static function validate()
{
$errors = array();
if (!isset($_POST["password"]) || !$_POST["password"]) {
array_push($errors, 'Ingrese su contraseña actual');
}
if (!isset($_POST["newPassword"]) || !$_POST["newPassword"]) {
array_push($errors, 'Ingrese una nueva contraseña');
}
if ($_POST["newPassword"] && strlen($_POST["newPassword"]) < 8) {
array_push($errors, 'La contraseña debe contener un mínimo de 8 caracteres');
}
if ($_POST["newPassword"] && strlen($_POST["newPassword"]) > 50) {
array_push($errors, 'La contraseña debe contener un máximo de 50 caracteres');
}
if (!isset($_POST["repeatPassword"]) || !$_POST["repeatPassword"]) {
array_push($errors, 'Repita la contraseña');
}
if ($_POST["newPassword"] != $_POST["repeatPassword"]) {
array_push($errors, 'Las contraseñas ingresadas no coinciden');
}
if (isset($_POST["password"])) {
$user = SecurityAdmin::getUserByCredentials(SecurityManager::UserInfo()->nick, $_POST["password"]);
if ($user == null) {
array_push($errors, 'La contraseña actual es incorrecta');
}
}
return $errors;
}
static function isValidUser()
{
if (!isset($_SESSION["user"])) {
return false;
}
SecurityManager::refreshTimeout();
return !SecurityManager::isTimeout();
}
static function render()
{
$_SESSION["sitemap"] = null;
if (!isset($_SESSION["sitemap"]) || !$_SESSION["sitemap"]) {
SitemapManager::initialize();
}
SitemapManager::open();
foreach ($_SESSION["sitemap"]->nodes as $node) {
if (!SecurityManager::isUserInRoles($node->roles)) {
continue;
}
SitemapManager::renderNode($node);
}
SitemapManager::close();
}
static function process()
{
if (!isset($_POST["submit"])) {
return null;
}
$errors = LoginController::validate();
if (sizeof($errors) > 0) {
return $errors;
}
$isValidUser = SecurityManager::login($_POST["userName"], $_POST["password"]);
if ($isValidUser) {
Utils::Redirect('https://' . getenv('HTTP_HOST') . APP_FOLDER . '/views/solicitudesEntrega/index.php', false);
}
return array('Usuario inválido');
}
<?php
if (!isset($_SESSION)) {
session_start();
}
$_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos';
include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php';
use security\SecurityManager;
SecurityManager::authorize(array('admin', 'Gestor'));
?>
<?php
include_once $_SERVER["DOCUMENT_ROOT"] . '/views/shared/masterTop.php';
?>
<div ng-app="diarco.usersAdmin">
<?php
include 'bundle.php';
?>
<loading></loading>
<div ng-view></div>
</div>
<script type="text/javascript" src="../../scripts/app/securityAdmin/usersModule.js?v=<?php
echo rand(1, 1000000);
?>
"> </script>
<script type="text/javascript" src="../../scripts/app/securityAdmin/usersListCtrl.js?v=<?php
echo rand(1, 1000000);
?>
<?php
if (!isset($_SESSION)) {
session_start();
}
$_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos';
include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php';
use security\SecurityManager;
use controllers\CambioContraseniaController;
SecurityManager::authorize();
$errors = CambioContraseniaController::process();
?>
<?php
include_once $_SERVER["DOCUMENT_ROOT"] . '/views/shared/masterTop.php';
?>
<div >
<section id="widget-grid" class="">
<article class="col-xs-12 col-sm-12 col-md-12 col-lg-12">
<div class="jarviswidget" id="wid-id-1002" data-widget-colorbutton="false" data-widget-editbutton="false" data-widget-togglebutton="false" data-widget-deletebutton="false" data-widget-custombutton="false" data-widget-collapsed="false" data-widget-sortable="false">
<header role="heading">
<span class="widget-icon"> <i class="fa fa-edit"></i> </span>
<span style="position: relative; left: 8px; top: -3px;;">Cambiar contraseña</span>
</header>
<div role="content">
