* @see http://www.admidio.org/ * @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License v2.0 only * *********************************************************************************************** */ require_once '../../system/common.php'; // check if the call of the page was allowed if ($gPreferences['enable_pm_module'] != 1 && $gPreferences['enable_mail_module'] != 1 && $gPreferences['enable_chat_module'] != 1) { $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } // check for valid login if (!$gValidLogin) { $gMessage->show($gL10n->get('SYS_INVALID_PAGE_VIEW')); } // Initialize and check the parameters $getMsgId = admFuncVariableIsValid($_GET, 'msg_id', 'int', array('defaultValue' => 0)); if ($getMsgId > 0) { $delMessage = new TableMessage($gDb, $getMsgId); // Function to delete message $delete = $delMessage->delete(); if ($delete) { echo 'done'; } else { echo 'delete not OK'; } exit; } $headline = $gL10n->get('SYS_MESSAGES'); // add current url to navigation stack $gNavigation->clear(); $gNavigation->addUrl(CURRENT_URL, $headline);
* Homepage : http://www.admidio.org * License : GNU Public License 2 http://www.gnu.org/licenses/gpl-2.0.html * * Erzeugt einen RSS 2.0 - Feed mit Hilfe der RSS-Klasse fuer die 10 neuesten Ankuendigungen * * Spezifikation von RSS 2.0: http://www.feedvalidator.org/docs/rss2.html * * Parameters: * * headline - Headline for RSS-Feed * (Default) Announcements * *****************************************************************************/ require_once '../../system/common.php'; // Initialize and check the parameters $getHeadline = admFuncVariableIsValid($_GET, 'headline', 'string', array('defaultValue' => $gL10n->get('ANN_ANNOUNCEMENTS'))); // Nachschauen ob RSS ueberhaupt aktiviert ist... if ($gPreferences['enable_rss'] != 1) { $gMessage->setForwardUrl($gHomepage); $gMessage->show($gL10n->get('SYS_RSS_DISABLED')); } // Nachschauen ob RSS ueberhaupt aktiviert ist bzw. das Modul oeffentlich zugaenglich ist if ($gPreferences['enable_announcements_module'] != 1) { // das Modul ist deaktiviert $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } //Objekt anlegen $announcements = new ModuleAnnouncements(); /*** ab hier wird der RSS-Feed zusammengestellt**/ // create RSS feed object with channel information $rss = new RSSfeed($gCurrentOrganization->getValue('org_longname') . ' - ' . $getHeadline, $gCurrentOrganization->getValue('org_homepage'), $gL10n->get('ANN_RECENT_ANNOUNCEMENTS_OF_ORGA', $gCurrentOrganization->getValue('org_longname')), $gCurrentOrganization->getValue('org_longname'));
* @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License v2.0 only * * Parameters: * * mode : 1 - Save organization preferences * 2 - show welcome dialog for new organization * 3 - create new organization * 4 - show phpinfo() * form - The name of the form preferences that were submitted. *********************************************************************************************** */ require_once '../../system/common.php'; require_once '../../system/login_valid.php'; // Initialize and check the parameters $getMode = admFuncVariableIsValid($_GET, 'mode', 'numeric', array('defaultValue' => 1)); $getForm = admFuncVariableIsValid($_GET, 'form', 'string'); // in ajax mode only return simple text on error if ($getMode === 1) { $gMessage->showHtmlTextOnly(true); } // only webmasters are allowed to edit organization preferences or create new organizations if (!$gCurrentUser->isWebmaster()) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } switch ($getMode) { case 1: $checkboxes = array(); try { // first check the fields of the submitted form switch ($getForm) { case 'common':
* * Parameters: * * headline - Headline für Ics-Feed * (Default) Events * mode 1 - Textausgabe * 2 - Download * cat_id - show all dates of calendar with this id * *****************************************************************************/ require_once '../../system/common.php'; unset($_SESSION['dates_request']); // Initialize and check the parameters $getMode = admFuncVariableIsValid($_GET, 'mode', 'string', array('defaultValue' => 'actual', 'validValues' => array('actual', 'old', 'all'))); $getHeadline = admFuncVariableIsValid($_GET, 'headline', 'string', array('defaultValue' => $gL10n->get('DAT_DATES'))); $getCatId = admFuncVariableIsValid($_GET, 'cat_id', 'numeric'); // prüfen ob das Modul überhaupt aktiviert ist if ($gPreferences['enable_dates_module'] == 0) { // das Modul ist deaktiviert $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } elseif ($gPreferences['enable_dates_module'] == 2) { // nur eingelochte Benutzer dürfen auf das Modul zugreifen require_once '../../system/login_valid.php'; } // Nachschauen ob ical ueberhaupt aktiviert ist bzw. das Modul oeffentlich zugaenglich ist if ($gPreferences['enable_dates_ical'] != 1) { $gMessage->setForwardUrl($gHomepage); $gMessage->show($gL10n->get('SYS_ICAL_DISABLED')); } //create Object $dates = new ModuleDates();
