else { include $dbfile; } } else { exit(201); } require_once PATH_GULLIVER . 'class.dbconnection.php'; require_once PATH_GULLIVER . 'class.dbsession.php'; require_once PATH_GULLIVER . 'class.dbrecordset.php'; $dbc = new DBConnection(); $ses = new DBSession($dbc); $dset = $ses->Execute("SELECT * from APPLICATION"); $method = array(); $testItems = 0; $methods = get_class_methods('DBRecordSet'); $t = new lime_test(8, new lime_output_color()); $t->diag('class DBRecordset'); $t->is(count($methods), 6, "class G " . count($methods) . " methods."); $t->isa_ok($dset, 'DBRecordSet', 'class DBRecordset created'); $t->can_ok($dset, 'SetTo', 'SetTo()'); $t->can_ok($dset, 'Free', 'Free()'); $t->can_ok($dset, 'Count', 'Count()'); $t->can_ok($dset, 'Read', 'Read()'); $t->can_ok($dset, 'ReadAbsolute', 'ReadAbsolute()'); $t->todo('review all pendings in this class');
function walkLevel($level, $label, $parent) { global $collapsed; global $appid; global $dbc; $sql = "SELECT UID, PRM_CODE, PRM_DESCRIPTION from PERMISSION WHERE PRM_APPLICATION = {$appid} AND PRM_PARENT = " . $parent; $ses = new DBSession($dbc); $dset = $ses->Execute($sql); $row = $dset->Read(); $c = 1; while (is_array($row)) { if ($label === "*") { $label = ""; $locLabel = $c; } else { $locLabel = $label . "." . $c; } showLevel($level, $locLabel, $row['PRM_CODE'], $row['PRM_DESCRIPTION'], $row['UID']); walkLevel($level + 1, $locLabel, $row['UID']); $c++; $row = $dset->Read(); } }
function searchText($searchText) { global $_SESSION; global $RBAC; $curAuthSource = $_SESSION['CURRENT_AUTH_SOURCE']; $dbc = new DBConnection(DB_HOST, DB_RBAC_USER, DB_RBAC_PASS, DB_RBAC_NAME); $tpl = new TemplatePower(PATH_TPL . 'authListUsers.html'); $tpl->prepare(); $tpl->assign("STYLE_CSS", defined('STYLE_CSS') ? STYLE_CSS : 'simple'); $tpl->assign("title", 'Search Results'); //authentication source G::LoadClassRBAC('authentication'); $obj = new authenticationSource(); $obj->SetTo($dbc); $data = $obj->searchUsers($curAuthSource, $searchText); if ($data['codError'] == 0 && isset($data['rows']) && !is_array($data['rows'])) { $tpl->newBlock("empty-rows"); $tpl->assign("title", 'Search Results'); $tpl->assign("empty-rows-text", 'no records found'); $tpl->printToScreen(); die; } if ($data['codError'] != 0) { $tpl->newBlock("error"); $tpl->assign("title", 'Log Error'); $tpl->assign("text", "<font color='Red'>" . $data['rows'] . "</font>"); $tpl->printToScreen(); die; } //build the options to create...an user, list the applications and their roles.. $ses = new DBSession($dbc); $ses2 = new DBSession($dbc); $dset = $ses->execute("SELECT * from APPLICATION where APP_CODE != 'RBAC' "); $appRow = $dset->Read(); $checkboxs = "<br><input type='checkbox' @@disabled name='C-@@Y' id='C-@@Y' onclick='emptyDropdowns( \"@@X\");' ><input type='hidden' name='H-@@Y' id='H-@@Y' value='@@X' ><input type='hidden' name='E-@@Y' id='E-@@Y' value='' >"; $inputs = "<div id='D-@@Y'>@@validuser</div><input type='text' name='T-@@Y' id='T-@@Y' value=\"@@Z\" onchange='verifyUserName ( this, \"@@Y\" );' size='14' maxlength='16'> "; $options = "<table cellpadding='0' cellspacing='0'><tr>"; $options .