Exemple #1
0
 /**
  * Layout Page Logic
  * @return 
  * @param $db Object
  */
 function __construct(database $db, user $user)
 {
     $this->db =& $db;
     $this->user =& $user;
     $this->sub_page = Kit::GetParam('sp', _GET, _WORD, 'view');
     $this->layoutid = Kit::GetParam('layoutid', _REQUEST, _INT);
     // If we have modify selected then we need to get some info
     if ($this->layoutid != '') {
         // get the permissions
         Debug::LogEntry('audit', 'Loading permissions for layoutid ' . $this->layoutid);
         $this->auth = $user->LayoutAuth($this->layoutid, true);
         if (!$this->auth->edit) {
             trigger_error(__("You do not have permissions to edit this layout"), E_USER_ERROR);
         }
         $this->sub_page = "edit";
         $sql = " SELECT layout, description, userid, retired, xml FROM layout ";
         $sql .= sprintf(" WHERE layoutID = %d ", $this->layoutid);
         if (!($results = $db->query($sql))) {
             trigger_error($db->error());
             trigger_error(__("Cannot retrieve the Information relating to this layout. The layout may be corrupt."), E_USER_ERROR);
         }
         if ($db->num_rows($results) == 0) {
             $this->has_permissions = false;
         }
         while ($aRow = $db->get_row($results)) {
             $this->layout = Kit::ValidateParam($aRow[0], _STRING);
             $this->description = Kit::ValidateParam($aRow[1], _STRING);
             $this->retired = Kit::ValidateParam($aRow[3], _INT);
             $this->xml = $aRow[4];
         }
     }
 }
 public function Add($dataSetId, $heading, $dataTypeId, $listContent, $columnOrder = 0, $dataSetColumnTypeId = 1, $formula = '')
 {
     Debug::LogEntry('audit', sprintf('IN - DataSetID = %d', $dataSetId), 'DataSetColumn', 'Add');
     try {
         $dbh = PDOConnect::init();
         // Is the column order provided?
         if ($columnOrder == 0) {
             $SQL = "";
             $SQL .= "SELECT IFNULL(MAX(ColumnOrder), 1) AS ColumnOrder ";
             $SQL .= "  FROM datasetcolumn ";
             $SQL .= "WHERE datasetID = :datasetid ";
             $sth = $dbh->prepare($SQL);
             $sth->execute(array('datasetid' => $dataSetId));
             if (!($row = $sth->fetch())) {
                 return $this->SetError(25005, __('Could not determine the Column Order'));
             }
             $columnOrder = Kit::ValidateParam($row['ColumnOrder'], _INT);
         }
         // Insert the data set column
         $SQL = "INSERT INTO datasetcolumn (DataSetID, Heading, DataTypeID, ListContent, ColumnOrder, DataSetColumnTypeID, Formula) ";
         $SQL .= "    VALUES (:datasetid, :heading, :datatypeid, :listcontent, :columnorder, :datasetcolumntypeid, :formula) ";
         $sth = $dbh->prepare($SQL);
         $sth->execute(array('datasetid' => $dataSetId, 'heading' => $heading, 'datatypeid' => $dataTypeId, 'listcontent' => $listContent, 'columnorder' => $columnOrder, 'datasetcolumntypeid' => $dataSetColumnTypeId, 'formula' => $formula));
         $id = $dbh->lastInsertId();
         Debug::LogEntry('audit', 'Complete', 'DataSetColumn', 'Add');
         return $id;
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage());
         return $this->SetError(25005, __('Could not add DataSet Column'));
     }
 }
Exemple #3
0
 /**
  * Defines the Version and returns it
  * @return 
  * @param $object String [optional]
  */
 static function Version($object = '')
 {
     try {
         $dbh = PDOConnect::init();
         $sth = $dbh->prepare('SELECT app_ver, XlfVersion, XmdsVersion, DBVersion FROM version');
         $sth->execute();
         if (!($row = $sth->fetch())) {
             throw new Exception('No results returned');
         }
         $appVer = Kit::ValidateParam($row['app_ver'], _STRING);
         $xlfVer = Kit::ValidateParam($row['XlfVersion'], _INT);
         $xmdsVer = Kit::ValidateParam($row['XmdsVersion'], _INT);
         $dbVer = Kit::ValidateParam($row['DBVersion'], _INT);
         if (!defined('VERSION')) {
             define('VERSION', $appVer);
         }
         if (!defined('DBVERSION')) {
             define('DBVERSION', $dbVer);
         }
         if ($object != '') {
             return Kit::GetParam($object, $row, _STRING);
         }
         return $row;
     } catch (Exception $e) {
         trigger_error($e->getMessage());
         trigger_error(__('No Version information - please contact technical support'), E_USER_WARNING);
     }
 }
Exemple #4
0
 public function ValidateQuestion($questionNumber, $response)
 {
     switch ($questionNumber) {
         case 0:
             if (Kit::ValidateParam($response, _BOOL)) {
                 $this->a[0] = "Protected";
             } else {
                 $this->a[0] = "Off";
             }
             return true;
         case 1:
             $this->a[1] = Kit::ValidateParam($response, _INT, 30);
             return true;
         case 2:
             $this->a[2] = Kit::ValidateParam($response, _INT, 30);
             return true;
         case 3:
             $this->a[3] = Kit::ValidateParam($response, _BOOL);
             return true;
         case 4:
             // TODO: Teach Kit how to validate email addresses?
             $this->a[4] = Kit::ValidateParam($response, _PASSWORD);
             return true;
         case 5:
             // TODO: Teach Kit how to validate email addresses?
             $this->a[5] = Kit::ValidateParam($response, _PASSWORD);
             return true;
         case 6:
             $this->a[6] = Kit::ValidateParam($response, _INT, 12);
             return true;
     }
     return false;
 }
Exemple #5
0
 public function ValidateQuestion($questionNumber, $response)
 {
     switch ($questionNumber) {
         case 0:
             $this->a[0] = Kit::ValidateParam($response, _BOOL);
             return true;
     }
     return false;
 }
 /**
  * Unlink all media from the provided media item
  * @param int $mediaid The media item to unlink from
  */
 public function UnlinkAllFromMedia($mediaid)
 {
     Debug::LogEntry('audit', 'IN', get_class(), __FUNCTION__);
     try {
         $dbh = PDOConnect::init();
         $mediaid = Kit::ValidateParam($mediaid, _INT, false);
         $sth = $dbh->prepare('DELETE FROM `lkmediadisplaygroup` WHERE mediaid = :mediaid');
         $sth->execute(array('mediaid' => $mediaid));
         return true;
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage(), get_class(), __FUNCTION__);
         if (!$this->IsError()) {
             $this->SetError(1, __('Unknown Error'));
         }
         return false;
     }
 }
 /**
  * Links everyone to the layout specified
  * @param <type> $layoutId
  * @param <type> $view
  * @param <type> $edit
  * @param <type> $del
  * @return <type>
  */
 public function LinkEveryone($dataSetId, $view, $edit, $del)
 {
     Debug::LogEntry('audit', 'IN', 'DataSetGroupSecurity', 'LinkEveryone');
     try {
         $dbh = PDOConnect::init();
         // Get the Group ID for Everyone
         $sth = $dbh->prepare('SELECT GroupID FROM `group` WHERE IsEveryone = 1');
         $sth->execute();
         if (!($row = $sth->fetch())) {
             throw new Exception('Missing Everyone group');
         }
         // Link
         return $this->Link($dataSetId, Kit::ValidateParam($row['GroupID'], _INT), $view, $edit, $del);
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage());
         return $this->SetError(25024, __('Could not Link DataSet to Group'));
     }
 }
 /**
  * Change a users password
  * @param <type> $userId
  * @param <type> $oldPassword
  * @param <type> $newPassword
  * @param <type> $retypedNewPassword
  * @return <type> 
  */
 public function ChangePassword($userId, $oldPassword, $newPassword, $retypedNewPassword, $forceChange = false)
 {
     try {
         $dbh = PDOConnect::init();
         // Validate
         if ($userId == 0) {
             $this->ThrowError(26001, __('User not selected'));
         }
         // We can force the users password to change without having to provide the old one.
