function ValidPost() { if (!$this->CheckToken || !ew_IsHttpPost()) { return TRUE; } if (!isset($_POST[EW_TOKEN_NAME])) { return FALSE; } $fn = $this->CheckTokenFn; if (is_callable($fn)) { return $fn($_POST[EW_TOKEN_NAME], $this->TokenTimeout); } return FALSE; }
function Page_Main() { global $conn, $Language, $gsFormError; global $Breadcrumb; $Breadcrumb = new cBreadcrumb(); $Breadcrumb->Add("forgotpwd", "<span id=\"ewPageCaption\">" . $Language->Phrase("RequestPwdPage") . "</span>", ew_CurrentUrl()); $bPostBack = ew_IsHttpPost(); $bValidEmail = FALSE; if ($bPostBack) { // Setup variables $this->Email = $_POST["email"]; $bValidEmail = $this->ValidateForm($this->Email); if ($bValidEmail) { $this->Action = "activate"; $this->ActivateCode = ew_Encrypt($this->Email); } else { $this->setFailureMessage($gsFormError); } // Handle email activation } elseif (@$_GET["action"] != "") { $this->Action = $_GET["action"]; $this->Email = @$_GET["email"]; $this->ActivateCode = @$_GET["code"]; if ($this->Email != ew_Decrypt($this->ActivateCode) || strtolower($this->Action) != "confirm") { // Email activation if ($this->getFailureMessage() == "") { $this->setFailureMessage($Language->Phrase("ActivateFailed")); } // Set activate failed message $this->Page_Terminate("login.php"); // Go to login page } } if ($this->Action != "") { $bEmailSent = FALSE; // Set up filter (SQL WHERE clause) and get Return SQL // SQL constructor in usuario class, usuarioinfo.php $sFilter = str_replace("%e", ew_AdjustSql($this->Email), EW_USER_EMAIL_FILTER); $this->CurrentFilter = $sFilter; $sSql = $this->SQL(); if ($RsUser = $conn->Execute($sSql)) { if (!$RsUser->EOF) { $rsold = $RsUser->fields; $bValidEmail = TRUE; // Call User Recover Password event $bValidEmail = $this->User_RecoverPassword($rsold); if ($bValidEmail) { $sUserName = $rsold['usuario']; $sPassword = $rsold['contrasenia']; if (EW_ENCRYPTED_PASSWORD) { if (strtolower($this->Action) == "confirm") { $sPassword = substr($sPassword, 0, 16); // Use first 16 characters only $rsnew = array('contrasenia' => $sPassword); // Reset the password $this->Update($rsnew); } } else { $this->Action = "confirm"; // Send password directly if not MD5 } } } else { $bValidEmail = FALSE; $this->setFailureMessage($Language->Phrase("InvalidEmail")); } if ($bValidEmail) { $Email = new cEmail(); if (strtolower($this->Action) == "confirm") { $Email->Load("phptxt/forgotpwd.txt"); $Email->ReplaceContent('<!--$Password-->', $sPassword); } else { $Email->Load("phptxt/resetpwd.txt"); $sActivateLink = ew_FullUrl() . "?action=confirm"; $sActivateLink .= "&email=" . $this->Email; $sActivateLink .= "&code=" . $this->ActivateCode; $Email->ReplaceContent('<!--$ActivateLink-->', $sActivateLink); } $Email->ReplaceSender(EW_SENDER_EMAIL); // Replace Sender $Email->ReplaceRecipient($this->Email); // Replace Recipient $Email->ReplaceContent('<!--$UserName-->', $sUserName); $Email->Charset = EW_EMAIL_CHARSET; $Args = array(); if (EW_ENCRYPTED_PASSWORD && strtolower($this->Action) == "confirm") { $Args["rs"] =& $rsnew; } if ($this->Email_Sending($Email, $Args)) { $bEmailSent = $Email->Send(); } } $RsUser->Close(); } if ($bEmailSent) { if ($this->getSuccessMessage() == "") { if (strtolower($this->Action) == "confirm") { $this->setSuccessMessage($Language->Phrase("PwdEmailSent")); } else { $this->setSuccessMessage($Language->Phrase("ResetPwdEmailSent")); } } // Set up success message $this->Page_Terminate("login.php"); // Return to login page } elseif ($bValidEmail) { $this->setFailureMessage($Language->Phrase("FailedToSendMail")); // Set up error message } } }
function Page_Init() { global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm; global $order; // Security $Security = new cAdvancedSecurity(); if (!$Security->IsLoggedIn()) { $Security->AutoLogin(); } if (!$Security->IsLoggedIn()) { $Security->SaveLastUrl(); $this->Page_Terminate("login.php"); } // Get export parameters if (@$_GET["export"] != "") { $order->Export = $_GET["export"]; } elseif (ew_IsHttpPost()) { if (@$_POST["exporttype"] != "") { $order->Export = $_POST["exporttype"]; } } else { $order->setExportReturnUrl(ew_CurrentUrl()); } $gsExport = $order->Export; // Get export parameter, used in header $gsExportFile = $order->TableVar; // Get export file, used in header // Global Page Loading event (in userfn*.php) Page_Loading(); // Page Load event $this->Page_Load(); }
