static function validate()
 {
     $errors = array();
     if (!isset($_POST["password"]) || !$_POST["password"]) {
         array_push($errors, 'Ingrese su contraseña actual');
     }
     if (!isset($_POST["newPassword"]) || !$_POST["newPassword"]) {
         array_push($errors, 'Ingrese una nueva contraseña');
     }
     if ($_POST["newPassword"] && strlen($_POST["newPassword"]) < 8) {
         array_push($errors, 'La contraseña debe contener un mínimo de 8 caracteres');
     }
     if ($_POST["newPassword"] && strlen($_POST["newPassword"]) > 50) {
         array_push($errors, 'La contraseña debe contener un máximo de 50 caracteres');
     }
     if (!isset($_POST["repeatPassword"]) || !$_POST["repeatPassword"]) {
         array_push($errors, 'Repita la contraseña');
     }
     if ($_POST["newPassword"] != $_POST["repeatPassword"]) {
         array_push($errors, 'Las contraseñas ingresadas no coinciden');
     }
     if (isset($_POST["password"])) {
         $user = SecurityAdmin::getUserByCredentials(SecurityManager::UserInfo()->nick, $_POST["password"]);
         if ($user == null) {
             array_push($errors, 'La contraseña actual es incorrecta');
         }
     }
     return $errors;
 }
Example #2
4
<?php 
if (!isset($_SESSION)) {
    session_start();
}
$_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos';
include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php';
use admin\SecurityAdmin;
use lib\ExportDataExcel;
use security\SecurityManager;
SecurityManager::authorize(array('admin'));
$multicolumnSearchText = isset($_POST['multicolumnSearchText']) && $_POST['multicolumnSearchText'] ? $_POST['multicolumnSearchText'] : '';
$inactivos = isset($_POST['inactivos']) && $_POST['inactivos'] ? $_POST['inactivos'] : false;
$data = SecurityAdmin::getUsersByFilter($multicolumnSearchText, $inactivos);
$exporter = new ExportDataExcel('browser', 'Usuarios.xls');
$exporter->initialize();
$exporter->addRow(array("Id", "Nick", "Nombre", "Mail", "Tipo", "Activo", "FechaAlta"));
foreach ($data as $user) {
    $exporter->addRow(array($user->id, $user->nick, $user->firstName, $user->mail, $user->type, $user->enabled ? 'Si' : 'No', $user->createDate));
}
$exporter->finalize();
exit;
Example #3
3
 static function addEntry($form)
 {
     $transaction = NULL;
     $result = array();
     $userId = null;
     $user = null;
     $newUser = false;
     $userExists = SecurityManager::isValidUser();
     try {
         $transaction = GenericDao::beginTransaction();
         if (!$userExists) {
             $step = Phinq::create($form->steps)->single(function ($item) {
                 return isset($item->disabled) && $item->disabled == true;
             });
             $mail = Phinq::create($step->controls)->single(function ($item) {
                 return $item->columnName == 'mail';
             })->value;
             $nombre = Phinq::create($step->controls)->single(function ($item) {
                 return $item->columnName == 'nombre';
             })->value;
             $apellido = Phinq::create($step->controls)->single(function ($item) {
                 return $item->columnName == 'apellido';
             })->value;
             $user = UserAdmin::getUserByMail($mail);
             if ($user != null) {
                 $form->userId = $userId = $user->id;
             } else {
                 $newUser = true;
                 $password = substr(md5(uniqid()), 0, 8);
                 $userDto = new \stdClass();
                 $userDto->firstName = $nombre;
                 $userDto->lastName = $apellido;
                 $userDto->mail = $mail;
                 $userDto->type = UserType::client;
                 $userDto->password = $password;
                 $response = json_decode(SecurityAdmin::createUser($userDto, $transaction));
                 $form->userId = $userId = $response->data;
             }
             $form->confirmada = 'N';
         } else {
             $form->userId = $userId = SecurityManager::UserInfo()->id;
             $form->confirmada = 'S';
         }
         $form->ip = $_SERVER['REMOTE_ADDR'];
         $entryId = FormDao::addEntry($form, $transaction);
         $user = SecurityDao::getUserById($userId);
         $dwoo = new Core();
         if (!$userExists) {
             if (!$newUser) {
