PHP User::IsAdmin Examples

PHP User::IsAdmin - 19 examples found. These are the top rated real world PHP examples of User::IsAdmin extracted from open source projects. You can rate examples to help us improve the quality of examples.
Example #1
0
 function testUser()
 {
     $this->startCodeCoverage();
     $user = new User();
     $user->Id = "non_numeric";
     if (!($user->SetPassword("blah") === false)) {
         $this->fail("User::SetPassword didn't return false for non-numeric user id");
         return 1;
     }
     if (!($user->IsAdmin() === false)) {
         $this->fail("User::IsAdmin didn't return false for non-numeric user id");
         return 1;
     }
     $user->Id = "";
     $user->Email = "";
     if (!($user->GetName() === false)) {
         $this->fail("User::GetName didn't return false when given no user id");
         return 1;
     }
     if (!($user->IsAdmin() === false)) {
         $this->fail("User::Exists didn't return false for no user id and no email");
         return 1;
     }
     $user->Email = "simpletest@localhost";
     if ($user->Exists() === false) {
         $this->fail("User::Exists returned false even though user exists");
         return 1;
     }
     $id = $user->GetIdFromEmail("simpletest@localhost");
     if ($id === false) {
         $this->fail("User::GetIdFromEmail returned false for a valid user");
         return 1;
     }
     $user->Id = $id;
     $user->Admin = "1";
     $user->FirstName = "administrator";
     $user->Institution = "Kitware Inc.";
     if ($user->Exists() != true) {
         $this->fail("User::Exists failed given a valid user id");
         return 1;
     }
     $user->Password = md5("simpletest");
     // Coverage for update save
     $user->Save();
     // Coverage for SetPassword
     $user->SetPassword(md5("simpletest"));
     $this->stopCodeCoverage();
     return 0;
 }
Example #2
0
 public function testUser()
 {
     $this->startCodeCoverage();
     $user = new User();
     $user->Id = 'non_numeric';
     if (!($user->SetPassword('blah') === false)) {
         $this->fail("User::SetPassword didn't return false for non-numeric user id");
         return 1;
     }
     if (!($user->IsAdmin() === false)) {
         $this->fail("User::IsAdmin didn't return false for non-numeric user id");
         return 1;
     }
     $user->Id = '';
     $user->Email = '';
     if (!($user->GetName() === false)) {
         $this->fail("User::GetName didn't return false when given no user id");
         return 1;
     }
     if (!($user->IsAdmin() === false)) {
         $this->fail("User::Exists didn't return false for no user id and no email");
         return 1;
     }
     $user->Email = 'simpletest@localhost';
     if ($user->Exists() === false) {
         $this->fail('User::Exists returned false even though user exists');
         return 1;
     }
     $id = $user->GetIdFromEmail('simpletest@localhost');
     if ($id === false) {
         $this->fail('User::GetIdFromEmail returned false for a valid user');
         return 1;
     }
     $user->Id = $id;
     $user->Admin = '1';
     $user->FirstName = 'administrator';
     $user->Institution = 'Kitware Inc.';
     if ($user->Exists() != true) {
         $this->fail('User::Exists failed given a valid user id');
         return 1;
     }
     $user->Password = md5('simpletest');
     // Coverage for update save
     $user->Save();
     // Coverage for SetPassword
     $user->SetPassword(md5('simpletest'));
     $this->stopCodeCoverage();
     return 0;
 }
Example #3
0
 /**
  * Get the list of Chronicles visible to the specified user for the specified group.
  * @param int $groupId
  * @param User $user
  * @return Query The results Query
  */
 public function getVisibleForGroup($groupId, $user)
 {
     $chronicles = $this->findByGroupId((int) $groupId);
     if (!$user->IsAdmin()) {
         $chronicles->where(['OR' => [['published' => true], ['created_by' => (int) $user->id]]]);
     }
     return $chronicles;
 }
Example #4
0
    if (pdo_num_rows($project) > 0) {
        $project_array = pdo_fetch_array($project);
        $projectname = $project_array["name"];
    }
    $Project->Id = $projectid;
    $role = $Project->GetUserRole($userid);
} else {
    $projectname = 'Global';
}
$xml = begin_XML_for_XSLT();
$xml .= "<title>Feed - " . $projectname . "</title>";
$xml .= get_cdash_dashboard_xml(get_project_name($projectid), $date);
$sql = '';
if ($date) {
    $sql = "AND date>'" . $date . "'";
}
// Get the errors
$query = pdo_query("SELECT * FROM feed WHERE projectid=" . qnum($projectid) . " ORDER BY id DESC");
while ($query_array = pdo_fetch_array($query)) {
    $xml .= "<feeditem>";
    $xml .= add_XML_value("date", $query_array["date"]);
    $xml .= add_XML_value("buildid", $query_array["buildid"]);
    $xml .= add_XML_value("type", $query_array["type"]);
    $xml .= add_XML_value("description", $query_array["description"]);
    $xml .= "</feeditem>";
}
$xml .= add_XML_value("admin", $User->IsAdmin());
$xml .= add_XML_value("role", $role);
$xml .= "</cdash>";
// Now doing the xslt transition
generate_XSLT($xml, "viewFeed");
Example #5
0
function valid_user(&$response, $Project = null)
{
    // Make sure we have a logged in user.
    global $session_OK;
    if (!$session_OK) {
        $response['requirelogin'] = 1;
        http_response_code(401);
        return false;
    }
    if (!isset($_SESSION['cdash']) || !isset($_SESSION['cdash']['loginid'])) {
