if (!empty($_POST['s']) && !empty($_POST['p']) && !empty($_POST['u'])) {
$errors = array();
$u = strtolower(trim($_POST['u']));
$p = $_POST['p'];
if (empty($u)) {
$errors[] = L\get('Specify_username');
}
if (empty($p)) {
$errors[] = L\get('Specify_password');
}
if (empty($errors)) {
DB\connect();
$user = new User();
$r = $user->Login($u, $p);
if ($r['success'] == false) {
$errors[] = L\get('Auth_fail');
} else {
$cfg = $user->getTSVConfig();
if (!empty($cfg['method'])) {
$_SESSION['check_TSV'] = time();
} else {
$_SESSION['user']['TSV_checked'] = true;
}
}
}
$_SESSION['message'] = array_shift($errors);
} elseif (!empty($_SESSION['check_TSV']) && !empty($_POST['c'])) {
$u = new User();
$cfg = $u->getTSVConfig();
$authenticator = $u->getTSVAuthenticator($cfg['method'], $cfg['sd']);
$verificationResult = $authenticator->verifyCode($_POST['c']);
/**
* mark all notifications as read for given user
* @param int $userId
* @return void
*/
public static function markAllAsRead($userId)
{
//validate params
if (!is_numeric($userId)) {
trigger_error(L\get('ErroneousInputData'), E_USER_ERROR);
}
DB\dbQuery('UPDATE `' . static::$tableName . '`
SET `read` = 1
WHERE user_id = $1 AND `read` = 0', $userId) or die(DB\dbQueryError());
}
<script type="text/javascript">setProgress('<?php
echo L\get('Loading_ExtJS_UI');
?>
', '60%')</script>
<?php
echo '<script type="text/javascript" src="' . $coreUrl . '/remote/api.php"></script>';
echo '<script type="text/javascript" src="' . $coreUrl . getMinifyGroupUrl('js') . $debugQueryParam . '"></script>';
echo '<script type="text/javascript" src="' . $coreUrl . getMinifyGroupUrl('jsdev') . $debugQueryParam . '"></script>';
echo '<script type="text/javascript" src="' . $coreUrl . getMinifyGroupUrl('jsoverrides') . $debugQueryParam . '"></script>';
$js = Config::getJsList();
if (!empty($js)) {
echo '<script type="text/javascript" src="' . $coreUrl . getMinifyGroupUrl($coreName . '_js') . $debugQueryParam . '"></script>';
}
$prc = Config::getPluginsRemoteConfig();
if (!empty($prc)) {
echo '<script type="text/javascript">CB.plugin.config = ' . Util\jsonEncode($prc) . ';</script>';
}
echo '<script type="text/javascript" src="' . $coreUrl . '/js/CB.DB.php"></script>';
?>
<script type="text/javascript">setProgress('<?php
echo L\get('Initialization');
?>
', '100%')</script>
</body>
</html>
<?php
saveMinifyUris();
for ($j = 0; $j < sizeof($lp); $j++) {
$lp[$j] = str_replace(array('%', '\\/'), array('', '/'), $lp[$j]);
}
$arr[] = $lp;
}
echo "\n" . 'CB.DB.languages = new Ext.data.ArrayStore({' . 'model: \'Language\'' . ', data: ' . (empty($arr) ? '[]' : Util\jsonEncode($arr)) . '});' . "\n";
/* end of languages */
/* Security questions */
$arr = array();
for ($i = 0; $i < 10; $i++) {
$sq = L\get('SecurityQuestion' . $i);
if (!empty($sq)) {
$arr[] = array($i, $sq);
}
}
$osq = L\get('OwnSecurityQuestion');
if (!empty($osq)) {
$arr[] = array(-1, $osq);
}
echo "\n" . 'CB.DB.securityQuestions = new Ext.data.ArrayStore({' . 'model: \'SecurityQuestion\'' . ',data: ' . (empty($arr) ? '[]' : Util\jsonEncode($arr)) . '});' . "\n";
/* end of Security questions */
/* templates */
$templatesClass = new Templates();
$data = $templatesClass->getTemplatesStructure();
$templates = array();
foreach ($data['data'] as $t => $fields) {
$templates[$t] = array();
foreach ($fields as $f) {
$templates[$t][$f['pid']][] = $f;
}
}
/**
* return default configs for known grid columns
* @return array
*/
public static function getDefaultGridColumnConfigs()
{
$instance = static::getInstance();
if (empty($instance->defaultGridColumnConfigs)) {
$userConfig =& $_SESSION['user']['cfg'];
$dateFormat = $userConfig['short_date_format'];
$dateTimeFormat = $dateFormat . ' ' . $userConfig['time_format'];
