public function __construct($aRequestPath)
 {
     if (!Session::user() || !Session::user()->getIsAdmin()) {
         die(TranslationPeer::getString('wns.page.not_found'));
     }
     parent::__construct($aRequestPath);
 }
Example #2
0
 /**
  * Determines whether a user is authenticated
  * by checking keys if they are valid.
  *
  * @return mixed
  **/
 public function guard()
 {
     if (!isset($_SESSION['user'])) {
         return Route::redirect(route('login'));
     } else {
         if (!Token::verify(Session::user()->remember_token)) {
             return $this->restartSession();
         }
     }
     return true;
 }
 protected function initFilterValues()
 {
     $tag = "FilterSessionDrafter: initFilterValues()";
     Log::debug("{$tag}");
     // convenience pointers
     $filters = $this->filters;
     $filterKeys = array_keys($filters);
     // session data
     $sessionFilters = Session::user("_conduit_filters");
     if (!empty($sessionFilters) || is_array($sessionFilters)) {
         foreach ($filterKeys as $keyPath) {
             Log::debug("{$tag}: Checking for filter: {$keyPath}");
             if (array_key_exists("{$keyPath}", $sessionFilters)) {
                 $sessionFilter = $sessionFilters["{$keyPath}"];
                 $sessionFilterKey = $sessionFilter->getKey();
                 $sessionFilterType = $sessionFilter->type;
                 $sessionFilterValues = $sessionFilter->value;
                 // array
                 if (empty($sessionFilterValues)) {
                     $sessionFilterValues = array();
                 }
                 // search Sessions filters for a filter value matching this filter's keyPath and type
                 switch ($sessionFilterType) {
                     case "like":
                     case "equals":
                     case "min":
                     case "max":
                         if (array_key_exists($sessionFilterType, $sessionFilterValues)) {
                             $value = $sessionFilterValues["{$sessionFilterType}"];
                             $filters["{$keyPath}"]->value["{$sessionFilterType}"] = $value;
                         }
                         break;
                     case "range":
                         if (array_key_exists("min", $sessionFilterValues)) {
                             $value = $sessionFilterValues["min"];
                             $filters["{$keyPath}"]->value["min"] = $value;
                         }
                         if (array_key_exists("max", $sessionFilterValues)) {
                             $value = $sessionFilterValues["max"];
                             $filters["{$keyPath}"]->value["max"] = $value;
                         }
                         break;
                 }
             }
             // END: if(array_key_exists("$keyPath", $sessionFilters))
         }
         // END: foreach($filterKeys as $keyPath)
         $this->filters = $filters;
     }
     // END: if( (!empty($sessionFilters)) || (is_array($sessionFilters)) )
 }
Example #4
0
 /**
  * Make the cache depend on the currently logged in user.
  * @param User|int $iUser the user this cache content depends on.
  * Note: It might not be very efficient to cache user-dependent content on systems with a high number of distinct users
  */
 public function dependOnUser($iUser = false)
 {
     if ($iUser === false) {
         $iUser = Session::user(false);
     }
     if ($iUser instanceof User) {
         $iUser = $iUser->getId();
     }
     if ($iUser === null) {
         $this->aVars['user'] = null;
     } else {
         $this->aVars['user'] = (int) $iUser;
     }
     return $this;
 }
 public static function getOffset()
 {
     $tag = "BPTimezone::getOffset()";
     $session_timezone = Session::user("_TIMEZONE");
     // Overrides Session::user("_TIMEZONE_OFFSET")