        $response['requirelogin'] = 1;
        http_response_code(401);
        return false;
    }
    global $userid;
    $userid = $_SESSION['cdash']['loginid'];
    if (!isset($userid) || !is_numeric($userid)) {
        $response['requirelogin'] = 1;
        http_response_code(401);
        return false;
    }
    // Make sure this user has the necessary permissions.
    $User = new User();
    $User->Id = $userid;
    if (is_null($Project) && !(isset($_SESSION['cdash']['user_can_create_project']) && $_SESSION['cdash']['user_can_create_project'] == 1) && !$User->IsAdmin()) {
        // User does not have permission to create a new project.
        $response['error'] = 'You do not have permission to access this page.';
        http_response_code(403);
        return false;
    } elseif (!is_null($Project) && (!$User->IsAdmin() && $Project->GetUserRole($userid) <= 1)) {
        // User does not have permission to edit this project.
        $response['error'] = 'You do not have permission to access this page.';
        http_response_code(403);
        return false;
    }
    return true;
}
Example #6
0
} elseif (!is_null($projectid) && (!$User->IsAdmin() && $role <= 1)) {
    $response['error'] = 'You do not have permission to access this page.';
    echo json_encode($response);
    return;
}
$response = begin_JSON_response();
if ($projectid > 0) {
    get_dashboard_JSON($Project->GetName(), null, $response);
}
$response['hidenav'] = 1;
$menu = array();
$menu['back'] = 'user.php';
$response['menu'] = $menu;
$response['manageclient'] = $CDASH_MANAGE_CLIENTS;
$nRepositories = 0;
$repositories_response = array();
if ($edit || !is_null($projectid)) {
    $response['title'] = 'CDash - Edit Project';
    $response['edit'] = 1;
} else {
    $response['title'] = 'CDash - New Project';
    $response['edit'] = 0;
    $response['noproject'] = 1;
}
/** Strip the HTTP */
function stripHTTP($url)
{
    $pos = strpos($url, 'http://');
    if ($pos !== false) {
        return substr($url, 7);
    } else {
        $pos = strpos($url, 'https://');
        if ($pos !== false) {
            return substr($url, 8);
        }
    }
    return $url;
}
// List the available projects
$sql = 'SELECT id,name FROM project';
if (!$User->IsAdmin()) {
Example #7
0
     if (count($projectids) == 1) {
         $projectid = $projectids[0];
     }
 }
 $User = new User();
 $User->Id = $userid;
 $Project->Id = $projectid;
 $role = $Project->GetUserRole($userid);
 if ($User->IsAdmin() === FALSE && $role <= 1) {
     echo "You don't have the permissions to access this page";
     return;
 }
 // If user is admin then we can add a banner for all projects
 if ($User->IsAdmin() == true) {
     $xml .= "<availableproject>";
     $xml .= add_XML_value("id", "0");
     $xml .= add_XML_value("name", "All");
     if ($projectid == 0) {
         $xml .= add_XML_value("selected", "1");
     }
     $xml .= "</availableproject>";
 }
 $sql = "SELECT id,name FROM project";
 if ($User->IsAdmin() == false) {
     $sql .= " WHERE id IN (SELECT projectid AS id FROM user2project WHERE userid='{$userid}' AND role>0)";
 }
 $projects = pdo_query($sql);
 while ($project_array = pdo_fetch_array($projects)) {
     $xml .= "<availableproject>";
     $xml .= add_XML_value("id", $project_array['id']);
     $xml .= add_XML_value("name", $project_array['name']);
     if ($project_array['id'] == $projectid) {
 /**
  *
  * @access public
  * @param Comment $comment
  * @param User $user
  * @return bool
  */
 public static function Remove($comment, $user)
 {
     try {
         if ($user->user_id == $comment->user_id || $user->IsAdmin()) {
             $cmd = sprintf("DELETE FROM zi_comments WHERE comment_id=%d;", $comment->comment_id);
             if (!Database::Query($cmd, false)) {
                 throw new IdeaException("can't remove comment - database problem");
             }
         } else {
             throw new IdeaException("can't remove comment - user is not an owner of the comment ");
         }
     } catch (Exception $e) {
         Debug::Log($e, WARNING);
         return false;
     }
     return true;
 }
Example #9
0
 if (!$project_array['public'] && ($User->IsAdmin() === FALSE && $role < 0)) {
     echo "You don't have the permissions to access this page";
     return;
 }
 // Check if the user is not already in the database
 $user2project = pdo_query("SELECT role,emailtype,emailcategory,emailmissingsites,emailsuccess\n                             FROM user2project WHERE userid='{$userid}' AND projectid='{$projectid}'");
 if (pdo_num_rows($user2project) > 0) {
     $user2project_array = pdo_fetch_array($user2project);
     $xml .= add_XML_value("role", $user2project_array["role"]);
     $xml .= add_XML_value("emailtype", $user2project_array["emailtype"]);
     $xml .= add_XML_value("emailmissingsites", $user2project_array["emailmissingsites"]);
     $xml .= add_XML_value("emailsuccess", $user2project_array["emailsuccess"]);
     $emailcategory = $user2project_array["emailcategory"];
     $xml .= add_XML_value("emailcategory_update", check_email_category("update", $emailcategory));
     $xml .= add_XML_value("emailcategory_configure", check_email_category("configure", $emailcategory));
     $xml .= add_XML_value("emailcategory_warning", check_email_category("warning", $emailcategory));
     $xml .= add_XML_value("emailcategory_error", check_email_category("error", $emailcategory));
     $xml .= add_XML_value("emailcategory_test", check_email_category("test", $emailcategory));
