/**
  * Show user for editing.
  *
  * @param Request $request
  * @param int     $id
  *
  * @return Response
  */
 public function edit(UserAdminWebRequest $request, User $user)
 {
     Form::populate($user);
     $permissions = $this->permission->groupedPermissions(true);
     $roles = $this->roles->all();
     return response()->view('user::admin.user.edit', compact('user', 'roles', 'permissions'));
 }
Esempio n. 2
0
 /**
  * Show the form for editing the specified resource.
  *
  * @param Request $request
  * @param int     $id
  *
  * @return Response
  */
 public function edit(UserAdminRequest $request, User $user)
 {
     $permissions = $this->permission->groupedPermissions(true);
     $roles = $this->roles->all();
     Form::populate($user);
     $this->responseCode = 200;
     $this->responseMessage = trans('messages.success.loaded', ['Module' => 'User']);
     $this->responseData = $user;
     $this->responseView = view('user::admin.user.edit', compact('user', 'roles', 'permissions'));
     return $this->respond($request);
 }
Esempio n. 3
0
 | PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT      |
 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,   |
 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT        |
 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,   |
 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY   |
 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT     |
 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE   |
 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.    |
 |                                                                         |
 +-------------------------------------------------------------------------+
*/
include "../../include/session.php";
include "include/tables.php";
include "include/fields.php";
include "include/roles.php";
$thetable = new roles($db, "tbld:87b9fe06-afe5-d9c6-0fa0-4a0f2ec4ee8a");
$therecord = $thetable->processAddEditPage();
if (isset($therecord["phpbmsStatus"])) {
    $statusmessage = $therecord["phpbmsStatus"];
}
$pageTitle = "Role";
$phpbms->cssIncludes[] = "pages/roles.css";
$phpbms->jsIncludes[] = "modules/base/javascript/roles.js";
//Form Elements
//==============================================================
$theform = new phpbmsForm();
$theform->onsubmit = "return submitForm(this);";
$theinput = new inputCheckbox("inactive", $therecord["inactive"]);
$theform->addField($theinput);
$theinput = new inputField("name", $therecord["name"], NULL, true, NULL, 28, 64);
$theinput->setAttribute("class", "important");
Esempio n. 4
0
    }
} elseif ($action == "showproject") {
    if (!$userpermissions["files"]["view"]) {
        $errtxt = $langfile["nopermission"];
        $noperm = $langfile["accessdenied"];
        $template->assign("errortext", "{$errtxt}<br>{$noperm}");
        $template->display("error.tpl");
        die;
    }
    $files = $myfile->getProjectFiles($id);
    $filenum = count($files);
    if (empty($finfiles)) {
        $filenum = 0;
    }
    $myproject = new project();
    $rolesobj = new roles();
    //get folders
    $folders = $myfile->getProjectFolders($id);
    //get all folders
    $allfolders = $myfile->getAllProjectFolders($id);
    //get the project
    $pro = $myproject->getProject($id);
    //get the project members
    $members = $myproject->getProjectMembers($id, 10000);
    //get all roles
    $allroles = $rolesobj->getAllRoles();
    $projectname = $pro["name"];
    $title = $langfile['files'];
    $template->assign("title", $title);
    $template->assign("projectname", $projectname);
    SmartyPaginate::assign($template);
Esempio n. 5
0
 private function addPeople($peopleArray)
 {
     $user = new user();
