/**
* Create template link
*
* Will create a link to a template specified by either an 'id' or 'name'
* parameter. Any parameters starting with '_' will be added to the query
* string (without the _). This allows you to pass extra info in the
* link. use parameter target to set the html target value
*/
public static function SMARTY_templateLink($params)
{
global $cfg;
$text = $params['text'];
if (isset($params['name'])) {
$id = MVCUtils::getTemplateID($params['name']);
} elseif (isset($params['id'])) {
$id = $params['id'];
} else {
//$id = default template
}
if (isset($params['target'])) {
$target = "target='" . $params['target'] . "'";
} else {
$target = '';
}
$extraQueryInfo = "";
foreach ($params as $k => $v) {
if (substr($k, 0, 1) == '_') {
$k = substr($k, 1);
$extraQueryInfo .= "&{$k}={$v}";
}
}
$path = $cfg['general']['siteRoot'] . "?templateID={$id}" . $extraQueryInfo;
return "<a href='{$path}' {$target}>{$text}</a>";
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$loginTplID = MVCUtils::getTemplateID('login.tpl');
$this->assign('loginTplID', $loginTplID);
}
public function isValid()
{
global $cfg;
$db = Database::getInstance($cfg['MVC']['dsn']);
$rules = $db->getAll("SELECT vrclassname, description, fieldname, \r\n\t\t\tfieldvalidators.modulename FROM fieldvalidators, formfields \r\n\t\t\tWHERE formfields.ruleid = fieldvalidators.ruleid\r\n\t\t\tAND formname = '{$this->formName}'");
//This statement has been removed from the where clause:
//modulename = '{$this->fieldData['moduleName']}' AND
$invalidFields = array();
$sess = Session::getInstance();
// Validate the submitted fields
foreach ($rules as $rule) {
MVCUtils::includeValidator($rule['vrclassname'], $rule['modulename']);
eval("\$validatorObj = new {$rule['vrclassname']}(\$this->fieldData);");
$vResult = $validatorObj->isValid($this->fieldData[$rule['fieldname']]);
if ($vResult !== true) {
//Put the errors:
// a) straight into the errors array for backwards compatibility
// b) into a sub array, whose key is the submitted value for
// errorFormName, otherwise use the form name
$invalidFields[$rule['fieldname']] = $vResult;
if (!$this->errorFormName) {
$invalidFields[$this->formName][$rule['fieldname']] = $vResult;
} else {
$invalidFields[$this->errorFormName][$rule['fieldname']] = $vResult;
}
}
if ($sess->keyExists('auth_user')) {
BasicLogger::logMessage($sess->getValue('auth_user'), self::module, "debug");
}
}
if (!checkdate($this->fieldData['month'], $this->fieldData['day'], $this->fieldData['year']) || !is_numeric($this->fieldData['month']) || !is_numeric($this->fieldData['day']) || !is_numeric($this->fieldData['year'])) {
$invalidFields[$this->formName]['form'] = "Invalid Date";
}
return $invalidFields;
}
public function SMARTY_getTemplateID($params)
{
if (isset($params['name'])) {
return MVCUtils::getTemplateID($params['name']);
} else {
return '';
}
}
/**
* Construct the object
*
* @param Exception The exception to be made user friendly
*/
public function __construct($exception)
{
global $cfg;
$this->template = new Smarty();
$this->template->compile_dir = $cfg['smarty']['compiledir'];
$this->exception = $exception;
$this->templateFileName = MVCUtils::findTemplate($cfg['smarty']['RenderedexceptionTemplateFile']);
$this->_setupTemplate();
}
protected function processInvalid()
{
//No invalid processing required
if ($this->errors['form']) {
MVCUtils::redirect(MVCUtils::getTemplateID('dpsuserdirmove.tpl'), array("rootdir" => $this->fieldData['dirID'], "error" => "form"));
} else {
MVCUtils::redirect(MVCUtils::getTemplateID('dpsuserdirmove.tpl'), array("rootdir" => $this->fieldData['dirID'], "error" => "perm"));
