/** * Create template link * * Will create a link to a template specified by either an 'id' or 'name' * parameter. Any parameters starting with '_' will be added to the query * string (without the _). This allows you to pass extra info in the * link. use parameter target to set the html target value */ public static function SMARTY_templateLink($params) { global $cfg; $text = $params['text']; if (isset($params['name'])) { $id = MVCUtils::getTemplateID($params['name']); } elseif (isset($params['id'])) { $id = $params['id']; } else { //$id = default template } if (isset($params['target'])) { $target = "target='" . $params['target'] . "'"; } else { $target = ''; } $extraQueryInfo = ""; foreach ($params as $k => $v) { if (substr($k, 0, 1) == '_') { $k = substr($k, 1); $extraQueryInfo .= "&{$k}={$v}"; } } $path = $cfg['general']['siteRoot'] . "?templateID={$id}" . $extraQueryInfo; return "<a href='{$path}' {$target}>{$text}</a>"; }
protected function setupTemplate() { global $cfg; parent::setupTemplate(); $loginTplID = MVCUtils::getTemplateID('login.tpl'); $this->assign('loginTplID', $loginTplID); }
public function SMARTY_getTemplateID($params) { if (isset($params['name'])) { return MVCUtils::getTemplateID($params['name']); } else { return ''; } }
protected function processInvalid() { //No invalid processing required if ($this->errors['form']) { MVCUtils::redirect(MVCUtils::getTemplateID('dpsuserdirmove.tpl'), array("rootdir" => $this->fieldData['dirID'], "error" => "form")); } else { MVCUtils::redirect(MVCUtils::getTemplateID('dpsuserdirmove.tpl'), array("rootdir" => $this->fieldData['dirID'], "error" => "perm")); } }
protected function processInvalid() { //No invalid processing required if ($this->errors['text']) { MVCUtils::redirect(MVCUtils::getTemplateID('dpssteditawitem.tpl'), array("awitemID" => $this->fieldData['awitemID'], "error" => "text")); } elseif ($this->errors['style']) { MVCUtils::redirect(MVCUtils::getTemplateID('dpssteditawitem.tpl'), array("awitemID" => $this->fieldData['awitemID'], "error" => "style")); } elseif ($this->errors['audioID']) { MVCUtils::redirect(MVCUtils::getTemplateID('dpssteditawitem.tpl'), array("awitemID" => $this->fieldData['awitemID'], "error" => "audioID")); } }
protected function processValid() { global $cfg; $auth = Auth::getInstance(); //If the fwtid (forward template id) variable is set, then set the //templateID to that requested as long as the user has permission BasicLogger::logMessage("Checking access to requested template", 'debug'); if (isset($this->fieldData['fwdtid']) && $this->fieldData['fwdtid'] != '' && AuthUtil::templateAccessAllowed($this->fieldData['fwdtid'], $auth->getUserID())) { BasicLogger::logMessage("Access granted, forwarding user to {$this->fieldData['fwdtid']}", 'debug'); MVCUtils::redirect($this->fieldData['fwdtid']); //If the fwtid (forward template id) variable is not set, then set the //templateID to that default as long as the user has permission } elseif (!(isset($this->fieldData['fwdtid']) && $this->fieldData['fwdtid'] == '') && AuthUtil::templateAccessAllowed(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']), $auth->getUserID())) { BasicLogger::logMessage("Access granted, forwarding user to {$cfg['smarty']['defaultTemplate']}", 'debug'); MVCUtils::redirect(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate'])); //If all the above fails, show the user permission denied } else { BasicLogger::logMessage("Access denied", 'debug'); MVCUtils::redirect(MVCUtils::getTemplateID($cfg['Auth']['permissionErrorTemplate'])); } /*//If the fwtid (forward template id) variable is set, then set the //templateID to that requested as long as the user is allowed access. if(isset($this->fieldData['fwdtid']) && $this->fieldData['fwdtid'] != '' && AuthUtil::templateAccessAllowed($this->fieldData['fwdtid'], $auth->getUserID())){ $this->templateID = $this->fieldData['fwdtid']; //If now fwtid has not been set, then forward to the default template //as long as the user is allowed access }elseif((!isset($this->fieldData['fwdtid']) || $this->fieldData['fwdtid'] == '') && AuthUtil::templateAccessAllowed(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']), $auth->getUserID())){ $this->templateID = MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']); }*/ }