     $session_timezone_offset = Session::user("_TIMEZONE_OFFSET");
     $config_timezone = isset(BPConfig::$timezone) ? BPConfig::$timezone : "";
     // Overrides $timezone_offset
     $config_timezone_offset = isset(BPConfig::$timezone_offset) ? BPConfig::$timezone_offset : 0;
     $default_timezone = date_default_timezone_get();
     if (!empty($session_timezone)) {
         $offset = BPTimezone::getOffsetForTimezone($session_timezone);
         Log::debug("{$tag}: Returning offset from Session::user(_TIMEZONE): {$offset}");
         return $offset;
     } else {
         if (!empty($session_timezone_offset)) {
             Log::debug("{$tag}: Returning offset from Session::user(_TIMEZONE_OFFSET) {$session_timezone_offset}");
             return $session_timezone_offset;
         } else {
             if (!empty($config_timezone)) {
                 $offset = BPTimezone::getOffsetForTimezone($config_timezone);
                 Log::debug("{$tag}: Returning offset from BPConfig::timezone: {$offset}");
                 return $offset;
             } else {
                 if (!empty($config_timezone_offset)) {
                     Log::debug("{$tag}: Returning offset from BPConfig::timezone_offset {$config_timezone_offset}");
                     return $config_timezone_offset;
                 } else {
                     if (!empty($default_timezone)) {
                         $offset = BPTimezone::getOffsetForTimezone($default_timezone);
                         Log::debug("{$tag}: Returning offset from default timezone: {$offset}");
                         return $offset;
                     } else {
                         Log::debug("{$tag}: Returning offset for UTC:" . BPTimezone::UTC);
                         return BPTimezone::UTC;
                     }
                 }
             }
         }
     }
 }
 /** getSenderEmails()
  *
  * description: following sender options
  * • sender_email_addresses email/name
  * • current user email / fullname
  * • fallback domain_holder email or old array notation sender_email_addresses
  *
  * @return array of key email and value name [email if name is not set]
  */
 public function getSenderEmails()
 {
     $aConfig = Settings::getSetting('newsletter', 'sender_email_addresses', array());
     if (!is_array($aConfig)) {
         $aConfig = array(LinkUtil::getDomainHolderEmail('newsletter'));
     }
     $aResult = array();
     foreach ($aConfig as $mIndex => $mConfig) {
         // Numeric key are indexes of old email lists
         if (is_numeric($mIndex)) {
             $aResult[$mConfig] = $mConfig;
         } else {
             $aResult[$mIndex] = $mConfig;
         }
     }
     $oUser = Session::user();
     if ($oUser) {
         $aResult[$oUser->getEmail()] = $oUser->getFullName();
     }
     return $aResult;
 }
    echo "Trying set(\"started\")...<br>";
    Session::user("started", time());
} catch (Exception $e) {
    echo "Caught Exception: " . $e->getMessage() . "<br>";
}
echo "<h2>GLOBAL_LEVEL</h2>";
echo "Setting \"login\"...<br>";
Session::user("login", "dragon");
echo "Login = " . Session::user("login") . "<br>";
echo "Incrementing \"counter\"...<br>";
if ($counter = Session::user("counter")) {
    Session::user("counter", $counter + 1);
} else {
    Session::user("counter", 1);
}
$counter = Session::user("counter");
echo "Counter = {$counter}<br>";
echo "<h2>PAGE_LEVEL</h2>";
$script_name = $_SERVER["SCRIPT_NAME"];
echo "script_name = {$script_name}<br>";
echo "Setting \"orderBy\" array<br>";
$orderBy = array("status", "lname", "fname");
Session::page("orderBy", $orderBy);
if ($orderBy = Session::page("orderBy")) {
    echo "OrderBy: ";
    print_r($orderBy);
    echo "<br>";
} else {
    echo "Not found.<br>";
}
echo "<h2>DIRECTORY_LEVEL</h2>";
	protected function initFilterValues()
	{
		$tag = "FilterDrafter: initFilterValues()";
		Log::debug("$tag");
		