/** *********************************************************************************************** * @copyright 2004-2015 The Admidio Team * @see http://www.admidio.org/ * @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License v2.0 only *********************************************************************************************** */ require_once '../../system/common.php'; // only users with the right to edit inventory could use this script if (!$gCurrentUser->editInventory()) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } $postFunction = admFuncVariableIsValid($_POST, 'function', 'string'); $postNickname = admFuncVariableIsValid($_POST, 'nickname', 'string'); $postMessage = admFuncVariableIsValid($_POST, 'message', 'string'); $postLines = admFuncVariableIsValid($_POST, 'state', 'number'); $log = array(); echo '<script> $(function() { $("button#submit").click(function() { $.ajax({ url: "process.php", type: "POST", data: $("#template-form").serialize(), success: function(data) { $("#responsestatus").val(data); $("#subscription-confirm").modal("show"); } }); }); });
* @copyright 2004-2016 The Admidio Team * @see http://www.admidio.org/ * @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License v2.0 only * * Parameters: * * CKEditor : ID of textarea, that had triggered the upload * CKEditorFuncNum : function number, that will handle in the editor the new URL * langCode : language code *********************************************************************************************** */ require_once 'common.php'; require_once 'login_valid.php'; $getCKEditor = admFuncVariableIsValid($_GET, 'CKEditor', 'string', array('directOutput' => true, 'requireValue' => true)); $getCKEditorFuncNum = admFuncVariableIsValid($_GET, 'CKEditorFuncNum', 'string', array('directOutput' => true, 'requireValue' => true)); $getlangCode = admFuncVariableIsValid($_GET, 'langCode', 'string', array('directOutput' => true)); $message = ''; try { // checks if the server settings for file_upload are set to ON if (ini_get('file_uploads') !== '1') { $message = $gL10n->get('SYS_SERVER_NO_UPLOAD'); } // if necessary create the module folders in adm_my_files switch ($getCKEditor) { case 'ann_description': $folderName = 'announcements'; break; case 'dat_description': $folderName = 'dates'; break; case 'lnk_description':
} } elseif ($getMode === 6) { // reload future role memberships $count_show_roles = 0; $roleStatement = getFutureRolesFromDatabase($getUserId); $count_role = $roleStatement->rowCount(); getRoleMemberships('future_role_list', $user, $roleStatement, $count_role, true); if ($count_role === 0) { echo '<script type="text/javascript">$("#profile_future_roles_box").css({ \'display\':\'none\' })</script>'; } else { echo '<script type="text/javascript">$("#profile_future_roles_box").css({ \'display\':\'block\' })</script>'; } } elseif ($getMode === 7) { // save membership date changes $getMembershipStart = admFuncVariableIsValid($_GET, 'membership_start_date_' . $getMemberId, 'date', array('requireValue' => true)); $getMembershipEnd = admFuncVariableIsValid($_GET, 'membership_end_date_' . $getMemberId, 'date', array('requireValue' => true)); $member = new TableMembers($gDb, $getMemberId); $role = new TableRoles($gDb, $member->getValue('mem_rol_id')); // check if user has the right to edit this membership if (!$role->allowedToAssignMembers($gCurrentUser)) { exit($gL10n->get('SYS_NO_RIGHTS')); } $formatedStartDate = ''; $formatedEndDate = ''; // Check das Beginn Datum $startDate = new DateTimeExtended($getMembershipStart, $gPreferences['system_date']); if ($startDate->isValid()) { // Datum formatiert zurueckschreiben $formatedStartDate = $startDate->format('Y-m-d'); } else { exit($gL10n->get('SYS_DATE_INVALID', $gL10n->get('SYS_START'), $gPreferences['system_date']));
* Activate new password * * @copyright 2004-2016 The Admidio Team * @see http://www.admidio.org/ * @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License v2.0 only * * Parameters: * * aid .. Activation id for confirmation of new password * usr_id .. Id of the user who wants a new password *********************************************************************************************** */ require_once 'common.php'; // Initialize and check the parameters $getActivationId = admFuncVariableIsValid($_GET, 'aid', 'string', array('requireValue' => true)); $getUserId = admFuncVariableIsValid($_GET, 'usr_id', 'int', array('requireValue' => true)); // Systemmails und Passwort zusenden muessen aktiviert sein if ($gPreferences['enable_system_mails'] != 1 || $gPreferences['enable_password_recovery'] != 1) { $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } $user = new TableUsers($gDb, $getUserId); if ($user->getValue('usr_activation_code') === $getActivationId) { // activate the new password $user->setPassword($user->getValue('usr_new_password'), false, false); $user->setPassword('', true, false); $user->setValue('usr_activation_code', ''); $user->save(); $gMessage->setForwardUrl($g_root_path . '/adm_program/system/login.php', 2000); $gMessage->show($gL10n->get('SYS_PWACT_PW_SAVED')); } else { $gMessage->show($gL10n->get('SYS_PWACT_CODE_INVALID'));