function Page_Init() { global $gsExport, $gsCustomExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm; // Security $Security = new cAdvancedSecurity(); if (!$Security->IsLoggedIn()) { $Security->AutoLogin(); } if (!$Security->IsLoggedIn()) { $Security->SaveLastUrl(); $this->Page_Terminate(ew_GetUrl("cciag_login.php")); } $Security->TablePermission_Loading(); $Security->LoadCurrentUserLevel($this->ProjectID . $this->TableName); $Security->TablePermission_Loaded(); $Security->UserID_Loading(); if ($Security->IsLoggedIn()) { $Security->LoadUserID(); } $Security->UserID_Loaded(); if ($Security->IsLoggedIn() && strval($Security->CurrentUserID()) == "") { $this->setFailureMessage($Language->Phrase("NoPermission")); // Set no permission $this->Page_Terminate(ew_GetUrl("cciag_deudaslist.php")); } // Get export parameters $custom = ""; if (@$_GET["export"] != "") { $this->Export = $_GET["export"]; $custom = @$_GET["custom"]; } elseif (@$_POST["export"] != "") { $this->Export = $_POST["export"]; $custom = @$_POST["custom"]; } elseif (ew_IsHttpPost()) { if (@$_POST["exporttype"] != "") { $this->Export = $_POST["exporttype"]; } $custom = @$_POST["custom"]; } else { $this->setExportReturnUrl(ew_CurrentUrl()); } $gsExportFile = $this->TableVar; // Get export file, used in header if (@$_GET["id"] != "") { if ($gsExportFile != "") { $gsExportFile .= "_"; } $gsExportFile .= ew_StripSlashes($_GET["id"]); } // Get custom export parameters if ($this->Export != "" && $custom != "") { $this->CustomExport = $this->Export; $this->Export = "print"; } $gsCustomExport = $this->CustomExport; $gsExport = $this->Export; // Get export parameter, used in header // Update Export URLs if (defined("EW_USE_PHPEXCEL")) { $this->ExportExcelCustom = FALSE; } if ($this->ExportExcelCustom) { $this->ExportExcelUrl .= "&custom=1"; } if (defined("EW_USE_PHPWORD")) { $this->ExportWordCustom = FALSE; } if ($this->ExportWordCustom) { $this->ExportWordUrl .= "&custom=1"; } if ($this->ExportPdfCustom) { $this->ExportPdfUrl .= "&custom=1"; } $this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"]; // Set up current action // Setup export options $this->SetupExportOptions(); $this->id->Visible = !$this->IsAdd() && !$this->IsCopy() && !$this->IsGridAdd(); // Global Page Loading event (in userfn*.php) Page_Loading(); // Page Load event $this->Page_Load(); // Check token if (!$this->ValidPost()) { echo $Language->Phrase("InvalidPostRequest"); $this->Page_Terminate(); exit; } // Process auto fill if (@$_POST["ajax"] == "autofill") { // Process auto fill for detail table 'detalle_deudas' if (@$_POST["grid"] == "fdetalle_deudasgrid") { if (!isset($GLOBALS["detalle_deudas_grid"])) { $GLOBALS["detalle_deudas_grid"] = new cdetalle_deudas_grid(); } $GLOBALS["detalle_deudas_grid"]->Page_Init(); $this->Page_Terminate(); exit; } // Process auto fill for detail table 'pagos' if (@$_POST["grid"] == "fpagosgrid") { if (!isset($GLOBALS["pagos_grid"])) { $GLOBALS["pagos_grid"] = new cpagos_grid(); } $GLOBALS["pagos_grid"]->Page_Init(); $this->Page_Terminate(); exit; } $results = $this->GetAutoFill(@$_POST["name"], @$_POST["q"]); if ($results) { // Clean output buffer if (!EW_DEBUG_ENABLED && ob_get_length()) { ob_end_clean(); } echo $results; $this->Page_Terminate(); exit; } } // Create Token $this->CreateToken(); }
function Page_Init() { global $gsExport, $gsCustomExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm; // Security $Security = new cAdvancedSecurity(); if (!$Security->IsLoggedIn()) { $Security->AutoLogin(); } if (!$Security->IsLoggedIn()) { $Security->SaveLastUrl(); $this->Page_Terminate(ew_GetUrl("login.php")); } $Security->TablePermission_Loading(); $Security->LoadCurrentUserLevel($this->ProjectID . $this->TableName); $Security->TablePermission_Loaded(); $Security->UserID_Loading(); if ($Security->IsLoggedIn()) { $Security->LoadUserID(); } $Security->UserID_Loaded(); // Get export parameters $custom = ""; if (@$_GET["export"] != "") { $this->Export = $_GET["export"]; $custom = @$_GET["custom"]; } elseif (@$_POST["export"] != "") { $this->Export = $_POST["export"]; $custom = @$_POST["custom"]; } elseif (ew_IsHttpPost()) { if (@$_POST["exporttype"] != "") { $this->Export = $_POST["exporttype"]; } $custom = @$_POST["custom"]; } else { $this->setExportReturnUrl(ew_CurrentUrl()); } $gsExportFile = $this->TableVar; // Get export file, used in header // Get custom export parameters if ($this->Export != "" && $custom != "") { $this->CustomExport = $this->Export; $this->Export = "print"; } $gsCustomExport = $this->CustomExport; $gsExport = $this->Export; // Get export parameter, used in header // Update Export URLs if (defined("EW_USE_PHPEXCEL")) { $this->ExportExcelCustom = FALSE; } if ($this->ExportExcelCustom) { $this->ExportExcelUrl .