/**
* Create template link
*
* Will create a link to a template specified by either an 'id' or 'name'
* parameter. Any parameters starting with '_' will be added to the query
* string (without the _). This allows you to pass extra info in the
* link. use parameter target to set the html target value
*/
public static function SMARTY_templateLink($params)
{
global $cfg;
$text = $params['text'];
if (isset($params['name'])) {
$id = MVCUtils::getTemplateID($params['name']);
} elseif (isset($params['id'])) {
$id = $params['id'];
} else {
//$id = default template
}
if (isset($params['target'])) {
$target = "target='" . $params['target'] . "'";
} else {
$target = '';
}
$extraQueryInfo = "";
foreach ($params as $k => $v) {
if (substr($k, 0, 1) == '_') {
$k = substr($k, 1);
$extraQueryInfo .= "&{$k}={$v}";
}
}
$path = $cfg['general']['siteRoot'] . "?templateID={$id}" . $extraQueryInfo;
return "<a href='{$path}' {$target}>{$text}</a>";
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$loginTplID = MVCUtils::getTemplateID('login.tpl');
$this->assign('loginTplID', $loginTplID);
}
public function SMARTY_getTemplateID($params)
{
if (isset($params['name'])) {
return MVCUtils::getTemplateID($params['name']);
} else {
return '';
}
}
protected function processInvalid()
{
//No invalid processing required
if ($this->errors['form']) {
MVCUtils::redirect(MVCUtils::getTemplateID('dpsuserdirmove.tpl'), array("rootdir" => $this->fieldData['dirID'], "error" => "form"));
} else {
MVCUtils::redirect(MVCUtils::getTemplateID('dpsuserdirmove.tpl'), array("rootdir" => $this->fieldData['dirID'], "error" => "perm"));
}
}
protected function processInvalid()
{
//No invalid processing required
if ($this->errors['text']) {
MVCUtils::redirect(MVCUtils::getTemplateID('dpssteditawitem.tpl'), array("awitemID" => $this->fieldData['awitemID'], "error" => "text"));
} elseif ($this->errors['style']) {
MVCUtils::redirect(MVCUtils::getTemplateID('dpssteditawitem.tpl'), array("awitemID" => $this->fieldData['awitemID'], "error" => "style"));
} elseif ($this->errors['audioID']) {
MVCUtils::redirect(MVCUtils::getTemplateID('dpssteditawitem.tpl'), array("awitemID" => $this->fieldData['awitemID'], "error" => "audioID"));
}
}
protected function processValid()
{
global $cfg;
$auth = Auth::getInstance();
//If the fwtid (forward template id) variable is set, then set the
//templateID to that requested as long as the user has permission
BasicLogger::logMessage("Checking access to requested template", 'debug');
if (isset($this->fieldData['fwdtid']) && $this->fieldData['fwdtid'] != '' && AuthUtil::templateAccessAllowed($this->fieldData['fwdtid'], $auth->getUserID())) {
BasicLogger::logMessage("Access granted, forwarding user to {$this->fieldData['fwdtid']}", 'debug');
MVCUtils::redirect($this->fieldData['fwdtid']);
//If the fwtid (forward template id) variable is not set, then set the
//templateID to that default as long as the user has permission
} elseif (!(isset($this->fieldData['fwdtid']) && $this->fieldData['fwdtid'] == '') && AuthUtil::templateAccessAllowed(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']), $auth->getUserID())) {
BasicLogger::logMessage("Access granted, forwarding user to {$cfg['smarty']['defaultTemplate']}", 'debug');
MVCUtils::redirect(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']));
//If all the above fails, show the user permission denied
} else {
BasicLogger::logMessage("Access denied", 'debug');
MVCUtils::redirect(MVCUtils::getTemplateID($cfg['Auth']['permissionErrorTemplate']));
}
/*//If the fwtid (forward template id) variable is set, then set the
//templateID to that requested as long as the user is allowed access.
if(isset($this->fieldData['fwdtid']) &&
$this->fieldData['fwdtid'] != '' &&
AuthUtil::templateAccessAllowed($this->fieldData['fwdtid'], $auth->getUserID())){
$this->templateID = $this->fieldData['fwdtid'];
//If now fwtid has not been set, then forward to the default template
//as long as the user is allowed access
}elseif((!isset($this->fieldData['fwdtid']) ||
$this->fieldData['fwdtid'] == '') &&
AuthUtil::templateAccessAllowed(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']), $auth->getUserID())){
$this->templateID = MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']);
}*/
}
/**
* Initialise the Renderer object
*
* Will determine if the required request variables are present.
