public function loginCallback()
 {
     $attributes = phpCAS::getAttributes();
     $this->updateLocalUserFromBackend($attributes);
     $usr_id = User::getUserIDByEmail($attributes['mail'], true);
     $user = User::getDetails($usr_id);
     Auth::createLoginCookie(APP_COOKIE, $user['usr_email'], true);
 }
 /**
  * Checks whether the provided password match against the email
  * address provided.
  *
  * @param   string $login The email address to check for
  * @param   string $password The password of the user to check for
  * @return  boolean
  */
 public function verifyPassword($login, $password)
 {
     $usr_id = User::getUserIDByEmail($login, true);
     $user = User::getDetails($usr_id);
     if ($user['usr_password'] == Auth::hashPassword($password)) {
         self::resetFailedLogins($usr_id);
         return true;
     } else {
         self::incrementFailedLogins($usr_id);
         return false;
     }
 }
Example #3
0
 /**
  * Method used to set auth cookie in user's browser.
  *
  * @param int|string $user User Id or User email.
  * @param boolean $permanent Set to false to make session cookie (Expires when browser is closed)
  */
 public static function setAuthCookie($user, $permanent = true)
 {
     if (!$user) {
         throw new LogicException('Need usr_id or email');
     }
     if (is_numeric($user)) {
         $user_details = User::getDetails($user);
         $email = $user_details['usr_email'];
     } else {
         $email = $user;
     }
     $cookie = self::generateAuthCookie($email, $permanent);
     Auth::setCookie(APP_COOKIE, $cookie, $permanent ? APP_COOKIE_EXPIRE : null);
     $_COOKIE[APP_COOKIE] = $cookie;
 }
 /**
  * Checks whether the provided password match against the email
  * address provided.
  *
  * @param   string $login The email address to check for
  * @param   string $password The password of the user to check for
  * @return  boolean
  */
 public function verifyPassword($login, $password)
 {
     $usr_id = User::getUserIDByEmail($login, true);
     $user = User::getDetails($usr_id);
     $hash = $user['usr_password'];
     if (!AuthPassword::verify($password, $hash)) {
         self::incrementFailedLogins($usr_id);
         return false;
     }
     self::resetFailedLogins($usr_id);
     // check if hash needs rehashing,
     // old md5 or more secure default
     if (AuthPassword::needs_rehash($hash)) {
         self::updatePassword($usr_id, $password);
     }
     return true;
 }
 /**
  * Collects details of a user from the database system
  * Returns a Null array if user doesn't exist;
  */
 public function checkUserDetails($username, $password)
 {
     // Set the state and tell plugins.
     $this->setState('CHECKING_USER_DETAILS');
     $this->notifyObservers();
     //Include the User Library
     include "lib/User.php";
     //Setup user class
     $user = new User();
     //Encrypt the password
     $password = $user->encryptPass($password);
     $data = $user->getDetails($username);
     //If the user doesn't exist return false, incorrect details
     if (empty($data)) {
         //Return false
         return false;
     } else {
         if ($password == $data[1]) {
             //The details are correct
             return true;
         }
     }
 }
// +----------------------------------------------------------------------+
// | Authors: João Prado Maia <*****@*****.**>                             |
// +----------------------------------------------------------------------+
//
// @(#) $Id: s.forgot_password.php 1.8 03/12/12 19:09:43-00:00 jpradomaia $
//
include_once "config.inc.php";
include_once APP_INC_PATH . "class.template.php";
include_once APP_INC_PATH . "class.user.php";
include_once APP_INC_PATH . "class.mail.php";
include_once APP_INC_PATH . "db_access.php";
$tpl = new Template_API();
$tpl->setTemplate("forgot_password.tpl.html");
if (@$HTTP_POST_VARS["cat"] == "reset_password") {
    if (empty($HTTP_POST_VARS["email"])) {
        $tpl->assign("result", 4);
    }
    $usr_id = User::getUserIDByEmail($HTTP_POST_VARS["email"]);
    if (empty($usr_id)) {
        $tpl->assign("result", 5);
    } else {
        $info = User::getDetails($usr_id);
        if (!User::isActiveStatus($info["usr_status"])) {
            $tpl->assign("result", 3);
        } else {
            User::sendPasswordConfirmationEmail($usr_id);
            $tpl->assign("result", 1);
        }
    }
}
$tpl->displayTemplate();
Example #7
0
    $tpl->displayTemplate();
    exit;
}
if (@$_POST['cat'] == 'new') {
    $res = User::insertFromPost();
    Misc::mapMessages($res, array(1 => array(ev_gettext('Thank you, the user was added successfully.'), Misc::MSG_INFO), -1 => array(ev_gettext('An error occurred while trying to add the new user.'), Misc::MSG_ERROR)));
} elseif (@$_POST['cat'] == 'update') {
    $res = User::updateFromPost();
    Misc::mapMessages($res, array(1 => array(ev_gettext('Thank you, the user was updated successfully.'), Misc::MSG_INFO), -1 => array(ev_gettext('An error occurred while trying to update the user information.'), Misc::MSG_ERROR)));
} elseif (@$_POST['cat'] == 'change_status') {
    User::changeStatus($_POST['items'], $_POST['status']);
}
$project_roles = array();
$project_list = Project::getAll();
if (@$_GET['cat'] == 'edit') {
    $info = User::getDetails($_GET['id']);
    $tpl->assign('info', $info);
}
foreach ($project_list as $prj_id => $prj_title) {
    $excluded_roles = array('Customer');
    if (@$info['roles'][$prj_id]['pru_role'] == User::getRoleID('Customer')) {
        if (count($excluded_roles) == 1) {
            $excluded_roles = false;
        } else {
            $excluded_roles = array('administrator');
        }
        if (@$info['roles'][$prj_id]['pru_role'] == User::getRoleID('administrator')) {
            $excluded_roles = false;
        }
    }
    $project_roles[$prj_id] = $user_roles = array(0 => 'No Access') + User::getRoles($excluded_roles);
Example #8
0
 /**
  * Creates a fake cookie so processes not run from a browser can access current user and project
  *
  * @param   integer $usr_id The ID of the user.
  * @param   bool|int $prj_id The ID of the project.
  */
 public static function createFakeCookie($usr_id, $prj_id = false)
 {
     $user_details = User::getDetails($usr_id);
     $time = time();
     $cookie = array('email' => $user_details['usr_email'], 'login_time' => $time, 'hash' => md5(self::privateKey() . $time . $user_details['usr_email']));
     $_COOKIE[APP_COOKIE] = base64_encode(serialize($cookie));
     if ($prj_id) {
         $cookie = array('prj_id' => $prj_id, 'remember' => false);
     }
     $_COOKIE[APP_PROJECT_COOKIE] = base64_encode(serialize($cookie));
 }
Example #9
0
 /**
  * Method used to get the list of issues to be displayed in the grid layout.