     $xml .= add_XML_value("emailcategory_dynamicanalysis", check_email_category("dynamicanalysis", $emailcategory));
 } else {
     $xml .= add_XML_value("emailcategory_update", 1);
     $xml .= add_XML_value("emailcategory_configure", 1);
     $xml .= add_XML_value("emailcategory_warning", 1);
     $xml .= add_XML_value("emailcategory_error", 1);
     $xml .= add_XML_value("emailcategory_test", 1);
     $xml .= add_XML_value("emailcategory_dynamicanalysis", 1);
 }
 // If we ask to subscribe
 @($Subscribe = $_POST["subscribe"]);
 @($UpdateSubscription = $_POST["updatesubscription"]);
 @($Unsubscribe = $_POST["unsubscribe"]);
 @($Role = $_POST["role"]);
 @($Credentials = $_POST["credentials"]);
 @($EmailType = $_POST["emailtype"]);
 if (!isset($_POST["emailmissingsites"])) {
     $EmailMissingSites = 0;
 } else {
     $EmailMissingSites = $_POST["emailmissingsites"];
 }
 if (!isset($_POST["emailsuccess"])) {
     $EmailSuccess = 0;
 } else {
     $EmailSuccess = $_POST["emailsuccess"];
 }
 // Deals with label email
 $LabelEmail = new LabelEmail();
 $Label = new Label();
 $LabelEmail->ProjectId = $projectid;
 $LabelEmail->UserId = $userid;
 if ($Unsubscribe) {
     pdo_query("DELETE FROM user2project WHERE userid='{$userid}' AND projectid='{$projectid}'");
     pdo_query("DELETE FROM user2repository WHERE userid='{$userid}' AND projectid='{$projectid}'");
     // Remove the claim sites for this project if they are only part of this project
     pdo_query("DELETE FROM site2user WHERE userid='{$userid}'\n               AND siteid NOT IN\n              (SELECT build.siteid FROM build,user2project as up WHERE\n               up.projectid = build.projectid AND up.userid='{$userid}' AND up.role>0\n               GROUP BY build.siteid)");
     header('location: user.php?note=unsubscribedtoproject');
 } else {
     if ($UpdateSubscription) {
         @($emailcategory_update = $_POST["emailcategory_update"]);
         @($emailcategory_configure = $_POST["emailcategory_configure"]);
         @($emailcategory_warning = $_POST["emailcategory_warning"]);
         @($emailcategory_error = $_POST["emailcategory_error"]);
         @($emailcategory_test = $_POST["emailcategory_test"]);
         @($emailcategory_dynamicanalysis = $_POST["emailcategory_dynamicanalysis"]);
         $EmailCategory = $emailcategory_update + $emailcategory_configure + $emailcategory_warning + $emailcategory_error + $emailcategory_test + $emailcategory_dynamicanalysis;
         if (pdo_num_rows($user2project) > 0) {
             $Role = pdo_real_escape_numeric($Role);
             $EmailType = pdo_real_escape_numeric($EmailType);
             $EmailCategory = pdo_real_escape_numeric($EmailCategory);
             $EmailMissingSites = pdo_real_escape_numeric($EmailMissingSites);
             $EmailSuccess = pdo_real_escape_numeric($EmailSuccess);
             pdo_query("UPDATE user2project SET role='{$Role}',emailtype='{$EmailType}',\n                         emailcategory='{$EmailCategory}',\n                         emailmissingsites='{$EmailMissingSites}',\n                         emailsuccess='{$EmailSuccess}'\n                         WHERE userid='{$userid}' AND projectid='{$projectid}'");
             // Update the repository credential
             $UserProject = new UserProject();
             $UserProject->ProjectId = $projectid;
             $UserProject->UserId = $userid;
             $UserProject->UpdateCredentials($Credentials);
             if ($Role == 0) {
                 // Remove the claim sites for this project if they are only part of this project
                 pdo_query("DELETE FROM site2user WHERE userid='{$userid}'\n                 AND siteid NOT IN\n                (SELECT build.siteid FROM build,user2project as up WHERE\n                 up.projectid = build.projectid AND up.userid='{$userid}' AND up.role>0\n                 GROUP BY build.siteid)");
             }
         }
         if (isset($_POST['emaillabels'])) {
             $LabelEmail->UpdateLabels($_POST['emaillabels']);
         } else {
             $LabelEmail->UpdateLabels(NULL);
         }
         // Redirect
         header('location: user.php');
     } else {
         if ($Subscribe) {
             @($emailcategory_update = $_POST["emailcategory_update"]);
             @($emailcategory_configure = $_POST["emailcategory_configure"]);
             @($emailcategory_warning = $_POST["emailcategory_warning"]);
             @($emailcategory_error = $_POST["emailcategory_error"]);
             @($emailcategory_test = $_POST["emailcategory_test"]);
             @($emailcategory_dynamicanalysis = $_POST["emailcategory_dynamicanalysis"]);
             $EmailCategory = $emailcategory_update + $emailcategory_configure + $emailcategory_warning + $emailcategory_error + $emailcategory_test + $emailcategory_dynamicanalysis;
             if (pdo_num_rows($user2project) > 0) {
                 pdo_query("UPDATE user2project SET role='{$Role}',emailtype='{$EmailType}',\n                         emailcategory='{$EmailCategory}'.\n                         emailmissingsites='{$EmailMissingSites}',\n                         emailsuccess='{$EmailSuccess}'\n                         WHERE userid='{$userid}' AND projectid='{$projectid}'");
                 // Update the repository credential
                 $UserProject = new UserProject();
                 $UserProject->ProjectId = $projectid;
