function ValidPost()
{
if (!$this->CheckToken || !ew_IsHttpPost()) {
return TRUE;
}
if (!isset($_POST[EW_TOKEN_NAME])) {
return FALSE;
}
$fn = $this->CheckTokenFn;
if (is_callable($fn)) {
return $fn($_POST[EW_TOKEN_NAME], $this->TokenTimeout);
}
return FALSE;
}
function Page_Main()
{
global $conn, $Language, $gsFormError;
global $Breadcrumb;
$Breadcrumb = new cBreadcrumb();
$Breadcrumb->Add("forgotpwd", "<span id=\"ewPageCaption\">" . $Language->Phrase("RequestPwdPage") . "</span>", ew_CurrentUrl());
$bPostBack = ew_IsHttpPost();
$bValidEmail = FALSE;
if ($bPostBack) {
// Setup variables
$this->Email = $_POST["email"];
$bValidEmail = $this->ValidateForm($this->Email);
if ($bValidEmail) {
$this->Action = "activate";
$this->ActivateCode = ew_Encrypt($this->Email);
} else {
$this->setFailureMessage($gsFormError);
}
// Handle email activation
} elseif (@$_GET["action"] != "") {
$this->Action = $_GET["action"];
$this->Email = @$_GET["email"];
$this->ActivateCode = @$_GET["code"];
if ($this->Email != ew_Decrypt($this->ActivateCode) || strtolower($this->Action) != "confirm") {
// Email activation
if ($this->getFailureMessage() == "") {
$this->setFailureMessage($Language->Phrase("ActivateFailed"));
}
// Set activate failed message
$this->Page_Terminate("login.php");
// Go to login page
}
}
if ($this->Action != "") {
$bEmailSent = FALSE;
// Set up filter (SQL WHERE clause) and get Return SQL
// SQL constructor in usuario class, usuarioinfo.php
$sFilter = str_replace("%e", ew_AdjustSql($this->Email), EW_USER_EMAIL_FILTER);
$this->CurrentFilter = $sFilter;
$sSql = $this->SQL();
if ($RsUser = $conn->Execute($sSql)) {
if (!$RsUser->EOF) {
$rsold = $RsUser->fields;
$bValidEmail = TRUE;
// Call User Recover Password event
$bValidEmail = $this->User_RecoverPassword($rsold);
if ($bValidEmail) {
$sUserName = $rsold['usuario'];
$sPassword = $rsold['contrasenia'];
if (EW_ENCRYPTED_PASSWORD) {
if (strtolower($this->Action) == "confirm") {
$sPassword = substr($sPassword, 0, 16);
// Use first 16 characters only
$rsnew = array('contrasenia' => $sPassword);
// Reset the password
$this->Update($rsnew);
}
} else {
$this->Action = "confirm";
// Send password directly if not MD5
}
}
} else {
$bValidEmail = FALSE;
$this->setFailureMessage($Language->Phrase("InvalidEmail"));
}
if ($bValidEmail) {
$Email = new cEmail();
if (strtolower($this->Action) == "confirm") {
$Email->Load("phptxt/forgotpwd.txt");
$Email->ReplaceContent('<!--$Password-->', $sPassword);
} else {
$Email->Load("phptxt/resetpwd.txt");
$sActivateLink = ew_FullUrl() . "?action=confirm";
$sActivateLink .= "&email=" . $this->Email;
$sActivateLink .= "&code=" . $this->ActivateCode;
$Email->ReplaceContent('<!--$ActivateLink-->', $sActivateLink);
}
$Email->ReplaceSender(EW_SENDER_EMAIL);
// Replace Sender
$Email->ReplaceRecipient($this->Email);
// Replace Recipient
$Email->ReplaceContent('<!--$UserName-->', $sUserName);
$Email->Charset = EW_EMAIL_CHARSET;
$Args = array();
if (EW_ENCRYPTED_PASSWORD && strtolower($this->Action) == "confirm") {
$Args["rs"] =& $rsnew;
}
if ($this->Email_Sending($Email, $Args)) {
$bEmailSent = $Email->Send();
}
}
$RsUser->Close();
}
if ($bEmailSent) {
if ($this->getSuccessMessage() == "") {
if (strtolower($this->Action) == "confirm") {
$this->setSuccessMessage($Language->Phrase("PwdEmailSent"));
} else {
$this->setSuccessMessage($Language->Phrase("ResetPwdEmailSent"));
}
}
// Set up success message
$this->Page_Terminate("login.php");
// Return to login page
} elseif ($bValidEmail) {
$this->setFailureMessage($Language->Phrase("FailedToSendMail"));
// Set up error message
}
}
}
function Page_Init()
{
global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm;
global $order;
// Security
$Security = new cAdvancedSecurity();
if (!$Security->IsLoggedIn()) {
$Security->AutoLogin();
}
if (!$Security->IsLoggedIn()) {
$Security->SaveLastUrl();
$this->Page_Terminate("login.php");
}
// Get export parameters
if (@$_GET["export"] != "") {
$order->Export = $_GET["export"];
} elseif (ew_IsHttpPost()) {
if (@$_POST["exporttype"] != "") {
$order->Export = $_POST["exporttype"];
}
} else {
$order->setExportReturnUrl(ew_CurrentUrl());
}
$gsExport = $order->Export;
// Get export parameter, used in header
$gsExportFile = $order->TableVar;
// Get export file, used in header
// Global Page Loading event (in userfn*.php)
Page_Loading();
// Page Load event
$this->Page_Load();
}
function Page_Init()
{
global $gsExport, $gsCustomExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm;
// Security
$Security = new cAdvancedSecurity();
if (!$Security->IsLoggedIn()) {
