public function store($object_id) { global $db; $object_id = (int) $object_id; if ($object_id) { $this->value_intvalue = (int) $this->value_intvalue; $ins_charvalue = $this->value_charvalue == null ? '' : stripslashes($this->value_charvalue); $q = new w2p_Database_Query(); $q->addTable('custom_fields_values'); if ($this->value_id) { $q->addUpdate('value_charvalue', $ins_charvalue); $q->addUpdate('value_intvalue', $this->value_intvalue); $q->addWhere('value_id = ' . $this->value_id); } else { $q->addInsert('value_module', ''); $q->addInsert('value_field_id', $this->field_id); $q->addInsert('value_object_id', $object_id); $q->addInsert('value_charvalue', $ins_charvalue); $q->addInsert('value_intvalue', $this->value_intvalue); } $rs = $q->exec(); $q->clear(); if (!$rs) { return $db->ErrorMsg() . ' | SQL: '; } } else { return 'Error: Cannot store field (' . $this->field_name . '), associated id not supplied.'; } }
protected function _compactModuleUIOrder() { $q = new w2p_Database_Query(); $q->addTable('modules'); $q->addQuery('mod_id'); $q->addOrder('mod_ui_order ASC'); $q->addOrder('mod_directory ASC'); $moduleList = $q->loadList(); $i = 1; foreach ($moduleList as $module) { $q->clear(); $q->addTable('modules'); $q->addUpdate('mod_ui_order', $i); $q->addWhere('mod_id = ' . $module['mod_id']); $q->exec(); $i++; } }
$q = new w2p_Database_Query(); $q->addTable('tasks'); $q->addUpdate('task_percent_complete', '100'); $q->addWhere('task_id=' . (int) $val); } else { if ($task_priority == 'd') { // delete task $q = new w2p_Database_Query(); $q->setDelete('tasks'); $q->addWhere('task_id=' . (int) $val); } else { if ($task_priority > -2 && $task_priority < 2) { // set priority $q = new w2p_Database_Query(); $q->addTable('tasks'); $q->addUpdate('task_priority', $task_priority); $q->addWhere('task_id=' . (int) $val); } } } $q->exec(); echo db_error(); $q->clear(); } } $AppUI->savePlace(); $proj = new CProject(); $tobj = new CTask(); $allowedProjects = $proj->getAllowedSQL($AppUI->user_id, 'pr.project_id'); $allowedTasks = $tobj->getAllowedSQL($AppUI->user_id, 'ta.task_id'); // query my sub-tasks (ignoring task parents)
function sendNewPass() { global $AppUI; $_live_site = w2PgetConfig('base_url'); $_sitename = w2PgetConfig('company_name'); // ensure no malicous sql gets past $checkusername = trim(w2PgetParam($_POST, 'checkusername', '')); $checkusername = db_escape($checkusername); $confirmEmail = trim(w2PgetParam($_POST, 'checkemail', '')); $confirmEmail = strtolower(db_escape($confirmEmail)); $q = new w2p_Database_Query(); $q->addTable('users'); $q->addJoin('contacts', 'con', 'user_contact = contact_id', 'inner'); $q->addQuery('user_id'); $q->addWhere('user_username = \'' . $checkusername . '\''); /* Begin Hack */ /* * This is a particularly annoying hack but I don't know of a better * way to resolve #457. In v2.0, there was a refactoring to allow for * muliple contact methods which resulted in the contact_email being * removed from the contacts table. If the user is upgrading from * v1.x and they try to log in before applying the database, crash. * Info: http://bugs.web2project.net/view.php?id=457 */ $qTest = new w2p_Database_Query(); $qTest->addTable('w2pversion'); $qTest->addQuery('max(db_version)'); $dbVersion = $qTest->loadResult(); if ($dbVersion >= 21 && $dbVersion < 26) { $q->leftJoin('contacts_methods', 'cm', 'cm.contact_id = con.contact_id'); $q->addWhere("cm.method_value = '{$confirmEmail}'"); } else { $q->addWhere("LOWER(contact_email) = '{$confirmEmail}'"); } /* End Hack */ if (!($user_id = $q->loadResult()) || !$checkusername || !