/**
  * Validate the User is Logged In
  * @param $ajax Object[optional] Indicates if this request came from an AJAX call or otherwise
  */
 function attempt_login($ajax = false)
 {
     $db =& $this->db;
     $userid = Kit::GetParam('userid', _SESSION, _INT);
     // Referring Page is anything after the ?
     $requestUri = rawurlencode(Kit::GetCurrentPage());
     if (!$this->checkforUserid()) {
         // Log out the user
         if ($userid != 0) {
             $db->query(sprintf("UPDATE user SET loggedin = 0 WHERE userid = %d ", $userid));
         }
         // AJAX calls that fail the login test cause a page redirect
         if ($ajax) {
             //create the AJAX request object
             $response = new ResponseManager();
             $response->Login();
             $response->Respond();
         } else {
             Theme::Set('form_meta', '<input type="hidden" name="token" value="' . CreateFormToken() . '" />');
             Theme::Set('form_action', 'index.php?q=login&referingPage=' . $requestUri);
             Theme::Set('about_url', 'index.php?p=index&q=About');
             Theme::Set('source_url', 'https://launchpad.net/xibo/1.6');
             // Message (either from the URL or the session)
             $message = Kit::GetParam('message', _GET, _STRING, Kit::GetParam('message', _SESSION, _STRING, ''));
             Theme::Set('login_message', $message);
             Theme::Render('login_page');
             // Clear the session message
             $_SESSION['message'] = '';
             exit;
         }
         return false;
     } else {
         //write out to the db that the logged in user has accessed the page still
         $SQL = sprintf("UPDATE user SET lastaccessed = '" . date("Y-m-d H:i:s") . "', loggedin = 1 WHERE userid = %d ", $userid);
         $results = $db->query($SQL) or trigger_error("Can not write last accessed info.", E_USER_ERROR);
         // Load the information about this user
         $this->LoginServices($userid);
         return true;
     }
 }
Exemple #2
0
 protected function EditFormForLibraryMedia($extraFormFields = NULL)
 {
     global $session;
     $db =& $this->db;
     $user =& $this->user;
     if ($this->response == null) {
         $this->response = new ResponseManager();
     }
     // Would like to get the regions width / height
     $layoutid = $this->layoutid;
     $regionid = $this->regionid;
     $mediaid = $this->mediaid;
     $lkid = $this->lkid;
     $userid = $this->user->userid;
     // Delete Old Version Checkbox Setting
     $deleteOldVersionChecked = Config::GetSetting('LIBRARY_MEDIA_DELETEOLDVER_CHECKB') == 'Checked' ? 1 : 0;
     // Can this user delete?
     if (!$this->auth->edit) {
         $this->response->SetError('You do not have permission to edit this media.');
         $this->response->keepOpen = false;
         return $this->response;
     }
     // Set the Session / Security information
     $sessionId = session_id();
     $securityToken = CreateFormToken();
     $session->setSecurityToken($securityToken);
     // Load what we know about this media into the object
     $SQL = "SELECT name, originalFilename, userID, retired, storedAs, isEdited, editedMediaID FROM media WHERE mediaID = {$mediaid} ";
     if (!($row = $db->GetSingleRow($SQL))) {
         // log the error
         trigger_error($db->error());
         trigger_error(__('Error querying for the Media information'), E_USER_ERROR);
     }
     $name = $row['name'];
     $originalFilename = $row['originalFilename'];
     $userid = $row['userID'];
     $retired = $row['retired'];
     $storedAs = $row['storedAs'];
     $isEdited = $row['isEdited'];
     $editedMediaID = $row['editedMediaID'];
     $ext = strtolower(substr(strrchr($originalFilename, '.'), 1));
     // Save button is different depending on if we are on a region or not
     if ($regionid != '' && $this->showRegionOptions) {
