public function testTimeTrackGeneratesHashForUserAndPassword()
{
$tt = new TimeTrack();
$this->assertEquals("4db3cfdd7744b80286b34f7fb0188d33", $tt->generateHash("username", "password"));
}
<?php
include "functions_GRML.php";
include "TimeTrack.class.php";
session_start();
$timetrack = new TimeTrack();
TimeTrack::$migrationMode = true;
$mobiledevice = detectMobileDevices();
$loggedin = false;
$loggedin = $timetrack->login($_POST['u'], $_POST['p'], $_GET['h']);
$hash = $timetrack->hash;
if (!$loggedin) {
unset($_SESSION['userhash']);
header("Location: index.php?e=1");
exit;
}
if (isset($_POST['migrate'])) {
$res = $timetrack->migrateFileToDir($hash);
if ($res['error'] === false) {
header("Location: show.php");
die;
}
}
$filename = pathinfo(__FILE__, PATHINFO_FILENAME);
include "views/{$filename}.phtml";
<?php
include "functions_GRML.php";
include "TimeTrack.class.php";
// Comment
session_start();
$timetrack = new TimeTrack();
$loggedin = false;
$loggedin = $timetrack->login($_POST['u'], $_POST['p'], $_GET['h']);
$hash = $timetrack->hash;
if (!$loggedin) {
unset($hash);
unset($_SESSION['userhash']);
}
if (!$loggedin) {
die('Not logged in');
}
$logfileRaw = $_POST['logfileRaw'];
$postHash = $_POST['hash'];
$postIp = $_POST['ip'];
$postTimestamp = $_POST['timestamp'];
if (isset($logfileRaw, $postHash, $postIp, $postTimestamp)) {
$matches = array();
if (preg_match("/^[-\\+#]\\[(\\d{4}-\\d{2}-\\d{2}\\w\\d{2}:\\d{2}:\\d{2})\\]\\s.*/", $logfileRaw, $matches)) {
$curmonth = date("Ym", strtotime($matches[1]));
}
if ($postHash != $timetrack->hash || $postIp != $_SERVER['REMOTE_ADDR']) {
$msg = "Something went wrong. Security Information did not match.";
} else {
if (time() - $postTimestamp < 5) {
$msg = "Flash Gordon was here. Try to breathe in and out and give yourself more time to edit.";
<?php
include "application/TTDropbox.php";
include "TimeTrack.class.php";
$timetrack = new TimeTrack();
$id = session_id();
if (empty($id)) {
session_start();
}
$loggedin = false;
$u = isset($_POST['u']) ? $_POST['u'] : null;
$p = isset($_POST['p']) ? $_POST['p'] : null;
$h = isset($_GET['h']) ? $_GET['h'] : null;
$loggedin = $timetrack->login($u, $p, $h);
$hash = $timetrack->hash;
if (!$loggedin) {
unset($hash);
unset($_SESSION['userhash']);
}
if (!$loggedin) {
if ($hash != "") {
unset($_SESSION['userhash']);
header("Location: download.php?h=" . $hash);
exit;
} else {
unset($_SESSION['userhash']);
header("Location: index.php?e=1");
exit;
}
}
$options = $timetrack->getOptions();
protected function display()
{
if (Tools::isConnectedUser()) {
// only teamMembers & observers can access this page
if (0 == $this->teamid || $this->session_user->isTeamCustomer($this->teamid)) {
$this->smartyHelper->assign('accessDenied', TRUE);
} else {
$team = TeamCache::getInstance()->getTeam($this->teamid);
// if first call to this page
if (!array_key_exists('nextForm', $_POST)) {
$activeMembers = $team->getActiveMembers();
if ($this->session_user->isTeamManager($this->teamid)) {
$this->smartyHelper->assign('users', SmartyTools::getSmartyArray($activeMembers, $this->session_userid));
} else {
// developper & manager can add timeTracks
if (array_key_exists($this->session_userid, $activeMembers)) {
$_POST['userid'] = $this->session_userid;
$_POST['nextForm'] = "addHolidaysForm";
//$_POST['days'] = 'dayid';
}
}
}
$nextForm = Tools::getSecurePOSTStringValue('nextForm', '');
if ($nextForm == "addHolidaysForm") {
$userid = Tools::getSecurePOSTIntValue('userid', $this->session_userid);
$managed_user = UserCache::getInstance()->getUser($userid);
// dates
$startdate = Tools::getSecurePOSTStringValue('startdate', date("Y-m-d"));
$enddate = Tools::getSecurePOSTStringValue('enddate', '');
$defaultBugid = Tools::getSecurePOSTIntValue('bugid', 0);
$action = Tools::getSecurePOSTStringValue('action', '');
$duration = Tools::getSecurePOSTNumberValue('duree', 0);
if ("addHolidays" == $action) {
// TODO add tracks !
