$oOptions = new OA_Admin_Option('user');
// Prepare an array for storing error messages
$aErrormessage = array();
// If the settings page is a submission, deal with the form data
if (isset($_POST['submitok']) && $_POST['submitok'] == 'true') {
    // Register input variables
    phpAds_registerGlobalUnslashed('pwold', 'pw', 'pw2');
    // Get the DB_DataObject for the current user
    $doUsers = OA_Dal::factoryDO('users');
    $doUsers->get(OA_Permission::getUserId());
    // Set defaults
    $changePassword = false;
    // Get the current authentication plugin instance
    $oPlugin = OA_Auth::staticGetAuthPlugin();
    // Check password
    if (!isset($pwold) || !$oPlugin->checkPassword(OA_Permission::getUsername(), $pwold)) {
        $aErrormessage[0][] = $GLOBALS['strPasswordWrong'];
    }
    if (isset($pw) && strlen($pw) || isset($pw2) && strlen($pw2)) {
        if (!strlen($pw) || strstr("\\", $pw)) {
            $aErrormessage[0][] = $GLOBALS['strInvalidPassword'];
        } elseif (strcmp($pw, $pw2)) {
            $aErrormessage[0][] = $GLOBALS['strNotSamePasswords'];
        } else {
            $changePassword = true;
        }
    }
    if (!count($aErrormessage) && $changePassword) {
        $result = $oPlugin->changePassword($doUsers, $pw, $pwold);
        if (PEAR::isError($result)) {
            $aErrormessage[0][] = $result->getMessage();
Esempio n. 2
0
 function autoLogin()
 {
     $oPlugin =& OA_Auth::staticGetAuthPlugin();
     phpAds_SessionStart();
     // No auto-login if auth is external
     if (empty($oPlugin) || get_class($oPlugin) != 'Plugins_Authentication') {
         phpAds_SessionDataDestroy();
         return;
     }
     $doUser = OA_Dal::factoryDO('users');
     if (!empty($_COOKIE['oat']) && $_COOKIE['oat'] == OA_UPGRADE_UPGRADE) {
         // Upgrading, fetch the record using the username of the logged in user
         $doUser->username = OA_Permission::getUsername();
     } else {
         // Installing, fetch the user linked to the admin account
         $doAUA = OA_Dal::factoryDO('account_user_assoc');
         $doAUA->account_id = OA_Dal_ApplicationVariables::get('admin_account_id');
         $doUser->joinAdd($doAUA);
     }
     $doUser->find();
     if ($doUser->fetch()) {
         phpAds_SessionDataRegister(OA_Auth::getSessionData($doUser));
         phpAds_SessionDataStore();
     }
 }
 /**
  * Enter description here...
  *
  * @param integer $actionid One of the following:
  *                              - 1 for INSERT
  *                              - 2 for UPDATE
  *                              - 3 for DELETE
  * @param unknown_type $oDataObject
  * @param unknown_type $parentid
  * @return unknown
  */
 function audit($actionid, $oDataObject = null, $parentid = null)
 {
     if (OA::getConfigOption('audit', 'enabled', false)) {
         if ($this->_auditEnabled()) {
             if (is_null($this->doAudit)) {
                 $this->doAudit = $this->factory('audit');
             }
             $this->doAudit->actionid = $actionid;
             $this->doAudit->context = $this->getTableWithoutPrefix();
             $this->doAudit->contextid = $this->_getContextId();
             $this->doAudit->parentid = $parentid;
             $this->doAudit->username = OA_Permission::getUsername();
             $this->doAudit->userid = OA_Permission::getUserId();
             if (!isset($this->doAudit->usertype)) {
                 $this->doAudit->usertype = 0;
             }
             // Set the account IDs that need to be used in auditing
             // this type of entity record
             $aAccountIds = $this->getOwningAccountIds();
             // Set the primary account ID
             if (isset($aAccountIds[OA_ACCOUNT_MANAGER])) {
                 $this->doAudit->account_id = $aAccountIds[OA_ACCOUNT_MANAGER];
             } else {
                 $this->doAudit->account_id = $aAccountIds[OA_ACCOUNT_ADMIN];
             }
             // Set the advertiser account ID, if required
             if (isset($aAccountIds[OA_ACCOUNT_ADVERTISER])) {
                 $this->doAudit->advertiser_account_id = $aAccountIds[OA_ACCOUNT_ADVERTISER];
             }
             // Set the trafficker account ID, if required
             if (isset($aAccountIds[OA_ACCOUNT_TRAFFICKER])) {
                 $this->doAudit->website_account_id = $aAccountIds[OA_ACCOUNT_TRAFFICKER];
             }
             // Prepare a generic array of data to be stored in the audit record
             $aAuditFields = $this->_prepAuditArray($actionid, $oDataObject);
             // Individual objects can customise this data (add, remove, format...)
             $this->_buildAuditArray($actionid, $aAuditFields);
             // Do not audit if nothing has changed
             if (count($aAuditFields)) {
                 // Serialise the data
                 $this->doAudit->details = serialize($aAuditFields);
                 $this->doAudit->updated = OA::getNowUTC();
                 // Finally, insert the audit record
                 $id = $this->doAudit->insert();
                 // Perform post-audit actions
                 $this->_postAuditTrigger($actionid, $oDataObject, $id);
                 return $id;
             }
         }
     }
     return false;
 }
Esempio n. 4
0
 function _assignUserAccountInfo($oCurrentSection)
 {
     global $session;
     // Show currently logged on user and IP
     if (OA_Auth::isLoggedIn() || defined('phpAds_installing')) {
         $this->oTpl->assign('helpLink', OA_Admin_Help::getHelpLink($oCurrentSection));
         if (!defined('phpAds_installing')) {
             $this->oTpl->assign('infoUser', OA_Permission::getUsername());
             $this->oTpl->assign('buttonLogout', true);
             $this->oTpl->assign('buttonReportBugs', true);
             // Account switcher
             OA_Admin_UI_AccountSwitch::assignModel($this->oTpl);
             $this->oTpl->assign('strWorkingAs', $GLOBALS['strWorkingAs_Key']);
             $this->oTpl->assign('keyWorkingAs', $GLOBALS['keyWorkingAs']);
             $this->oTpl->assign('accountId', OA_Permission::getAccountId());
             $this->oTpl->assign('accountName', OA_Permission::getAccountName());
             $this->oTpl->assign('accountSearchUrl', MAX::constructURL(MAX_URL_ADMIN, 'account-switch-search.php'));
             $this->oTpl->assign('productUpdatesCheck', OA_Permission::isAccount(OA_ACCOUNT_ADMIN) && $GLOBALS['_MAX']['CONF']['sync']['checkForUpdates'] && !isset($session['maint_update_js']));
             if (OA_Permission::isUserLinkedToAdmin()) {
                 $this->oTpl->assign('maintenanceAlert', OA_Dal_Maintenance_UI::alertNeeded());
             }
         } else {
             $this->oTpl->assign('buttonStartOver', true);
         }
     }
 }