}
}
public static function smarty_resource_rfile_timestamp($templateName, &$timestamp, &$smarty)
{
global $cfg;
$file = MVCUtils::findTemplate($templateName);
if ($file === false) {
return false;
} else {
return true;
}
}
protected function setupTemplate()
{
parent::setupTemplate();
$tid = $this->fieldData['editid'];
$this->assign('templateID', $tid);
$this->assign('templateFileName', MVCUtils::getTemplateFileName($tid));
$this->assign('templateModel', MVCUtils::getModelClassNameFromDB($tid));
$this->assign('templateViewer', MVCUtils::getViewerClassNameFromDB($tid));
$this->assign('templateRealm', MVCUtils::getRealmIDFromDB($tid));
}
protected function processInvalid()
{
//No invalid processing required
if ($this->errors['text']) {
MVCUtils::redirect(MVCUtils::getTemplateID('dpssteditawitem.tpl'), array("awitemID" => $this->fieldData['awitemID'], "error" => "text"));
} elseif ($this->errors['style']) {
MVCUtils::redirect(MVCUtils::getTemplateID('dpssteditawitem.tpl'), array("awitemID" => $this->fieldData['awitemID'], "error" => "style"));
} elseif ($this->errors['audioID']) {
MVCUtils::redirect(MVCUtils::getTemplateID('dpssteditawitem.tpl'), array("awitemID" => $this->fieldData['awitemID'], "error" => "audioID"));
}
}
protected function processValid()
{
global $cfg;
$db = Database::getInstance($cfg['DPS']['dsn']);
$where = "id = " . pg_escape_string($this->fieldData['scriptID']);
$item['name'] = $this->fieldData['name'];
$item['contents'] = $this->fieldData['content'];
$item['length'] = 60 * $this->fieldData['mins'] + $this->fieldData['secs'];
$db->update('scripts', $item, $where, true);
if (isset($this->fieldData['Submit'])) {
MVCUtils::redirect(44);
}
}
protected function assignViewerNames()
{
global $cfg;
$db = Database::getInstance($cfg['MVC']['dsn']);
$physicalViewers = MVCUtils::listPresent('viewer');
for ($i = 0; $i < count($physicalViewers); $i++) {
$tmp = preg_split('/\\./', $physicalViewers[$i]);
$physicalViewers[$i] = $tmp[0];
}
if (count($physicalViewers) > 0) {
$this->assign("viewers", $physicalViewers);
}
}
public function isValid(&$data)
{
global $cfg;
$db = Database::getInstance($cfg['MVC']['dsn']);
$data = $db->quoteSmart($data);
$exists = $db->getOne("SELECT COUNT(*) FROM templates WHERE filename = {$data}");
if ($exists > 0) {
return 'The specified template is already in use';
} elseif (MVCUtils::findTemplate($data) === false) {
return 'The specified template does not exist';
} else {
return true;
}
}
protected function processValid()
{
global $cfg;
$db = Database::getInstance($cfg['DPS']['dsn']);
$sql = "SELECT COUNT(*) FROM showitems \n\t\t\tWHERE showplanid = " . $this->fieldData['showID'];
$pos = $db->getOne($sql);
$pos++;
$showitem['showplanid'] = $this->fieldData['showID'];
$showitem['position'] = $pos;
$showitem['title'] = 'New Item';
$showitem['length'] = 0;
$showitem['id'] = '#id#';
$itemID = $db->insert('showitems', $showitem, true);
MVCUtils::redirect("58", array("itemID" => $itemID));
}
protected function processValid()
{
global $cfg;
$db = Database::getInstance($cfg['DPS']['dsn']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$userName = $auth->getUser();
$sql = "SELECT id FROM dir\n\t\t\t\tWHERE parent = " . $cfg['DPS']['userDirectoryID'] . "\n\t\t\t\tAND name = '" . $userName . "'";
$dirID = $db->getOne($sql);
if ($dirID == '') {
$newdir['name'] = $userName;
$newdir['parent'] = $cfg['DPS']['userDirectoryID'];
$newdir['id'] = '#id#';
$newdir['notes'] = $userName . "'s home directory";
$newdir['inherit'] = 'f';