         // Is this a potential security hole - we must have validated that we are an admin to get to this point
         if (!$forceChange) {
             // Get the stored hash
             $sth = $dbh->prepare('SELECT UserPassword FROM `user` WHERE UserID = :userid');
             $sth->execute(array('userid' => $userId));
             if (!($row = $sth->fetch())) {
                 $this->ThrowError(26000, __('Incorrect Password Provided'));
             }
             $good_hash = Kit::ValidateParam($row['UserPassword'], _STRING);
             // Check the Old Password is correct
             if ($this->validate_password($oldPassword, $good_hash) === false) {
                 $this->ThrowError(26000, __('Incorrect Password Provided'));
             }
         }
         // Check the New Password and Retyped Password match
         if ($newPassword != $retypedNewPassword) {
             $this->ThrowError(26001, __('New Passwords do not match'));
         }
         // Check password complexity
         if (!$this->TestPasswordAgainstPolicy($newPassword)) {
             throw new Exception("Error Processing Request", 1);
         }
         // Generate a new SALT and Password
         $hash = $this->create_hash($newPassword);
         $sth = $dbh->prepare('UPDATE `user` SET UserPassword = :hash, CSPRNG = 1 WHERE UserID = :userid');
         $sth->execute(array('hash' => $hash, 'userid' => $userId));
         return true;
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage());
         if (!$this->IsError()) {
             $this->SetError(25000, __('Could not edit Password'));
         }
         return false;
     }
 }
Exemple #9
0
 public function add($tag)
 {
     try {
         $dbh = PDOConnect::init();
         // See if it exists
         $sth = $dbh->prepare('SELECT * FROM `tag` WHERE tag = :tag');
         $sth->execute(array('tag' => $tag));
         if ($row = $sth->fetch()) {
             return Kit::ValidateParam($row['tagId'], _INT);
         }
         // Insert if not
         $sth = $dbh->prepare('INSERT INTO `tag` (tag) VALUES (:tag)');
         $sth->execute(array('tag' => $tag));
         return $dbh->lastInsertId();
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage(), get_class(), __FUNCTION__);
         if (!$this->IsError()) {
             $this->SetError(1, __('Unknown Error'));
         }
         return false;
     }
 }
 /**
  * Links everyone to the layout specified
  * @param <type> $layoutId
  * @param <type> $view
  * @param <type> $edit
  * @param <type> $del
  * @return <type>
  */
 public function LinkEveryone($layoutId, $regionId, $mediaId, $view, $edit, $del)
 {
     try {
         $dbh = PDOConnect::init();
         $sth = $dbh->prepare('SELECT GroupID FROM `group` WHERE IsEveryone = 1');
         $sth->execute();
         if (!($row = $sth->fetch())) {
             throw new Exception("Error Processing Request", 1);
         }
         $groupId = Kit::ValidateParam($row['GroupID'], _INT);
         if (!$this->Link($layoutId, $regionId, $mediaId, $groupId, $view, $edit, $del)) {
             throw new Exception("Error Processing Request", 1);
         }
         return true;
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage());
         if (!$this->IsError()) {
             $this->SetError(1, __('Unknown Error'));
         }
         return false;
     }
 }
 /**
  * Get a list of transitions
  * @param string in/out
  * @param string transition code
  * @return boolean
  */
 public function TransitionAuth($type = '', $code = '')
 {
     // Return a list of in/out transitions (or both)
     $SQL = 'SELECT TransitionID, ';
     $SQL .= '   Transition, ';
     $SQL .= '   Code, ';
     $SQL .= '   HasDuration, ';
     $SQL .= '   HasDirection, ';
     $SQL .= '   AvailableAsIn, ';
     $SQL .= '   AvailableAsOut ';
     $SQL .= '  FROM `transition` ';
     $SQL .= ' WHERE 1 = 1 ';
     if ($type != '') {
         // Filter on type
         if ($type == 'in') {
             $SQL .= '  AND AvailableAsIn = 1 ';
         }
         if ($type == 'out') {
             $SQL .= '  AND AvailableAsOut = 1 ';
         }
     }
     if ($code != '') {
         // Filter on code
         $SQL .= sprintf("AND Code = '%s' ", $this->db->escape_string($code));
     }
     $SQL .= ' ORDER BY Transition ';
     $rows = $this->db->GetArray($SQL);
     if (!is_array($rows)) {
         trigger_error($this->db->error());
         return false;
     }
     $transitions = array();
     foreach ($rows as $transition) {
         $transitionItem = array();
         $transitionItem['transitionid'] = Kit::ValidateParam($transition['TransitionID'], _INT);
         $transitionItem['transition'] = Kit::ValidateParam($transition['Transition'], _STRING);
         $transitionItem['code'] = Kit::ValidateParam($transition['Code'], _WORD);
         $transitionItem['hasduration'] = Kit::ValidateParam($transition['HasDuration'], _INT);
         $transitionItem['hasdirection'] = Kit::ValidateParam($transition['HasDirection'], _INT);
         $transitionItem['enabledforin'] = Kit::ValidateParam($transition['AvailableAsIn'], _INT);
         $transitionItem['enabledforout'] = Kit::ValidateParam($transition['AvailableAsOut'], _INT);
         $transitionItem['class'] = ($transitionItem['hasduration'] == 1 ? 'hasDuration' : '') . ' ' . ($transitionItem['hasdirection'] == 1 ? 'hasDirection' : '');
         $transitions[] = $transitionItem;
     }
     return $transitions;
 }
Exemple #12
0
 function Grid()
 {
     $db =& $this->db;
     $response = new ResponseManager();
     $type = Kit::GetParam('filter_type', _POST, _WORD);
     $fromDt = Kit::GetParam('filter_fromdt', _POST, _STRING);
     setSession('sessions', 'Filter', Kit::GetParam('XiboFilterPinned', _REQUEST, _CHECKBOX, 'off'));
     setSession('sessions', 'filter_type', $type);
     setSession('sessions', 'filter_fromdt', $fromDt);
     $SQL = "SELECT session.userID, user.UserName,  IsExpired, LastPage,  session.LastAccessed,  RemoteAddr,  UserAgent ";
     $SQL .= "FROM `session` LEFT OUTER JOIN user ON user.userID = session.userID ";
     $SQL .= "WHERE 1 = 1 ";
     if ($fromDt != '') {
         // From Date is the Calendar Formatted DateTime in ISO format
         $SQL .= sprintf(" AND session.LastAccessed < '%s' ", DateManager::getMidnightSystemDate(DateManager::getTimestampFromString($fromDt)));
     }
     if ($type == "active") {
         $SQL .= " AND IsExpired = 0 ";
     }
     if ($type == "expired") {
         $SQL .= " AND IsExpired = 1 ";
     }
     if ($type == "guest") {
         $SQL .= " AND session.userID IS NULL ";
     }
     // Load results into an array
     $log = $db->GetArray($SQL);
     Debug::LogEntry('audit', $SQL);
     if (!is_array($log)) {
         trigger_error($db->error());
         trigger_error(__('Error getting the log'), E_USER_ERROR);
     }
     $cols = array(array('name' => 'lastaccessed', 'title' => __('Last Accessed')), array('name' => 'isexpired', 'title' => __('Active'), 'icons' => true), array('name' => 'username', 'title' => __('User Name')), array('name' => 'lastpage', 'title' => __('Last Page')), array('name' => 'ip', 'title' => __('IP Address')), array('name' => 'browser', 'title' => __('Browser')));