$Security->AutoLogin();
}
if (!$Security->IsLoggedIn()) {
$Security->SaveLastUrl();
$this->Page_Terminate(ew_GetUrl("cciag_login.php"));
}
$Security->TablePermission_Loading();
$Security->LoadCurrentUserLevel($this->ProjectID . $this->TableName);
$Security->TablePermission_Loaded();
$Security->UserID_Loading();
if ($Security->IsLoggedIn()) {
$Security->LoadUserID();
}
$Security->UserID_Loaded();
if ($Security->IsLoggedIn() && strval($Security->CurrentUserID()) == "") {
$this->setFailureMessage($Language->Phrase("NoPermission"));
// Set no permission
$this->Page_Terminate(ew_GetUrl("cciag_deudaslist.php"));
}
// Get export parameters
$custom = "";
if (@$_GET["export"] != "") {
$this->Export = $_GET["export"];
$custom = @$_GET["custom"];
} elseif (@$_POST["export"] != "") {
$this->Export = $_POST["export"];
$custom = @$_POST["custom"];
} elseif (ew_IsHttpPost()) {
if (@$_POST["exporttype"] != "") {
$this->Export = $_POST["exporttype"];
}
$custom = @$_POST["custom"];
} else {
$this->setExportReturnUrl(ew_CurrentUrl());
}
$gsExportFile = $this->TableVar;
// Get export file, used in header
if (@$_GET["id"] != "") {
if ($gsExportFile != "") {
$gsExportFile .= "_";
}
$gsExportFile .= ew_StripSlashes($_GET["id"]);
}
// Get custom export parameters
if ($this->Export != "" && $custom != "") {
$this->CustomExport = $this->Export;
$this->Export = "print";
}
$gsCustomExport = $this->CustomExport;
$gsExport = $this->Export;
// Get export parameter, used in header
// Update Export URLs
if (defined("EW_USE_PHPEXCEL")) {
$this->ExportExcelCustom = FALSE;
}
if ($this->ExportExcelCustom) {
$this->ExportExcelUrl .= "&custom=1";
}
if (defined("EW_USE_PHPWORD")) {
$this->ExportWordCustom = FALSE;
}
if ($this->ExportWordCustom) {
$this->ExportWordUrl .= "&custom=1";
}
if ($this->ExportPdfCustom) {
$this->ExportPdfUrl .= "&custom=1";
}
$this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"];
// Set up current action
// Setup export options
$this->SetupExportOptions();
$this->id->Visible = !$this->IsAdd() && !$this->IsCopy() && !$this->IsGridAdd();
// Global Page Loading event (in userfn*.php)
Page_Loading();
// Page Load event
$this->Page_Load();
// Check token
if (!$this->ValidPost()) {
echo $Language->Phrase("InvalidPostRequest");
$this->Page_Terminate();
exit;
}
// Process auto fill
if (@$_POST["ajax"] == "autofill") {
// Process auto fill for detail table 'detalle_deudas'
if (@$_POST["grid"] == "fdetalle_deudasgrid") {
if (!isset($GLOBALS["detalle_deudas_grid"])) {
$GLOBALS["detalle_deudas_grid"] = new cdetalle_deudas_grid();
}
$GLOBALS["detalle_deudas_grid"]->Page_Init();
$this->Page_Terminate();
exit;
}
// Process auto fill for detail table 'pagos'
if (@$_POST["grid"] == "fpagosgrid") {
if (!isset($GLOBALS["pagos_grid"])) {
$GLOBALS["pagos_grid"] = new cpagos_grid();
}
$GLOBALS["pagos_grid"]->Page_Init();
$this->Page_Terminate();
exit;
}
$results = $this->GetAutoFill(@$_POST["name"], @$_POST["q"]);
if ($results) {
// Clean output buffer
if (!EW_DEBUG_ENABLED && ob_get_length()) {
ob_end_clean();
}
echo $results;
$this->Page_Terminate();
exit;
}
}
// Create Token
$this->CreateToken();
}
function Page_Init()
{
global $gsExport, $gsCustomExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm;
// Security
$Security = new cAdvancedSecurity();
if (!$Security->IsLoggedIn()) {
$Security->AutoLogin();
}
if (!$Security->IsLoggedIn()) {
$Security->SaveLastUrl();
$this->Page_Terminate(ew_GetUrl("login.php"));
}
$Security->TablePermission_Loading();
$Security->LoadCurrentUserLevel($this->ProjectID . $this->TableName);
$Security->TablePermission_Loaded();
$Security->UserID_Loading();
if ($Security->IsLoggedIn()) {
$Security->LoadUserID();
}
$Security->UserID_Loaded();
// Get export parameters
$custom = "";
if (@$_GET["export"] != "") {
$this->Export = $_GET["export"];
$custom = @$_GET["custom"];
} elseif (@$_POST["export"] != "") {
$this->Export = $_POST["export"];
$custom = @$_POST["custom"];
} elseif (ew_IsHttpPost()) {
if (@$_POST["exporttype"] != "") {
$this->Export = $_POST["exporttype"];
}
$custom = @$_POST["custom"];
} else {
$this->setExportReturnUrl(ew_CurrentUrl());
}
$gsExportFile = $this->TableVar;
// Get export file, used in header
// Get custom export parameters
if ($this->Export != "" && $custom != "") {
$this->CustomExport = $this->Export;
$this->Export = "print";
}
$gsCustomExport = $this->CustomExport;
$gsExport = $this->Export;
// Get export parameter, used in header
// Update Export URLs
if (defined("EW_USE_PHPEXCEL")) {
$this->ExportExcelCustom = FALSE;
}
if ($this->ExportExcelCustom) {
$this->ExportExcelUrl .= "&custom=1";
