function show_login_form($HTTP_VARS, $errors = NULL)
{
global $PHP_SELF;
echo _theme_header(get_opendb_lang_var('login'), is_show_login_menu_enabled());
echo "<h2>" . get_opendb_lang_var('login') . "</h2>";
if (is_not_empty_array($errors)) {
echo format_error_block($errors);
}
echo "<div id=\"loginFormDiv\">";
if ($HTTP_VARS['rememberMeLogin'] == 'true') {
echo "<p class=\"rememberMeLoginMessage\">" . get_opendb_lang_var('not_authorized_to_page_login') . "</p>";
}
if (strlen($HTTP_VARS['redirect']) > 0) {
echo "<p class=\"redirectMessage\">" . get_opendb_lang_var('login_redirect_message', array('pageid' => get_page_id($HTTP_VARS['redirect']))) . "</p>";
}
echo "<form id=\"loginForm\" action=\"{$PHP_SELF}\" method=\"POST\" name=\"login\">";
// The user tried to go straight to a menu item with an invalid session.
// Set a "redirect" variable here so that after we give them a full session
// we can redirect them back to the page they really wanted.
if (strlen($HTTP_VARS['redirect']) > 0) {
echo "<input type=\"hidden\" name=\"redirect\" value=\"" . $HTTP_VARS['redirect'] . "\">";
}
echo "<input type=\"hidden\" name=\"op\" value=\"login\">";
echo "\n<ul>" . "\n<li><label class=\"label\" for=\"uid\">" . get_opendb_lang_var('userid') . "</label>" . "<input type=\"text\" class=\"text\" id=\"uid\" name=\"uid\" value=\"" . $HTTP_VARS['uid'] . "\"></li>" . "\n<li><label class=\"label\" for=\"password\">" . get_opendb_lang_var('password') . "</label>" . "<input type=\"password\" class=\"password\" id=\"passwd\" name=\"passwd\"></li>";
echo "\n<li><label class=\"label\" for=\"remember\">" . get_opendb_lang_var('remember_me') . "</label>" . "<input type=\"checkbox\" class=\"remember\" id=\"remember\" name=\"remember\" value=\"true\"></li>";
echo "</ul>" . "\n<input type=\"submit\" class=\"submit\" value=\"" . get_opendb_lang_var('login') . "\">";
echo "</form>";
// force uid field focus for login
echo "\n<script type=\"text/javascript\">\n\t\tdocument.forms['login']['uid'].focus();\n\t</script>";
if (is_site_enabled() && is_valid_opendb_mailer()) {
if (strlen($HTTP_VARS['uid']) > 0 && get_opendb_config_var('login', 'enable_new_pwd_gen') !== FALSE && is_user_granted_permission(PERM_CHANGE_PASSWORD, $HTTP_VARS['uid'])) {
$footer_links_r[] = array(url => $PHP_SELF . "?op=newpassword&uid=" . urlencode($HTTP_VARS['uid']), text => get_opendb_lang_var('forgot_your_pwd'));
}
// no point if site disabled, email is not available
if (get_opendb_config_var('email', 'send_to_site_admin') !== FALSE) {
$footer_links_r[] = array(text => get_opendb_lang_var('email_administrator'), target => "popup(640,480)", url => "email.php?op=send_to_site_admin&inc_menu=N");
}
}
// Indicate we should show the signup link.