= ""; while (is_array($appRow)) { $appid = $appRow['UID']; $selectId = 'S-@@Y-' . $appid; $dset2 = $ses2->execute('SELECT * from ROLE where ROL_APPLICATION = ' . $appid); $rolRow = $dset2->Read(); $selectEnabled = false; if (is_array($rolRow)) { $options .= '<td>' . $appRow['APP_CODE'] . '<br>'; $options .= "<select name='{$selectId}' id='{$selectId}' @@disabled onchange='flipCheckbox( \"@@Y\");' >\n"; $options .= "<option value='0'>select a Role</option>"; $selectEnabled = true; } while (is_array($rolRow)) { $options .= "<option value='" . $rolRow['UID'] . "'>" . $rolRow['ROL_CODE'] . "</option>"; $rolRow = $dset2->Read(); } if ($selectEnabled) { $options .= "</select>\n<td>"; } $appRow = $dset->Read(); } $options .= '</tr></table>'; $i = 0; if (isset($data['rows'])) { foreach ($data['rows'] as $row) { $tpl->newBlock("users"); if (++$i % 2 == 0) { $tpl->assign("class", 'Row2'); } else { $tpl->assign("class", 'Row1'); } $tpl->assign("index", $i); $tpl->assign("dn", $row['dn']); $tpl->assign("name", $row['attr']['givenName']); $tpl->assign("lastname", $row['attr']['sn']); $tpl->assign("fullname", $row['attr']['cn']); $tpl->assign("email", $row['attr']['mail']); $tpl->assign("uid", $row['attr']['uid']); //verificar uid $userid = $row['attr']['uid']; $res = $RBAC->UserNameRepetido(0, $userid); $input = str_replace('@@Z', $userid, str_replace('@@X', $row['dn'], str_replace('@@Y', $i, $inputs))); $input = str_replace('@@validuser', $res == 0 ? "<font color='green'>valid user</font>" : "<font color='red'>user already used</font>", $input); $checkbox = str_replace('@@X', $row['dn'], str_replace('@@Y', $i, $checkboxs)); $checkbox = str_replace('@@disabled', $res != 0 ? 'disabled' : '', $checkbox); $option = str_replace('@@X', $row['dn'], str_replace('@@Y', $i, $options)); // $option = str_replace ( '@@disabled', ( $res <> 0 ? 'disabled' : ''), $option ); $tpl->assign("checkbox", $checkbox); $tpl->assign("input", $input); $tpl->assign("options", $option); } } $tpl->gotoBlock("_ROOT"); $tpl->newBlock("start-users"); $tpl->assign("dummy", 'dummy'); $tpl->gotoBlock("_ROOT"); $tpl->newBlock("end-users"); $tpl->assign("dummy", 'dummy'); $tpl->printToScreen(); }
* Coral Gables, FL, 33134, USA, or email info@colosa.com. */ if (($RBAC_Response = $RBAC->userCanAccess("PM_FACTORY")) != 1) { return $RBAC_Response; //G::genericForceLogin( 'WF_MYINFO' , 'login/noViewPage', $urlLogin = '******' ); } G::LoadInclude('ajax'); G::LoadClass('dynaform'); G::LoadClass('xmlDb'); $dbc = new DBConnection(); $ses = new DBSession($dbc); //$dynaform = new dynaform( $dbc ); if ($_POST['form']['DYN_UID'] === '') { unset($_POST['form']['DYN_UID']); } $Fields = $_POST['form']; if (!isset($Fields['DYN_UID'])) { return; } $file = G::decrypt($Fields['A'], URL_KEY); $Fields['DYN_FILENAME'] = strcasecmp(substr($file, -5), '_tmp0') == 0 ? substr($file, 0, strlen($file) - 5) : $file; $_SESSION['CURRENT_DYNAFORM'] = $Fields; //$dynaform->Save( $Fields ); $dbc2 = new DBConnection(PATH_DYNAFORM . $file . '.xml', '', '', '', 'myxml'); $ses2 = new DBSession($dbc2); if (!isset($Fields['ENABLETEMPLATE'])) { $Fields['ENABLETEMPLATE'] = "0"; } $ses2->execute(G::replaceDataField("UPDATE . SET WIDTH = @@WIDTH WHERE XMLNODE_NAME = 'dynaForm' ", $Fields)); $ses2->execute(G::replaceDataField("UPDATE . SET ENABLETEMPLATE = @@ENABLETEMPLATE WHERE XMLNODE_NAME = 'dynaForm' ", $Fields)); $ses2->execute(G::replaceDataField("UPDATE . SET MODE = @@MODE WHERE XMLNODE_NAME = 'dynaForm' ", $Fields));