  *
  * @param   array $options The search parameters
  * @return  string The where clause
  */
 public static function buildWhereClause($options)
 {
     $usr_id = Auth::getUserID();
     $prj_id = Auth::getCurrentProject();
     $role_id = User::getRoleByUser($usr_id, $prj_id);
     $usr_details = User::getDetails($usr_id);
     $stmt = ' AND iss_usr_id = usr_id';
     if ($role_id == User::getRoleID('Customer')) {
         $crm = CRM::getInstance($prj_id);
         $contact = $crm->getContact($usr_details['usr_customer_contact_id']);
         $stmt .= " AND iss_customer_contract_id IN('" . implode("','", $contact->getContractIDS()) . "')";
         $stmt .= " AND iss_customer_id ='" . Auth::getCurrentCustomerID() . "'";
     } elseif ($role_id == User::getRoleID('Reporter') && Project::getSegregateReporters($prj_id)) {
         $stmt .= " AND (\n                        iss_usr_id = {$usr_id} OR\n                        iur_usr_id = {$usr_id}\n                        )";
     }
     if (!empty($usr_details['usr_par_code'])) {
         // restrict partners
         $stmt .= " AND ipa_par_code = '" . Misc::escapeString($usr_details['usr_par_code']) . "'";
     }
     if (!empty($options['users'])) {
         $stmt .= " AND (\n";
         if (stristr($options['users'], 'grp') !== false) {
             $chunks = explode(':', $options['users']);
             $stmt .= 'iss_grp_id = ' . Misc::escapeInteger($chunks[1]);
         } else {
             if ($options['users'] == '-1') {
                 $stmt .= 'isu_usr_id IS NULL';
             } elseif ($options['users'] == '-2') {
                 $stmt .= 'isu_usr_id IS NULL OR isu_usr_id=' . $usr_id;
             } elseif ($options['users'] == '-3') {
                 $stmt .= 'isu_usr_id = ' . $usr_id . ' OR iss_grp_id = ' . User::getGroupID($usr_id);
             } elseif ($options['users'] == '-4') {
                 $stmt .= 'isu_usr_id IS NULL OR isu_usr_id = ' . $usr_id . ' OR iss_grp_id = ' . User::getGroupID($usr_id);
             } else {
                 $stmt .= 'isu_usr_id =' . Misc::escapeInteger($options['users']);
             }
         }
         $stmt .= ')';
     }
     if (!empty($options['reporter'])) {
         $stmt .= ' AND iss_usr_id = ' . Misc::escapeInteger($options['reporter']);
     }
     if (!empty($options['show_authorized_issues'])) {
         $stmt .= " AND (iur_usr_id={$usr_id})";
     }
     if (!empty($options['show_notification_list_issues'])) {
         $stmt .= " AND (sub_usr_id={$usr_id})";
     }
     if (!empty($options['keywords'])) {
         $stmt .= " AND (\n";
         if ($options['search_type'] == 'all_text' && APP_ENABLE_FULLTEXT) {
             $stmt .= 'iss_id IN(' . implode(', ', self::getFullTextIssues($options)) . ')';
         } elseif ($options['search_type'] == 'customer' && CRM::hasCustomerIntegration($prj_id)) {
             // check if the user is trying to search by customer name / email
             $crm = CRM::getInstance($prj_id);
             $customer_ids = $crm->getCustomerIDsByString($options['keywords'], true);
             if (count($customer_ids) > 0) {
                 $stmt .= ' iss_customer_id IN (' . implode(', ', $customer_ids) . ')';
             } else {
                 // no results, kill query
                 $stmt .= ' iss_customer_id = -1';
             }
         } else {
             $stmt .= '(' . Misc::prepareBooleanSearch('iss_summary', $options['keywords']);
             $stmt .= ' OR ' . Misc::prepareBooleanSearch('iss_description', $options['keywords']) . ')';
         }
         $stmt .= "\n) ";
     }
     if (!empty($options['customer_id'])) {
         $stmt .= " AND iss_customer_id='" . Misc::escapeString($options['customer_id']) . "'";
     }
     if (!empty($options['priority'])) {
         $stmt .= ' AND iss_pri_id=' . Misc::escapeInteger($options['priority']);
     }
     if (!empty($options['status'])) {
         $stmt .= ' AND iss_sta_id=' . Misc::escapeInteger($options['status']);
     }
     if (!empty($options['category'])) {
         if (!is_array($options['category'])) {
             $options['category'] = array($options['category']);
         }
         $stmt .= ' AND iss_prc_id IN(' . implode(', ', Misc::escapeInteger($options['category'])) . ')';
     }
     if (!empty($options['hide_closed'])) {
         $stmt .= ' AND sta_is_closed=0';
     }
     if (!empty($options['release'])) {
         $stmt .= ' AND iss_pre_id = ' . Misc::escapeInteger($options['release']);
     }
     if (!empty($options['product'])) {
         $stmt .= ' AND ipv_pro_id = ' . Misc::escapeInteger($options['product']);
     }
     // now for the date fields
     $date_fields = array('created_date', 'updated_date', 'last_response_date', 'first_response_date', 'closed_date');
     foreach ($date_fields as $field_name) {
         if (!empty($options[$field_name])) {
             switch ($options[$field_name]['filter_type']) {
                 case 'greater':
                     $stmt .= " AND iss_{$field_name} >= '" . Misc::escapeString($options[$field_name]['start']) . "'";
                     break;
                 case 'less':
                     $stmt .= " AND iss_{$field_name} <= '" . Misc::escapeString($options[$field_name]['start']) . "'";
                     break;
                 case 'between':
                     $stmt .= " AND iss_{$field_name} BETWEEN '" . Misc::escapeString($options[$field_name]['start']) . "' AND '" . Misc::escapeString($options[$field_name]['end']) . "'";
                     break;
                 case 'null':
                     $stmt .= " AND iss_{$field_name} IS NULL";
                     break;
                 case 'in_past':
                     if (strlen($options[$field_name]['time_period']) == 0) {
                         $options[$field_name]['time_period'] = 0;
                     }
                     $stmt .= " AND (UNIX_TIMESTAMP('" . Date_Helper::getCurrentDateGMT() . "') - UNIX_TIMESTAMP(iss_{$field_name})) <= (" . Misc::escapeInteger($options[$field_name]['time_period']) . '*3600)';
                     break;
             }
         }
     }
     // custom fields
     if (is_array($options['custom_field']) && count($options['custom_field']) > 0) {
         foreach ($options['custom_field'] as $fld_id => $search_value) {
             if (empty($search_value)) {
                 continue;
             }
             $field = Custom_Field::getDetails($fld_id);