= "&custom=1"; } if (defined("EW_USE_PHPWORD")) { $this->ExportWordCustom = FALSE; } if ($this->ExportWordCustom) { $this->ExportWordUrl .= "&custom=1"; } if ($this->ExportPdfCustom) { $this->ExportPdfUrl .= "&custom=1"; } $this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"]; // Set up current action // Get grid add count $gridaddcnt = @$_GET[EW_TABLE_GRID_ADD_ROW_COUNT]; if (is_numeric($gridaddcnt) && $gridaddcnt > 0) { $this->GridAddRowCount = $gridaddcnt; } // Set up list options $this->SetupListOptions(); // Setup export options $this->SetupExportOptions(); $this->codigo->Visible = !$this->IsAdd() && !$this->IsCopy() && !$this->IsGridAdd(); // Global Page Loading event (in userfn*.php) Page_Loading(); // Page Load event $this->Page_Load(); // Check token if (!$this->ValidPost()) { echo $Language->Phrase("InvalidPostRequest"); $this->Page_Terminate(); exit; } // Process auto fill if (@$_POST["ajax"] == "autofill") { $results = $this->GetAutoFill(@$_POST["name"], @$_POST["q"]); if ($results) { // Clean output buffer if (!EW_DEBUG_ENABLED && ob_get_length()) { ob_end_clean(); } echo $results; $this->Page_Terminate(); exit; } } // Create Token $this->CreateToken(); // Setup other options $this->SetupOtherOptions(); // Set "checkbox" visible if (count($this->CustomActions) > 0) { $this->ListOptions->Items["checkbox"]->Visible = TRUE; } }
function Page_Main() { global $conn, $Language, $Security, $gsFormError; global $Breadcrumb; $Breadcrumb = new cBreadcrumb(); $Breadcrumb->Add("changepwd", "ChangePwdPage", ew_CurrentUrl(), "", "", TRUE); $bPostBack = ew_IsHttpPost(); $bValidate = TRUE; if ($bPostBack) { $this->OldPassword = ew_StripSlashes(@$_POST["opwd"]); $this->NewPassword = ew_StripSlashes(@$_POST["npwd"]); $this->ConfirmedPassword = ew_StripSlashes(@$_POST["cpwd"]); $bValidate = $this->ValidateForm($this->OldPassword, $this->NewPassword, $this->ConfirmedPassword); if (!$bValidate) { $this->setFailureMessage($gsFormError); } } $bPwdUpdated = FALSE; if ($bPostBack && $bValidate) { // Setup variables $sUsername = $Security->CurrentUserName(); $sFilter = str_replace("%u", ew_AdjustSql($sUsername), EW_USER_NAME_FILTER); // Set up filter (Sql Where Clause) and get Return SQL // SQL constructor in usuarios class, usuariosinfo.php $this->CurrentFilter = $sFilter; $sSql = $this->SQL(); if ($rs = $conn->Execute($sSql)) { if (!$rs->EOF) { $rsold = $rs->fields; if (ew_ComparePassword($rsold['contrasenia'], $this->OldPassword)) { $bValidPwd = TRUE; $bValidPwd = $this->User_ChangePassword($rsold, $sUsername, $this->OldPassword, $this->NewPassword); if ($bValidPwd) { $rsnew = array('contrasenia' => $this->NewPassword); // Change Password $sEmail = $rsold['email']; $rs->Close(); $conn->raiseErrorFn = $GLOBALS["EW_ERROR_FN"]; $bValidPwd = $this->Update($rsnew); $conn->raiseErrorFn = ''; if ($bValidPwd) { $bPwdUpdated = TRUE; } } else { $this->setFailureMessage($Language->Phrase("InvalidNewPassword")); $rs->Close(); } } else { $this->setFailureMessage($Language->Phrase("InvalidPassword")); } } else { $rs->Close(); } } } if ($bPwdUpdated) { if (@$sEmail != "") { // Load Email Content $Email = new cEmail(); $Email->Load("phptxt/changepwd.txt"); $Email->ReplaceSender(EW_SENDER_EMAIL); // Replace Sender $Email->ReplaceRecipient($sEmail); // Replace Recipient $Email->ReplaceContent('<!--$Password-->', $this->NewPassword); $Email->Charset = EW_EMAIL_CHARSET; $Args = array(); $Args["rs"] =& $rsnew; $bEmailSent = FALSE; if ($this->Email_Sending($Email, $Args)) { $bEmailSent = $Email->Send(); } // Send email failed if (!$bEmailSent) { $this->setFailureMessage($Email->SendErrDescription); } } if ($this->getSuccessMessage() == "") { $this->setSuccessMessage($Language->Phrase("PasswordChanged")); } // Set up success message $this->Page_Terminate("index.php"); // Exit page and clean up } }
function Page_Main() { global $UserTableConn, $Language, $Security, $gsFormError; global $Breadcrumb; $Breadcrumb = new cBreadcrumb(); $Breadcrumb->Add("changepwd", "ChangePwdPage", ew_CurrentUrl(), "", "", TRUE); $bPostBack = ew_IsHttpPost(); $bValidate = TRUE; if ($bPostBack) { $this->OldPassword = ew_StripSlashes(@$_POST["opwd"]); $this->NewPassword = ew_StripSlashes(@$_POST["npwd"]); $this->ConfirmedPassword = ew_StripSlashes(@$_POST["cpwd"]); $bValidate = $this->ValidateForm($this->OldPassword, $this->NewPassword, $this->ConfirmedPassword); if (!