<div class="widget-body">
<?php
<?php /** * Created by PhpStorm. * User: pzaborowski * Date: 07/01/2015 * Time: 10:53 AM */ session_start(); $_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos'; include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php'; use security\SecurityManager; SecurityManager::logout(); ?>
<?php
if (!isset($_SESSION)) {
session_start();
}
$_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos';
include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php';
use admin\SecurityAdmin;
use lib\ExportDataExcel;
use security\SecurityManager;
SecurityManager::authorize(array('admin'));
$multicolumnSearchText = isset($_POST['multicolumnSearchText']) && $_POST['multicolumnSearchText'] ? $_POST['multicolumnSearchText'] : '';
$inactivos = isset($_POST['inactivos']) && $_POST['inactivos'] ? $_POST['inactivos'] : false;
$data = SecurityAdmin::getUsersByFilter($multicolumnSearchText, $inactivos);
$exporter = new ExportDataExcel('browser', 'Usuarios.xls');
$exporter->initialize();
$exporter->addRow(array("Id", "Nick", "Nombre", "Mail", "Tipo", "Activo", "FechaAlta"));
foreach ($data as $user) {
$exporter->addRow(array($user->id, $user->nick, $user->firstName, $user->mail, $user->type, $user->enabled ? 'Si' : 'No', $user->createDate));
}
$exporter->finalize();
exit;
</div>
</div>
</header>
<!-- END HEADER -->
<aside id="left-panel">
<!-- User info -->
<div class="login-info">
<span>
<a href="javascript:void(0);" id="show-shortcut">
<span>
<?php
if (SecurityManager::isValidUser()) {
$user = SecurityManager::UserInfo();
echo $user->firstName;
}
?>
</span>
<i class="fa fa-angle-down"></i>
</a>
</span>
</div>
<?php
SitemapManager::render();
?>
<span class="minifyme"> <i class="fa fa-arrow-circle-left hit"></i> </span>
static function addEntry($form)
{
$transaction = NULL;
$result = array();
$userId = null;
$user = null;
$newUser = false;
$userExists = SecurityManager::isValidUser();
try {
$transaction = GenericDao::beginTransaction();
if (!$userExists) {
$step = Phinq::create($form->steps)->single(function ($item) {
return isset($item->disabled) && $item->disabled == true;
});
$mail = Phinq::create($step->controls)->single(function ($item) {
return $item->columnName == 'mail';
})->value;
$nombre = Phinq::create($step->controls)->single(function ($item) {
return $item->columnName == 'nombre';
})->value;
$apellido = Phinq::create($step->controls)->single(function ($item) {
return $item->columnName == 'apellido';
})->value;
$user = UserAdmin::getUserByMail($mail);
if ($user != null) {
$form->userId = $userId = $user->id;
} else {
$newUser = true;
$password = substr(md5(uniqid()), 0, 8);
$userDto = new \stdClass();
$userDto->firstName = $nombre;
$userDto->lastName = $apellido;
$userDto->mail = $mail;
$userDto->type = UserType::client;
$userDto->password = $password;
$response = json_decode(SecurityAdmin::createUser($userDto, $transaction));
$form->userId = $userId = $response->data;
}
$form->confirmada = 'N';
} else {
$form->userId = $userId = SecurityManager::UserInfo()->id;
$form->confirmada = 'S';
}
$form->ip = $_SERVER['REMOTE_ADDR'];
$entryId = FormDao::addEntry($form, $transaction);
$user = SecurityDao::getUserById($userId);
$dwoo = new Core();
if (!$userExists) {
if (!$newUser) {
$user->logo = AppConfig::logoUrl;
$user->producto = BaseAdmin::getProductoSimple($form->productoId)->nombre;
$code = base64_encode($user->id . '|' . $user->createDate . '|' . $user->mail . '|' . $entryId . '|' . $form->productoId . '|' . $form->id);
$link = 'http://' . getenv('HTTP_HOST') . APP_FOLDER . '/views/client/Confirmacion.php?c=' . $code;
$user->link = $link;