$dirID = $db->insert('dir', $newdir, true);
$newperm['dirid'] = $dirID;
$newperm['userid'] = $userID;
$newperm['permissions'] = 'B' . $cfg['DPS']['fileRW'] . 'B';
$db->insert('dirusers', $newperm, false);
//for binary insert
$sql_gperm['dirid'] = $dirID;
$sql_gperm['permissions'] = 'B' . $cfg['DPS']['fileRWO'] . 'B';
$sql_gperm['groupid'] = $cfg['Auth']['AdminGroup'];
$db->insert('dirgroups', $sql_gperm, false);
}
$newscript['name'] = "New Script";
$newscript['userid'] = $userID;
$newscript['creationdate'] = time();
$newscript['id'] = '#id#';
$newscript['length'] = 0;
$scriptID = $db->insert('scripts', $newscript, true);
$newsperm['scriptid'] = $scriptID;
$newsperm['userid'] = $userID;
$newsperm['permissions'] = 'B' . $cfg['DPS']['fileRWO'] . 'B';
//own
$db->insert('scriptsusers', $newsperm, false);
//for binary insert
$gperm['groupid'] = $cfg['Auth']['AdminGroup'];
$gperm['scriptid'] = $scriptID;
$gperm['permissions'] = 'B' . $cfg['DPS']['fileRWO'] . 'B';
$db->insert('scriptsgroups', $gperm, false);
$scriptdir['scriptid'] = $scriptID;
$scriptdir['dirid'] = $dirID;
$scriptdir['linktype'] = 0;
$db->insert('scriptsdir', $scriptdir, true);
MVCUtils::redirect(45, array("scriptID" => $scriptID));
}
protected function processValid()
{
global $cfg;
$db = Database::getInstance($cfg['DPS']['dsn']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$userName = $auth->getUser();
$sql = "SELECT id FROM dir \n\t\t\t\tWHERE parent = " . $cfg['DPS']['userDirectoryID'] . "\n\t\t\t\tAND name = '" . $userName . "'";
$dirID = $db->getOne($sql);
if ($dirID == '') {
$newdir['name'] = $userName;
$newdir['parent'] = $cfg['DPS']['userDirectoryID'];
$newdir['id'] = '#id#';
$newdir['notes'] = $userName . "'s home directory";
$newdir['inherit'] = 'f';
$dirID = $db->insert('dir', $newdir, true);
$newperm['dirid'] = $dirID;
$newperm['userid'] = $userID;
$newperm['permissions'] = 'B' . $cfg['DPS']['fileRW'] . 'B';
$db->insert('dirusers', $newperm, false);
//for binary
$sql_gperm['dirid'] = $dirID;
$sql_gperm['permissions'] = 'B' . $cfg['DPS']['fileRWO'] . 'B';
$sql_gperm['groupid'] = $cfg['Auth']['AdminGroup'];
$db->insert('dirgroups', $sql_gperm, false);
}
$newshow['name'] = "New Show";
$newshow['userid'] = $userID;
$newshow['creationdate'] = time();
$newshow['showdate'] = mktime(date('H', time()), 0, 0) + 604800;
$newshow['completed'] = 'f';
$newshow['id'] = '#id#';
$showID = $db->insert('showplans', $newshow, true);
$newsperm['showplanid'] = $showID;
$newsperm['userid'] = $userID;
$newsperm['permissions'] = 'B' . $cfg['DPS']['fileRWO'] . 'B';
$db->insert('showplansusers', $newsperm, false);
//for binary
$gperm['groupid'] = $cfg['Auth']['AdminGroup'];
$gperm['showplanid'] = $showID;
$gperm['permissions'] = 'B' . $cfg['DPS']['fileRWO'] . 'B';
$db->insert('showplansgroups', $gperm, false);
$showdir['showplanid'] = $showID;
$showdir['dirid'] = $dirID;
$showdir['linktype'] = 0;
$db->insert('showplansdir', $showdir, true);
MVCUtils::redirect("55", array("showID" => $showID));
}
/**
* Construct the viewer and load values
*
* If you intend on overriding this classes constructor you should ensure
* that you call parent::__construct(); to ensure that the class
* is loaded correctly.
*
* @param string $templateID The ID of the template for the page to be viewed. This ID is the ID of the template in the database.
* @param string $formName The name of the form (if any) which has been submitted
* @param array $fieldData An associative array for field/value pairs from the submitted form (if any)
* @todo Add authnetication checks to call processInvalid or processInvalid accordingly.
