/**
  * Get list of contacts to notify at location item
  *
  * @param array $data location_id and location_item_id
  * @return array content.
  */
 public function read($data = array())
 {
     if (!isset($data['location_id']) || !isset($data['location_item_id']) || !$data['location_item_id']) {
         return array();
     }
     $location_id = (int) $data['location_id'];
     $location_item_id = $data['location_item_id'];
     // in case of bigint
     $sql = "SELECT phpgw_notification.id, phpgw_notification.contact_id,phpgw_notification.user_id," . " phpgw_notification.is_active,phpgw_notification.entry_date,phpgw_notification.notification_method," . " first_name, last_name" . " FROM phpgw_notification" . " {$this->_join} phpgw_contact_person ON phpgw_notification.contact_id = phpgw_contact_person.person_id" . " WHERE location_id = {$location_id} AND location_item_id = '{$location_item_id}'";
     $this->_db->query($sql, __LINE__, __FILE__);
     $values = array();
     $dateformat = $GLOBALS['phpgw_info']['user']['preferences']['common']['dateformat'];
     $lang_yes = lang('yes');
     $lang_no = lang('no');
     while ($this->_db->next_record()) {
         $values[] = array('id' => $this->_db->f('id'), 'location_id' => $location_id, 'location_item_id' => $location_item_id, 'contact_id' => $this->_db->f('contact_id'), 'is_active' => $this->_db->f('is_active'), 'notification_method' => $this->_db->f('notification_method', true), 'user_id' => $this->_db->f('user_id'), 'entry_date' => $GLOBALS['phpgw']->common->show_date($this->_db->f('entry_date'), $dateformat), 'first_name' => $this->_db->f('first_name', true), 'last_name' => $this->_db->f('last_name', true));
     }
     $contacts = CreateObject('phpgwapi.contacts');
     $socommon = CreateObject('property.socommon');
     foreach ($values as &$entry) {
         $comms = execMethod('addressbook.boaddressbook.get_comm_contact_data', $entry['contact_id']);
         $entry['email'] = $comms[$entry['contact_id']]['work email'];
         $entry['sms'] = $comms[$entry['contact_id']]['mobile (cell) phone'];
         $entry['is_active_text'] = $entry['is_active'] ? $lang_yes : $lang_no;
         $sql = "SELECT account_id FROM phpgw_accounts WHERE person_id = " . (int) $entry['contact_id'];
         $this->_db->query($sql, __LINE__, __FILE__);
         if ($this->_db->next_record()) {
             $account_id = $this->_db->f('account_id');
             $prefs = $socommon->create_preferences('property', $account_id);
             $entry['email'] = isset($entry['email']) && $entry['email'] ? $entry['email'] : $prefs['email'];
             $entry['sms'] = isset($entry['sms']) && $entry['sms'] ? $entry['sms'] : $prefs['cellphone'];
         }
     }
     return $values;
 }
 /**
  * Load the config values for the current module
  * @todo change to protected
  *
  * @return array the config values
  */
 public function read_repository()
 {
     $this->config_data = array();
     $this->db->query("SELECT * FROM phpgw_config WHERE config_app='{$this->module}'", __LINE__, __FILE__);
     while ($this->db->next_record()) {
         $test = @unserialize($this->db->f('config_value', true));
         if ($test) {
             $this->config_data[$this->db->f('config_name')] = $test;
         } else {
             $this->config_data[$this->db->f('config_name')] = $this->db->f('config_value', true);
         }
     }
     return $this->config_data;
 }
 /**
  * Get the name of the handler
  *
  * @param string $email the target email address
  * @return array the message handler - empty array means not found or user doesn't have access to the app
  */
 function get_handler($email)
 {
     $email = $this->db->db_addslashes($email);
     $sql = "SELECT handler_id, handler, is_active FROM phpgw_mail_handler WHERE target_email = '{$email}' AND is_active = 1";
     $this->db->query($sql, __LINE__, __FILE__);
     if ($this->db->next_record()) {
         $retval = array('handler_id' => $this->db->f('handler_id', true), 'handler' => $this->db->f('handler', true), 'is_active' => !!$this->db->f('is_active'));
         $handler_parts = explode('.', $retval['handler']);
         // app.class.method