             $fld_db_name = Custom_Field::getDBValueFieldNameByType($field['fld_type']);
             if ($field['fld_type'] == 'date' && (empty($search_value['Year']) || empty($search_value['Month']) || empty($search_value['Day']))) {
                 continue;
             }
             if ($field['fld_type'] == 'integer' && empty($search_value['value'])) {
                 continue;
             }
             if ($field['fld_type'] == 'multiple') {
                 $search_value = Misc::escapeString($search_value);
                 foreach ($search_value as $cfo_id) {
                     $cfo_id = Misc::escapeString($cfo_id);
                     $stmt .= " AND\n cf" . $fld_id . '_' . $cfo_id . '.icf_iss_id = iss_id';
                     $stmt .= " AND\n cf" . $fld_id . '_' . $cfo_id . ".icf_fld_id = {$fld_id}";
                     $stmt .= " AND\n cf" . $fld_id . '_' . $cfo_id . '.' . $fld_db_name . " = '{$cfo_id}'";
                 }
             } elseif ($field['fld_type'] == 'date') {
                 if (empty($search_value['Year']) || empty($search_value['Month']) || empty($search_value['Day'])) {
                     continue;
                 }
                 $search_value = $search_value['Year'] . '-' . $search_value['Month'] . '-' . $search_value['Day'];
                 $stmt .= " AND\n (iss_id = cf" . $fld_id . '.icf_iss_id AND
                     cf' . $fld_id . '.' . $fld_db_name . " = '" . Misc::escapeString($search_value) . "')";
             } elseif ($field['fld_type'] == 'integer') {
                 $value = $search_value['value'];
                 switch ($search_value['filter_type']) {
                     case 'ge':
                         $cmp = '>=';
                         break;
                     case 'le':
                         $cmp = '<=';
                         break;
                     case 'gt':
                         $cmp = '>';
                         break;
                     case 'lt':
                         $cmp = '<';
                         break;
                     default:
                         $cmp = '=';
                         break;
                 }
                 $stmt .= " AND\n (iss_id = cf" . $fld_id . '.icf_iss_id';
                 $stmt .= " AND\n cf" . $fld_id . ".icf_fld_id = {$fld_id}";
                 $stmt .= ' AND cf' . $fld_id . '.' . $fld_db_name . $cmp . Misc::escapeString($value) . ')';
             } else {
                 $stmt .= " AND\n (iss_id = cf" . $fld_id . '.icf_iss_id';
                 $stmt .= " AND\n cf" . $fld_id . ".icf_fld_id = {$fld_id}";
                 if ($field['fld_type'] == 'combo') {
                     $stmt .= ' AND cf' . $fld_id . '.' . $fld_db_name . " IN('" . implode("', '", Misc::escapeString($search_value)) . "')";
                 } else {
                     $stmt .= ' AND cf' . $fld_id . '.' . $fld_db_name . " LIKE '%" . Misc::escapeString($search_value) . "%'";
                 }
                 $stmt .= ')';
             }
         }
     }
     // clear cached full-text values if we are not searching fulltext anymore
     if (APP_ENABLE_FULLTEXT && @$options['search_type'] != 'all_text') {
         Session::set('fulltext_string', '');
         Session::set('fulltext_issues', '');
     }
     return $stmt;
 }
Example #10
0
 /**
  * Method used to send a confirmation email to the user that is associated
  * to the email address.
  *
  * @access  public
  * @param   string $usr_id The user ID
  * @return  void
  */
 function sendPasswordConfirmationEmail($usr_id)
 {
     $info = User::getDetails($usr_id);
     // send confirmation email to user
     $hash = md5($info["usr_full_name"] . md5($info["usr_email"]) . $GLOBALS["private_key"]);
     $msg = "Hello,\n\n";
     $msg .= "We just received a request to create a new random password for your account in our issue tracking system. ";
     $msg .= "For security reasons we need you to confirm this request so we can finish the password creation process.\n\n";
     $msg .= "If this is not a real request from you, or if you don't need a new password anymore, ";
     $msg .= "please disregard this email.\n\n";
     $msg .= "However, if you would like to confirm this request, please do so by visiting the URL below:\n\n";
     $msg .= APP_BASE_URL . "confirm.php?cat=password&email=" . $info["usr_email"] . "&hash=" . $hash . "\n\n";
     $setup = Setup::load();
     $mail = new Mail_API();
     // need to make this message MIME based
     $mail->setTextBody($msg);
     $mail->send($setup["smtp"]["from"], $info["usr_email"], APP_SHORT_NAME . ": New Password - Confirmation Required");
 }
Example #11
0
    Misc::setMessage(ev_gettext('Note: Project automatically switched to "%1$s" from "%2$s".', Auth::getCurrentProjectName(), Project::getName($iss_prj_id)));
}
$tpl->assign('issue', $details);
$tpl->assign('extra_title', ev_gettext('Update Issue #%1$s', $issue_id));
// in the case of a customer user, also need to check if that customer has access to this issue
if ($role_id == User::getRoleID('customer') && (empty($details) || User::getCustomerID($usr_id) != $details['iss_customer_id']) || !Issue::canAccess($issue_id, $usr_id) || !($role_id > User::getRoleID('Reporter')) || !Issue::canUpdate($issue_id, $usr_id)) {
    $tpl->setTemplate('base_full.tpl.html');
    Misc::setMessage(ev_gettext('Sorry, you do not have the required privileges to update this issue.'), Misc::MSG_ERROR);
    $tpl->displayTemplate();
    exit;
}
if (Issue_Lock::acquire($issue_id, $usr_id)) {
    $issue_lock = false;
} else {
    $issue_lock = Issue_Lock::getInfo($issue_id);
    $issue_lock['locker'] = User::getDetails($issue_lock['usr_id']);
    $issue_lock['expires_formatted_time'] = Date_Helper::getFormattedDate($issue_lock['expires']);
}
$tpl->assign('issue_lock', $issue_lock);
$new_prj_id = Issue::getProjectID($issue_id);
$cancel_update = isset($_POST['cancel']);
if ($cancel_update) {
    // be sure not to unlock somebody else's lock
    if (!$issue_lock) {
        Issue_Lock::release($issue_id);
        Misc::setMessage(ev_gettext('Cancelled Issue #%1$s update.', $issue_id), Misc::MSG_INFO);
    }
    Auth::redirect(APP_RELATIVE_URL . 'view.php?id=' . $issue_id);
    exit;
} elseif (@$_POST['cat'] == 'update') {
    if ($issue_lock) {
Example #12
0
// special handling when someone tries to 'reply' to an issue
if ($cat == 'reply') {
    $details = Issue::getReplyDetails($_GET['issue_id']);
