require_once "../includes/library.php";
if ($_SESSION['profilSession'] != "0") {
header("Location: ../general/permissiondenied.php");
exit;
}
// case update user
if ($id != "") {
if ($id == "1" && $_SESSION['idSession'] == "1") {
header("Location: ../preferences/updateuser.php");
exit;
}
// case update user
if ($action == "update") {
if ($htaccessAuth == "true") {
require_once "../includes/htpasswd.class.php";
$Htpasswd = new Htpasswd();
}
if (!ereg("^[A-Za-z0-9]+\$", $un)) {
$error = $strings["alpha_only"];
} else {
// test if login already exists
$tmpquery = "WHERE mem.login = '******' AND mem.login != '{$unOld}'";
$existsUser = new request();
$existsUser->openMembers($tmpquery);
$comptExistsUser = count($existsUser->mem_id);
if ($comptExistsUser != "0") {
$error = $strings["user_already_exists"];
} else {
// replace quotes by html code in name and address
$fn = convertData($fn);
$tit = convertData($tit);
createDir('files/' . $num);
}
if ($htaccessAuth == 'true') {
$content = <<<STAMP
AuthName "{$setTitle}"
AuthType Basic
Require valid-user
AuthUserFile {$fullPath}/files/{$num}/.htpasswd
STAMP;
$fp = @fopen('../files/' . $num . '/.htaccess', 'wb+');
$fw = fwrite($fp, $content);
$fp = @fopen('../files/' . $num . '/.htpasswd', 'wb+');
$tmpquery = "WHERE mem.id = '{$pown}'";
$detailMember = new request();
$detailMember->openMembers($tmpquery);
$Htpasswd = new Htpasswd();
$Htpasswd->initialize('../files/' . $num . '/.htpasswd');
$Htpasswd->addUser($detailMember->mem_login[0], $detailMember->mem_password[0]);
}
// if mantis bug tracker enabled
if ($enableMantis == 'true') {
// call mantis function to copy project
require_once '../mantis/proj_add.php';
}
// create phase structure if enable phase was selected as true
if ($thisPhase != '0') {
$comptThisPhase = count($phaseArraySets[$thisPhase]);
for ($i = 0; $i < $comptThisPhase; $i++) {
$tmpquery = 'INSERT INTO ' . $tableCollab['phases'] . "(project_id,order_num,status,name) VALUES('{$num}','{$i}','0','" . $phaseArraySets[$thisPhase][$i] . "')";
connectSql($tmpquery);
}
$checkSession = true;
require_once "../includes/library.php";
$tmpquery = "WHERE pro.id = '{$project}'";
$projectDetail = new request();
$projectDetail->openProjects($tmpquery);
$comptProjectDetail = count($projectDetail->pro_id);
if ($comptProjectDetail == "0") {
header("Location: ../projects/listprojects.php?msg=blank");
exit;
}
if ($action == "delete") {
$id = str_replace("**", ",", $id);
$pieces = explode(",", $id);
if ($htaccessAuth == "true") {
require_once "../includes/htpasswd.class.php";
$Htpasswd = new Htpasswd();
$Htpasswd->initialize("../files/" . $projectDetail->pro_id[0] . "/.htpasswd");
$tmpquery = "WHERE mem.id IN({$id})";
$listMembers = new request();
$listMembers->openMembers($tmpquery);
$comptListMembers = count($listMembers->mem_id);
for ($i = 0; $i < $comptListMembers; $i++) {
$Htpasswd->deleteUser($listMembers->mem_login[$i]);
}
}
// if mantis bug tracker enabled
if ($enableMantis == "true") {
// include mantis library
require_once "../mantis/core_API.php";
}
$compt = count($pieces);
createDir("files/{$num}");
}
if ($htaccessAuth == "true") {
$content = <<<STAMP
AuthName "{$setTitle}"
AuthType Basic
Require valid-user
AuthUserFile {$fullPath}/files/{$num}/.htpasswd
STAMP;
$fp = @fopen("../files/{$num}/.htaccess", 'wb+');
$fw = fwrite($fp, $content);
$fp = @fopen("../files/{$num}/.htpasswd", 'wb+');
$tmpquery = "WHERE mem.id = '{$pown}'";
$detailMember = new request();
$detailMember->openMembers($tmpquery);
$Htpasswd = new Htpasswd();
$Htpasswd->initialize("../files/" . $num . "/.htpasswd");
$Htpasswd->addUser($detailMember->mem_login[0], $detailMember->mem_password[0]);
}
//if mantis bug tracker enabled
if ($enableMantis == "true") {
// call mantis function to copy project
include "../mantis/proj_add.php";
}
//create phase structure if enable phase was selected as true
if ($thisPhase != "0") {
$comptThisPhase = count($phaseArraySets[$thisPhase]);
for ($i = 0; $i < $comptThisPhase; $i++) {
$tmpquery = "INSERT INTO " . $tableCollab["phases"] . "(project_id,order_num,status,name) VALUES('{$num}','{$i}','0','" . $phaseArraySets[$thisPhase][$i] . "')";
