function show_login_form($HTTP_VARS, $errors = NULL) { global $PHP_SELF; echo _theme_header(get_opendb_lang_var('login'), is_show_login_menu_enabled()); echo "<h2>" . get_opendb_lang_var('login') . "</h2>"; if (is_not_empty_array($errors)) { echo format_error_block($errors); } echo "<div id=\"loginFormDiv\">"; if ($HTTP_VARS['rememberMeLogin'] == 'true') { echo "<p class=\"rememberMeLoginMessage\">" . get_opendb_lang_var('not_authorized_to_page_login') . "</p>"; } if (strlen($HTTP_VARS['redirect']) > 0) { echo "<p class=\"redirectMessage\">" . get_opendb_lang_var('login_redirect_message', array('pageid' => get_page_id($HTTP_VARS['redirect']))) . "</p>"; } echo "<form id=\"loginForm\" action=\"{$PHP_SELF}\" method=\"POST\" name=\"login\">"; // The user tried to go straight to a menu item with an invalid session. // Set a "redirect" variable here so that after we give them a full session // we can redirect them back to the page they really wanted. if (strlen($HTTP_VARS['redirect']) > 0) { echo "<input type=\"hidden\" name=\"redirect\" value=\"" . $HTTP_VARS['redirect'] . "\">"; } echo "<input type=\"hidden\" name=\"op\" value=\"login\">"; echo "\n<ul>" . "\n<li><label class=\"label\" for=\"uid\">" . get_opendb_lang_var('userid') . "</label>" . "<input type=\"text\" class=\"text\" id=\"uid\" name=\"uid\" value=\"" . $HTTP_VARS['uid'] . "\"></li>" . "\n<li><label class=\"label\" for=\"password\">" . get_opendb_lang_var('password') . "</label>" . "<input type=\"password\" class=\"password\" id=\"passwd\" name=\"passwd\"></li>"; echo "\n<li><label class=\"label\" for=\"remember\">" . get_opendb_lang_var('remember_me') . "</label>" . "<input type=\"checkbox\" class=\"remember\" id=\"remember\" name=\"remember\" value=\"true\"></li>"; echo "</ul>" . "\n<input type=\"submit\" class=\"submit\" value=\"" . get_opendb_lang_var('login') . "\">"; echo "</form>"; // force uid field focus for login echo "\n<script type=\"text/javascript\">\n\t\tdocument.forms['login']['uid'].focus();\n\t</script>"; if (is_site_enabled() && is_valid_opendb_mailer()) { if (strlen($HTTP_VARS['uid']) > 0 && get_opendb_config_var('login', 'enable_new_pwd_gen') !== FALSE && is_user_granted_permission(PERM_CHANGE_PASSWORD, $HTTP_VARS['uid'])) { $footer_links_r[] = array(url => $PHP_SELF . "?op=newpassword&uid=" . urlencode($HTTP_VARS['uid']), text => get_opendb_lang_var('forgot_your_pwd')); } // no point if site disabled, email is not available if (get_opendb_config_var('email', 'send_to_site_admin') !== FALSE) { $footer_links_r[] = array(text => get_opendb_lang_var('email_administrator'), target => "popup(640,480)", url => "email.php?op=send_to_site_admin&inc_menu=N"); } } // Indicate we should show the signup link. if (get_opendb_config_var('login.signup', 'enable') !== FALSE) { $footer_links_r[] = array(url => "user_admin.php?op=signup", text => get_opendb_lang_var('sign_me_up')); } echo format_footer_links($footer_links_r); echo "</div>"; echo _theme_footer(); }