		// convenience pointers
		$filters = $this->filters;
		$filterKeys = array_keys($filters);
		
		// session data
		$sessionFilters = Session::user("_CONDUIT_FILTERS");
		
		if( (!empty($sessionFilters)) || (is_array($sessionFilters)) )
		{	
			foreach($filterKeys as $keyPath)
			{
				Log::debug("$tag: Checking for filter: $keyPath");
				
				if(array_key_exists("$keyPath", $sessionFilters))
				{
					Log::debug("$tag: Found filter for: $keyPath");
					
					$sessionFilter = $sessionFilters["$keyPath"];
					$sessionFilterKey = $sessionFilter->getKey();
					$sessionFilterType = $sessionFilter->type;
					$sessionFilterValues = $sessionFilter->value; // array
					if( (empty($sessionFilterValues)) ) { $sessionFilterValues = array(); }
					
					// search Sessions filters for a filter value matching this filter's keyPath and type
					switch($sessionFilterType)
					{
						case "like":
						case "equals":
						case "min":
						case "max":
							if(array_key_exists($sessionFilterType, $sessionFilterValues))
							{
								$value = $sessionFilterValues["$sessionFilterType"];
								$filters["$keyPath"]->value["$sessionFilterType"] = $value;
							}
							break;
						case "range":
							if(array_key_exists("min", $sessionFilterValues))
							{
								$value = $sessionFilterValues["min"];
								$filters["$keyPath"]->value["min"] = $value;
							}
							if(array_key_exists("max", $sessionFilterValues))
							{
								$value = $sessionFilterValues["max"];
								$filters["$keyPath"]->value["max"] = $value;
							}
							break;
					}
				} // END: if(array_key_exists("$keyPath", $sessionFilters))
			} // END: foreach($filterKeys as $keyPath)
			
			$this->filters = $filters;
			
		} // END: if( (!empty($sessionFilters)) || (is_array($sessionFilters)) )
		else
		{
			Log::warning("$tag: No filters in this users session");
		}
	}
Example #9
0
if (!Session::userLoggedIn()) {
    header("Location: login.php");
    exit;
}
$token = Session::token();
if (isset($_GET['course'])) {
    //show the admin page for instructors
    //if the user does not have permission to see the admin page for the course then redirect them to the home page
    $course = $_GET['course'];
    $retrievedCourse = Database::getCoursebyID($course);
    if (!isset($retrievedCourse['id'])) {
        $message = urlencode("The course provided is not valid.");
        header("Location: error.php?error={$message}");
        exit;
    }
    $user = Database::getUserId(Session::user());
    $account = Database::getAccount($user, $course);
    if ($account === NULL || $account->canPromote() !== TRUE) {
        $message = urlencode("You do not have permission to add uploaders for this course.");
        header("Location: error.php?error={$message}");
        exit;
    }
    $token = Session::token();
    ?>
<!doctype html>
<html>
	<head>
    <meta charset="utf-8">
    <title>Arizona Notes</title>
	  
	<link rel="stylesheet" type="text/css" href="css/main.css">
 $filterKeys = array_keys($filters);
 Log::debug(count($filters) . " returned from FilterPostDrafter");
 /*
 // Update filters saved in users session
 */
 $sessionFilters = Session::user("_CONDUIT_FILTERS");
 if (empty($sessionFilters) || !is_array($sessionFilters)) {
     Log::warning("* Create a new set of session filters");
     $sessionFilters = array();
 }
 foreach ($filterKeys as $keyPath) {
     Log::debug("* Saving filter: {$keyPath}");
     $sessionFilters["{$keyPath}"] = $filters["{$keyPath}"];
 }
 // save changes to Session
 Session::user("_CONDUIT_FILTERS", $sessionFilters);
 /*
 // Render a new filter to include in response
 */
 // ? Guardian: test for META access
 try {
     $xmlRendering = DraftingDesk::renderFilter("FilterXMLDrafter", $entitySignature, $filterSignature, $params);
     $responseNode->appendChild($dom->createElement("status", "success"));
     $responseNode->appendChild($dom->createELement("message", "Updated filters for {$entitySignature}"));
     $xmlRenderingDom = new DomDocument();
     $xmlRenderingDom->loadXML($xmlRendering);
     $bpXmlDraftRenderingNode = $xmlRenderingDom->getElementsByTagName("bpXmlDraftRendering")->item(0);
     $importNode = $dom->importNode($bpXmlDraftRenderingNode, true);
     $xmlNode = $dom->createElement("xml");
     $responseNode->appendChild($xmlNode);
     $xmlNode->appendChild($importNode);
<?php

require_once "ClassLoader.php";
Log::notice("START: /blueprints/session.php");
Login::requireLogin("blueprints", "/blueprints/login.php");
$meta_title = "Blueprints :: Session Sniffer";
$meta_description = "Blueprints";
$meta_keywords = "blueprints";
$action = @$_GET["action"];
if ($action == "restart") {
    Session::restart();
}
$nav = array("session");
$content = array();
$content[] = array("type" => "html", "data" => "<h1>Session Sniffer</h1>");
$session_id = Session::user("session_id");
$html = "\n\t<a class='textButton' href='?action=refresh'>Refresh</a> <a class='textButton' href='?action=restart'>Restart</a>\n\t<h2>SessionID: {$session_id}</h2>\n";
$html .= depthFirstArrayPrint($_SESSION);
$content[] = array("type" => "html", "data" => "{$html}");
$template = "blue";
include "template.inc";
Log::notice("END: /blueprints/session.php" . "\n");
?>

