public static function from_idmobject()
{
$perm = new Permissions();
$grant = array();
if (\IDMObject::authZ('role', 'tcert')) {
$grant[] = 'tcert';
}
if (\IDMObject::authz('permission', 'tcert_admin')) {
$grant[] = 'admin';
}
if (\IDMObject::authz('permission', 'tcert_gatesystem_ug')) {
$grant[] = 'gatesystem_ug';
}
if (\IDMObject::authz('permission', 'tcert_gatesystem_gr')) {
$grant[] = 'gatesystem_gr';
}
if (\IDMObject::authz('permission', 'mis')) {
$grant[] = 'superadmin';
}
if (\IDMObject::authz('role', 'faculty')) {
$grant[] = 'faculty';
}
$perm->grant($grant);
$perm->pidm = $_SESSION['pidm'];
return $perm;
}
public function __construct($title = null)
{
parent::__construct($title);
$this->user = new PSUPerson($_SESSION['wp_id']);
$this->params = new FinaidParams();
$this->params['admin'] = IDMObject::authZ('permission', 'mis') || IDMObject::authZ('permission', 'finaid_myfinaid_admin');
$this->tpl->assign('params', $this->params);
$this->_init_person($this->params['id']);
$this->params['aid_year'] = $this->_init_aid_years($this->params['aid_year']);
//
// setup testing data
//
$this->testing = new FinaidTesting();
// admins can do test mode
if ($this->params['admin']) {
$this->params['testable'] = true;
}
if ($this->params['testable']) {
$this->testing->mock($this->target);
}
$this->tpl->assign('testing', $this->testing);
// Warn user about pending relationships, no more than once every 5 minutes
if ($this->params['warned-pending'] < time() - 300 && ($pending = $this->user->myrelationships->get('pending'))) {
$this->params['warned-pending'] = time();
$count = count($pending);
$_SESSION['warnings']['finaid-pending'] = sprintf('You have %d pending relationship%s. Please note that you can\'t see another person\'s financial aid information until your relationship with that person is confirmed. Visit <a href="http://go.plymouth.edu/familychannel">Family Access</a> for more details.', $count, $count == 1 ? '' : 's');
}
}
/**
* initializeSession
*
* Set up necessary session variables.
*/
function initializeSession()
{
if (!isset($_SESSION['errors'])) {
$_SESSION['errors'] = array();
}
if (!isset($_SESSION['messages'])) {
$_SESSION['messages'] = array();
}
$_SESSION['student'] = array();
$_SESSION['user_type'] = null;
$_SESSION['editing'] = true;
// first time through means we're editing
$_SESSION['ae_init'] = true;
$_SESSION['pidm'] = $GLOBALS['BannerIDM']->getIdentifier($_SESSION['username'], 'username', 'pidm');
if (IDMObject::authZ('permission', 'academic_excellence_admin')) {
$_SESSION['user_type'] = 'admin';
} else {
$gpa = $GLOBALS['BannerStudent']->getOverallGPA($_SESSION['pidm']);
$_SESSION['gpa'] = $gpa['r_gpa'];
unset($gpa);
if ($_SESSION['username'] == 'ambackstrom') {
$_SESSION['gpa'] = 3.5;
// DEBUG: always let student through
}
// they're 'aestudent' only if their gpa qualifies
if ($_SESSION['gpa'] < 3.5) {
return;
}
$_SESSION['user_type'] = 'aestudent';
$name = $GLOBALS['BannerStudent']->getName($_SESSION['pidm']);
$_SESSION['student']['full_name'] = sprintf('%s %s %s', $name['r_first_name'], $name['r_mi'], $name['r_last_name']);
$_SESSION['student']['first_name'] = $name['r_first_name'];
$_SESSION['student']['middle_name'] = $name['r_mi'];
$_SESSION['student']['last_name'] = $name['r_last_name'];
unset($name);
$student = AEStudent::getStudentData($_SESSION['pidm'], $GLOBALS['TERM']);
$_SESSION['student'] = array_merge($_SESSION['student'], $student);
// (confirmed != -1) means that they have already submitted the form in a previous session
if ($student['confirmed'] > -1) {
$_SESSION['editing'] = false;
}
}
}
<?php
require dirname(dirname(__DIR__)) . '/legacy/git-bootstrap.php';
require_once 'autoload.php';
PSU::session_start();
require_once 'PSUWordPress.php';
$GLOBALS['BASE_URL'] = $GLOBALS['RELATIVE_URL'] = '/webapp/els';
$GLOBALS['BASE_DIR'] = __DIR__;