}
if (defined("EW_USE_PHPWORD")) {
$this->ExportWordCustom = FALSE;
}
if ($this->ExportWordCustom) {
$this->ExportWordUrl .= "&custom=1";
}
if ($this->ExportPdfCustom) {
$this->ExportPdfUrl .= "&custom=1";
}
$this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"];
// Set up current action
// Get grid add count
$gridaddcnt = @$_GET[EW_TABLE_GRID_ADD_ROW_COUNT];
if (is_numeric($gridaddcnt) && $gridaddcnt > 0) {
$this->GridAddRowCount = $gridaddcnt;
}
// Set up list options
$this->SetupListOptions();
// Setup export options
$this->SetupExportOptions();
$this->codigo->Visible = !$this->IsAdd() && !$this->IsCopy() && !$this->IsGridAdd();
// Global Page Loading event (in userfn*.php)
Page_Loading();
// Page Load event
$this->Page_Load();
// Check token
if (!$this->ValidPost()) {
echo $Language->Phrase("InvalidPostRequest");
$this->Page_Terminate();
exit;
}
// Process auto fill
if (@$_POST["ajax"] == "autofill") {
$results = $this->GetAutoFill(@$_POST["name"], @$_POST["q"]);
if ($results) {
// Clean output buffer
if (!EW_DEBUG_ENABLED && ob_get_length()) {
ob_end_clean();
}
echo $results;
$this->Page_Terminate();
exit;
}
}
// Create Token
$this->CreateToken();
// Setup other options
$this->SetupOtherOptions();
// Set "checkbox" visible
if (count($this->CustomActions) > 0) {
$this->ListOptions->Items["checkbox"]->Visible = TRUE;
}
}
function Page_Main()
{
global $conn, $Language, $Security, $gsFormError;
global $Breadcrumb;
$Breadcrumb = new cBreadcrumb();
$Breadcrumb->Add("changepwd", "ChangePwdPage", ew_CurrentUrl(), "", "", TRUE);
$bPostBack = ew_IsHttpPost();
$bValidate = TRUE;
if ($bPostBack) {
$this->OldPassword = ew_StripSlashes(@$_POST["opwd"]);
$this->NewPassword = ew_StripSlashes(@$_POST["npwd"]);
$this->ConfirmedPassword = ew_StripSlashes(@$_POST["cpwd"]);
$bValidate = $this->ValidateForm($this->OldPassword, $this->NewPassword, $this->ConfirmedPassword);
if (!$bValidate) {
$this->setFailureMessage($gsFormError);
}
}
$bPwdUpdated = FALSE;
if ($bPostBack && $bValidate) {
// Setup variables
$sUsername = $Security->CurrentUserName();
$sFilter = str_replace("%u", ew_AdjustSql($sUsername), EW_USER_NAME_FILTER);
// Set up filter (Sql Where Clause) and get Return SQL
// SQL constructor in usuarios class, usuariosinfo.php
$this->CurrentFilter = $sFilter;
$sSql = $this->SQL();
if ($rs = $conn->Execute($sSql)) {
if (!$rs->EOF) {
$rsold = $rs->fields;
if (ew_ComparePassword($rsold['contrasenia'], $this->OldPassword)) {
$bValidPwd = TRUE;
$bValidPwd = $this->User_ChangePassword($rsold, $sUsername, $this->OldPassword, $this->NewPassword);
if ($bValidPwd) {
$rsnew = array('contrasenia' => $this->NewPassword);
// Change Password
$sEmail = $rsold['email'];
$rs->Close();
$conn->raiseErrorFn = $GLOBALS["EW_ERROR_FN"];
$bValidPwd = $this->Update($rsnew);
$conn->raiseErrorFn = '';
if ($bValidPwd) {
$bPwdUpdated = TRUE;
}
} else {
$this->setFailureMessage($Language->Phrase("InvalidNewPassword"));
$rs->Close();
}
} else {
$this->setFailureMessage($Language->Phrase("InvalidPassword"));
}
} else {
$rs->Close();
}
}
}
if ($bPwdUpdated) {
if (@$sEmail != "") {
// Load Email Content
$Email = new cEmail();
$Email->Load("phptxt/changepwd.txt");
$Email->ReplaceSender(EW_SENDER_EMAIL);
// Replace Sender
$Email->ReplaceRecipient($sEmail);
// Replace Recipient
$Email->ReplaceContent('<!--$Password-->', $this->NewPassword);
$Email->Charset = EW_EMAIL_CHARSET;
$Args = array();
$Args["rs"] =& $rsnew;
$bEmailSent = FALSE;
if ($this->Email_Sending($Email, $Args)) {
$bEmailSent = $Email->Send();
}
// Send email failed
if (!$bEmailSent) {
$this->setFailureMessage($Email->SendErrDescription);
}
}
if ($this->getSuccessMessage() == "") {
$this->setSuccessMessage($Language->Phrase("PasswordChanged"));
}
// Set up success message
$this->Page_Terminate("index.php");
// Exit page and clean up
}
}
function Page_Main()
{
global $UserTableConn, $Language, $Security, $gsFormError;
global $Breadcrumb;
$Breadcrumb = new cBreadcrumb();
$Breadcrumb->Add("changepwd", "ChangePwdPage", ew_CurrentUrl(), "", "", TRUE);
$bPostBack = ew_IsHttpPost();
$bValidate = TRUE;
if ($bPostBack) {
$this->OldPassword = ew_StripSlashes(@$_POST["opwd"]);
$this->NewPassword = ew_StripSlashes(@$_POST["npwd"]);
$this->ConfirmedPassword = ew_StripSlashes(@$_POST["cpwd"]);
$bValidate = $this->ValidateForm($this->OldPassword, $this->NewPassword, $this->ConfirmedPassword);
if (!$bValidate) {
$this->setFailureMessage($gsFormError);
}
}
$bPwdUpdated = FALSE;
if ($bPostBack && $bValidate) {
// Setup variables
$sUsername = $Security->CurrentUserName();
if (IsPasswordReset()) {