function handle_user_insert(&$HTTP_VARS, &$errors) { if (!is_user_valid($HTTP_VARS['user_id'])) { $HTTP_VARS['user_id'] = strtolower(filter_input_field("filtered(20,20,a-zA-Z0-9_.)", $HTTP_VARS['user_id'])); if (!validate_input_field(get_opendb_lang_var('userid'), "filtered(20,20,a-zA-Z0-9_.)", "Y", $HTTP_VARS['user_id'], $errors)) { return FALSE; } if (validate_user_info(NULL, $HTTP_VARS, $address_provided_r, $errors)) { if ($HTTP_VARS['op'] == 'signup') { // no password saved when signing up, as user still must be activated $active_ind = 'X'; // Will be reset when user activated $HTTP_VARS['pwd'] = NULL; } else { $active_ind = 'Y'; if (strlen($HTTP_VARS['pwd']) == 0) { if (is_valid_opendb_mailer()) { $HTTP_VARS['pwd'] = generate_password(8); } else { $errors[] = array('error' => get_opendb_lang_var('passwd_not_specified')); return FALSE; } } else { if ($HTTP_VARS['pwd'] != $HTTP_VARS['confirmpwd']) { $errors[] = array('error' => get_opendb_lang_var('passwds_do_not_match')); return FALSE; } } } // We want to validate and perform inserts even in signup mode if (insert_user($HTTP_VARS['user_id'], $HTTP_VARS['fullname'], $HTTP_VARS['pwd'], $HTTP_VARS['user_role'], $HTTP_VARS['uid_language'], $HTTP_VARS['uid_theme'], $HTTP_VARS['email_addr'], $active_ind)) { $user_r = fetch_user_r($HTTP_VARS['user_id']); return update_user_addresses($user_r, $address_provided_r, $HTTP_VARS, $errors); } else { $db_error = db_error(); $errors[] = array('error' => get_opendb_lang_var('user_not_added', 'user_id', $HTTP_VARS['user_id']), 'detail' => $db_error); return FALSE; } } else { return FALSE; } } else { $errors[] = array('error' => get_opendb_lang_var('user_exists', 'user_id', $HTTP_VARS['user_id']), 'detail' => ''); return FALSE; } }
$value = fetch_user_address_lookup_attribute_val($address_type_r['sequence_number'], $addr_attribute_type_r['s_attribute_type'], $addr_attribute_type_r['order_no']); } else { $value = fetch_user_address_attribute_val($address_type_r['sequence_number'], $addr_attribute_type_r['s_attribute_type'], $addr_attribute_type_r['order_no']); } if (strlen($value) > 0) { echo get_item_display_field(NULL, $addr_attribute_type_r, $value); } } db_free_result($attr_results); echo "\n</table>"; } } } db_free_result($addr_results); } if (is_valid_opendb_mailer() && strlen($user_r['email_addr']) > 0 && is_user_granted_permission(PERM_SEND_EMAIL) && is_user_permitted_to_receive_email($user_r['user_id'])) { $url = 'email.php?' . get_url_string(array('op' => 'send_to_uid', 'uid' => $user_r['user_id'], 'inc_menu' => 'N', 'subject' => ifempty($HTTP_VARS['subject'], get_opendb_lang_var('no_subject')))); $footer_links_r[] = array(url => $url, target => 'popup(640,480)', text => get_opendb_lang_var('send_email')); } if (is_user_granted_permission(PERM_VIEW_LISTINGS) && $user_r['active_ind'] == 'Y') { $footer_links_r[] = array(url => "listings.php?owner_id=" . $user_r['user_id'], text => get_opendb_lang_var('list_user_items')); } if (is_user_granted_permission(PERM_ADMIN_USER_LISTING) && is_opendb_session_var('user_listing_url_vars')) { $footer_links_r[] = array(url => "user_listing.php?" . get_url_string(get_opendb_session_var('user_listing_url_vars')), text => get_opendb_lang_var('back_to_user_listing')); } echo format_footer_links($footer_links_r); } else { $message = get_opendb_lang_var('user_not_found', array('user_id' => $user_r['user_id'])); echo _theme_header($message); echo "<p class=\"error\">" . $message . "</p>"; echo _theme_footer();