$confirmEmail) { $AppUI->setMsg('Invalid username or email.', UI_MSG_ERROR); $AppUI->redirect(); } $newpass = makePass(); $message = $AppUI->_('sendpass0', UI_OUTPUT_RAW) . ' ' . $checkusername . ' ' . $AppUI->_('sendpass1', UI_OUTPUT_RAW) . ' ' . $_live_site . ' ' . $AppUI->_('sendpass2', UI_OUTPUT_RAW) . ' ' . $newpass . ' ' . $AppUI->_('sendpass3', UI_OUTPUT_RAW); $subject = $_sitename . ' :: ' . $AppUI->_('sendpass4', UI_OUTPUT_RAW) . ' - ' . $checkusername; $m = new w2p_Utilities_Mail(); // create the mail $m->To($confirmEmail); $m->Subject($subject); $m->Body($message, isset($GLOBALS['locale_char_set']) ? $GLOBALS['locale_char_set'] : ''); // set the body $m->Send(); // send the mail $newpass = md5($newpass); $q->addTable('users'); $q->addUpdate('user_password', $newpass); $q->addWhere('user_id=' . $user_id); $cur = $q->exec(); if (!$cur) { die('SQL error' . $database->stderr(true)); } else { $AppUI->setMsg('New User Password created and emailed to you'); $AppUI->redirect(); } }
<?php /* $Id$ $URL$ */ if (!defined('W2P_BASE_DIR')) { die('You should not access this file directly.'); } $perms =& $AppUI->acl(); if (!canEdit('system')) { $AppUI->redirect('m=public&a=access_denied'); } $obj = new CConfig(); // set all checkboxes to false // overwrite the true/enabled/checked checkboxes later $q = new w2p_Database_Query(); $q->addTable('config'); $q->addUpdate('config_value', 'false'); $q->addWhere("config_type = 'checkbox'"); $rs = $q->loadResult(); $q->clear(); foreach ($_POST['w2Pcfg'] as $name => $value) { $obj->config_name = $name; $obj->config_value = $value; // grab the appropriate id for the object in order to ensure // that the db is updated well (config_name must be unique) $obj->config_id = $_POST['w2PcfgId'][$name]; $update = false; // This is really kludgy, but it works.. suggestions? if (strpos($name, '_pass') !== false) { if (1 == $_POST[$name . '_mod']) { $update = true; }
$ned->addDuration($obj->task_duration, $obj->task_duration_type); } else { // calc task time span start - end $d = $tsd->calcDuration($ted); // Re-add (keep) task time span for end date. // This is independent from $obj->task_duration. // The value returned by Date::Duration() is always in hours ('1') $ned->addDuration($d, '1'); } // prefer tue 16:00 over wed 8:00 as an end date $ned = $ned->prev_working_day(); $obj->task_start_date = $nsd->format(FMT_DATETIME_MYSQL); $obj->task_end_date = $ned->format(FMT_DATETIME_MYSQL); $q = new w2p_Database_Query(); $q->addTable('tasks', 't'); $q->addUpdate('task_start_date', $obj->task_start_date); $q->addUpdate('task_end_date', $obj->task_end_date); $q->addWhere('task_id = ' . (int) $obj->task_id); $q->addWhere('task_dynamic <> 1'); $q->exec(); $q->clear(); } $obj->pushDependencies($obj->task_id, $obj->task_end_date); } // If there is a set of post_save functions, then we process them if (isset($post_save)) { foreach ($post_save as $post_save_function) { $post_save_function(); } } if ($notify) {
public static function updateHoursWorked($taskId, $totalHours) { $q = new w2p_Database_Query(); $q->addTable('tasks'); $q->addUpdate('task_hours_worked', $totalHours + 0); $q->addWhere('task_id = ' . $taskId); $q->exec(); $q->clear(); $q->addTable('tasks'); $q->addQuery('task_project'); $q->addWhere('task_id = ' . $taskId); $project_id = $q->loadResult(); CProject::updateHoursWorked($project_id); }
public static function updatePercentComplete($project_id) { $working_hours = w2PgetConfig('daily_working_hours') ? w2PgetConfig('daily_working_hours') : 8; $q = new w2p_Database_Query(); $q->addTable('projects'); $q->addQuery('SUM(t1.task_duration * t1.task_percent_complete * IF(t1.task_duration_type = 24, ' . $working_hours . ', t1.task_duration_type)) / SUM(t1.task_duration * IF(t1.task_duration_type = 24, ' . $working_hours . ', t1.task_duration_type)) AS project_percent_complete'); $q->addJoin('tasks', 't1', 'projects.project_id = t1.task_project', 'inner'); $q->addWhere('project_id = ' . $project_id . ' AND t1.task_id = t1.task_parent'); $project_percent_complete = $q->loadResult(); $q->clear(); $q->addTable('projects'); $q->addUpdate('project_percent_complete', $project_percent_complete); $q->addWhere('project_id = ' . (int) $project_id); $q->exec(); global $AppUI; CTask::storeTokenTask($AppUI, $project_id); }