$sUsername = $_SESSION[EW_SESSION_USER_PROFILE_USER_NAME];
}
$sFilter = str_replace("%u", ew_AdjustSql($sUsername, EW_USER_TABLE_DBID), EW_USER_NAME_FILTER);
// Set up filter (Sql Where Clause) and get Return SQL
// SQL constructor in user class, userinfo.php
$this->CurrentFilter = $sFilter;
$sSql = $this->SQL();
if ($rs = $UserTableConn->Execute($sSql)) {
if (!$rs->EOF) {
$rsold = $rs->fields;
if (IsPasswordReset() || ew_ComparePassword($rsold['PASS'], $this->OldPassword)) {
$bValidPwd = TRUE;
if (!IsPasswordReset()) {
$bValidPwd = $this->User_ChangePassword($rsold, $sUsername, $this->OldPassword, $this->NewPassword);
}
if ($bValidPwd) {
$rsnew = array('PASS' => $this->NewPassword);
// Change Password
$rs->Close();
$UserTableConn->raiseErrorFn = $GLOBALS["EW_ERROR_FN"];
$bValidPwd = $this->Update($rsnew);
$UserTableConn->raiseErrorFn = '';
if ($bValidPwd) {
$bPwdUpdated = TRUE;
}
} else {
$this->setFailureMessage($Language->Phrase("InvalidNewPassword"));
$rs->Close();
}
} else {
$this->setFailureMessage($Language->Phrase("InvalidPassword"));
}
} else {
$rs->Close();
}
}
}
if ($bPwdUpdated) {
if ($this->getSuccessMessage() == "") {
$this->setSuccessMessage($Language->Phrase("PasswordChanged"));
}
// Set up success message
if (IsPasswordReset()) {
$_SESSION[EW_SESSION_STATUS] = "";
$_SESSION[EW_SESSION_USER_PROFILE_USER_NAME] = "";
}
$this->Page_Terminate("index.php");
// Exit page and clean up
}
}
function GetRecordKeys()
{
global $EW_COMPOSITE_KEY_SEPARATOR;
$arKeys = array();
$arKey = array();
if (isset($_POST["key_m"])) {
$arKeys = ew_StripSlashes($_POST["key_m"]);
$cnt = count($arKeys);
} elseif (isset($_GET["key_m"])) {
$arKeys = ew_StripSlashes($_GET["key_m"]);
$cnt = count($arKeys);
} elseif (!empty($_GET) || !empty($_POST)) {
$isPost = ew_IsHttpPost();
if ($isPost && isset($_POST["CARD_TYPE_ID"])) {
$arKeys[] = ew_StripSlashes($_POST["CARD_TYPE_ID"]);
} elseif (isset($_GET["CARD_TYPE_ID"])) {
$arKeys[] = ew_StripSlashes($_GET["CARD_TYPE_ID"]);
} else {
$arKeys = NULL;
}
// Do not setup
//return $arKeys; // Do not return yet, so the values will also be checked by the following code
}
// Check keys
$ar = array();
if (is_array($arKeys)) {
foreach ($arKeys as $key) {
if (!is_numeric($key)) {
continue;
}
$ar[] = $key;
}
}
return $ar;
}
function Page_Init()
{
global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm;
global $t_promotions_vins;
// Get export parameters
if (@$_GET["export"] != "") {
$t_promotions_vins->Export = $_GET["export"];
} elseif (ew_IsHttpPost()) {
if (@$_POST["exporttype"] != "") {
$t_promotions_vins->Export = $_POST["exporttype"];
}
} else {
$t_promotions_vins->setExportReturnUrl(ew_CurrentUrl());
}
$gsExport = $t_promotions_vins->Export;
// Get export parameter, used in header
$gsExportFile = $t_promotions_vins->TableVar;
// Get export file, used in header
$Charset = EW_CHARSET != "" ? ";charset=" . EW_CHARSET : "";
// Charset used in header
// Get grid add count
$gridaddcnt = @$_GET[EW_TABLE_GRID_ADD_ROW_COUNT];
if (is_numeric($gridaddcnt) && $gridaddcnt > 0) {
$t_promotions_vins->GridAddRowCount = $gridaddcnt;
}
// Set up list options
$this->SetupListOptions();
// Setup export options
$this->SetupExportOptions();
// Global Page Loading event (in userfn*.php)
Page_Loading();
// Page Load event
$this->Page_Load();
}
function Page_Init()
{
global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm;
global $tbl_facebook_stat;
// Security
$Security = new cAdvancedSecurity();
if (!$Security->IsLoggedIn()) {
$Security->AutoLogin();
}
if (!$Security->IsLoggedIn()) {
$Security->SaveLastUrl();
$this->Page_Terminate("login.php");
}
$Security->TablePermission_Loading();
$Security->LoadCurrentUserLevel($this->TableName);
$Security->TablePermission_Loaded();
if (!$Security->IsLoggedIn()) {
$Security->SaveLastUrl();
$this->Page_Terminate("login.php");
}
if (!$Security->CanList()) {
$Security->SaveLastUrl();
$this->Page_Terminate("login.php");
}
// Create form object
$objForm = new cFormObj();
// Get export parameters
if (@$_GET["export"] != "") {
$tbl_facebook_stat->Export = $_GET["export"];
} elseif (ew_IsHttpPost()) {
if (@$_POST["exporttype"] != "") {
$tbl_facebook_stat->Export = $_POST["exporttype"];
}
} else {
$tbl_facebook_stat->setExportReturnUrl(ew_CurrentUrl());
}
$gsExport = $tbl_facebook_stat->Export;
// Get export parameter, used in header
$gsExportFile = $tbl_facebook_stat->TableVar;
// Get export file, used in header
// Global Page Loading event (in userfn*.php)
Page_Loading();
// Page Load event
$this->Page_Load();
}
function Page_Main()
{
global $UserTableConn, $Language, $gsFormError;