/** * Initialise the Renderer object * * Will determine if the required request variables are present. * If not present an exception will be thrown and caught * * @var string */ public function __construct($templateID, $templateIDS, $fieldData = array(), $errors = array()) { global $cfg; try { $this->templateIDStack = $templateIDS; $this->templateIDStack[] = $templateID; $this->fieldData = $fieldData; $this->errors = $errors; if ($this->checkAuth()) { $db = Database::getInstance($cfg['MVC']['dsn']); $this->viewerModuleName = $db->getOne("SELECT modulename FROM templates WHERE templateid = ?", array(end($this->templateIDStack))); $newViewer = MVCUtils::initializeViewer($this->templateIDStack, null, $this->viewerModuleName, $this->fieldData, $this->errors); } else { $templateID = MVCUtils::getTemplateID($cfg['Auth']['rendererPermissionErrorTemplate']); array_pop($this->templateIDStack); $this->templateIDStack[] = $templateID; $newViewer = MVCUtils::initializeViewer($this->templateIDStack, null, 'tkfecommon', $this->fieldData, $this->errors); } $this->viewer = $newViewer; //If a problem occured then return a textual error } catch (Exception $e) { $this->viewer = new ExceptionViewer($e); } }
/** * Initialise the Page object * * Will determine if the required request variables are present. * If not present an exception will be thrown and caught * * @var string */ public function __construct() { list($usec, $sec) = explode(" ", microtime()); $startTime = (double) $usec + (double) $sec; global $cfg; try { ############## ## Include the Auth and AuthUtil classes # $modulePath = $cfg['general']['toolkitRoot'] . '/' . $cfg['Auth']['authClassModule']; $modulePath = $cfg['Auth']['dir']['root']; $moduleName = $cfg['Auth']['authClassModule']; // try to include Auth if (!(include_once "{$modulePath}/{$moduleName}.class.php")) { throw new Exception("It was not possible to include Auth.class.php. I tried to find it here: {$modulePath}/{$moduleName}.class.php"); } if (!class_exists("Auth")) { throw new Exception("The {$moduleName}.class.php ({$modulePath}/{$moduleName}.class.php) file was included but the Auth class could not be found"); } // try to include AuthUtil if (!(include_once "{$modulePath}/AuthUtil.class.php")) { throw new Exception("It was not possible to include AuthUtil.class.php. I tried to find it here: {$modulePath}/AuthUtil.class.php"); } if (!class_exists("AuthUtil")) { throw new Exception("The AuthUtil.class.php ({$modulePath}/AuthUtil.class.php) file was included but the AuthUtil class could not be found"); } $db = Database::getInstance($cfg['MVC']['dsn']); $errors = array(); //Load data from superglobals $this->loadFieldData(); //Redirect the user to the actual site (disabled when proxypassed) if ($cfg['general']['proxypass'] == 'f' && $_SERVER['HTTP_HOST'] != $cfg['general']['domain']) { $url = $cfg['general']['protocol'] . $cfg['general']['domain'] . $cfg['general']['siteRoot']; header("Location: {$url}"); exit; } //Load template ID if (isset($this->fieldData['templateID']) && $this->fieldData['templateID'] != '') { $this->templateID = $this->fieldData['templateID']; } elseif (isset($cfg['smarty']['defaultTemplate'])) { $this->templateID = MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']); } else { //Template ID is required. Therefore throw an exception throw new LoggedException('No template ID or default template specified', 0, self::module); } //Load form name if (isset($this->fieldData['formName'])) { $this->formName = $this->fieldData['formName']; } else { //formName is not required, so set to empty string //note that forms will be ignored if this is not passed $this->fieldData['formName'] = null; } //Load the module names $this->viewerModuleName = $db->getOne("SELECT modulename FROM templates WHERE templateid = ?", array($this->templateID)); if (isset($this->fieldData['moduleName']) && $this->fieldData['moduleName'] != '') { $this->modelModuleName = $this->fieldData['moduleName']; } else { $this->modelModuleName = 'MVC'; } ### Check that the user has permission to use the submitted form // get the realmid of the submitted form $sql = 'SELECT realmid FROM forms WHERE formname = ? AND modulename = ?'; $realmid = $db->getOne($sql, array($this->formName, $this->modelModuleName)); $auth = Auth::getInstance(); // If the realm id could not found then allow access // (this will cause 'Model' to be used - so no processing occurs) if (!