$GLOBALS['UPLOAD_DIR'] = PSU::UPLOAD_DIR . $GLOBALS['BASE_URL'];
$GLOBALS['TITLE'] = 'ELS Administration';
$GLOBALS['META_WEBAPP'] = 'webapp_els';
require_once $GLOBALS['BASE_DIR'] . '/includes/ELS.class.php';
IDMObject::authN();
if (!IDMObject::authZ('permission', 'els_admin')) {
die('You do not have access to this application.');
}
$response['status'] = 'success';
$response['message'] = sprintf('%s "%s" was sucessfully added.', ucfirst($type), $attribute['attribute']);
$name = $GLOBALS['BannerIDM']->getName($person->pidm, 'f,l');
list($response['first_name'], $response['last_name']) = explode(',', $name);
$response['username'] = $person->username;
$response['source'] = $attribute['source'];
$response['pid'] = $person->pidm;
$GLOBALS['ape']->log($person->pidm, $action, $action_status, $type, $log_attribute);
}
} elseif ($action == 'remove') {
$id = $_REQUEST['id'];
$role = $GLOBALS['BannerIDM']->getLog($id);
if ($role['source'] !== $GLOBALS['IDM_SOURCE']) {
throw new Exception(sprintf('That role was added via %s, and cannot be deleted through %s.', $role['source'], $GLOBALS['IDM_SOURCE']));
}
if (!$global_attribute_admin && !IDMObject::authZ('admin', $role['attribute'])) {
throw new Exception("You cannot administer the {$role['attribute']} attribute");
}
$GLOBALS['BannerIDM']->removeAttribute($person->pidm, $id);
list($type_id, $type) = $GLOBALS['BannerIDM']->any2type($role['type_id']);
$log_attribute = $role['attribute'];
$response['status'] = 'success';
$response['message'] = sprintf('%s "%s" has been removed.', ucfirst($type), $role['attribute']);
$GLOBALS['ape']->log($person->pidm, $action, $action_status, $type, $log_attribute);
} else {
$GLOBALS['ape']->log($person->pidm, $action, $action_status, $type, $log_attribute);
}
} catch (Exception $e) {
$response['message'] = $e->GetMessage() . ($e->GetCode() ? '(' . $e->GetCode() . ')' : '');
$GLOBALS['ape']->log($person->pidm, $action, $action_status, $type, $log_attribute);
}
<?php
// Generic response (don't force the trailing slash: this should catch any accidental laziness)
respond('/?', function ($request, $response, $app) {
// Let's create a session variable, so we know where to redirect back to
$redirect_to = $request->param('redirect_to');
// Let's log the user out
IDMObject::unauthN($redirect_to);
});
// Let's create a success page
respond('/logout-success/?', function ($request, $response, $app) {
// Display the template
$app->tpl->assign('show_page', 'logout-success');
$app->tpl->display('_wrapper.tpl');
});
// Let's create a cute little message page... so that PhoneGap users just see a flashing page
respond('/logout-message/?', function ($request, $response, $app) {
// Display the template
$app->tpl->assign('show_page', 'logout-message');
$app->tpl->display('_wrapper.tpl');
});
<?php
$person = new PSUPerson($_REQUEST['pidm']);
$action = $_REQUEST['action'];
$value = $_REQUEST['value'];
if (!$person->pidm) {
$person = new PSUPerson($_REQUEST['username']);
}
$logs = $GLOBALS['BannerIDM']->getLogs($person->pidm);
$attribute_log = current(current($logs[$action]));
if ($attribute_log['source'] == 'ape') {
$log = $GLOBALS['BannerIDM']->getLog($attribute_log['origin_id']);
if (IDMObject::authZ('admin', $log['attribute']) || IDMObject::authZ('permission', 'ape_attribute_admin')) {
$GLOBALS['BannerIDM']->setAttribute($person->pidm, $action, $value, 'ape', false, 'parent_id=' . $attribute_log['parent_id'] . '&origin_id=' . $attribute_log['origin_id']);
}
}
//end if
// bail here if request was javascript
if (isset($_GET['method']) && $_GET['method'] == 'js') {
header('Content-type: text/javascript');
$response['pidm'] = $person->pidm;
$response['type'] = $type;
$response['attribute'] = $log_attribute;
die($value);
}
PSUHTML::redirect($GLOBALS['BASE_URL'] . '/user/' . $person->pidm);
<?php
PSU::get()->banner = PSU::db('psc1');