     Theme::Set('table_cols', $cols);
     $rows = array();
     foreach ($log as $row) {
         $row['userid'] = Kit::ValidateParam($row['userID'], _INT);
         $row['username'] = Kit::ValidateParam($row['UserName'], _STRING);
         $row['isexpired'] = Kit::ValidateParam($row['IsExpired'], _INT) == 1 ? 0 : 1;
         $row['lastpage'] = Kit::ValidateParam($row['LastPage'], _STRING);
         $row['lastaccessed'] = DateManager::getLocalDate(strtotime(Kit::ValidateParam($row['LastAccessed'], _STRING)));
         $row['ip'] = Kit::ValidateParam($row['RemoteAddr'], _STRING);
         $row['browser'] = Kit::ValidateParam($row['UserAgent'], _STRING);
         // Edit
         $row['buttons'][] = array('id' => 'sessions_button_logout', 'url' => 'index.php?p=sessions&q=ConfirmLogout&userid=' . $row['userid'], 'text' => __('Logout'));
         $rows[] = $row;
     }
     Theme::Set('table_rows', $rows);
     $response->SetGridResponse(Theme::RenderReturn('table_render'));
     $response->Respond();
 }
 public function GetColumns($dataSetId)
 {
     if ($dataSetId == 0 || $dataSetId == '') {
         return $this->SetError(25001, __('Missing dataSetId'));
     }
     try {
         $dbh = PDOConnect::init();
         $sth = $dbh->prepare('SELECT DataSetColumnID, Heading, datatype.DataType, datasetcolumntype.DataSetColumnType, ListContent, ColumnOrder 
               FROM datasetcolumn 
                INNER JOIN `datatype` 
                ON datatype.DataTypeID = datasetcolumn.DataTypeID 
                INNER JOIN `datasetcolumntype` 
                ON datasetcolumntype.DataSetColumnTypeID = datasetcolumn.DataSetColumnTypeID 
              WHERE DataSetID = :datasetid
             ORDER BY ColumnOrder ');
         $sth->execute(array('datasetid' => $dataSetId));
         $results = $sth->fetchAll();
         // Check there are some columns returned
         if (count($results) <= 0) {
             $this->ThrowError(__('No columns'));
         }
         $rows = array();
         foreach ($results as $row) {
             $col['datasetcolumnid'] = Kit::ValidateParam($row['DataSetColumnID'], _INT);
             $col['heading'] = Kit::ValidateParam($row['Heading'], _STRING);
             $col['listcontent'] = Kit::ValidateParam($row['ListContent'], _STRING);
             $col['columnorder'] = Kit::ValidateParam($row['ColumnOrder'], _INT);
             $col['datatype'] = Kit::ValidateParam($row['DataType'], _STRING);
             $col['datasetcolumntype'] = Kit::ValidateParam($row['DataSetColumnType'], _STRING);
             $rows[] = $col;
         }
         Debug::LogEntry('audit', sprintf('Returning %d columns.', count($rows)), 'DataSetColumn', 'GetColumns');
         return $rows;
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage());
         if (!$this->IsError()) {
             $this->SetError(1, __('Unknown Error'));
         }
         return false;
     }
 }
Exemple #14
0
 /**
  * Edit Form
  */
 public function EditForm()
 {
     $db =& $this->db;
     $user =& $this->user;
     $response = new ResponseManager();
     $helpManager = new HelpManager($db, $user);
     // Can we edit?
     if (Config::GetSetting('MODULE_CONFIG_LOCKED_CHECKB') == 'Checked') {
         trigger_error(__('Module Config Locked'), E_USER_ERROR);
     }
     $moduleId = Kit::GetParam('ModuleID', _GET, _INT);
     // Pull the currently known info from the DB
     $SQL = '';
     $SQL .= 'SELECT ModuleID, ';
     $SQL .= '   Name, ';
     $SQL .= '   Enabled, ';
     $SQL .= '   Description, ';
     $SQL .= '   RegionSpecific, ';
     $SQL .= '   ValidExtensions, ';
     $SQL .= '   ImageUri, ';
     $SQL .= '   PreviewEnabled ';
     $SQL .= '  FROM `module` ';
     $SQL .= ' WHERE ModuleID = %d ';
     $SQL = sprintf($SQL, $moduleId);
     if (!($row = $db->GetSingleRow($SQL))) {
         trigger_error($db->error());
         trigger_error(__('Error getting Module'));
     }
     Theme::Set('validextensions', Kit::ValidateParam($row['ValidExtensions'], _STRING));
     Theme::Set('imageuri', Kit::ValidateParam($row['ImageUri'], _STRING));
     Theme::Set('isregionspecific', Kit::ValidateParam($row['RegionSpecific'], _INT));
     Theme::Set('enabled_checked', Kit::ValidateParam($row['Enabled'], _INT) ? 'checked' : '');
     Theme::Set('preview_enabled_checked', Kit::ValidateParam($row['PreviewEnabled'], _INT) ? 'checked' : '');
     // Set some information about the form
     Theme::Set('form_id', 'ModuleEditForm');
     Theme::Set('form_action', 'index.php?p=module&q=Edit');
     Theme::Set('form_meta', '<input type="hidden" name="ModuleID" value="' . $moduleId . '" />');
     $form = Theme::RenderReturn('module_form_edit');
     $response->SetFormRequestResponse($form, __('Edit Module'), '350px', '325px');
     $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('Module', 'Edit') . '")');
     $response->AddButton(__('Cancel'), 'XiboDialogClose()');
     $response->AddButton(__('Save'), '$("#ModuleEditForm").submit()');
     $response->Respond();
 }
Exemple #15
0
 /**
  * Gets a single value from the provided SQL
  * @param <string> $SQL
  * @param <string> $columnName
  * @param <int> $dataType
  * @return <type>
  */
 public function GetSingleValue($SQL, $columnName, $dataType)
 {
     if (!($row = $this->GetSingleRow($SQL))) {
         return false;
     }
     if (!isset($row[$columnName])) {
         $this->error_text = 'No such column or column is null';
         return false;
     }
     return Kit::ValidateParam($row[$columnName], $dataType);
 }
 public function EditForm()
 {
     // Create a form out of the config object.
     $displayProfile = new DisplayProfile();
     $displayProfile->displayProfileId = Kit::GetParam('displayprofileid', _GET, _INT);
     if (!$displayProfile->Load()) {
         trigger_error($displayProfile->GetErrorMessage(), E_USER_ERROR);
     }
     if ($this->user->usertypeid != 1 && $this->user->userid != $displayProfile->userId) {
         trigger_error(__('You do not have permission to edit this profile'), E_USER_ERROR);
     }
     if (empty($displayProfile->type)) {
         trigger_error(__('Unknown Client Type'), E_USER_ERROR);
     }
     // Capture and validate the posted form parameters in accordance with the display config object.
     include 'config/client.config.php';
     if (!isset($CLIENT_CONFIG[$displayProfile->type])) {
         trigger_error(__('CMS Config not supported for ' . $displayProfile->type . ' displays.'), E_USER_ERROR);
     }
     // Set some information about the form
     Theme::Set('form_id', 'DisplayConfigForm');
     Theme::Set('form_action', 'index.php?p=displayprofile&q=Edit');
     Theme::Set('form_meta', '<input type="hidden" name="displayprofileid" value="' . $displayProfile->displayProfileId . '" />');
     $formFields = array();
     $formTabs = array();
     // Tabs?
     foreach ($CLIENT_CONFIG[$displayProfile->type]['tabs'] as $tab) {
         // Create an empty array of form fields for this tab.