$job = Tools::getSecurePOSTStringValue('job');
$duration = Tools::getSecurePOSTNumberValue('duree');
$holydays = Holidays::getInstance();
$keyvalue = Tools::getSecurePOSTStringValue('checkedDays');
$checkedDaysList = Tools::doubleExplode(':', ',', $keyvalue);
$startTimestamp = Tools::date2timestamp($startdate);
$endTimestamp = Tools::date2timestamp($enddate);
// save to DB
$weekday = date('l', strtotime($startdate));
$timestamp = $startTimestamp;
while ($timestamp <= $endTimestamp) {
// check if not a fixed holiday
if (!$holydays->isHoliday($timestamp)) {
// check existing timetracks on $timestamp and adjust duration
$availabletime = $managed_user->getAvailableTime($timestamp);
// not imput more than possible
if ($duration >= $availabletime) {
$imput = $availabletime;
} else {
$imput = $duration;
}
// check if weekday checkbox is checked
if (1 == $checkedDaysList[$weekday]) {
if ($duration > 0) {
if (self::$logger->isDebugEnabled()) {
self::$logger->debug(date("Y-m-d", $timestamp) . " duration {$imput} job {$job}");
}
TimeTrack::create($managed_user->getId(), $defaultBugid, $job, $timestamp, $imput, $this->session_userid);
}
}
}
$timestamp = strtotime("+1 day", $timestamp);
$weekday = date('l', strtotime(date("Y-m-d", $timestamp)));
}
// We redirect to holidays report, so the user can verify his holidays
header('Location:holidays_report.php');
}
$this->smartyHelper->assign('startDate', $startdate);
$this->smartyHelper->assign('endDate', $enddate);
if ($this->session_userid != $managed_user->getId()) {
$this->smartyHelper->assign('otherrealname', $managed_user->getRealname());
}
// Get Team SideTasks Project List
$projList = $team->getProjects(true, false);
foreach ($projList as $pid => $pname) {
// we want only SideTasks projects
try {
if (!$team->isSideTasksProject($pid)) {
unset($projList[$pid]);
}
} catch (Exception $e) {
self::$logger->error("project {$pid}: " . $e->getMessage());
}
}
$extproj_id = Config::getInstance()->getValue(Config::id_externalTasksProject);
$extProj = ProjectCache::getInstance()->getProject($extproj_id);
$projList[$extproj_id] = $extProj->getName();
$defaultProjectid = Tools::getSecurePOSTIntValue('projectid', 0);
if ($defaultBugid != 0 && $action == 'setBugId') {
// find ProjectId to update categories
$issue = IssueCache::getInstance()->getIssue($defaultBugid);
$defaultProjectid = $issue->getProjectId();
}
$this->smartyHelper->assign('projects', SmartyTools::getSmartyArray($projList, $defaultProjectid));
$this->smartyHelper->assign('issues', $this->getIssues($defaultProjectid, $projList, $extproj_id, $defaultBugid));
$this->smartyHelper->assign('jobs', $this->getJobs($defaultProjectid, $projList));
$this->smartyHelper->assign('duration', SmartyTools::getSmartyArray(TimeTrackingTools::getDurationList($team->getId()), $duration));
$this->smartyHelper->assign('userid', $managed_user->getId());
}
}
}
}
<html lang="de">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>TimeTrack Jahreskalender</title>
<meta name="author" content="">
<link href="static/css/calendar.css" media="screen" rel="stylesheet" type="text/css">
<link rel="shortcut icon" href="static/img/favicon.ico" />
<link rel="icon" href="static/img/favicon.ico" type="image/ico" />
</head>
<body>
<?php
// Comment
session_start();