         if (isset($GLOBALS['phpgw_info']['user']['apps'][$handler_parts[0]])) {
             return $retval;
         }
     }
     return array();
 }
 /**
  * Find locations within an application
  *
  * @param bool   $grant          Used for finding locations where users can grant rights to others
  * @param string $appname        Name of application in question
  * @param bool   $allow_c_attrib Used for finding locations where custom attributes can be applied
  * @param bool   $have_categories for finding locations which have categories
  *
  * @return array Array locations
  */
 public function get_locations($grant = false, $appname = '', $allow_c_attrib = false, $c_function = false, $have_categories = false)
 {
     if (!$appname) {
         $appname = $GLOBALS['phpgw_info']['flags']['currentapp'];
     }
     $appname = $this->_db->db_addslashes($appname);
     $filter = " WHERE app_name='{$appname}' AND phpgw_locations.name != 'run'";
     $join_categories = '';
     if ($have_categories) {
         $join_categories = "{$this->_join} phpgw_categories ON phpgw_locations.location_id = phpgw_categories.location_id";
     }
     if ($allow_c_attrib) {
         $filter .= ' AND allow_c_attrib = 1';
     }
     if ($grant) {
         $filter .= ' AND allow_grant = 1';
     }
     if ($c_function) {
         $filter .= ' AND allow_c_function = 1';
     }
     $sql = "SELECT phpgw_locations.location_id, phpgw_locations.name, phpgw_locations.descr FROM phpgw_locations" . " {$this->_join} phpgw_applications ON phpgw_locations.app_id = phpgw_applications.app_id" . " {$join_categories}" . " {$filter} ORDER BY phpgw_locations.name";
     $this->_db->query($sql, __LINE__, __FILE__);
     $locations = array();
     while ($this->_db->next_record()) {
         $locations[$this->_db->f('name')] = $this->_db->f('descr', true);
     }
     return $locations;
 }
 public function get_total_cost_and_area($org_units = array(), $selected_location = '')
 {
     if (!$org_units) {
         return array();
     }
     $ts = time();
     $filtermethod = 'WHERE rental_party.id IN (' . implode(',', $org_units) . ')';
     //active contract
     $filtermethod .= " AND ({$ts} >= rental_contract.date_start AND (rental_contract.date_end IS NULL OR {$ts} <= rental_contract.date_end))";
     $join_method = '';
     if ($selected_location) {
         $filtermethod .= " AND location_code {$this->_db->like} '{$selected_location}%'";
         $join_method = " {$this->_db->join} rental_contract_composite ON (rental_contract.id = rental_contract_composite.contract_id)" . " {$this->_db->join} rental_composite ON (rental_contract_composite.composite_id = rental_composite.id)" . " {$this->_db->join} rental_unit ON (rental_composite.id = rental_unit.composite_id) ";
     }
     $sql = "SELECT sum(total_price::numeric) AS sum_total_price FROM" . " rental_contract {$this->_db->join} rental_contract_party ON (rental_contract.id = rental_contract_party.contract_id)" . " {$this->_db->join} rental_party ON (rental_party.id = rental_contract_party.party_id)" . " {$this->_db->join} rental_contract_price_item ON (rental_contract.id  = rental_contract_price_item.contract_id)" . " {$join_method}{$filtermethod} AND NOT is_one_time";
     $this->_db->query($sql, __LINE__, __FILE__);
     $values = array();
     $this->_db->next_record();
     $values['sum_total_price'] = $this->_db->f('sum_total_price');
     $sql = "SELECT sum(rental_contract.rented_area::numeric) AS sum_total_area FROM" . " rental_contract {$this->_db->join} rental_contract_party ON (rental_contract.id = rental_contract_party.contract_id)" . " {$this->_db->join} rental_party ON (rental_party.id = rental_contract_party.party_id)" . " {$join_method}{$filtermethod}";
     $this->_db->query($sql, __LINE__, __FILE__);
     $this->_db->next_record();
     $values['sum_total_area'] = $this->_db->f('sum_total_area');
     return $values;
 }
 /**
  * Change the order functions
  *
  * @param integer $id       the function to reposition
  * @param string  $resort   the direction to move the item - up/down
  * @param string  $appname  the module for the function
  * @param string  $location the location for the function
  *
  * @return bool was the item moved?