*********************************************************************************************** * Create and edit roles * * @copyright 2004-2015 The Admidio Team * @see http://www.admidio.org/ * @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License v2.0 only * * Parameters: * * rol_id: ID of role, that should be edited *********************************************************************************************** */ require_once '../../system/common.php'; require_once '../../system/login_valid.php'; // Initialize and check the parameters $getRoleId = admFuncVariableIsValid($_GET, 'rol_id', 'numeric'); // Initialize local parameters $showSystemCategory = false; // only users with the special right are allowed to manage roles if (!$gCurrentUser->manageRoles()) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } if ($getRoleId > 0) { $headline = $gL10n->get('ROL_EDIT_ROLE'); } else { $headline = $gL10n->get('SYS_CREATE_ROLE'); } $gNavigation->addUrl(CURRENT_URL, $headline); // Rollenobjekt anlegen $role = new TableRoles($gDb); if ($getRoleId > 0) {
* lst_id : Id of the list configuration that should be shown * rol_id : (Optional) If a role id is set then the form field will be preassigned. * active_role : 1 - (Default) List only active roles * 0 - List only deactivated roles * show_members : 0 - (Default) show active members of role * 1 - show former members of role * 2 - show active and former members of role *********************************************************************************************** */ require_once '../../system/common.php'; require_once '../../system/login_valid.php'; // Initialize and check the parameters $getListId = admFuncVariableIsValid($_GET, 'lst_id', 'numeric'); $getRoleId = admFuncVariableIsValid($_GET, 'rol_id', 'numeric'); $getActiveRole = admFuncVariableIsValid($_GET, 'active_role', 'boolean', array('defaultValue' => 1)); $getShowMembers = admFuncVariableIsValid($_GET, 'show_members', 'numeric'); // falls ehemalige Rolle, dann auch nur ehemalige Mitglieder anzeigen if ($getActiveRole == 0) { $getShowMembers = 1; } // set headline of the script $headline = $gL10n->get('LST_MY_LIST') . ' - ' . $gL10n->get('LST_CONFIGURATION'); if ($getRoleId == 0) { // Navigation faengt hier im Modul an $gNavigation->clear(); } $gNavigation->addUrl(CURRENT_URL, $headline); $defaultColumnRows = 6; // number of columns that should be shown // Listenobjekt anlegen $list = new ListConfiguration($gDb, $getListId);
* Copyright : (c) 2004 - 2015 The Admidio Team * Homepage : http://www.admidio.org * License : GNU Public License 2 http://www.gnu.org/licenses/gpl-2.0.html * * Parameters: * * room_id : ID of room, that should be shown * headline : headline for room module * (Default) SYS_ROOM * ****************************************************************************/ require_once '../../system/common.php'; require_once '../../system/login_valid.php'; // Initialize and check the parameters $getRoomId = admFuncVariableIsValid($_GET, 'room_id', 'numeric'); $getHeadline = admFuncVariableIsValid($_GET, 'headline', 'string', array('defaultValue' => $gL10n->get('SYS_ROOM'))); // nur berechtigte User duerfen die Profilfelder bearbeiten if (!$gCurrentUser->isWebmaster()) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } // set headline of the script if ($getRoomId > 0) { $headline = $gL10n->get('SYS_EDIT_VAR', $getHeadline); } else { $headline = $gL10n->get('SYS_CREATE_VAR', $getHeadline); } // add current url to navigation stack $gNavigation->addUrl(CURRENT_URL, $headline); // Create room object $room = new TableRooms($gDb); if ($getRoomId > 0) {
* * Parameters: * * pho_id: Id of photo album whose image you want to send * photo_nr: Number of the photo of the choosen album * usr_id: (optional) Id of the user who should receive the ecard *********************************************************************************************** */ require_once '../../system/common.php'; require_once 'ecard_function.php'; require_once '../../system/login_valid.php'; // Initialize and check the parameters $getPhotoId = admFuncVariableIsValid($_GET, 'pho_id', 'int', array('requireValue' => true)); $getUserId = admFuncVariableIsValid($_GET, 'usr_id', 'int'); $getPhotoNr = admFuncVariableIsValid($_GET, 'photo_nr', 'int', array('requireValue' => true)); $showPage = admFuncVariableIsValid($_GET, 'show_page', 'int', array('defaultValue' => 1)); // Initialisierung lokaler Variablen $funcClass = new FunctionClass($gL10n); $templates = $funcClass->getFileNames(THEME_SERVER_PATH . '/ecard_templates/'); $template = THEME_SERVER_PATH . '/ecard_templates/'; $headline = $gL10n->get('ECA_GREETING_CARD_EDIT'); // pruefen ob das Modul ueberhaupt aktiviert ist if ($gPreferences['enable_ecard_module'] != 1) { // das Modul ist deaktiviert $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } // URL auf Navigationstack ablegen $gNavigation->addUrl(CURRENT_URL, $headline); // Fotoveranstaltungs-Objekt erzeugen oder aus Session lesen if (isset($_SESSION['photo_album']) && $_SESSION['photo_album']->getValue('pho_id') == $getPhotoId) { $photo_album =& $_SESSION['photo_album'];