$bValidate) { $this->setFailureMessage($gsFormError); } } $bPwdUpdated = FALSE; if ($bPostBack && $bValidate) { // Setup variables $sUsername = $Security->CurrentUserName(); if (IsPasswordReset()) { $sUsername = $_SESSION[EW_SESSION_USER_PROFILE_USER_NAME]; } $sFilter = str_replace("%u", ew_AdjustSql($sUsername, EW_USER_TABLE_DBID), EW_USER_NAME_FILTER); // Set up filter (Sql Where Clause) and get Return SQL // SQL constructor in user class, userinfo.php $this->CurrentFilter = $sFilter; $sSql = $this->SQL(); if ($rs = $UserTableConn->Execute($sSql)) { if (!$rs->EOF) { $rsold = $rs->fields; if (IsPasswordReset() || ew_ComparePassword($rsold['PASS'], $this->OldPassword)) { $bValidPwd = TRUE; if (!IsPasswordReset()) { $bValidPwd = $this->User_ChangePassword($rsold, $sUsername, $this->OldPassword, $this->NewPassword); } if ($bValidPwd) { $rsnew = array('PASS' => $this->NewPassword); // Change Password $rs->Close(); $UserTableConn->raiseErrorFn = $GLOBALS["EW_ERROR_FN"]; $bValidPwd = $this->Update($rsnew); $UserTableConn->raiseErrorFn = ''; if ($bValidPwd) { $bPwdUpdated = TRUE; } } else { $this->setFailureMessage($Language->Phrase("InvalidNewPassword")); $rs->Close(); } } else { $this->setFailureMessage($Language->Phrase("InvalidPassword")); } } else { $rs->Close(); } } } if ($bPwdUpdated) { if ($this->getSuccessMessage() == "") { $this->setSuccessMessage($Language->Phrase("PasswordChanged")); } // Set up success message if (IsPasswordReset()) { $_SESSION[EW_SESSION_STATUS] = ""; $_SESSION[EW_SESSION_USER_PROFILE_USER_NAME] = ""; } $this->Page_Terminate("index.php"); // Exit page and clean up } }
function GetRecordKeys() { global $EW_COMPOSITE_KEY_SEPARATOR; $arKeys = array(); $arKey = array(); if (isset($_POST["key_m"])) { $arKeys = ew_StripSlashes($_POST["key_m"]); $cnt = count($arKeys); } elseif (isset($_GET["key_m"])) { $arKeys = ew_StripSlashes($_GET["key_m"]); $cnt = count($arKeys); } elseif (!empty($_GET) || !empty($_POST)) { $isPost = ew_IsHttpPost(); if ($isPost && isset($_POST["CARD_TYPE_ID"])) { $arKeys[] = ew_StripSlashes($_POST["CARD_TYPE_ID"]); } elseif (isset($_GET["CARD_TYPE_ID"])) { $arKeys[] = ew_StripSlashes($_GET["CARD_TYPE_ID"]); } else { $arKeys = NULL; } // Do not setup //return $arKeys; // Do not return yet, so the values will also be checked by the following code } // Check keys $ar = array(); if (is_array($arKeys)) { foreach ($arKeys as $key) { if (!is_numeric($key)) { continue; } $ar[] = $key; } } return $ar; }
function Page_Init() { global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm; global $t_promotions_vins; // Get export parameters if (@$_GET["export"] != "") { $t_promotions_vins->Export = $_GET["export"]; } elseif (ew_IsHttpPost()) { if (@$_POST["exporttype"] != "") { $t_promotions_vins->Export = $_POST["exporttype"]; } } else { $t_promotions_vins->setExportReturnUrl(ew_CurrentUrl()); } $gsExport = $t_promotions_vins->Export; // Get export parameter, used in header $gsExportFile = $t_promotions_vins->TableVar; // Get export file, used in header $Charset = EW_CHARSET != "" ? ";charset=" . EW_CHARSET : ""; // Charset used in header // Get grid add count $gridaddcnt = @$_GET[EW_TABLE_GRID_ADD_ROW_COUNT]; if (is_numeric($gridaddcnt) && $gridaddcnt > 0) { $t_promotions_vins->GridAddRowCount = $gridaddcnt; } // Set up list options $this->SetupListOptions(); // Setup export options $this->SetupExportOptions(); // Global Page Loading event (in userfn*.php) Page_Loading(); // Page Load event $this->Page_Load(); }
function Page_Init() { global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm; global $tbl_facebook_stat; // Security $Security = new cAdvancedSecurity(); if (!$Security->IsLoggedIn()) { $Security->AutoLogin(); } if (!$Security->IsLoggedIn()) { $Security->SaveLastUrl(); $this->Page_Terminate("login.php"); } $Security->TablePermission_Loading(); $Security->LoadCurrentUserLevel($this->TableName); $Security->TablePermission_Loaded(); if (!$Security->IsLoggedIn()) { $Security->SaveLastUrl(); $this->Page_Terminate("login.php"); } if (!$Security->CanList()) { $Security->SaveLastUrl(); $this->Page_Terminate("login.php"); } // Create form object $objForm = new cFormObj(); // Get export parameters if (@$_GET["export"] != "") { $tbl_facebook_stat->Export = $_GET["export"]; } elseif (ew_IsHttpPost()) { if (@$_POST["exporttype"] != "") { $tbl_facebook_stat->Export = $_POST["exporttype"]; } } else { $tbl_facebook_stat->setExportReturnUrl(ew_CurrentUrl()); } $gsExport = $tbl_facebook_stat->Export; // Get export parameter, used in header $gsExportFile = $tbl_facebook_stat->TableVar; // Get export file, used in header // Global Page Loading event (in userfn*.php) Page_Loading(); // Page Load event $this->Page_Load(); }