include "TimeTrack.class.php";
$timetrack = new TimeTrack();
setlocale(LC_ALL, "de_DE");
$loggedin = false;
$loggedin = $timetrack->login($_POST['u'], $_POST['p'], $_GET['h']);
$hash = $timetrack->hash;
if (!$loggedin) {
unset($hash);
unset($_SESSION['userhash']);
}
if (!$loggedin) {
die('Not logged in');
}
$year = date("Y");
if (isset($_GET['y']) && is_numeric($_GET['y']) && strlen($_GET['y']) == 4) {
$year = $_GET['y'];
}
/**
* Sets the TimeTracking
*
* @param array $timeTracking
* @return void
*/
public function setTimeTracking($timeTracking)
{
foreach ($timeTracking as $id => $track) {
if ($track instanceof TimeTrack) {
$this->addTimeTrack($track);
} else {
$track['id'] = $id + 1;
$this->addTimeTrack(TimeTrack::_create($track));
}
}
}
<?php
include "functions_GRML.php";
include "TimeTrack.class.php";
session_start();
$timetrack = new TimeTrack();
$mobiledevice = detectMobileDevices();
$curdate = $_REQUEST['date'];
if (!isset($curdate)) {
die('Wrong parameter!');
}
$loggedin = false;
$loggedin = $timetrack->login($_POST['u'], $_POST['p'], $_GET['h']);
$hash = $timetrack->hash;
if (!$loggedin) {
unset($hash);
unset($_SESSION['userhash']);
}
if (!$loggedin) {
if ($hash != "") {
unset($_SESSION['userhash']);
header("Location: download.php?h=" . $hash);
exit;
} else {
unset($_SESSION['userhash']);
header("Location: index.php?e=1");
exit;
}
}
$forward = false;
$formsend = $_POST['submit'];
<?php
require_once "TimeTrack.class.php";
$tt = new TimeTrack();
function getTimes($tt)
{
$tt->parseData();
$ld = $tt->getLastDay();
//print_r($ld);
echo (isset($ld['diff']) ? $ld['diff'] : 0) . "\n";
echo (isset($ld['monthdiff']) ? $ld['monthdiff'] : 0) . "\n";
echo (isset($ld['laststateIn']) ? (int) $ld['laststateIn'] : 0) . "\n";
echo (isset($ld['start']) ? $ld['start'] : 0) . "\n";
echo (isset($ld['pause']) ? $ld['pause'] : 0) . "\n";
}
error_reporting(E_ALL);
ini_set("display_errors", 1);
$action = isset($_GET['a']) ? $_GET['a'] : '';
$hash = isset($_GET['h']) ? $_GET['h'] : '';
if (!$tt->login(null, null, $hash)) {
die('INVALID LOGIN');
}
$curmonth = date("Ym");
if (isset($_GET['m'])) {
$curmonth = $_GET['m'];
}
$tt->setMonth($curmonth);
if ($action == "times") {
getTimes($tt);
}
if ($action == "login") {
<?php
session_start();
include "../TimeTrack.class.php";
$timetrack = new TimeTrack();
$loggedin = $timetrack->login($_POST['u'], $_POST['p'], $_GET['h']);
$hash = $timetrack->hash;
if (!$loggedin) {
unset($hash);
unset($_SESSION['userhash']);
}
include 'index.phtml';
/**
* Initialize complex static variables
* @static
*/
public static function staticInit()
{
self::$logger = Logger::getLogger(__CLASS__);
}
protected function display()
{
if (Tools::isConnectedUser()) {
// only teamMembers can access this page
if (0 == $this->teamid || $this->session_user->isTeamCustomer($this->teamid) || $this->session_user->isTeamObserver($this->teamid) || !$this->session_user->isTeamMember($this->teamid)) {
$this->smartyHelper->assign('accessDenied', TRUE);
} else {
$team = TeamCache::getInstance()->getTeam($this->teamid);
$teamMembers = $team->getActiveMembers(NULL, NULL, TRUE);
$managed_userid = Tools::getSecurePOSTIntValue('userid', $this->session_userid);
if ($this->session_user->isTeamManager($this->teamid)) {
// session_user is Manager, let him choose the teamMember he wants to manage