<?php /****************************************************************************** * Prepare values of import form for further processing * * Copyright : (c) 2004 - 2015 The Admidio Team * Homepage : http://www.admidio.org * License : GNU Public License 2 http://www.gnu.org/licenses/gpl-2.0.html * *****************************************************************************/ require_once '../../system/common.php'; require_once '../../system/login_valid.php'; // Initialize and check the parameters $postImportCoding = admFuncVariableIsValid($_POST, 'import_coding', 'string', array('requireValue' => true, 'validValues' => array('iso-8859-1', 'utf-8'))); $postRoleId = admFuncVariableIsValid($_POST, 'import_role_id', 'numeric'); $postUserImportMode = admFuncVariableIsValid($_POST, 'user_import_mode', 'numeric', array('requireValue' => true)); $_SESSION['import_request'] = $_POST; unset($_SESSION['import_csv_request']); // nur berechtigte User duerfen User importieren if (!$gCurrentUser->editUsers()) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } if (strlen($_FILES['userfile']['tmp_name'][0]) == 0) { $gMessage->show($gL10n->get('SYS_FIELD_EMPTY', $gL10n->get('SYS_FILE'))); } elseif ($_FILES['userfile']['error'][0] == 1) { //Dateigroesse ueberpruefen Servereinstellungen $gMessage->show($gL10n->get('SYS_FILE_TO_LARGE_SERVER', $gPreferences['max_file_upload_size'])); } elseif ($postRoleId == 0) { $gMessage->show($gL10n->get('SYS_FIELD_EMPTY', $gL10n->get('SYS_ROLE'))); } // Rolle einlesen und pruefen, ob der User diese selektieren kann und dadurch nicht
* Copyright : (c) 2004 - 2015 The Admidio Team * Homepage : http://www.admidio.org * License : GNU Public License 2 http://www.gnu.org/licenses/gpl-2.0.html * * Parameters: * * inv_id : id of inventory whose photo should be changed * new_photo : 0 (Default) show current stored inventory photo * 1 show uploaded photo of current session * *****************************************************************************/ require '../../system/common.php'; require '../../system/login_valid.php'; // Initialize and check the parameters $getItemId = admFuncVariableIsValid($_GET, 'inv_id', 'numeric', array('requireValue' => true)); $getNewPhoto = admFuncVariableIsValid($_GET, 'new_photo', 'boolean'); // lokale Variablen der Uebergabevariablen initialisieren $image = null; $picpath = THEME_SERVER_PATH . '/images/no_profile_pic.png'; // only users with the right to edit inventory could use this script if ($gCurrentUser->editInventory() == false) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } // read inventory data and show error if inventory doesn't exists $gInventoryFields = new InventoryFields($gDb, $gCurrentOrganization->getValue('org_id')); $inventory = new Inventory($gDb, $gInventoryFields, $getItemId); if ($inventory->getValue('inv_id') == 0) { $gMessage->show($gL10n->get('SYS_INVALID_PAGE_VIEW')); } //Foto aus adm_my_files if ($gPreferences['profile_photo_storage'] == 1 && $getNewPhoto == 0) {
// then show nothing. Second call is with POST parameters then show preview require_once '../../system/common.php'; require_once 'ecard_function.php'; //$gMessage->showTextOnly(true); $gMessage->showThemeBody(false); $gMessage->showInModaleWindow(); if (strlen($_POST['ecard_template']) === 0) { $gMessage->show($gL10n->get('SYS_FIELD_EMPTY', $gL10n->get('ECA_TEMPLATE'))); } // Initialize and check the parameters $ecardMessage = ''; $postTemplateName = admFuncVariableIsValid($_POST, 'ecard_template', 'file', array('requireValue' => true)); $postPhotoId = admFuncVariableIsValid($_POST, 'photo_id', 'int', array('requireValue' => true)); $postPhotoNr = admFuncVariableIsValid($_POST, 'photo_nr', 'int', array('requireValue' => true)); $nameRecipient = admFuncVariableIsValid($_POST, 'name_recipient', 'string'); $emailRecipient = admFuncVariableIsValid($_POST, 'email_recipient', 'string'); if (isset($_POST['ecard_message'])) { $ecardMessage = $_POST['ecard_message']; } $imageUrl = $g_root_path . '/adm_program/modules/photos/photo_show.php?pho_id=' . $postPhotoId . '&photo_nr=' . $postPhotoNr . '&max_width=' . $gPreferences['ecard_thumbs_scale'] . '&max_height=' . $gPreferences['ecard_thumbs_scale']; $funcClass = new FunctionClass($gL10n); // read content of template file $ecardDataToParse = $funcClass->getEcardTemplate($postTemplateName, THEME_SERVER_PATH . '/ecard_templates/'); if ($ecardDataToParse === '') { $gMessage->show($gL10n->get('SYS_ERROR_PAGE_NOT_FOUND')); } echo ' <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">×</span></button> <h4 class="modal-title">' . $gL10n->get('SYS_NOTE') . '</h4> </div>
* * Parameters: * * headline - Headline für Ics-Feed * (Default) Events * mode 1 - Textausgabe * 2 - Download * cat_id - show all dates of calendar with this id * *****************************************************************************/ require_once '../../system/common.php'; unset($_SESSION['dates_request']); // Initialize and check the parameters $getMode = admFuncVariableIsValid($_GET, 'mode', 'string', array('defaultValue' => 'actual', 'validValues' => array('actual', 'old', 'all'))); $getHeadline = admFuncVariableIsValid($_GET, 'headline', 'string', array('defaultValue' => $gL10n->get('DAT_DATES'))); $getCatId = admFuncVariableIsValid($_GET, 'cat_id', 'int'); // Daterange defined in preferences $startDate = date('Y-m-d', time() - $gPreferences['dates_ical_days_past'] * 60 * 60 * 24); $endDate = date('Y-m-d', time() + $gPreferences['dates_ical_days_future'] * 60 * 60 * 24); // Message if module is disabled if ($gPreferences['enable_dates_module'] == 0) { // Module disabled $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } elseif ($gPreferences['enable_dates_module'] == 2) { // only with valid login require_once '../../system/login_valid.php'; } // If Ical enabled and module is public if ($gPreferences['enable_dates_ical'] != 1) { $gMessage->setForwardUrl($gHomepage); $gMessage->show($gL10n->get('SYS_ICAL_DISABLED'));