* If not present an exception will be thrown and caught
*
* @var string
*/
public function __construct($templateID, $templateIDS, $fieldData = array(), $errors = array())
{
global $cfg;
try {
$this->templateIDStack = $templateIDS;
$this->templateIDStack[] = $templateID;
$this->fieldData = $fieldData;
$this->errors = $errors;
if ($this->checkAuth()) {
$db = Database::getInstance($cfg['MVC']['dsn']);
$this->viewerModuleName = $db->getOne("SELECT modulename FROM templates WHERE templateid = ?", array(end($this->templateIDStack)));
$newViewer = MVCUtils::initializeViewer($this->templateIDStack, null, $this->viewerModuleName, $this->fieldData, $this->errors);
} else {
$templateID = MVCUtils::getTemplateID($cfg['Auth']['rendererPermissionErrorTemplate']);
array_pop($this->templateIDStack);
$this->templateIDStack[] = $templateID;
$newViewer = MVCUtils::initializeViewer($this->templateIDStack, null, 'tkfecommon', $this->fieldData, $this->errors);
}
$this->viewer = $newViewer;
//If a problem occured then return a textual error
} catch (Exception $e) {
$this->viewer = new ExceptionViewer($e);
}
}
/**
* Initialise the Page object
*
* Will determine if the required request variables are present.
* If not present an exception will be thrown and caught
*
* @var string
*/
public function __construct()
{
list($usec, $sec) = explode(" ", microtime());
$startTime = (double) $usec + (double) $sec;
global $cfg;
try {
##############
## Include the Auth and AuthUtil classes
# $modulePath = $cfg['general']['toolkitRoot'] . '/' . $cfg['Auth']['authClassModule'];
$modulePath = $cfg['Auth']['dir']['root'];
$moduleName = $cfg['Auth']['authClassModule'];
// try to include Auth
if (!(include_once "{$modulePath}/{$moduleName}.class.php")) {
throw new Exception("It was not possible to include Auth.class.php. I tried to find it here: {$modulePath}/{$moduleName}.class.php");
}
if (!class_exists("Auth")) {
throw new Exception("The {$moduleName}.class.php ({$modulePath}/{$moduleName}.class.php) file was included but the Auth class could not be found");
}
// try to include AuthUtil
if (!(include_once "{$modulePath}/AuthUtil.class.php")) {
throw new Exception("It was not possible to include AuthUtil.class.php. I tried to find it here: {$modulePath}/AuthUtil.class.php");
}
if (!class_exists("AuthUtil")) {
throw new Exception("The AuthUtil.class.php ({$modulePath}/AuthUtil.class.php) file was included but the AuthUtil class could not be found");
}
$db = Database::getInstance($cfg['MVC']['dsn']);
$errors = array();
//Load data from superglobals
$this->loadFieldData();
//Redirect the user to the actual site (disabled when proxypassed)
if ($cfg['general']['proxypass'] == 'f' && $_SERVER['HTTP_HOST'] != $cfg['general']['domain']) {
$url = $cfg['general']['protocol'] . $cfg['general']['domain'] . $cfg['general']['siteRoot'];
header("Location: {$url}");
exit;
}
//Load template ID
if (isset($this->fieldData['templateID']) && $this->fieldData['templateID'] != '') {
$this->templateID = $this->fieldData['templateID'];
} elseif (isset($cfg['smarty']['defaultTemplate'])) {
$this->templateID = MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']);
} else {
//Template ID is required. Therefore throw an exception
throw new LoggedException('No template ID or default template specified', 0, self::module);
}
//Load form name
if (isset($this->fieldData['formName'])) {
$this->formName = $this->fieldData['formName'];
} else {
//formName is not required, so set to empty string
//note that forms will be ignored if this is not passed
$this->fieldData['formName'] = null;
}
//Load the module names
$this->viewerModuleName = $db->getOne("SELECT modulename FROM templates WHERE templateid = ?", array($this->templateID));
if (isset($this->fieldData['moduleName']) && $this->fieldData['moduleName'] != '') {
$this->modelModuleName = $this->fieldData['moduleName'];
} else {
$this->modelModuleName = 'MVC';
}
### Check that the user has permission to use the submitted form
// get the realmid of the submitted form