if (get_opendb_config_var('login.signup', 'enable') !== FALSE) {
$footer_links_r[] = array(url => "user_admin.php?op=signup", text => get_opendb_lang_var('sign_me_up'));
}
echo format_footer_links($footer_links_r);
echo "</div>";
echo _theme_footer();
}
function handle_user_insert(&$HTTP_VARS, &$errors)
{
if (!is_user_valid($HTTP_VARS['user_id'])) {
$HTTP_VARS['user_id'] = strtolower(filter_input_field("filtered(20,20,a-zA-Z0-9_.)", $HTTP_VARS['user_id']));
if (!validate_input_field(get_opendb_lang_var('userid'), "filtered(20,20,a-zA-Z0-9_.)", "Y", $HTTP_VARS['user_id'], $errors)) {
return FALSE;
}
if (validate_user_info(NULL, $HTTP_VARS, $address_provided_r, $errors)) {
if ($HTTP_VARS['op'] == 'signup') {
// no password saved when signing up, as user still must be activated
$active_ind = 'X';
// Will be reset when user activated
$HTTP_VARS['pwd'] = NULL;
} else {
$active_ind = 'Y';
if (strlen($HTTP_VARS['pwd']) == 0) {
if (is_valid_opendb_mailer()) {
$HTTP_VARS['pwd'] = generate_password(8);
} else {
$errors[] = array('error' => get_opendb_lang_var('passwd_not_specified'));
return FALSE;
}
} else {
if ($HTTP_VARS['pwd'] != $HTTP_VARS['confirmpwd']) {
$errors[] = array('error' => get_opendb_lang_var('passwds_do_not_match'));
return FALSE;
}
}
}
// We want to validate and perform inserts even in signup mode
if (insert_user($HTTP_VARS['user_id'], $HTTP_VARS['fullname'], $HTTP_VARS['pwd'], $HTTP_VARS['user_role'], $HTTP_VARS['uid_language'], $HTTP_VARS['uid_theme'], $HTTP_VARS['email_addr'], $active_ind)) {
$user_r = fetch_user_r($HTTP_VARS['user_id']);
return update_user_addresses($user_r, $address_provided_r, $HTTP_VARS, $errors);
} else {
$db_error = db_error();
$errors[] = array('error' => get_opendb_lang_var('user_not_added', 'user_id', $HTTP_VARS['user_id']), 'detail' => $db_error);
return FALSE;
}
} else {
return FALSE;
}
} else {
$errors[] = array('error' => get_opendb_lang_var('user_exists', 'user_id', $HTTP_VARS['user_id']), 'detail' => '');
return FALSE;
}
}
$value = fetch_user_address_lookup_attribute_val($address_type_r['sequence_number'], $addr_attribute_type_r['s_attribute_type'], $addr_attribute_type_r['order_no']);
} else {
$value = fetch_user_address_attribute_val($address_type_r['sequence_number'], $addr_attribute_type_r['s_attribute_type'], $addr_attribute_type_r['order_no']);
}
if (strlen($value) > 0) {
echo get_item_display_field(NULL, $addr_attribute_type_r, $value);
}
}
db_free_result($attr_results);
echo "\n</table>";
}
}
}
db_free_result($addr_results);
}
if (is_valid_opendb_mailer() && strlen($user_r['email_addr']) > 0 && is_user_granted_permission(PERM_SEND_EMAIL) && is_user_permitted_to_receive_email($user_r['user_id'])) {
$url = 'email.php?' . get_url_string(array('op' => 'send_to_uid', 'uid' => $user_r['user_id'], 'inc_menu' => 'N', 'subject' => ifempty($HTTP_VARS['subject'], get_opendb_lang_var('no_subject'))));
$footer_links_r[] = array(url => $url, target => 'popup(640,480)', text => get_opendb_lang_var('send_email'));
}
if (is_user_granted_permission(PERM_VIEW_LISTINGS) && $user_r['active_ind'] == 'Y') {
$footer_links_r[] = array(url => "listings.php?owner_id=" . $user_r['user_id'], text => get_opendb_lang_var('list_user_items'));
}
if (is_user_granted_permission(PERM_ADMIN_USER_LISTING) && is_opendb_session_var('user_listing_url_vars')) {
$footer_links_r[] = array(url => "user_listing.php?" . get_url_string(get_opendb_session_var('user_listing_url_vars')), text => get_opendb_lang_var('back_to_user_listing'));
}
echo format_footer_links($footer_links_r);
} else {
$message = get_opendb_lang_var('user_not_found', array('user_id' => $user_r['user_id']));
echo _theme_header($message);
echo "<p class=\"error\">" . $message . "</p>";
echo _theme_footer();
// End of while
@db_free_result($result);
}
$listingObject->endListing();
if ($listingObject->isCheckboxColumns() > 0) {