                 $UserProject->UserId = $userid;
                 $UserProject->UpdateCredentials($Credentials);
                 if ($Role == 0) {
                     // Remove the claim sites for this project if they are only part of this project
                     pdo_query("DELETE FROM site2user WHERE userid='{$userid}'\n                 AND siteid NOT IN\n                (SELECT build.siteid FROM build,user2project as up WHERE\n                 up.projectid = build.projectid AND up.userid='{$userid}' AND up.role>0\n                 GROUP BY build.siteid)");
                 }
             } else {
                 pdo_query("INSERT INTO user2project (role,userid,projectid,emailtype,emailcategory,emailsuccess,\n                                           emailmissingsites)\n                 VALUES ('{$Role}','{$userid}','{$projectid}','{$EmailType}','{$EmailCategory}',\n                         '{$EmailSuccess}','{$EmailMissingSites}')");
                 $UserProject = new UserProject();
                 $UserProject->ProjectId = $projectid;
                 $UserProject->UserId = $userid;
                 foreach ($Credentials as $credential) {
                     $UserProject->AddCredential($credential);
                 }
             }
             header('location: user.php?note=subscribedtoproject');
         }
     }
 }
 // XML
 // Show the current credentials for the user
 $query = pdo_query("SELECT credential,projectid FROM user2repository WHERE userid='" . $userid . "'\n                      AND (projectid='" . $projectid . "' OR projectid=0)");
 $credential_num = 0;
 while ($credential_array = pdo_fetch_array($query)) {
     if ($credential_array['projectid'] == 0) {
         $xml .= add_XML_value("global_credential", $credential_array['credential']);
     } else {
         $xml .= add_XML_value("credential_" . $credential_num++, $credential_array['credential']);
     }
 }
 $xml .= "<project>";
 $xml .= add_XML_value("id", $project_array['id']);
 $xml .= add_XML_value("name", $project_array['name']);
 $xml .= add_XML_value("emailbrokensubmission", $project_array['emailbrokensubmission']);
 $labelavailableids = $Project->GetLabels(7);
 // Get the labels for the last 7 days
 $labelids = $LabelEmail->GetLabels();
 $labelavailableids = array_diff($labelavailableids, $labelids);
 foreach ($labelavailableids as $labelid) {
     $xml .= "<label>";
     $xml .= add_XML_value("id", $labelid);
     $Label->Id = $labelid;
     $xml .= add_XML_value("text", $Label->GetText());
     $xml .= "</label>";
 }
 foreach ($labelids as $labelid) {
     $xml .= "<labelemail>";
     $xml .= add_XML_value("id", $labelid);
     $Label->Id = $labelid;
     $xml .= add_XML_value("text", $Label->GetText());
     $xml .= "</labelemail>";
 }
 $xml .= "</project>";
 $sql = "SELECT id,name FROM project";
 if ($User->IsAdmin() == false) {
Example #10
0
 $User = new User();
 $User->Id = $userid;
 /* If we should remove a job */
 if (isset($_GET['removeschedule'])) {
     $ClientJobSchedule = new ClientJobSchedule();
     $ClientJobSchedule->Id = pdo_real_escape_numeric($_GET['removeschedule']);
     if (!$User->IsAdmin() && $ClientJobSchedule->GetOwner() != $userid) {
         echo 'You cannot access this job';
         return;
     }
     $ClientJobSchedule->Remove();
     echo "<script language=\"javascript\">window.location='user.php'</script>";
 }
 if (!isset($_GET['projectid']) && !isset($_GET['scheduleid'])) {
     echo 'Projectid or Schedule id not set';
     return;
 }
 if (isset($_GET['projectid'])) {
     $projectid = pdo_real_escape_numeric($_GET['projectid']);
 } else {
     $scheduleid = pdo_real_escape_numeric($_GET['scheduleid']);
     $ClientJobSchedule = new ClientJobSchedule();
     $ClientJobSchedule->Id = $scheduleid;
     $projectid = $ClientJobSchedule->GetProjectId();
 }
 if (!$User->IsAdmin()) {
     // Make sure user has project admin privileges to use this page
     $UserProject = new UserProject();
     $UserProject->ProjectId = $projectid;
     $projectAdmins = $UserProject->GetUsers(2);
     //get project admin users
     if (!in_array($userid, $projectAdmins)) {
Example #11
0
        if (!$user->IsAdmin()) {
            //TODO Reporting through logger
            throw new Exception("You have not admin permissions, this abuse will be reported");
        } else {
            if (isset($_POST['USERNAME']) && isset($_POST['PWD']) && isset($_POST['PWDR'])) {
                if ($_POST['USERNAME'] == "" || $_POST['PWD'] == "" || $_POST['PWDR'] == "") {
                    throw new Exception("Fields cannot be empty");
                }
                if ($_POST['PWD'] != $_POST['PWDR']) {
                    throw new Exception("Two passwords are different");
                }
                $username = clearInput($_POST['USERNAME']);
                $usernameN = strip_tags($username);
                if ($usernameN != $username) {
                    throw new Exception("Inserted Username is not valid");
                }
                $username = strtolower($username);
                $new = new User();
                $new->SetID($username);
                $new->SetPassword($_POST['PWD']);
                $new->SetAdmin(isset($_POST['ADMIN']));
                $new->SetValid(TRUE);
                $new->Save();
                $msg = "User added successfully";
            }
        }
    } catch (Exception $e) {
        $error = $e->getMessage();
    }
}
?>