respond('/?', function ($request, $response, $app) {
$ecommerce_running = shell_exec('ps ef | grep ecommerce_process.php | grep -v grep');
if ($ecommerce_running) {
$_SESSION['messages'][] = 'The ECommerce processing script is currently running. Reload to check the status.';
$app->tpl->assign('ecommerce_processing', true);
}
//end if
$app->tpl->assign('ecommerce_pending_files', \PSU\Ecommerce::pending_files());
$app->tpl->assign('ecommerce_pending', \PSU\Ecommerce::pending());
$app->tpl->assign('ecommerce_files', \PSU\Ecommerce::file_info());
$app->tpl->assign('ecommerce_report', \PSU\Ecommerce::report());
$app->tpl->display('ecommerce.tpl');
});
respond('/process', function ($request, $response, $app) {
$user = PSU::isDev() ? 'nrporter' : 'webguru';
if (PSU::isDev() && !IDMObject::authN('mis')) {
return;
}
//end if
$command = '~' . $user . '/scripts/ecommerce_process.php --instance=' . strtolower(PSU::db('banner')->database) . ' &';
exec($command);
$_SESSION['successes'][] = 'The ECommerce processing script has begun. Please check back shortly.';
PSU::redirect($GLOBALS['BASE_URL']);
});
$pdf->SetFillColor(5, 66, 6);
$pdf->SetTextColor(255, 255, 255);
$fill = true;
$pdf->SetFont('Arial', '', 13);
$pdf->Cell(190, 7, 'Employee Clearance Checklist for ' . $person->formatName('f m l'), 0, 1, 'C', $fill);
$pdf->SetFont('Arial', '', 10);
$pdf->Cell(190, 6, 'Username: '******'C', $fill);
$pdf->setTextColor(5, 66, 6);
$pdf->ln(5);
$checklist_items = array();
$categories = array();
$checklist = HRChecklist::get($person->pidm, $list);
$categories = HRChecklist::categories($checklist['type']);
$checklist_id = HRChecklist::get($person->pidm, $list, 'id');
$closed = HRChecklist::meta_exists($checklist_id, 'closed', 1);
if (IDMObject::authZ('permission', 'ape_checklist_employee_exit_hr')) {
if ($_POST['checklist_closed'] && !$closed) {
HRChecklist::add_meta($checklist_id, 'closed', 1);
HRChecklist::toggle_checklist($checklist_id, $_REQUEST['identifier'], true);
HRChecklist::add_meta($checklist_id, 'closed_marked_by', $_SESSION['pidm']);
} elseif (!$_POST['checklist_closed'] && $closed) {
HRChecklist::add_meta($checklist_id, 'closed', 0);
HRChecklist::toggle_checklist($checklist_id, $_REQUEST['identifier'], false);
HRChecklist::add_meta($checklist_id, 'closed_marked_by', $_SESSION['pidm']);
}
//end elseif
}
//end if
$closed_person = HRChecklist::get_meta($checklist['id'], 'closed_marked_by', 1);
$closed_person = $closed_person['meta_value'];
if ($closed_person) {
<?php
/**
* reset the expiration date on person_phone so that they are prompted to sign up with and re-confirm mobile number when logging into myPlymouth
*/
try {
// can the user perform this action?
if (!IDMObject::authZ('permission', 'mis') && !APEAuthZ::infodesk()) {
throw new Exception('You are not authorized to reset emergency phone information.');
}
// end if
// did we get all the needed data?
if (!isset($_GET['wp_id'])) {
throw new Exception('wp_id was missing in request.');
}
// end if
$person = PSUPerson::get($_GET['wp_id']);
if ($ok = $person->emergency_phone->unconfirm()) {
$GLOBALS['LOG']->write('Emergency phone reset', $_GET['wp_id']);
$response['message'] = 'Emergency number reset. They will be prompted to confirm on next login (assuming they are a student/employee)';
$response['status'] = 'success';
} else {
throw new Exception('Error resetting: ' . $ok);
}
// end else
} catch (Exception $e) {
$response['message'] = $e->getMessage();
}
// end catch
//
// ajax requests end here
/**
* redirects if not admin
*/
private function _force_admin()
{
if (!IDMObject::authZ('role', 'myplymouth')) {
$_SESSION['errors'][] = 'You are not allowed to view the MyPlymouth administration interface.';
PSU::redirect($GLOBALS['BASE_URL']);
}
//end if
}
/**
* Convenience function to test if the user can administer this role.