if ($HTTP_VARS['op'] == 'my_reserve_basket') {
$checkbox_action_rs[] = array('action' => $PHP_SELF, 'op' => 'delete_from_my_reserve_basket', link => get_opendb_lang_var('delete_from_reserve_list'));
$checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'reserve', link => get_opendb_lang_var('reserve_item(s)'));
$checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'reserve_all', 'checked' => FALSE, link => get_opendb_lang_var('reserve_all_item(s)'));
} else {
if ($HTTP_VARS['op'] == 'my_reserved') {
$checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'cancel_reserve', link => get_opendb_lang_var('cancel_reservation(s)'));
} else {
if ($HTTP_VARS['op'] == 'owner_borrowed') {
$checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'check_in', link => get_opendb_lang_var('check_in_item(s)'));
if (is_valid_opendb_mailer()) {
$checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'reminder', link => get_opendb_lang_var('send_reminder(s)'));
}
if (get_opendb_config_var('borrow', 'duration_support') !== FALSE) {
$checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'extension', link => get_opendb_lang_var('borrow_duration_extension(s)'));
}
} else {
if ($HTTP_VARS['op'] == 'owner_reserved') {
$checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'check_out', link => get_opendb_lang_var('check_out_item(s)'));
$checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'cancel_reserve', link => get_opendb_lang_var('cancel_reservation(s)'));
}
}
}
}
echo format_checkbox_action_links('sequence_number', get_opendb_lang_var('no_items_checked'), $checkbox_action_rs);
}
function get_menu_options($user_id)
{
$menu_options = array();
if (is_user_granted_permission(PERM_ITEM_OWNER, $user_id)) {
$menu_options['items'][] = array(link => get_opendb_lang_var('add_new_item'), url => "item_input.php?op=site-add&owner_id={$user_id}");
$menu_options['listings'][] = array(link => get_opendb_lang_var('list_my_items'), url => "listings.php?owner_id={$user_id}");
}
if (is_user_granted_permission(PERM_VIEW_LISTINGS)) {
$menu_options['listings'][] = array(link => get_opendb_lang_var('list_all_items'), url => "listings.php");
}
if (is_file_upload_enabled()) {
if (is_user_granted_permission(PERM_ADMIN_IMPORT, $user_id)) {
$menu_options['items'][] = array(link => get_opendb_lang_var('import_items'), url => "import.php");
} else {
if (is_user_granted_permission(PERM_USER_IMPORT, $user_id)) {
$menu_options['items'][] = array(link => get_opendb_lang_var('import_my_items'), url => "import.php");
}
}
}
if (is_user_granted_permission(PERM_ADMIN_EXPORT, $user_id)) {
$menu_options['items'][] = array(link => get_opendb_lang_var('export_items'), url => "export.php");
} else {
if (is_user_granted_permission(PERM_USER_EXPORT, $user_id)) {
$menu_options['items'][] = array(link => get_opendb_lang_var('export_my_items'), url => "export.php");
}
}
if (get_opendb_config_var('borrow', 'enable') !== FALSE) {
if (is_exists_borrowed() && is_user_granted_permission(PERM_ADMIN_BORROWER, $user_id)) {
$menu_options['borrow'][] = array(link => get_opendb_lang_var('items_borrowed'), url => "borrow.php?op=all_borrowed");
}
if (is_exists_reserved() && is_user_granted_permission(PERM_ADMIN_BORROWER, $user_id)) {
$menu_options['borrow'][] = array(link => get_opendb_lang_var('items_reserved'), url => "borrow.php?op=all_reserved");
}
if (is_exists_borrower_history($user_id) && is_user_granted_permission(PERM_USER_BORROWER, $user_id)) {
$menu_options['borrow'][] = array(link => get_opendb_lang_var('my_history'), url => "borrow.php?op=my_history");
}
if (is_exists_borrower_borrowed($user_id) && is_user_granted_permission(PERM_USER_BORROWER, $user_id)) {
$menu_options['borrow'][] = array(link => get_opendb_lang_var('my_borrowed_items'), url => "borrow.php?op=my_borrowed");
}