$this->smartyHelper->assign('users', $teamMembers);
$this->smartyHelper->assign('selectedUser', $managed_userid);
$this->smartyHelper->assign("isManager", true);
}
// display AddTrack Page
$year = Tools::getSecurePOSTIntValue('year', date('Y'));
$managed_user = UserCache::getInstance()->getUser($managed_userid);
// Need to be Manager to handle other users
if ($managed_userid != $this->session_userid) {
if (!$this->session_user->isTeamManager($this->teamid) || !array_key_exists($managed_userid, $teamMembers)) {
self::$logger->error(' SECURITY ALERT changeManagedUser: session_user ' . $this->session_userid . " is not allowed to manage user {$managed_userid}");
Tools::sendForbiddenAccess();
}
}
// developper & manager can add timeTracks
$mTeamList = $managed_user->getDevTeamList();
$managedTeamList = $managed_user->getManagedTeamList();
$teamList = $mTeamList + $managedTeamList;
$action = Tools::getSecurePOSTStringValue('action', '');
$weekid = Tools::getSecurePOSTIntValue('weekid', date('W'));
$defaultDate = Tools::getSecurePOSTStringValue('date', date("Y-m-d", time()));
$defaultBugid = Tools::getSecurePOSTIntValue('bugid', 0);
$defaultProjectid = Tools::getSecurePOSTIntValue('projectid', 0);
$job = Tools::getSecurePOSTIntValue('job', 0);
$duration = Tools::getSecurePOSTNumberValue('duree', 0);
if ("addTrack" == $action) {
self::$logger->debug("addTrack: called from form1");
// TODO merge addTrack & addTimetrack actions !
// called by form1 when no backlog has to be set.
// updateBacklogDialogBox must not raise up,
// track must be added, backlog & status must NOT be updated
$timestamp = Tools::date2timestamp($defaultDate);
$defaultBugid = Tools::getSecurePOSTIntValue('bugid');
$job = Tools::getSecurePOSTStringValue('job');
$duration = Tools::getSecurePOSTNumberValue('duree');
// dialogBox is not called, then track must be saved to DB
$trackid = TimeTrack::create($managed_userid, $defaultBugid, $job, $timestamp, $duration, $this->session_userid);
if (self::$logger->isDebugEnabled()) {
self::$logger->debug("Track {$trackid} added : userid={$managed_userid} bugid={$defaultBugid} job={$job} duration={$duration} timestamp={$timestamp}");
}
// Don't show job and duration after add track
$job = 0;
$duration = 0;
$defaultProjectid = Tools::getSecurePOSTIntValue('projectid');
} elseif ("addTimetrack" == $action) {
// updateBacklogDialogbox with 'addTimetrack' action
// add track AND update backlog & status & handlerId
// TODO merge addTrack & addTimetrack actions !
self::$logger->debug("addTimetrack: called from the updateBacklogDialogBox");
// add timetrack (all values mandatory)
$defaultDate = Tools::getSecurePOSTStringValue('trackDate');
$defaultBugid = Tools::getSecurePOSTIntValue('bugid');
$job = Tools::getSecurePOSTIntValue('trackJobid');
$duration = Tools::getSecurePOSTNumberValue('timeToAdd');
$handlerId = Tools::getSecurePOSTNumberValue('handlerid');
// check jobid (bug happens sometime...
if (0 == $job) {
$this->smartyHelper->assign('error', T_("Timetrack not added: Job has not specified."));
self::$logger->error("Add track : FAILED. issue={$defaultBugid}, jobid={$job}, duration={$duration} date={$defaultDate}");
}
// check bug_id (this happens when user uses the 'back' button of the browser ?)