         setSession('content', 'mediatype', $this->type);
         $this->response->AddButton(__('Cancel'), 'XiboSwapDialog("index.php?p=timeline&layoutid=' . $layoutid . '&regionid=' . $regionid . '&q=RegionOptions")');
     } elseif ($regionid != '' && !$this->showRegionOptions) {
         $this->response->AddButton(__('Cancel'), 'XiboDialogClose()');
     } else {
         $this->response->AddButton(__('Cancel'), 'XiboDialogClose()');
     }
     $this->response->AddButton(__('Save'), '$("#EditLibraryBasedMedia").submit()');
     // Setup the theme
     Theme::Set('form_id', 'EditLibraryBasedMedia');
     Theme::Set('form_action', 'index.php?p=module&mod=' . $this->type . '&q=Exec&method=EditMedia');
     Theme::Set('form_meta', '<input type="hidden" name="layoutid" value="' . $layoutid . '"><input type="hidden" name="regionid" value="' . $regionid . '"><input type="hidden" name="mediaid" value="' . $mediaid . '"><input type="hidden" name="lkid" value="' . $lkid . '"><input type="hidden" name="showRegionOptions" value="' . $this->showRegionOptions . '" /><input type="hidden" id="txtFileName" name="txtFileName" readonly="true" /><input type="hidden" name="hidFileID" id="hidFileID" value="" />');
     Theme::Set('form_upload_id', 'file_upload');
     Theme::Set('form_upload_action', 'index.php?p=content&q=FileUpload');
     Theme::Set('form_upload_meta', '<input type="hidden" id="PHPSESSID" value="' . $sessionId . '" /><input type="hidden" id="SecurityToken" value="' . $securityToken . '" /><input type="hidden" name="MAX_FILE_SIZE" value="' . $this->maxFileSizeBytes . '" />');
     Theme::Set('prepend', Theme::RenderReturn('form_file_upload_single'));
     $formFields = array();
     $formFields[] = FormManager::AddMessage(sprintf(__('This form accepts: %s files up to a maximum size of %s'), $this->validExtensionsText, $this->maxFileSize));
     $formFields[] = FormManager::AddText('name', __('Name'), $name, __('The Name of this item - Leave blank to use the file name'), 'n');
     $formFields[] = FormManager::AddNumber('duration', __('Duration'), $this->duration, __('The duration in seconds this item should be displayed'), 'd', 'required', '', $this->auth->modifyPermissions);
     $formFields[] = FormManager::AddText('tags', __('Tags'), $this->tags, __('Tag this media. Comma Separated.'), 'n');
     if ($this->assignable) {
         $formFields[] = FormManager::AddCheckbox('replaceInLayouts', __('Update this media in all layouts it is assigned to?'), Config::GetSetting('LIBRARY_MEDIA_UPDATEINALL_CHECKB') == 'Checked' ? 1 : 0, __('Note: It will only be replaced in layouts you have permission to edit.'), 'r');
     }
     $formFields[] = FormManager::AddCheckbox('deleteOldVersion', __('Delete the old version?'), $deleteOldVersionChecked, __('Completely remove the old version of this media item if a new file is being uploaded.'), 'c');
     // Add in any extra form fields we might have provided by the super-class
     if ($extraFormFields != NULL && is_array($extraFormFields)) {
         foreach ($extraFormFields as $field) {
             $formFields[] = $field;
         }
     }
     Theme::Set('form_fields', $formFields);
     $this->response->html = Theme::RenderReturn('form_render');
     $this->response->dialogTitle = 'Edit ' . $this->displayType;
     $this->response->dialogSize = true;
     $this->response->dialogWidth = '450px';
     $this->response->dialogHeight = '280px';
     return $this->response;
 }
Exemple #3
0
 protected function EditFormForLibraryMedia()
 {
     global $session;
     $db =& $this->db;
     $user =& $this->user;
     // Would like to get the regions width / height
     $layoutid = $this->layoutid;
     $regionid = $this->regionid;
     $mediaid = $this->mediaid;
     $lkid = $this->lkid;
     $userid = $this->user->userid;
     // Can this user delete?