                 $user->logo = AppConfig::logoUrl;
                 $user->producto = BaseAdmin::getProductoSimple($form->productoId)->nombre;
                 $code = base64_encode($user->id . '|' . $user->createDate . '|' . $user->mail . '|' . $entryId . '|' . $form->productoId . '|' . $form->id);
                 $link = 'http://' . getenv('HTTP_HOST') . APP_FOLDER . '/views/client/Confirmacion.php?c=' . $code;
                 $user->link = $link;
                 $template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userSolicitudRequestConfirm.tpl', (array) $user);
                 Mail::Send($user->mail, 'Confirmación de solicitud', $template);
             } else {
                 $subject = 'Aladinnus, proceso de activación';
                 $code = base64_encode($user->id . '|' . $user->createDate . '|' . $user->mail . '|' . $entryId . '|' . $form->productoId . '|' . $form->id);
                 $link = 'http://' . getenv('HTTP_HOST') . APP_FOLDER . '/views/client/Activacion.php?c=' . $code;
                 $user->link = $link;
                 $userDto->logo = $user->logo = AppConfig::logoUrl;
                 $template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userActivation.tpl', (array) $user);
                 Mail::Send($user->mail, $subject, $template);
             }
         } else {
             //MAIL PROVEEDORES
             $usersProveedor = SecurityDao::getUsersProveedorByProductoId($form->productoId);
             foreach ($usersProveedor as $prov) {
                 FormAdmin::addProveedorEntry($prov->id, $form->id, $entryId, $user->id);
                 $prov->logo = AppConfig::logoUrl;
                 $template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/providerNewSolicitud.tpl', (array) $prov);
                 Mail::Send($prov->mail, 'Nueva solicitud', $template);
             }
             //MAIL ADMINs
             $usersAdmin = SecurityDao::getUsersAdmin();
             $usersAdmin = Phinq::create($usersAdmin)->where(function ($user) {
                 return $user->enabled;
             })->toArray();
             foreach ($usersAdmin as $admin) {
                 $admin->logo = AppConfig::logoUrl;
                 $template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userAdminRequest.tpl', (array) $admin);
                 Mail::Send($admin->mail, 'Nueva solicitud', $template);
             }
             //MAIL USUARIO
             $user->logo = AppConfig::logoUrl;
             $user->producto = BaseAdmin::getProductoSimple($form->productoId)->nombre;
             $template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userRequest.tpl', (array) $user);
             Mail::Send($user->mail, 'Nueva solicitud', $template);
         }
         $transaction->commit();
     } catch (\Exception $ex) {
         $transaction->rollBack();
         $result = array($ex->getMessage());
     }
     return $result;
 }
Example #4
0
 static function isValidUser()
 {
     if (!isset($_SESSION["user"])) {
         return false;
     }
     SecurityManager::refreshTimeout();
     return !SecurityManager::isTimeout();
 }
Example #5
0
 static function render()
 {
     $_SESSION["sitemap"] = null;
     if (!isset($_SESSION["sitemap"]) || !$_SESSION["sitemap"]) {
         SitemapManager::initialize();
     }
     SitemapManager::open();
     foreach ($_SESSION["sitemap"]->nodes as $node) {
         if (!SecurityManager::isUserInRoles($node->roles)) {
             continue;
         }
         SitemapManager::renderNode($node);
     }
     SitemapManager::close();
 }
Example #6
0
 static function process()
 {
     if (!isset($_POST["submit"])) {
         return null;
     }
     $errors = LoginController::validate();
     if (sizeof($errors) > 0) {
         return $errors;
     }
     $isValidUser = SecurityManager::login($_POST["userName"], $_POST["password"]);
     if ($isValidUser) {
         Utils::Redirect('https://' . getenv('HTTP_HOST') . APP_FOLDER . '/views/solicitudesEntrega/index.php', false);
     }
     return array('Usuario inválido');
 }
Example #7
0
<?php 
if (!isset($_SESSION)) {
    session_start();
}
$_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos';
include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php';
use security\SecurityManager;
SecurityManager::authorize(array('admin', 'Gestor'));
?>