$sql = 'SELECT realmid FROM forms WHERE formname = ? AND modulename = ?';
$realmid = $db->getOne($sql, array($this->formName, $this->modelModuleName));
$auth = Auth::getInstance();
// If the realm id could not found then allow access
// (this will cause 'Model' to be used - so no processing occurs)
if (!$realmid) {
//Access is allowed
$modelAccess = true;
} else {
//Check if the user has access to the realm associated with the form
if (!$auth->isLoggedIn()) {
$auth->attemptLogin($cfg['Auth']['anonuser']);
} else {
$auth->attemptLogin();
}
$path = AuthUtil::getRealmPath($realmid);
if (!AuthUtil::getDetailedUserrealmAccess($path, $auth->getUserID())) {
//If the user does not have permission, show an error
$modelAccess = false;
$errors = array('permission' => 'You do not have permission to use the submited form');
} else {
//Set access flag to false
$modelAccess = true;
}
}
//If access to the requested form is allowed
if ($modelAccess) {
//If a form was submitted
if (isset($this->formName) && !is_null($this->formName)) {
//Then validate the form data
//Store any errors in $errors
$errors = $this->validate();
}
}
//If the user has access to the requested template
if ($this->checkAuth()) {
if ($modelAccess) {
$newModel = MVCUtils::initializeModel(array($this->templateID), $this->formName, $this->modelModuleName, $this->viewerModuleName, $this->fieldData, $errors);
} else {
$this->templateID = MVCUtils::getPermErrorTemplateID();
$newModel = MVCUtils::initializeModel(array($this->templateID), null, 'MVC', 'Auth', $this->fieldData, $errors);
}
//If there are errors then these will be passed in the $errors array,
//if there are no errors then $errors will simple be an empty array
//If no form name was passed, $this->formName will be null
} else {
//The user is not authorised to access this area
$auth = Auth::getInstance();
//Set the template ID to that of the permission error template
$this->templateID = MVCUtils::getPermErrorTemplateID();
//Get the reason for failure and specify an error message
$reason = $auth->getFailureReason();
if (count($errors) == 0) {
if ($reason == 2) {
$errors = array('permission' => 'Your session has been inactive for too long');
} elseif ($reason != 0) {
$errors = array('permission' => 'Unfortunately, an error has occurred. Please attempt logging in again.');
} else {
$errors = array('permission' => 'You do not have permission to view this page');
}
}
//Initialise the viewer for the permission error template
if ($auth->getUserID() == $cfg['Auth']['anonuserID'] && $cfg['Auth']['anonuserredirect'] == 'y') {
$permErrorTID = $cfg['Auth']['anonuserRedirectTemplateID'];
$newModel = MVCUtils::initializeViewer(array($permErrorTID), null, 'tkfecommon', null, $errors);
} else {
$permErrorTID = MVCUtils::getTemplateID($cfg['Auth']['permissionErrorTemplate']);
$newModel = MVCUtils::initializeViewer(array($permErrorTID), null, 'tkfecommon', null, $errors);
}
}
//Print out the page
echo $newModel->getCode();
} catch (Exception $e) {
//If a problem occured then create an error page
$ev = new ExceptionViewer($e);
$ev->printTemplate();
exit;
}
//Show the execution time if set in config file
if ($cfg['smarty']['showExecTime']) {
list($usec, $sec) = explode(" ", microtime());
$endTime = (double) $usec + (double) $sec;
$totalTime = round($endTime - $startTime, 3);
$log = Database::getQueryLog();
echo "Total time to parse page: {$totalTime} seconds<br />\n";
echo "Total number of queries: " . Database::getTotalQueries();
echo "<br />Log: ";
print_r($log);
}
}
protected function processValid()
{
global $cfg;
$db = Database::getInstance($cfg['Auth']['dsn']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$userName = $auth->getUser();
$sql = "SELECT usersconfigs.val, usersconfigs.id \n\t\t\tFROM configs, usersconfigs \n\t\t\tWHERE configs.id = usersconfigs.configid \n\t\t\tAND configs.name = 'user_curlogin' \n\t\t\tAND usersconfigs.userid = " . $userID;