*
* @param $role \b array an associative array of the role data
*/
function canAdminRole($role = null)
{
// can't admin attributes
if (!IDMObject::authZ('permission', 'ape_attribute_admin')) {
return false;
}
// wasn't a role-specific query, user is allowed
if ($role == null) {
return true;
}
// allowed to edit this role?
if ($role['origin_id'] == null && $role['source'] == $GLOBALS['IDM_SOURCE']) {
return true;
}
return false;
}
});
respond('/?', function ($request, $response, $app) {
$contracts = new PSU\AR\PaymentPlan\Feed\Contracts(10);
$disbursements = new PSU\AR\PaymentPlan\Feed\Disbursements(4);
$app->tpl->assign('date_format', '%b %e @ %l:%M %P');
$app->tpl->assign('contracts', $contracts);
$app->tpl->assign('disbursements', $disbursements);
$app->tpl->display('payment-plans.tpl');
});
respond('/process/[contract|disbursement:script]', function ($request, $response, $app) {
$script = $request->script;
if ($app->running[$script]) {
PSU::redirect($GLOBALS['BASE_URL'] . '/payment-plans');
}
//end if
$user = PSU::isDev() ? 'nrporter' : 'webguru';
if (PSU::isDev() && !IDMObject::authZ('permission', 'mis')) {
$_SESSION['errors'][] = 'Only MIS can run this script in development';
PSU::redirect($GLOBALS['BASE_URL'] . '/payment-plans');
}
//end if
if ('contract' == $script) {
$command = '/usr/local/bin/php ~' . $user . '/scripts/payment_plan_' . $script . '.php -i ' . strtolower(PSU::db('banner')->database) . ' &';
} else {
$command = '/usr/local/bin/php ~' . $user . '/scripts/payment_plan_' . $script . '.php --instance=' . strtolower(PSU::db('banner')->database) . ' &';
}
//end else
exec($command);
$_SESSION['successes'][] = 'The Payment Plan ' . ucwords($script) . ' processing script has begun. Please check back shortly.';
PSU::redirect($GLOBALS['BASE_URL'] . '/payment-plans');
});
/**
* Return true if current user is a portal admin, false if not
*/
public function is_admin()
{
return IDMObject::authZ('role', 'myplymouth');
}
$GLOBALS['USER_DB'] = PSUDatabase::connect('mysql/user_info-admin');
//$GLOBALS['EPO'] = PSUDatabase::connect('mssql/epo_mercury');
$GLOBALS['ASTER'] = PSUDatabase::connect('mysql/aster-misuser');
$GLOBALS['MYPLYMOUTH'] = PSUDatabase::connect('mysql/myplymouth');
/*******************[End Database Connections]*****************/
// which portal we are working in, for now there is only one, and we hardcode it!