*/
public function __construct($templateIDS, $formName = null, $modelModuleName, $viewerModuleName, &$fieldData = array(), &$errors = array())
{
//Store class variables
$this->templateIDStack = $templateIDS;
$this->templateID = end($templateIDS);
$this->formName = $formName;
$this->fieldData =& $fieldData;
$this->errors =& $errors;
if (count($errors) > 0) {
$this->processInvalid();
} else {
$this->processValid();
}
//something
//Initialise the viewer
$this->viewer = MVCUtils::initializeViewer($this->templateIDStack, $formName, $viewerModuleName, $fieldData, $errors);
//The $viewer class variable is now loaded
$this->code = $this->viewer->getCode();
}
protected function processValid()
{
global $cfg;
$auth = Auth::getInstance();
//If the fwtid (forward template id) variable is set, then set the
//templateID to that requested as long as the user has permission
BasicLogger::logMessage("Checking access to requested template", 'debug');
if (isset($this->fieldData['fwdtid']) && $this->fieldData['fwdtid'] != '' && AuthUtil::templateAccessAllowed($this->fieldData['fwdtid'], $auth->getUserID())) {
BasicLogger::logMessage("Access granted, forwarding user to {$this->fieldData['fwdtid']}", 'debug');
MVCUtils::redirect($this->fieldData['fwdtid']);
//If the fwtid (forward template id) variable is not set, then set the
//templateID to that default as long as the user has permission
} elseif (!(isset($this->fieldData['fwdtid']) && $this->fieldData['fwdtid'] == '') && AuthUtil::templateAccessAllowed(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']), $auth->getUserID())) {
BasicLogger::logMessage("Access granted, forwarding user to {$cfg['smarty']['defaultTemplate']}", 'debug');
MVCUtils::redirect(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']));
//If all the above fails, show the user permission denied
} else {
BasicLogger::logMessage("Access denied", 'debug');
MVCUtils::redirect(MVCUtils::getTemplateID($cfg['Auth']['permissionErrorTemplate']));
}
/*//If the fwtid (forward template id) variable is set, then set the
//templateID to that requested as long as the user is allowed access.
if(isset($this->fieldData['fwdtid']) &&
$this->fieldData['fwdtid'] != '' &&
AuthUtil::templateAccessAllowed($this->fieldData['fwdtid'], $auth->getUserID())){
$this->templateID = $this->fieldData['fwdtid'];
//If now fwtid has not been set, then forward to the default template
//as long as the user is allowed access
}elseif((!isset($this->fieldData['fwdtid']) ||
$this->fieldData['fwdtid'] == '') &&
AuthUtil::templateAccessAllowed(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']), $auth->getUserID())){
$this->templateID = MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']);
}*/
}
/**
* Initialise the Renderer object
*
* Will determine if the required request variables are present.
* If not present an exception will be thrown and caught
*
* @var string
*/
public function __construct($templateID, $templateIDS, $fieldData = array(), $errors = array())
{
global $cfg;
try {
$this->templateIDStack = $templateIDS;
$this->templateIDStack[] = $templateID;
$this->fieldData = $fieldData;
$this->errors = $errors;
if ($this->checkAuth()) {
$db = Database::getInstance($cfg['MVC']['dsn']);
$this->viewerModuleName = $db->getOne("SELECT modulename FROM templates WHERE templateid = ?", array(end($this->templateIDStack)));
$newViewer = MVCUtils::initializeViewer($this->templateIDStack, null, $this->viewerModuleName, $this->fieldData, $this->errors);
} else {
$templateID = MVCUtils::getTemplateID($cfg['Auth']['rendererPermissionErrorTemplate']);
array_pop($this->templateIDStack);
$this->templateIDStack[] = $templateID;
$newViewer = MVCUtils::initializeViewer($this->templateIDStack, null, 'tkfecommon', $this->fieldData, $this->errors);
}
$this->viewer = $newViewer;
//If a problem occured then return a textual error
} catch (Exception $e) {
$this->viewer = new ExceptionViewer($e);
}
}
<?php
/**
* @package FrontEnds
* @subpackage CMS
*/
include_once $cfg['MVC']['dir']['root'] . '/MVCUtils.class.php';
MVCUtils::includeViewer('EditContentWindowViewer', 'CMS');
class EditContentViewer extends EditContentWindowViewer
{
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['MVC']['dsn']);
$sql = 'SELECT regionid FROM cmsregions ORDER BY name';
$rIDs = $db->getColumn($sql);
$sql = 'SELECT name FROM cmsregions ORDER BY name';
$rNames = $db->getColumn($sql);
$regions = array_combine($rIDs, $rNames);
$this->assign('regions', $regions);
if (isset($this->fieldData['regionID'])) {
$sql = 'SELECT cmsregions.inlinetoolbar,
cmsregions.windowtoolbar,
cmsregions.editrealm,
cmsregions.viewrealm,
cmsregions.name FROM cmsregions
WHERE cmsregions.regionid = ?';
$regionData = $db->getRow($sql, array($this->fieldData['regionID']));
$this->assign('inlineToolbar', $regionData['inlinetoolbar']);
$this->assign('windowToolbar', $regionData['windowtoolbar']);
/**
* Initialise the Page object
*
* Will determine if the required request variables are present.