} } // Eingabe verdrehen, da der Feldname anders als im Dialog ist if (isset($_POST['usf_hidden'])) { $_POST['usf_hidden'] = 0; } else { $_POST['usf_hidden'] = 1; } if (!isset($_POST['usf_disabled'])) { $_POST['usf_disabled'] = 0; } if (!isset($_POST['usf_mandatory'])) { $_POST['usf_mandatory'] = 0; } // make html in description secure $_POST['usf_description'] = admFuncVariableIsValid($_POST, 'usf_description', 'html'); // POST Variablen in das UserField-Objekt schreiben foreach ($_POST as $key => $value) { if (strpos($key, 'usf_') === 0) { if (!$userField->setValue($key, $value)) { // Daten wurden nicht uebernommen, Hinweis ausgeben if ($key === 'usf_url') { $gMessage->show($gL10n->get('SYS_URL_INVALID_CHAR', $gL10n->get('ORG_URL'))); } } } } // Daten in Datenbank schreiben $return_code = $userField->save(); if ($return_code < 0) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS'));
* * Copyright : (c) 2004 - 2015 The Admidio Team * Homepage : http://www.admidio.org * License : GNU Public License 2 http://www.gnu.org/licenses/gpl-2.0.html * * Parameters: * * folder_id : Id of the folder that should be renamed * file_id : Id of the file that should be renamed * *****************************************************************************/ require_once '../../system/common.php'; require_once '../../system/login_valid.php'; // Initialize and check the parameters $getFolderId = admFuncVariableIsValid($_GET, 'folder_id', 'numeric'); $getFileId = admFuncVariableIsValid($_GET, 'file_id', 'numeric'); // set headline of the script if ($getFileId > 0) { $headline = $gL10n->get('DOW_EDIT_FILE'); } else { $headline = $gL10n->get('DOW_EDIT_FOLDER'); } // pruefen ob das Modul ueberhaupt aktiviert ist if ($gPreferences['enable_download_module'] != 1) { // das Modul ist deaktiviert $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } //nur von eigentlicher OragHompage erreichbar if (strcasecmp($gCurrentOrganization->getValue('org_shortname'), $g_organization) != 0) { // das Modul ist deaktiviert $gMessage->show($gL10n->get('SYS_MODULE_ACCESS_FROM_HOMEPAGE_ONLY', $g_organization));
*********************************************************************************************** * Search for existing user names and show users with similar names * * @copyright 2004-2016 The Admidio Team * @see http://www.admidio.org/ * @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License v2.0 only * * Parameters: * * new_user_id : ID of user who should be assigned *********************************************************************************************** */ require_once '../../system/common.php'; require_once '../../system/login_valid.php'; // Initialize and check the parameters $getNewUserId = admFuncVariableIsValid($_GET, 'new_user_id', 'int', array('requireValue' => true)); // nur Webmaster duerfen User zuordnen, ansonsten Seite verlassen if (!$gCurrentUser->approveUsers()) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } // pruefen, ob Modul aufgerufen werden darf if ($gPreferences['registration_mode'] == 0) { $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } // set headline of the script $headline = $gL10n->get('NWU_ASSIGN_REGISTRATION'); // create user object for new user $new_user = new User($gDb, $gProfileFields, $getNewUserId); // search for users with similar names (SQL function SOUNDEX only available in MySQL) if ($gPreferences['system_search_similar'] == 1 && $gDbType === 'mysql') { $sql_similar_name = '( ( SUBSTRING(SOUNDEX(last_name.usd_value), 1, 4) LIKE SUBSTRING(SOUNDEX(\'' . $gDb->escapeString($new_user->getValue('LAST_NAME', 'database')) . '\'), 1, 4)
* Homepage : http://www.admidio.org * License : GNU Public License 2 http://www.gnu.org/licenses/gpl-2.0.html * * Parameters: * * mode : choose_files - (Default) Show a dialog with controls to select photo files to upload * upload_files - Upload the selected files * pho_id : Id of album to which the files should be uploaded * *****************************************************************************/ require_once '../../system/common.php'; require_once '../../system/login_valid.php'; require_once SERVER_PATH . '/adm_program/libs/jquery-file-upload/server/php/uploadhandler.php'; // Initialize and check the parameters $getMode = admFuncVariableIsValid($_GET, 'mode', 'string', array('defaultValue' => 'choose_files', 'validValues' => array('choose_files', 'upload_files'))); $getPhotoId = admFuncVariableIsValid($_GET, 'pho_id', 'numeric', array('requireValue' => true)); // pruefen ob das Modul ueberhaupt aktiviert ist if ($gPreferences['enable_photo_module'] == 0) { // das Modul ist deaktiviert $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } // erst pruefen, ob der User Fotoberarbeitungsrechte hat if (!$gCurrentUser->editPhotoRight()) { $gMessage->show($gL10n->get('PHO_NO_RIGHTS')); } //Kontrolle ob Server Dateiuploads zulaesst if (ini_get('file_uploads') != 1) { $gMessage->show($gL10n->get('SYS_SERVER_NO_UPLOAD')); } $headline = $gL10n->get('PHO_UPLOAD_PHOTOS'); // create photo object or read it from session