if (0 == $defaultBugid) {
self::$logger->error("Add track : FAILED. issue=0, jobid={$job}, duration={$duration} date={$defaultDate}");
} else {
$timestamp = 0 !== $defaultDate ? Tools::date2timestamp($defaultDate) : 0;
$trackid = TimeTrack::create($managed_userid, $defaultBugid, $job, $timestamp, $duration, $this->session_userid);
if (self::$logger->isDebugEnabled()) {
self::$logger->debug("Track {$trackid} added : userid={$managed_userid} bugid={$defaultBugid} job={$job} duration={$duration} timestamp={$timestamp}");
}
$issue = IssueCache::getInstance()->getIssue($defaultBugid);
// setBacklog
$formattedBacklog = Tools::getSecurePOSTNumberValue('backlog');
$issue->setBacklog($formattedBacklog);
// setStatus
$newStatus = Tools::getSecurePOSTIntValue('statusid');
$issue->setStatus($newStatus);
// set handlerId
if ($handlerId != $issue->getHandlerId()) {
// TODO security check (userid exists/valid ?)
$issue->setHandler($handlerId);
}
$defaultProjectid = $issue->getProjectId();
}
// Don't show job and duration after add track
$job = 0;
$duration = 0;
} elseif ("deleteTrack" == $action) {
$trackid = Tools::getSecurePOSTIntValue('trackid');
$timeTrack = TimeTrackCache::getInstance()->getTimeTrack($trackid);
$defaultBugid = $timeTrack->getIssueId();
$duration = $timeTrack->getDuration();
$job = $timeTrack->getJobId();
$defaultDate = date("Y-m-d", $timeTrack->getDate());
// delete track
if (!$timeTrack->remove()) {
$this->smartyHelper->assign('error', T_("Failed to delete the timetrack !"));
self::$logger->error("Delete track {$trackid} : FAILED.");
}
if (0 == $defaultBugid) {
self::$logger->error("Delete track : bug_id=0");
$defaultProjectid = 0;
} else {
try {
// pre-set form fields
$issue = IssueCache::getInstance()->getIssue($defaultBugid);
$defaultProjectid = $issue->getProjectId();
// if project not defined for current team, do not pre-set form fields.
if (!in_array($defaultProjectid, array_keys($team->getProjects()))) {
$defaultProjectid = 0;
$defaultBugid = 0;
}
} catch (Exception $e) {
$defaultProjectid = 0;
$defaultBugid = 0;
}
}
} elseif ("setBugId" == $action) {
// pre-set form fields
// find ProjectId to update categories
$defaultBugid = Tools::getSecurePOSTIntValue('bugid');
$issue = IssueCache::getInstance()->getIssue($defaultBugid);
$defaultProjectid = $issue->getProjectId();
} elseif ("setFiltersAction" == $action) {
$isFilter_onlyAssignedTo = isset($_POST["cb_onlyAssignedTo"]) ? '1' : '0';
$isFilter_hideResolved = isset($_POST["cb_hideResolved"]) ? '1' : '0';
$managed_user->setTimetrackingFilter('onlyAssignedTo', $isFilter_onlyAssignedTo);
$managed_user->setTimetrackingFilter('hideResolved', $isFilter_hideResolved);
if ($defaultBugid != 0) {
$issue = IssueCache::getInstance()->getIssue($defaultBugid);
$defaultProjectid = $issue->getProjectId();
}
}
// Display user name
$this->smartyHelper->assign('managedUser_realname', $managed_user->getRealname());
$this->smartyHelper->assign('userid', $managed_userid);
// display Track Form
$this->smartyHelper->assign('date', $defaultDate);
// All projects except disabled
$projList = $team->getProjects(true, false);
$this->smartyHelper->assign('projects', SmartyTools::getSmartyArray($projList, $defaultProjectid));
$this->smartyHelper->assign('defaultProjectid', $defaultProjectid);
$this->smartyHelper->assign('defaultBugid', $defaultBugid);
$this->smartyHelper->assign('weekid', $weekid);
$this->smartyHelper->assign('year', $year);
$isOnlyAssignedTo = '0' == $managed_user->getTimetrackingFilter('onlyAssignedTo') ? false : true;
$this->smartyHelper->assign('isOnlyAssignedTo', $isOnlyAssignedTo);
$isHideResolved = '0' == $managed_user->getTimetrackingFilter('hideResolved') ? false : true;
$this->smartyHelper->assign('isHideResolved', $isHideResolved);