// End of while @db_free_result($result); } $listingObject->endListing(); if ($listingObject->isCheckboxColumns() > 0) { if ($HTTP_VARS['op'] == 'my_reserve_basket') { $checkbox_action_rs[] = array('action' => $PHP_SELF, 'op' => 'delete_from_my_reserve_basket', link => get_opendb_lang_var('delete_from_reserve_list')); $checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'reserve', link => get_opendb_lang_var('reserve_item(s)')); $checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'reserve_all', 'checked' => FALSE, link => get_opendb_lang_var('reserve_all_item(s)')); } else { if ($HTTP_VARS['op'] == 'my_reserved') { $checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'cancel_reserve', link => get_opendb_lang_var('cancel_reservation(s)')); } else { if ($HTTP_VARS['op'] == 'owner_borrowed') { $checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'check_in', link => get_opendb_lang_var('check_in_item(s)')); if (is_valid_opendb_mailer()) { $checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'reminder', link => get_opendb_lang_var('send_reminder(s)')); } if (get_opendb_config_var('borrow', 'duration_support') !== FALSE) { $checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'extension', link => get_opendb_lang_var('borrow_duration_extension(s)')); } } else { if ($HTTP_VARS['op'] == 'owner_reserved') { $checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'check_out', link => get_opendb_lang_var('check_out_item(s)')); $checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'cancel_reserve', link => get_opendb_lang_var('cancel_reservation(s)')); } } } } echo format_checkbox_action_links('sequence_number', get_opendb_lang_var('no_items_checked'), $checkbox_action_rs); }
function get_menu_options($user_id) { $menu_options = array(); if (is_user_granted_permission(PERM_ITEM_OWNER, $user_id)) { $menu_options['items'][] = array(link => get_opendb_lang_var('add_new_item'), url => "item_input.php?op=site-add&owner_id={$user_id}"); $menu_options['listings'][] = array(link => get_opendb_lang_var('list_my_items'), url => "listings.php?owner_id={$user_id}"); } if (is_user_granted_permission(PERM_VIEW_LISTINGS)) { $menu_options['listings'][] = array(link => get_opendb_lang_var('list_all_items'), url => "listings.php"); } if (is_file_upload_enabled()) { if (is_user_granted_permission(PERM_ADMIN_IMPORT, $user_id)) { $menu_options['items'][] = array(link => get_opendb_lang_var('import_items'), url => "import.php"); } else { if (is_user_granted_permission(PERM_USER_IMPORT, $user_id)) { $menu_options['items'][] = array(link => get_opendb_lang_var('import_my_items'), url => "import.php"); } } } if (is_user_granted_permission(PERM_ADMIN_EXPORT, $user_id)) { $menu_options['items'][] = array(link => get_opendb_lang_var('export_items'), url => "export.php"); } else { if (is_user_granted_permission(PERM_USER_EXPORT, $user_id)) { $menu_options['items'][] = array(link => get_opendb_lang_var('export_my_items'), url => "export.php"); } } if (get_opendb_config_var('borrow', 'enable') !== FALSE) { if (is_exists_borrowed() && is_user_granted_permission(PERM_ADMIN_BORROWER, $user_id)) { $menu_options['borrow'][] = array(link => get_opendb_lang_var('items_borrowed'), url => "borrow.php?op=all_borrowed"); } if (is_exists_reserved() && is_user_granted_permission(PERM_ADMIN_BORROWER, $user_id)) { $menu_options['borrow'][] = array(link => get_opendb_lang_var('items_reserved'), url => "borrow.php?op=all_reserved"); } if (is_exists_borrower_history($user_id) && is_user_granted_permission(PERM_USER_BORROWER, $user_id)) { $menu_options['borrow'][] = array(link => get_opendb_lang_var('my_history'), url => "borrow.php?op=my_history"); } if (is_exists_borrower_borrowed($user_id) && is_user_granted_permission(PERM_USER_BORROWER, $user_id)) { $menu_options['borrow'][] = array(link => get_opendb_lang_var('my_borrowed_items'), url => "borrow.php?op=my_borrowed"); } if (is_exists_borrower_reserved($user_id) && is_user_granted_permission(PERM_USER_BORROWER, $user_id)) { $menu_options['borrow'][] = array(link => get_opendb_lang_var('my_reserved_items'), url => "borrow.php?op=my_reserved"); } if (get_opendb_config_var('borrow', 'reserve_basket') !