public function hook_cron() { if (w2PgetConfig('system_update_check', true)) { $lastCheck = w2PgetConfig('system_update_last_check', ''); $nowDate = new DateTime("now"); if ('' == $lastCheck) { $checkForUpdates = true; } else { $systemDate = new DateTime($lastCheck); $difference = 0; //$nowDate->diff($systemDate)->format('%d'); $checkForUpdates = $difference >= 7 ? true : false; } if ($checkForUpdates) { $AppUI = new w2p_Core_CAppUI(); $configList = array(); $moduleList = $AppUI->getLoadableModuleList(); foreach ($moduleList as $module) { $configList[$module['mod_directory']] = $module['mod_version']; } $configList['w2p_ver'] = $AppUI->getVersion(); $configList['php_ver'] = PHP_VERSION; $configList['database'] = $this->_w2Pconfig['dbtype']; $configList['server'] = $_SERVER['SERVER_SOFTWARE']; $configList['connector'] = php_sapi_name(); $configList['database_ver'] = mysql_get_client_info(); $libraries = array('tidy', 'json', 'libxml', 'mysql'); foreach ($libraries as $library) { $configList[$library . '_extver'] = phpversion($library); } if (function_exists('gd_info')) { $lib_version = gd_info(); $configList['gd_extver'] = $lib_version['GD Version']; } if (function_exists('curl_version')) { $lib_version = curl_version(); $configList['curl_extver'] = $lib_version['version']; } $request = new w2p_Utilities_HTTPRequest('http://stats.web2project.net'); $request->addParameters($configList); $result = $request->processRequest(); $data = json_decode($result); $q = new w2p_Database_Query(); $q->addTable('config'); if ('' == w2PgetConfig('available_version', '')) { $q->addInsert('config_name', 'available_version'); $q->addInsert('config_value', $data->w2p_ver); $q->addInsert('config_group', 'admin_system'); $q->addInsert('config_type', 'text'); } else { $q->addUpdate('config_value', $data->w2p_ver); $q->addWhere("config_name = 'available_version'"); } $q->exec(); $q->clear(); $q->addTable('config'); $q->addUpdate('config_value', date('Y-m-d H:i:s')); $q->addWhere("config_name = 'system_update_last_check'"); $q->exec(); } } }
public function commit_updates() { $q = new w2p_Database_Query(); if (count($this->delete_list)) { $q->setDelete($this->table); $q->addWhere('queue_id IN (' . implode(',', $this->delete_list) . ')'); $q->exec(); $q->clear(); } $this->delete_list = array(); foreach ($this->update_list as $fields) { $q->addTable($this->table); $q->addUpdate('queue_repeat_count', $fields['queue_repeat_count']); $q->addUpdate('queue_start', $fields['queue_start']); $q->addWhere('queue_id = ' . $fields['queue_id']); $q->exec(); $q->clear(); } $this->update_list = array(); }
public function gc() { global $AppUI; $max = $this->convertTime('max_lifetime'); $idle = $this->convertTime('idle_time'); // First pass is to kill any users that are logged in at the time of the session. $where = 'UNIX_TIMESTAMP() - UNIX_TIMESTAMP(session_updated) > ' . $idle . ' OR UNIX_TIMESTAMP() - UNIX_TIMESTAMP(session_created) > ' . $max; $q = new w2p_Database_Query(); $q->addTable('user_access_log'); $q->addUpdate('date_time_out', $q->dbfnNowWithTZ()); $q2 = new w2p_Database_Query(); $q2->addTable('sessions'); $q2->addQuery('session_user'); $q2->addWhere($where); $q->addWhere('user_access_log_id IN ( ' . $q2->prepare() . ' )'); $q->exec(); $q->clear(); $q2->clear(); // Now we simply delete the expired sessions. $q->setDelete('sessions'); $q->addWhere($where); $q->exec(); $q->clear(); if (w2PgetConfig('session_gc_scan_queue')) { // We need to scan the event queue. If $AppUI isn't created yet // And it isn't likely that it will be, we create it and run the // queue scanner. if (!isset($AppUI)) { $AppUI = new w2p_Core_CAppUI(); $queue = new w2p_System_EventQueue(); $queue->scan(); } } return true; }