* mem_show_all - 1 : (Default) Show only active members of the current organization * 0 : Show active and inactive members of all organizations in database * *****************************************************************************/ require_once '../../system/common.php'; require_once '../../system/login_valid.php'; if (isset($_GET['mode']) && $_GET['mode'] === 'assign') { // ajax mode then only show text if error occurs $gMessage->showTextOnly(true); } // Initialize and check the parameters $getMode = admFuncVariableIsValid($_GET, 'mode', 'string', array('defaultValue' => 'html', 'validValues' => array('html', 'assign'))); $getRoleId = admFuncVariableIsValid($_GET, 'rol_id', 'numeric', array('requireValue' => true, 'directOutput' => true)); $getUserId = admFuncVariableIsValid($_GET, 'usr_id', 'numeric', array('directOutput' => true)); $getFilterRoleId = admFuncVariableIsValid($_GET, 'filter_rol_id', 'numeric'); $getMembersShowAll = admFuncVariableIsValid($_GET, 'mem_show_all', 'boolean'); $_SESSION['set_rol_id'] = $getRoleId; // create object of the commited role $role = new TableRoles($gDb, $getRoleId); // roles of other organizations can't be edited if ($role->getValue('cat_org_id') != $gCurrentOrganization->getValue('org_id') && $role->getValue('cat_org_id') > 0) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } // check if user is allowed to assign members to this role if (!$role->allowedToAssignMembers($gCurrentUser)) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } if ($getMembersShowAll == 1) { $getFilterRoleId = 0; } if ($getFilterRoleId > 0) {
* * Copyright : (c) 2015 PTABaden * Homepage : http://www.ptabaden.ch * License : GNU Public License 2 http://www.gnu.org/licenses/gpl-2.0.html * *****************************************************************************/ error_reporting(E_ALL); ini_set('display_errors', '1'); require_once substr(__FILE__, 0, strpos(__FILE__, 'adm_plugins') - 1) . '/adm_program/system/common.php'; require_once substr(__FILE__, 0, strpos(__FILE__, 'adm_plugins') - 1) . '/adm_program/system/login_valid.php'; require_once SERVER_PATH . '/adm_plugins/sts_plugin/sts_classes.php'; if (!$gCurrentUser->isWebmaster()) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } // Initialize and check the parameters $getStsId = admFuncVariableIsValid($_GET, 'sts_id', 'numeric'); $headline = 'Startseite editieren'; // add current url to navigation stack $gNavigation->addUrl(CURRENT_URL, $headline); // Create announcements object $sts = new TableSts($gDb); if ($getStsId > 0) { $sts->readDataById($getStsId); } if (isset($_SESSION['sts_request'])) { // durch fehlerhafte Eingabe ist der User zu diesem Formular zurueckgekehrt // nun die vorher eingegebenen Inhalte ins Objekt schreiben $sts->setArray($_SESSION['sts_request']); unset($_SESSION['sts_request']); } // create html page object
* 2 - show active and former members of role * full_screen: false - (Default) show sidebar, head and page bottom of html page * true - Only show the list without any other html unnecessary elements *********************************************************************************************** */ require_once '../../system/common.php'; unset($list); // Initialize and check the parameters $getDateFrom = admFuncVariableIsValid($_GET, 'date_from', 'date', array('defaultValue' => DATE_NOW)); $getDateTo = admFuncVariableIsValid($_GET, 'date_to', 'date', array('defaultValue' => DATE_NOW)); $getMode = admFuncVariableIsValid($_GET, 'mode', 'string', array('defaultValue' => 'html', 'validValues' => array('csv-ms', 'csv-oo', 'html', 'print', 'pdf', 'pdfl'))); $getListId = admFuncVariableIsValid($_GET, 'lst_id', 'int'); $getRoleIds = admFuncVariableIsValid($_GET, 'rol_ids', 'string'); // could be int or int[], so string is necessary $getShowMembers = admFuncVariableIsValid($_GET, 'show_members', 'int'); $getFullScreen = admFuncVariableIsValid($_GET, 'full_screen', 'bool'); // Create date objects and format dates in system format $objDateFrom = DateTime::createFromFormat('Y-m-d', $getDateFrom); if ($objDateFrom === false) { // check if date_from has system format $objDateFrom = DateTime::createFromFormat($gPreferences['system_date'], $getDateFrom); } $dateFrom = $objDateFrom->format($gPreferences['system_date']); $startDateEnglishFormat = $objDateFrom->format('Y-m-d'); $objDateTo = DateTime::createFromFormat('Y-m-d', $getDateTo); if ($objDateTo === false) { // check if date_from has system format $objDateTo = DateTime::createFromFormat($gPreferences['system_date'], $getDateTo); } $dateTo = $objDateTo->format($gPreferences['system_date']); $endDateEnglishFormat = $objDateTo->format('Y-m-d');