    if ($details != '') {
        $header = Misc::formatReplyPreamble($details['created_date_ts'], $details['reporter']);
        $details['seb_body'] = $header . Misc::formatReply($details['description']);
        $details['sup_from'] = Mail_Helper::getFormattedName($details['reporter'], $details['reporter_email']);
        $tpl->assign(array('email' => $details, 'parent_email_id' => 0, 'extra_title' => 'Issue #' . $_GET['issue_id'] . ': Reply'));
    }
}
if (!empty($issue_id)) {
    // list the available statuses
    $tpl->assign('statuses', Status::getAssocStatusList($prj_id, false));
    $tpl->assign('current_issue_status', Issue::getStatusID($issue_id));
    // set if the current user is allowed to send emails on this issue or not
    $sender_details = User::getDetails($usr_id);
    $tpl->assign('can_send_email', Support::isAllowedToEmail($issue_id, $sender_details['usr_email']));
    $tpl->assign('subscribers', Notification::getSubscribers($issue_id, 'emails'));
}
if (!empty($_GET['ema_id']) || !empty($_POST['ema_id'])) {
    $ema_id = isset($_GET['ema_id']) ? (int) $_GET['ema_id'] : (isset($_POST['ema_id']) ? (int) $_POST['ema_id'] : null);
    $tpl->assign('ema_id', $ema_id);
}
$user_prefs = Prefs::get($usr_id);
// list of users to display in the lookup field in the To: and Cc: fields
$t = Project::getAddressBook($prj_id, $issue_id);
$tpl->assign(array('from' => User::getFromHeader($usr_id), 'assoc_users' => $t, 'assoc_emails' => array_keys($t), 'canned_responses' => Email_Response::getAssocList($prj_id), 'js_canned_responses' => Email_Response::getAssocListBodies($prj_id), 'current_user_prefs' => $user_prefs, 'issue_access' => Access::getIssueAccessArray($issue_id, $usr_id), 'max_attachment_size' => Attachment::getMaxAttachmentSize(), 'max_attachment_bytes' => Attachment::getMaxAttachmentSize(true)));
// don't add signature if it already exists. Note: This won't handle multiple user duplicate sigs.
if (@(!empty($draft['emd_body'])) && $user_prefs['auto_append_email_sig'] == 1 && strpos($draft['emd_body'], $user_prefs['email_signature']) !== false) {
    $tpl->assign('body_has_sig_already', 1);
}
 /**
  * Collects User details through available library
  */
 public function getUserDetails()
 {
     $this->setState('GETTING_USER_DETAIL');
     //Get the username request
     $username = $this->getActiveRequest();
     //Include the User Library
     include_once "core/lib/User.php";
     //Setup user class
     $u = new User();
     //Get the user data
     $data = $u->getDetails($username);
     //Convert Data into View required strings [showEditForm($user, $fullname, $email, $level1, $level2)]
     $form = array();
     //Set Name
     $form[0] = $username;
     //Set Full Name
     $form[1] = $data[0];
     //Set Email
     $form[2] = $data[3];
     //Set Option 1 (Allows for case of external change eg. more than just administrator and editor - possibly a hacked 'contributor' mode.)
     $form[3] = $data[2];
     //If Administrator
     if ($data[2] == "administrator") {
         //Show Administrator as first option
         $form[4] = "editor";
     } else {
         //Show Administrator as first option
         $form[4] = "administrator";
     }
     //Return form data
     return $form;
 }
 /**
  * Method used to send the account details of an user.
  *
  * @access  public
  * @param   integer $usr_id The user ID
  * @return  void
  */
 function notifyAccountDetails($usr_id)
 {
     $info = User::getDetails($usr_id);
     $info["projects"] = Project::getAssocList($usr_id, true, true);
     // open text template
     $tpl = new Template_API();
     $tpl->setTemplate('notifications/account_details.tpl.text');
     $tpl->bulkAssign(array("app_title" => Misc::getToolCaption(), "user" => $info));
     $text_message = $tpl->getTemplateContents();
     // send email (use PEAR's classes)
     $mail = new Mail_API();
     $mail->setTextBody($text_message);
     $setup = $mail->getSMTPSettings();
     $mail->send($setup["from"], $mail->getFormattedName($info["usr_full_name"], $info["usr_email"]), APP_SHORT_NAME . ": Your User Account Details");
 }
 /**
  * Method used to send the account details of an user.
  *
  * @param   integer $usr_id The user ID
  * @return  void
  */
 public function notifyAccountDetails($usr_id)
 {
     $info = User::getDetails($usr_id);
     $info['projects'] = Project::getAssocList($usr_id, true, true);
     // open text template
     $tpl = new Template_Helper();
     $tpl->setTemplate('notifications/account_details.tpl.text');
     $tpl->assign(array('app_title' => Misc::getToolCaption(), 'user' => $info));
     Language::set(User::getLang($usr_id));
     $text_message = $tpl->getTemplateContents();
     // send email (use PEAR's classes)
     $mail = new Mail_Helper();
     $mail->setTextBody($text_message);
     $setup = $mail->getSMTPSettings();
     $to = $mail->getFormattedName($info['usr_full_name'], $info['usr_email']);
     // TRANSLATORS: %s = APP_SHORT_NAME
     $subject = ev_gettext('%s: Your User Account Details', APP_SHORT_NAME);
     $mail->send($setup['from'], $to, $subject);
     Language::restore();
 }
Example #16
0
 /**
  * Method to determine if user can access a particular issue
  *
  * @param   integer $issue_id The ID of the issue.
  * @param   integer $usr_id The ID of the user
  * @return  boolean If the user can access the issue
  */
 public static function canAccessIssue($issue_id, $usr_id)
 {
     static $access;
     if (empty($issue_id)) {
         return false;
     }
     if (isset($access[$issue_id . '-' . $usr_id])) {
         return $access[$issue_id . '-' . $usr_id];
     }
     $details = Issue::getDetails($issue_id);
     if (empty($details)) {
         return true;
     }
     $usr_details = User::getDetails($usr_id);
     $usr_role = User::getRoleByUser($usr_id, $details['iss_prj_id']);
     $prj_id = $details['iss_prj_id'];
     $can_access_contract = false;
     if (CRM::hasCustomerIntegration($prj_id)) {
         $crm = CRM::getInstance($prj_id);
         try {
             if (!empty($usr_details['usr_customer_contact_id']) && !empty($details['iss_customer_contract_id'])) {
                 $contact = $crm->getContact($usr_details['usr_customer_contact_id']);
                 $can_access_contract = $contact->canAccessContract($crm->getContract($details['iss_customer_contract_id']));
             }
         } catch (CRMException $e) {
             // TODOCRM: Log exception?
