function submitForm($elems, $doneFunc = 'AjaxFormObj.checkDone', $errFunc = 'AjaxFormObj.checkError') { global $lbl, $txt; $auth = R3AuthInstance::get(); $fieldDescr = array('app_code' => array(MISSING_FIELD => "Il campo 'applicazione' e' obbligatorio", INVALID_FIELD => "Il campo 'applicazione' contiene caratteri non validi. Solo lettere e numeri sono accettati", PK_ERROR => "Il campo 'codice' immesso esiste gia'"), 'app_name' => array(MISSING_FIELD => "Il campo 'nome' e' obbligatorio")); $elems = AjaxSplitArray($elems); $objResponse = new xajaxResponse(); $error = array(); try { $privileges = array(); if (isset($elems['selectedPrivileges'])) { foreach (explode(",", $elems['selectedPrivileges']) as $value) { $a = explode("|", $value); if (count($a) == 2) { $privileges[] = array('ac_verb' => $a[0], 'ac_name' => $a[1], 'ga_kind' => 'ALLOW'); } } } if ($elems['act'] == 'add') { /** add a new application */ $auth->addGroup(strtoupper(trim($elems['app_code'])), strtoupper(trim($elems['gr_name'])), strtoupper(trim($elems['dn_name'])), $elems['gr_descr'], $privileges); } else { if ($elems['act'] == 'mod') { /** modify an application */ $auth->modGroup(strtoupper(trim($elems['old_app_code'])), strtoupper(trim($elems['old_gr_name'])), strtoupper(trim($elems['app_code'])), strtoupper(trim($elems['gr_name'])), strtoupper(trim($elems['dn_name'])), $elems['gr_descr'], $privileges); } else { if ($elems['act'] == 'del') { /** delete an application */ $auth->delGroup($elems['app_code'], $elems['gr_name']); } else { throw new Exception('Invalid action'); } } } } catch (EPermissionDenied $e) { $error['element'][] = ''; $error['message'][] = $e->getMessage(); } catch (EDatabaseError $e) { $error['element'][] = ''; $error['message'][] = "Database error: " . $e->getMessage(); } catch (EInputError $e) { $error['element'][] = $e->getField(); if (isset($fieldDescr[$e->getField()][$e->getCode()])) { $error['message'][] = $fieldDescr[$e->getField()][$e->getCode()]; } else { $error['message'][] = $e->getMessage(); } } catch (Exception $e) { $error['element'][] = ''; $error['message'][] = 'Generic error: ' . $e->getMessage(); } // Action if (count($error) > 0) { $errText = $txt['err_store_failed'] . "\n - " . implode("\n - ", $error['message']); $objResponse->addScriptCall($errFunc, $errText, $error['element'][0]); } else { $objResponse->addScriptCall($doneFunc); } return $objResponse->getXML(); }
function submitForm($elems, $doneFunc = 'AjaxFormObj.checkDone', $errFunc = 'AjaxFormObj.checkError') { global $lbl, $txt; $auth = R3AuthInstance::get(); $fieldDescr = array('app_code' => array(MISSING_FIELD => !isset($txt['missing_fld_app']) ? _("Il campo 'applicazione' e' obbligatorio") : $txt['missing_fld_app'], INVALID_FIELD => "Il campo 'codice' contiene caratteri non validi. Solo lettere e numeri sono accettati", PK_ERROR => "Il campo 'codice' immesso esiste gia'"), 'app_name' => array(MISSING_FIELD => "Il campo 'nome' e' obbligatorio")); // print_r($elems); $elems = AjaxSplitArray($elems); //print_r($elems); $objResponse = new xajaxResponse(); $error = array(); try { if ($elems['act'] == 'add') { /** add a new acname */ foreach (explode(',', str_replace(';', ',', $elems['ac_verb'])) as $verb) { $auth->addACName($elems['app_code'], strtoupper(trim($verb)), strtoupper(trim($elems['ac_name'])), trim($elems['ac_descr']), trim($elems['ac_order']), strtoupper($elems['ac_active']) == 'T', array('ac_type' => strtoupper($elems['ac_type']))); } } else { if ($elems['act'] == 'mod') { /** modify an acname */ $auth->modACName($elems['old_app_code'], $elems['old_ac_verb'], $elems['old_ac_name'], $elems['app_code'], strtoupper(trim($elems['ac_verb'])), strtoupper(trim($elems['ac_name'])), trim($elems['ac_descr']), trim($elems['ac_order']), strtoupper($elems['ac_active']) == 'T', array('ac_type' => strtoupper($elems['ac_type']))); } else { if ($elems['act'] == 'del') { /** delete an acname */ $auth->delACName($elems['app_code'], $elems['ac_verb'], $elems['ac_name']); } else { throw new Exception('Invalid action'); } } } } catch (EPermissionDenied $e) { $error['element'][] = ''; $error['message'][] = $e->getMessage(); } catch (EDatabaseError $e) { $error['element'][] = ''; $error['message'][] = "Database error: " . $e->getMessage(); } catch (EInputError $e) { $error['element'][] = $e->getField(); if (isset($fieldDescr[$e->getField()][$e->getCode()])) { $error['message'][] = $fieldDescr[$e->getField()][$e->getCode()]; } else { $error['message'][] = $e->getMessage(); } } catch (Exception $e) { $error['element'][] = ''; $error['message'][] = 'Generic error: ' . $e->getMessage(); } // Action if (count($error) > 0) { $errText = (!isset($txt['err_store_failed']) ? _("Salvataggio fallito") . ":" : $txt['err_store_failed']) . "\n - " . implode("\n - ", $error['message']); $objResponse->addScriptCall($errFunc, $errText, $error['element'][0]); } else { $objResponse->addScriptCall($doneFunc); } return $objResponse->getXML(); }
function submitForm($elems, $doneFunc = 'AjaxFormObj.checkDone', $errFunc = 'AjaxFormObj.checkError') { global $lbl, $txt, $users_extra_fields; $auth = R3AuthInstance::get(); $fieldDescr = array('app_code' => array(MISSING_FIELD => _("Il campo 'applicazione' e' obbligatorio"), INVALID_FIELD => _("Il campo 'applicazione' contiene caratteri non validi. Solo lettere e numeri sono accettati"), PK_ERROR => _("Il campo 'codice' immesso esiste gia'")), 'app_name' => array(MISSING_FIELD => _("Il campo 'nome' e' obbligatorio"))); // print_r($elems); $elems = AjaxSplitArray($elems); // print_r($elems); $objResponse = new xajaxResponse(); /** User extra field for the common section */ $extra_fields = $auth->getConfigValue('USER_MANAGER', 'EXTRA_FIELDS', array()); if (isset($users_extra_fields)) { $extra_fields = array_merge($extra_fields, $users_extra_fields); } $error = array(); try { $errors = checkReq($extra_fields, $elems); if (!empty($errors)) { $errorMsg = implode('\\n', $errors); throw new Exception($errorMsg); } if ($auth->passwordStatus < 0 && $elems['us_password'] == '') { throw new Exception('Password must be set'); } /** Extra fields in user table */ $extras = array(); foreach ($extra_fields as $key => $val) { if (!isset($val['inistorage']) && !isset($val['kind'])) { if (isset($elems[$key])) { $extras[$key] = $elems[$key]; } } } /** password check */ if ($elems['us_password'] != '' && $elems['us_password'] != $elems['us_password2']) { throw new Exception('Invalid password'); } if ($elems['us_password'] != '') { $auth->setParam('us_password', $elems['us_password'], true); } foreach ($extras as $key => $val) { $auth->setParam($key, $val, true); } /** Extra fields in user table */ foreach ($extra_fields as $key => $val) { if (isset($val['inistorage']) && !isset($val['kind'])) { if (isset($elems[$key])) { $auth->setConfigValue($val['inistorage'][0], $val['inistorage'][1], $elems[$key]); } } } } catch (EPermissionDenied $e) { $error['element'][] = ''; $error['message'][] = $e->getMessage(); } catch (EDatabaseError $e) { $error['element'][] = ''; $error['message'][] = "Database