global $Breadcrumb;
$Breadcrumb = new cBreadcrumb();
$Breadcrumb->Add("forgotpwd", "RequestPwdPage", ew_CurrentUrl(), "", "", TRUE);
$bPostBack = ew_IsHttpPost();
$bValidEmail = FALSE;
if ($bPostBack) {
// Setup variables
$this->Email = $_POST["email"];
$bValidEmail = $this->ValidateForm($this->Email);
if ($bValidEmail) {
if (EW_ENCRYPTED_PASSWORD) {
$this->Action = "reset";
} else {
$this->Action = "confirm";
}
// Send password directly if not MD5
$this->ActivateCode = ew_Encrypt($this->Email);
} else {
$this->setFailureMessage($gsFormError);
}
// Handle email activation
} elseif (@$_GET["action"] != "") {
$this->Action = $_GET["action"];
$this->Email = @$_GET["email"];
$this->ActivateCode = @$_GET["code"];
if ($this->Email != ew_Decrypt($this->ActivateCode) || strtolower($this->Action) != "confirm" && strtolower($this->Action) != "reset") {
// Email activation
if ($this->getFailureMessage() == "") {
$this->setFailureMessage($Language->Phrase("ActivateFailed"));
}
// Set activate failed message
$this->Page_Terminate("login.php");
// Go to login page
}
if (strtolower($this->Action) == "reset") {
$this->Action = "resetpassword";
}
}
if ($this->Action != "") {
$bEmailSent = FALSE;
// Set up filter (SQL WHERE clause) and get Return SQL
// SQL constructor in user class, userinfo.php
$sFilter = str_replace("%e", ew_AdjustSql($this->Email, EW_USER_TABLE_DBID), EW_USER_EMAIL_FILTER);
$this->CurrentFilter = $sFilter;
$sSql = $this->SQL();
if ($RsUser = $UserTableConn->Execute($sSql)) {
if (!$RsUser->EOF) {
$rsold = $RsUser->fields;
$bValidEmail = TRUE;
// Call User Recover Password event
$bValidEmail = $this->User_RecoverPassword($rsold);
if ($bValidEmail) {
$sUserName = $rsold['CODE'];
$sPassword = $rsold['PASS'];
}
} else {
$bValidEmail = FALSE;
$this->setFailureMessage($Language->Phrase("InvalidEmail"));
}
$RsUser->Close();
if ($bValidEmail) {
if (strtolower($this->Action) == "resetpassword") {
// Reset password
$_SESSION[EW_SESSION_USER_PROFILE_USER_NAME] = $sUserName;
// Save login user name
$_SESSION[EW_SESSION_STATUS] = "passwordreset";
$this->Page_Terminate("changepwd.php");
} else {
$Email = new cEmail();
if (strtolower($this->Action) == "confirm") {
$Email->Load(EW_EMAIL_FORGOTPWD_TEMPLATE);
$Email->ReplaceContent('<!--$Password-->', $sPassword);
} else {
$Email->Load(EW_EMAIL_RESETPWD_TEMPLATE);
$sActivateLink = ew_FullUrl() . "?action=reset";
$sActivateLink .= "&email=" . $this->Email;
$sActivateLink .= "&code=" . $this->ActivateCode;
$Email->ReplaceContent('<!--$ActivateLink-->', $sActivateLink);
}
$Email->ReplaceSender(EW_SENDER_EMAIL);
// Replace Sender
$Email->ReplaceRecipient($this->Email);
// Replace Recipient
$Email->ReplaceContent('<!--$UserName-->', $sUserName);
$Args = array();
if (EW_ENCRYPTED_PASSWORD && strtolower($this->Action) == "confirm") {
$Args["rs"] =& $rsnew;
}
if ($this->Email_Sending($Email, $Args)) {
$bEmailSent = $Email->Send();
}
}
}
}
if ($bEmailSent) {
if ($this->getSuccessMessage() == "") {
if (strtolower($this->Action) == "confirm") {
$this->setSuccessMessage($Language->Phrase("PwdEmailSent"));
} else {
$this->setSuccessMessage($Language->Phrase("ResetPwdEmailSent"));
}
}
// Set up success message
$this->Page_Terminate("login.php");
// Return to login page
} elseif ($bValidEmail) {
$this->setFailureMessage($Email->SendErrDescription);
// Set up error message
}
}
}
function Page_Init()
{
global $gsExport, $gsCustomExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm;
// Security
$Security = new cAdvancedSecurity();
if (!$Security->IsLoggedIn()) {
$Security->AutoLogin();
}
if ($Security->IsLoggedIn()) {
$Security->TablePermission_Loading();
}
$Security->LoadCurrentUserLevel($this->ProjectID . $this->TableName);
if ($Security->IsLoggedIn()) {
$Security->TablePermission_Loaded();
}
if (!$Security->IsLoggedIn()) {
$this->Page_Terminate(ew_GetUrl("login.php"));
}
// Create form object
$objForm = new cFormObj();
// Get export parameters
$custom = "";
if (@$_GET["export"] != "") {
$this->Export = $_GET["export"];
$custom = @$_GET["custom"];
} elseif (@$_POST["export"] != "") {
$this->Export = $_POST["export"];
$custom = @$_POST["custom"];
} elseif (ew_IsHttpPost()) {
if (@$_POST["exporttype"] != "") {
$this->Export = $_POST["exporttype"];
}
$custom = @$_POST["custom"];
} else {
$this->setExportReturnUrl(ew_CurrentUrl());
}
$gsExportFile = $this->TableVar;
// Get export file, used in header
// Get custom export parameters
if ($this->Export != "" && $custom != "") {
$this->CustomExport = $this->Export;
$this->Export = "print";
}
$gsCustomExport = $this->CustomExport;