function Page_Main() { global $UserTableConn, $Language, $gsFormError; global $Breadcrumb; $Breadcrumb = new cBreadcrumb(); $Breadcrumb->Add("forgotpwd", "RequestPwdPage", ew_CurrentUrl(), "", "", TRUE); $bPostBack = ew_IsHttpPost(); $bValidEmail = FALSE; if ($bPostBack) { // Setup variables $this->Email = $_POST["email"]; $bValidEmail = $this->ValidateForm($this->Email); if ($bValidEmail) { if (EW_ENCRYPTED_PASSWORD) { $this->Action = "reset"; } else { $this->Action = "confirm"; } // Send password directly if not MD5 $this->ActivateCode = ew_Encrypt($this->Email); } else { $this->setFailureMessage($gsFormError); } // Handle email activation } elseif (@$_GET["action"] != "") { $this->Action = $_GET["action"]; $this->Email = @$_GET["email"]; $this->ActivateCode = @$_GET["code"]; if ($this->Email != ew_Decrypt($this->ActivateCode) || strtolower($this->Action) != "confirm" && strtolower($this->Action) != "reset") { // Email activation if ($this->getFailureMessage() == "") { $this->setFailureMessage($Language->Phrase("ActivateFailed")); } // Set activate failed message $this->Page_Terminate("login.php"); // Go to login page } if (strtolower($this->Action) == "reset") { $this->Action = "resetpassword"; } } if ($this->Action != "") { $bEmailSent = FALSE; // Set up filter (SQL WHERE clause) and get Return SQL // SQL constructor in user class, userinfo.php $sFilter = str_replace("%e", ew_AdjustSql($this->Email, EW_USER_TABLE_DBID), EW_USER_EMAIL_FILTER); $this->CurrentFilter = $sFilter; $sSql = $this->SQL(); if ($RsUser = $UserTableConn->Execute($sSql)) { if (!$RsUser->EOF) { $rsold = $RsUser->fields; $bValidEmail = TRUE; // Call User Recover Password event $bValidEmail = $this->User_RecoverPassword($rsold); if ($bValidEmail) { $sUserName = $rsold['CODE']; $sPassword = $rsold['PASS']; } } else { $bValidEmail = FALSE; $this->setFailureMessage($Language->Phrase("InvalidEmail")); } $RsUser->Close(); if ($bValidEmail) { if (strtolower($this->Action) == "resetpassword") { // Reset password $_SESSION[EW_SESSION_USER_PROFILE_USER_NAME] = $sUserName; // Save login user name $_SESSION[EW_SESSION_STATUS] = "passwordreset"; $this->Page_Terminate("changepwd.php"); } else { $Email = new cEmail(); if (strtolower($this->Action) == "confirm") { $Email->Load(EW_EMAIL_FORGOTPWD_TEMPLATE); $Email->ReplaceContent('<!--$Password-->', $sPassword); } else { $Email->Load(EW_EMAIL_RESETPWD_TEMPLATE); $sActivateLink = ew_FullUrl() . "?action=reset"; $sActivateLink .= "&email=" . $this->Email; $sActivateLink .= "&code=" . $this->ActivateCode; $Email->ReplaceContent('<!--$ActivateLink-->', $sActivateLink); } $Email->ReplaceSender(EW_SENDER_EMAIL); // Replace Sender $Email->ReplaceRecipient($this->Email); // Replace Recipient $Email->ReplaceContent('<!--$UserName-->', $sUserName); $Args = array(); if (EW_ENCRYPTED_PASSWORD && strtolower($this->Action) == "confirm") { $Args["rs"] =& $rsnew; } if ($this->Email_Sending($Email, $Args)) { $bEmailSent = $Email->Send(); } } } } if ($bEmailSent) { if ($this->getSuccessMessage() == "") { if (strtolower($this->Action) == "confirm") { $this->setSuccessMessage($Language->Phrase("PwdEmailSent")); } else { $this->setSuccessMessage($Language->Phrase("ResetPwdEmailSent")); } } // Set up success message $this->Page_Terminate("login.php"); // Return to login page } elseif ($bValidEmail) { $this->setFailureMessage($Email->SendErrDescription); // Set up error message } } }
function Page_Init() { global $gsExport, $gsCustomExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm; // Security $Security = new cAdvancedSecurity(); if (!$Security->IsLoggedIn()) { $Security->AutoLogin(); } if ($Security->IsLoggedIn()) { $Security->TablePermission_Loading(); } $Security->LoadCurrentUserLevel($this->ProjectID . $this->TableName); if ($Security->IsLoggedIn()) { $Security->TablePermission_Loaded(); } if (!$Security->IsLoggedIn()) { $this->Page_Terminate(ew_GetUrl("login.php")); } // Create form object $objForm = new cFormObj(); // Get export parameters $custom = ""; if (@$_GET["export"] != "") { $this->Export = $_GET["export"]; $custom = @$_GET["custom"]; } elseif (@$_POST["export"] != "") { $this->Export = $_POST["export"]; $custom = @$_POST["custom"]; } elseif (ew_IsHttpPost()) { if (@$_POST["exporttype"] != "") { $this->Export = $_POST["exporttype"]; } $custom = @$_POST["custom"]; } else { $this->setExportReturnUrl(ew_CurrentUrl()); } $gsExportFile = $this->TableVar; // Get export file, used in header // Get custom export parameters if ($this->Export != "" && $custom != "") { $this->CustomExport = $this->Export; $this->Export = "print"; } $gsCustomExport = $this->CustomExport; $gsExport = $this->Export; // Get export parameter, used in header // Update Export URLs if (defined("EW_USE_PHPEXCEL")) { $this->ExportExcelCustom = FALSE; } if ($this->ExportExcelCustom) { $this->ExportExcelUrl .