connectSql("{$tmpquery}");
}
header('Location:index.php');
break;
//////// CREATE HTACCESS AND HTPASSWD FILES
//////// CREATE HTACCESS AND HTPASSWD FILES
case 'createHtFiles':
$error = null;
$reportDir = 'report/';
if ($mCfg->isReportBasicAuthEnabled() && $mCfg->getBasicAuthMethod() == AUTH_METHOD_HTACCESS) {
require_once 'libs/PHP-Htpasswd/Htpasswd.php';
if (!is_writeable($reportDir)) {
$error = 'Report directory is not writeable !';
} else {
$content = 'AuthUserFile "' . getcwd() . '/report/.htpasswd"' . "\n" . 'AuthName "MAB-LAB Report Script"' . "\n" . 'AuthType Basic' . "\n" . '<Files "report.php" >' . "\n" . "\t" . 'require valid-user' . "\n" . '</Files>';
if (file_put_contents($reportDir . '.htaccess', $content)) {
$account = $mCfg->getBasicAuthAccount();
$password = Htpasswd::encryptPassword($account->password, Htpasswd::ENCTYPE_APR_MD5);
$content = $account->login . ':' . $password . "\n";
if (!file_put_contents($reportDir . '.htpasswd', $content)) {
$error = 'An error occured while trying to write .htpasswd file ! .htaccess file was removed.';
@unlink($reportDir . '.htaccess');
}
} else {
$error = 'An error occured while trying to write .htaccess file !';
}
}
} else {
$error = 'Your configuration is not properly set !';
}
if ($error == null) {
Helper::pushAlert(ALERT_SUCCESS, 'Files created successfully !');
} else {
if ($enable_cvs == "true") {
require_once "../includes/cvslib.php";
}
if ($action == "update") {
// encrypt the old password using the defined loginMethod
$opw = get_password($opw);
if ($opw != $_SESSION['passwordSession']) {
$error = $strings["old_password_error"];
} else {
if ($npw != $pwa || $npw == "") {
$error = $strings["new_password_error"];
} else {
$cnpw = get_password($npw);
if ($htaccessAuth == "true") {
require_once "../includes/htpasswd.class.php";
$Htpasswd = new Htpasswd();
$tmpquery = "WHERE tea.member = '" . $_SESSION['idSession'] . "'";
$listProjects = new request();
$listProjects->openTeams($tmpquery);
$comptListProjects = count($listProjects->tea_id);
if ($comptListProjects != "0") {
for ($i = 0; $i < $comptListProjects; $i++) {
$Htpasswd->initialize("../files/" . $listProjects->tea_pro_id[$i] . "/.htpasswd");
$Htpasswd->changePass($_SESSION['loginSession'], $cnpw);
}
}
}
$tmpquery = "UPDATE " . $tableCollab["members"] . " SET password='******' WHERE id = '" . $_SESSION['idSession'] . "'";
connectSql("{$tmpquery}");
// if mantis bug tracker enabled
if ($enableMantis == "true") {
if ($enable_cvs == "true") {
include "../includes/cvslib.php";
}
if ($action == "update") {
$r = substr($opw, 0, 2);
$opw = crypt($opw, $r);
if ($opw != $passwordSession) {
$error = $strings["old_password_error"];
} else {
if ($npw != $pwa || $npw == "") {
$error = $strings["new_password_error"];
} else {
$cnpw = get_password($npw);
if ($htaccessAuth == "true") {
include "../includes/htpasswd.class.php";
$Htpasswd = new Htpasswd();
$tmpquery = "WHERE tea.member = '{$idSession}'";
$listProjects = new request();
$listProjects->openTeams($tmpquery);
$comptListProjects = count($listProjects->tea_id);
if ($comptListProjects != "0") {
for ($i = 0; $i < $comptListProjects; $i++) {
$Htpasswd->initialize("files/" . $listProjects->tea_pro_id[$i] . "/.htpasswd");
$Htpasswd->changePass($loginSession, $cnpw);
}
}
}
$tmpquery = "UPDATE " . $tableCollab["members"] . " SET password='******' WHERE id = '{$idSession}'";
connectSql("{$tmpquery}");
//if CVS repository enabled
if ($enable_cvs == "true") {
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
} else {
$errors[] = "User {$username} already exists";
}
} else {
$errors[] = "Username or password not set";
}
}
if ($_REQUEST['action'] == "delete") {
$username = trim($_REQUEST['username']);
if ($username) {
if (($key = array_search($username, $users)) !== false) {
try {
$htpasswd = new Htpasswd($HTPASSWD_FP);
$htpasswd->deleteUser($username);
$messages[] = "User {$username} has been removed successfully";
unset($users[$key]);
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
} else {
$errors[] = "User {$username} not found";
}
}
}
}
?>
<html lang="en">
<head>