     foreach ($peopleArray->person as $person) {
         $company = 0;
         //note that this should be updated when company becomes a used object
         $isAdmin = 1;
         $rolesobj = new roles();
         $adminrid = $rolesobj->add("BasecampAdmin", array("add" => 1, "edit" => 1, "del" => 1, "close" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1), array("add" => 1, "edit" => 1, "del" => 1), array("add" => 1, "edit" => 1, "del" => 1, "read" => 1), array("add" => 0), array("add" => 1));
         $userrid = $rolesobj->add("BasecampUser", array("add" => 1, "edit" => 1, "del" => 0, "close" => 0), array("add" => 1, "edit" => 1, "del" => 0), array("add" => 1, "edit" => 1, "del" => 1), array("add" => 1, "edit" => 1, "del" => 1), array("add" => 1, "edit" => 1, "del" => 1), array("add" => 1, "edit" => 1, "del" => 1, "read" => 0), array("add" => 1), array("add" => 0));
         $username = $person->{'user-name'};
         $email = $person->{'email-address'};
         $pass = $email;
         $uid = $user->add($username, $email, $company, $pass);
         if ($uid) {
             if ($person->{'administrator'} == "true") {
                 $rolesobj->assign($adminrid, $uid);
                 $isAdmin = 5;
             } elseif ($person->{'client-id'} != 0) {
                 $rolesobj->assign($userrid, $uid);
                 $isAdmin = 0;
             }
             $iid = "" . $person->{'id'};
             $this->peopleHash[$iid] = $uid;
             ++$this->peopleCount;
         }
     }
 }
Esempio n. 6
0
 /**
  * Log a user in
  *
  * @param string $user User name
  * @param string $pass Password
  * @return bool
  */
 function openIdLogin($url)
 {
     /* here the openid auth should take place */
     try {
         $openid = new LightOpenID($_SERVER['HTTP_HOST']);
         if (!$openid->mode) {
             $openid->identity = $url;
             header('Location: ' . $openid->authUrl());
         } elseif ($openid->mode == 'cancel') {
             return false;
         } else {
             $identity = $openid->data['openid_identity'];
             $sel1 = $conn->query("SELECT ID from openids WHERE identity='{$identity}'");
             if ($row = $sel1->fetch()) {
                 $id = $row['ID'];
             } else {
                 return false;
             }
             // die("SELECT ID,name,locale,lastlogin,gender FROM user WHERE ID=$id");
             $sel1 = $conn->query("SELECT ID,name,locale,lastlogin,gender FROM user WHERE ID={$id}");
             $chk = $sel1->fetch();
             if ($chk["ID"] != "") {
                 $rolesobj = new roles();
                 $now = time();
                 $_SESSION['userid'] = $chk['ID'];
                 $_SESSION['username'] = stripslashes($chk['name']);
                 $_SESSION['lastlogin'] = $now;
                 $_SESSION['userlocale'] = $chk['locale'];
                 $_SESSION['usergender'] = $chk['gender'];
                 $_SESSION["userpermissions"] = $rolesobj->getUserRole($chk["ID"]);
                 $userid = $_SESSION['userid'];
                 $seid = session_id();
                 $staylogged = getArrayVal($_POST, 'staylogged');
                 if ($staylogged == 1) {
                     setcookie("PHPSESSID", "{$seid}", time() + 14 * 24 * 3600);
                 }
                 $upd1 = $conn->prepare("UPDATE user SET lastlogin = ? WHERE ID = ?");
                 $upd1Stmt = $upd1->execute(array($now, $userid));
                 return true;
             } else {
                 return false;
             }
         }
     } catch (ErrorException $e) {
         return false;
     }
 }
Esempio n. 7
0
 function getModuleButtons()
 {