<?
function depthFirstArrayPrint($var, &$buff="")
{
	if(is_array($var))
	{
		$buff .= "<ul>";
		foreach($var as $key=>$value)
     // force single entityId into an array
     $array = array($entityId);
     // update pointer
     $entityId = $array;
 }
 try {
     $bp = BlueprintReader::read($entitySignature);
     $dao = new EntityDAO($bp);
     $failures = 0;
     foreach ($entityId as $id) {
         $xmlDelete = $xmlAttempts->addChild("delete");
         $xmlDelete->addAttribute("signature", $entitySignature);
         $xmlDelete->addAttribute("id", $id);
         try {
             // Make sure the user has permission to perform this action
             if (BPConfig::$guardian_enable !== true || Guardian::authorize(Session::user(BPConfig::$guardian_identity_session_key), "DELETE", $bp->getKey(), $id)) {
                 $dao->delete($id);
                 $xmlDelete->addChild("status", "success");
                 $xmlDelete->addChild("message", "Entity was deleted successfully.");
                 $xmlDelete->addChild("html", "Deleted " . $entitySignature . " with ID#" . $id);
             } else {
                 Log::warning("* Guardian denied access to delete " . $bp->getKey() . " with ID {$id}");
                 $failures++;
                 $xmlDelete->addChild("message", "Access denied.");
                 $xmlDelete->addChild("html", "Access to delete " . $entitySignature . " with ID#" . $id . " was denied.");
             }
         } catch (Exception $e) {
             Log::error("* Caught Exception: " . $e->getMessage());
             $failures++;
             $xmlDelete->addChild("status", "error");
             $xmlDelete->addChild("message", "Caught Exception: " . htmlentities($e->getMessage()));
     $destination = "/";
 }
 // Debug
 Log::debug("* domain = {$domain}");
 Log::debug("* destination = {$destination}");
 if (Login::loggedIn($domain)) {
     // Retrieve 'login' from users Login Session
     $login = Login::who($domain);
     // Retrieve member data
     $memberBP = BlueprintReader::read("Member.entity.xml");
     $memberDAO = new EntityDAO($memberBP);
     $matches = $memberDAO->findWhere("login", $login);
     if (count($matches) > 0) {
         $member = $matches[0];
         // Add data to the users session
         Session::user("member_id", $member->getId());
         // Required by Guardian
         // Forward user
         Log::debug("* REDIRECTING TO: {$destination}\n");
         header("location: {$destination}");
         exit;
     } else {
         // Should never happen, since users password was just checked
         Log::error("* Member with login '{$login}' was not found.");
         $content->addHtml("<strong>Login Error</strong><br/>");
         $content->addHtml("Message: Member with login '{$login}' was not found.");
         $content->addFile("login.frm");
     }
 } else {
     Log::warning("* Can't 'init' invalid login session.");
 }
Example #14
0
     exit;
 } else {
     if (isset($_POST['note']) && isset($_POST['token'])) {
         if (!Session::verifyToken($_POST['token'])) {
             $message = urlencode("The token provided does not match.");
             header("Location: error.php?error={$message}");
             exit;
         }
         //attempts to remove the note with the id provided in $_GET['note']
         $note = Database::getNotesByID($_POST['note']);
         if (!isset($note['id'])) {
             $message = urlencode("The file you want to remove does not exist.");
             header("Location: error.php?error={$message}");
             exit;
         }
         $myAcc = Database::getAccount(Database::getUserId(Session::user()), $note['courseID']);
         //if the current user does not have an account with file delete permissions then redirect and exit
         if ($myAcc === NULL || !$myAcc->canDelete()) {
             $message = urlencode("You do not have permission to remove files for this course.");
             header("Location: error.php?error={$message}");
             exit;
         }
         if (!Database::removeNoteFile($note['id'])) {
             $message = urlencode("The file could not be deleted.");
             header("Location: error.php?error={$message}");
             exit;
         }
         Database::removeNoteWithID($note['id']);
         header("Location: admin.php?course={$note['courseID']}");
         exit;
     } else {
echo $css;
?>
<script src="<?php 
echo $require;
?>
" type="text/javascript"></script>
<script type="text/javascript">
    require.config(<?php 
echo \Format::forge()->to_json($config, \Fuel::$env !== \Fuel::PRODUCTION);
?>
);
</script>
<script type="text/javascript">
    require(['jquery-nos'], function($) {
        $.nosLang = '<?php 
$user = \Session::user();
$locale = !empty($user) ? $user->user_lang : \Input::get('lang', \Config::get('novius-os.default_locale', 'en_GB'));
echo $locale;
?>
';