= "&custom=1"; } if (defined("EW_USE_PHPWORD")) { $this->ExportWordCustom = FALSE; } if ($this->ExportWordCustom) { $this->ExportWordUrl .= "&custom=1"; } if ($this->ExportPdfCustom) { $this->ExportPdfUrl .= "&custom=1"; } $this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"]; // Set up current action // Get grid add count $gridaddcnt = @$_GET[EW_TABLE_GRID_ADD_ROW_COUNT]; if (is_numeric($gridaddcnt) && $gridaddcnt > 0) { $this->GridAddRowCount = $gridaddcnt; } // Set up list options $this->SetupListOptions(); // Setup export options $this->SetupExportOptions(); // Global Page Loading event (in userfn*.php) Page_Loading(); // Page Load event $this->Page_Load(); // Check token if (!$this->ValidPost()) { echo $Language->Phrase("InvalidPostRequest"); $this->Page_Terminate(); exit; } // Process auto fill if (@$_POST["ajax"] == "autofill") { // Process auto fill for detail table 'items' if (@$_POST["grid"] == "fitemsgrid") { if (!isset($GLOBALS["items_grid"])) { $GLOBALS["items_grid"] = new citems_grid(); } $GLOBALS["items_grid"]->Page_Init(); $this->Page_Terminate(); exit; } $results = $this->GetAutoFill(@$_POST["name"], @$_POST["q"]); if ($results) { // Clean output buffer if (!EW_DEBUG_ENABLED && ob_get_length()) { ob_end_clean(); } echo $results; $this->Page_Terminate(); exit; } } // Create Token $this->CreateToken(); // Set up master detail parameters $this->SetUpMasterParms(); // Setup other options $this->SetupOtherOptions(); // Set up custom action (compatible with old version) foreach ($this->CustomActions as $name => $action) { $this->ListActions->Add($name, $action); } // Show checkbox column if multiple action foreach ($this->ListActions->Items as $listaction) { if ($listaction->Select == EW_ACTION_MULTIPLE && $listaction->Allow) { $this->ListOptions->Items["checkbox"]->Visible = TRUE; break; } } }
function Page_Main() { global $conn, $Language, $Security, $gsFormError, $tbl_user; if (!ew_IsHttpPost()) { return; } $bPwdUpdated = FALSE; // Setup variables $sUsername = $Security->CurrentUserName(); $sOPwd = ew_StripSlashes(@$_POST["opwd"]); $sNPwd = ew_StripSlashes(@$_POST["npwd"]); $sCPwd = ew_StripSlashes(@$_POST["cpwd"]); if ($this->ValidateForm($sOPwd, $sNPwd, $sCPwd)) { $sFilter = str_replace("%u", ew_AdjustSql($sUsername), EW_USER_NAME_FILTER); // Set up filter (Sql Where Clause) and get Return SQL // SQL constructor in tbl_user class, tbl_userinfo.php $tbl_user->CurrentFilter = $sFilter; $sSql = $tbl_user->SQL(); if ($rs = $conn->Execute($sSql)) { if (!$rs->EOF) { if (EW_MD5_PASSWORD && md5($sOPwd) == $rs->fields('passwd') || !EW_MD5_PASSWORD && $sOPwd == $rs->fields('passwd')) { $rsnew = array('passwd' => $sNPwd); // Change Password $rs->Close(); $conn->raiseErrorFn = 'ew_ErrorFn'; $bValidPwd = $conn->Execute($tbl_user->UpdateSQL($rsnew)); $conn->raiseErrorFn = ''; if ($bValidPwd) { $bPwdUpdated = TRUE; } } else { $this->setMessage($Language->Phrase("InvalidPassword")); } } else { $rs->Close(); } } } if ($bPwdUpdated) { $this->setMessage($Language->Phrase("PasswordChanged")); // Set up message $this->Page_Terminate("index.php"); // Exit page and clean up } else { $this->setMessage($gsFormError); } }
function Page_Init() { global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm; // Get export parameters if (@$_GET["export"] != "") { $this->Export = $_GET["export"]; } elseif (ew_IsHttpPost()) { if (@$_POST["exporttype"] != "") { $this->Export = $_POST["exporttype"]; } } else { $this->setExportReturnUrl(ew_CurrentUrl()); } $gsExport = $this->Export; // Get export parameter, used in header $gsExportFile = $this->TableVar; // Get export file, used in header if (@$_GET["codigo"] != "") { if ($gsExportFile != "") { $gsExportFile .= "_"; } $gsExportFile .= ew_StripSlashes($_GET["codigo"]); } $this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"]; // Set up curent action // Setup export options $this->SetupExportOptions(); $this->codigo->Visible = !$this->IsAdd() && !$this->IsCopy() && !$this->IsGridAdd(); // Global Page Loading event (in userfn*.php) Page_Loading(); // Page Load event $this->Page_Load(); // Update url if printer friendly for Pdf if ($this->PrinterFriendlyForPdf) { $this->ExportOptions->Items["pdf"]->Body = str_replace($this->ExportPdfUrl, $this->ExportPrintUrl . "&pdf=1", $this->ExportOptions->Items["pdf"]->Body); } }