     global $module_id;
     $roles = new roles();
     $class_btn = "btn btn-default btn-sm";
     $btns .= "<div class='pull-right'>";
     $link = "";
     if (strtolower(end(explode('.', $_SERVER['REQUEST_URI']))) == 'php') {
         $link = $_SERVER['REQUEST_URI'] . "";
     } else {
         $link = str_replace(array("&action=add", "action=_edit", "&action=add", "action=_edit"), "", $_SERVER['REQUEST_URI']);
     }
     $btns .= "<a href='{$link}'  class='{$class_btn}'><i class='fa fa-refresh'></i></a>";
     $role_insert = $roles->getUserRoles($_SESSION['cms-grp-id'], $module_id, 'insert');
     echo $this->pageInsert;
     if ($role_insert != "") {
         $id = "Add";
         $link = $this->pageInsert;
         if (strtolower(end(explode('.', $_SERVER['REQUEST_URI']))) == 'php') {
             $link = $_SERVER['REQUEST_URI'] . "?action=add";
         } else {
             $link = str_replace(array("&action=add", "action=_edit", "&action=add", "action=add"), "", $_SERVER['REQUEST_URI']) . "&action=add";
         }
         $btns .= "<a href='{$link}' id='{$id}' class='{$class_btn}'><i class='fa fa-plus'></i></a>";
     }
     $role_delete = $roles->getUserRoles($_SESSION['cms-grp-id'], $module_id, 'delete');
     if ($role_delete != "") {
         $id = "AskDelete";
         $link = "javascript:void(0);";
         $btns .= "<a href='{$link}' id='{$id}' class='{$class_btn}'><i class='fa fa-trash'></i></a>";
     }
     $btns .= "</div>";
     return "<div class='row'><div class='col-sm-12'>" . $this->FilterTable() . '</div><div class="col-sm-12" style="padding-top: 10px;"><button type="button" class="btn btn-sm btn-default" id="collapseAll">Collapse All</button><button class="btn btn-sm btn-default" type="button" id="expandAll">Expand All</button>' . $btns . "</div></div>";
 }
 /**
  * Log a user in
  *
  * @param string $user User name
  * @param string $pass Password
  * @return bool
  */
 function login($user, $pass)
 {
     if (!$user) {
         return false;
     }
     //fixed by for CS 577 Lab 6 using `prepare` statement
     //note conn is defined in class.datenbank.php assuming we have access to that we can do this:
     $stmnt = $conn->prepare("SELECT ID,name,locale,lastlogin,gender FROMuser WHERE (name=? OR email=?) AND pass=?");
     $stmnt->bind_param("sss", $user, $user, sha1($pass));
     $stmnt->execute();
     $stmnt->bind_result($bind_ID, $bind_name, $bind_locale, $bind_lastlogin, $bind_gender);
     $chk = $stmnt->fetch();
     if ($bind_ID != "") {
         $rolesobj = new roles();
         $now = time();
         $_SESSION['userid'] = $bind_ID;
         $_SESSION['username'] = stripslashes($bind_name);
         $_SESSION['lastlogin'] = $now;
         $_SESSION['userlocale'] = $bind_locale;
         $_SESSION['usergender'] = $bind_gender;
         $_SESSION["userpermissions"] = $rolesobj->getUserRole($bind_ID);
         $userid = $_SESSION['userid'];
         $seid = session_id();
         $staylogged = getArrayVal($_POST, 'staylogged');
         if ($staylogged == 1) {
             setcookie("PHPSESSID", "{$seid}", time() + 14 * 24 * 3600);
         }
         $upd1 = mysql_query("UPDATE user SET lastlogin = '******' WHERE ID = {$userid}");
         return true;
     } else {
         return false;
     }
 }
Esempio n. 9
0
    require CL_ROOT . "/config/" . CL_CONFIG . "/config.php";
    // Start database connection
    $conn = new PDO("mysql:host={$db_host};dbname={$db_name}", $db_user, $db_pass);
    $user = $_POST['name'];
    $pass = $_POST['pass'];
    // create the first user
    $usr = new user();
    $installChk = $usr->getAllUsers();
    if ($installChk) {
        // There already are users. abort install.