$gsExport = $this->Export;
// Get export parameter, used in header
// Update Export URLs
if (defined("EW_USE_PHPEXCEL")) {
$this->ExportExcelCustom = FALSE;
}
if ($this->ExportExcelCustom) {
$this->ExportExcelUrl .= "&custom=1";
}
if (defined("EW_USE_PHPWORD")) {
$this->ExportWordCustom = FALSE;
}
if ($this->ExportWordCustom) {
$this->ExportWordUrl .= "&custom=1";
}
if ($this->ExportPdfCustom) {
$this->ExportPdfUrl .= "&custom=1";
}
$this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"];
// Set up current action
// Get grid add count
$gridaddcnt = @$_GET[EW_TABLE_GRID_ADD_ROW_COUNT];
if (is_numeric($gridaddcnt) && $gridaddcnt > 0) {
$this->GridAddRowCount = $gridaddcnt;
}
// Set up list options
$this->SetupListOptions();
// Setup export options
$this->SetupExportOptions();
// Global Page Loading event (in userfn*.php)
Page_Loading();
// Page Load event
$this->Page_Load();
// Check token
if (!$this->ValidPost()) {
echo $Language->Phrase("InvalidPostRequest");
$this->Page_Terminate();
exit;
}
// Process auto fill
if (@$_POST["ajax"] == "autofill") {
// Process auto fill for detail table 'items'
if (@$_POST["grid"] == "fitemsgrid") {
if (!isset($GLOBALS["items_grid"])) {
$GLOBALS["items_grid"] = new citems_grid();
}
$GLOBALS["items_grid"]->Page_Init();
$this->Page_Terminate();
exit;
}
$results = $this->GetAutoFill(@$_POST["name"], @$_POST["q"]);
if ($results) {
// Clean output buffer
if (!EW_DEBUG_ENABLED && ob_get_length()) {
ob_end_clean();
}
echo $results;
$this->Page_Terminate();
exit;
}
}
// Create Token
$this->CreateToken();
// Set up master detail parameters
$this->SetUpMasterParms();
// Setup other options
$this->SetupOtherOptions();
// Set up custom action (compatible with old version)
foreach ($this->CustomActions as $name => $action) {
$this->ListActions->Add($name, $action);
}
// Show checkbox column if multiple action
foreach ($this->ListActions->Items as $listaction) {
if ($listaction->Select == EW_ACTION_MULTIPLE && $listaction->Allow) {
$this->ListOptions->Items["checkbox"]->Visible = TRUE;
break;
}
}
}
function Page_Main()
{
global $conn, $Language, $Security, $gsFormError, $tbl_user;
if (!ew_IsHttpPost()) {
return;
}
$bPwdUpdated = FALSE;
// Setup variables
$sUsername = $Security->CurrentUserName();
$sOPwd = ew_StripSlashes(@$_POST["opwd"]);
$sNPwd = ew_StripSlashes(@$_POST["npwd"]);
$sCPwd = ew_StripSlashes(@$_POST["cpwd"]);
if ($this->ValidateForm($sOPwd, $sNPwd, $sCPwd)) {
$sFilter = str_replace("%u", ew_AdjustSql($sUsername), EW_USER_NAME_FILTER);
// Set up filter (Sql Where Clause) and get Return SQL
// SQL constructor in tbl_user class, tbl_userinfo.php
$tbl_user->CurrentFilter = $sFilter;
$sSql = $tbl_user->SQL();
if ($rs = $conn->Execute($sSql)) {
if (!$rs->EOF) {
if (EW_MD5_PASSWORD && md5($sOPwd) == $rs->fields('passwd') || !EW_MD5_PASSWORD && $sOPwd == $rs->fields('passwd')) {
$rsnew = array('passwd' => $sNPwd);
// Change Password
$rs->Close();
$conn->raiseErrorFn = 'ew_ErrorFn';
$bValidPwd = $conn->Execute($tbl_user->UpdateSQL($rsnew));
$conn->raiseErrorFn = '';
if ($bValidPwd) {
$bPwdUpdated = TRUE;
}
} else {
$this->setMessage($Language->Phrase("InvalidPassword"));
}
} else {
$rs->Close();
}
}
}
if ($bPwdUpdated) {
$this->setMessage($Language->Phrase("PasswordChanged"));
// Set up message
$this->Page_Terminate("index.php");
// Exit page and clean up
} else {
$this->setMessage($gsFormError);
}
}
function Page_Init()
{
global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm;
// Get export parameters
if (@$_GET["export"] != "") {
$this->Export = $_GET["export"];
} elseif (ew_IsHttpPost()) {
if (@$_POST["exporttype"] != "") {
$this->Export = $_POST["exporttype"];
}
} else {
$this->setExportReturnUrl(ew_CurrentUrl());
}
$gsExport = $this->Export;
// Get export parameter, used in header
$gsExportFile = $this->TableVar;
// Get export file, used in header
if (@$_GET["codigo"] != "") {
if ($gsExportFile != "") {
$gsExportFile .= "_";
}
$gsExportFile .= ew_StripSlashes($_GET["codigo"]);
}
$this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"];
// Set up curent action
// Setup export options
$this->SetupExportOptions();
$this->codigo->Visible = !$this->IsAdd() && !$this->IsCopy() && !$this->IsGridAdd();
// Global Page Loading event (in userfn*.php)
Page_Loading();
// Page Load event
$this->Page_Load();
// Update url if printer friendly for Pdf
if ($this->PrinterFriendlyForPdf) {
$this->ExportOptions->Items["pdf"]->Body = str_replace($this->ExportPdfUrl, $this->ExportPrintUrl . "&pdf=1", $this->ExportOptions->Items["pdf"]->Body);
}
}
function Page_Init()
{