        $.nosLangPluralRule = <?php 
echo \Format::forge(\Nos\I18n::pluralRule($locale))->to_json();
?>
;
        $.nosTexts = $.extend($.nosTexts, {
            chooseMediaFile : <?php 
echo \Format::forge(__('Select a media file'))->to_json();
?>
,
            chooseMediaImage : <?php 
echo \Format::forge(__('Pick an image'))->to_json();
 private function renderAddComment(JournalEntry $oEntry = null)
 {
     if ($oEntry === null) {
         $oEntry = $this->oEntry;
     }
     if (!$oEntry->commentsEnabled()) {
         return null;
     }
     //Disabled comments at this point means moderated
     $oLeaveCommentTemplate = $this->constructTemplate(!$oEntry->getJournal()->getEnableComments() ? 'leave_comment_moderated' : 'leave_comment');
     // Display catcha if enabled and user is not authenticated
     if ($oEntry->getJournal()->getUseCaptcha() && !Session::getSession()->isAuthenticated()) {
         $oLeaveCommentTemplate->replaceIdentifier('captcha', FormFrontendModule::getRecaptchaCode('journal_comment'));
     } elseif (!Manager::isPost()) {
         if ($oUser = Session::user()) {
             $_REQUEST['comment_name'] = $oUser->getFullName();
             $_REQUEST['comment_email'] = $oUser->getEmail();
         }
     }
     $oLeaveCommentTemplate->replaceIdentifier('is_authenticated', Session::getSession()->isAuthenticated() ? true : null);
     $oLeaveCommentTemplate->replaceIdentifier('comment_action', LinkUtil::link($oEntry->getLink($this->oPage, 'add_comment')));
     return $oLeaveCommentTemplate;
 }
Example #17
0
             } else {
                 Log::warning("* Guardian denied access to update " . $entityBP->getKey() . " with ID {$entityId}");
                 $responseNode->appendChild($dom->createElement("status", "error"));
                 $responseNode->appendChild($dom->createElement("message", "Access Denied"));
             }
         } catch (Exception $e) {
             $responseNode->appendChild($dom->createElement("status", "error"));
             $responseNode->appendChild($dom->createElement("message", "Caught Exception : " . $e->getMessage()));
         }
     } else {
         /*
         // Insert a new Entity
         */
         try {
             // Make sure the user has permission to perform this action
             if (BPConfig::$guardian_enable !== true || Guardian::authorize(Session::user(BPConfig::$guardian_identity_session_key), "INSERT", $entityBP->getKey(), null)) {
                 $insertId = $dao->insert($entity);
                 $entity->setId($insertId);
                 $responseNode->appendChild($dom->createElement("status", "success"));
                 $responseNode->appendChild($dom->createElement("message", "Inserted {$entitySignature} ({$insertId})"));
             } else {
                 Log::warning("* Guardian denied access to insert new " . $entityBP->getKey());
                 $responseNode->appendChild($dom->createElement("status", "error"));
                 $responseNode->appendChild($dom->createElement("message", "Access Denied"));
             }
         } catch (Exception $e) {
             $responseNode->appendChild($dom->createElement("status", "error"));
             $responseNode->appendChild($dom->createElement("message", "Caught Exception : " . $e->getMessage()));
         }
     }
 } else {
 $sql->doQuery();
 echo "Selected Access with id {$access_id}<br/>";
 $row = $sql->get_next_row();
 $modified = $row->modified;
 $time = $row->time;
 echo "modified = {$modified}<br/>";
 echo "time = {$time}<br/>";
 echo "<br/>";
 unset($row);
 unset($sql);
 unset($accessQuery);
 echo "<strong>Using session supplied timezone (-07:00)</strong><br/><br/>";
 Session::user("_TIMEZONE_OFFSET", "-07:00");
 unset($accessDAO);
 $accessDAO = new EntityDAO($accessBP);
 $session_timezone_offset = Session::user("_TIMEZONE_OFFSET");
 // Load updated Access
 $access = $accessDAO->load($access_id);
 echo "Loaded updated Access with description '" . $access->get("description") . "'<br/>";
 echo "modified = " . $access->getModified() . "<br/>";
 echo "time = " . $access->get("time") . "<br/>";
 echo "<br/>";
 // Update the Access
 $access->set("time", date("Y-m-d H:i:s"));
 $access->set("description", "Updated Timezone (Session Based) Test");
 $accessDAO->update($access);
 echo "Updated Access with id {$access_id}<br/>";
 echo "<br/>";
 unset($access);
 // Load updated Access
 $access = $accessDAO->load($access_id);
Example #19
0
 /**
  * Controller Index
  * @return view
  **/
 public function index()
 {
     $name = Session::user()->firstname;
     return print "Welcome {$name}! , <a href='/logout'>Logout</a>";
 }
Example #20
0
 public static function login($userID)
 {
     $user = new User($userID);
     self::$user = $user->apiData(API_SELF, $userID);
 }
	protected function initEntityQuery()
	{
		$tag = "ListDrafter: initEntityQuery()";
		Log::debug("$tag");
		