  */
 public function resort($id, $resort, $appname, $location)
 {
     if (!$location || !$appname) {
         return false;
     }
     $id = (int) $id;
     if ($resort == 'down') {
         $resort = 'down';
     } else {
         $resort = 'up';
     }
     $location_id = $GLOBALS['phpgw']->locations->get_id($appname, $location);
     $this->_db->transaction_begin();
     $sql = 'SELECT custom_sort FROM phpgw_cust_function' . " WHERE location_id = {$location_id} AND id = {$id}";
     $this->_db->query($sql, __LINE__, __FILE__);
     $this->_db->next_record();
     $custom_sort = $this->_db->f('custom_sort');
     $sql = 'SELECT MAX(custom_sort) AS max_sort FROM phpgw_cust_function' . " WHERE location_id = {$location_id}";
     $this->_db->query($sql, __LINE__, __FILE__);
     $this->_db->next_record();
     $max_sort = $this->_db->f('max_sort');
     $update = false;
     switch ($resort) {
         case 'down':
             if ($max_sort > $custom_sort) {
                 $new_sort = $custom_sort + 1;
                 $update = true;
             }
             break;
         case 'up':
         default:
             if ($custom_sort > 1) {
                 $new_sort = $custom_sort - 1;
                 $update = true;
             }
             break;
     }
     if (!$update) {
         // nothing to be done - assume all is ok
         return true;
     }
     $sql = "UPDATE phpgw_cust_function SET custom_sort = {$custom_sort}" . " WHERE location_id = {$location_id}" . " AND custom_sort = {$new_sort}";
     $this->_db->query($sql, __LINE__, __FILE__);
     $sql = "UPDATE phpgw_cust_function SET custom_sort = {$new_sort}" . " WHERE  location_id = {$location_id} AND id = {$id}";
     $this->_db->query($sql, __LINE__, __FILE__);
     return $this->_db->transaction_commit();
 }
 /**
  * Protect against brute force attacks, block login if too many unsuccessful login attmepts
  *
  * @param string $login account_lid (evtl. with domain)
  * @param string $ip    the ip that made the request
  *
  * @return boolean login blocked?
  */
 protected function _login_blocked($login, $ip)
 {
     $blocked = false;
     $block_time = time() - $GLOBALS['phpgw_info']['server']['block_time'] * 60;
     $ip = $this->_db->db_addslashes($ip);
     if (isset($GLOBALS['phpgw_info']['server']['sessions_checkip']) && $GLOBALS['phpgw_info']['server']['sessions_checkip']) {
         $sql = 'SELECT COUNT(*) AS cnt FROM phpgw_access_log' . " WHERE account_id = 0 AND ip = '{$ip}' AND li > {$block_time}";
         $this->_db->query($sql, __LINE__, __FILE__);
         $this->_db->next_record();
         $false_ip = $this->_db->f('cnt');
         if ($false_ip > $GLOBALS['phpgw_info']['server']['num_unsuccessful_ip']) {
             $blocked = true;
         }
     }
     $login = $this->_db->db_addslashes($login);
     $sql = 'SELECT COUNT(*) AS cnt FROM phpgw_access_log' . " WHERE account_id = 0 AND (loginid='{$login}' OR loginid LIKE '{$login}#%')" . " AND li > {$block_time}";
     $this->_db->query($sql, __LINE__, __FILE__);
     $this->_db->next_record();
     $false_id = $this->_db->f('cnt');
     if ($false_id > $GLOBALS['phpgw_info']['server']['num_unsuccessful_id']) {
         $blocked = true;
     }
     if ($blocked && isset($GLOBALS['phpgw_info']['server']['admin_mails']) && $GLOBALS['phpgw_info']['server']['admin_mails'] && $GLOBALS['phpgw_info']['server']['login_blocked_mail_time'] < (time() - 5) * 60) {
         // notify admin(s) via email
         $from = 'phpGroupWare@' . $GLOBALS['phpgw_info']['server']['mail_suffix'];
         $subject = lang("phpGroupWare: login blocked for user '%1', IP: %2", $login, $ip);