$template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userSolicitudRequestConfirm.tpl', (array) $user);
Mail::Send($user->mail, 'Confirmación de solicitud', $template);
} else {
$subject = 'Aladinnus, proceso de activación';
$code = base64_encode($user->id . '|' . $user->createDate . '|' . $user->mail . '|' . $entryId . '|' . $form->productoId . '|' . $form->id);
$link = 'http://' . getenv('HTTP_HOST') . APP_FOLDER . '/views/client/Activacion.php?c=' . $code;
$user->link = $link;
$userDto->logo = $user->logo = AppConfig::logoUrl;
$template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userActivation.tpl', (array) $user);
Mail::Send($user->mail, $subject, $template);
}
} else {
//MAIL PROVEEDORES
$usersProveedor = SecurityDao::getUsersProveedorByProductoId($form->productoId);
foreach ($usersProveedor as $prov) {
FormAdmin::addProveedorEntry($prov->id, $form->id, $entryId, $user->id);
$prov->logo = AppConfig::logoUrl;
$template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/providerNewSolicitud.tpl', (array) $prov);
Mail::Send($prov->mail, 'Nueva solicitud', $template);
}
//MAIL ADMINs
$usersAdmin = SecurityDao::getUsersAdmin();
$usersAdmin = Phinq::create($usersAdmin)->where(function ($user) {
return $user->enabled;
})->toArray();
foreach ($usersAdmin as $admin) {
$admin->logo = AppConfig::logoUrl;
$template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userAdminRequest.tpl', (array) $admin);
Mail::Send($admin->mail, 'Nueva solicitud', $template);
}
//MAIL USUARIO
$user->logo = AppConfig::logoUrl;
$user->producto = BaseAdmin::getProductoSimple($form->productoId)->nombre;
$template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userRequest.tpl', (array) $user);
Mail::Send($user->mail, 'Nueva solicitud', $template);
}
$transaction->commit();
} catch (\Exception $ex) {
$transaction->rollBack();
$result = array($ex->getMessage());
}
return $result;
}
<?php
if (!isset($_SESSION)) {
session_start();
}
$_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos';
include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php';
use security\SecurityManager;
SecurityManager::authorize(array('admin', 'Gestor', 'Proveedor', 'Consulta'));
?>
<?php
include_once $_SERVER["DOCUMENT_ROOT"] . '/views/shared/masterTop.php';
?>
<div ng-app="diarco.solicitudesEntrega">
<?php
include 'bundle.php';
?>
<loading></loading>
<div ng-view></div>
</div>
<script type="text/javascript" src="../../scripts/app/solicitudesEntrega/solicitudesEntregaModule.js?v=<?php
echo rand(1, 1000000);
?>
"> </script>
<script type="text/javascript" src="../../scripts/app/solicitudesEntrega/solicitudesEntregaListCtrl.js?v=<?php
echo rand(1, 1000000);
?>
"> </script>
static function getDataEditInitBloqueos()
{
$data = new \stdClass();
$data->bloqueoTypes = array();
$data->user = SecurityManager::UserInfo();
$data->user->type = SecurityManager::UserInfo()->roles[0]->name;
$data->sucursales = array();
if ($data->user->type == 'Gestor') {
array_push($data->sucursales, ExternalDao::getSucursalById($data->user->sucursalId));
} else {
$data->sucursales = ExternalDao::getAllSucursales();
}
array_push($data->bloqueoTypes, BloqueoType::bloqueo);
array_push($data->bloqueoTypes, BloqueoType::feriado);
$result = new Response(new Result(), $data);
return json_encode(Utils::utf8ize($result));
}
static function getDataReservasInit($id)
{
$data = new \stdClass();
$data->user = SecurityDao::getUserById($id);
$data->user->reservas = SecurityDao::getReservasByUserId($id);
$data->currentUser = SecurityManager::UserInfo();
$data->sucursales = ExternalDao::getAllSucursales();
$result = new Response(new Result(), $data);
return json_encode(Utils::utf8ize($result));
}