* If not present an exception will be thrown and caught
*
* @var string
*/
public function __construct()
{
list($usec, $sec) = explode(" ", microtime());
$startTime = (double) $usec + (double) $sec;
global $cfg;
try {
##############
## Include the Auth and AuthUtil classes
# $modulePath = $cfg['general']['toolkitRoot'] . '/' . $cfg['Auth']['authClassModule'];
$modulePath = $cfg['Auth']['dir']['root'];
$moduleName = $cfg['Auth']['authClassModule'];
// try to include Auth
if (!(include_once "{$modulePath}/{$moduleName}.class.php")) {
throw new Exception("It was not possible to include Auth.class.php. I tried to find it here: {$modulePath}/{$moduleName}.class.php");
}
if (!class_exists("Auth")) {
throw new Exception("The {$moduleName}.class.php ({$modulePath}/{$moduleName}.class.php) file was included but the Auth class could not be found");
}
// try to include AuthUtil
if (!(include_once "{$modulePath}/AuthUtil.class.php")) {
throw new Exception("It was not possible to include AuthUtil.class.php. I tried to find it here: {$modulePath}/AuthUtil.class.php");
}
if (!class_exists("AuthUtil")) {
throw new Exception("The AuthUtil.class.php ({$modulePath}/AuthUtil.class.php) file was included but the AuthUtil class could not be found");
}
$db = Database::getInstance($cfg['MVC']['dsn']);
$errors = array();
//Load data from superglobals
$this->loadFieldData();
//Redirect the user to the actual site (disabled when proxypassed)
if ($cfg['general']['proxypass'] == 'f' && $_SERVER['HTTP_HOST'] != $cfg['general']['domain']) {
$url = $cfg['general']['protocol'] . $cfg['general']['domain'] . $cfg['general']['siteRoot'];
header("Location: {$url}");
exit;
}
//Load template ID
if (isset($this->fieldData['templateID']) && $this->fieldData['templateID'] != '') {
$this->templateID = $this->fieldData['templateID'];
} elseif (isset($cfg['smarty']['defaultTemplate'])) {
$this->templateID = MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']);
} else {
//Template ID is required. Therefore throw an exception
throw new LoggedException('No template ID or default template specified', 0, self::module);
}
//Load form name
if (isset($this->fieldData['formName'])) {
$this->formName = $this->fieldData['formName'];
} else {
//formName is not required, so set to empty string
//note that forms will be ignored if this is not passed
$this->fieldData['formName'] = null;
}
//Load the module names
$this->viewerModuleName = $db->getOne("SELECT modulename FROM templates WHERE templateid = ?", array($this->templateID));
if (isset($this->fieldData['moduleName']) && $this->fieldData['moduleName'] != '') {
$this->modelModuleName = $this->fieldData['moduleName'];
} else {
$this->modelModuleName = 'MVC';
}
### Check that the user has permission to use the submitted form
// get the realmid of the submitted form
$sql = 'SELECT realmid FROM forms WHERE formname = ? AND modulename = ?';
$realmid = $db->getOne($sql, array($this->formName, $this->modelModuleName));
$auth = Auth::getInstance();
// If the realm id could not found then allow access
// (this will cause 'Model' to be used - so no processing occurs)
if (!$realmid) {
//Access is allowed
$modelAccess = true;
} else {
//Check if the user has access to the realm associated with the form
if (!$auth->isLoggedIn()) {
$auth->attemptLogin($cfg['Auth']['anonuser']);
} else {
$auth->attemptLogin();
}
$path = AuthUtil::getRealmPath($realmid);
if (!AuthUtil::getDetailedUserrealmAccess($path, $auth->getUserID())) {
//If the user does not have permission, show an error
$modelAccess = false;
$errors = array('permission' => 'You do not have permission to use the submited form');
} else {
//Set access flag to false
$modelAccess = true;
}
}
//If access to the requested form is allowed
if ($modelAccess) {
//If a form was submitted
if (isset($this->formName) && !is_null($this->formName)) {
//Then validate the form data
//Store any errors in $errors
$errors = $this->validate();
}
}
//If the user has access to the requested template