$usercurlogin = $db->getRow($sql);
$sql = "SELECT usersconfigs.val, usersconfigs.id\n\t\t\tFROM configs, usersconfigs \n\t\t\tWHERE configs.id = usersconfigs.configid\n\t\t\tAND configs.name = 'user_lastlogin'\n\t\t\tAND usersconfigs.userid = " . $userID;
$userlastlogin = $db->getRow($sql);
$sql = "SELECT id FROM dir \n\t\t\tWHERE parent = " . $cfg['DPS']['userDirectoryID'] . " \n\t\t\tAND name = '" . $userName . "'";
$dirID = $db->getOne($sql);
if ($dirID == '') {
$newdir['name'] = $userName;
$newdir['parent'] = $cfg['DPS']['userDirectoryID'];
$newdir['id'] = '#id#';
$newdir['notes'] = $userName . "'s home directory";
$newdir['inherit'] = 'f';
$dirID = $db->insert('dir', $newdir, true);
$newperm['dirid'] = $dirID;
$newperm['userid'] = $userID;
$newperm['permissions'] = 'B' . $cfg['DPS']['fileRW'] . 'B';
$db->insert('dirusers', $newperm, false);
//false for binary insert
$sql_gperm['dirid'] = $dirID;
$sql_gperm['permissions'] = 'B' . $cfg['DPS']['fileRWO'] . 'B';
$sql_gperm['groupid'] = $cfg['Auth']['AdminGroup'];
$db->insert('dirgroups', $sql_gperm, false);
}
if (is_null($userlastlogin) && !is_null($usercurlogin)) {
$awset = array();
$sql = "SELECT id FROM configs WHERE configs.name = 'user_lastlogin'";
$awset['configid'] = $db->getOne($sql);
$awset['val'] = $usercurlogin['val'];
$awset['userid'] = $userID;
$db->insert('usersconfigs', $awset, true);
} elseif (is_null($userlastlogin) && is_null($usercurlogin)) {
$awset = array();
$sql = "SELECT id FROM configs WHERE configs.name = 'user_lastlogin'";
$awset['configid'] = $db->getOne($sql);
$awset['val'] = time();
$awset['userid'] = $userID;
$db->insert('usersconfigs', $awset, true);
} elseif (!is_null($userlastlogin) && is_null($usercurlogin)) {
$logint = array();
$logint['val'] = time();
$atWhere = "id = " . $userlastlogin['id'];
$db->update('usersconfigs', $logint, $atWhere, true);
} else {
$logint = array();
$logint['val'] = $usercurlogin['val'];
$atWhere = "id = " . $userlastlogin['id'];
$db->update('usersconfigs', $logint, $atWhere, true);
}
if (is_null($usercurlogin)) {
$awset = array();
$sql = "SELECT id FROM configs WHERE configs.name = 'user_curlogin'";
$awset['configid'] = $db->getOne($sql);
$awset['val'] = time();
$awset['userid'] = $userID;
$db->insert('usersconfigs', $awset, true);
} else {
$logint = array();
$logint['val'] = time();
$atWhere = "id = " . $usercurlogin['id'];
$db->update('usersconfigs', $logint, $atWhere, true);
}
BasicLogger::logMessage("Checking access to requested template", 'debug');
if (isset($this->fieldData['fwdtid']) && $this->fieldData['fwdtid'] != '' && AuthUtil::templateAccessAllowed($this->fieldData['fwdtid'], $auth->getUserID())) {
BasicLogger::logMessage("Access granted, forwarding user to {$this->fieldData['fwdtid']}", 'debug');
MVCUtils::redirect($this->fieldData['fwdtid']);
//If the fwtid (forward template id) variable is not set, then set the
//templateID to that default as long as the user has permission
} elseif (!(isset($this->fieldData['fwdtid']) && $this->fieldData['fwdtid'] == '') && AuthUtil::templateAccessAllowed(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']), $auth->getUserID())) {
BasicLogger::logMessage("Access granted, forwarding user to {$cfg['smarty']['defaultTemplate']}", 'debug');
MVCUtils::redirect(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']));
//If all the above fails, show the user permission denied
} else {
BasicLogger::logMessage("Access denied", 'debug');
MVCUtils::redirect(MVCUtils::getTemplateID($cfg['Auth']['permissionErrorTemplate']));
}
}
public static function SMARTY_showRegion1($params = array(), $invalidFields = array(), $TIDS)
{
$Rend = new Renderer(MVCUtils::getTemplateID('editorForm.tpl'), $TIDS, $params, $invalidFields);
return $Rend->getCode();
}
protected function processInvalid()
{
//No invalid processing required
MVCUtils::redirect(MVCUtils::getTemplateID('dpsuseraudiomove.tpl'), array("audioID" => $this->fieldData['audioID'], "error" => "perm"));
}