if (is_exists_borrower_reserved($user_id) && is_user_granted_permission(PERM_USER_BORROWER, $user_id)) {
$menu_options['borrow'][] = array(link => get_opendb_lang_var('my_reserved_items'), url => "borrow.php?op=my_reserved");
}
if (get_opendb_config_var('borrow', 'reserve_basket') !== FALSE && is_exists_my_reserve_basket($user_id)) {
$menu_options['borrow'][] = array(link => get_opendb_lang_var('item_reserve_list'), url => "borrow.php?op=my_reserve_basket&order_by=title&sortorder=ASC");
}
if (is_user_granted_permission(PERM_ITEM_OWNER, $user_id)) {
if (is_exists_owner_reserved($user_id)) {
$menu_options['borrow'][] = array(link => get_opendb_lang_var('check_out_item(s)'), url => "borrow.php?op=owner_reserved");
}
if (is_exists_owner_borrowed($user_id)) {
$menu_options['borrow'][] = array(link => get_opendb_lang_var('check_in_item(s)'), url => "borrow.php?op=owner_borrowed");
}
}
if (is_user_granted_permission(PERM_ADMIN_BORROWER, $user_id)) {
if (is_exists_history()) {
$menu_options['borrow'][] = array(link => get_opendb_lang_var('borrower_history'), url => "borrow.php?op=admin_history");
}
$menu_options['borrow'][] = array(link => get_opendb_lang_var('quick_check_out'), url => "quick_checkout.php?op=checkout");
$menu_options['borrow'][] = array(link => get_opendb_lang_var('quick_check_in'), url => "quick_checkout.php?op=checkin");
}
}
if (is_user_granted_permission(PERM_VIEW_ADVANCED_SEARCH)) {
$menu_options['search'][] = array(link => get_opendb_lang_var('advanced_search'), url => "search.php");
}
if (is_user_granted_permission(PERM_VIEW_STATS)) {
$menu_options['stats'][] = array(link => get_opendb_lang_var('statistics'), url => "stats.php");
}
if (is_exists_opendb_rss_feeds()) {
$menu_options['feeds'][] = array(link => get_opendb_lang_var('rss_feeds'), url => "rss.php");
}
if (is_user_granted_permission(PERM_EDIT_USER_PROFILE, $user_id)) {
$menu_options['users'][] = array(link => get_opendb_lang_var('edit_my_info'), url => "user_admin.php?op=edit&user_id={$user_id}");
}
if (get_opendb_config_var('user_admin', 'user_passwd_change_allowed') !== FALSE && is_user_granted_permission(PERM_CHANGE_PASSWORD, $user_id)) {
$menu_options['users'][] = array(link => get_opendb_lang_var('change_my_password'), url => "user_admin.php?op=change_password&user_id={$user_id}");
}
if (is_user_granted_permission(PERM_ADMIN_USER_LISTING, $user_id)) {
if (is_exist_users_not_activated()) {
$menu_options['users'][] = array(link => get_opendb_lang_var('activate_users'), url => "user_listing.php?restrict_active_ind=X&order_by=fullname&sortorder=ASC");
}
$menu_options['users'][] = array(link => get_opendb_lang_var('user_list'), url => "user_listing.php?order_by=fullname&sortorder=ASC");
}
if (is_user_granted_permission(PERM_ADMIN_CREATE_USER, $user_id)) {
$menu_options['users'][] = array(link => get_opendb_lang_var('add_new_user'), url => "user_admin.php?op=new_user");
}
if (is_user_granted_permission(PERM_ADMIN_CHANGE_USER, $user_id)) {
$menu_options['users'][] = array(link => get_opendb_lang_var('change_user'), url => "user_admin.php?op=change_user");
}
if (is_user_granted_permission(PERM_ADMIN_SEND_EMAIL, $user_id)) {
if (is_valid_opendb_mailer()) {
$menu_options['users'][] = array(link => get_opendb_lang_var('email_users'), url => "email.php?op=send_to_all");
}
}
if (is_user_granted_permission(PERM_ADMIN_TOOLS, $user_id)) {
$menu_options['admin_tools'][] = array(link => get_opendb_lang_var('admin_tools'), url => "admin.php");
}
return $menu_options;
}
/**
*/
function process_borrow_results($op, $mode, $heading, $success_intro, $failure_intro, $more_information, $success_item_rs, $failure_item_rs, $email_notification = TRUE)
{
$titleMaskCfg = new TitleMask(array('item_borrow', 'item_display'));
if (is_not_empty_array($success_item_rs)) {
// Sort the items by user, so we can send emails for multiple
// items, instead of individually.