     if (!$this->auth->edit) {
         $this->response->SetError('You do not have permission to edit this media.');
         $this->response->keepOpen = false;
         return $this->response;
     }
     // Set the Session / Security information
     $sessionId = session_id();
     $securityToken = CreateFormToken();
     $session->setSecurityToken($securityToken);
     // Load what we know about this media into the object
     $SQL = "SELECT name, originalFilename, userID, retired, storedAs, isEdited, editedMediaID FROM media WHERE mediaID = {$mediaid} ";
     if (!($row = $db->GetSingleRow($SQL))) {
         // log the error
         trigger_error($db->error());
         trigger_error(__('Error querying for the Media information'), E_USER_ERROR);
     }
     $name = $row['name'];
     $originalFilename = $row['originalFilename'];
     $userid = $row['userID'];
     $retired = $row['retired'];
     $storedAs = $row['storedAs'];
     $isEdited = $row['isEdited'];
     $editedMediaID = $row['editedMediaID'];
     $ext = strtolower(substr(strrchr($originalFilename, '.'), 1));
     // Save button is different depending on if we are on a region or not
     if ($regionid != '' && $this->showRegionOptions) {
         setSession('content', 'mediatype', $this->type);
         $this->response->AddButton(__('Cancel'), 'XiboSwapDialog("index.php?p=timeline&layoutid=' . $layoutid . '&regionid=' . $regionid . '&q=RegionOptions")');
     } elseif ($regionid != '' && !$this->showRegionOptions) {
         $this->response->AddButton(__('Cancel'), 'XiboDialogClose()');
     } else {
         $this->response->AddButton(__('Cancel'), 'XiboDialogClose()');
     }
     $this->response->AddButton(__('Save'), '$("#EditLibraryBasedMedia").submit()');
     $durationFieldEnabled = $this->auth->modifyPermissions ? '' : ' readonly';
     // Setup the theme
     Theme::Set('form_id', 'EditLibraryBasedMedia');
     Theme::Set('form_action', 'index.php?p=module&mod=' . $this->type . '&q=Exec&method=EditMedia');
     Theme::Set('form_meta', '<input type="hidden" name="layoutid" value="' . $layoutid . '"><input type="hidden" name="regionid" value="' . $regionid . '"><input type="hidden" name="mediaid" value="' . $mediaid . '"><input type="hidden" name="lkid" value="' . $lkid . '"><input type="hidden" name="showRegionOptions" value="' . $this->showRegionOptions . '" /><input type="hidden" id="txtFileName" name="txtFileName" readonly="true" /><input type="hidden" name="hidFileID" id="hidFileID" value="" />');
     Theme::Set('form_upload_id', 'file_upload');
     Theme::Set('form_upload_action', 'index.php?p=content&q=FileUpload');
     Theme::Set('form_upload_meta', '<input type="hidden" id="PHPSESSID" value="' . $sessionId . '" /><input type="hidden" id="SecurityToken" value="' . $securityToken . '" /><input type="hidden" name="MAX_FILE_SIZE" value="' . $this->maxFileSizeBytes . '" />');
     Theme::Set('name', $name);
     Theme::Set('duration', $this->duration);
     Theme::Set('is_duration_field_enabled', $durationFieldEnabled);
     Theme::Set('valid_extensions', 'This form accepts: ' . $this->validExtensionsText . ' files up to a maximum size of ' . $this->maxFileSize);
     Theme::Set('is_replace_field_checked', Config::GetSetting('LIBRARY_MEDIA_UPDATEINALL_CHECKB') == 'Checked' ? 'checked' : '');
     Theme::Set('is_assignable', $this->assignable);
     $form = Theme::RenderReturn('library_form_media_edit');
     $this->response->html = $form;
     $this->response->dialogTitle = 'Edit ' . $this->displayType;
     $this->response->dialogSize = true;
     $this->response->dialogWidth = '450px';
     $this->response->dialogHeight = '280px';
     return $this->response;
 }
Exemple #4
0
 public function ImportForm()
 {
     global $session;
     $db =& $this->db;
     $response = new ResponseManager();
     // Set the Session / Security information
     $sessionId = session_id();
     $securityToken = CreateFormToken();
     $session->setSecurityToken($securityToken);
     // Find the max file size
     $maxFileSizeBytes = convertBytes(ini_get('upload_max_filesize'));
     // Set some information about the form
     Theme::Set('form_id', 'LayoutImportForm');
     Theme::Set('form_action', 'index.php?p=layout&q=Import');
     Theme::Set('form_meta', '<input type="hidden" id="txtFileName" name="txtFileName" readonly="true" /><input type="hidden" name="hidFileID" id="hidFileID" value="" /><input type="hidden" name="template" value="' . Kit::GetParam('template', _GET, _STRING, 'false') . '" />');