        die("Collabtive seems to be already installed.<br />If this is an error, please clear your database.");
    }
    $usrid = $usr->add($user, "", 0, $pass);
    if (!$usrid) {
        $template->assign("errortext", "Error: Failed to create first user.");
        $template->display("error.tpl");
        die;
    }
    // insert default roles
    $rolesobj = new roles();
    $adminrid = $rolesobj->add("Admin", array("add" => 1, "edit" => 1, "del" => 1, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "read" => 1, "view" => 1), array("add" => 1), array("add" => 1));
    $userrid = $rolesobj->add("User", array("add" => 1, "edit" => 1, "del" => 0, "close" => 0, "view" => 1), array("add" => 1, "edit" => 1, "del" => 0, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "read" => 0, "view" => 1), array("add" => 1), array("add" => 0));
    $clientrid = $rolesobj->add("Client", array("add" => 0, "edit" => 0, "del" => 0, "close" => 0), array("add" => 0, "edit" => 0, "del" => 0, "close" => 0), array("add" => 0, "edit" => 0, "del" => 0, "close" => 0), array("add" => 0, "edit" => 0, "del" => 0, "close" => 0), array("add" => 0, "edit" => 0, "del" => 0), array("add" => 0, "edit" => 0, "del" => 0, "read" => 0), array("add" => 0), array("add" => 0));
    if (!$adminrid or !$userrid or !$clientrid) {
        $template->assign("errortext", "Error: Failed to create initial roles.");
        $template->display("error.tpl");
        die;
    }
    $rolesobj->assign($adminrid, $usrid);
    $template->display("install3.tpl");
}
Esempio n. 10
0
            $lang2 = $lang . " (" . $fin . "%)";
            $fin = array("val" => $lang, "str" => $lang2);
        }
        array_push($languages_fin, $fin);
    }
    $template->assign("languages_fin", $languages_fin);
    $user = $user->getProfile($id);
    $roleobj = (object) new roles();
    $roles = $roleobj->getAllRoles();
    $title = $langfile['useradministration'];
    $template->assign("title", $title);
    $template->assign("user", $user);
    $template->assign("roles", $roles);
    $template->display("edituseradminform.tpl");
} elseif ($action == "edituser") {
    $roleobj = new roles();
    $roleobj->assign($role, $id);
    if ($id == $userid) {
        $_SESSION['userlocale'] = $locale;
        $_SESSION['username'] = $name;
    }
    if (!isset($isadmin)) {
        $isadmin = 1;
    }
    // Upload of avatar
    if (!empty($_FILES['userfile']['name'])) {
        $fname = $_FILES['userfile']['name'];
        $typ = $_FILES['userfile']['type'];
        $size = $_FILES['userfile']['size'];
        $tmp_name = $_FILES['userfile']['tmp_name'];
        $error = $_FILES['userfile']['error'];
Esempio n. 11
0
  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  
  This File: dept.php
  Description: System File

  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/
if (!defined('PARENT')) {
    $HEADERS->err403(true);
}
// Access..
if (!in_array($cmd, $userAccess) && $MSTEAM->id != '1') {
    $HEADERS->err403(true);
}
// Class..
include_once PATH . 'control/classes/class.roles.php';
$MSDEPT = new roles();
// Add..
if (isset($_POST['process'])) {
    if (trim($_POST['name'])) {
        $MSDEPT->add($MSTEAM->id);
        $OK1 = true;
    }
}
// Update..
if (isset($_POST['update'])) {
    if (trim($_POST['name'])) {
        $MSDEPT->update();
        $OK2 = true;
    }
}
$title = isset($_GET['edit']) ? $msg_dept5 : $msg_dept2;
Esempio n. 12
0
 /**
  * Log a user in
  *
  * @param string $user User name
  * @param string $pass Password
  * @return bool
  */
 function login($user, $pass)
 {
     global $conn;
     if (!$user) {
         return false;
     }
     $user = $conn->quote($user);
     $pass = sha1($pass);
     $sel1 = $conn->query("SELECT ID,name,locale,lastlogin,gender FROM user WHERE (name = {$user} OR email = {$user}) AND pass = '******'");
     $chk = $sel1->fetch();
     if ($chk["ID"] != "") {
         $rolesobj = new roles();
         $now = time();
         $_SESSION['userid'] = $chk['ID'];
         $_SESSION['username'] = stripslashes($chk['name']);
         $_SESSION['lastlogin'] = $now;
         $_SESSION['userlocale'] = $chk['locale'];