         }
     }
     if (empty($usr_role)) {
         // check if they are even allowed to access the project
         $return = false;
     } elseif (CRM::hasCustomerIntegration($details['iss_prj_id']) && $usr_role == User::getRoleID('Customer') && $can_access_contract === false) {
         // check customer permissions
         $return = false;
     } elseif (!empty($usr_details['usr_par_code']) && !Partner::isPartnerEnabledForIssue($usr_details['usr_par_code'], $issue_id)) {
         // check if the user is a partner
         $return = false;
     } elseif ($details['iss_private'] == 1) {
         // check if the issue is even private
         // check role, reporter, assignment and group
         if ($usr_role > User::getRoleID('Developer')) {
             $return = true;
         } elseif ($details['iss_usr_id'] == $usr_id) {
             $return = true;
         } elseif (Issue::isAssignedToUser($issue_id, $usr_id)) {
             $return = true;
         } elseif (!empty($details['iss_grp_id']) && !empty($usr_details['usr_grp_id']) && $details['iss_grp_id'] == $usr_details['usr_grp_id']) {
             $return = true;
         } elseif (Authorized_Replier::isUserAuthorizedReplier($issue_id, $usr_id)) {
             $return = true;
         } else {
             $return = false;
         }
     } elseif (Auth::getCurrentRole() == User::getRoleID('Reporter') && Project::getSegregateReporters($prj_id) && $details['iss_usr_id'] != $usr_id && !Authorized_Replier::isUserAuthorizedReplier($issue_id, $usr_id)) {
         return false;
     } else {
         $return = true;
     }
     $access[$issue_id . '-' . $usr_id] = $return;
     return $return;
 }
Example #17
0
 /**
  * Method to determine if user can access a particular issue
  *
  * @access  public
  * @param   integer $issue_id The ID of the issue.
  * @param   integer $usr_id The ID of the user
  * @return  boolean If the user can access the issue
  */
 function canAccess($issue_id, $usr_id)
 {
     static $access;
     if (empty($issue_id)) {
         return true;
     }
     if (isset($access[$issue_id . "-" . $usr_id])) {
         return $access[$issue_id . "-" . $usr_id];
     }
     $details = Issue::getDetails($issue_id);
     if (empty($details)) {
         return true;
     }
     $usr_details = User::getDetails($usr_id);
     $usr_role = User::getRoleByUser($usr_id, $details['iss_prj_id']);
     $prj_id = Issue::getProjectID($issue_id);
     // check customer permissions
     if (Customer::hasCustomerIntegration($details['iss_prj_id']) && $usr_role == User::getRoleID("Customer") && $details['iss_customer_id'] != $usr_details['usr_customer_id']) {
         $return = false;
     } elseif ($details['iss_private'] == 1) {
         // check if the issue is even private
         // check role, reporter, assigment and group
         if (User::getRoleByUser($usr_id, $details['iss_prj_id']) > User::getRoleID("Developer")) {
             $return = true;
         } elseif ($details['iss_usr_id'] == $usr_id) {
             $return = true;
         } elseif (Issue::isAssignedToUser($issue_id, $usr_id)) {
             $return = true;
         } elseif (!empty($details['iss_grp_id']) && !empty($usr_details['usr_grp_id']) && $details['iss_grp_id'] == $usr_details['usr_grp_id']) {
             $return = true;
         } elseif (Authorized_Replier::isUserAuthorizedReplier($issue_id, $usr_id)) {
             $return = true;
         } else {
             $return = false;
         }
     } elseif (Auth::getCurrentRole() <= User::getRoleID("Standard User") && Project::getSegregateReporters($prj_id) && $details['iss_usr_id'] != $usr_id && !Issue::isAssignedToUser($issue_id, $usr_id) && !Authorized_Replier::isUserAuthorizedReplier($issue_id, $usr_id)) {
         return false;
     } else {
         $return = true;
     }
     $access[$issue_id . "-" . $usr_id] = $return;
     return $return;
 }
 /**
  * Processes the template and assign common variables automatically.
  * @return $this
  */
 private function processTemplate()
 {
     $core = array('rel_url' => APP_RELATIVE_URL, 'base_url' => APP_BASE_URL, 'app_title' => APP_NAME, 'app_version' => APP_VERSION, 'app_setup' => Setup::load(), 'messages' => Misc::getMessages(), 'roles' => User::getAssocRoleIDs(), 'auth_backend' => APP_AUTH_BACKEND, 'current_url' => $_SERVER['PHP_SELF']);
     // If VCS version is present "Eventum 2.3.3-148-g78b3368", link ref to github
     $vcsVersion = self::getVcsVersion();
     if ($vcsVersion) {
         $link = "https://github.com/eventum/eventum/commit/{$vcsVersion}";
         $core['application_version_link'] = $link;
         // append VCS version if not yet there
         if (!preg_match('/-g[0-9a-f]+$/', APP_VERSION)) {
             $core['app_version'] = "v{$core['app_version']}-g{$vcsVersion}";
         }
     }
     $usr_id = Auth::getUserID();
     if ($usr_id) {
         $core['user'] = User::getDetails($usr_id);
         $prj_id = Auth::getCurrentProject();
         $setup = Setup::load();
         if (!empty($prj_id)) {
             $role_id = User::getRoleByUser($usr_id, $prj_id);
             $has_crm = CRM::hasCustomerIntegration($prj_id);
             $core = $core + array('project_id' => $prj_id, 'project_name' => Auth::getCurrentProjectName(), 'has_crm' => $has_crm, 'current_role' => $role_id, 'current_role_name' => User::getRole($role_id), 'feature_access' => Access::getFeatureAccessArray($usr_id));
             if ($has_crm) {
                 $crm = CRM::getInstance($prj_id);
                 $core['crm_template_path'] = $crm->getTemplatePath();
                 if ($role_id == User::getRoleID('Customer')) {
                     try {
                         $contact = $crm->getContact($core['user']['usr_customer_contact_id']);
                         $core['allowed_customers'] = $contact->getCustomers();
                         $core['current_customer'] = $crm->getCustomer(Auth::getCurrentCustomerID(false));
                     } catch (CRMException $e) {
                     }
                 }
             }
         }
         $info = User::getDetails($usr_id);
         $raw_projects = Project::getAssocList(Auth::getUserID(), false, true);
         $active_projects = array();
         foreach ($raw_projects as $prj_id => $prj_info) {
             if ($prj_info['status'] == 'archived') {
                 $prj_info['prj_title'] .= ' ' . ev_gettext('(archived)');
             }
             $active_projects[$prj_id] = $prj_info['prj_title'];
         }
         $core = $core + array('active_projects' => $active_projects, 'current_full_name' => $info['usr_full_name'], 'current_email' => $info['usr_email'], 'current_user_id' => $usr_id, 'current_user_datetime' => Date_Helper::getISO8601date('now', '', true), 'is_current_user_clocked_in' => User::isCLockedIn($usr_id), 'is_anon_user' => Auth::isAnonUser(), 'is_current_user_partner' => !empty($info['usr_par_code']), 'roles' => User::getAssocRoleIDs(), 'current_user_prefs' => Prefs::get(Auth::getUserID()));
         $this->assign('current_full_name', $core['user']['usr_full_name']);
         $this->assign('current_email', $core['user']['usr_email']);
         $this->assign('current_user_id', $usr_id);
         $this->assign('handle_clock_in', $setup['handle_clock_in'] == 'enabled');
         $this->assign('is_current_user_clocked_in', User::isClockedIn($usr_id));
         $this->assign('roles', User::getAssocRoleIDs());
     }
     $this->assign('core', $core);
     return $this;
 }
Example #19
0
 /**
  * Returns the data used by the weekly report.