$availableIssues = TimeTrackingTools::getIssues($this->teamid, $defaultProjectid, $isOnlyAssignedTo, $managed_user->getId(), $projList, $isHideResolved, $defaultBugid);
$this->smartyHelper->assign('issues', $availableIssues);
$this->smartyHelper->assign('jobs', SmartyTools::getSmartyArray(TimeTrackingTools::getJobs($defaultProjectid, $this->teamid), $job));
$this->smartyHelper->assign('duration', SmartyTools::getSmartyArray(TimeTrackingTools::getDurationList($this->teamid), $duration));
$this->smartyHelper->assign('weeks', SmartyTools::getWeeks($weekid, $year));
$this->smartyHelper->assign('years', SmartyTools::getYears($year, 1));
$weekDates = Tools::week_dates($weekid, $year);
$startTimestamp = $weekDates[1];
$endTimestamp = mktime(23, 59, 59, date("m", $weekDates[7]), date("d", $weekDates[7]), date("Y", $weekDates[7]));
$timeTracking = new TimeTracking($startTimestamp, $endTimestamp, $this->teamid);
$incompleteDays = array_keys($timeTracking->checkCompleteDays($managed_userid, TRUE));
$missingDays = $timeTracking->checkMissingDays($managed_userid);
$errorDays = array_merge($incompleteDays, $missingDays);
$smartyWeekDates = TimeTrackingTools::getSmartyWeekDates($weekDates, $errorDays);
// UTF8 problems in smarty, date encoding needs to be done in PHP
$this->smartyHelper->assign('weekDates', array($smartyWeekDates[1], $smartyWeekDates[2], $smartyWeekDates[3], $smartyWeekDates[4], $smartyWeekDates[5]));
$this->smartyHelper->assign('weekEndDates', array($smartyWeekDates[6], $smartyWeekDates[7]));
$weekTasks = TimeTrackingTools::getWeekTask($weekDates, $this->teamid, $managed_userid, $timeTracking, $errorDays);
$this->smartyHelper->assign('weekTasks', $weekTasks["weekTasks"]);
$this->smartyHelper->assign('dayTotalElapsed', $weekTasks["totalElapsed"]);
$timeTrackingTuples = $this->getTimetrackingTuples($managed_userid, $timeTracking);
$this->smartyHelper->assign('weekTimetrackingTuples', $timeTrackingTuples['current']);
$this->smartyHelper->assign('timetrackingTuples', $timeTrackingTuples['future']);
// ConsistencyCheck
$consistencyErrors = $this->getConsistencyErrors($managed_userid, $this->teamid);
if (count($consistencyErrors) > 0) {
$this->smartyHelper->assign('ccheckErrList', $consistencyErrors);
$this->smartyHelper->assign('ccheckButtonTitle', count($consistencyErrors) . ' ' . T_("Errors"));
$this->smartyHelper->assign('ccheckBoxTitle', count($consistencyErrors) . ' ' . T_("days are incomplete or undefined"));
}
$this->smartyHelper->assign('isForbidAddTimetracksOnClosed', 1 == $team->getGeneralPreference('forbidAddTimetracksOnClosed') ? true : false);
}
}
}
#!/usr/bin/php
<?php
if (php_sapi_name() !== "cli") {
die("This script is for command line use only");
}
include "../TimeTrack.class.php";
$dir = dirname(dirname(__FILE__));
$files = glob($dir . '/logs/*/options.ini');
$core = new TimeTrack();
$core->setMonth(date("Ym"));
foreach ($files as $optionFileName) {
$options = json_decode(file_get_contents($optionFileName));
$hash = basename(dirname($optionFileName));
if (isset($options->notifications)) {
writeLog("'{$hash}': Found notification");
if (!isset($options->notifications->when) || !isset($options->notifications->what) || !isset($options->notifications->how)) {
writeLog("'{$hash}': Notification settings are incomplete. Skipping.");
continue;
}
if (!isset($options->notifications->enabled) || $options->notifications->enabled == false) {
writeLog("'{$hash}': Notification is disabled. Skipping.");
continue;
}
$core->login(null, null, $hash);
$core->parseData();
$lastdayData = $core->getLastDay();
if (date('Y-m-d') != $lastdayData['date']) {
writeLog('Last day is not today, skipping');
continue;
}
$compareDate = $core->getNormalDayEnd();