== FALSE && is_exists_my_reserve_basket($user_id)) { $menu_options['borrow'][] = array(link => get_opendb_lang_var('item_reserve_list'), url => "borrow.php?op=my_reserve_basket&order_by=title&sortorder=ASC"); } if (is_user_granted_permission(PERM_ITEM_OWNER, $user_id)) { if (is_exists_owner_reserved($user_id)) { $menu_options['borrow'][] = array(link => get_opendb_lang_var('check_out_item(s)'), url => "borrow.php?op=owner_reserved"); } if (is_exists_owner_borrowed($user_id)) { $menu_options['borrow'][] = array(link => get_opendb_lang_var('check_in_item(s)'), url => "borrow.php?op=owner_borrowed"); } } if (is_user_granted_permission(PERM_ADMIN_BORROWER, $user_id)) { if (is_exists_history()) { $menu_options['borrow'][] = array(link => get_opendb_lang_var('borrower_history'), url => "borrow.php?op=admin_history"); } $menu_options['borrow'][] = array(link => get_opendb_lang_var('quick_check_out'), url => "quick_checkout.php?op=checkout"); $menu_options['borrow'][] = array(link => get_opendb_lang_var('quick_check_in'), url => "quick_checkout.php?op=checkin"); } } if (is_user_granted_permission(PERM_VIEW_ADVANCED_SEARCH)) { $menu_options['search'][] = array(link => get_opendb_lang_var('advanced_search'), url => "search.php"); } if (is_user_granted_permission(PERM_VIEW_STATS)) { $menu_options['stats'][] = array(link => get_opendb_lang_var('statistics'), url => "stats.php"); } if (is_exists_opendb_rss_feeds()) { $menu_options['feeds'][] = array(link => get_opendb_lang_var('rss_feeds'), url => "rss.php"); } if (is_user_granted_permission(PERM_EDIT_USER_PROFILE, $user_id)) { $menu_options['users'][] = array(link => get_opendb_lang_var('edit_my_info'), url => "user_admin.php?op=edit&user_id={$user_id}"); } if (get_opendb_config_var('user_admin', 'user_passwd_change_allowed') !== FALSE && is_user_granted_permission(PERM_CHANGE_PASSWORD, $user_id)) { $menu_options['users'][] = array(link => get_opendb_lang_var('change_my_password'), url => "user_admin.php?op=change_password&user_id={$user_id}"); } if (is_user_granted_permission(PERM_ADMIN_USER_LISTING, $user_id)) { if (is_exist_users_not_activated()) { $menu_options['users'][] = array(link => get_opendb_lang_var('activate_users'), url => "user_listing.php?restrict_active_ind=X&order_by=fullname&sortorder=ASC"); } $menu_options['users'][] = array(link => get_opendb_lang_var('user_list'), url => "user_listing.php?order_by=fullname&sortorder=ASC"); } if (is_user_granted_permission(PERM_ADMIN_CREATE_USER, $user_id)) { $menu_options['users'][] = array(link => get_opendb_lang_var('add_new_user'), url => "user_admin.php?op=new_user"); } if (is_user_granted_permission(PERM_ADMIN_CHANGE_USER, $user_id)) { $menu_options['users'][] = array(link => get_opendb_lang_var('change_user'), url => "user_admin.php?op=change_user"); } if (is_user_granted_permission(PERM_ADMIN_SEND_EMAIL, $user_id)) { if (is_valid_opendb_mailer()) { $menu_options['users'][] = array(link => get_opendb_lang_var('email_users'), url => "email.php?op=send_to_all"); } } if (is_user_granted_permission(PERM_ADMIN_TOOLS, $user_id)) { $menu_options['admin_tools'][] = array(link => get_opendb_lang_var('admin_tools'), url => "admin.php"); } return $menu_options; }