		// convenience pointeres
		$entityBP = $this->entityBlueprint;
		$listBP = $this->listBlueprint;
		
		/*
		// Build an entity query
		*/
	  $query = new EntityQuery($this->entityBlueprint);
		
		// where
		$where = "";
		if(array_key_exists("where", $this->params))
		{
			$query->where($this->params["where"]);
		}
		
		// process filters
		$sessionFilters = Session::user("_CONDUIT_FILTERS");
		if( (!empty($sessionFilters)) && (is_array($sessionFilters)) && (count($sessionFilters)>0) )
		{
			$filterKeys = array_keys($sessionFilters);
			
			foreach($filterKeys as $keyPath)
			{
				Log::debug("$tag: Considering filter: $keyPath");
				
				$filter = $sessionFilters["$keyPath"];
				$fieldKey = $filter->getKey();
				$blueprintKey = $filter->getBlueprintKey();
				
				// should this filter be applied to our list?
				$applyFilter = false;
				
				// does this filter apply to our entity?
				if($blueprintKey == $entityBP->getKey())
				{
					if($listBP)
					{
						if($listBP->keyExists($fieldKey))
						{
							$applyFilter = true;
						}
					}
					else if($entityBP->keyExists($fieldKey))
					{
						$applyFilter = true;
					}
				}
				
				if( ($applyFilter) && ($filter->hasValue()) )
				{
					Log::debug("$tag: Applying filter: $keyPath");
					
					switch($filter->dataType)
					{
						case "string":
						case "text":
						case "enum":
							switch($filter->type)
							{
								case "like":
									$like = $filter->value["like"];
									$query->where("$keyPath LIKE '%$like%'");
									break;
								case "equals":
									$equals = $filter->value["equals"];
									$query->where("$keyPath='$equals'");
									break;
							}
							break;
						case "int":
							switch($filter->type)
							{
								case "equals":
									$equals = $filter->value["equals"];
									$query->where("$keyPath=$equals");
									break;
								case "min":
									$min = $filter->value["min"];
									$query->where("$keyPath>=$min");
									break;
								case "max":
									$max = $filter->value["max"];
									$query->where("$keyPath<=$max");
									break;
								case "range":
									$min = $filter->value["min"];
									$max = $filter->value["max"];
									if( (!empty($min) || $min==0) && (!empty($max) || $max==0) )
										$query->where("( ($keyPath>=$min) AND ($keyPath<=$max) )");
									else if( (!empty($min) || $min==0) )
										$query->where("$keyPath>=$min");
									else
										$query->where("$keyPath<=$max");
									break;
							}
							break;
						case "decimal":
						case "date":
						case "datetime":
							switch($filter->type)
							{
								case "equals":
									$equals = $filter->value["equals"];
									$query->where("$keyPath='$equals'");
									break;
								case "min":
									$min = $filter->value["min"];
									$query->where("$keyPath>='$min'");
									break;
								case "max":
									$max = $filter->value["max"];
									$query->where("$keyPath<='$max'");
									break;
								case "range":
									$min = $filter->value["min"];
									$max = $filter->value["max"];
									if( !empty($min) && !empty($max) )
										$query->where("( ($keyPath>='$min') AND ($keyPath<='$max') )");
									else if( !empty($min) )
										$query->where("$keyPath>='$min'");
									else 
										$query->where("$keyPath<='$max'");
									break;
							}
							break;
					} // END: switch($filter->dataType)
					