         $body = lang('Too many unsuccessful attempts to login: '******'%2', %3 for the IP %4", $false_id, $login, $false_ip, $ip);
         if (!is_object($GLOBALS['phpgw']->send)) {
             $GLOBALS['phpgw']->send = createObject('phpgwapi.send');
         }
         $subject = $GLOBALS['phpgw']->send->encode_subject($subject);
         $admin_mails = explode(',', $GLOBALS['phpgw_info']['server']['admin_mails']);
         foreach ($admin_mails as $to) {
             $GLOBALS['phpgw']->send->msg('email', $to, $subject, $body, '', '', '', $from, $from);
         }
         // save time of mail, to not send to many mails
         $config = createObject('phpgwapi.config', 'phpgwapi');
         $config->read_repository();
         $config->value('login_blocked_mail_time', time());
         $config->save_repository();
     }
     return $blocked;
 }
 /**
  * Get entry date of the related item
  *
  * @param string  $appname  		  the application name for the location
  * @param string  $origin_location the location name of the origin
  * @param string  $target_location the location name of the target
  * @param integer $id			  id of the referenced item (parent)
  * @param integer $entity_id		  id of the entity type if the type is a entity
  * @param integer $cat_id		  id of the entity_category type if the type is a entity
  *
  * @return array date_info and link to related items
  */
 public function get_child_date($appname, $origin_location, $target_location, $id, $entity_id = '', $cat_id = '')
 {
     $dateformat = $GLOBALS['phpgw_info']['user']['preferences']['common']['dateformat'];
     $location1_id = $GLOBALS['phpgw']->locations->get_id($appname, $origin_location);
     $location2_id = $GLOBALS['phpgw']->locations->get_id($appname, $target_location);
     $sql = "SELECT entry_date, location2_item_id FROM phpgw_interlink WHERE location1_item_id = {$id} AND location1_id = {$location1_id} AND location2_id = {$location2_id}";
     $this->_db->query($sql, __LINE__, __FILE__);
     $date_info = array();
     while ($this->_db->next_record()) {
         $date_info[] = array('entry_date' => $GLOBALS['phpgw']->common->show_date($this->_db->f('entry_date'), $dateformat), 'target_id' => $this->_db->f('location2_item_id'));
     }
     foreach ($date_info as &$entry) {
         $entry['link'] = $this->get_relation_link(array('location' => $target_location), $entry['target_id']);
         if ($cat_id) {
             $entry['descr'] = $this->soadmin_entity->read_category_name($entity_id, $cat_id);
         } else {
             $entry['descr'] = lang($target_location);
         }
     }
     return array('date_info' => $date_info);
 }
 /**
  * List available links
  *
  * @param string $app the module to link to
  * @param string $loc the location to link to
  * @param int $id the id to link to
  * @return array list of links in the following format - ['link_id'] = array('app' => 'string', 'summary' => 'string', 'account_id' => int, 'view' => 'string', 'edit' => 'string')
  */
 public function list_links($app, $loc, $id)
 {
     $app = $this->db->db_addslashes($app);
     $loc = (int) $loc;
     $id = (int) $id;
     $owner = (int) $GLOBALS['phpgw_info']['user']['account_id'];
     $sql = 'SELECT interlink_id, app1_name, app1_loc, app1_id, app2_name, app2_loc, app2_id, is_private, account_id' . ' FROM phpgw_interlink' . " WHERE (app1_name = '{$app}' AND app1_loc = '{$loc}' AND app1_id = '{$id}')" . " OR (app2_name = '{$app}' AND app2_loc = '{$loc}' AND app2_id = '{$id}')" . " AND ( is_private = 0 OR (is_private = 1 AND account_id = {$owner}) )" . ' AND is_active = 1 AND active_from >= ' . time();
     $recs = array();
     while ($this->db->next_record()) {