         $formFields[$tab['id']] = array();
         // Also add the tab
         $formTabs[] = FormManager::AddTab($tab['id'], $tab['name']);
     }
     // Go through each setting and output a form control to the theme.
     $formFields['general'][] = FormManager::AddText('name', __('Name'), $displayProfile->name, __('The Name of the Profile - (1 - 50 characters)'), 'n', 'maxlength="50" required');
     $formFields['general'][] = FormManager::AddCheckbox('isdefault', __('Default Profile?'), $displayProfile->isDefault, __('Is this the default profile for all Displays of this type? Only 1 profile can be the default.'), 'd');
     foreach ($CLIENT_CONFIG[$displayProfile->type]['settings'] as $setting) {
         // Check to see if we have a value for this setting as yet, if so we use that.
         // TODO: there must be a way to improve this?
         foreach ($displayProfile->config as $set) {
             if ($set['name'] == $setting['name']) {
                 $setting['value'] = $set['value'];
             }
         }
         if ($setting['type'] == 'checkbox' && isset($setting['value'])) {
             $validated = $setting['value'];
         } else {
             if ($setting['fieldType'] == 'timePicker') {
                 // Check if we are 0, if so then set to 00:00
                 if ($setting['value'] == 0) {
                     $validated = '00:00';
                 } else {
                     $validated = DateManager::getLocalDate($setting['value'] / 1000, 'H:i');
                 }
             } else {
                 if (isset($setting['value'])) {
                     $validated = Kit::ValidateParam($setting['value'], $setting['type']);
                 } else {
                     $validated = $setting['default'];
                 }
             }
         }
         //Debug::LogEntry('audit', 'Validated ' . $setting['name'] . '. [' . $setting['value'] . '] as [' . $validated . ']. With type ' . $setting['type']);
         // Each field needs to have a type, a name and a default
         $formFields[$setting['tabId']][] = array('name' => $setting['name'], 'fieldType' => $setting['fieldType'], 'helpText' => $setting['helpText'], 'title' => $setting['title'], 'options' => isset($setting['options']) ? $setting['options'] : array(), 'optionId' => 'id', 'optionValue' => 'value', 'validation' => isset($setting['validation']) ? $setting['validation'] : '', 'value' => $validated, 'enabled' => $setting['enabled'], 'groupClass' => NULL, 'accesskey' => '');
     }
     Theme::Set('form_tabs', $formTabs);
     foreach ($CLIENT_CONFIG[$displayProfile->type]['tabs'] as $tab) {
         Theme::Set('form_fields_' . $tab['id'], $formFields[$tab['id']]);
     }
     $response = new ResponseManager();
     $response->SetFormRequestResponse(NULL, __('Edit Profile'), '650px', '350px');
     $response->AddButton(__('Help'), 'XiboHelpRender("' . HelpManager::Link('DisplayProfile', 'Edit') . '")');
     $response->AddButton(__('Cancel'), 'XiboDialogClose()');
     $response->AddButton(__('Save'), '$("#DisplayConfigForm").submit()');
     $response->Respond();
 }
Exemple #17
0
 /**
  * We need to update the user groups
  */
 private function UpdateUserGroups()
 {
     $db =& $this->db;
     // Get all the current users in the system
     $SQL = "SELECT UserID, groupID, UserName FROM `user`";
     if (!($result = $db->query($SQL))) {
         reportError('20.php', "Error creating user groups" . $db->error());
     }
     while ($row = $db->get_assoc_row($result)) {
         // For each display create a display group and link it to the display
         $ugid = 0;
         $userID = Kit::ValidateParam($row['UserID'], _INT);
         $groupID = Kit::ValidateParam($row['groupID'], _INT);
         $username = Kit::ValidateParam($row['UserName'], _STRING);
         $ug = new UserGroup($db);
         // For each one create a user specific group
         if (!($ugId = $ug->Add($username, 1))) {
             reportError('20.php', "Error creating user groups" . $db->error());
         }
         // Link to the users own userspecific group and also to the one they were already on
         $ug->Link($ugId, $userID);
         $ug->Link($groupID, $userID);
     }
 }
Exemple #18
0
 /**
  * Permissions form
  */
 public function PermissionsForm()
 {
     $db =& $this->db;
     $user =& $this->user;
     $response = new ResponseManager();
     $helpManager = new HelpManager($db, $user);
     $templateId = Kit::GetParam('templateid', _GET, _INT);
     if ($templateId == 0) {
         trigger_error(__('No template selected'), E_USER_ERROR);
     }
     // Is this user allowed to delete this template?
     $auth = $this->user->TemplateAuth($templateId, true);
     // Set some information about the form
     Theme::Set('form_id', 'TemplatePermissionsForm');
     Theme::Set('form_action', 'index.php?p=template&q=Permissions');
     Theme::Set('form_meta', '<input type="hidden" name="templateid" value="' . $templateId . '" />');
     // List of all Groups with a view/edit/delete checkbox
     $SQL = '';
     $SQL .= 'SELECT `group`.GroupID, `group`.`Group`, View, Edit, Del, `group`.IsUserSpecific ';
     $SQL .= '  FROM `group` ';
     $SQL .= '   LEFT OUTER JOIN lktemplategroup ';
     $SQL .= '   ON lktemplategroup.GroupID = group.GroupID ';
     $SQL .= '       AND lktemplategroup.TemplateID = %d ';
     $SQL .= ' WHERE `group`.GroupID <> %d ';
     $SQL .= 'ORDER BY `group`.IsEveryone DESC, `group`.IsUserSpecific, `group`.`Group` ';
     $SQL = sprintf($SQL, $templateId, $user->getGroupFromId($user->userid, true));
     if (!($results = $db->query($SQL))) {
         trigger_error($db->error());
         trigger_error(__('Unable to get permissions for this template'), E_USER_ERROR);
     }
     $checkboxes = array();
     while ($row = $db->get_assoc_row($results)) {
         $groupId = $row['GroupID'];
         $rowClass = $row['IsUserSpecific'] == 0 ? 'strong_text' : '';
         $checkbox = array('id' => $groupId, 'name' => Kit::ValidateParam($row['Group'], _STRING), 'class' => $rowClass, 'value_view' => $groupId . '_view', 'value_view_checked' => $row['View'] == 1 ? 'checked' : '', 'value_edit' => $groupId . '_edit', 'value_edit_checked' => $row['Edit'] == 1 ? 'checked' : '', 'value_del' => $groupId . '_del', 'value_del_checked' => $row['Del'] == 1 ? 'checked' : '');
         $checkboxes[] = $checkbox;
     }
     Theme::Set('form_rows', $checkboxes);
     $form = Theme::RenderReturn('campaign_form_permissions');
     $response->SetFormRequestResponse($form, __('Permissions'), '350px', '500px');
     $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('Template', 'Permissions') . '")');