function Page_Init() { global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm; // Security $Security = new cAdvancedSecurity(); if (!$Security->IsLoggedIn()) { $Security->AutoLogin(); } if (!$Security->IsLoggedIn()) { $Security->SaveLastUrl(); $this->Page_Terminate("login.php"); } // Get export parameters if (@$_GET["export"] != "") { $this->Export = $_GET["export"]; } elseif (ew_IsHttpPost()) { if (@$_POST["exporttype"] != "") { $this->Export = $_POST["exporttype"]; } } else { $this->setExportReturnUrl(ew_CurrentUrl()); } $gsExport = $this->Export; // Get export parameter, used in header $gsExportFile = $this->TableVar; // Get export file, used in header // Get grid add count $gridaddcnt = @$_GET[EW_TABLE_GRID_ADD_ROW_COUNT]; if (is_numeric($gridaddcnt) && $gridaddcnt > 0) { $this->GridAddRowCount = $gridaddcnt; } // Set up list options $this->SetupListOptions(); // Setup export options $this->SetupExportOptions(); $this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"]; // Global Page Loading event (in userfn*.php) Page_Loading(); // Page Load event $this->Page_Load(); }
function Page_Init() { global $gsExport, $gsCustomExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm; // User profile $UserProfile = new cUserProfile(); // Security $Security = new cAdvancedSecurity(); if (!$Security->IsLoggedIn()) { $Security->AutoLogin(); } if ($Security->IsLoggedIn()) { $Security->TablePermission_Loading(); } $Security->LoadCurrentUserLevel($this->ProjectID . $this->TableName); if ($Security->IsLoggedIn()) { $Security->TablePermission_Loaded(); } if (!$Security->CanView()) { $Security->SaveLastUrl(); $this->setFailureMessage($Language->Phrase("NoPermission")); // Set no permission if ($Security->CanList()) { $this->Page_Terminate(ew_GetUrl("airplanelist.php")); } else { $this->Page_Terminate(ew_GetUrl("login.php")); } } if ($Security->IsLoggedIn()) { $Security->UserID_Loading(); $Security->LoadUserID(); $Security->UserID_Loaded(); } // Get export parameters $custom = ""; if (@$_GET["export"] != "") { $this->Export = $_GET["export"]; $custom = @$_GET["custom"]; } elseif (@$_POST["export"] != "") { $this->Export = $_POST["export"]; $custom = @$_POST["custom"]; } elseif (ew_IsHttpPost()) { if (@$_POST["exporttype"] != "") { $this->Export = $_POST["exporttype"]; } $custom = @$_POST["custom"]; } else { $this->setExportReturnUrl(ew_CurrentUrl()); } $gsExportFile = $this->TableVar; // Get export file, used in header if (@$_GET["AIRPLANE_ID"] != "") { if ($gsExportFile != "") { $gsExportFile .= "_"; } $gsExportFile .= ew_StripSlashes($_GET["AIRPLANE_ID"]); } // Get custom export parameters if ($this->Export != "" && $custom != "") { $this->CustomExport = $this->Export; $this->Export = "print"; } $gsCustomExport = $this->CustomExport; $gsExport = $this->Export; // Get export parameter, used in header // Update Export URLs if (defined("EW_USE_PHPEXCEL")) { $this->ExportExcelCustom = FALSE; } if ($this->ExportExcelCustom) { $this->ExportExcelUrl .= "&custom=1"; } if (defined("EW_USE_PHPWORD")) { $this->ExportWordCustom = FALSE; } if ($this->ExportWordCustom) { $this->ExportWordUrl .= "&custom=1"; } if ($this->ExportPdfCustom) { $this->ExportPdfUrl .= "&custom=1"; } $this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"]; // Set up current action // Setup export options $this->SetupExportOptions(); $this->AIRPLANE_ID->Visible = !$this->IsAdd() && !$this->IsCopy() && !$this->IsGridAdd(); // Global Page Loading event (in userfn*.php) Page_Loading(); // Page Load event $this->Page_Load(); // Check token if (!$this->ValidPost()) { echo $Language->Phrase("InvalidPostRequest"); $this->Page_Terminate(); exit; } // Create Token $this->CreateToken(); }
function Page_Init() { global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm; // Security $Security = new cAdvancedSecurity(); if (!$Security->IsLoggedIn()) { $Security->AutoLogin(); } if (!$Security->IsLoggedIn()) { $Security->SaveLastUrl(); $this->Page_Terminate("login.php"); } // Get export parameters if (@$_GET["export"] != "") { $this->Export = $_GET["export"]; } elseif (ew_IsHttpPost()) { if (@$_POST["exporttype"] != "") { $this->Export = $_POST["exporttype"]; } } else { $this->setExportReturnUrl(ew_CurrentUrl()); } $gsExport = $this->Export; // Get export parameter, used in header $gsExportFile = $this->TableVar; // Get export file, used in header if (@$_GET["guru_id"] != "") { if ($gsExportFile != "") { $gsExportFile .= "_"; } $gsExportFile .= ew_StripSlashes($_GET["guru_id"]); } $this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"]; // Set up current action // Setup export options $this->SetupExportOptions(); // Global Page Loading event (in userfn*.php) Page_Loading(); // Page Load event $this->Page_Load(); // Update url if printer friendly for Pdf if ($this->PrinterFriendlyForPdf) { $this->ExportOptions->Items["pdf"]->Body = str_replace($this->ExportPdfUrl, $this->ExportPrintUrl . "&pdf=1", $this->ExportOptions->Items["pdf"]->Body); } }