* view - Content output in different views like 'detail', 'list' * (Default: according to preferences) *****************************************************************************/ require_once '../../system/common.php'; unset($_SESSION['dates_request']); // Initialize and check the parameters $getMode = admFuncVariableIsValid($_GET, 'mode', 'string', array('defaultValue' => 'actual', 'validValues' => array('actual', 'old', 'all'))); $getStart = admFuncVariableIsValid($_GET, 'start', 'int'); $getHeadline = admFuncVariableIsValid($_GET, 'headline', 'string', array('defaultValue' => $gL10n->get('DAT_DATES'))); $getCatId = admFuncVariableIsValid($_GET, 'cat_id', 'int'); $getId = admFuncVariableIsValid($_GET, 'id', 'int'); $getShow = admFuncVariableIsValid($_GET, 'show', 'string', array('defaultValue' => 'all', 'validValues' => array('all', 'maybe_participate', 'only_participate'))); $getDateFrom = admFuncVariableIsValid($_GET, 'date_from', 'date'); $getDateTo = admFuncVariableIsValid($_GET, 'date_to', 'date'); $getViewMode = admFuncVariableIsValid($_GET, 'view_mode', 'string', array('defaultValue' => 'html', 'validValues' => array('html', 'print'))); $getView = admFuncVariableIsValid($_GET, 'view', 'string', array('defaultValue' => $gPreferences['dates_view'], 'validValues' => array('detail', 'compact', 'room', 'participants', 'description'))); // check if module is active if ($gPreferences['enable_dates_module'] == 0) { // Module is not active $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } elseif ($gPreferences['enable_dates_module'] == 2) { // module only for valid Users require_once '../../system/login_valid.php'; } // create object and get recordset of available dates try { $dates = new ModuleDates(); $dates->setParameter('mode', $getMode); $dates->setParameter('cat_id', $getCatId); $dates->setParameter('id', $getId); $dates->setParameter('show', $getShow);
* * Parameters: * * inv_id : id of item whose photo should be changed * mode - choose : default mode to choose the photo file you want to upload * save : save new photo in item recordset * dont_save : delete photo in session and show message * upload : save new photo in session and show dialog with old and new photo * delete : delete current photo in database * *****************************************************************************/ require_once '../../system/common.php'; require_once '../../system/login_valid.php'; // Initialize and check the parameters $getItemId = admFuncVariableIsValid($_GET, 'inv_id', 'numeric', array('requireValue' => true)); $getMode = admFuncVariableIsValid($_GET, 'mode', 'string', array('defaultValue' => 'choose', 'validValues' => array('choose', 'save', 'dont_save', 'upload', 'delete'))); // only users with the right to edit inventory could use this script if ($gCurrentUser->editInventory() == false) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } // in ajax mode only return simple text on error if ($getMode == 'delete') { $gMessage->showHtmlTextOnly(true); } // checks if the server settings for file_upload are set to ON if (ini_get('file_uploads') != '1') { $gMessage->show($gL10n->get('SYS_SERVER_NO_UPLOAD')); } // read user data and show error if user doesn't exists $gInventoryFields = new InventoryFields($gDb, $gCurrentOrganization->getValue('org_id')); $inventory = new Inventory($gDb, $gInventoryFields, $getItemId);
* (Default) Guestbook * *****************************************************************************/ require_once '../../system/common.php'; // Nachschauen ob RSS ueberhaupt aktiviert ist... if ($gPreferences['enable_rss'] != 1) { $gMessage->setForwardUrl($gHomepage); $gMessage->show($gL10n->get('SYS_RSS_DISABLED')); } // pruefen ob das Modul ueberhaupt aktiviert ist if ($gPreferences['enable_guestbook_module'] != 1) { // das Modul ist deaktiviert $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } // Initialize and check the parameters $getHeadline = admFuncVariableIsValid($_GET, 'headline', 'string', array('defaultValue' => $gL10n->get('GBO_GUESTBOOK'))); // die 10 letzten Eintraege aus der DB fischen... $sql = 'SELECT * FROM ' . TBL_GUESTBOOK . ' WHERE gbo_org_id = ' . $gCurrentOrganization->getValue('org_id') . ' AND gbo_locked = 0 ORDER BY gbo_timestamp_create DESC LIMIT 10 '; $statement = $gDb->query($sql); // ab hier wird der RSS-Feed zusammengestellt // create RSS feed object with channel information $rss = new RSSfeed($gCurrentOrganization->getValue('org_longname') . ' - ' . $getHeadline, $gCurrentOrganization->getValue('org_homepage'), $gL10n->get('GBO_LATEST_GUESTBOOK_ENTRIES_OF_ORGA', $gCurrentOrganization->getValue('org_longname')), $gCurrentOrganization->getValue('org_longname')); $guestbook = new TableGuestbook($gDb); // Dem RSSfeed-Objekt jetzt die RSSitems zusammenstellen und hinzufuegen while ($row = $statement->fetch()) { // ausgelesene Gaestebuchdaten in Guestbook-Objekt schieben $guestbook->clear();