<?php 
include_once $_SERVER["DOCUMENT_ROOT"] . '/views/shared/masterTop.php';
?>

<div  ng-app="diarco.usersAdmin">
    <?php 
include 'bundle.php';
?>
    <loading></loading>
    <div ng-view></div>
</div>

<script type="text/javascript" src="../../scripts/app/securityAdmin/usersModule.js?v=<?php 
echo rand(1, 1000000);
?>
"> </script>
<script type="text/javascript" src="../../scripts/app/securityAdmin/usersListCtrl.js?v=<?php 
echo rand(1, 1000000);
?>
Example #8
0
<?php 
if (!isset($_SESSION)) {
    session_start();
}
$_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos';
include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php';
use security\SecurityManager;
use controllers\CambioContraseniaController;
SecurityManager::authorize();
$errors = CambioContraseniaController::process();
?>

<?php 
include_once $_SERVER["DOCUMENT_ROOT"] . '/views/shared/masterTop.php';
?>


<div >
    <section id="widget-grid" class="">
        <article class="col-xs-12 col-sm-12 col-md-12 col-lg-12">
            <div class="jarviswidget" id="wid-id-1002" data-widget-colorbutton="false" data-widget-editbutton="false" data-widget-togglebutton="false" data-widget-deletebutton="false" data-widget-custombutton="false" data-widget-collapsed="false" data-widget-sortable="false">

                <header role="heading">
                    <span class="widget-icon"> <i class="fa fa-edit"></i> </span>
                    <span style="position: relative; left: 8px; top: -3px;;">Cambiar contraseña</span>
                </header>
                <div role="content">
                    <div class="widget-body">

                        <?php 
Example #9
0
<?php

/**
 * Created by PhpStorm.
 * User: pzaborowski
 * Date: 07/01/2015
 * Time: 10:53 AM
 */
session_start();
$_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos';
include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php';
use security\SecurityManager;
SecurityManager::logout();
?>


Example #10
0
        </div>

    </div>
</header>
<!-- END HEADER -->
<aside id="left-panel">

    <!-- User info -->
    <div class="login-info">
            <span>

                <a href="javascript:void(0);" id="show-shortcut">
                    <span>
                         <?php 
if (SecurityManager::isValidUser()) {
    $user = SecurityManager::UserInfo();
    echo $user->firstName;
}
?>
                    </span>
                    <i class="fa fa-angle-down"></i>
                </a>

            </span>
    </div>

    <?php 
SitemapManager::render();
?>

    <span class="minifyme"> <i class="fa fa-arrow-circle-left hit"></i> </span>
Example #11
0
<?php 
if (!isset($_SESSION)) {
    session_start();
}
$_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos';
include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php';
use security\SecurityManager;
SecurityManager::authorize(array('admin', 'Gestor', 'Proveedor', 'Consulta'));
?>

<?php 
include_once $_SERVER["DOCUMENT_ROOT"] . '/views/shared/masterTop.php';
?>

<div  ng-app="diarco.solicitudesEntrega">
    <?php 
include 'bundle.php';
?>
    <loading></loading>
    <div ng-view></div>
</div>

<script type="text/javascript" src="../../scripts/app/solicitudesEntrega/solicitudesEntregaModule.js?v=<?php 
echo rand(1, 1000000);
?>
"> </script>
<script type="text/javascript" src="../../scripts/app/solicitudesEntrega/solicitudesEntregaListCtrl.js?v=<?php 
echo rand(1, 1000000);
?>
"> </script>
 static function getDataEditInitBloqueos()
 {
     $data = new \stdClass();
     $data->bloqueoTypes = array();
     $data->user = SecurityManager::UserInfo();
     $data->user->type = SecurityManager::UserInfo()->roles[0]->name;
     $data->sucursales = array();
     if ($data->user->type == 'Gestor') {
         array_push($data->sucursales, ExternalDao::getSucursalById($data->user->sucursalId));
     } else {
         $data->sucursales = ExternalDao::getAllSucursales();
     }
     array_push($data->bloqueoTypes, BloqueoType::bloqueo);
     array_push($data->bloqueoTypes, BloqueoType::feriado);
     $result = new Response(new Result(), $data);
     return json_encode(Utils::utf8ize($result));
 }
Example #13
0
 static function getDataReservasInit($id)
 {
     $data = new \stdClass();
     $data->user = SecurityDao::getUserById($id);
     $data->user->reservas = SecurityDao::getReservasByUserId($id);
     $data->currentUser = SecurityManager::UserInfo();
     $data->sucursales = ExternalDao::getAllSucursales();
     $result = new Response(new Result(), $data);
     return json_encode(Utils::utf8ize($result));
 }