/**
* Run test
*
* @param string $code Event code
* @param CCnStep $step Step
*
* @throws CMbException
*
* @return void
*/
static function run($code, CCnStep $step)
{
$receiver = $step->_ref_test->loadRefPartner()->loadReceiverHL7v2();
if ($receiver) {
CValue::setSessionAbs("cn_receiver_guid", $receiver->_guid);
}
$transaction = str_replace("-", "", $step->transaction);
if (!$transaction) {
throw new CMbException("CIHETestCase-no_transaction");
}
call_user_func(array("C{$transaction}Test", "test{$code}"), $step);
}
<?php
/**
* $Id$
*
* @category HL7
* @package Mediboard
* @author SARL OpenXtrem <*****@*****.**>
* @license GNU General Public License, see http://www.gnu.org/licenses/gpl.html
* @version $Revision$
* @link http://www.mediboard.org
*/
$cn_receiver_guid = CValue::post("cn_receiver_guid");
if ($cn_receiver_guid == "none") {
unset($_SESSION["cn_receiver_guid"]);
return;
}
CValue::setSessionAbs("cn_receiver_guid", $cn_receiver_guid);
* @package Mediboard
* @author SARL OpenXtrem <*****@*****.**>
* @license GNU General Public License, see http://www.gnu.org/licenses/gpl.html
* @link http://www.mediboard.org */
CPasswordKeeper::checkHTTPS();
CCanDo::checkAdmin();
$password_keeper_id = CValue::postOrSession("password_keeper_id");
$_passphrase = CValue::post("passphrase");
$deletion = CValue::post("deletion");
$user = CMediusers::get();
$keeper = new CPasswordKeeper();
$keeper->load($password_keeper_id);
if ($keeper->_id && $keeper->user_id != $user->_id) {
$msg = "Vous n'avez pas droit d'accéder à ce trousseau.";
CAppUI::stepAjax($msg, UI_MSG_ERROR);
}
// Second passage, après avoir saisi la phrase de passe
if ($keeper->_id && $_passphrase) {
if (!$keeper->testSample($_passphrase)) {
$msg = "Phrase de passe incorrecte.";
CAppUI::stepAjax($msg, UI_MSG_ERROR);
}
// Ecrit la phrase de passe en session
CValue::setSessionAbs("passphrase", $_passphrase);
}
$smarty = new CSmartyDP();
$smarty->assign("keeper", $keeper);
$smarty->assign("user", $user);
$smarty->assign("_passphrase", $_passphrase);
$smarty->assign("deletion", $deletion);
$smarty->display("inc_edit_keeper.tpl");
$m = "dP{$m}";
}
// Get current module permissions
// these can be further modified by the included action files
$can = $module->canDo();
$a = CAppUI::checkFileName(CValue::get("a", $index));
$u = CAppUI::checkFileName(CValue::get("u", ""));
$dosql = CAppUI::checkFileName(CValue::post("dosql", ""));
$class = CAppUI::checkFileName(CValue::post("@class", ""));
$tab = $a == "index" ? CValue::getOrSession("tab", $tab) : CValue::get("tab");
// set the group in use, put the user group if not allowed
$g = CValue::getOrSessionAbs("g", CAppUI::$instance->user_group);
$indexGroup = new CGroups();
if ($indexGroup->load($g) && !$indexGroup->canRead()) {
$g = CAppUI::$instance->user_group;
CValue::setSessionAbs("g", $g);
}
$user = CAppUI::$user;
// Check whether the password is strong enough
// If account is not a robot
if ($user->_id && !$user->isRobot() && (!($m == "admin" && $tab == "chpwd") && !($m == "admin" && $dosql == "do_chpwd_aed"))) {
if (CAppUI::$instance->weak_password && (!CAppUI::$instance->user_remote || CAppUI::conf("admin CUser apply_all_users"))) {
CAppUI::redirect("m=admin&tab=chpwd&forceChange=1");
}
// If we want to force user to periodically change password
if (CAppUI::conf("admin CUser force_changing_password") || $user->_ref_user->force_change_password) {
// Need to change
if ($user->_ref_user->force_change_password) {
CAppUI::redirect("m=admin&tab=chpwd&forceChange=1");
}
if (CMbDT::dateTime("-" . CAppUI::conf("admin CUser password_life_duration")) > $user->_ref_user->user_password_last_change) {
/**
* Applies token's params to redirect the user
*
* @return void
*/
function applyParams()
{
// Save token expiration in the session
CAppUI::$token_expiration = $this->getTokenExpiration();
CAppUI::$token_restricted = $this->restricted == 1;
CValue::setSessionAbs("token_expiration", CAppUI::$token_expiration);
$params = $this->getParams();
if (isset($params["tab"]) && empty($params["a"])) {
$params["a"] = $params["tab"];
unset($params["tab"]);
}
foreach ($params as $key => $value) {
$_GET[$key] = $value;
$_REQUEST[$key] = $value;
}
}
/**
* @see parent::updatePlainFields()
*/
function updatePlainFields()
{
parent::updatePlainFields();
// To prevent from recalculate new salt and re-hash password
if ($this->_merging) {
return;
}
$this->user_password = null;
// If no raw password or already hashed, nothing to do
if (!$this->_user_password || preg_match('/^[0-9a-f]{32}$/i', $this->_user_password)) {
return;
}
// If the new password hashing system is not ready yet
if (!$this->loginSaltReady()) {
CValue::setSessionAbs("_pass_deferred", $this->_user_password);
$this->user_password = md5($this->_user_password);
return;
}
// If user is logging, get the salt value in table
if (!$this->_is_logging || $this->_is_changing) {
$this->generateUserSalt();
return;
}
// If user is trying to log in, we have to compare hashes with corresponding user in table
$where = array("user_username" => " = '{$this->user_username}'");
$_user = new CUser();
$_user->loadObject($where);
// If user exists, we compare hashes
if ($_user->_id) {
// Password is a SHA256 hash, we get user's salt
if ($this->_user_password && strlen($_user->user_password) == 64) {
$this->user_password = hash("SHA256", $_user->user_salt . $this->_user_password);
return;
}
// Password is an old MD5 hash, we have to update
if ($_user->user_password == md5($this->_user_password)) {
$this->generateUserSalt();
$_user->_user_password = $this->_user_password;
$_user->_user_salt = $this->user_salt;
$_user->store();
} else {
// Won't load anything
$this->user_password = "******";
}
}
}