public function delete(CAppUI $AppUI = null) { global $AppUI; $perms = $AppUI->acl(); $result = false; $this->_error = array(); if ($perms->checkModuleItem('forums', 'delete', $this->project_id)) { $q = new w2p_Database_Query(); $q->setDelete('forum_visits'); $q->addWhere('visit_message = ' . (int) $this->message_id); $q->exec(); // No error if this fails, it is not important. $q->clear(); $q->addTable('forum_messages'); $q->addQuery('message_forum'); $q->addWhere('message_id = ' . (int) $this->message_id); $forumId = $q->loadResult(); $q->clear(); $q->setDelete('forum_messages'); $q->addWhere('message_id = ' . (int) $this->message_id); if (!$q->exec()) { $result = db_error(); } else { $result = null; } $q->clear(); $q->addTable('forum_messages'); $q->addQuery('COUNT(message_id)'); $q->addWhere('message_forum = ' . (int) $forumId); $messageCount = $q->loadResult(); $q->clear(); $q->addTable('forums'); $q->addUpdate('forum_message_count', $messageCount); $q->addWhere('forum_id = ' . (int) $forumId); $q->exec(); $result = true; } return $result; }
} if (!$file_id) { $obj->file_owner = $AppUI->user_id; if (!$obj->file_version_id) { $q = new w2p_Database_Query(); $q->addTable('files'); $q->addQuery('file_version_id'); $q->addOrder('file_version_id DESC'); $q->setLimit(1); $latest_file_version = $q->loadResult(); $q->clear(); $obj->file_version_id = $latest_file_version + 1; } else { $q = new w2p_Database_Query(); $q->addTable('files'); $q->addUpdate('file_checkout', ''); $q->addWhere('file_version_id = ' . (int) $obj->file_version_id); $q->exec(); $q->clear(); } } $result = $obj->store($AppUI); if (is_array($result)) { $AppUI->setMsg($result, UI_MSG_ERROR, true); $AppUI->holdObject($obj); $AppUI->redirect('m=files&a=addedit'); } if ($result) { // Notification $obj->load($obj->file_id); $obj->notify($notify);
public function delete(CAppUI $AppUI = null) { $this->_error = array(); $q = new w2p_Database_Query(); $q->addTable('billingcode'); $q->addUpdate('billingcode_status', '1'); $q->addWhere('billingcode_id = ' . (int) $this->_billingcode_id); if (!$q->exec()) { $q->clear(); return db_error(); } else { $q->clear(); return true; } }
/** * @Function for update table user_acces_log in field date_time_lost_action */ public function updateLastAction($last_insert_id) { if ($last_insert_id > 0) { $q = new w2p_Database_Query(); $q->addTable('user_access_log'); $q->addUpdate('date_time_last_action', "'" . $q->dbfnNowWithTZ() . "'", false, true); $q->addWhere('user_access_log_id = ' . $last_insert_id); $q->exec(); } }
$AppUI->redirect('m=public&a=access_denied'); } $q->addTable('history'); $q->addInsert('history_table', "history"); $q->addInsert('history_action', "add"); $q->addInsert('history_date', "'" . $q->dbfnNowWithTZ() . "'"); $q->addInsert('history_description', $history_description); $q->addInsert('history_user', $userid); $q->addInsert('history_project', $history_project); $okMsg = 'History added'; } elseif ($action == 'update') { if (!canEdit('history')) { $AppUI->redirect('m=public&a=access_denied'); } $q->addTable('history'); $q->addUpdate('history_description', $history_description); $q->addUpdate('history_project', $history_project); $q->addWhere('history_id =' . $history_id); $okMsg = 'History updated'; } elseif ($action == 'del') { if (!canDelete('history')) { $AppUI->redirect('m=public&a=access_denied'); } $q->setDelete('history'); $q->addWhere('history_id =' . $history_id); $okMsg = 'History deleted'; } if (!$q->exec()) { $AppUI->setMsg(db_error()); } else { $AppUI->setMsg($okMsg);