function request_action() { $this->add_texts('localization'); $rcmail = rcmail::get_instance(); if (isset($_POST['_enabled_auto_archive'])) { //auto archive toggle $_SESSION['epesi_auto_archive'] = get_input_value('_enabled_auto_archive', RCUBE_INPUT_POST); return; } //archive button $uids = get_input_value('_uid', RCUBE_INPUT_POST); $mbox = get_input_value('_mbox', RCUBE_INPUT_POST); if ($mbox == $this->archive_mbox || $mbox == $this->archive_sent_mbox || $mbox == $rcmail->config->get('drafts_mbox')) { $rcmail->output->command('display_message', $this->gettext('invalidfolder'), 'error'); return; } $sent_mbox = $rcmail->config->get('sent_mbox') == $mbox; $uids = explode(',', $uids); if ($this->archive($uids)) { global $account; if (isset($account['f_use_epesi_archive_directories']) && $account['f_use_epesi_archive_directories']) { if ($sent_mbox) { $rcmail->output->command('move_messages', $this->archive_sent_mbox); } else { $rcmail->output->command('move_messages', $this->archive_mbox); } } $rcmail->output->command('display_message', $this->gettext('archived'), 'confirmation'); } global $E_SESSION_ID, $E_SESSION; $tmp = $_SESSION; $_SESSION = $E_SESSION; DBSession::write($E_SESSION_ID, ''); $_SESSION = $tmp; }
/** * Prints the DynaformEditor * * @return void */ public function _render() { global $G_PUBLISH; $script = ''; /* Start Block: Load (Create if doesn't exist) the xmlform */ $Parameters = array('SYS_LANG' => SYS_LANG, 'URL' => G::encrypt($this->file, URL_KEY), 'DYN_UID' => $this->dyn_uid, 'PRO_UID' => $this->pro_uid, 'DYNAFORM_NAME' => $this->dyn_title, 'FILE' => $this->file, 'DYN_EDITOR' => $this->dyn_editor); $_SESSION['Current_Dynafom']['Parameters'] = $Parameters; $XmlEditor = array('URL' => G::encrypt($this->file, URL_KEY), 'XML' => ''); $JSEditor = array('URL' => G::encrypt($this->file, URL_KEY)); $A = G::encrypt($this->file, URL_KEY); try { $openDoc = new Xml_Document(); $fileName = $this->home . $this->file . '.xml'; if (file_exists($fileName)) { $openDoc->parseXmlFile($fileName); } else { $this->_createDefaultXmlForm($fileName); $openDoc->parseXmlFile($fileName); } //$form = new Form( $this->file , $this->home, SYS_LANG, true ); $Properties = dynaformEditorAjax::get_properties($A, $this->dyn_uid); /* Start Block: Prepare the XMLDB connection */ define('DB_XMLDB_HOST', PATH_DYNAFORM . $this->file . '.xml'); define('DB_XMLDB_USER', ''); define('DB_XMLDB_PASS', ''); define('DB_XMLDB_NAME', ''); define('DB_XMLDB_TYPE', 'myxml'); /* Start Block: Prepare the dynaformEditor */ $G_PUBLISH = new Publisher(); $sName = 'dynaformEditor'; $G_PUBLISH->publisherId = $sName; $oHeadPublisher =& headPublisher::getSingleton(); $oHeadPublisher->setTitle(G::LoadTranslation('ID_DYNAFORM_EDITOR') . ' - ' . $Properties['DYN_TITLE']); $G_PUBLISH->AddContent('blank'); $this->panelConf['title'] = ''; $G_PUBLISH->AddContent('panel-init', 'mainPanel', $this->panelConf); if ($Properties['DYN_TYPE'] == 'xmlform') { $G_PUBLISH->AddContent('xmlform', 'toolbar', 'dynaforms/fields_Toolbar', 'display:none', $Parameters, '', ''); } else { $G_PUBLISH->AddContent('xmlform', 'toolbar', 'dynaforms/fields_ToolbarGrid', 'display:none', $Parameters, '', ''); } $G_PUBLISH->AddContent('xmlform', 'xmlform', 'dynaforms/dynaforms_Editor', 'display:none', $Parameters, '', ''); $G_PUBLISH->AddContent('xmlform', 'xmlform', 'dynaforms/dynaforms_XmlEditor', 'display:none', $XmlEditor, '', ''); $G_PUBLISH->AddContent('blank'); $i = 0; $aFields = array(); $aFields[] = array('XMLNODE_NAME' => 'char', 'TYPE' => 'char', 'UP' => 'char', 'DOWN' => 'char'); $oSession = new DBSession(new DBConnection(PATH_DYNAFORM . $this->file . '.xml', '', '', '', 'myxml')); $oDataset = $oSession->Execute('SELECT * FROM dynaForm WHERE NOT( XMLNODE_NAME = "" ) AND TYPE <> "pmconnection"'); $iMaximun = $oDataset->count(); while ($aRow = $oDataset->Read()) { $aFields[] = array('XMLNODE_NAME' => $aRow['XMLNODE_NAME'], 'TYPE' => $aRow['TYPE'], 'UP' => $i > 0 ? G::LoadTranslation('ID_UP') : '', 'DOWN' => $i < $iMaximun - 1 ? G::LoadTranslation('ID_DOWN') : '', 'row__' => $i + 1); $i++; break; } global $_DBArray; $_DBArray['fields'] = $aFields; $_SESSION['_DBArray'] = $_DBArray; G::LoadClass('ArrayPeer'); $oCriteria = new Criteria('dbarray'); $oCriteria->setDBArrayTable('fields'); /** * *@Erik-> this is deprecated,. * (unuseful) $G_PUBLISH->AddContent('propeltable', 'paged-table', 'dynaforms/fields_List', $oCriteria, $Parameters, '', SYS_URI.'dynaforms/dynaforms_PagedTableAjax');** */ $G_PUBLISH->AddContent('blank'); $G_PUBLISH->AddContent('xmlform', 'xmlform', 'dynaforms/dynaforms_JSEditor', 'display:none', $JSEditor, '', ''); } catch (Exception $e) { } $G_PUBLISH->AddContent('xmlform', 'xmlform', 'dynaforms/dynaforms_Properties', 'display:none', $Properties, '', ''); //for showHide tab option @Neyek $G_PUBLISH->AddContent('blank'); $G_PUBLISH->AddContent('panel-tab', G::LoadTranslation("ID_PREVIEW"), $sName . '[3]', 'dynaformEditor.changeToPreview', 'dynaformEditor.saveCurrentView'); $G_PUBLISH->AddContent('panel-tab', G::LoadTranslation("ID_XML"), $sName . '[4]', 'dynaformEditor.changeToXmlCode', 'dynaformEditor.saveCurrentView'); if ($Properties['DYN_TYPE'] != 'grid') { $G_PUBLISH->AddContent('panel-tab', G::LoadTranslation("ID_HTML"), $sName . '[5]', 'dynaformEditor.changeToHtmlCode', 'dynaformEditor.saveCurrentView'); } $G_PUBLISH->AddContent('panel-tab', G::LoadTranslation("ID_FIELDS_LIST"), $sName . '[6]', 'dynaformEditor.changeToFieldsList', 'dynaformEditor.saveCurrentView'); if ($Properties["DYN_TYPE"] != "grid") { $G_PUBLISH->AddContent('panel-tab', G::LoadTranslation("ID_JAVASCRIPTS"), $sName . '[7]', 'dynaformEditor.changeToJavascripts', 'dynaformEditor.saveCurrentView'); } $G_PUBLISH->AddContent('panel-tab', G::LoadTranslation("ID_PROPERTIES"), $sName . '[8]', 'dynaformEditor.changeToProperties', 'dynaformEditor.saveCurrentView'); //for showHide tab option @Neyek if ($Properties["DYN_TYPE"] != "grid") { $G_PUBLISH->AddContent("panel-tab", G::LoadTranslation("ID_CONDITIONS_EDITOR"), $sName . "[9]", "dynaformEditor.changeToShowHide", "dynaformEditor.saveShowHide"); } $G_PUBLISH->AddContent('panel-close'); $oHeadPublisher->addScriptFile("/js/maborak/core/maborak.loader.js", 2); $oHeadPublisher->addScriptFile('/jscore/dynaformEditor/core/dynaformEditor.js'); //$oHeadPublisher->addScriptFile('/js/dveditor/core/dveditor.js'); //$oHeadPublisher->addScriptFile('/codepress/codepress.js',1); $oHeadPublisher->addScriptFile('/js/codemirrorOld/js/codemirror.js', 1); $oHeadPublisher->addScriptFile('/js/grid/core/grid.js'); $oHeadPublisher->addScriptCode(' var DYNAFORM_URL="' . $Parameters['URL'] . '"; leimnud.event.add(window,"load",function(){ loadEditor(); }); '); $oHeadPublisher->addScriptCode(' var jsMeta;var __usernameLogged__ = "' . (isset($_SESSION['USR_USERNAME']) ? $_SESSION['USR_USERNAME'] : '') . '";var SYS_LANG = "' . SYS_LANG . '";var __DYN_UID__ = "' . $this->dyn_uid . '";'); $oHeadPublisher->addScriptCode('var dynaformEditorParams = \'' . serialize($Parameters) . '\';'); G::RenderPage("publish", 'blank'); }
die('alert(\'Invalid update script defined custom CID. Please try to refresh site manually.\');'); } } else { define('CID', false); } //i know that i won't access $_SESSION['client'] require_once 'include/session.php'; // if it's direct request to this file return content-type: text/javascript // otherwise it's include and do not send header. if (isset($_SERVER['SCRIPT_FILENAME']) && $_SERVER['SCRIPT_FILENAME'] == __FILE__) { header("Content-type: text/javascript"); } $client_id = isset($_SESSION['num_of_clients']) ? $_SESSION['num_of_clients'] : 0; $client_id_next = $client_id + 1; if ($client_id_next == 5) { $client_id_next = 0; } $_SESSION['num_of_clients'] = $client_id_next; session_commit(); DBSession::destroy_client(session_id(), $client_id); ?> Epesi.init(<?php print $client_id; ?> ,'<?php print rtrim(str_replace('\\', '/', dirname($_SERVER['PHP_SELF'])), '/') . '/process.php'; ?> ','<?php print http_build_query($_GET); ?> ');
$G_PUBLISH = new Publisher(); $G_PUBLISH->AddContent('xmlform', 'xmlform', 'cases/cases_TaskDetails', '', $aFields); G::RenderPage('publish', 'raw'); break; case 'showUsers': switch ($_POST['TAS_ASSIGN_TYPE']) { // switch verify $_POST['TAS_ASSIGN_TYPE'] case 'BALANCED': G::LoadClass('user'); $oUser = new User(new DBConnection()); $oUser->load($_POST['USR_UID']); echo $oUser->Fields['USR_FIRSTNAME'] . ' ' . $oUser->Fields['USR_LASTNAME'] . '<input type="hidden" name="form[TASKS][1][USR_UID]" id="form[TASKS][1][USR_UID]" value="' . $_POST['USR_UID'] . '">'; break; case 'MANUAL': $sAux = '<select name="form[TASKS][1][USR_UID]" id="form[TASKS][1][USR_UID]">'; $oSession = new DBSession(new DBConnection()); /* $oDataset = $oSession->Execute("SELECT TU.USR_UID AS USR_UID, CONCAT(U.USR_LASTNAME, ' ', U.USR_FIRSTNAME) AS USR_FULLNAME FROM TASK_USER AS TU LEFT JOIN USERS AS U ON ( TU.USR_UID = U.USR_UID ) WHERE TU.TAS_UID = '" . $_POST['TAS_UID'] . "' AND TU.TU_TYPE = 1 AND TU.TU_RELATION = 1 AND