error: " . $e->getMessage(); } catch (EInputError $e) { $error['element'][] = $e->getField(); if (isset($fieldDescr[$e->getField()][$e->getCode()])) { $error['message'][] = $fieldDescr[$e->getField()][$e->getCode()]; } else { $error['message'][] = $e->getMessage(); } } catch (Exception $e) { $error['element'][] = ''; //$error['message'][] = 'Generic error: ' . $e->getMessage(); $error['message'][] = $e->getMessage(); } // Action if (count($error) > 0) { $errText = $txt['err_store_failed'] . "\n - " . implode("\n - ", $error['message']); $objResponse->addScriptCall($errFunc, $errText, $error['element'][0]); } else { $objResponse->addScriptCall($doneFunc); } return $objResponse->getXML(); }
function submitForm($elems, $doneFunc = 'AjaxFormObj.checkDone', $errFunc = 'AjaxFormObj.checkError') { global $lbl, $txt, $dbini; $auth = R3AuthInstance::get(); if (!$auth->hasPerm('EDIT', 'CONFIG') && !$auth->hasPerm('MOD', 'CONFIG')) { die("PERMISSION DENIED [EDIT|MOD/CONFIG]\n"); } /*$fieldDescr = array('do_names'=>array(MISSING_FIELD=>"Il campo 'nome dominio' e' obbligatorio", INVALID_FIELD=>"Il campo 'nome dominio' contiene caratteri non validi. Solo lettere e numeri sono accettati", PK_ERROR=>"Il campo 'nome dominio' immesso esiste gia'"), 'do_auth_type'=>array(MISSING_FIELD=>"Il campo 'tipo autenticazione' e' obbligatorio"), INVALID_FIELD=>"Il campo 'tipo autenticazione' non è valido",); */ $elems = AjaxSplitArray($elems); if (!isset($elems['old_us_login'])) { $elems['old_us_login'] = ''; } // print_r($elems); $objResponse = new xajaxResponse(); $error = array(); try { if (($p = strpos($elems['us_login'], '|')) !== false) { $elems['us_login'] = substr($elems['us_login'], $p + 1); } if (($p = strpos($elems['old_us_login'], '|')) !== false) { $elems['old_us_login'] = substr($elems['old_us_login'], $p + 1); } if (!$auth->hasPerm('SHOW', 'ALL_DOMAINS')) { $elems['dn_name'] = $auth->domain; } if (!$auth->hasPerm('SHOW', 'ALL_APPLICATIONS')) { $elems['app_code'] = $auth->application; } if (!$auth->hasPerm('SHOW', 'ALL_USERS')) { $elems['us_login'] = $auth->login; } if ($elems['act'] == 'del') { $dbini->removeAttribute($elems['dn_name'], $elems['app_code'], $elems['us_login'], $elems['se_section'], $elems['se_param']); } else { $se_section = strtoupper(trim($elems['se_section'])); $se_param = strtoupper(trim($elems['se_param'])); if ($elems['se_type'] == 'STRING') { $se_type_ext = $elems['se_type_ext_STRING']; } else { if ($elems['se_type'] == 'ENUM') { $se_type_ext = $elems['se_type_ext_ENUM']; } else { $se_type_ext = ''; } } if ($elems['se_type'] == 'ARRAY') { $se_value = trim($elems['se_value_TEXT']); @eval('$my_array = array(' . $se_value . ');'); if (!isset($my_array)) { throw new Exception('Invalid value'); } $se_value = serialize($my_array); // echo $se_value; } else { if ($elems['se_type'] == 'JSON') { if (trim($elems['se_value_TEXT']) == '') { $se_value = null; } else { $se_value = $elems['se_value_TEXT']; $jsonData = @json_decode($se_value, true); if ($jsonData === null) { throw new Exception('JSon error: ' . json_last_error_msg()); } } } else { if ($elems['se_type'] == 'TEXT') { $se_value = $elems['se_value_TEXT']; } else { $se_value = $elems['se_value_normal']; } } } $dbini->replaceAttribute($elems['old_dn_name'], $elems['old_app_code'], $elems['old_us_login'], $elems['old_se_section'], $elems['old_se_param'], $elems['dn_name'], $elems['app_code'], $elems['us_login'], $se_section, $se_param, $se_value, $elems['se_type'], $se_type_ext, $elems['se_private'], $elems['se_order'], $elems['se_descr']); } } catch (EPermissionDenied $e) { $error['element'][] = ''; $error['message'][] = $e->getMessage(); } catch (EDatabaseError $e) { $error['element'][] = ''; $error['message'][] = "Database error: " . $e->getMessage(); } catch (Exception $e) { $error['element'][] = ''; $error['message'][] = 'Generic error: ' . $e->getMessage(); } // Action if (count($error) > 0) { $errText = $txt['err_store_failed'] . "\n - " . implode("\n - ", $error['message']); $objResponse->addScriptCall($errFunc, $errText, $error['element'][0]); } else { $objResponse->addScriptCall($doneFunc); } return $objResponse->getXML(); }
function submitForm($elems, $doneFunc = 'AjaxFormObj.checkDone', $errFunc = 'AjaxFormObj.checkError') { global $lbl, $txt; $auth = R3AuthInstance::get(); $fieldDescr = array('do_names' => array(MISSING_FIELD => "Il campo 'nome dominio' e' obbligatorio", INVALID_FIELD => "Il campo 'nome dominio' contiene caratteri non validi. Solo lettere e numeri sono accettati", PK_ERROR => "Il campo 'nome dominio' immesso esiste gia'"), 'do_auth_type' => array(MISSING_FIELD => "Il campo 'tipo autenticazione' e' obbligatorio"), INVALID_FIELD => "Il campo 'tipo autenticazione' non è valido"); $elems = AjaxSplitArray($elems); $objResponse = new xajaxResponse(); $error = array(); try { if (isset($elems['do_name'])) { $do_names = array(strtoupper($elems['do_name'])); } if (isset($elems['do_alias'])) { foreach (explode("\n", $elems['do_alias']) as $value) { $s = trim(strtoupper(str_replace("\r", '', $value))); if ($s != '') { $do_names[] = $s; } } } if (isset($elems['selectedApplications'])) { foreach (explode(",", $elems['selectedApplications']) as $value) { $applications[] = strtoupper($value); } } if ($elems['act'] == 'add') { /** add a new somain */ $auth->addDomain($do_names, $elems['do_auth_type'], $elems['do_auth_data'], $applications); } else { if ($elems['act'] == 'mod') { /** modify a domain */ $auth->modDomain($elems['old_do_name'], $do_names, $elems['do_auth_type'], $elems['do_auth_data'], $applications); } else { if ($elems['act'] == 'del') { /** delete an application */ $auth->delDomain($elems['name']); } else { throw new Exception('Invalid action'); } } } } catch (EPermissionDenied $e) { $error['element'][] = ''; $error['message'][] = $e->getMessage(); } catch (EDatabaseError $e) { $error['element'][] = ''; $error['message'][] = "Database error: " . $e->getMessage(); } catch (EInputError $e) { $error['element'][] = $e->getField(); if (isset($fieldDescr[$e->getField()][$e->getCode()])) { $error['message'][] = $fieldDescr[$e->getField()][$e->getCode()]; } else { $error['message'][] = $e->getMessage(); } } catch (Exception $e) { $error['element'][] = ''; $error['message'][] = 'Generic error: ' . $e->getMessage(); } // Action if (count($error) > 0) { $errText = $txt['err_store_failed'] . "\n - " . implode("\n - ", $error['message']); $objResponse->addScriptCall($errFunc, $errText, $error['element'][0]); } else { $objResponse->addScriptCall($doneFunc); } return $objResponse->getXML(); }
