public function testTimeTrackGeneratesHashForUserAndPassword() { $tt = new TimeTrack(); $this->assertEquals("4db3cfdd7744b80286b34f7fb0188d33", $tt->generateHash("username", "password")); }
<?php include "functions_GRML.php"; include "TimeTrack.class.php"; session_start(); $timetrack = new TimeTrack(); TimeTrack::$migrationMode = true; $mobiledevice = detectMobileDevices(); $loggedin = false; $loggedin = $timetrack->login($_POST['u'], $_POST['p'], $_GET['h']); $hash = $timetrack->hash; if (!$loggedin) { unset($_SESSION['userhash']); header("Location: index.php?e=1"); exit; } if (isset($_POST['migrate'])) { $res = $timetrack->migrateFileToDir($hash); if ($res['error'] === false) { header("Location: show.php"); die; } } $filename = pathinfo(__FILE__, PATHINFO_FILENAME); include "views/{$filename}.phtml";
<?php include "functions_GRML.php"; include "TimeTrack.class.php"; // Comment session_start(); $timetrack = new TimeTrack(); $loggedin = false; $loggedin = $timetrack->login($_POST['u'], $_POST['p'], $_GET['h']); $hash = $timetrack->hash; if (!$loggedin) { unset($hash); unset($_SESSION['userhash']); } if (!$loggedin) { die('Not logged in'); } $logfileRaw = $_POST['logfileRaw']; $postHash = $_POST['hash']; $postIp = $_POST['ip']; $postTimestamp = $_POST['timestamp']; if (isset($logfileRaw, $postHash, $postIp, $postTimestamp)) { $matches = array(); if (preg_match("/^[-\\+#]\\[(\\d{4}-\\d{2}-\\d{2}\\w\\d{2}:\\d{2}:\\d{2})\\]\\s.*/", $logfileRaw, $matches)) { $curmonth = date("Ym", strtotime($matches[1])); } if ($postHash != $timetrack->hash || $postIp != $_SERVER['REMOTE_ADDR']) { $msg = "Something went wrong. Security Information did not match."; } else { if (time() - $postTimestamp < 5) { $msg = "Flash Gordon was here. Try to breathe in and out and give yourself more time to edit.";
<?php include "application/TTDropbox.php"; include "TimeTrack.class.php"; $timetrack = new TimeTrack(); $id = session_id(); if (empty($id)) { session_start(); } $loggedin = false; $u = isset($_POST['u']) ? $_POST['u'] : null; $p = isset($_POST['p']) ? $_POST['p'] : null; $h = isset($_GET['h']) ? $_GET['h'] : null; $loggedin = $timetrack->login($u, $p, $h); $hash = $timetrack->hash; if (!$loggedin) { unset($hash); unset($_SESSION['userhash']); } if (!$loggedin) { if ($hash != "") { unset($_SESSION['userhash']); header("Location: download.php?h=" . $hash); exit; } else { unset($_SESSION['userhash']); header("Location: index.php?e=1"); exit; } } $options = $timetrack->getOptions();
protected function display() { if (Tools::isConnectedUser()) { // only teamMembers & observers can access this page if (0 == $this->teamid || $this->session_user->isTeamCustomer($this->teamid)) { $this->smartyHelper->assign('accessDenied', TRUE); } else { $team = TeamCache::getInstance()->getTeam($this->teamid); // if first call to this page if (!array_key_exists('nextForm', $_POST)) { $activeMembers = $team->getActiveMembers(); if ($this->session_user->isTeamManager($this->teamid)) { $this->smartyHelper->assign('users', SmartyTools::getSmartyArray($activeMembers, $this->session_userid)); } else { // developper & manager can add timeTracks if (array_key_exists($this->session_userid, $activeMembers)) { $_POST['userid'] = $this->session_userid; $_POST['nextForm'] = "addHolidaysForm"; //$_POST['days'] = 'dayid'; } } } $nextForm = Tools::getSecurePOSTStringValue('nextForm', ''); if ($nextForm == "addHolidaysForm") { $userid = Tools::getSecurePOSTIntValue('userid', $this->session_userid); $managed_user = UserCache::getInstance()->getUser($userid); // dates $startdate = Tools::getSecurePOSTStringValue('startdate', date("Y-m-d")); $enddate = Tools::getSecurePOSTStringValue('enddate', ''); $defaultBugid = Tools::getSecurePOSTIntValue('bugid', 0); $action = Tools::getSecurePOSTStringValue('action', ''); $duration = Tools::getSecurePOSTNumberValue('duree', 0); if ("addHolidays" == $action) { // TODO add tracks ! $job = Tools::getSecurePOSTStringValue('job'); $duration = Tools::getSecurePOSTNumberValue('duree'); $holydays = Holidays::getInstance(); $keyvalue = Tools::getSecurePOSTStringValue('checkedDays'); $checkedDaysList = Tools::doubleExplode(':', ',', $keyvalue); $startTimestamp = Tools::date2timestamp($startdate); $endTimestamp = Tools::date2timestamp($enddate); // save to DB $weekday = date('l', strtotime($startdate)); $timestamp = $startTimestamp; while ($timestamp <= $endTimestamp) { // check if not a fixed holiday if (!$holydays->isHoliday($timestamp)) { // check existing timetracks on $timestamp and adjust duration $availabletime = $managed_user->getAvailableTime($timestamp); // not imput more than possible if ($duration >= $availabletime) { $imput = $availabletime; } else { $imput = $duration; } // check if weekday checkbox is checked if (1 == $checkedDaysList[$weekday]) { if ($duration > 0) { if (self::$logger->isDebugEnabled()) { self::$logger->debug(date("Y-m-d", $timestamp) . " duration {$imput} job {$job}"); } TimeTrack::create($managed_user->getId(), $defaultBugid, $job, $timestamp, $imput, $this->session_userid); } } } $timestamp = strtotime("+1 day", $timestamp); $weekday = date('l', strtotime(date("Y-m-d", $timestamp))); } // We redirect to holidays report, so the user can verify his holidays header('Location:holidays_report.php'); } $this->smartyHelper->assign('startDate', $startdate); $this->smartyHelper->assign('endDate', $enddate); if ($this->session_userid != $managed_user->getId()) { $this->smartyHelper->assign('otherrealname', $managed_user->getRealname()); } // Get Team SideTasks Project List $projList = $team->getProjects(true, false); foreach ($projList as $pid => $pname) { // we want only SideTasks projects try { if (!$team->isSideTasksProject($pid)) { unset($projList[$pid]); } } catch (Exception $e) { self::$logger->error("project {$pid}: " . $e->getMessage()); } } $extproj_id = Config::getInstance()->getValue(Config::id_externalTasksProject); $extProj = ProjectCache::getInstance()->getProject($extproj_id); $projList[$extproj_id] = $extProj->getName(); $defaultProjectid = Tools::getSecurePOSTIntValue('projectid', 0); if ($defaultBugid != 0 && $action == 'setBugId') { // find ProjectId to update categories $issue = IssueCache::getInstance()->getIssue($defaultBugid); $defaultProjectid = $issue->getProjectId(); } $this->smartyHelper->assign('projects', SmartyTools::getSmartyArray($projList, $defaultProjectid)); $this->smartyHelper->assign('issues', $this->getIssues($defaultProjectid, $projList, $extproj_id, $defaultBugid)); $this->smartyHelper->assign('jobs', $this->getJobs($defaultProjectid, $projList)); $this->smartyHelper->assign('duration', SmartyTools::getSmartyArray(TimeTrackingTools::getDurationList($team->getId()), $duration)); $this->smartyHelper->assign('userid', $managed_user->getId()); } } } }