$GLOBALS['Workflow'] = new Workflow();
$GLOBALS['BannerGeneral'] = new BannerGeneral($GLOBALS['BANNER']);
$GLOBALS['BannerStudent'] = new BannerStudent($GLOBALS['BANNER']);
$GLOBALS['PWMAN'] = new PasswordManager($GLOBALS['MYPLYMOUTH'], $_ = false, $GLOBALS['USER_DB']);
$GLOBALS['LOG'] = new PSULog('ape', $_SESSION['username']);
$GLOBALS['ZimbraAdmin'] = new zimbraAdmin();
/*******************[Authorization Stuff]*****************/
$GLOBALS['user_roles'] = PSU::get('idmobject')->getAllBannerRoles($_SESSION['username']);
$path_parts = pathinfo($_SERVER['SCRIPT_FILENAME']);
if (!IDMObject::authZ('role', 'staff') && !IDMObject::authZ('role', 'ape') && !APEAuthZ::infodesk() && !APEAuthZ::family() && !APEAuthZ::student() && !APEAuthZ::advancement() && !$_SESSION['impersonate']) {
echo 'You (' . $_SESSION['username'] . ') do not have access to use this application. If ' . $_SESSION['username'] . ' is not your username, please log in to <a href="http://go.plymouth.edu/logout">myPlymouth</a> and try again.';
exit;
}
//end if
/*******************[End Authorization Stuff]*****************/
if ($_GET['mobile']) {
$_SESSION['psu_mobile'] = true;
} elseif ($_GET['nomobile']) {
$_SESSION['psu_mobile'] = false;
}
//end else
$GLOBALS['myuser'] = new PSUPerson($_SESSION['username']);
// first-time init. of error and message vars
if (!isset($_SESSION['errors'])) {
$_SESSION['errors'] = $_SESSION['messages'] = array();
throw new Exception('An identity confirmation must be provided.');
}
if (!$GLOBALS['ape']->canResetPassword()) {
$GLOBALS['LOG']->write('Password Reset Attempt Failed: Not authorized to reset passwords.', $username);
throw new Exception('You are not allowed to perform password resets (missing role, or not in IP whitelist).');
}
if (!$username) {
throw new Exception('Username missing from password reset request.');
}
$person = new PSUPerson($username);
if (!$reason && ($ssn != substr($person->ssn, -4) || $dob != $person->birth_date)) {
$GLOBALS['LOG']->write('Password Reset Attempt Failed: invalid DOB & SSN portion provided.', $username);
throw new Exception('The identity verification failed. Either the last 4 of the SSN OR the Date of Birth did not match.');
}
//end if
if ($reason && !IDMObject::authZ('permission', 'ape_pw')) {
throw new Exception('You are not allowed to perform password resets without the last 4 of the SSN and Birth Date.');
}
//end if
if (!$reason) {
$reason = 'Private Data Provided and Verified';
}
//end if
list($username, $password) = $GLOBALS['PWMAN']->defaultCredentials($username);
$GLOBALS['PWMAN']->setPassword($username, $password);
$GLOBALS['PWMAN']->expire($username, 'reset');
$GLOBALS['LOG']->write('Resetting password: '******'Password Reset', 'Reset password.', array('call_status' => 'closed'))) {
$message .= ' Ticket #<a href="http://go.plymouth.edu/log/' . $call_id . '">' . $call_id . '</a> has been logged.';
}
<?php
/**
* Save changes to hardware from hardware.html.
*/
if (!IDMObject::authZ('permission', 'ape_hardware')) {
die('You do not have hardware privileges.');
}
$pidm = (int) $_GET['pidm'];
$id = (int) $_GET['id'];
$person = new PSUPerson($pidm);
$person->hardware->deleteHardware($id);
PSUHTML::redirect($BASE_URL . '/hardware/u/' . $person->username);
// Iterate all valid document roots, looking for this file
foreach ($valid_roots as $root) {
if ($fullpath = realpath($root . '/' . $path)) {
if (substr($fullpath, 0, strlen($root) + 1) === $root . '/') {
break;
}
}
$fullpath = false;
}
// Production currently specifies "RewriteCond %{REQUEST_FILENAME} -f", so
// in theory we won't reach this line of code.
if (false == $fullpath || !is_file($fullpath)) {
header('HTTP/1.1 404 Not Found');
exit('File not found error (' . $path . ')');
}
$user = IDMObject::authN();
$fullpath_dir = dirname($fullpath);
// Find path to our "secure" directory
if ('/secure' === substr($fullpath_dir, -7)) {
$secure_dir = $fullpath_dir;
} else {
$parts = explode('/', $fullpath_dir);
while ('secure' !== array_pop($parts)) {
if (0 === count($parts)) {
break;
}
}
$secure_dir = implode('/', $parts) . '/secure';
}
// Examine optional .htrole
if (file_exists($htrole = $secure_dir . '/.htrole')) {
<?php
// TODO: move the functionality in this file into an API
//
// action page for deleting windows profiles (vista roaming or terminal services)
//
$response = array('status' => 'error', 'message' => null);
try {
// can the user perform this action?
if (!IDMObject::authZ('permission', 'ape_profilereset')) {
throw new Exception('You are not authorized to reset profiles.');
}
// did we get all the needed data?