* @copyright 2004-2015 The Admidio Team * @see http://www.admidio.org/ * @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License v2.0 only * * Parameters: * * lnk_id - ID of the weblink that should be edited * headline - Title of the weblink module. This will be shown in the whole module. * (Default) LNK_WEBLINKS *********************************************************************************************** */ require_once '../../system/common.php'; require_once '../../system/login_valid.php'; // Initialize and check the parameters $getLinkId = admFuncVariableIsValid($_GET, 'lnk_id', 'numeric'); $getHeadline = admFuncVariableIsValid($_GET, 'headline', 'string', array('defaultValue' => $gL10n->get('LNK_WEBLINKS'))); // check if the module is enabled for use if ($gPreferences['enable_weblinks_module'] == 0) { // module is disabled $gMessage->show($gL10n->get('SYS_MODULE_DISABLED')); } // Ist ueberhaupt das Recht vorhanden? if (!$gCurrentUser->editWeblinksRight()) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } // Weblinkobjekt anlegen $link = new TableWeblink($gDb, $getLinkId); if (isset($_SESSION['links_request'])) { // durch fehlerhafte Eingabe ist der User zu diesem Formular zurueckgekehrt // nun die vorher eingegebenen Inhalte ins Objekt schreiben $link->setArray($_SESSION['links_request']);
* Show item profile * * @copyright 2004-2016 The Admidio Team * @see http://www.admidio.org/ * @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License v2.0 only * * Parameters: * * item_id : Show profile of the item with this is. If this parameter is not set then * an error will be shown. *********************************************************************************************** */ require_once '../../system/common.php'; require_once '../../system/login_valid.php'; // Initialize and check the parameters $getItemId = admFuncVariableIsValid($_GET, 'item_id', 'int'); // only users with the right to edit inventory could use this script if (!$gCurrentUser->editInventory()) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } // create item object $gInventoryFields = new InventoryFields($gDb, $gCurrentOrganization->getValue('org_id')); $inventory = new Inventory($gDb, $gInventoryFields, $getItemId); // Testen ob Recht besteht Profil einzusehn if ($gPreferences['enable_inventory_module'] >= 0 && !$gValidLogin) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } // diese Funktion gibt den Html-Code fuer ein Feld mit Beschreibung wieder // dabei wird der Inhalt richtig formatiert function getFieldCode($fieldNameIntern, $item) {
<?php /****************************************************************************** * Send ecard to users and show status message * * Copyright : (c) 2004 - 2015 The Admidio Team * Homepage : http://www.admidio.org * License : GNU Public License 2 http://www.gnu.org/licenses/gpl-2.0.html * *****************************************************************************/ require_once '../../system/common.php'; require_once 'ecard_function.php'; // Initialize and check the parameters $postTemplateName = admFuncVariableIsValid($_POST, 'ecard_template', 'file', array('requireValue' => true)); $postPhotoId = admFuncVariableIsValid($_POST, 'photo_id', 'numeric', array('requireValue' => true)); $postPhotoNr = admFuncVariableIsValid($_POST, 'photo_nr', 'numeric', array('requireValue' => true)); $funcClass = new FunctionClass($gL10n); $photoAlbum = new TablePhotos($gDb, $postPhotoId); $imageUrl = $g_root_path . '/adm_program/modules/photos/photo_show.php?pho_id=' . $postPhotoId . '&photo_nr=' . $postPhotoNr . '&max_width=' . $gPreferences['ecard_card_picture_width'] . '&max_height=' . $gPreferences['ecard_card_picture_height']; $imageServerPath = SERVER_PATH . '/adm_my_files/photos/' . $photoAlbum->getValue('pho_begin', 'Y-m-d') . '_' . $postPhotoId . '/' . $postPhotoNr . '.jpg'; $template = THEME_SERVER_PATH . '/ecard_templates/'; $_SESSION['ecard_request'] = $_POST; // pruefen ob das Modul ueberhaupt aktiviert ist if ($gPreferences['enable_ecard_module'] != 1) { // das Modul ist deaktiviert $gMessage($gL10n->get('SYS_MODULE_DISABLED')); } // pruefen ob User eingeloggt ist if (!$gValidLogin) { $gMessage($gL10n->get('SYS_INVALID_PAGE_VIEW')); }
* @see http://www.admidio.org/ * @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License v2.0 only * * Parameters: * * usr_id : Id of the user whose password should be changed * mode - html : Default mode to show a html form to change the password * change : Change password in database *********************************************************************************************** */ require_once '../../system/common.php'; require_once '../../system/login_valid.php'; header('Content-type: text/html; charset=utf-8'); // Initialize and check the parameters $getUserId = admFuncVariableIsValid($_GET, 'usr_id', 'int', array('requireValue' => true)); $getMode = admFuncVariableIsValid($_GET, 'mode', 'string', array('defaultValue' => 'html', 'validValues' => array('html', 'change'))); // in ajax mode only return simple text on error if ($getMode === 'change') { $gMessage->showHtmlTextOnly(true); } else { $gMessage->showInModaleWindow(); } $user = new User($gDb, $gProfileFields, $getUserId); // only the own password could be individual set. // Webmaster could only send a generated password or set a password if no password was set before if (!isMember($getUserId) || !$gCurrentUser->isWebmaster() && $gCurrentUser->getValue('usr_id') != $getUserId || $gCurrentUser->isWebmaster() && $user->getValue('usr_password') !== '' && $user->getValue('EMAIL') === '' && $gPreferences['enable_system_mails'] == 1) { $gMessage->show($gL10n->get('SYS_NO_RIGHTS')); } if ($getMode === 'change') { if ($gCurrentUser->isWebmaster() && $gCurrentUser->getValue('usr_id') != $getUserId) { $oldPassword = '';