function __extract_from_systemconfig_aed() { // set all checkboxes to false // overwrite the true/enabled/checked checkboxes later $q = new w2p_Database_Query(); $q->addTable('config'); $q->addUpdate('config_value', 'false'); $q->addWhere("config_type = 'checkbox'"); $q->loadResult(); }
/** * Post Request Handler * * This method is called when a request is a POST * * @return array */ public function executePost() { /** * @todo Remove this once we figure out how to reference vars in file * that is autoloaded */ global $tracking_dynamics; $valid = $this->hasRequiredParameters($this->requiredParams); if ($valid instanceof Frapi_Error) { return $valid; } $username = $this->getParam('username'); $password = $this->getParam('password'); $project_id = $this->getParam('project_id', self::TYPE_INT); $hassign = $this->getParam('hassign'); $hdependencies = $this->getParam('hdependencies'); $notify = $this->getParam('task_notify'); $comment = $this->getParam('email_comment'); $task_id = $this->getParam('task_id'); $adjustStartDate = $this->getParam('set_task_start_date'); $task = new CTask(); // Attempt to login as user, a little bit of a hack as we currently // require the $_POST['login'] var to be set as well as a global AppUI $AppUI = new CAppUI(); $GLOBALS['AppUI'] = $AppUI; $_POST['login'] = '******'; if (!$AppUI->login($username, $password)) { throw new Frapi_Error('INVALID_LOGIN'); } $post_data = array('task_id' => $this->getParam('task_id'), 'task_name' => $this->getParam('task_name'), 'task_status' => $this->getParam('task_status'), 'task_percent_complete' => $this->getParam('task_percent_complete'), 'task_milestone' => $this->getParam('task_milestone'), 'task_owner' => $this->getParam('task_owner'), 'task_access' => $this->getParam('task_access'), 'task_related_url' => $this->getParam('task_related_url'), 'task_parent' => $this->getParam('task_parent'), 'task_type' => $this->getParam('task_type'), 'task_target_budget' => $this->getParam('task_target_budget'), 'task_description' => $this->getParam('task_description'), 'task_start_date' => $this->getParam('task_start_date'), 'task_end_date' => $this->getParam('task_end_date'), 'task_duration' => $this->getParam('task_duration'), 'task_duration_type' => $this->getParam('task_duration_type'), 'task_dynamic' => $this->getParam('task_dynamic'), 'task_allow_other_user_tasklogs' => $this->getParam('task_allow_other_user_tasklogs'), 'task_project' => $this->getParam('task_project'), 'task_priority' => $this->getParam('task_priority')); // Include any files for handling module-specific requirements foreach (findTabModules('tasks', 'addedit') as $mod) { $fname = W2P_BASE_DIR . '/modules/' . $mod . '/tasks_dosql.addedit.php'; if (file_exists($fname)) { require_once $fname; } } // Find the task if we are set $task_end_date = null; if ($task_id) { $task->load($task_id); $task_end_date = new w2p_Utilities_Date($task->task_end_date); } $task = new CTask(); if (!$task->bind($post_data)) { throw new Frapi_Error('SAVE_ERROR', $task->getError()); } if ($task->task_dynamic != 1) { $task_dynamic_delay = $this->getParam('task_dynamic_nodelay') ? $this->getParam('task_dynamic_nodelay') : '0'; if (in_array($task->task_dynamic, $tracking_dynamics)) { $task->task_dynamic = $task_dynamic_delay ? 21 : 31; } else { $task->task_dynamic = $task_dynamic_delay ? 11 : 0; } } // Let's check if task_dynamic is unchecked if (!