         if ($this->db->f('app1_name') == $app) {
             $recs[] = array('interlink_id' => $this->db->f('interlink_id'), 'app2_name' => $this->db->f('app2_name'), 'app2_loc' => $this->db->f('app2_loc'), 'app2_id' => $this->db->f('app2_id'), 'is_private' => !!$this->db->f('is_private'), 'account_id' => $this->db->f('account_id'));
         } else {
             $recs[] = array('interlink_id' => $this->db->f('interlink_id'), 'app1_name' => $this->db->f('app1_name'), 'app1_loc' => $this->db->f('app1_loc'), 'app1_id' => $this->db->f('app1_id'), 'is_private' => !!$this->db->f('is_private'), 'account_id' => $this->db->f('account_id'));
         }
     }
     foreach ($recs as &$rec) {
         $rec['summary'] = $this->get_summary($rec);
         $rec['owner'] = $GLOBALS['phpgw']->accounts->id2name($rec['account_id']);
     }
     return $recs;
 }
 /**
  * Finds the next ID for a record at a table
  *
  * @param string $table tablename in question
  * @param array  $key   conditions for finding the next id
  *
  * @return int the next id
  */
 protected function _next_id($table = null, $key = null)
 {
     if (!$table) {
         return 0;
     }
     $next_id = 0;
     $where = '';
     if (is_array($key)) {
         foreach ($key as $col => $val) {
             if ($val) {
                 $val = $this->_db->db_addslashes($val);
                 $condition[] = "{$col} = '{$val}";
             }
         }
         $where = 'WHERE ' . implode("' AND ", $condition) . "'";
     }
     $sql = "SELECT max(id) as maximum FROM {$table} {$where}";
     $this->_db->query($sql, __LINE__, __FILE__);
     if ($this->_db->next_record()) {
         $next_id = $this->_db->f('maximum');
     }
     ++$next_id;
     return $next_id;
 }
 /**
  * get the image data
  *
  * @return void
  * @private
  */
 private function getImageData($getBinary = false)
 {
     $this->db->query('SELECT l.Name,c.Dat FROM ' . CONTENT_TABLE . ' c JOIN ' . LINK_TABLE . ' l ON c.ID=l.CID WHERE l.DID=' . intval($this->imageID) . ' AND l.DocumentTable="tblFile"');
     while ($this->db->next_record()) {
         if ($this->db->f('Name') === 'origwidth') {
             $this->imageWidth = $this->db->f('Dat');
         } else {
             if ($this->db->f('Name') === 'origheight') {
                 $this->imageHeight = $this->db->f('Dat');
             }
         }
         if ($this->db->f('Name') === 'xfocus') {
             $this->xfocus = $this->db->f('Dat');
         }
         if ($this->db->f('Name') === 'yfocus') {
             $this->yfocus = $this->db->f('Dat');
         }
     }
     $imgdat = getHash('SELECT ID,Filename,Extension,Path FROM ' . FILE_TABLE . ' WHERE ID=' . intval($this->imageID), $this->db);
     if (!$imgdat) {
         return false;
     }
     $this->imageFileName = $imgdat['Filename'];
     $this->imagePath = $imgdat['Path'];
     $this->imageExtension = $imgdat['Extension'];
     if ($getBinary) {
         $this->getBinaryData();
     }
     return true;
 }
 /**
  * Gets a custom saved setting from the database
  *
  * @param 	string $name Configuration key name
  * @access public
  * @return string Configuration key value
  */
 function get_setting($name)
 {
     $this->db->query("SELECT * FROM settings WHERE name='{$name}'");
     if ($this->db->next_record()) {
         return $this->db->f('value');
     }
     return false;
 }
Example #13
0
 /**
  * Reads ACL accounts from database and return array with accounts that have certain rights for a given location
  *
  * @param integer $required  Required access rights in bitmap form
  * @param string  $location location within Application name
  * @param string  $appname  Application name