if ($this->checkAuth()) {
if ($modelAccess) {
$newModel = MVCUtils::initializeModel(array($this->templateID), $this->formName, $this->modelModuleName, $this->viewerModuleName, $this->fieldData, $errors);
} else {
$this->templateID = MVCUtils::getPermErrorTemplateID();
$newModel = MVCUtils::initializeModel(array($this->templateID), null, 'MVC', 'Auth', $this->fieldData, $errors);
}
//If there are errors then these will be passed in the $errors array,
//if there are no errors then $errors will simple be an empty array
//If no form name was passed, $this->formName will be null
} else {
//The user is not authorised to access this area
$auth = Auth::getInstance();
//Set the template ID to that of the permission error template
$this->templateID = MVCUtils::getPermErrorTemplateID();
//Get the reason for failure and specify an error message
$reason = $auth->getFailureReason();
if (count($errors) == 0) {
if ($reason == 2) {
$errors = array('permission' => 'Your session has been inactive for too long');
} elseif ($reason != 0) {
$errors = array('permission' => 'Unfortunately, an error has occurred. Please attempt logging in again.');
} else {
$errors = array('permission' => 'You do not have permission to view this page');
}
}
//Initialise the viewer for the permission error template
if ($auth->getUserID() == $cfg['Auth']['anonuserID'] && $cfg['Auth']['anonuserredirect'] == 'y') {
$permErrorTID = $cfg['Auth']['anonuserRedirectTemplateID'];
$newModel = MVCUtils::initializeViewer(array($permErrorTID), null, 'tkfecommon', null, $errors);
} else {
$permErrorTID = MVCUtils::getTemplateID($cfg['Auth']['permissionErrorTemplate']);
$newModel = MVCUtils::initializeViewer(array($permErrorTID), null, 'tkfecommon', null, $errors);
}
}
//Print out the page
echo $newModel->getCode();
} catch (Exception $e) {
//If a problem occured then create an error page
$ev = new ExceptionViewer($e);
$ev->printTemplate();
exit;
}
//Show the execution time if set in config file
if ($cfg['smarty']['showExecTime']) {
list($usec, $sec) = explode(" ", microtime());
$endTime = (double) $usec + (double) $sec;
$totalTime = round($endTime - $startTime, 3);
$log = Database::getQueryLog();
echo "Total time to parse page: {$totalTime} seconds<br />\n";
echo "Total number of queries: " . Database::getTotalQueries();
echo "<br />Log: ";
print_r($log);
}
}
<?php
/**
* @package FrontEnds
* @subpackage Auth
*/
include_once $cfg['MVC']['dir']['root'] . '/MVCUtils.class.php';
MVCUtils::includeViewer('Viewer', 'tkfecommon');
class LocationViewer extends Viewer
{
protected function setupTemplate()
{
parent::setupTemplate();
global $cfg;
$db = Database::getInstance($cfg['DPS']['dsn']);
$sql = "SELECT DISTINCT location as locid, location as locname \n\t\t\tFROM configuration \n\t\t\tWHERE location != -1 AND \n\t\t\t\tlocation != 0\n\t\t\tORDER BY location ASC";
$locs = $db->getAll($sql);
$this->assign('locs', $locs);
}
}
protected function processValid()
{
global $cfg;
$db = Database::getInstance($cfg['Auth']['dsn']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$userName = $auth->getUser();
$sql = "SELECT usersconfigs.val, usersconfigs.id \n\t\t\tFROM configs, usersconfigs \n\t\t\tWHERE configs.id = usersconfigs.configid \n\t\t\tAND configs.name = 'user_curlogin' \n\t\t\tAND usersconfigs.userid = " . $userID;
$usercurlogin = $db->getRow($sql);
$sql = "SELECT usersconfigs.val, usersconfigs.id\n\t\t\tFROM configs, usersconfigs \n\t\t\tWHERE configs.id = usersconfigs.configid\n\t\t\tAND configs.name = 'user_lastlogin'\n\t\t\tAND usersconfigs.userid = " . $userID;
$userlastlogin = $db->getRow($sql);
$sql = "SELECT id FROM dir \n\t\t\tWHERE parent = " . $cfg['DPS']['userDirectoryID'] . " \n\t\t\tAND name = '" . $userName . "'";
$dirID = $db->getOne($sql);
if ($dirID == '') {
$newdir['name'] = $userName;
$newdir['parent'] = $cfg['DPS']['userDirectoryID'];
$newdir['id'] = '#id#';
$newdir['notes'] = $userName . "'s home directory";
$newdir['inherit'] = 'f';