$this->getParam('task_dynamic')) { $task->task_dynamic = false; } // Make sure task milestone is set or reset as appropriate if ($this->getParam('task_milestone')) { $task->task_milestone = false; } //format hperc_assign user_id=percentage_assignment;user_id=percentage_assignment;user_id=percentage_assignment; $tmp_ar = explode(';', $this->getParam('hperc_assign')); $i_cmp = sizeof($tmp_ar); $hperc_assign_ar = array(); for ($i = 0; $i < $i_cmp; $i++) { $tmp = explode('=', $tmp_ar[$i]); if (count($tmp) > 1) { $hperc_assign_ar[$tmp[0]] = $tmp[1]; } elseif ($tmp[0] != '') { $hperc_assign_ar[$tmp[0]] = 100; } } // let's check if there are some assigned departments to task $task->task_departments = implode(',', $this->getParam('dept_ids', self::TYPE_ARRAY)); // convert dates to SQL format first if ($task->task_start_date) { $date = new w2p_Utilities_Date($task->task_start_date); $task->task_start_date = $date->format(FMT_DATETIME_MYSQL); } $end_date = null; if ($task->task_end_date) { if (strpos($task->task_end_date, '2400') !== false) { $task->task_end_date = str_replace('2400', '2359', $task->task_end_date); } $end_date = new w2p_Utilities_Date($task->task_end_date); $task->task_end_date = $end_date->format(FMT_DATETIME_MYSQL); } $error_array = $task->store($AppUI); // Return all the validation messages if ($error_array !== true) { $error_message = ''; foreach ($error_array as $error) { $error_message .= $error . '. '; } throw new Frapi_Error('SAVE_ERROR', $error_message); } $task_parent = $this->getParam('task_parent') ? $this->getParam('task_parent', SELF::TYPE_INT) : 0; $old_task_parent = $this->getParam('old_task_parent') ? $this->getParam('old_task_parent', SELF::TYPE_INT) : 0; if ($task_parent != $old_task_parent) { $oldTask = new CTask(); $oldTask->load($old_task_parent); $oldTask->updateDynamics(false); } // How to handle custom fields? Do we support it in api? // Now add any task reminders // If there wasn't a task, but there is one now, and // that task date is set, we need to set a reminder. if (empty($task_end_date) || !empty($end_date) && $task_end_date->dateDiff($end_date)) { $task->addReminder(); } if (isset($hassign)) { $task->updateAssigned($hassign, $hperc_assign_ar); } if (isset($hdependencies)) { // && !empty($hdependencies)) { // there are dependencies set! // backup initial start and end dates $tsd = new w2p_Utilities_Date($task->task_start_date); $ted = new w2p_Utilities_Date($task->task_end_date); // updating the table recording the // dependency relations with this task $task->updateDependencies($hdependencies, $task_parent); // we will reset the task's start date based upon dependencies // and shift the end date appropriately if ($adjustStartDate && !is_null($hdependencies)) { // load already stored task data for this task $tempTask = new CTask(); $tempTask->load($task->task_id); // shift new start date to the last dependency end date $nsd = new w2p_Utilities_Date($tempTask->get_deps_max_end_date($tempTask)); // prefer Wed 8:00 over Tue 16:00 as start date $nsd = $nsd->next_working_day(); // prepare the creation of the end date $ned = new w2p_Utilities_Date(); $ned->copy($nsd); if (empty($task->task_start_date)) { // appropriately calculated end date via start+duration $ned->addDuration($task->task_duration, $task->task_duration_type); } else { // calc task time span start - end $d = $tsd->calcDuration($ted); // Re-add (keep) task time span for end date. // This is independent from $obj->task_duration. // The value returned by Date::Duration() is always in hours ('1') $ned->addDuration($d, '1'); } // prefer tue 16:00 over wed 8:00 as an end date $ned = $ned->prev_working_day(); $task->task_start_date = $nsd->format(FMT_DATETIME_MYSQL); $task->task_end_date = $ned->format(FMT_DATETIME_MYSQL); $q = new w2p_Database_Query(); $q->addTable('tasks', 't'); $q->addUpdate('task_start_date', $task->task_start_date); $q->addUpdate('task_end_date', $task->task_end_date); $q->addWhere('task_id = ' . (int) $task->task_id); $q->addWhere('task_dynamic <> 1'); $q->exec(); $q->clear(); } $task->pushDependencies($task->task_id, $task->task_end_date); } //$task = (array)$task; $task->load($task_id); unset($task->_query, $task->_error, $task->_tbl_prefix, $task->_tbl, $task->_tbl_key, $task->_tbl_module); $this->data['task'] = $task; $this->data['success'] = true; return $this->toArray(); }