function submitForm($elems, $doneFunc = 'AjaxFormObj.checkDone', $errFunc = 'AjaxFormObj.checkError') { global $lbl, $txt, $users_extra_fields, $mdb2; $auth = R3AuthInstance::get(); $fieldDescr = array('dn_name' => array(MISSING_FIELD => _("Il campo 'Dominio' è obbligatorio."), INVALID_FIELD => _("Il campo 'Dominio' non è valido.")), 'app_code' => array(MISSING_FIELD => _("Il campo 'Applicazione' è obbligatorio."), INVALID_FIELD => _("Il campo 'Applicazione' contiene caratteri non validi. Prego inserire solo lettere e numeri."), PK_ERROR => _("Il campo 'Applicazione' immesso è già presente in banca dati.")), 'us_login' => array(IN_USE => _("Impossibile cancellare questo utente perchè in uso."), MISSING_FIELD => _("Il campo 'Login' è obbligatorio."), INVALID_FIELD => _("Il campo 'Login' non è valido.")), 'us_name' => array(MISSING_FIELD => _("Il campo 'Nome' è obbligatorio."))); // print_r($elems); $elems = AjaxSplitArray($elems); if (!isset($elems['us_ip'])) { $elems['us_ip'] = null; } if (!isset($elems['us_start_date'])) { $elems['us_start_date'] = null; } if (!isset($elems['us_expire_date'])) { $elems['us_expire_date'] = null; } // print_r($elems); $objResponse = new xajaxResponse(); /** User extra field for the common section */ $extra_fields = $auth->getConfigValue('USER_MANAGER', 'EXTRA_FIELDS', array()); if (isset($users_extra_fields)) { $extra_fields = array_merge($extra_fields, $users_extra_fields); } $error = array(); try { if ($elems['act'] != 'del') { $errors = checkReq($extra_fields, $elems); if (!empty($errors)) { $errorMsg = implode('\\n', $errors); throw new Exception($errorMsg); } } /** extract the selected groups and permissions */ $dn_name = strtoupper(trim($elems['dn_name'])); $a = $auth->getDomainData($dn_name, true); $appList = $a['applications']; $groups = array(); $perms = array(); //$perms_n = array(); if (is_array($appList)) { foreach ($appList as $appKey => $appVal) { if (isset($elems['selectedGroups_' . $appKey])) { $elemValues = $elems['selectedGroups_' . $appKey]; foreach (explode(",", $elemValues) as $value) { if ($value != '') { $groups[] = array('app_code' => $appKey, 'gr_name' => $value); } } } if (isset($elems['selectedPerms_' . $appKey])) { $elemValues = $elems['selectedPerms_' . $appKey]; foreach (explode(",", $elemValues) as $value) { if ($value != '') { $a = explode('|', $value); $perms[] = array('app_code' => $appKey, 'ac_verb' => $a[0], 'ac_name' => $a[1], 'ua_kind' => 'ON'); } } } if (isset($elems['selectedPerms_n_' . $appKey])) { $elemValues = $elems['selectedPerms_n_' . $appKey]; foreach (explode(",", $elemValues) as $value) { if ($value != '') { $a = explode('|', $value); $perms[] = array('app_code' => $appKey, 'ac_verb' => $a[0], 'ac_name' => $a[1], 'ua_kind' => 'OFF'); } } } } } /** Extra fields in user table */ $extras = array(); foreach ($extra_fields as $key => $val) { if (!isset($val['inistorage']) && isset($elems[$key])) { if (isset($val['storagetable'])) { $extras[$key] = array('table' => $val['storagetable'], 'data' => $elems[$key]); } else { $extras[$key] = $elems[$key]; } } } global $dbini; if ($elems['act'] == 'add') { /** add a new application */ if ($elems['us_password'] != $elems['us_password2']) { throw new Exception('Invalid password'); } $data = array('us_name' => $elems['us_name'], 'us_password' => $elems['us_password'], 'us_status' => $elems['us_status'], 'groups' => $groups, 'perms' => $perms, 'ip' => $auth->strToIPArray($elems['us_ip']), 'us_start_date' => dateToISO($elems['us_start_date']), 'us_expire_date' => dateToISO($elems['us_expire_date']), 'us_pw_expire' => $elems['us_pw_expire'], 'us_pw_expire_alert' => $elems['us_pw_expire_alert'], 'as_code' => isset($elems['as_code']) ? $elems['as_code'] : null, 'forceChangePassword' => isset($elems['us_force_password_change']) && $elems['us_force_password_change'] == 'T'); $auth->addUserFromArray($dn_name, trim($elems['us_login']), $data, $extras, true); } else { if ($elems['act'] == 'mod') { /** modify