<html>
<head>
    <title>RaspiControl</title>
    <meta charset="utf-8"/>
    <meta name="viewport"
          content="user-scalable=no, initial-scale=1, maximum-scale=1, minimum-scale=1, width=device-width, height=device-height, target-densitydpi=device-dpi"/>
    <meta name="msapplication-tap-highlight" content="no"/>
    <meta name="apple-mobile-web-app-capable" content="no">
    <meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">
    <!-- Stylesheet-->
    <link rel="stylesheet" href="style/style.css"/>
    <!--Google Fonts !-->
    <link href='http://fonts.googleapis.com/css?family=Economica:400,700' rel='stylesheet' type='text/css'>
    <link rel="shortcut icon" href="style/images/favicon.ico">
    <link rel="icon" sizes="128x128" href="style/images/android.png" type="image/png"/>
    <link rel="icon" sizes="192x192" href="style/images/android-hd.png" type="image/png"/>
    <link rel="apple-touch-icon" sizes="120x120" href="style/images/apple-iphone.png" type="image/png"/>
    <link rel="apple-touch-icon" sizes="152x152" href="style/images/apple-ipad.png" type="image/png"/>
    <link rel="mask-icon" color="#d6264f" href="style/images/iconP.svg">
</head>

<body leftmargin="0" topmargin="0" rightmargin="0" bottommargin="0" onresize="setFooterWidth()"
      onload="setFooterWidth()">
<div class="page adduser">