public function authenticate($username, $password) { global $db, $AppUI; if (!isset($_REQUEST['userdata'])) { // fallback to SQL Authentication if PostNuke fails. if ($this->fallback) { return parent::authenticate($username, $password); } else { die($AppUI->_('You have not configured your PostNuke site correctly')); } } if (!($compressed_data = base64_decode(urldecode($_REQUEST['userdata'])))) { die($AppUI->_('The credentials supplied were missing or corrupted') . ' (1)'); } if (!($userdata = gzuncompress($compressed_data))) { die($AppUI->_('The credentials supplied were missing or corrupted') . ' (2)'); } if (!($_REQUEST['check'] = md5($userdata))) { die($AppUI->_('The credentials supplied were issing or corrupted') . ' (3)'); } $user_data = unserialize($userdata); // Now we need to check if the user already exists, if so we just // update. If not we need to create a new user and add a default // role. $username = trim($user_data['login']); $this->username = $username; $names = explode(' ', trim($user_data['name'])); $last_name = array_pop($names); $first_name = implode(' ', $names); $passwd = trim($user_data['passwd']); $email = trim($user_data['email']); $q = new w2p_Database_Query(); $q->addTable('users'); $q->addQuery('user_id, user_password, user_contact'); $q->addWhere('user_username = \'' . $username . '\''); if (!($rs = $q->exec())) { die($AppUI->_('Failed to get user details') . ' - error was ' . $db->ErrorMsg()); } if ($rs->RecordCount() < 1) { $q->clear(); $this->createsqluser($username, $passwd, $email, $first_name, $last_name); } else { if (!($row = $rs->FetchRow())) { die($AppUI->_('Failed to retrieve user detail')); } // User exists, update the user details. $this->user_id = $row['user_id']; $q->clear(); $q->addTable('users'); $q->addUpdate('user_password', $passwd); $q->addWhere('user_id = ' . $this->user_id); if (!$q->exec()) { die($AppUI->_('Could not update user credentials')); } $q->clear(); $q->addTable('contacts'); $q->addUpdate('contact_first_name', $first_name); $q->addUpdate('contact_last_name', $last_name); $q->addUpdate('contact_email', $email); $q->addWhere('contact_id = ' . $row['user_contact']); if (!$q->exec()) { die($AppUI->_('Could not update user details')); } } return true; }
public function indexStrings() { global $w2Pconfig; $nwords_indexed = 0; /* Workaround for indexing large files: ** Based on the value defined in config data, ** files with file_size greater than specified limit ** are not indexed for searching. ** Negative value :<=> no filesize limit */ $index_max_file_size = w2PgetConfig('index_max_file_size', 0); if ($this->file_size > 0 && ($index_max_file_size < 0 || (int) $this->file_size <= $index_max_file_size * 1024)) { // get the parser application $parser = $w2Pconfig['parser_' . $this->file_type]; if (!$parser) { $parser = $w2Pconfig['parser_default']; } if (!$parser) { return false; } // buffer the file $this->_filepath = W2P_BASE_DIR . '/files/' . $this->file_project . '/' . $this->file_real_filename; if (file_exists($this->_filepath)) { $fp = fopen($this->_filepath, 'rb'); $x = fread($fp, $this->file_size); fclose($fp); // parse it $parser = $parser . ' ' . $this->_filepath; $pos = strpos($parser, '/pdf'); /* * TODO: I *really* hate using error surpression here and I would * normally just detect if safe_mode is on and if it was, skip * this call. Unfortunately, safe_mode has been deprecated in * 5.3 and will be removed in 5.4 */ if (false !