				} // END: if($applyFilter)
				
			} // END: foreach($filterKeys as $keyPath)
			
		} // END: if( (!empty($sessionFilters)) && (is_array($sessionFilters)) && (count($sessionFilters)>0) )
		
		// ORDER BY
		if(array_key_exists("order", $this->params))
		{
			$order = $this->params["order"];
			
			if(is_array($order))
			{
				foreach($order as $o)
				{
					$query->order($o);
				}
			}
			else
			{
				$query->order($order);
			}
		}
		
		// LIMIT (PAGING)
		if(array_key_exists("page", $this->params))
		{
			// Init page number
			$page = 1;
			if( (is_int($this->params["page"])) && ($this->params["page"]>=1) ) $page = $this->params["page"];

			// Init page limit
			$page_limit = 20; // default
			if( (array_key_exists("page_limit", $this->params)) && (is_int((int) $this->params["page_limit"])) && ($this->params["page_limit"]>=1) ) $page_limit = $this->params["page_limit"];
			else $this->params["page_limit"] = $page_limit; // init default for use by javascript
			
			// Calculate OFFSET (First row offset=0)
			$page_offset = ($page-1) * $page_limit;
			
			// Count the total number of rows that this query will produce (without LIMITs)
			$countQuery = clone $query;
			$countQuery->select("COUNT(*) AS count", true);
			$sql = new DatabaseQuery($countQuery->toString());
			
			try
			{
				$sql->doQuery();
				$row = $sql->get_next_row();
				$count = $row->count;
				Log::debug("$tag: COUNT = $count");
				// Save "count" to params (for use by javascript)
				$this->params["count"] = (int) $count;
			}
			catch(Exception $e)
			{
				Log::error("$tag: Caught: " . $e->getMessage());
			}
			
			// Add LIMIT clause to query
			$query->limit("$page_offset, $page_limit");
		}
		
		$this->entityQuery = $query;
	}
     // Add entityId to $params ?necessary?
     $params["entityId"] = $entityId;
 }
 // ? Only test Guardian auth() if entityId is defined
 // ? Or, add a new META accessType to <AccessGroup>
 // ... test for META access when entityId is not defined
 // Make sure the user has permission to access this resource
 $flag_guardian_access_approved = false;
 list($bpKey) = explode(".", $entitySignature);
 if (BPConfig::$guardian_enable === false) {
     $flag_guardian_access_approved = true;
 } else {
     if (empty($entityId) && Guardian::authorize(Session::user(BPConfig::$guardian_identity_session_key), "META", $bpKey, null)) {
         $flag_guardian_access_approved = true;
     } else {
         if (Guardian::authorize(Session::user(BPConfig::$guardian_identity_session_key), "SELECT", $bpKey, $entityId)) {
             $flag_guardian_access_approved = true;
         } else {
             // No access to this resource
         }
     }
 }
 if ($flag_guardian_access_approved) {
     switch ($view) {
         case "xml":
             // Render XML
             $xmlRendering = DraftingDesk::renderForm("FormXMLDrafter", $entitySignature, $formSignature, $params);
             // Prepare response
             $xml->addChild("status", "success");
             $xml->addChild("message", "Successfully rendered a form as xml");
             $xml->addChild("xml", $xmlRendering);
Example #23
0
 private static function get_user($id)
 {
     self::$user = User::read(['*'], $id);
 }
 public static function who($domain = "unnamed")
 {
     $tag = "Login::who()";
     Log::debug("{$tag}: <{$domain}>");
     // get existing login sessions
     $loginSessions = Session::user("_LOGIN");
     if (empty($loginSessions) || !is_array($loginSessions)) {
         return false;
     } else {
         if (!array_key_exists($domain, $loginSessions)) {
             return false;
         } else {
             if ($loginSessions["{$domain}"]["status"] != self::$LOGGED_IN) {
                 return false;
             } else {
                 return $loginSessions["{$domain}"]["login"];
             }
         }
     }
 }
Example #25
0
<?php

if (Session::exists("user_id")) {
    Session::$user = UserData::getById(Session::get("user_id"));
    Session::$profile = ProfileData::getByUserId(Session::get("user_id"));
}
?>
<html>
<head>
<title>SMILE :) | Red Social de Proposito General</title>
<link rel="stylesheet" type="text/css" href="res/bootstrap/css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" href="res/messages.css">
<script src="res/jquery.min.js"></script>
<link rel="stylesheet" type="text/css" href="res/font-awesome/css/font-awesome.min.css">