     $response->AddButton(__('Cancel'), 'XiboDialogClose()');
     $response->AddButton(__('Save'), '$("#TemplatePermissionsForm").submit()');
     $response->Respond();
 }
Exemple #19
0
 /**
  * Resolution Edit Form
  */
 function EditForm()
 {
     $db =& $this->db;
     $user =& $this->user;
     $response = new ResponseManager();
     $resolutionID = Kit::GetParam('resolutionid', _GET, _INT);
     $SQL = sprintf("SELECT resolution, width, height, intended_width, intended_height, enabled FROM resolution WHERE resolutionID = %d", $resolutionID);
     if (!($result = $db->query($SQL))) {
         trigger_error($db->error());
         trigger_error(__('Unable to edit this resolution'), E_USER_ERROR);
     }
     if ($db->num_rows($result) == 0) {
         trigger_error(__('Incorrect resolution id'), E_USER_ERROR);
     }
     $row = $db->get_assoc_row($result);
     $formFields = array();
     $formFields[] = FormManager::AddText('resolution', __('Resolution'), Kit::ValidateParam($row['resolution'], _STRING), __('A name for this Resolution'), 'r', 'required');
     $formFields[] = FormManager::AddNumber('width', __('Width'), Kit::ValidateParam($row['intended_width'], _INT), __('The Width for this Resolution'), 'w', 'required');
     $formFields[] = FormManager::AddNumber('height', __('Height'), Kit::ValidateParam($row['intended_height'], _INT), __('The Height for this Resolution'), 'h', 'required');
     $formFields[] = FormManager::AddCheckbox('enabled', __('Enable?'), Kit::ValidateParam($row['enabled'], _INT), __('Is the Resolution enabled for use?'), 'e');
     Theme::Set('form_fields', $formFields);
     Theme::Set('form_id', 'ResolutionForm');
     Theme::Set('form_action', 'index.php?p=resolution&q=Edit');
     Theme::Set('form_meta', '<input type="hidden" name="resolutionid" value="' . $resolutionID . '" >');
     $response->SetFormRequestResponse(NULL, __('Edit Resolution'), '350px', '250px');
     $response->AddButton(__('Help'), 'XiboHelpRender("' . HelpManager::Link('Template', 'Add') . '")');
     $response->AddButton(__('Cancel'), 'XiboDialogClose()');
     $response->AddButton(__('Save'), '$("#ResolutionForm").submit()');
     $response->Respond();
 }
Exemple #20
0
 /**
  * Edit Form
  */
 public function EditForm()
 {
     $db =& $this->db;
     $user =& $this->user;
     $response = new ResponseManager();
     $helpManager = new HelpManager($db, $user);
     // Can we edit?
     if (Config::GetSetting('MODULE_CONFIG_LOCKED_CHECKB') == 'Checked') {
         trigger_error(__('Module Config Locked'), E_USER_ERROR);
     }
     $moduleId = Kit::GetParam('ModuleID', _GET, _INT);
     // Pull the currently known info from the DB
     $SQL = '';
     $SQL .= 'SELECT ModuleID, ';
     $SQL .= '   Module, ';
     $SQL .= '   Name, ';
     $SQL .= '   Enabled, ';
     $SQL .= '   Description, ';
     $SQL .= '   RegionSpecific, ';
     $SQL .= '   ValidExtensions, ';
     $SQL .= '   ImageUri, ';
     $SQL .= '   PreviewEnabled ';
     $SQL .= '  FROM `module` ';
     $SQL .= ' WHERE ModuleID = %d ';
     $SQL = sprintf($SQL, $moduleId);
     if (!($row = $db->GetSingleRow($SQL))) {
         trigger_error($db->error());
         trigger_error(__('Error getting Module'));
     }
     $type = Kit::ValidateParam($row['Module'], _WORD);
     // Set some information about the form
     Theme::Set('form_id', 'ModuleEditForm');
     Theme::Set('form_action', 'index.php?p=module&q=Edit');
     Theme::Set('form_meta', '<input type="hidden" name="ModuleID" value="' . $moduleId . '" /><input type="hidden" name="type" value="' . $type . '" />');
     $formFields = array();
     $formFields[] = FormManager::AddText('ValidExtensions', __('Valid Extensions'), Kit::ValidateParam($row['ValidExtensions'], _STRING), __('The Extensions allowed on files uploaded using this module. Comma Separated.'), 'e', '');
     $formFields[] = FormManager::AddText('ImageUri', __('Image Uri'), Kit::ValidateParam($row['ImageUri'], _STRING), __('The Image to display for this module. This should be a path relative to the root of the installation.'), 'i', '');
     $formFields[] = FormManager::AddCheckbox('PreviewEnabled', __('Preview Enabled?'), Kit::ValidateParam($row['PreviewEnabled'], _INT), __('When PreviewEnabled users will be able to see a preview in the layout designer'), 'p');
     $formFields[] = FormManager::AddCheckbox('Enabled', __('Enabled?'), Kit::ValidateParam($row['Enabled'], _INT), __('When Enabled users will be able to add media using this module'), 'b');
     // Set any module specific form fields
     $module = ModuleFactory::create($type, $this->db, $this->user);
     // Merge in the fields from the settings
     foreach ($module->ModuleSettingsForm() as $field) {
         $formFields[] = $field;
     }
     Theme::Set('form_fields', $formFields);
     $response->SetFormRequestResponse(NULL, __('Edit Module'), '350px', '325px');
     $response->AddButton(__('Help'), 'XiboHelpRender("' . $helpManager->Link('Module', 'Edit') . '")');
     $response->AddButton(__('Cancel'), 'XiboDialogClose()');
     $response->AddButton(__('Save'), '$("#ModuleEditForm").submit()');
     $response->Respond();
 }
Exemple #21
0
 /**
  * Links a layout and tag
  * @param string $tag The Tag
  * @param int $mediaId The Layout
  */
 public function tag($tag, $mediaId)
 {
     $tagObject = new Tag();
     if (!($tagId = $tagObject->add($tag))) {
         return $this->SetError($tagObject->GetErrorMessage());
     }
     try {
         $dbh = PDOConnect::init();
         // See if this tag exists
         $sth = $dbh->prepare('SELECT * FROM `lktagmedia` WHERE mediaId = :mediaId AND tagId = :tagId');
         $sth->execute(array('tagId' => $tagId, 'mediaId' => $mediaId));
         if (!($row = $sth->fetch())) {
             $sth = $dbh->prepare('INSERT INTO `lktagmedia` (tagId, mediaId) VALUES (:tagId, :mediaId)');
             $sth->execute(array('tagId' => $tagId, 'mediaId' => $mediaId));
             return $dbh->lastInsertId();
         } else {
             return Kit::ValidateParam($row['lkTagMediaId'], _INT);
         }
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage(), get_class(), __FUNCTION__);
         if (!$this->IsError()) {
             $this->SetError(1, __('Unknown Error'));
         }
         return false;
     }
 }
Exemple #22
0
    /**
     * Gets called by the SWFUpload Object for uploading files
     * @return
     */
    function FileUpload()
    {
        $db =& $this->db;
        Debug::LogEntry('audit', 'Uploading a file', 'Library', 'FileUpload');
        Kit::ClassLoader('file');
        $fileObject = new File($db);
        // Check we got a valid file