if (!isset($_GET['username']) || !isset($_GET['profile'])) {
throw new Exception('Username or profile type was missing in request.');
}
$args = array('username' => $_GET['username'], 'profile' => $_GET['profile'] == 0 ? 0 : 1);
// validate the username
$pidm = $GLOBALS['BannerIDM']->getIdentifier($args['username'], 'username', 'pid');
if ($pidm === false) {
throw new Exception('An invalid username was specified (pidm not found).');
}
//
// everything's good, insert the record
//
$systems = PSUDatabase::connect('mysql/systems');
$sql = "INSERT INTO profile_reset (uname, profile) VALUES (?, ?)";
$systems->Execute($sql, $args);
$profile_type = $args['profile'] == 0 ? 'Vista roaming' : 'Terminal Services';
$GLOBALS['LOG']->write('Profile reset (' . $profile_type . ')', $args['username']);
$response['message'] = sprintf("%s profile queued for deletion, this may take up to three minutes.", $profile_type);
/**
* displays a ticket's public updates
*/
public function ticket($ticket)
{
IDMObject::authN();
$sql = "SELECT *,\n\t\t\t\t\t\t\t\t\t CONCAT(date_assigned, ' ', time_assigned) update_date\n\t\t\t FROM call_history\n\t\t\t\t\t\t WHERE call_id = ?\n AND (updated_by = ?\n\t\t\t\t\t\t OR\n\t\t\t\t\t\t tlc_assigned_to = ?\n\t\t\t\t\t\t\t\t\t\tOR\n\t\t\t\t\t\t\t\t\t\tupdated_by = ?\n\t\t\t\t\t\t\t\t\t\tOR\n\t\t\t\t\t\t\t\t\t\ttlc_assigned_to = ?\n\t\t\t\t\t\t\t\t\t )\n\t\t\t\t\t\t ORDER BY date_assigned, time_assigned";
$args = array($ticket, $this->myuser->login_name, $this->myuser->login_name, $this->myuser->wp_id, $this->myuser->wp_id);
$details = PSU::db('calllog')->GetAll($sql, $args);
foreach ($details as &$detail) {
$p = new PSUPerson($detail['updated_by']);
$detail['updated_by_name'] = $p->wp_id == $_SESSION['wp_id'] ? 'You' : $p->formatName('f');
$p->destroy();
unset($p);
}
//end foreach
$sql = "SELECT call_status\n\t\t\t FROM call_history\n\t\t\t\t\t\t WHERE call_id = ? AND current = 1";
$args = array($ticket);
$this->tpl->assign('call_status', PSU::db('calllog')->GetOne($sql, $args));
$this->tpl->assign('details', $details);
$this->tpl->assign('ticket', $ticket);
$tpl = new PSUSmarty();
$tpl->assign('hide_checklist', true);
$tpl->assign('details_title', 'Update Ticket');
$form = $tpl->fetch(PSU_BASE_DIR . '/webapp/calllog/templates/ticket_form.tpl');
$this->tpl->assign('form', $form);
$this->tpl->display('ticket.tpl');
}
exit;
}
// Local Includes
$GLOBALS['LOCAL_INCLUDES'] = $GLOBALS['BASE_DIR'] . '/includes';
$GLOBALS['TEMPORARY_FILES'] = '/web/temp';
// Directory to hold Smarty's compiled templates
$GLOBALS['SMARTY_COMPILE'] = $GLOBALS['TEMPORARY_FILES'] . '/phonebook';
if (!is_writable($GLOBALS['SMARTY_COMPILE'])) {
mkdir($GLOBALS['SMARTY_COMPILE'], 0700);
}
/*******************[End Site Constants]*******************/
$GLOBALS['TITLE'] = 'Public Directory';
/*******************[Authorization]*****************/
$can_see_images = false;
if ($_SESSION['pidm']) {
/**** TODO: make this based off of APE *****/
$GLOBALS['BANNER'] = PSUDatabase::connect('oracle/psc1_psu/fixcase');
if (IDMObject::authZ('department', 'University Police')) {