/** */ function process_borrow_results($op, $mode, $heading, $success_intro, $failure_intro, $more_information, $success_item_rs, $failure_item_rs, $email_notification = TRUE) { $titleMaskCfg = new TitleMask(array('item_borrow', 'item_display')); if (is_not_empty_array($success_item_rs)) { // Sort the items by user, so we can send emails for multiple // items, instead of individually. $borrowed_item_user_r = array(); while (list(, $borrowed_item_r) = each($success_item_rs)) { $item_r = fetch_item_instance_r($borrowed_item_r['item_id'], $borrowed_item_r['instance_no']); $item_r['title'] = $titleMaskCfg->expand_item_title($item_r); $item_entry_r['display_title'] = get_opendb_lang_var('borrow_item_title_listing', array('display_title' => $item_r['title'], 'item_id' => $item_r['item_id'], 'instance_no' => $item_r['instance_no'])); // A array of item_entries. //$item_entry_r['item'] = $item_r; $item_entry_r['detail'] = get_borrow_details($op, $item_r, $borrowed_item_r); // When reserving or cancelling and the current user is the borrower, we want to // send the email to the owner, in all other cases the email should go to the // borrower. if (($op == 'reserve' || $op == 'cancel_reserve') && get_opendb_session_var('user_id') == $borrowed_item_r['borrower_id']) { $to_user = $item_r['owner_id']; } else { $to_user = $borrowed_item_r['borrower_id']; } // Now add an entry to this user array. $borrowed_item_user_r[$to_user][] = $item_entry_r; } $success_results = array(); while (list($to_user, $item_entry_rs) = each($borrowed_item_user_r)) { $errors = NULL; if (is_valid_opendb_mailer() && $email_notification !== FALSE) { // How can the from user be anything but the currently logged in user! $email_result = send_notification_email($to_user, get_opendb_session_var('user_id'), $heading, $success_intro, $more_information, $item_entry_rs, $errors); } $display_title_r = NULL; reset($item_entry_rs); while (list(, $item_entry_r) = each($item_entry_rs)) { $display_title_r[] = $item_entry_r['display_title']; } $user_name = get_opendb_lang_var('user_name', array('fullname' => fetch_user_name($to_user), 'user_id' => $to_user)); $success_results_rs[] = array(user_name => $user_name, display_titles => $display_title_r, email_result => $email_result, email_errors => $errors); } if (is_not_empty_array($success_results_rs)) { if ($mode == 'job') { display_job_success_borrow_results($success_intro, $success_results_rs); } else { display_html_success_borrow_results($success_intro, $success_results_rs); } } } if (is_not_empty_array($failure_item_rs)) { $failure_results = array(); while (list(, $borrowed_item_r) = each($failure_item_rs)) { $item_r = fetch_item_instance_r($borrowed_item_r['item_id'], $borrowed_item_r['instance_no']); // Expand title mask. $item_r['title'] = $titleMaskCfg->expand_item_title($item_r); $display_title = get_opendb_lang_var('borrow_item_title_listing', array('display_title' => $item_r['title'], 'item_id' => $item_r['item_id'], 'instance_no' => $item_r['instance_no'])); // Now display any errors if present. if (strlen($borrowed_item_r['errors']) > 0) { $borrow_error_details = get_opendb_lang_var('borrow_error_detail', 'error', $borrowed_item_r['errors']); } $failure_results[] = array(display_title => $display_title, errors => array($borrow_error_details)); } if (is_not_empty_array($failure_results)) { if ($mode == 'job') { display_job_failure_borrow_results($failure_intro, $failure_results); } else { display_html_failure_borrow_results($failure_intro, $failure_results); } } } }