        if (isset($_FILES['media_file']) && is_uploaded_file($_FILES['media_file']['tmp_name']) && $_FILES['media_file']['error'] == 0) {
            Debug::LogEntry('audit', 'Valid Upload', 'Library', 'FileUpload');
            // Directory location
            $libraryFolder = Config::GetSetting('LIBRARY_LOCATION');
            $error = 0;
            $fileName = Kit::ValidateParam($_FILES['media_file']['name'], _FILENAME);
            $fileId = $fileObject->GenerateFileId($this->user->userid);
            $fileLocation = $libraryFolder . 'temp/' . $fileId;
            // Make sure the library exists
            File::EnsureLibraryExists();
            // Save the FILE
            Debug::LogEntry('audit', 'Saving the file to: ' . $fileLocation, 'FileUpload');
            move_uploaded_file($_FILES['media_file']['tmp_name'], $fileLocation);
            Debug::LogEntry('audit', 'Upload Success', 'FileUpload');
        } else {
            $error = isset($_FILES['media_file']) ? $_FILES['media_file']['error'] : -1;
            $fileName = 'Error';
            $fileId = 0;
            Debug::LogEntry('audit', 'Error uploading the file. Error Number: ' . $error, 'FileUpload');
        }
        $complete_page = <<<HTML
        <html>
            <head>
                <script type="text/javascript">

                    var fileId = '{$fileId}';
                    var fileName = '{$fileName}';
                    var errorNo = {$error};

                    function report()
                    {
                        var form = window.parent.fileUploadReport(fileName, fileId, errorNo);
                    }

                    window.onload = report;

                </script>
            </head>
            <body></body>
        </html>
HTML;
        echo $complete_page;
        Debug::LogEntry("audit", $complete_page, "FileUpload");
        Debug::LogEntry("audit", "[OUT]", "FileUpload");
        exit;
    }
 /**
  * Edits the User Group associated with a User
  * @return
  * @param $userID Object
  * @param $userName Object
  */
 public function EditUserGroup($userID, $userName)
 {
     Debug::LogEntry('audit', 'IN', 'UserGroup', 'EditUserGroup');
     try {
         $dbh = PDOConnect::init();
         // Get the UserGroupID for this UserID
         $SQL = "SELECT `group`.GroupID ";
         $SQL .= "FROM   `group` ";
         $SQL .= "       INNER JOIN lkusergroup ";
         $SQL .= "       ON     lkusergroup.GroupID = `group`.groupID ";
         $SQL .= "WHERE  `group`.IsUserSpecific     = 1 ";
         $SQL .= "   AND lkusergroup.UserID = :userid";
         $sth = $dbh->prepare($SQL);
         $sth->execute(array('userid' => $userID));
         if (!($row = $sth->fetch())) {
             $this->ThrowError(25005, __('Unable to get the UserGroup for this User.'));
         }
         $userGroupID = Kit::ValidateParam($row['GroupID'], _INT);
         if ($userGroupID == 0) {
             // We should always have 1 display specific UserGroup for a display.
             // Do we a) Error here and give up?
             //         b) Create one and link it up?
             // $this->SetError(25006, __('Unable to get the UserGroup for this Display'));
             if (!($userGroupID = $this->Add($userName, 1))) {
                 $this->ThrowError(25001, __('Could not add a user group for this user.'));
             }
             // Link the Two together
             if (!$this->Link($userGroupID, $userID)) {
                 $this->ThrowError(25001, __('Could not link the new user with its group.'));
             }
         } else {
             if (!$this->Edit($userGroupID, $userName)) {
                 throw new Exception("Error Processing Request", 1);
             }
         }
         Debug::LogEntry('audit', 'OUT', 'UserGroup', 'EditUserGroup');
         return true;
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage());
         if (!$this->IsError()) {
             $this->SetError(1, __('Unknown Error'));
         }
         return false;
     }
 }
Exemple #24
0
 /**
  * Help Edit form
  */
 public function EditForm()
 {
     $db =& $this->db;
     $user =& $this->user;
     $response = new ResponseManager();
     $helpId = Kit::GetParam('HelpID', _REQUEST, _INT);
     // Pull the currently known info from the DB
     $SQL = "SELECT HelpID, Topic, Category, Link FROM `help` WHERE HelpID = %d ";
     $SQL = sprintf($SQL, $helpId);
     if (!($row = $db->GetSingleRow($SQL))) {
         trigger_error($db->error());
         trigger_error(__('Error getting Help Link'));
     }
     // Set some information about the form
     Theme::Set('form_id', 'HelpEditForm');
     Theme::Set('form_action', 'index.php?p=help&q=Edit');
     Theme::Set('form_meta', '<input type="hidden" name="HelpID" value="' . $helpId . '" />');
     Theme::Set('topic', Kit::ValidateParam($row['Topic'], _STRING));
     Theme::Set('category', Kit::ValidateParam($row['Category'], _STRING));
     Theme::Set('link', Kit::ValidateParam($row['Link'], _STRING));
     $form = Theme::RenderReturn('help_form_edit');
     $response->SetFormRequestResponse($form, __('Edit Help Link'), '350px', '325px');
     $response->AddButton(__('Cancel'), 'XiboDialogClose()');
     $response->AddButton(__('Save'), '$("#HelpEditForm").submit()');
     $response->Respond();
 }
Exemple #25
0
 /**
  * Permissions form
  */
 public function PermissionsForm()
 {
     $db =& $this->db;
     $user =& $this->user;
     $response = new ResponseManager();
     $helpManager = new HelpManager($db, $user);
     if (!$this->auth->modifyPermissions) {
         trigger_error(__('You do not have permissions to edit this media'), E_USER_ERROR);
     }
     // List of all Groups with a view / edit / delete check box
     $permissions = new UserGroup();
     if ($this->assignedMedia) {
         if (!($result = $permissions->GetPermissionsForObject('lklayoutmediagroup', NULL, NULL, sprintf(" AND lklayoutmediagroup.MediaID = '%s' AND lklayoutmediagroup.RegionID = '%s' AND lklayoutmediagroup.LayoutID = %d ", $this->mediaid, $this->regionid, $this->layoutid)))) {
             trigger_error($permissions->GetErrorMessage(), E_USER_ERROR);
         }
     } else {
         if (!($result = $permissions->GetPermissionsForObject('lkmediagroup', 'MediaID', $this->mediaid))) {
             trigger_error($permissions->GetErrorMessage(), E_USER_ERROR);
         }
     }
     if (count($result) <= 0) {
         trigger_error(__('Unable to get permissions'), E_USER_ERROR);
     }
     $checkboxes = array();
     foreach ($result as $row) {
         $groupId = $row['groupid'];
         $rowClass = $row['isuserspecific'] == 0 ? 'strong_text' : '';