$realmid) { //Access is allowed $modelAccess = true; } else { //Check if the user has access to the realm associated with the form if (!$auth->isLoggedIn()) { $auth->attemptLogin($cfg['Auth']['anonuser']); } else { $auth->attemptLogin(); } $path = AuthUtil::getRealmPath($realmid); if (!AuthUtil::getDetailedUserrealmAccess($path, $auth->getUserID())) { //If the user does not have permission, show an error $modelAccess = false; $errors = array('permission' => 'You do not have permission to use the submited form'); } else { //Set access flag to false $modelAccess = true; } } //If access to the requested form is allowed if ($modelAccess) { //If a form was submitted if (isset($this->formName) && !is_null($this->formName)) { //Then validate the form data //Store any errors in $errors $errors = $this->validate(); } } //If the user has access to the requested template if ($this->checkAuth()) { if ($modelAccess) { $newModel = MVCUtils::initializeModel(array($this->templateID), $this->formName, $this->modelModuleName, $this->viewerModuleName, $this->fieldData, $errors); } else { $this->templateID = MVCUtils::getPermErrorTemplateID(); $newModel = MVCUtils::initializeModel(array($this->templateID), null, 'MVC', 'Auth', $this->fieldData, $errors); } //If there are errors then these will be passed in the $errors array, //if there are no errors then $errors will simple be an empty array //If no form name was passed, $this->formName will be null } else { //The user is not authorised to access this area $auth = Auth::getInstance(); //Set the template ID to that of the permission error template $this->templateID = MVCUtils::getPermErrorTemplateID(); //Get the reason for failure and specify an error message $reason = $auth->getFailureReason(); if (count($errors) == 0) { if ($reason == 2) { $errors = array('permission' => 'Your session has been inactive for too long'); } elseif ($reason != 0) { $errors = array('permission' => 'Unfortunately, an error has occurred. Please attempt logging in again.'); } else { $errors = array('permission' => 'You do not have permission to view this page'); } } //Initialise the viewer for the permission error template if ($auth->getUserID() == $cfg['Auth']['anonuserID'] && $cfg['Auth']['anonuserredirect'] == 'y') { $permErrorTID = $cfg['Auth']['anonuserRedirectTemplateID']; $newModel = MVCUtils::initializeViewer(array($permErrorTID), null, 'tkfecommon', null, $errors); } else { $permErrorTID = MVCUtils::getTemplateID($cfg['Auth']['permissionErrorTemplate']); $newModel = MVCUtils::initializeViewer(array($permErrorTID), null, 'tkfecommon', null, $errors); } } //Print out the page echo $newModel->getCode(); } catch (Exception $e) { //If a problem occured then create an error page $ev = new ExceptionViewer($e); $ev->printTemplate(); exit; } //Show the execution time if set in config file if ($cfg['smarty']['showExecTime']) { list($usec, $sec) = explode(" ", microtime()); $endTime = (double) $usec + (double) $sec; $totalTime = round($endTime - $startTime, 3); $log = Database::getQueryLog(); echo "Total time to parse page: {$totalTime} seconds<br />\n"; echo "Total number of queries: " . Database::getTotalQueries(); echo "<br />Log: "; print_r($log); } }