define('SET_SESSION', false); define('CID', false); define('READ_ONLY_SESSION', isset($_GET['_action']) && $_GET['_action'] == 'plugin.epesi_archive' ? false : true); require_once 'include/data_dir.php'; require_once 'include/config.php'; require_once 'include/database.php'; require_once 'include/session.php'; // load to get class in runtime global $E_SESSION, $E_SESSION_ID; $E_SESSION_ID = $_COOKIE[session_name()]; if (!$E_SESSION_ID) { $E_SESSION_ID = $_REQUEST[session_name()]; } $tmp = $_SESSION; DBSession::open('', $E_SESSION_ID); DBSession::read($E_SESSION_ID); $E_SESSION = $_SESSION; $_SESSION = $tmp; chdir($d); $data_dir = EPESI_LOCAL_DIR . '/' . DATA_DIR . '/CRM_Roundcube/tmp/'; $log_dir = EPESI_LOCAL_DIR . '/' . DATA_DIR . '/CRM_Roundcube/log/'; if (!file_exists($data_dir)) { mkdir($data_dir); } if (!file_exists($log_dir)) { mkdir($log_dir); } try { if (!isset($E_SESSION['user'])) { throw new Exception('Not logged'); }
* GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * * For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. * */ if (($RBAC_Response = $RBAC->userCanAccess("PM_SETUP")) != 1) { return $RBAC_Response; } $G_ENABLE_BLANK_SKIN = true; $uid = $_SESSION['USER_LOGGED']; $dbc = new DBConnection(); $ses = new DBSession($dbc); G::LoadClass('templateTable'); $query = $ses->execute('select USR_COUNTRY ,USR_CITY ,USR_LOCATION from USER where UID = "' . $uid . '"'); $param = $query->read(); $city = $param['USR_CITY']; $query = $ses->execute('SELECT UID,CAPTION FROM TERRITORY WHERE TERRITORY="LOCATION" AND RELATION="' . $city . '"'); /* $table=new templateTable('list_template.html','DIV_LOCATIONS'); $table->formatTitleCol(0,'width="80%"'); $table->formatTitleCol(1,'align="center"'); $table->formatCol(0,'width="80%" '); $table->formatCol(1,'align="center"'); $table->addTitle(array(G::LoadTranslation('ID_LOCATION'),'')); for($r=0;$r<$query->count();$r++) {
define('JS_OUTPUT', 1); define('EPESI_PROCESS', 1); require_once 'include.php'; if (epesi_requires_update()) { die('window.location = "index.php";'); } if (!isset($_SESSION['num_of_clients'])) { Epesi::alert('Session expired, restarting Epesi'); Epesi::redirect(); Epesi::send_output(); define('SESSION_EXPIRED', 1); //session_commit(); //DBSession::destroy(session_id()); } elseif ((!isset($_POST['history']) || !is_numeric($_POST['history']) || $_POST['history'] > 0) && !isset($_SESSION['client']['__history_id__'])) { Epesi::alert('Too many Epesi tabs open - session expired, restarting Epesi'); Epesi::redirect(); Epesi::send_output(); define('SESSION_EXPIRED', 1); //session_commit(); DBSession::destroy_client(session_id(), CID); } else { Epesi::process($_POST['url'], isset($_POST['history']) ? $_POST['history'] : false); } $content = ob_get_contents(); ob_end_clean(); require_once 'libs/minify/HTTP/Encoder.php'; $he = new HTTP_Encoder(array('content' => $content)); if (MINIFY_ENCODE) { $he->encode(); } $he->sendAll();