    <header>
        RaspiControl
    </header>


    <form id="adduser_Form" class="adduser" action="adduser.php" method="POST" data-ajax="false">

        <?php 
if (isset($error)) {
    echo "<p class='error'>{$error}</p>";
} else {
    if (isset($msg)) {
        echo "<p class='message'>{$msg}</p>";
    } else {
        ?>

            <p class="input">
                <label for="username">Username:</label>
                <input id="username" type="text" name="USERNAME" value=""
                       placeholder="Username" onkeypress="return submitOnEnter(event, 'adduser_Form')"/>
                <label for="pwd1">Password:</label>
                <input id="pwd1" type="password" name="PWD" value=""
                       placeholder="Password" onkeypress="return submitOnEnter(event, 'adduser_Form')"/>
                <label for="pwd2">Repeat Password:</label>
                <input id="pwd2" type="password" name="PWDR" value=""
                       placeholder="Repeat Password" onkeypress="return submitOnEnter(event, 'adduser_Form')"/>
            </p>

            <div class="switch">
                <p>Admin:</p>
                <label class="off" for="check" onclick="selectBtn(this)">NO</label>
                <input type="checkbox" name="ADMIN" id="check">
            </div>

            <p class="input button" id="adduser" onclick="submitForm(this)">CREATE</p>

        <?php 
    }
}
?>
    </form>

    <footer>
        <ul>
            <li class="footerTab">
                <?php 
if (isset($error) && $user->IsAdmin()) {
Example #12
0
    if (pdo_num_rows($project) > 0) {
        $project_array = pdo_fetch_array($project);
        $projectname = $project_array['name'];
    }
    $Project->Id = $projectid;
    $role = $Project->GetUserRole($userid);
} else {
    $projectname = 'Global';
}
$xml = begin_XML_for_XSLT();
$xml .= '<title>Feed - ' . $projectname . '</title>';
$xml .= get_cdash_dashboard_xml(get_project_name($projectid), $date);
$sql = '';
if ($date) {
    $sql = "AND date>'" . $date . "'";
}
// Get the errors
$query = pdo_query('SELECT * FROM feed WHERE projectid=' . qnum($projectid) . ' ORDER BY id DESC');
while ($query_array = pdo_fetch_array($query)) {
    $xml .= '<feeditem>';
    $xml .= add_XML_value('date', $query_array['date']);
    $xml .= add_XML_value('buildid', $query_array['buildid']);
    $xml .= add_XML_value('type', $query_array['type']);
    $xml .= add_XML_value('description', $query_array['description']);
    $xml .= '</feeditem>';
}
$xml .= add_XML_value('admin', $User->IsAdmin());
$xml .= add_XML_value('role', $role);
$xml .= '</cdash>';
// Now doing the xslt transition
generate_XSLT($xml, 'viewFeed');
Example #13
0
<?php

include_once '../globals.php';
if (!isset($_SESSION)) {
    session_start();
}
$currentUser = new User($_SESSION['username'], $_SESSION['firstname'], $_SESSION['name'], $_SESSION['is_admin'], $_SESSION['user_id']);
if (!$currentUser->IsAdmin()) {
    header("location: ../index.php");
} else {
    ?>