  *
  * @access  public
  * @param   string $usr_id The ID of the user this report is for.
  * @param   string The start date of this report.
  * @param   string The end date of this report.
  * @param   boolean If closed issues should be separated from other issues.
  * @return  array An array of data containing all the elements of the weekly report.
  */
 function getWeeklyReport($usr_id, $start, $end, $separate_closed = false)
 {
     $usr_id = Misc::escapeInteger($usr_id);
     // figure out timezone
     $user_prefs = Prefs::get($usr_id);
     $tz = @$user_prefs["timezone"];
     $start_dt = new Date();
     $end_dt = new Date();
     // set timezone to that of user.
     $start_dt->setTZById($tz);
     $end_dt->setTZById($tz);
     // set the dates in the users time zone
     $start_dt->setDate($start . " 00:00:00");
     $end_dt->setDate($end . " 23:59:59");
     // convert time to GMT
     $start_dt->toUTC();
     $end_dt->toUTC();
     $start_ts = $start_dt->getDate();
     $end_ts = $end_dt->getDate();
     $time_tracking = Time_Tracking::getSummaryByUser($usr_id, $start_ts, $end_ts);
     // replace spaces in index with _ and calculate total time
     $total_time = 0;
     foreach ($time_tracking as $category => $data) {
         unset($time_tracking[$category]);
         $time_tracking[str_replace(" ", "_", $category)] = $data;
         $total_time += $data["total_time"];
     }
     // get count of issues assigned in week of report.
     $stmt = "SELECT\n                    COUNT(*)\n                 FROM\n                    " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "issue,\n                    " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "issue_user,\n                    " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "status\n                 WHERE\n                    iss_id = isu_iss_id AND\n                    iss_sta_id = sta_id AND\n                    isu_usr_id = {$usr_id} AND\n                    isu_assigned_date BETWEEN '{$start_ts}' AND '{$end_ts}'";
     $newly_assigned = $GLOBALS["db_api"]->dbh->getOne($stmt);
     if (PEAR::isError($newly_assigned)) {
         Error_Handler::logError(array($newly_assigned->getMessage(), $newly_assigned->getDebugInfo()), __FILE__, __LINE__);
     }
     $email_count = array("associated" => Support::getSentEmailCountByUser($usr_id, $start_ts, $end_ts, true), "other" => Support::getSentEmailCountByUser($usr_id, $start_ts, $end_ts, false));
     $data = array("start" => str_replace('-', '.', $start), "end" => str_replace('-', '.', $end), "user" => User::getDetails($usr_id), "group_name" => Group::getName(User::getGroupID($usr_id)), "issues" => History::getTouchedIssuesByUser($usr_id, $start_ts, $end_ts, $separate_closed), "status_counts" => History::getTouchedIssueCountByStatus($usr_id, $start_ts, $end_ts), "new_assigned_count" => $newly_assigned, "time_tracking" => $time_tracking, "email_count" => $email_count, "phone_count" => Phone_Support::getCountByUser($usr_id, $start_ts, $end_ts), "note_count" => Note::getCountByUser($usr_id, $start_ts, $end_ts), "total_time" => Misc::getFormattedTime($total_time, false));
     return $data;
 }
Example #20
0
 public static function getExternalID($usr_id)
 {
     $details = User::getDetails($usr_id);
     return $details['usr_external_id'];
 }
 public function verifyPassword($login, $password)
 {
     // check if this is an ldap or internal
     $usr_id = self::getUserIDByLogin($login);
     $local_user_info = User::getDetails($usr_id);
     if (empty($local_user_info['usr_external_id'])) {
         return Auth::getFallBackAuthBackend()->verifyPassword($login, $password);
     }
     $user_info = $this->validatePassword($local_user_info['usr_external_id'], $password);
     return $user_info != null;
 }
Example #22
0
 /**
  * Method used to get the previous and next issues that are available
  * according to the current search parameters.