function Page_Init() { global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm; // Security $Security = new cAdvancedSecurity(); if (!$Security->IsLoggedIn()) { $Security->AutoLogin(); } if (!$Security->IsLoggedIn()) { $Security->SaveLastUrl(); $this->Page_Terminate("login.php"); } // Get export parameters if (@$_GET["export"] != "") { $this->Export = $_GET["export"]; } elseif (ew_IsHttpPost()) { if (@$_POST["exporttype"] != "") { $this->Export = $_POST["exporttype"]; } } else { $this->setExportReturnUrl(ew_CurrentUrl()); } $gsExport = $this->Export; // Get export parameter, used in header $gsExportFile = $this->TableVar; // Get export file, used in header if (@$_GET["realmid"] != "") { if ($gsExportFile != "") { $gsExportFile .= "_"; } $gsExportFile .= ew_StripSlashes($_GET["realmid"]); } if (@$_GET["acctid"] != "") { if ($gsExportFile != "") { $gsExportFile .= "_"; } $gsExportFile .= ew_StripSlashes($_GET["acctid"]); } // Setup export options $this->SetupExportOptions(); $this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"]; // Global Page Loading event (in userfn*.php) Page_Loading(); // Page Load event $this->Page_Load(); }
function Page_Init() { global $gsExport, $gsExportFile, $UserProfile, $Language, $Security, $objForm; // Security $Security = new cAdvancedSecurity(); if (!$Security->IsLoggedIn()) { $Security->AutoLogin(); } if (!$Security->IsLoggedIn()) { $Security->SaveLastUrl(); $this->Page_Terminate("login.php"); } // Get export parameters if (@$_GET["export"] != "") { $this->Export = $_GET["export"]; } elseif (ew_IsHttpPost()) { if (@$_POST["exporttype"] != "") { $this->Export = $_POST["exporttype"]; } } else { $this->setExportReturnUrl(ew_CurrentUrl()); } $gsExport = $this->Export; // Get export parameter, used in header $gsExportFile = $this->TableVar; // Get export file, used in header $this->CurrentAction = @$_GET["a"] != "" ? $_GET["a"] : @$_POST["a_list"]; // Set up curent action // Get grid add count $gridaddcnt = @$_GET[EW_TABLE_GRID_ADD_ROW_COUNT]; if (is_numeric($gridaddcnt) && $gridaddcnt > 0) { $this->GridAddRowCount = $gridaddcnt; } // Set up list options $this->SetupListOptions(); // Setup export options $this->SetupExportOptions(); $this->id->Visible = !$this->IsAdd() && !$this->IsCopy() && !$this->IsGridAdd(); // Global Page Loading event (in userfn*.php) Page_Loading(); // Page Load event $this->Page_Load(); // Setup other options $this->SetupOtherOptions(); // Set "checkbox" visible if (count($this->CustomActions) > 0) { $this->ListOptions->Items["checkbox"]->Visible = TRUE; } // Update url if printer friendly for Pdf if ($this->PrinterFriendlyForPdf) { $this->ExportOptions->Items["pdf"]->Body = str_replace($this->ExportPdfUrl, $this->ExportPrintUrl . "&pdf=1", $this->ExportOptions->Items["pdf"]->Body); } }
function GetRecordKeys() { global $EW_COMPOSITE_KEY_SEPARATOR; $arKeys = array(); $arKey = array(); if (isset($_POST["key_m"])) { $arKeys = ew_StripSlashes($_POST["key_m"]); $cnt = count($arKeys); for ($i = 0; $i < $cnt; $i++) { $arKeys[$i] = explode($EW_COMPOSITE_KEY_SEPARATOR, $arKeys[$i]); } } elseif (isset($_GET["key_m"])) { $arKeys = ew_StripSlashes($_GET["key_m"]); $cnt = count($arKeys); for ($i = 0; $i < $cnt; $i++) { $arKeys[$i] = explode($EW_COMPOSITE_KEY_SEPARATOR, $arKeys[$i]); } } elseif (!empty($_GET) || !empty($_POST)) { $isPost = ew_IsHttpPost(); if ($isPost && isset($_POST["TABLE_NAME"])) { $arKey[] = ew_StripSlashes($_POST["TABLE_NAME"]); } elseif (isset($_GET["TABLE_NAME"])) { $arKey[] = ew_StripSlashes($_GET["TABLE_NAME"]); } else { $arKeys = NULL; } // Do not setup if ($isPost && isset($_POST["USER_LEVEL_ID"])) { $arKey[] = ew_StripSlashes($_POST["USER_LEVEL_ID"]); } elseif (isset($_GET["USER_LEVEL_ID"])) { $arKey[] = ew_StripSlashes($_GET["USER_LEVEL_ID"]); } else { $arKeys = NULL; } // Do not setup if (is_array($arKeys)) { $arKeys[] = $arKey; } //return $arKeys; // Do not return yet, so the values will also be checked by the following code } // Check keys $ar = array(); if (is_array($arKeys)) { foreach ($arKeys as $key) { if (!is_array($key) || count($key) != 2) { continue; } // Just skip so other keys will still work if (!is_numeric($key[1])) { // USER_LEVEL_ID continue; } $ar[] = $key; } } return $ar; }