<!DOCTYPE html>
<html ng-app="management-system">
	<head>
		<title>Didier Alessandroni - Apiculteur</title>
		<meta name="viewport" content="width=device-width, initial-scale=1.0">
		<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
		
		<!-- Bootstrap -->
		<link href="<?php 
    echo $include_path;
    ?>
includes/css/bootstrap.min.css" rel="stylesheet">
		<link href="<?php 
    echo $include_path;
    ?>
includes/css/bootstrap-responsive.min.css" rel="stylesheet">
		<link href="<?php 
    echo $include_path;
    ?>
 /**
  *
  * @access public
  * @static
  * @param Idea $idea
  * @param User $user
  * @return bool
  */
 public static function Remove($idea, $user)
 {
     try {
         if ($user->user_id == $idea->user_id || $user->IsAdmin()) {
             $cmd = sprintf("DELETE FROM zi_ideas WHERE idea_id=%d;", $idea->idea_id);
             if (!Database::Query($cmd, false)) {
                 throw new IdeaException("can't remove idea - database problem");
             }
             $cmd = sprintf("DELETE FROM zi_comments WHERE idea_id=%d;", $idea->idea_id);
             if (!Database::Query($cmd, false)) {
                 throw new IdeaException("can't remove idea comments - database problem");
             }
             $cmd = sprintf("DELETE FROM zi_rates WHERE idea_id=%d;", $idea->idea_id);
             if (!Database::Query($cmd, false)) {
                 throw new IdeaException("can't remove idea rates - database problem");
             }
         } else {
             throw new IdeaException("can't remove idea - user is not a owner of the idea ");
         }
     } catch (Exception $e) {
         Debug::Log($e, WARNING);
         return false;
     }
     return true;
 }
Example #15
0
 if (($User->IsAdmin() || $role > 1) && isset($_POST["deletelogs"])) {
     $ErrorLog = new ErrorLog();
     $ErrorLog->Clean(0, $projectid);
 } else {
     if (isset($_POST["deletelogs"])) {
         echo "You don't have the privileges to delete these logs.";
         exit;
     }
 }
 $xml = begin_XML_for_XSLT();
 $xml .= "<title>Error Log - " . $projectname . "</title>";
 if ($buildid) {
     $xml .= get_cdash_dashboard_xml(get_project_name($projectid), $date);
     // Get the errors
     $query = pdo_query("SELECT resourcetype,date,resourceid,description,type,buildid,projectid\n                     FROM errorlog WHERE projectid=" . qnum($projectid) . " AND buildid=" . qnum($buildid) . " ORDER BY date DESC");
 } else {
     if ($projectid) {
         $xml .= get_cdash_dashboard_xml(get_project_name($projectid), $date);
         $sql = '';
         if ($date) {
             $sql = "AND date>'" . $date . "'";
         }
         // Get the errors
         $query = pdo_query("SELECT resourcetype,date,resourceid,description,type,buildid,projectid\n                     FROM errorlog WHERE projectid=" . qnum($projectid) . $sql . " ORDER BY date DESC");
     } else {
         $query = pdo_query("SELECT resourcetype,date,resourceid,errorlog.description,type,buildid,projectid,project.name AS projectname\n                     FROM errorlog LEFT JOIN project ON (project.id=errorlog.projectid) ORDER BY date DESC");
         echo pdo_error();
     }
 }
 while ($query_array = pdo_fetch_array($query)) {
     $xml .= "<error>";
     $xml .= add_XML_value("date", $query_array["date"]);
     $xml .= add_XML_value("resourceid", $query_array["resourceid"]);
     $xml .= add_XML_value("resourcetype", $query_array["resourcetype"]);
     $xml .= add_XML_value("description", $query_array["description"]);
     $xml .= add_XML_value("type", $query_array["type"]);
     $xml .= add_XML_value("buildid", $query_array["buildid"]);
     $xml .= add_XML_value("projectid", $query_array["projectid"]);
     if (isset($query_array["projectname"])) {
         $xml .= add_XML_value("projectname", $query_array["projectname"]);
     }
     $xml .= "</error>";
 }
 $xml .= add_XML_value("admin", $User->IsAdmin());
Example #16
0
    $rest_json = file_get_contents("php://input");
    $_POST = json_decode($rest_json, true);
    @($projectid = $_POST['projectid']);
}
if (!isset($projectid)) {
    echo_error('projectid not specified.');
    return;
}
$projectid = pdo_real_escape_numeric($projectid);
// Make sure the user has access to this page.
$Project = new Project();
$User = new User();
$User->Id = $userid;
$Project->Id = $projectid;
$role = $Project->GetUserRole($userid);
if ($User->IsAdmin() === FALSE && $role <= 1) {
    echo_error("You ({$userid}) don't have the permissions to access this page ({$projectid})");
    return;
}
// Route based on what type of request this is.
$method = $_SERVER['REQUEST_METHOD'];
switch ($method) {
    case 'DELETE':
        rest_delete();
        break;
    case 'POST':
        rest_post();
        break;
    case 'PUT':
        rest_put();
        break;
Example #17
0
            echo "Used: " . number_format($fs[1] / pow(2, 20), 1) . "GB - ";
            echo "Free: " . number_format($fs[2] / pow(2, 20), 1) . "GB";
            echo "</div>";
        }
    }
}
?>