$dirID = $db->insert('dir', $newdir, true);
$newperm['dirid'] = $dirID;
$newperm['userid'] = $userID;
$newperm['permissions'] = 'B' . $cfg['DPS']['fileRW'] . 'B';
$db->insert('dirusers', $newperm, false);
//false for binary insert
$sql_gperm['dirid'] = $dirID;
$sql_gperm['permissions'] = 'B' . $cfg['DPS']['fileRWO'] . 'B';
$sql_gperm['groupid'] = $cfg['Auth']['AdminGroup'];
$db->insert('dirgroups', $sql_gperm, false);
}
if (is_null($userlastlogin) && !is_null($usercurlogin)) {
$awset = array();
$sql = "SELECT id FROM configs WHERE configs.name = 'user_lastlogin'";
$awset['configid'] = $db->getOne($sql);
$awset['val'] = $usercurlogin['val'];
$awset['userid'] = $userID;
$db->insert('usersconfigs', $awset, true);
} elseif (is_null($userlastlogin) && is_null($usercurlogin)) {
$awset = array();
$sql = "SELECT id FROM configs WHERE configs.name = 'user_lastlogin'";
$awset['configid'] = $db->getOne($sql);
$awset['val'] = time();
$awset['userid'] = $userID;
$db->insert('usersconfigs', $awset, true);
} elseif (!is_null($userlastlogin) && is_null($usercurlogin)) {
$logint = array();
$logint['val'] = time();
$atWhere = "id = " . $userlastlogin['id'];
$db->update('usersconfigs', $logint, $atWhere, true);
} else {
$logint = array();
$logint['val'] = $usercurlogin['val'];
$atWhere = "id = " . $userlastlogin['id'];
$db->update('usersconfigs', $logint, $atWhere, true);
}
if (is_null($usercurlogin)) {
$awset = array();
$sql = "SELECT id FROM configs WHERE configs.name = 'user_curlogin'";
$awset['configid'] = $db->getOne($sql);
$awset['val'] = time();
$awset['userid'] = $userID;
$db->insert('usersconfigs', $awset, true);
} else {
$logint = array();
$logint['val'] = time();
$atWhere = "id = " . $usercurlogin['id'];
$db->update('usersconfigs', $logint, $atWhere, true);
}
BasicLogger::logMessage("Checking access to requested template", 'debug');
if (isset($this->fieldData['fwdtid']) && $this->fieldData['fwdtid'] != '' && AuthUtil::templateAccessAllowed($this->fieldData['fwdtid'], $auth->getUserID())) {
BasicLogger::logMessage("Access granted, forwarding user to {$this->fieldData['fwdtid']}", 'debug');
MVCUtils::redirect($this->fieldData['fwdtid']);
//If the fwtid (forward template id) variable is not set, then set the
//templateID to that default as long as the user has permission
} elseif (!(isset($this->fieldData['fwdtid']) && $this->fieldData['fwdtid'] == '') && AuthUtil::templateAccessAllowed(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']), $auth->getUserID())) {
BasicLogger::logMessage("Access granted, forwarding user to {$cfg['smarty']['defaultTemplate']}", 'debug');
MVCUtils::redirect(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']));
//If all the above fails, show the user permission denied
} else {
BasicLogger::logMessage("Access denied", 'debug');
MVCUtils::redirect(MVCUtils::getTemplateID($cfg['Auth']['permissionErrorTemplate']));
}
}
public static function SMARTY_showRegion1($params = array(), $invalidFields = array(), $TIDS)
{
$Rend = new Renderer(MVCUtils::getTemplateID('editorForm.tpl'), $TIDS, $params, $invalidFields);
return $Rend->getCode();
}
<?php
/**
* @package FrontEnds
* @subpackage MVC
*/
include_once $cfg['DBAL']['dir']['root'] . '/Database.class.php';
//include_once($cfg['Auth']['dir']['root'] . '/Auth.class.php');
//in/lude_once($cfg['Auth']['dir']['root'] . '/AuthUtil.class.php');
MVCUtils::includeModel('TemplateModel', 'MVC');
/**
* Model for template management
*/
class AddTemplateModel extends TemplateModel
{
const module = 'MVCFrontEnd';
protected function processValid()
{
if (isset($this->fieldData['submit'])) {
global $cfg;
$db = Database::getInstance($cfg['MVC']['dsn']);
$insertArray = array('filename' => $this->fieldData['fileName'], 'modelclassname' => $this->fieldData['modelName'], 'viewerclassname' => $this->fieldData['viewerName']);
$db->insert('templates', $insertArray);
}
}
protected function processInvalid()
{
//No invalid processing required
}