$can_see_images = true;
}
//end if
/**** END TODO: make this based off of APE *****/
IDMObject::loadAuthZ($_SESSION['pidm']);
if (IDMObject::authZ('permission', 'view_idcard_images')) {
$can_see_images = true;
}
//end if
}
//end if
/*******************[End Authorization]*****************/
$tpl = new PSUTemplate();
public static function visit_plymouth_state()
{
return IDMObject::authZ('banner', 'ug_app') && !IDMObject::authZ('banner', 'ug_app_denied');
}
<?php
try {
if (!IDMObject::authZ('permission', 'ape_wp_email_reset')) {
throw new Exception('You are not authorized to reset profiles.');
}
require_once '/web/connect.plymouth.edu/wp-includes/registration.php';
$person = new PSUPerson($_GET['identifier']);
if (!$person->pidm) {
throw new Exception('Could not load person for pidm: ' . $_GET['pidm']);
}
//end if
$user = get_userdatabypidm($person->pidm);
update_usermeta($user->ID, 'psuname', $person->login_name);
delete_usermeta($user->ID, 'ac_pwreset');
$response['message'] = 'WP psuname has been synched.';
$email = trim($_GET['email']);
if ($email) {
if ($_GET['type'] == 'primary') {
$user_data = array('ID' => $user->ID, 'user_email' => $email);
$which = "Email";
$old_email = $user->user_email;
$result = wp_update_user((array) $user_data);
} else {
$which = "Alt. email";
$old_email = $user->email_alt;
$result = update_usermeta($user->ID, 'email_alt', $email);
}
if ($result) {
$response['message'] .= sprintf(' %s changed from "%s" to "%s"', $which, $old_email, $email);
}
<?php
/**
* Utility script to dump email addresses for every portal user who
* has done some customization. Currently, this includes adding a
* relationship and modifying the layout.
*
* Append ?simple=1 to URL to hide names.
*/
require __DIR__ . '/init.php';
require_once 'autoload.php';
IDMObject::authN();
if (!IDMObject::authZ('role', 'myplymouth')) {
die('no access');
}
echo '<pre>';
PSU::get()->portal = PSU::db('portal_dev');
$sql = "SELECT DISTINCT wpid1 FROM relsearch WHERE substr(wpid1, 1, 1) <> 't'";
$wpids = PSU::db('portal')->GetCol($sql);
$sql = "SELECT DISTINCT wp_id FROM usertabs WHERE wp_id != 0 AND substr(wp_id, 1, 1) <> 't'";
$wpids2 = PSU::db('portal')->GetCol($sql);
$wpids = array_merge($wpids, $wpids2);
$wpids = array_unique($wpids);
sort($wpids);
if (!$_GET['simple']) {
echo "// append ?simple=1 to url to hide names\n\n";
}
foreach ($wpids as $wpid) {
$p = new PSUPerson($wpid);
if ($_GET['simple'] == 1) {
if ($p->wp_email) {
<?php
require_once 'autoload.php';
PSU::session_start();
// force ssl + start a session
$GLOBALS['BASE_URL'] = '/webapp/mobile-notifications';
$GLOBALS['BASE_DIR'] = __DIR__;
$GLOBALS['TITLE'] = 'PSU Mobile Notifications';
$GLOBALS['TEMPLATES'] = $GLOBALS['BASE_DIR'] . '/templates';
$GLOBALS['EMERGENCY_GROUP'] = 8306124;
require_once 'klein/klein.php';
if (file_exists($GLOBALS['BASE_DIR'] . '/debug.php')) {
include $GLOBALS['BASE_DIR'] . '/debug.php';
}
IDMObject::authN();
/**
* Routing provided by klein.php (https://github.com/chriso/klein.php)
* Make some objects available elsewhere.