        <a href="index.php">BACK</a>
    </section>
    <section class="toolsMenu">
        <ul class="scripts">
            <!-- TODO define Tools Menu -->
            <li><a href="passwd.php">Change Password</a></li>
            <?php 
if ($user->IsAdmin()) {
    ?>
                <li><a href="adduser.php">Add User</a></li>
                <li><a href="moduser.php">Modify User</a></li>
            <?php 
}
?>
        </ul>
    </section>
    <footer>

        <ul>
            <li class="footerTab">
                <a onclick="showTools(this)">TOOLS</a>
            </li>
            <li class="footerTab">
Example #18
0
    $rest_json = file_get_contents('php://input');
    $_POST = json_decode($rest_json, true);
    @($projectid = $_POST['projectid']);
}
if (!isset($projectid)) {
    echo_error('projectid not specified.');
    return;
}
$projectid = pdo_real_escape_numeric($projectid);
// Make sure the user has access to this page.
$Project = new Project();
$User = new User();
$User->Id = $userid;
$Project->Id = $projectid;
$role = $Project->GetUserRole($userid);
if ($User->IsAdmin() === false && $role <= 1) {
    echo_error("You ({$userid}) don't have the permissions to access this page ({$projectid})");
    return;
}
// Route based on what type of request this is.
$method = $_SERVER['REQUEST_METHOD'];
switch ($method) {
    case 'DELETE':
        rest_delete();
        break;
    case 'POST':
        rest_post();
        break;
    case 'PUT':
        rest_put();
        break;
Example #19
0
}
@($db = pdo_connect("{$CDASH_DB_HOST}", "{$CDASH_DB_LOGIN}", "{$CDASH_DB_PASS}"));
pdo_select_db("{$CDASH_DB_NAME}", $db);
@($userid = $_SESSION['cdash']['loginid']);
// Checks
if (!isset($userid) || !is_numeric($userid)) {
    $response['requirelogin'] = 1;
    echo json_encode($response);
    return;
}
// List the available projects that this user has admin rights to.
@($projectid = $_GET['projectid']);
$User = new User();
$User->Id = $userid;
$sql = 'SELECT id,name FROM project';
if ($User->IsAdmin() == false) {
    $sql .= " WHERE id IN (SELECT projectid AS id FROM user2project WHERE userid='{$userid}' AND role>0)";
}
$projects = pdo_query($sql);
$availableprojects = array();
while ($project_array = pdo_fetch_array($projects)) {
    $availableproject = array();
    $availableproject['id'] = $project_array['id'];
    $availableproject['name'] = $project_array['name'];
    if ($project_array['id'] == $projectid) {
        $availableproject['selected'] = '1';
    }
    $availableprojects[] = $availableproject;
}
$response['availableprojects'] = $availableprojects;
if (!isset($projectid) || $projectid < 1) {