protected function processValid() { global $cfg; $db = Database::getInstance($cfg['Auth']['dsn']); $auth = Auth::getInstance(); $userID = $auth->getUserID(); $userName = $auth->getUser(); $sql = "SELECT usersconfigs.val, usersconfigs.id \n\t\t\tFROM configs, usersconfigs \n\t\t\tWHERE configs.id = usersconfigs.configid \n\t\t\tAND configs.name = 'user_curlogin' \n\t\t\tAND usersconfigs.userid = " . $userID; $usercurlogin = $db->getRow($sql); $sql = "SELECT usersconfigs.val, usersconfigs.id\n\t\t\tFROM configs, usersconfigs \n\t\t\tWHERE configs.id = usersconfigs.configid\n\t\t\tAND configs.name = 'user_lastlogin'\n\t\t\tAND usersconfigs.userid = " . $userID; $userlastlogin = $db->getRow($sql); $sql = "SELECT id FROM dir \n\t\t\tWHERE parent = " . $cfg['DPS']['userDirectoryID'] . " \n\t\t\tAND name = '" . $userName . "'"; $dirID = $db->getOne($sql); if ($dirID == '') { $newdir['name'] = $userName; $newdir['parent'] = $cfg['DPS']['userDirectoryID']; $newdir['id'] = '#id#'; $newdir['notes'] = $userName . "'s home directory"; $newdir['inherit'] = 'f'; $dirID = $db->insert('dir', $newdir, true); $newperm['dirid'] = $dirID; $newperm['userid'] = $userID; $newperm['permissions'] = 'B' . $cfg['DPS']['fileRW'] . 'B'; $db->insert('dirusers', $newperm, false); //false for binary insert $sql_gperm['dirid'] = $dirID; $sql_gperm['permissions'] = 'B' . $cfg['DPS']['fileRWO'] . 'B'; $sql_gperm['groupid'] = $cfg['Auth']['AdminGroup']; $db->insert('dirgroups', $sql_gperm, false); } if (is_null($userlastlogin) && !is_null($usercurlogin)) { $awset = array(); $sql = "SELECT id FROM configs WHERE configs.name = 'user_lastlogin'"; $awset['configid'] = $db->getOne($sql); $awset['val'] = $usercurlogin['val']; $awset['userid'] = $userID; $db->insert('usersconfigs', $awset, true); } elseif (is_null($userlastlogin) && is_null($usercurlogin)) { $awset = array(); $sql = "SELECT id FROM configs WHERE configs.name = 'user_lastlogin'"; $awset['configid'] = $db->getOne($sql); $awset['val'] = time(); $awset['userid'] = $userID; $db->insert('usersconfigs', $awset, true); } elseif (!is_null($userlastlogin) && is_null($usercurlogin)) { $logint = array(); $logint['val'] = time(); $atWhere = "id = " . $userlastlogin['id']; $db->update('usersconfigs', $logint, $atWhere, true); } else { $logint = array(); $logint['val'] = $usercurlogin['val']; $atWhere = "id = " . $userlastlogin['id']; $db->update('usersconfigs', $logint, $atWhere, true); } if (is_null($usercurlogin)) { $awset = array(); $sql = "SELECT id FROM configs WHERE configs.name = 'user_curlogin'"; $awset['configid'] = $db->getOne($sql); $awset['val'] = time(); $awset['userid'] = $userID; $db->insert('usersconfigs', $awset, true); } else { $logint = array(); $logint['val'] = time(); $atWhere = "id = " . $usercurlogin['id']; $db->update('usersconfigs', $logint, $atWhere, true); } BasicLogger::logMessage("Checking access to requested template", 'debug'); if (isset($this->fieldData['fwdtid']) && $this->fieldData['fwdtid'] != '' && AuthUtil::templateAccessAllowed($this->fieldData['fwdtid'], $auth->getUserID())) { BasicLogger::logMessage("Access granted, forwarding user to {$this->fieldData['fwdtid']}", 'debug'); MVCUtils::redirect($this->fieldData['fwdtid']); //If the fwtid (forward template id) variable is not set, then set the //templateID to that default as long as the user has permission } elseif (!(isset($this->fieldData['fwdtid']) && $this->fieldData['fwdtid'] == '') && AuthUtil::templateAccessAllowed(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate']), $auth->getUserID())) { BasicLogger::logMessage("Access granted, forwarding user to {$cfg['smarty']['defaultTemplate']}", 'debug'); MVCUtils::redirect(MVCUtils::getTemplateID($cfg['smarty']['defaultTemplate'])); //If all the above fails, show the user permission denied } else { BasicLogger::logMessage("Access denied", 'debug'); MVCUtils::redirect(MVCUtils::getTemplateID($cfg['Auth']['permissionErrorTemplate'])); } }
public static function SMARTY_showRegion1($params = array(), $invalidFields = array(), $TIDS) { $Rend = new Renderer(MVCUtils::getTemplateID('editorForm.tpl'), $TIDS, $params, $invalidFields); return $Rend->getCode(); }
protected function processInvalid() { //No invalid processing required MVCUtils::redirect(MVCUtils::getTemplateID('dpsuseraudiomove.tpl'), array("audioID" => $this->fieldData['audioID'], "error" => "perm")); }