<html lang="de"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>TimeTrack Jahreskalender</title> <meta name="author" content=""> <link href="static/css/calendar.css" media="screen" rel="stylesheet" type="text/css"> <link rel="shortcut icon" href="static/img/favicon.ico" /> <link rel="icon" href="static/img/favicon.ico" type="image/ico" /> </head> <body> <?php // Comment session_start(); include "TimeTrack.class.php"; $timetrack = new TimeTrack(); setlocale(LC_ALL, "de_DE"); $loggedin = false; $loggedin = $timetrack->login($_POST['u'], $_POST['p'], $_GET['h']); $hash = $timetrack->hash; if (!$loggedin) { unset($hash); unset($_SESSION['userhash']); } if (!$loggedin) { die('Not logged in'); } $year = date("Y"); if (isset($_GET['y']) && is_numeric($_GET['y']) && strlen($_GET['y']) == 4) { $year = $_GET['y']; }
/** * Sets the TimeTracking * * @param array $timeTracking * @return void */ public function setTimeTracking($timeTracking) { foreach ($timeTracking as $id => $track) { if ($track instanceof TimeTrack) { $this->addTimeTrack($track); } else { $track['id'] = $id + 1; $this->addTimeTrack(TimeTrack::_create($track)); } } }
<?php include "functions_GRML.php"; include "TimeTrack.class.php"; session_start(); $timetrack = new TimeTrack(); $mobiledevice = detectMobileDevices(); $curdate = $_REQUEST['date']; if (!isset($curdate)) { die('Wrong parameter!'); } $loggedin = false; $loggedin = $timetrack->login($_POST['u'], $_POST['p'], $_GET['h']); $hash = $timetrack->hash; if (!$loggedin) { unset($hash); unset($_SESSION['userhash']); } if (!$loggedin) { if ($hash != "") { unset($_SESSION['userhash']); header("Location: download.php?h=" . $hash); exit; } else { unset($_SESSION['userhash']); header("Location: index.php?e=1"); exit; } } $forward = false; $formsend = $_POST['submit'];
<?php require_once "TimeTrack.class.php"; $tt = new TimeTrack(); function getTimes($tt) { $tt->parseData(); $ld = $tt->getLastDay(); //print_r($ld); echo (isset($ld['diff']) ? $ld['diff'] : 0) . "\n"; echo (isset($ld['monthdiff']) ? $ld['monthdiff'] : 0) . "\n"; echo (isset($ld['laststateIn']) ? (int) $ld['laststateIn'] : 0) . "\n"; echo (isset($ld['start']) ? $ld['start'] : 0) . "\n"; echo (isset($ld['pause']) ? $ld['pause'] : 0) . "\n"; } error_reporting(E_ALL); ini_set("display_errors", 1); $action = isset($_GET['a']) ? $_GET['a'] : ''; $hash = isset($_GET['h']) ? $_GET['h'] : ''; if (!$tt->login(null, null, $hash)) { die('INVALID LOGIN'); } $curmonth = date("Ym"); if (isset($_GET['m'])) { $curmonth = $_GET['m']; } $tt->setMonth($curmonth); if ($action == "times") { getTimes($tt); } if ($action == "login") {
<?php session_start(); include "../TimeTrack.class.php"; $timetrack = new TimeTrack(); $loggedin = $timetrack->login($_POST['u'], $_POST['p'], $_GET['h']); $hash = $timetrack->hash; if (!$loggedin) { unset($hash); unset($_SESSION['userhash']); } include 'index.phtml';
/** * Initialize complex static variables * @static */ public static function staticInit() { self::$logger = Logger::getLogger(__CLASS__); }
protected function display() { if (Tools::isConnectedUser()) { // only teamMembers can access this page if (0 == $this->teamid || $this->session_user->isTeamCustomer($this->teamid) || $this->session_user->isTeamObserver($this->teamid) || !$this->session_user->isTeamMember($this->teamid)) { $this->smartyHelper->assign('accessDenied', TRUE); } else { $team = TeamCache::getInstance()->getTeam($this->teamid); $teamMembers = $team->getActiveMembers(NULL, NULL, TRUE); $managed_userid = Tools::getSecurePOSTIntValue('userid', $this->session_userid); if ($this->session_user->isTeamManager($this->teamid)) { // session_user is Manager, let him choose the teamMember he wants to manage $this->smartyHelper->assign('users', $teamMembers); $this->smartyHelper->assign('selectedUser', $managed_userid); $this->smartyHelper->assign("isManager", true); } // display AddTrack Page $year = Tools::getSecurePOSTIntValue('year', date('Y')); $managed_user = UserCache::getInstance()->getUser($managed_userid); // Need to be Manager to handle other users if ($managed_userid != $this->session_userid) { if (!