  *
  * @param   integer $issue_id The issue ID
  * @param   array $options The search parameters
  * @return  array The list of issues
  */
 public static function getSides($issue_id, $options)
 {
     $usr_id = Auth::getUserID();
     $role_id = Auth::getCurrentRole();
     $usr_details = User::getDetails($usr_id);
     $stmt = 'SELECT
                 iss_id,
                 ' . self::getLastActionFields() . '
              FROM
                 (
                 {{%issue}},
                 {{%user}}';
     // join custom fields if we are searching by custom fields
     if (is_array($options['custom_field']) && count($options['custom_field']) > 0) {
         foreach ($options['custom_field'] as $fld_id => $search_value) {
             if (empty($search_value)) {
                 continue;
             }
             $field = Custom_Field::getDetails($fld_id);
             if ($field['fld_type'] == 'date' && (empty($search_value['Year']) || empty($search_value['Month']) || empty($search_value['Day']))) {
                 continue;
             }
             if ($field['fld_type'] == 'integer' && empty($search_value['value'])) {
                 continue;
             }
             if ($field['fld_type'] == 'multiple') {
                 $search_value = Misc::escapeString($search_value);
                 foreach ($search_value as $cfo_id) {
                     $stmt .= ",\n {{%issue_custom_field}} as cf" . $fld_id . '_' . $cfo_id . "\n";
                 }
             } else {
                 $stmt .= ",\n {{%issue_custom_field}} as cf" . $fld_id . "\n";
             }
         }
     }
     $stmt .= ')';
     // check for the custom fields we want to sort by
     if (strstr($options['sort_by'], 'custom_field') !== false) {
         $fld_id = str_replace('custom_field_', '', $options['sort_by']);
         $stmt .= "\n LEFT JOIN {{%issue_custom_field}} as cf_sort\n                ON\n                    (cf_sort.icf_iss_id = iss_id AND cf_sort.icf_fld_id = {$fld_id}) \n";
     }
     if (!empty($options['users']) || @$options['sort_by'] == 'isu_usr_id') {
         $stmt .= '
              LEFT JOIN
                 {{%issue_user}}
              ON
                 isu_iss_id=iss_id';
     }
     if (!empty($options['show_authorized_issues']) || $role_id == User::ROLE_REPORTER && Project::getSegregateReporters(Auth::getCurrentProject())) {
         $stmt .= '
              LEFT JOIN
                 {{%issue_user_replier}}
              ON
                 iur_iss_id=iss_id';
     }
     if (!empty($options['show_notification_list_issues'])) {
         $stmt .= '
              LEFT JOIN
                 {{%subscription}}
              ON
                 sub_iss_id=iss_id';
     }
     if (!empty($options['product'])) {
         $stmt .= '
              LEFT JOIN
                 {{%issue_product_version}}
              ON
                 ipv_iss_id=iss_id';
     }
     if (@$options['sort_by'] == 'pre_scheduled_date') {
         $stmt .= '
              LEFT JOIN
                 {{%project_release}}
              ON
                 iss_pre_id = pre_id';
     }
     if (@$options['sort_by'] == 'prc_title') {
         $stmt .= '
              LEFT JOIN
                 {{%project_category}}
              ON
                 iss_prc_id = prc_id';
     }
     if (!empty($usr_details['usr_par_code'])) {
         // restrict partners
         $stmt .= '
              LEFT JOIN
                 {{%issue_partner}}
              ON
                 ipa_iss_id=iss_id';
     }
     $stmt .= '
              LEFT JOIN
                 {{%status}}
              ON
                 iss_sta_id=sta_id
              LEFT JOIN
                 {{%project_priority}}
              ON
                 iss_pri_id=pri_id
              LEFT JOIN
                 {{%project_severity}}
              ON
                 iss_sev_id=sev_id
              WHERE
                 iss_prj_id=' . Auth::getCurrentProject();
     $stmt .= Search::buildWhereClause($options);
     if (strstr($options['sort_by'], 'custom_field') !== false) {
         $fld_details = Custom_Field::getDetails($fld_id);
         $sort_by = 'cf_sort.' . Custom_Field::getDBValueFieldNameByType($fld_details['fld_type']);
     } else {
         $sort_by = Misc::escapeString($options['sort_by']);
     }
     $stmt .= '
              GROUP BY
                 iss_id
              ORDER BY
                 ' . $sort_by . ' ' . Misc::escapeString($options['sort_order']) . ',
                 iss_id DESC';
     try {
         $res = DB_Helper::getInstance()->getColumn($stmt);
     } catch (DbException $e) {
         return '';
     }
     $index = array_search($issue_id, $res);
     if (!empty($res[$index + 1])) {
         $next = $res[$index + 1];
     }
     if (!empty($res[$index - 1])) {
         $previous = $res[$index - 1];
     }
     return array('next' => @$next, 'previous' => @$previous);
 }
Example #23
0
     $tpl->assign("show_setup_links", true);
     $excluded_roles = array('customer');
 } else {
     $excluded_roles = array('customer', 'administrator');
 }
 if (@$HTTP_POST_VARS["cat"] == "new") {
     $tpl->assign("result", User::insert());
 } elseif (@$HTTP_POST_VARS["cat"] == "update") {
     $tpl->assign("result", User::update());
 } elseif (@$HTTP_POST_VARS["cat"] == "change_status") {
     User::changeStatus();
 }
 $project_roles = array();
 $project_list = Project::getAll();
 if (@$HTTP_GET_VARS["cat"] == "edit") {
     $info = User::getDetails($HTTP_GET_VARS["id"]);
     $tpl->assign("info", $info);
 }
 foreach ($project_list as $prj_id => $prj_title) {
     if (@$info['roles'][$prj_id]['pru_role'] == User::getRoleID('Customer')) {
         if (count($excluded_roles) == 1) {
             $excluded_roles = false;
         } else {
             $excluded_roles = array('administrator');
         }
     }
     if (@$info['roles'][$prj_id]['pru_role'] == User::getRoleID("administrator")) {
         $excluded_roles = false;
     }
     $project_roles[$prj_id] = $user_roles = array(0 => "No Access") + User::getRoles($excluded_roles);
 }
Example #24
0
 /**
  * Returns the data used by the weekly report.
  *
  * @param string $usr_id The ID of the user this report is for.
  * @param int $prj_id The project id
  * @param string|DateTime $start The start date of this report.
  * @param string|DateTime $end The end date of this report.
  * @param array $options extra options for report:
  * - $separate_closed If closed issues should be separated from other issues.
  * - $ignore_statuses If issue status changes should be ignored in report.
  * - $separate_not_assigned_to_user Separate Issues Not Assigned to User
  * - $show_per_issue Add time spent on issue to issues
  * - $separate_no_time Separate No time spent issues
  * @return array An array of data containing all the elements of the weekly report.
  */
 public static function getWeeklyReport($usr_id, $prj_id, $start, $end, $options = array())
 {
     // figure out timezone
     $user_prefs = Prefs::get($usr_id);
     $tz = $user_prefs['timezone'];
     // if start or end is string, convert assume min and max date are specified
     if (!$start instanceof DateTime) {
         $start = Date_Helper::getDateTime($start, $tz)->setTime(0, 0, 0);
     }
     if (!$end instanceof DateTime) {
         $end = Date_Helper::getDateTime($end, $tz)->setTime(23, 59, 59);
     }
     $start_ts = Date_Helper::getSqlDateTime($start);
     $end_ts = Date_Helper::getSqlDateTime($end);
     $time_tracking = Time_Tracking::getSummaryByUser($usr_id, $prj_id, $start_ts, $end_ts);
     // replace spaces in index with _ and calculate total time
     $total_time = 0;
     foreach ($time_tracking as $category => $data) {
         unset($time_tracking[$category]);
         $time_tracking[str_replace(' ', '_', $category)] = $data;
         $total_time += $data['total_time'];
     }
     // get count of issues assigned in week of report.