*/
respond(function ($request, $response, $app) {
// initialize the template
$app->tpl = new PSUTemplate();
// get the logged in user
$app->user = PSUPerson::get($_SESSION['wp_id']);
$app->groups = array();
// assign user to template
$app->tpl->assign('user', $app->user);
$app->config = new PSU\Config();
$app->config->load();
if ('Registered and confirmed' == $app->user->rave_state) {
$rave_user = \PSU\Rave\User::get($app->user->wpid);
<?php
header('Content-type: application/json');
$idm = new IDMObject($GLOBALS['BANNER']);
if (isset($_GET['attribute'])) {
$attribute = $_GET['attribute'];
$children = $idm->getChildAttributes($attribute);
$attributes = array();
foreach ($children as $type) {
$attributes = array_merge($attributes, array_keys($type));
}
} else {
$roles = $idm->getRoles();
$attributes = array();
foreach ($roles as &$role) {
$attributes[] = $role['attribute'];
}
}
echo json_encode($attributes);
require_once 'BannerStudent.class.php';
//student class
require_once 'PSUECommerce.class.php';
require_once 'PSUECommerceInterface.class.php';
require_once 'PSUECommerceTransaction.class.php';
require_once 'ecommerce/ETrans.class.php';
require_once 'channel.class.php';
/*******************[End Common Includes]**********************/
/*******************[Local Includes]**********************/
require_once $GLOBALS['LOCAL_INCLUDES'] . '/ECommerceSmarty.class.php';
/*******************[End Local Includes]**********************/
/*******************[Database Connections]*****************/
$which = 'test';
if ($_GET['which'] == 'psc1') {
$which = 'psc1';
} elseif (preg_match('/https?\\:\\/\\/www\\./', $GLOBALS['BASE_URL']) && $_GET['which'] != 'test') {
$which = 'psc1';
}
//end else
$GLOBALS['BANNER'] = PSUDatabase::connect('oracle/' . $which . '_psu/fixcase');
/*******************[End Database Connections]*****************/
$GLOBALS['BannerStudent'] = new BannerStudent($GLOBALS['BANNER']);
$GLOBALS['BannerIDM'] = new IDMObject();
if (strchr($_SERVER['SCRIPT_NAME'], '/admin/')) {
$_SESSION['username'] = IDMObject::authN();
if (!IDMObject::authZ('permission', 'mis')) {
exit("You do not have sufficient permissions to view this page.");
}
//end if
}
//end if
/**
* Return the SQL code used to target elements.
*/
public static function targetSQL(PSUPerson $person, $class)
{
$response = array('tables' => '', 'where' => array("(t.type = 'public' AND t.value = 'public')"));
// don't use targeting if the global identifier is 0 (editing the default layout)
if (!$GLOBALS['identifier']) {
self::use_targeting(false);
}
//end if
// should we show everything, regardless of targeting?
if (!self::use_targeting() || IDMObject::authZ('role', 'myplymouth')) {
$response['where'] = 'AND 1=1';
return $response;
}
// join with center table and targets table
$response['tables'] = sprintf('
LEFT JOIN %3$s ON %1$s.id = %3$s.%2$s
LEFT JOIN targets t ON %3$s.target_id = t.id
', self::dbstr($class, 'table'), self::dbstr($class, 'fk'), self::dbstr($class, 'targets'));
foreach ($_SESSION['AUTHZ']['sql'] as $subtype => $in_sql) {
$response['where'][] = sprintf("(t.type = 'authz' AND t.subtype = '%s' AND value IN %s)", $subtype, $in_sql);
}
if ($person->ad_rules_sql) {
$response['where'][] = sprintf("(t.type = 'ad' AND value IN %s)", $person->ad_roles_sql);
}
if ($person->banner_roles_sql) {
$response['where'][] = sprintf("(t.type = 'banner' AND value IN %s)", $person->banner_roles_sql);
}
$response['where'] = sprintf("AND (%s)", implode(' OR ', $response['where']));
return $response;
}
<?php
include_once '../common.php';
$GLOBALS['p_administrators'] = array('nrporter', 'lrwilcox');
/*******************[End Site Constants]*****************/
/*******************[Authentication Stuff]*****************/
if (!$_GET['hash']) {
$_SESSION['username'] = IDMObject::authN();
if (!in_array($_SESSION['username'], $GLOBALS['p_administrators'])) {
echo 'You do not have access to use this application';
exit;
}
//end if
}
//end if
/*******************[End Authentication Stuff]*****************/
<?php
require dirname(dirname(__DIR__)) . '/legacy/git-bootstrap.php';
require_once 'autoload.php';
PSU::session_start();
$GLOBALS['BASE_DIR'] = dirname(__FILE__);
$GLOBALS['BASE_URL'] = '/webapp/cdn';
$GLOBALS['TEMPLATES'] = $GLOBALS['BASE_DIR'] . '/templates';
$GLOBALS['TITLE'] = 'CDN Manager';
require_once 'includes/CDNController.class.php';
require_once 'includes/CDNAPI.class.php';
IDMObject::authN();
if (!IDMObject::authZ('permission', 'web_developer')) {
die('You don\'t have access to ski on the moon.');
}
CDNController::delegate();