$this->session_user->isTeamManager($this->teamid) || !array_key_exists($managed_userid, $teamMembers)) { self::$logger->error(' SECURITY ALERT changeManagedUser: session_user ' . $this->session_userid . " is not allowed to manage user {$managed_userid}"); Tools::sendForbiddenAccess(); } } // developper & manager can add timeTracks $mTeamList = $managed_user->getDevTeamList(); $managedTeamList = $managed_user->getManagedTeamList(); $teamList = $mTeamList + $managedTeamList; $action = Tools::getSecurePOSTStringValue('action', ''); $weekid = Tools::getSecurePOSTIntValue('weekid', date('W')); $defaultDate = Tools::getSecurePOSTStringValue('date', date("Y-m-d", time())); $defaultBugid = Tools::getSecurePOSTIntValue('bugid', 0); $defaultProjectid = Tools::getSecurePOSTIntValue('projectid', 0); $job = Tools::getSecurePOSTIntValue('job', 0); $duration = Tools::getSecurePOSTNumberValue('duree', 0); if ("addTrack" == $action) { self::$logger->debug("addTrack: called from form1"); // TODO merge addTrack & addTimetrack actions ! // called by form1 when no backlog has to be set. // updateBacklogDialogBox must not raise up, // track must be added, backlog & status must NOT be updated $timestamp = Tools::date2timestamp($defaultDate); $defaultBugid = Tools::getSecurePOSTIntValue('bugid'); $job = Tools::getSecurePOSTStringValue('job'); $duration = Tools::getSecurePOSTNumberValue('duree'); // dialogBox is not called, then track must be saved to DB $trackid = TimeTrack::create($managed_userid, $defaultBugid, $job, $timestamp, $duration, $this->session_userid); if (self::$logger->isDebugEnabled()) { self::$logger->debug("Track {$trackid} added : userid={$managed_userid} bugid={$defaultBugid} job={$job} duration={$duration} timestamp={$timestamp}"); } // Don't show job and duration after add track $job = 0; $duration = 0; $defaultProjectid = Tools::getSecurePOSTIntValue('projectid'); } elseif ("addTimetrack" == $action) { // updateBacklogDialogbox with 'addTimetrack' action // add track AND update backlog & status & handlerId // TODO merge addTrack & addTimetrack actions ! self::$logger->debug("addTimetrack: called from the updateBacklogDialogBox"); // add timetrack (all values mandatory) $defaultDate = Tools::getSecurePOSTStringValue('trackDate'); $defaultBugid = Tools::getSecurePOSTIntValue('bugid'); $job = Tools::getSecurePOSTIntValue('trackJobid'); $duration = Tools::getSecurePOSTNumberValue('timeToAdd'); $handlerId = Tools::getSecurePOSTNumberValue('handlerid'); // check jobid (bug happens sometime... if (0 == $job) { $this->smartyHelper->assign('error', T_("Timetrack not added: Job has not specified.")); self::$logger->error("Add track : FAILED. issue={$defaultBugid}, jobid={$job}, duration={$duration} date={$defaultDate}"); } // check bug_id (this happens when user uses the 'back' button of the browser ?) if (0 == $defaultBugid) { self::$logger->error("Add track : FAILED. issue=0, jobid={$job}, duration={$duration} date={$defaultDate}"); } else { $timestamp = 0 !