         $_SESSION['usergender'] = $chk['gender'];
         $_SESSION["userpermissions"] = $rolesobj->getUserRole($chk["ID"]);
         $userid = $_SESSION['userid'];
         $seid = session_id();
         $staylogged = getArrayVal($_POST, 'staylogged');
         if ($staylogged == 1) {
             setcookie("PHPSESSID", "{$seid}", time() + 14 * 24 * 3600);
         }
         $upd1 = $conn->query("UPDATE user SET lastlogin = '******' WHERE ID = {$userid}");
         return true;
     } else {
         return false;
     }
 }
Esempio n. 13
0
 function getModuleButtons()
 {
     global $module_id;
     $roles = new roles();
     $class_btn = "btn btn-default btn-sm";
     $btns .= "<div class='pull-right'>";
     $btns .= $this->getRelatedModulesButtons($class_btn);
     $link = "";
     if ($this->Help == true && $this->HelpLink != "") {
         /* alaa */
         $btns .= "<a href='{$this->HelpLink}'  target='_blank' class='{$class_btn}' title='" . $this->getConstant("help") . "' data-toggle='tooltip'><i class='fa fa-question'></i></a>";
     }
     if (strtolower(end(explode('.', $_SERVER['REQUEST_URI']))) == 'php') {
         $link = $_SERVER['REQUEST_URI'] . "";
     } else {
         $link = str_replace(array("&action=add", "action=_edit", "&action=add", "action=_edit"), "", $_SERVER['REQUEST_URI']);
     }
     $btns .= "<a href='{$link}' title='" . $this->getConstant("refresh") . "' data-toggle='tooltip' class='{$class_btn}'><i class='fa fa-refresh'></i></a>";
     $role_insert = $roles->getUserRoles($_SESSION['cms-grp-id'], $module_id, 'insert');
     if ($role_insert != "" && $this->Add == true) {
         /* alaa */
         $id = "Add";
         $link = $this->pageInsert;
         if ($this->isGridList == true) {
             if (strtolower(end(explode('.', $_SERVER['REQUEST_URI']))) == 'php') {
                 $link = $_SERVER['REQUEST_URI'] . "?action=add";
             } else {
                 $link = str_replace(array("&action=add", "action=add"), "", $_SERVER['REQUEST_URI']) . "&action=add";
             }
         }
         $btns .= "<a href='{$link}' id='{$id}' title='" . $this->getConstant("add") . "' data-toggle='tooltip' class='{$class_btn}'><i class='fa fa-plus'></i></a>";
     }
     $role_delete = $roles->getUserRoles($_SESSION['cms-grp-id'], $module_id, 'delete');
     if ($role_delete != "" && $this->delete == true) {
         /* alaa */
         $id = "AskDelete";
         $link = "javascript:void(0);";
         $btns .= "<a href='{$link}' id='{$id}' class='{$class_btn}' title='" . $this->getConstant("delete") . "' data-toggle='tooltip'><i class='fa fa-trash'></i></a>";
     }
     $btns .= "</div>";
     return $btns;
 }
Esempio n. 14
0
    /**
     * Log a user in
     *
     * @param string $user User name
     * @param string $pass Password
     * @return bool
     */
    function login($user, $pass)
    {
        if (!$user)
        {
            return false;
        }
        $user = mysql_real_escape_string($user);
        $pass = mysql_real_escape_string($pass);
        $pass = sha1($pass);

        $sel1 = mysql_query("SELECT ID,name,locale,lastlogin,gender FROM user WHERE (name = '$user' OR email = '$user') AND pass = '******'");
        $chk = mysql_fetch_array($sel1);
        if ($chk["ID"] != "")
        {
            $rolesobj = new roles();
            $now = time();
            $_SESSION['userid'] = $chk['ID'];
            $_SESSION['username'] = stripslashes($chk['name']);
            $_SESSION['lastlogin'] = $now;
            $_SESSION['userlocale'] = $chk['locale'];
            $_SESSION['usergender'] = $chk['gender'];
            $_SESSION["userpermissions"] = $rolesobj->getUserRole($chk["ID"]);

            $userid = $_SESSION['userid'];
            $seid = session_id();
            $staylogged = getArrayVal($_POST, 'staylogged');

            if ($staylogged == 1)
            {
                setcookie("PHPSESSID", "$seid", time() + 14 * 24 * 3600);
            }
            $upd1 = mysql_query("UPDATE user SET lastlogin = '******' WHERE ID = $userid");
            return true;
        }
        else
        {
            return false;
        }
    }