$borrowed_item_user_r = array();
while (list(, $borrowed_item_r) = each($success_item_rs)) {
$item_r = fetch_item_instance_r($borrowed_item_r['item_id'], $borrowed_item_r['instance_no']);
$item_r['title'] = $titleMaskCfg->expand_item_title($item_r);
$item_entry_r['display_title'] = get_opendb_lang_var('borrow_item_title_listing', array('display_title' => $item_r['title'], 'item_id' => $item_r['item_id'], 'instance_no' => $item_r['instance_no']));
// A array of item_entries.
//$item_entry_r['item'] = $item_r;
$item_entry_r['detail'] = get_borrow_details($op, $item_r, $borrowed_item_r);
// When reserving or cancelling and the current user is the borrower, we want to
// send the email to the owner, in all other cases the email should go to the
// borrower.
if (($op == 'reserve' || $op == 'cancel_reserve') && get_opendb_session_var('user_id') == $borrowed_item_r['borrower_id']) {
$to_user = $item_r['owner_id'];
} else {
$to_user = $borrowed_item_r['borrower_id'];
}
// Now add an entry to this user array.
$borrowed_item_user_r[$to_user][] = $item_entry_r;
}
$success_results = array();
while (list($to_user, $item_entry_rs) = each($borrowed_item_user_r)) {
$errors = NULL;
if (is_valid_opendb_mailer() && $email_notification !== FALSE) {
// How can the from user be anything but the currently logged in user!
$email_result = send_notification_email($to_user, get_opendb_session_var('user_id'), $heading, $success_intro, $more_information, $item_entry_rs, $errors);
}
$display_title_r = NULL;
reset($item_entry_rs);
while (list(, $item_entry_r) = each($item_entry_rs)) {
$display_title_r[] = $item_entry_r['display_title'];
}
$user_name = get_opendb_lang_var('user_name', array('fullname' => fetch_user_name($to_user), 'user_id' => $to_user));
$success_results_rs[] = array(user_name => $user_name, display_titles => $display_title_r, email_result => $email_result, email_errors => $errors);
}
if (is_not_empty_array($success_results_rs)) {
if ($mode == 'job') {
display_job_success_borrow_results($success_intro, $success_results_rs);
} else {
display_html_success_borrow_results($success_intro, $success_results_rs);
}
}
}
if (is_not_empty_array($failure_item_rs)) {
$failure_results = array();
while (list(, $borrowed_item_r) = each($failure_item_rs)) {
$item_r = fetch_item_instance_r($borrowed_item_r['item_id'], $borrowed_item_r['instance_no']);
// Expand title mask.
$item_r['title'] = $titleMaskCfg->expand_item_title($item_r);
$display_title = get_opendb_lang_var('borrow_item_title_listing', array('display_title' => $item_r['title'], 'item_id' => $item_r['item_id'], 'instance_no' => $item_r['instance_no']));
// Now display any errors if present.
if (strlen($borrowed_item_r['errors']) > 0) {
$borrow_error_details = get_opendb_lang_var('borrow_error_detail', 'error', $borrowed_item_r['errors']);
}
$failure_results[] = array(display_title => $display_title, errors => array($borrow_error_details));
}
if (is_not_empty_array($failure_results)) {
if ($mode == 'job') {
display_job_failure_borrow_results($failure_intro, $failure_results);
} else {
display_html_failure_borrow_results($failure_intro, $failure_results);
}
}
}
}