     Theme::Set('form_upload_id', 'file_upload');
     Theme::Set('form_upload_action', 'index.php?p=content&q=FileUpload');
     Theme::Set('form_upload_meta', '<input type="hidden" id="PHPSESSID" value="' . $sessionId . '" /><input type="hidden" id="SecurityToken" value="' . $securityToken . '" /><input type="hidden" name="MAX_FILE_SIZE" value="' . $maxFileSizeBytes . '" />');
     Theme::Set('prepend', Theme::RenderReturn('form_file_upload_single'));
     $formFields = array();
     $formFields[] = FormManager::AddText('layout', __('Name'), NULL, __('The Name of the Layout - (1 - 50 characters). Leave blank to use the name from the import.'), 'n');
     $formFields[] = FormManager::AddCheckbox('replaceExisting', __('Replace Existing Media?'), NULL, __('If the import finds existing media with the same name, should it be replaced in the Layout or should the Layout use that media.'), 'r');
     if (Kit::GetParam('template', _GET, _STRING, 'false') != 'true') {
         $formFields[] = FormManager::AddCheckbox('importTags', __('Import Tags?'), NULL, __('Would you like to import any tags contained on the layout.'), 't');
     }
     Theme::Set('form_fields', $formFields);
     $response->SetFormRequestResponse(NULL, __('Import Layout'), '350px', '200px');
     $response->AddButton(__('Help'), 'XiboHelpRender("' . HelpManager::Link('DataSet', 'ImportCsv') . '")');
     $response->AddButton(__('Cancel'), 'XiboDialogClose()');
     $response->AddButton(__('Import'), '$("#LayoutImportForm").submit()');
     $response->Respond();
 }
Exemple #5
0
 public function ImportCsvForm()
 {
     global $session;
     $db =& $this->db;
     $response = new ResponseManager();
     $dataSetId = Kit::GetParam('datasetid', _GET, _INT);
     $dataSet = Kit::GetParam('dataset', _GET, _STRING);
     $auth = $this->user->DataSetAuth($dataSetId, true);
     if (!$auth->edit) {
         trigger_error(__('Access Denied'), E_USER_ERROR);
     }
     // Set the Session / Security information
     $sessionId = session_id();
     $securityToken = CreateFormToken();
     $session->setSecurityToken($securityToken);
     // Find the max file size
     $maxFileSizeBytes = convertBytes(ini_get('upload_max_filesize'));
     // Set some information about the form
     Theme::Set('form_id', 'DataSetImportCsvForm');
     Theme::Set('form_action', 'index.php?p=dataset&q=ImportCsv');
     Theme::Set('form_meta', '<input type="hidden" name="dataset" value="' . $dataSet . '" /><input type="hidden" name="datasetid" value="' . $dataSetId . '" /><input type="hidden" id="txtFileName" name="txtFileName" readonly="true" /><input type="hidden" name="hidFileID" id="hidFileID" value="" />');
     Theme::Set('form_upload_id', 'file_upload');
     Theme::Set('form_upload_action', 'index.php?p=content&q=FileUpload');
     Theme::Set('form_upload_meta', '<input type="hidden" id="PHPSESSID" value="' . $sessionId . '" /><input type="hidden" id="SecurityToken" value="' . $securityToken . '" /><input type="hidden" name="MAX_FILE_SIZE" value="' . $maxFileSizeBytes . '" />');
     // Enumerate over the columns in the DataSet and offer a column mapping for each one (from the file)
     $SQL = "";
     $SQL .= "SELECT DataSetColumnID, Heading ";
     $SQL .= "  FROM datasetcolumn ";
     $SQL .= sprintf(" WHERE DataSetID = %d ", $dataSetId);
     $SQL .= "   AND DataSetColumnTypeID = 1 ";
     $SQL .= "ORDER BY ColumnOrder ";
     // Load results into an array
     $dataSetColumns = $db->GetArray($SQL);
     if (!is_array($dataSetColumns)) {
         trigger_error($db->error());
         trigger_error(__('Error getting list of dataSetColumns'), E_USER_ERROR);
     }
     $rows = array();
     $i = 0;
     foreach ($dataSetColumns as $row) {
         $i++;
         $row['heading'] = Kit::ValidateParam($row['Heading'], _STRING);
         $row['formfieldid'] = 'csvImport_' . Kit::ValidateParam($row['DataSetColumnID'], _INT);
         $row['auto_column_number'] = $i;
         $rows[] = $row;
     }
     Theme::Set('fields', $rows);
     $form = Theme::RenderReturn('dataset_form_csv_import');
     $response->SetFormRequestResponse($form, __('CSV Import'), '350px', '200px');
     $response->AddButton(__('Help'), 'XiboHelpRender("' . HelpManager::Link('DataSet', 'ImportCsv') . '")');
     $response->AddButton(__('Cancel'), 'XiboDialogClose()');
     $response->AddButton(__('Import'), '$("#DataSetImportCsvForm").submit()');
     $response->Respond();
 }