$instance->defaultGridColumnConfigs = array('nid' => array('title' => 'ID', 'width' => 80), 'name' => array('title' => L\get('Name'), 'width' => 300), 'path' => array('title' => L\get('Path'), 'width' => 150), 'case' => array('title' => L\get('Project'), "solr_column_name" => "case_id", "fieldType" => "_objects", 'width' => 150), 'date' => array('title' => L\get('Date'), 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'size' => array('title' => L\get('Size'), 'width' => 80), 'cid' => array('title' => L\get('Creator'), 'width' => 200), 'oid' => array('title' => L\get('Owner'), 'width' => 200), 'uid' => array('title' => L\get('UpdatedBy'), 'width' => 200), 'did' => array('title' => L\get('UpdatedBy'), 'width' => 200), 'comment_user_id' => array('title' => L\get('CommentedBy'), 'width' => 200), 'cdate' => array('title' => L\get('CreatedDate'), 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'udate' => array('title' => L\get('UpdatedDate'), 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'ddate' => array('title' => L\get('DeletedDate'), 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'comment_date' => array('title' => L\get('CommentedDate'), 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'date_end' => array('title' => L\get('EndDate'), 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'order' => array('title' => L\get('Order'), "align" => "center", "width" => 10, "columnWidth" => 10), 'task_u_assignee' => array('title' => L\get('Assignee'), 'width' => 200), 'task_u_started' => array('title' => L\get('StartedBy'), 'width' => 200), 'task_u_ongoing' => array('title' => L\get('Ongoing'), 'width' => 200), 'task_u_done' => array('title' => L\get('DoneBy'), 'width' => 200), 'task_u_blocker' => array('title' => L\get('Blocker'), 'width' => 200), 'task_u_all' => array('title' => L\get('All'), 'width' => 200), 'task_d_closed' => array('title' => L\get('ClosedDate'), "solr_column_name" => "task_d_closed", 'width' => 130, 'xtype' => 'datecolumn', 'format' => $dateTimeFormat), 'task_status' => array('title' => L\get('Status'), 'width' => 70));
}
return $instance->defaultGridColumnConfigs;
}
/**
* update a record by username param
* @param array $p array with properties
* @return boolean
*/
public static function updateByName($p)
{
if (empty($p['name'])) {
trigger_error(L\get('ErroneousInputData') . ' no username specified for updateByName function', E_USER_ERROR);
}
$p['id'] = static::getIdByName($p['name']);
return static::update($p);
}
<input type="text" name="c" id="c" placeholder="<?php
echo L\get('EnterCode');
?>
">
<?php
echo isset($_SESSION['message']) ? '<div class="alert alert-error">' . $_SESSION['message'] . '</div>' : '';
?>
<span class="icon-lock"></span>
</label>
<?php
//dont show login button for yubikey authentication
$cfg = User::getTSVConfig();
if ($cfg['method'] !== 'ybk') {
echo '<input type="submit" name="s" id="s" value="' . L\get('Verify') . '" class="btn btn-info" style="margin-top: 26px;" disabled>';
}
echo '<a href="/' . $coreName . '/login/auth/?l=1" style="margin-top: 30px;" class="pull-right">' . L\get('Exit') . '</a>';
}
?>
</form>
</div>
</div>
<div class="footer">
<?php
echo Config::get('login_footer_text');
?>
</div>
<div class="footer" style="right: 0px;">
<a href="https://www.casebox.org/">www.casebox.org</a> <span style="color: #AAA; padding-left: 2px; padding-right: 5px">•</span> <a href="http://forum.casebox.org/">Support forum</a>
</div>
if (!is_numeric($id)) {
exit(0);
}
$toolbarItems = array('<a href="' . $coreUrl . '?locate=' . $id . '">' . L\get('OpenInCasebox') . '</a>');
$obj = Objects::getCachedObject($id);
$objData = $obj->getData();
$objType = $obj->getType();
// if external window then print the toolbar
if (empty($_GET['i'])) {
echo '<html><head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="/css/tasks.css" /></head>
<body>
';
if ($objType == 'file') {
$toolbarItems[] = '<a href="' . $coreUrl . 'download/' . $id . '/">' . L\get('Download') . '</a>';
}
echo '<table border="0" cellspacing="12" cellpading="12"><tr><td>' . implode('</td><td>', $toolbarItems) . '</td></tr></table>';
}
$preview = array();
switch ($obj->getType()) {
case 'file':
$sql = 'SELECT p.filename
FROM files f
JOIN file_previews p ON f.content_id = p.id
WHERE f.id = $1';
if (!empty($version_id)) {
$sql = 'SELECT p.filename
FROM files_versions f
JOIN file_previews p ON f.content_id = p.id
WHERE f.file_id = $1