protected function listPHPClassFiles($path, $recursive)
{
public function __construct($templateS, $formName = '', $viewerModuleName, $fieldData = array(), $invalidFields = array())
{
global $cfg;
$this->template = new Smarty();
$this->viewerModuleName = $viewerModuleName;
if (isset($cfg['smarty']['debug']) && $cfg['smarty']['debug'] == true) {
$this->template->clear_all_cache();
$this->template->caching = false;
$this->template->force_compile = true;
}
$this->template->compile_dir = $cfg['smarty']['compiledir'];
//$this->template->template_dir = $cfg['smarty']['tplRoot'];
$this->templateIDStack = $templateS;
$this->formName = $formName;
$this->fieldData = $fieldData;
$this->invalidFields = $invalidFields;
$this->templateFileName = MVCUtils::findTemplate(end($this->templateIDStack));
//echo "#" . $this->templateFileName . "#<br>";
if ($this->templateFileName === false) {
throw new LoggedException("The template with ID " . end($this->templateIDStack) . " could not be found", 0, self::module, 'error');
}
$this->setupTemplate();
}
protected function processInvalid()
{
//No invalid processing required
MVCUtils::redirect(MVCUtils::getTemplateID('dpsuseraudiomove.tpl'), array("audioID" => $this->fieldData['audioID'], "error" => "perm"));
}
<?php
/**
*
* @package FrontEnds
* @subpackage Auth
*/
include_once $cfg['DBAL']['dir']['root'] . '/Database.class.php';
include_once $cfg['MVC']['dir']['root'] . '/MVCUtils.class.php';
MVCUtils::includeValidator('ValidatorRule', 'MVC');
/**
* Check that a new username is unique
*
*
*/
class UniqueNewUsername extends ValidatorRule
{
public function isValid(&$data)
{
global $cfg;
$out = true;
$sql = 'SELECT COUNT(*) FROM users WHERE username = ?';
$db = Database::getInstance($cfg['Auth']['dsn']);
$count = $db->getOne($sql, array($data));
if ($count == 0) {
return true;
} else {
return "The username use chose is taken";
}
}
}
<?php
/**
* @package FrontEnds
* @subpackage MVC
*/
include_once $cfg['DBAL']['dir']['root'] . '/Database.class.php';
include_once $cfg['MVC']['dir']['root'] . '/MVCUtils.class.php';
MVCUtils::includeViewer('MVCViewer', 'MVC');
class TemplateListViewer extends MVCViewer
{
const module = 'MVCFrontEnd';
protected function setupTemplate()
{
parent::setupTemplate();
$this->assign('templateList', $this->makeList());
}
protected function makeList()
{
global $cfg;
$db = Database::getInstance($cfg['MVC']['dsn']);
$niceNames = array('ID');
$customFields = "";
if ($cfg['MVC']['templatefields'] > 0) {
//Flip array as we want field names, not nice names
//$fieldNames = array_flip($cfg['MVC']['templatefields']);
$fieldNames = $cfg['MVC']['templatefields'];
foreach ($fieldNames as $field => $niceName) {
$modFieldNames[] = 'templates.' . $field;
$niceNames[] = $niceName;
}
<?php
/**
* @package DPS
*/
include_once $cfg['DBAL']['dir']['root'] . '/Database.class.php';
include_once $cfg['MVC']['dir']['root'] . '/MVCUtils.class.php';
MVCUtils::includeModel('Model', 'tkfecommon');
/**
* Model for user management
*/
class DPSUserDeleteShowItemModel extends Model
{
const module = 'DPS';
protected function processValid()
{
global $cfg;
$db = Database::getInstance($cfg['DPS']['dsn']);
$itemID = pg_escape_string($this->fieldData['itemID']);
$sql = "SELECT showplanid FROM showitems WHERE id = {$itemID}";
$showID = $db->getOne($sql);
$sql = "SELECT * FROM showitems \n\t\t\tWHERE showplanid = {$showID} ORDER BY position ASC";
$showItems = $db->getAll($sql);
$delled = false;
foreach ($showItems as $item) {
if ($delled) {
$where = "showplanid = {$showID} and id = " . $item['id'];
$update['position'] = $item['position'] - 1;
$db->update('showitems', $update, $where, true);
}
if ($item['id'] == $itemID) {
<?php
/**
* @package DPS
*/
include_once $cfg['MVC']['dir']['root'] . '/MVCUtils.class.php';
MVCUtils::includeViewer('AuthViewer', 'Auth');
class DPSLogoutViewer extends AuthViewer
{
protected function setupTemplate()
{
parent::setupTemplate();
$auth = Auth::getInstance();
$auth->logout();
}
}