an application */ if ($elems['us_password'] != '' && $elems['us_password'] != $elems['us_password2']) { throw new Exception('Invalid password'); } $data = array('us_name' => $elems['us_name'], 'us_password' => $elems['us_password'], 'us_status' => $elems['us_status'], 'groups' => $groups, 'perms' => $perms, 'ip' => $auth->strToIPArray($elems['us_ip']), 'us_start_date' => dateToISO($elems['us_start_date']), 'us_expire_date' => dateToISO($elems['us_expire_date']), 'us_pw_expire' => $elems['us_pw_expire'], 'us_pw_expire_alert' => $elems['us_pw_expire_alert'], 'as_code' => isset($elems['as_code']) ? $elems['as_code'] : null, 'forceChangePassword' => isset($elems['us_force_password_change']) && $elems['us_force_password_change'] == 'T'); $auth->modUserFromArray($elems['old_dn_name'], $elems['old_us_login'], $dn_name, trim($elems['us_login']), $data, $extras, true); } else { if ($elems['act'] == 'del') { /** delete an application */ // Check constraint $a = $auth->getConfigValue('USER_MANAGER', 'USER_CONSTRAINTS', array()); if (is_array($a)) { $userData = $auth->getUserData($elems['dn_name'], null, $elems['us_login']); if ($userData !== null) { foreach ($a as $val) { if (isset($val['sql'])) { $sql = $val['sql']; $sql = str_replace('<UID>', $userData['us_id'], $sql); $res =& $mdb2->query($sql); if (PEAR::isError($res)) { throw new EDatabaseError($res->getMessage() . $sql); } if ($row = $res->fetchRow()) { if ($row[0] > 0) { if (isset($val['error_message'])) { $s = $val['error_message']; } else { $s = $val['Constraint error']; } if (isset($txt[$s])) { $s = $txt[$s]; } throw new EConstraintError($s); } } } } } } $auth->delUser($elems['dn_name'], $elems['us_login'], false, true); } else { throw new Exception('Invalid action'); } } } /** Extra fields in user table */ foreach ($extra_fields as $key => $val) { if (isset($val['inistorage'])) { if (isset($elems[$key])) { // Creo il parametro per ogni applicazione //SS: TODO: Salvare solo un valore nella banca dati $domainData = $auth->getDomainData($dn_name, true); foreach ($domainData['applications'] as $appKey => $appVal) { $auth->setConfigValueFor($dn_name, $appKey, trim($elems['us_login']), $val['inistorage'][0], $val['inistorage'][1], $elems[$key]); } } } } } catch (EPermissionDenied $e) { $error['element'][] = ''; $error['message'][] = _('Permesso negato'); //$e->getMessage(); } catch (EDatabaseError $e) { //SS: E' sempre la login? if (strpos($e->getMessage(), 'constraint violation') !== false) { $error['element'][] = 'us_login'; if ($elems['act'] == 'del') { $error['message'][] = _("Impossibile cancellare l'utente perchè vi sono dei dati ad esso legati"); } else { $error['message'][] = "Database error: " . $e->getMessage(); } } else { $error['element'][] = ''; $error['message'][] = "Database error: " . $e->getMessage(); } } catch (EConstraintError $e) { $error['element'][] = ''; $error['message'][] = $e->getMessage(); } catch (EInputError $e) { $error['element'][] = $e->getField(); if (isset($fieldDescr[$e->getField()][$e->getCode()])) { $error['message'][] = $fieldDescr[$e->getField()][$e->getCode()]; } else { $error['message'][] = $e->getMessage(); } } catch (Exception $e) { $error['element'][] = ''; $error['message'][] = 'Generic error: ' . $e->getMessage(); } // Action if (count($error) > 0) { $errText = _('Attenzione!') . "\n - " . implode("\n - ", $error['message']); $objResponse->addScriptCall($errFunc, $errText, $error['element'][0]); } else { $objResponse->addScriptCall($doneFunc); } return $objResponse->getXML(); }