== $defaultDate ? Tools::date2timestamp($defaultDate) : 0; $trackid = TimeTrack::create($managed_userid, $defaultBugid, $job, $timestamp, $duration, $this->session_userid); if (self::$logger->isDebugEnabled()) { self::$logger->debug("Track {$trackid} added : userid={$managed_userid} bugid={$defaultBugid} job={$job} duration={$duration} timestamp={$timestamp}"); } $issue = IssueCache::getInstance()->getIssue($defaultBugid); // setBacklog $formattedBacklog = Tools::getSecurePOSTNumberValue('backlog'); $issue->setBacklog($formattedBacklog); // setStatus $newStatus = Tools::getSecurePOSTIntValue('statusid'); $issue->setStatus($newStatus); // set handlerId if ($handlerId != $issue->getHandlerId()) { // TODO security check (userid exists/valid ?) $issue->setHandler($handlerId); } $defaultProjectid = $issue->getProjectId(); } // Don't show job and duration after add track $job = 0; $duration = 0; } elseif ("deleteTrack" == $action) { $trackid = Tools::getSecurePOSTIntValue('trackid'); $timeTrack = TimeTrackCache::getInstance()->getTimeTrack($trackid); $defaultBugid = $timeTrack->getIssueId(); $duration = $timeTrack->getDuration(); $job = $timeTrack->getJobId(); $defaultDate = date("Y-m-d", $timeTrack->getDate()); // delete track if (!$timeTrack->remove()) { $this->smartyHelper->assign('error', T_("Failed to delete the timetrack !")); self::$logger->error("Delete track {$trackid} : FAILED."); } if (0 == $defaultBugid) { self::$logger->error("Delete track : bug_id=0"); $defaultProjectid = 0; } else { try { // pre-set form fields $issue = IssueCache::getInstance()->getIssue($defaultBugid); $defaultProjectid = $issue->getProjectId(); // if project not defined for current team, do not pre-set form fields. if (!in_array($defaultProjectid, array_keys($team->getProjects()))) { $defaultProjectid = 0; $defaultBugid = 0; } } catch (Exception $e) { $defaultProjectid = 0; $defaultBugid = 0; } } } elseif ("setBugId" == $action) { // pre-set form fields // find ProjectId to update categories $defaultBugid = Tools::getSecurePOSTIntValue('bugid'); $issue = IssueCache::getInstance()->getIssue($defaultBugid); $defaultProjectid = $issue->getProjectId(); } elseif ("setFiltersAction" == $action) { $isFilter_onlyAssignedTo = isset($_POST["cb_onlyAssignedTo"]) ? '1' : '0'; $isFilter_hideResolved = isset($_POST["cb_hideResolved"]) ? '1' : '0'; $managed_user->setTimetrackingFilter('onlyAssignedTo', $isFilter_onlyAssignedTo); $managed_user->setTimetrackingFilter('hideResolved', $isFilter_hideResolved); if ($defaultBugid != 0) { $issue = IssueCache::getInstance()->getIssue($defaultBugid); $defaultProjectid = $issue->getProjectId(); } } // Display user name $this->smartyHelper->assign('managedUser_realname', $managed_user->getRealname()); $this->smartyHelper->assign('userid', $managed_userid); // display Track Form $this->smartyHelper->assign('date', $defaultDate); // All projects except disabled $projList = $team->getProjects(true, false); $this->smartyHelper->assign('projects', SmartyTools::getSmartyArray($projList, $defaultProjectid)); $this->smartyHelper->assign('defaultProjectid', $defaultProjectid); $this->smartyHelper->assign('defaultBugid', $defaultBugid); $this->smartyHelper->assign('weekid', $weekid); $this->smartyHelper->assign('year', $year); $isOnlyAssignedTo = '0' == $managed_user->getTimetrackingFilter('onlyAssignedTo') ? false : true; $this->smartyHelper->assign('isOnlyAssignedTo', $isOnlyAssignedTo); $isHideResolved = '0' == $managed_user->getTimetrackingFilter('hideResolved') ? false : true; $this->smartyHelper->assign('isHideResolved', $isHideResolved); $availableIssues = TimeTrackingTools::getIssues($this->teamid, $defaultProjectid, $isOnlyAssignedTo, $managed_user->getId(), $projList, $isHideResolved, $defaultBugid); $this->smartyHelper->assign('issues', $availableIssues); $this->smartyHelper->assign('jobs', SmartyTools::getSmartyArray(TimeTrackingTools::getJobs($defaultProjectid, $this->teamid), $job)); $this->smartyHelper->assign('duration', SmartyTools::getSmartyArray(TimeTrackingTools::getDurationList($this->teamid), $duration)); $this->smartyHelper->assign('weeks', SmartyTools::getWeeks($weekid, $year)); $this->smartyHelper->assign('years', SmartyTools::getYears($year, 1)); $weekDates = Tools::week_dates($weekid, $year); $startTimestamp = $weekDates[1]; $endTimestamp = mktime(23, 59, 59, date("m", $weekDates[7]), date("d", $weekDates[7]), date("Y", $weekDates[7])); $timeTracking = new TimeTracking($startTimestamp, $endTimestamp, $this->teamid); $incompleteDays = array_keys($timeTracking->checkCompleteDays($managed_userid, TRUE)); $missingDays = $timeTracking->checkMissingDays($managed_userid); $errorDays = array_merge($incompleteDays, $missingDays); $smartyWeekDates = TimeTrackingTools::getSmartyWeekDates($weekDates, $errorDays); // UTF8 problems in smarty, date encoding needs to be done in PHP $this->smartyHelper->assign('weekDates', array($smartyWeekDates[1], $smartyWeekDates[2], $smartyWeekDates[3], $smartyWeekDates[4], $smartyWeekDates[5])); $this->smartyHelper->assign('weekEndDates', array($smartyWeekDates[6], $smartyWeekDates[7])); $weekTasks = TimeTrackingTools::getWeekTask($weekDates, $this->teamid, $managed_userid, $timeTracking, $errorDays); $this->smartyHelper->assign('weekTasks', $weekTasks["weekTasks"]); $this->smartyHelper->assign('dayTotalElapsed', $weekTasks["totalElapsed"]); $timeTrackingTuples = $this->getTimetrackingTuples($managed_userid, $timeTracking); $this->smartyHelper->assign('weekTimetrackingTuples', $timeTrackingTuples['current']); $this->smartyHelper->assign('timetrackingTuples', $timeTrackingTuples['future']); // ConsistencyCheck $consistencyErrors = $this->getConsistencyErrors($managed_userid, $this->teamid); if (count($consistencyErrors) > 0) { $this->smartyHelper->assign('ccheckErrList', $consistencyErrors); $this->smartyHelper->assign('ccheckButtonTitle', count($consistencyErrors) . ' ' . T_("Errors")); $this->smartyHelper->assign('ccheckBoxTitle', count($consistencyErrors) . ' ' . T_("days are incomplete or undefined")); } $this->smartyHelper->assign('isForbidAddTimetracksOnClosed', 1 == $team->getGeneralPreference('forbidAddTimetracksOnClosed') ? true : false); } } }
#!/usr/bin/php <?php if (php_sapi_name() !== "cli") { die("This script is for command line use only"); } include "../TimeTrack.class.php"; $dir = dirname(dirname(__FILE__)); $files = glob($dir . '/logs/*/options.ini'); $core = new TimeTrack(); $core->setMonth(date("Ym")); foreach ($files as $optionFileName) { $options = json_decode(file_get_contents($optionFileName)); $hash = basename(dirname($optionFileName)); if (isset($options->notifications)) { writeLog("'{$hash}': Found notification"); if (!isset($options->notifications->when) || !isset($options->notifications->what) || !isset($options->notifications->how)) { writeLog("'{$hash}': Notification settings are incomplete. Skipping."); continue; } if (!isset($options->notifications->enabled) || $options->notifications->enabled == false) { writeLog("'{$hash}': Notification is disabled. Skipping."); continue; } $core->login(null, null, $hash); $core->parseData(); $lastdayData = $core->getLastDay(); if (date('Y-m-d') != $lastdayData['date']) { writeLog('Last day is not today, skipping'); continue; } $compareDate = $core->getNormalDayEnd();