  *		if empty string the value of $GLOBALS['phpgw_info']['flags']['currentapp'] is used
  *
  * @return array Array with accounts
  */
 public function get_user_list_right($required, $location, $appname = '')
 {
     $myaccounts =& $GLOBALS['phpgw']->accounts;
     $active_accounts = array();
     $accounts = array();
     $users = array();
     if (!$appname) {
         $appname = $GLOBALS['phpgw_info']['flags']['currentapp'];
     }
     $appname = $this->_db->db_addslashes($appname);
     $location = $this->_db->db_addslashes($location);
     if ($GLOBALS['phpgw_info']['server']['account_repository'] == 'ldap') {
         $account_objects = $GLOBALS['phpgw']->accounts->get_list('both', -1, 'ASC', 'account_lastname', $query = '', -1);
         // maybe $query could be used for filtering on active accounts?
         $active_accounts = array();
         foreach ($account_objects as $account_object) {
             $active_accounts[] = array('account_id' => $account_object->id, 'account_type' => $account_object->type);
         }
     } else {
         $sql = "SELECT account_id, account_type FROM phpgw_accounts" . " {$this->_join} phpgw_acl on phpgw_accounts.account_id = phpgw_acl.acl_account" . " {$this->_join} phpgw_locations on phpgw_acl.location_id = phpgw_locations.location_id" . " WHERE account_status = 'A' AND phpgw_locations.name = '{$location}'" . " ORDER BY account_lastname ASC";
         $this->_db->query($sql, __LINE__, __FILE__);
         while ($this->_db->next_record()) {
             $active_accounts[] = array('account_id' => $this->_db->f('account_id'), 'account_type' => $this->_db->f('account_type'));
         }
     }
     foreach ($active_accounts as $entry) {
         $this->_account_id = $entry['account_id'];
         if ($this->check($location, $required, $appname)) {
             if ($entry['account_type'] == 'g') {
                 $members = $myaccounts->member($entry['account_id'], true);
                 if (isset($members) and is_array($members)) {
                     foreach ($members as $user) {
                         $accounts[$user['account_id']] = $user['account_id'];
                     }
                     unset($members);
                 }
             } else {
                 $accounts[$entry['account_id']] = $entry['account_id'];
             }
         }
     }
     unset($active_accounts);
     unset($myaccounts);
     $sql = "SELECT account_id FROM phpgw_accounts WHERE account_status = 'I'";
     $this->_db->query($sql, __LINE__, __FILE__);
     while ($this->_db->next_record()) {
         unset($accounts[$this->_db->f('account_id')]);
     }
     if (isset($accounts) and is_array($accounts)) {
         foreach ($accounts as $account_id) {
             $this->_account_id = $account_id;
             if (!$this->check($location, $required, $appname)) {
                 unset($accounts[$account_id]);
             }
         }
     }
     $accounts = array_keys($accounts);
     if (isset($accounts) && count($accounts) > 0) {
         $sql = 'SELECT * FROM phpgw_accounts where account_id in (' . implode(',', $accounts) . ') ORDER BY account_lastname';
         $this->_db->query($sql, __LINE__, __FILE__);
         while ($this->_db->next_record()) {
             $users[] = array('account_id' => $this->_db->f('account_id'), 'account_lid' => $this->_db->f('account_lid'), 'account_type' => $this->_db->f('account_type'), 'account_firstname' => $this->_db->f('account_firstname'), 'account_lastname' => $this->_db->f('account_lastname'), 'account_status' => $this->_db->f('account_status'), 'account_expires' => $this->_db->f('account_expires'));
         }
     }
     return $users;
 }