global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm;
// Security
$Security = new cAdvancedSecurity();
if (!$Security->IsLoggedIn()) {
$Security->AutoLogin();
}
if (!$Security->IsLoggedIn()) {
$Security->SaveLastUrl();
$this->Page_Terminate("login.php");
}
// Get export parameters
if (@$_GET["export"] != "") {
$this->Export = $_GET["export"];
} elseif (ew_IsHttpPost()) {
if (@$_POST["exporttype"] != "") {
$this->Export = $_POST["exporttype"];
}
} else {
$this->setExportReturnUrl(ew_CurrentUrl());
}
$gsExport = $this->Export;
// Get export parameter, used in header
$gsExportFile = $this->TableVar;
// Get export file, used in header
// Get grid add count
$gridaddcnt = @$_GET[EW_TABLE_GRID_ADD_ROW_COUNT];
if (is_numeric($gridaddcnt) && $gridaddcnt > 0) {
$this->GridAddRowCount = $gridaddcnt;
}
// Set up list options
$this->SetupListOptions();
// Setup export options
$this->SetupExportOptions();
$this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"];
// Global Page Loading event (in userfn*.php)
Page_Loading();
// Page Load event
$this->Page_Load();
}
function Page_Init()
{
global $gsExport, $gsCustomExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm;
// User profile
$UserProfile = new cUserProfile();
// Security
$Security = new cAdvancedSecurity();
if (!$Security->IsLoggedIn()) {
$Security->AutoLogin();
}
if ($Security->IsLoggedIn()) {
$Security->TablePermission_Loading();
}
$Security->LoadCurrentUserLevel($this->ProjectID . $this->TableName);
if ($Security->IsLoggedIn()) {
$Security->TablePermission_Loaded();
}
if (!$Security->CanView()) {
$Security->SaveLastUrl();
$this->setFailureMessage($Language->Phrase("NoPermission"));
// Set no permission
if ($Security->CanList()) {
$this->Page_Terminate(ew_GetUrl("airplanelist.php"));
} else {
$this->Page_Terminate(ew_GetUrl("login.php"));
}
}
if ($Security->IsLoggedIn()) {
$Security->UserID_Loading();
$Security->LoadUserID();
$Security->UserID_Loaded();
}
// Get export parameters
$custom = "";
if (@$_GET["export"] != "") {
$this->Export = $_GET["export"];
$custom = @$_GET["custom"];
} elseif (@$_POST["export"] != "") {
$this->Export = $_POST["export"];
$custom = @$_POST["custom"];
} elseif (ew_IsHttpPost()) {
if (@$_POST["exporttype"] != "") {
$this->Export = $_POST["exporttype"];
}
$custom = @$_POST["custom"];
} else {
$this->setExportReturnUrl(ew_CurrentUrl());
}
$gsExportFile = $this->TableVar;
// Get export file, used in header
if (@$_GET["AIRPLANE_ID"] != "") {
if ($gsExportFile != "") {
$gsExportFile .= "_";
}
$gsExportFile .= ew_StripSlashes($_GET["AIRPLANE_ID"]);
}
// Get custom export parameters
if ($this->Export != "" && $custom != "") {
$this->CustomExport = $this->Export;
$this->Export = "print";
}
$gsCustomExport = $this->CustomExport;
$gsExport = $this->Export;
// Get export parameter, used in header
// Update Export URLs
if (defined("EW_USE_PHPEXCEL")) {
$this->ExportExcelCustom = FALSE;
}
if ($this->ExportExcelCustom) {
$this->ExportExcelUrl .= "&custom=1";
}
if (defined("EW_USE_PHPWORD")) {
$this->ExportWordCustom = FALSE;
}
if ($this->ExportWordCustom) {
$this->ExportWordUrl .= "&custom=1";
}
if ($this->ExportPdfCustom) {
$this->ExportPdfUrl .= "&custom=1";
}
$this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"];
// Set up current action
// Setup export options
$this->SetupExportOptions();
$this->AIRPLANE_ID->Visible = !$this->IsAdd() && !$this->IsCopy() && !$this->IsGridAdd();
// Global Page Loading event (in userfn*.php)
Page_Loading();
// Page Load event
$this->Page_Load();
// Check token
if (!$this->ValidPost()) {
echo $Language->Phrase("InvalidPostRequest");
$this->Page_Terminate();
exit;
}
// Create Token
$this->CreateToken();
}
function Page_Init()
{
global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm;
// Security
$Security = new cAdvancedSecurity();
if (!$Security->IsLoggedIn()) {
$Security->AutoLogin();
}
if (!$Security->IsLoggedIn()) {
$Security->SaveLastUrl();
$this->Page_Terminate("login.php");
}
// Get export parameters
if (@$_GET["export"] != "") {
$this->Export = $_GET["export"];
} elseif (ew_IsHttpPost()) {
if (@$_POST["exporttype"] != "") {
$this->Export = $_POST["exporttype"];
}
} else {
$this->setExportReturnUrl(ew_CurrentUrl());
}
$gsExport = $this->Export;
// Get export parameter, used in header
$gsExportFile = $this->TableVar;
// Get export file, used in header
if (@$_GET["guru_id"] != "") {
if ($gsExportFile != "") {
$gsExportFile .= "_";
}
$gsExportFile .= ew_StripSlashes($_GET["guru_id"]);
}
$this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"];
// Set up current action
// Setup export options