</head>

<body>
<header class="navbar navbar-default navbar-static-top" role="banner">
  <div class="container">
    <div class="navbar-header">
      <button class="navbar-toggle" type="button" data-toggle="collapse" data-target=".bs-navbar-collapse">
        <span class="sr-only">Toggle navigation</span>
        <span class="icon-bar"></span>
        <span class="icon-bar"></span>
        <span class="icon-bar"></span>
      </button>
      <a class="navbar-brand" href="./"><i class="fa fa-smile-o"></i> SMILE</a>
    </div>
    <nav class="collapse navbar-collapse bs-navbar-collapse" role="navigation">
      <ul class="nav navbar-nav">
 public function saveData($aUserData)
 {
     if ($this->iUserId === null) {
         $oUser = new User();
     } else {
         $oUser = UserQuery::create()->findPk($this->iUserId);
     }
     $this->validate($aUserData, $oUser);
     if (!Flash::noErrors()) {
         throw new ValidationException();
     }
     $oUser->setUsername($aUserData['username']);
     $oUser->setFirstName($aUserData['first_name']);
     $oUser->setLastName($aUserData['last_name']);
     $oUser->setEmail($aUserData['email']);
     $oUser->setLanguageId($aUserData['language_id']);
     $oUser->setTimezone($aUserData['timezone']);
     //Password
     if ($aUserData['force_password_reset']) {
         $oUser->forcePasswordReset();
     } else {
         if ($aUserData['password'] !== '') {
             $oUser->setPassword($aUserData['password']);
             $oUser->setPasswordRecoverHint(null);
         }
     }
     //This also means the user’s an admin (or has the role “users”) because non-admins can only edit themselves
     if (!$oUser->isSessionUser()) {
         //Only admins may give or take admin rights, having the role “users” does not suffice
         if (Session::user()->getIsAdmin()) {
             $oUser->setIsAdmin($aUserData['is_admin']);
         }
         //Admin & inactive flags
         $oUser->setIsBackendLoginEnabled($oUser->getIsAdmin() || $aUserData['is_admin_login_enabled'] || $aUserData['is_backend_login_enabled']);
         $oUser->setIsAdminLoginEnabled($oUser->getIsAdmin() || $aUserData['is_admin_login_enabled']);
         $oUser->setIsInactive($aUserData['is_inactive']);
         //Groups
         foreach ($oUser->getUserGroupsRelatedByUserId() as $oUserGroup) {
             $oUserGroup->delete();
         }
         $aRequestedGroups = isset($aUserData['group_ids']) ? $aUserData['group_ids'] : array();
         foreach ($aRequestedGroups as $iGroupId) {
             if ($iGroupId === false) {
                 continue;
             }
             $oUserGroup = new UserGroup();
             $oUserGroup->setGroupId($iGroupId);
             $oUser->addUserGroupRelatedByUserId($oUserGroup);
         }
         //Roles
         foreach ($oUser->getUserRolesRelatedByUserId() as $oUserRole) {
             $oUserRole->delete();
         }
         $aRequestedRoles = isset($aUserData['role_keys']) ? !is_array($aUserData['role_keys']) ? array($aUserData['role_keys']) : $aUserData['role_keys'] : array();
         foreach ($aRequestedRoles as $sRoleKey) {
             if ($sRoleKey === false) {
                 continue;
             }
             $oUserRole = new UserRole();
             $oUserRole->setRoleKey($sRoleKey);
             $oUser->addUserRoleRelatedByUserId($oUserRole);
         }
     } else {
         //Set the new session language for the currently logged-in user
         Session::getSession()->setLanguage($oUser->getLanguageId());
     }
     return $oUser->save();
 }