== $pos) { $x = @shell_exec(`{$parser} -`); } else { $x = @shell_exec(`{$parser}`); } // if nothing, return if (strlen($x) < 1) { return 0; } // remove punctuation and parse the strings $x = str_replace(array('.', ',', '!', '@', '(', ')'), ' ', $x); $warr = explode(' ', $x); $wordarr = array(); $nwords = count($warr); for ($x = 0; $x < $nwords; $x++) { $newword = $warr[$x]; if (!preg_match('[!"#$%&\'()*+,\\-./:;<=>?@[\\\\]^_`{|}~]', $newword) && mb_strlen(mb_trim($newword)) > 2 && !preg_match('[0-9]', $newword)) { $wordarr[$newword] = $x; } } // filter out common strings $ignore = w2PgetSysVal('FileIndexIgnoreWords'); $ignore = str_replace(' ,', ',', $ignore); $ignore = str_replace(', ', ',', $ignore); $ignore = explode(',', $ignore); foreach ($ignore as $w) { unset($wordarr[$w]); } $nwords_indexed = count($wordarr); // insert the strings into the table while (list($key, $val) = each($wordarr)) { $q = new w2p_Database_Query(); $q->addTable('files_index'); $q->addReplace('file_id', $this->file_id); $q->addReplace('word', $key); $q->addReplace('word_placement', $val); $q->exec(); $q->clear(); } } else { //TODO: if the file doesn't exist.. should we delete the db record? } } $q = new w2p_Database_Query(); $q->addTable('files'); $q->addUpdate('file_indexed', 1); $q->addWhere('file_id = ' . $this->file_id); $q->exec(); return $nwords_indexed; }
public function clearOldUpdatekeys($days_for_update) { $q = new w2p_Database_Query(); $q->addTable('contacts'); $q->addUpdate('contact_updatekey', ''); $q->addWhere("(TO_DAYS(NOW()) - TO_DAYS(contact_updateasked) >= {$days_for_update})"); $q->exec(); }
public function update($field_id, $field_name, $field_description, $field_htmltype, $field_datatype, $field_extratags, $field_order, $field_published, &$error_msg) { global $db; $q = new w2p_Database_Query(); $q->addTable('custom_fields_struct'); $q->addUpdate('field_name', $field_name); $q->addUpdate('field_description', $field_description); $q->addUpdate('field_htmltype', $field_htmltype); $q->addUpdate('field_datatype', $field_datatype); $q->addUpdate('field_extratags', $field_extratags); $q->addUpdate('field_order', $field_order); $q->addUpdate('field_published', $field_published); $q->addWhere('field_id = ' . $field_id); if (!$q->exec()) { $error_msg = $db->ErrorMsg(); $q->clear(); return 0; } else { $q->clear(); return $field_id; } }
<?php /* $Id$ $URL$ */ if (!defined('W2P_BASE_DIR')) { die('You should not access this file directly.'); } $holiday_manual = (int) w2PgetParam($_POST, "holiday_manual", 0); $holiday_auto = (int) w2PgetParam($_POST, "holiday_auto", 0); $holiday_driver = (int) w2PgetParam($_POST, "holiday_driver", -1); $holiday_filter = (int) w2PgetParam($_POST, "holiday_filter", -1); $q = new w2p_Database_Query(); $q->addTable('holiday_settings'); $q->addUpdate('holiday_manual', $holiday_manual); $q->addUpdate('holiday_auto', $holiday_auto); $q->addUpdate('holiday_driver', $holiday_driver); $q->addUpdate('holiday_filter', $holiday_filter); $q->exec(); $q->clear(); $cal_working_days = w2PgetConfig("cal_working_days"); $newcal_working_days = w2PgetParam($_POST, "cal_working_days", $cal_working_days); if ($newcal_working_days != $cal_working_days) { $q->addTable('config'); $q->addQuery("config_id"); $q->addWhere("config_name = 'cal_working_days'"); $id = $q->loadResult(); $q->clear(); $obj = new w2p_Core_Config(); $obj->load($id); $obj->config_value = $newcal_working_days; if ($msg = $obj->store($AppUI)) { $AppUI->setMsg($msg, UI_MSG_ERROR);