$this->SetupExportOptions();
// Global Page Loading event (in userfn*.php)
Page_Loading();
// Page Load event
$this->Page_Load();
// Update url if printer friendly for Pdf
if ($this->PrinterFriendlyForPdf) {
$this->ExportOptions->Items["pdf"]->Body = str_replace($this->ExportPdfUrl, $this->ExportPrintUrl . "&pdf=1", $this->ExportOptions->Items["pdf"]->Body);
}
}
function Page_Init()
{
global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm;
// Security
$Security = new cAdvancedSecurity();
if (!$Security->IsLoggedIn()) {
$Security->AutoLogin();
}
if (!$Security->IsLoggedIn()) {
$Security->SaveLastUrl();
$this->Page_Terminate("login.php");
}
// Get export parameters
if (@$_GET["export"] != "") {
$this->Export = $_GET["export"];
} elseif (ew_IsHttpPost()) {
if (@$_POST["exporttype"] != "") {
$this->Export = $_POST["exporttype"];
}
} else {
$this->setExportReturnUrl(ew_CurrentUrl());
}
$gsExport = $this->Export;
// Get export parameter, used in header
$gsExportFile = $this->TableVar;
// Get export file, used in header
if (@$_GET["realmid"] != "") {
if ($gsExportFile != "") {
$gsExportFile .= "_";
}
$gsExportFile .= ew_StripSlashes($_GET["realmid"]);
}
if (@$_GET["acctid"] != "") {
if ($gsExportFile != "") {
$gsExportFile .= "_";
}
$gsExportFile .= ew_StripSlashes($_GET["acctid"]);
}
// Setup export options
$this->SetupExportOptions();
$this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"];
// Global Page Loading event (in userfn*.php)
Page_Loading();
// Page Load event
$this->Page_Load();
}
function Page_Init()
{
global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm;
// Security
$Security = new cAdvancedSecurity();
if (!$Security->IsLoggedIn()) {
$Security->AutoLogin();
}
if (!$Security->IsLoggedIn()) {
$Security->SaveLastUrl();
$this->Page_Terminate("login.php");
}
// Get export parameters
if (@$_GET["export"] != "") {
$this->Export = $_GET["export"];
} elseif (ew_IsHttpPost()) {
if (@$_POST["exporttype"] != "") {
$this->Export = $_POST["exporttype"];
}
} else {
$this->setExportReturnUrl(ew_CurrentUrl());
}
$gsExport = $this->Export;
// Get export parameter, used in header
$gsExportFile = $this->TableVar;
// Get export file, used in header
$this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"];
// Set up curent action
// Get grid add count
$gridaddcnt = @$_GET[EW_TABLE_GRID_ADD_ROW_COUNT];
if (is_numeric($gridaddcnt) && $gridaddcnt > 0) {
$this->GridAddRowCount = $gridaddcnt;
}
// Set up list options
$this->SetupListOptions();
// Setup export options
$this->SetupExportOptions();
$this->id->Visible = !$this->IsAdd() && !$this->IsCopy() && !$this->IsGridAdd();
// Global Page Loading event (in userfn*.php)
Page_Loading();
// Page Load event
$this->Page_Load();
// Setup other options
$this->SetupOtherOptions();
// Set "checkbox" visible
if (count($this->CustomActions) > 0) {
$this->ListOptions->Items["checkbox"]->Visible = TRUE;
}
// Update url if printer friendly for Pdf
if ($this->PrinterFriendlyForPdf) {
$this->ExportOptions->Items["pdf"]->Body = str_replace($this->ExportPdfUrl, $this->ExportPrintUrl . "&pdf=1", $this->ExportOptions->Items["pdf"]->Body);
}
}
function GetRecordKeys()
{
global $EW_COMPOSITE_KEY_SEPARATOR;
$arKeys = array();
$arKey = array();
if (isset($_POST["key_m"])) {
$arKeys = ew_StripSlashes($_POST["key_m"]);
$cnt = count($arKeys);
for ($i = 0; $i < $cnt; $i++) {
$arKeys[$i] = explode($EW_COMPOSITE_KEY_SEPARATOR, $arKeys[$i]);
}
} elseif (isset($_GET["key_m"])) {
$arKeys = ew_StripSlashes($_GET["key_m"]);
$cnt = count($arKeys);
for ($i = 0; $i < $cnt; $i++) {
$arKeys[$i] = explode($EW_COMPOSITE_KEY_SEPARATOR, $arKeys[$i]);
}
} elseif (!empty($_GET) || !empty($_POST)) {
$isPost = ew_IsHttpPost();
if ($isPost && isset($_POST["TABLE_NAME"])) {
$arKey[] = ew_StripSlashes($_POST["TABLE_NAME"]);
} elseif (isset($_GET["TABLE_NAME"])) {
$arKey[] = ew_StripSlashes($_GET["TABLE_NAME"]);
} else {
$arKeys = NULL;
}
// Do not setup
if ($isPost && isset($_POST["USER_LEVEL_ID"])) {
$arKey[] = ew_StripSlashes($_POST["USER_LEVEL_ID"]);
} elseif (isset($_GET["USER_LEVEL_ID"])) {
$arKey[] = ew_StripSlashes($_GET["USER_LEVEL_ID"]);
} else {
$arKeys = NULL;
}
// Do not setup
if (is_array($arKeys)) {
$arKeys[] = $arKey;
}
//return $arKeys; // Do not return yet, so the values will also be checked by the following code
}
// Check keys
$ar = array();
if (is_array($arKeys)) {
foreach ($arKeys as $key) {
if (!is_array($key) || count($key) != 2) {
continue;
}
// Just skip so other keys will still work
if (!is_numeric($key[1])) {
// USER_LEVEL_ID
continue;
}
$ar[] = $key;
}
}
return $ar;
}