     $stmt = 'SELECT
                 COUNT(*)
              FROM
                 {{%issue}},
                 {{%issue_user}},
                 {{%status}}
              WHERE
                 iss_id = isu_iss_id AND
                 iss_sta_id = sta_id AND
                 isu_usr_id = ? AND
                 iss_prj_id = ? AND
                 isu_assigned_date BETWEEN ? AND ?';
     $params = array($usr_id, Auth::getCurrentProject(), $start_ts, $end_ts);
     try {
         $newly_assigned = DB_Helper::getInstance()->getOne($stmt, $params);
     } catch (DbException $e) {
         $newly_assigned = null;
     }
     $email_count = array('associated' => Support::getSentEmailCountByUser($usr_id, $start_ts, $end_ts, true), 'other' => Support::getSentEmailCountByUser($usr_id, $start_ts, $end_ts, false));
     $htt_exclude = array();
     if (!empty($options['ignore_statuses'])) {
         $htt_exclude[] = 'status_changed';
         $htt_exclude[] = 'status_auto_changed';
         $htt_exclude[] = 'remote_status_change';
     }
     $issue_list = History::getTouchedIssuesByUser($usr_id, $prj_id, $start_ts, $end_ts, $htt_exclude);
     $issues = array('no_time' => array(), 'not_mine' => array(), 'closed' => array(), 'other' => array());
     // organize issues into categories
     if ($issue_list) {
         if (!empty($options['show_per_issue']) || !empty($options['separate_no_time'])) {
             Time_Tracking::fillTimeSpentByIssueAndTime($issue_list, $usr_id, $start_ts, $end_ts);
         }
         foreach ($issue_list as $row) {
             if (!empty($row['iss_customer_id']) && CRM::hasCustomerIntegration($row['iss_prj_id'])) {
                 $row['customer_name'] = CRM::getCustomerName($row['iss_prj_id'], $row['iss_customer_id']);
             } else {
                 $row['customer_name'] = null;
             }
             if (!empty($options['separate_closed']) && $row['sta_is_closed'] == 1) {
                 $issues['closed'][] = $row;
             } elseif (!empty($options['separate_not_assigned_to_user']) && !Issue::isAssignedToUser($row['iss_id'], $usr_id)) {
                 $issues['not_mine'][] = $row;
             } elseif (!empty($options['separate_no_time']) && empty($row['it_spent'])) {
                 $issues['no_time'][] = $row;
             } else {
                 $issues['other'][] = $row;
             }
         }
         $sort_function = function ($a, $b) {
             return strcasecmp($a['customer_name'], $b['customer_name']);
         };
         usort($issues['closed'], $sort_function);
         usort($issues['other'], $sort_function);
     }
     return array('start' => $start_ts, 'end' => $end_ts, 'user' => User::getDetails($usr_id), 'group_name' => Group::getName(User::getGroupID($usr_id)), 'issues' => $issues, 'status_counts' => History::getTouchedIssueCountByStatus($usr_id, $prj_id, $start_ts, $end_ts), 'new_assigned_count' => $newly_assigned, 'time_tracking' => $time_tracking, 'email_count' => $email_count, 'phone_count' => Phone_Support::getCountByUser($usr_id, $start_ts, $end_ts), 'note_count' => Note::getCountByUser($usr_id, $start_ts, $end_ts), 'total_time' => Misc::getFormattedTime($total_time, false));
 }
Example #25
0
 /**
  * If the partner can edit the issue.
  *
  * @param integer   $issue_id
  * @param integer   $usr_id
  * @return bool
  */
 public static function canUpdateIssue($issue_id, $usr_id)
 {
     $usr_details = User::getDetails($usr_id);
     if (!empty($usr_details['usr_par_code'])) {
         $backend = self::getBackend($usr_details['usr_par_code']);
         return $backend->canUpdateIssue($issue_id, $usr_id);
     }
     return null;
 }
Example #26
0
 /**
  * Creates a fake cookie so processes not run from a browser can access current user and project
  *
  * @param   integer $usr_id The ID of the user.
  * @param   integer $prj_id The ID of the project.
  */
 function createFakeCookie($usr_id, $project = false)
 {
     global $HTTP_COOKIE_VARS;
     include_once APP_INC_PATH . "private_key.php";
     $user_details = User::getDetails($usr_id);
     $time = time();
     $cookie = array("email" => $user_details['usr_email'], "login_time" => $time, "hash" => md5($GLOBALS["private_key"] . md5($time) . $user_details['usr_email']), "autologin" => 0);
     $HTTP_COOKIE_VARS[APP_COOKIE] = base64_encode(serialize($cookie));
     if ($project) {
         $cookie = array("prj_id" => $project, "remember" => false);
     }
     $HTTP_COOKIE_VARS[APP_PROJECT_COOKIE] = base64_encode(serialize($cookie));
 }
Example #27
0
$res = null;
if ($cat == 'update_account') {
    $preferences = $_POST;
    // if the user is trying to upload a new signature, override any changes to the textarea
    if (!empty($_FILES['file_signature']['name'])) {
        $preferences['email_signature'] = file_get_contents($_FILES['file_signature']['tmp_name']);
    }
    $res = Prefs::set($usr_id, $preferences);
    User::updateSMS($usr_id, @$_POST['sms_email']);
} elseif ($cat == 'update_name') {
    $res = User::updateFullName($usr_id);
} elseif ($cat == 'update_email') {
    $res = User::updateEmail($usr_id);
} elseif ($cat == 'update_password') {
    $res = Auth::updatePassword($usr_id, $_POST['new_password'], $_POST['confirm_password']);
}
if ($res == 1) {
    Misc::setMessage(ev_gettext('Your information has been updated'));
} elseif ($res == -1) {
    Misc::setMessage(ev_gettext('Sorry, there was an error updating your information'), Misc::MSG_ERROR);
}
$prefs = Prefs::get($usr_id);
$prefs['sms_email'] = User::getSMS($usr_id);
$tpl->assign('user_prefs', $prefs);
$tpl->assign('user_info', User::getDetails($usr_id));
$tpl->assign('assigned_projects', Project::getAssocList($usr_id, false, true));
$tpl->assign('zones', Date_Helper::getTimezoneList());
$tpl->assign('avail_langs', Language::getAvailableLanguages());
$tpl->assign('current_locale', User::getLang($usr_id, true));
$tpl->assign(array('can_update_name' => Auth::canUserUpdateName($usr_id), 'can_update_email' => Auth::canUserUpdateEmail($usr_id), 'can_update_password' => Auth::canUserUpdatePassword($usr_id)));
$tpl->displayTemplate();