         $checkbox = array('id' => $groupId, 'name' => Kit::ValidateParam($row['group'], _STRING), 'class' => $rowClass, 'value_view' => $groupId . '_view', 'value_view_checked' => $row['view'] == 1 ? 'checked' : '', 'value_edit' => $groupId . '_edit', 'value_edit_checked' => $row['edit'] == 1 ? 'checked' : '', 'value_del' => $groupId . '_del', 'value_del_checked' => $row['del'] == 1 ? 'checked' : '');
         $checkboxes[] = $checkbox;
     }
     $formFields = array();
     $formFields[] = FormManager::AddPermissions('groupids[]', $checkboxes);
     Theme::Set('form_fields', $formFields);
     // Set some information about the form
     Theme::Set('form_id', 'LayoutPermissionsForm');
     Theme::Set('form_action', 'index.php?p=module&mod=' . $this->type . '&q=Exec&method=Permissions');
     Theme::Set('form_meta', '<input type="hidden" name="layoutid" value="' . $this->layoutid . '" /><input type="hidden" name="regionid" value="' . $this->regionid . '" /><input type="hidden" name="mediaid" value="' . $this->mediaid . '" />');
     $response->SetFormRequestResponse(NULL, __('Permissions'), '350px', '500px');
     $response->AddButton(__('Help'), 'XiboHelpRender("' . ($this->layoutid != 0 ? $helpManager->Link('LayoutMedia', 'Permissions') : $helpManager->Link('Media', 'Permissions')) . '")');
     if ($this->assignedMedia) {
         $response->AddButton(__('Cancel'), 'XiboSwapDialog("index.php?p=timeline&layoutid=' . $this->layoutid . '&regionid=' . $this->regionid . '&q=RegionOptions")');
     } else {
         $response->AddButton(__('Cancel'), 'XiboDialogClose()');
     }
     $response->AddButton(__('Save'), '$("#LayoutPermissionsForm").submit()');
     return $response;
 }
Exemple #26
0
 function forgotten()
 {
     //Called by a submit to the Forgotten Details form
     //	Checks the validity of the data provided, and emails a new password to the user
     $db =& $this->db;
     $username = Kit::GetParam('f_username', _POST, _USERNAME);
     $email = Kit::GetParam('f_email', _POST, _STRING);
     $return = "index.php";
     if ($username == "" || $email == "") {
         setMessage("Username and Email address need to be filled in");
         return $return;
     }
     //send the email
     $from = Config::GetSetting("mail_from");
     if ($from == "") {
         setMessage("Email is not set up, please contact your IT manager");
         return $return;
     }
     //check the user details
     $SQL = sprintf("SELECT userid FROM user WHERE username = '******' AND email = '%s'", $db->escape_string($username), $db->escape_string($email));
     if (!($results = $db->query($SQL))) {
         trigger_error($db->error);
         trigger_error("Can not get the user information", E_USER_ERROR);
     }
     if ($db->num_rows($results) < 0 || $db->num_rows($results) > 1) {
         setMessage("The details you entered are incorrect.");
         return $return;
     }
     $row = $db->get_row($results);
     $userid = Kit::ValidateParam($row[0], _INT);
     //user ID for the user that wants a new password
     $password_plain = $this->random_word(8);
     //generate a new password
     $password = md5($password_plain);
     //update the password
     $SQL = sprintf("UPDATE user SET UserPassword = '******' WHERE userid = %d", $db->escape_string($password), $userid);
     if (!$db->query($SQL)) {
         trigger_error($db->error());
         trigger_error("Unable to send new password", E_USER_ERROR);
     }
     $headers = "From: {$from}" . "\r\n" . "Reply-To: {$from}" . "\r\n" . "X-Mailer: PHP/" . phpversion();
     if (!@mail($email, "Xibo: New Password request for {$username}", "Your new password is {$password_plain} \n  . You may now login with these details.", $headers)) {
         setMessage("Email is not set up, please contact your IT manager");
         return $return;
     }
     setMessage("New Password Sent to your email address");
     return $return;
 }
Exemple #27
0
 /**
  * Sets the Members of a group
  * @return
  */
 public function SetMemberOf()
 {
     $db =& $this->db;
     $response = new ResponseManager();
     Kit::ClassLoader('displaygroup');
     $displayGroupObject = new DisplayGroup($db);
     $displayID = Kit::GetParam('DisplayID', _REQUEST, _INT);
     $displayGroups = Kit::GetParam('DisplayGroupID', _POST, _ARRAY, array());
     $members = array();
     // Get a list of current members
     $SQL = "";
     $SQL .= "SELECT displaygroup.DisplayGroupID ";
     $SQL .= "FROM   displaygroup ";
     $SQL .= "   INNER JOIN lkdisplaydg ON lkdisplaydg.DisplayGroupID = displaygroup.DisplayGroupID ";
     $SQL .= sprintf("WHERE  lkdisplaydg.DisplayID   = %d ", $displayID);
     $SQL .= " AND displaygroup.IsDisplaySpecific = 0 ";
     if (!($resultIn = $db->query($SQL))) {
         trigger_error($db->error());
         trigger_error(__('Error getting Display Groups'), E_USER_ERROR);
     }
     while ($row = $db->get_assoc_row($resultIn)) {
         // Test whether this ID is in the array or not
         $displayGroupID = Kit::ValidateParam($row['DisplayGroupID'], _INT);
         if (!in_array($displayGroupID, $displayGroups)) {
             // Its currently assigned but not in the $displays array
             //  so we unassign
             if (!$displayGroupObject->Unlink($displayGroupID, $displayID)) {
                 trigger_error($displayGroupObject->GetErrorMessage(), E_USER_ERROR);
             }
         } else {
             $members[] = $displayGroupID;
         }
     }
     foreach ($displayGroups as $displayGroupID) {
         // Add any that are missing
         if (!in_array($displayGroupID, $members)) {
             if (!$displayGroupObject->Link($displayGroupID, $displayID)) {
                 trigger_error($displayGroupObject->GetErrorMessage(), E_USER_ERROR);
             }
         }
     }
     $response->SetFormSubmitResponse(__('Group membership set'), false);
     $response->Respond();
 }
Exemple #28
0
 /**
  * Outputs a CSV of stats
  * @return 
  */
 public function OutputCSV()
 {
     $db =& $this->db;
     $output = '';
     // We are expecting some parameters
     $fromdt = Kit::GetParam('fromdt', _POST, _STRING);
     $todt = Kit::GetParam('todt', _POST, _STRING);
     $displayID = Kit::GetParam('displayid', _POST, _INT);
     if ($fromdt == $todt) {
         $todt = date("Y-m-d", strtotime($todt) + 86399);
     }
     // We want to output a load of stuff to the browser as a text file.
     header('Content-Type: text/csv');
     header('Content-Disposition: attachment; filename="stats.csv"');
     header("Content-Transfer-Encoding: binary");
     header('Accept-Ranges: bytes');
     // Get an array of display id this user has access to.
     $displays = $this->user->DisplayList();
     $display_ids = array();
     foreach ($displays as $display) {
         $display_ids[] = $display['displayid'];
     }
     if (count($display_ids) <= 0) {
         echo __('No displays with View permissions');
         exit;
     }
     $SQL = 'SELECT stat.*, display.Display, layout.Layout, media.Name AS MediaName ';
     $SQL .= '  FROM stat ';
     $SQL .= '  INNER JOIN display ON stat.DisplayID = display.DisplayID ';
     $SQL .= '  INNER JOIN layout ON layout.LayoutID = stat.LayoutID ';
     $SQL .= '  LEFT OUTER JOIN media ON media.mediaID = stat.mediaID ';
     $SQL .= ' WHERE 1=1 ';
     $SQL .= sprintf("  AND stat.end > '%s' ", $fromdt);
     $SQL .= sprintf("  AND stat.start <= '%s' ", $todt);
     $SQL .= ' AND stat.displayID IN (' . implode(',', $display_ids) . ') ';
     if ($displayID != 0) {
         $SQL .= sprintf("  AND stat.displayID = %d ", $displayID);
     }
     $SQL .= " ORDER BY stat.start ";
     Debug::LogEntry('audit', $SQL, 'Stats', 'OutputCSV');
     if (!($result = $db->query($SQL))) {
         trigger_error($db->error());
         trigger_error('Failed to query for Stats.', E_USER_ERROR);
     }
     // Header row
     $output .= "Type, FromDT, ToDT, Layout, Display, Media, Tag\n";
     while ($row = $db->get_assoc_row($result)) {
         // Read the columns
         $type = Kit::ValidateParam($row['Type'], _STRING);
         $fromdt = Kit::ValidateParam($row['start'], _STRING);
         $todt = Kit::ValidateParam($row['end'], _STRING);
         $layout = Kit::ValidateParam($row['Layout'], _STRING);
         $display = Kit::ValidateParam($row['Display'], _STRING);
         $media = Kit::ValidateParam($row['MediaName'], _STRING);
         $tag = Kit::ValidateParam($row['Tag'], _STRING);
         $output .= "{$type}, {$fromdt}, {$todt}, {$layout}, {$display}, {$media}, {$tag}\n";
     }
     //Debug::LogEntry('audit', 'Output: ' . $output, 'Stats', 'OutputCSV');
     echo $output;
     exit;
 }
Exemple #29
0
 /**
  * Show the Permissions for this Campaign
  */
 public function PermissionsForm()
 {
     $db =& $this->db;
     $user =& $this->user;
     $response = new ResponseManager();
     $campaignId = Kit::GetParam('CampaignID', _GET, _INT);
     $auth = $this->user->CampaignAuth($campaignId, true);
     if (!$auth->modifyPermissions) {
         trigger_error(__('You do not have permissions to edit this campaign'), E_USER_ERROR);
     }
     // Set some information about the form
     Theme::Set('form_id', 'CampaignPermissionsForm');
     Theme::Set('form_action', 'index.php?p=campaign&q=Permissions');
     Theme::Set('form_meta', '<input type="hidden" name="campaignId" value="' . $campaignId . '" />');
     // List of all Groups with a view / edit / delete check box
     $permissions = new CampaignSecurity();
     if (!($result = $permissions->GetPermissions($campaignId))) {
         trigger_error($permissions->GetErrorMessage(), E_USER_ERROR);
     }
     if (count($result) <= 0) {
         trigger_error(__('Unable to get permissions for this Campaign'), E_USER_ERROR);
     }
     $checkboxes = array();
     foreach ($result as $row) {
         $groupId = $row['groupid'];
         $rowClass = $row['isuserspecific'] == 0 ? 'strong_text' : '';
         $checkbox = array('id' => $groupId, 'name' => Kit::ValidateParam($row['group'], _STRING), 'class' => $rowClass, 'value_view' => $groupId . '_view', 'value_view_checked' => $row['view'] == 1 ? 'checked' : '', 'value_edit' => $groupId . '_edit', 'value_edit_checked' => $row['edit'] == 1 ? 'checked' : '', 'value_del' => $groupId . '_del', 'value_del_checked' => $row['del'] == 1 ? 'checked' : '');
         $checkboxes[] = $checkbox;
     }
     $formFields = array();
     $formFields[] = FormManager::AddPermissions('groupids[]', $checkboxes);
     $formFields[] = FormManager::AddCheckbox('replaceInLayouts', __('Update these permissions on all layouts, regions and media.'), 0, __('Note: It will only be replaced in layouts you have permission to edit.'), 'r');
     $users = $user->userList(array('userName'));
     $users[] = array('userid' => -1, 'username' => '');
     $formFields[] = FormManager::AddCombo('ownerId', __('Owner'), -1, $users, 'userid', 'username', __('Change the Owner of this item. Leave empty to keep the current owner.'), 'o');
     Theme::Set('form_fields', $formFields);
     $form = Theme::RenderReturn('form_render');
     $response->SetFormRequestResponse($form, __('Permissions'), '350px', '500px');
     $response->AddButton(__('Help'), 'XiboHelpRender("' . HelpManager::Link('Campaign', 'Permissions') . '")');
     $response->AddButton(__('Cancel'), 'XiboDialogClose()');
     $response->AddButton(__('Save'), '$("#CampaignPermissionsForm").submit()');
     $response->Respond();
 }
 /**
  * Export a layout.
  * @param [type] $layoutId [description]
  */
 function Export($layoutId)
 {
     if ($layoutId == 0 || $layoutId == '') {
         return $this->SetError(__('Must provide layoutId'));
     }
     $config = new Config();
     if (!$config->CheckZip()) {
         return $this->SetError(__('Zip is not enabled on this server'));
     }
     $libraryPath = Config::GetSetting('LIBRARY_LOCATION');
     try {
         $dbh = PDOConnect::init();
         $sth = $dbh->prepare('
             SELECT layout, description, backgroundImageId, xml
               FROM layout
              WHERE layoutid = :layoutid');
         $sth->execute(array('layoutid' => $layoutId));
         if (!($row = $sth->fetch())) {
             $this->ThrowError(__('Layout not found.'));
         }
         // Open a ZIP file with the same name as the layout
         File::EnsureLibraryExists();
         $zip = new ZipArchive();
         $fileName = $libraryPath . 'temp/export_' . Kit::ValidateParam($row['layout'], _FILENAME) . '.zip';
         $result = $zip->open($fileName, ZIPARCHIVE::CREATE | ZIPARCHIVE::OVERWRITE);
         if ($result !== true) {
             $this->ThrowError(__('Can\'t create ZIP. Error Code: ' . $result));
         }
         // Add layout information to the ZIP
         $layout = array('layout' => Kit::ValidateParam($row['layout'], _STRING), 'description' => Kit::ValidateParam($row['description'], _STRING));
         $zip->addFromString('layout.json', json_encode($layout));
         // Add the layout XLF
         $xml = $row['xml'];
         $zip->addFromString('layout.xml', $xml);
         $params = array('layoutid' => $layoutId, 'excludeType' => 'module');
         $SQL = ' 
             SELECT media.mediaid, media.name, media.storedAs, originalFileName, type, duration
               FROM `media` 
                 INNER JOIN `lklayoutmedia`
                 ON lklayoutmedia.mediaid = media.mediaid
              WHERE lklayoutmedia.layoutid = :layoutid
                AND media.type <> :excludeType
             ';
         // Add the media to the ZIP
         $mediaSth = $dbh->prepare($SQL);
         $mediaSth->execute($params);
         $mappings = array();
         foreach ($mediaSth->fetchAll() as $media) {
             $mediaFilePath = $libraryPath . $media['storedAs'];
             $zip->addFile($mediaFilePath, 'library/' . $media['originalFileName']);
             $mappings[] = array('file' => $media['originalFileName'], 'mediaid' => $media['mediaid'], 'name' => $media['name'], 'type' => $media['type'], 'duration' => $media['duration'], 'background' => $media['mediaid'] == $row['backgroundImageId'] ? 1 : 0);
         }
         // Add the mappings file to the ZIP
         $zip->addFromString('mapping.json', json_encode($mappings));
         $zip->close();
         // Uncomment only if you are having permission issues
         // chmod($fileName, 0777);
         // Push file back to browser
         if (ini_get('zlib.output_compression')) {
             ini_set('zlib.output_compression', 'Off');
         }
         $size = filesize($fileName);
         header('Content-Type: application/octet-stream');
         header("Content-Transfer-Encoding: Binary");
         header("Content-disposition: attachment; filename=\"" . basename($fileName) . "\"");
         //Output a header
         header('Pragma: public');
         header('Cache-Control: max-age=86400');
         header('Expires: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', time() + 86400));
         header('Content-Length: ' . $size);
         // Send via Apache X-Sendfile header?
         if (Config::GetSetting('SENDFILE_MODE') == 'Apache') {
             header("X-Sendfile: {$fileName}");
             exit;
         }
         // Send via Nginx X-Accel-Redirect?
         if (Config::GetSetting('SENDFILE_MODE') == 'Nginx') {
             header("X-Accel-Redirect: /download/temp/" . basename($fileName));
             exit;
         }
         // Return the file with PHP
         // Disable any buffering to prevent OOM errors.
         @ob_end_clean();
         @ob_end_flush();
         readfile($fileName);
         exit;
     } catch (Exception $e) {
         Debug::LogEntry('error', $e->getMessage());
         if (!$this->IsError()) {
             $this->SetError(1, __('Unknown Error'));
         }
         return false;
     }
 }