/**
*connect to folder and give to admin. the profile Admin(builtin)
* @param int $p_id dossier::id()
*/
static function synchro_admin($p_id)
{
// connect to target
$cn = new Database($p_id);
if (!$cn->exist_table("profile_menu")) {
echo_warning("Dossier invalide");
return;
}
// connect to repo
$repo = new Database();
$a_admin = $repo->get_array("select use_login from ac_users where\n\t\t\tuse_admin=1 and use_active=1");
try {
/**
* synchro global
*/
$cn->start();
for ($i = 0; $i < count($a_admin); $i++) {
$exist = $cn->get_value("select p_id from profile_user\n\t\t\t\t\twhere user_name=\$1", array($a_admin[$i]['use_login']));
if ($exist == "") {
$cn->exec_sql("insert into profile_user(user_name,p_id) values(\$1,1)", array($a_admin[$i]['use_login']));
}
}
$cn->commit();
} catch (Exception $e) {
echo_warning($e->getMessage());
$cn->rollback();
}
}
$priv = sprintf("action%d", $id);
if (!isset($_POST[$priv])) {
$cn->exec_sql("delete from user_sec_act where ua_act_id=\$1", array($id));
continue;
}
$count = $cn->get_value('select count(*) from user_sec_act where ua_login=$1 ' . ' and ua_act_id=$2', array($sec_User->login, $id));
if ($_POST[$priv] == 1 && $count == 0) {
$cn->exec_sql('insert into user_sec_act (ua_login,ua_act_id)' . ' values ($1,$2)', array($sec_User->login, $id));
}
if ($_POST[$priv] == 0) {
$cn->exec_sql('delete from user_sec_act where ua_login=$1 and ua_act_id=$2', array($sec_User->login, $id));
}
}
$cn->commit();
} catch (Exception $e) {
echo_warning($e->getTraceAsString());
$cn->rollback();
}
}
//--------------------------------------------------------------------------------
// Action == View detail for users
//--------------------------------------------------------------------------------
if ($action == "view") {
$l_Db = sprintf("dossier%d", $gDossier);
$return = HtmlInput::button_anchor('Retour à la liste', '?&ac=' . $_REQUEST['ac'] . '&' . dossier::get(), 'retour');
$repo = new Database();
$User = new User($repo, $_GET['user_id']);
$admin = 0;
$access = $User->get_folder_access($gDossier);
$str = "Aucun accès";
if ($access == 'R') {
/**
* Parse a XML file to complete an array of extension objects
* @brief Create extension from XML.
* @param type $p_file filename
* @return array of Extension
*/
static function read_definition($p_file)
{
global $cn;
$dom = new DomDocument('1.0');
$dom->load($p_file);
$xml = simplexml_import_dom($dom);
$nb_plugin = count($xml->plugin);
$a_extension = array();
for ($i = 0; $i < $nb_plugin; $i++) {
$extension = new Extension($cn);
try {
$extension->check_xml($xml);
} catch (Exception $ex) {
echo_warning($e->getMessage());
if ($ex->getCode() == 1) {
continue;
}
}
$extension->me_file = trim($xml->plugin[$i]->root) . '/' . trim($xml->plugin[$i]->file);
$extension->me_code = trim($xml->plugin[$i]->code);
$extension->me_description = isset($xml->plugin[$i]->description) ? trim($xml->plugin[$i]->description) : "";
$extension->me_description_etendue = trim($xml->plugin[$i]->author) ? trim($xml->plugin[$i]->author) : "";
$extension->me_type = 'PL';
$extension->me_menu = trim($xml->plugin[$i]->name);
$extension->me_parameter = 'plugin_code=' . trim($xml->plugin[$i]->code);
$a_extension[] = clone $extension;
}
return $a_extension;
}
/**
* Find the default module or the first one
* @global $g_user $g_user
* @return default module (string)
*/
function find_default_module()
{
global $g_user;
$cn = Dossier::connect();
$default_module = $cn->get_array("select me_code\n\t from profile_menu join profile_user using (p_id)\n\t where\n\t p_type_display='M' and\n\t user_name=\$1 and pm_default=1", array($g_user->login));
/*
* Try to find the smallest order for module
*/
if (empty($default_module)) {
$default_module = $cn->get_array("select me_code\n\t from profile_menu join profile_user using (p_id)\n\t where\n\t p_type_display='M' and\n\t user_name=\$1 order by p_order limit 1", array($g_user->login));
// if no default try to find the default menu
if (empty($default_module)) {
$default_module = $cn->get_array("select me_code\n\t\t\t from profile_menu join profile_user using (p_id)\n\t\t\t where\n\t\t\t p_type_display='E' and\n\t\t\t user_name=\$1 and pm_default=1 ", array($g_user->login));
/*
* Try to find a default menu by order
*/
if (empty($default_module)) {
$default_module = $cn->get_array("select me_code\n\t\t\t\tfrom profile_menu join profile_user using (p_id)\n\t\t\t\twhere\n\t\t\t\tuser_name=\$1 and p_order=(select min(p_order) from profile_menu join profile_user using (p_id)\n\t\t\t\twhere user_name=\$2) limit 1", array($g_user->login, $g_user->login));
}
/*
* if nothing found, there is no profile for this user => exit
*/
if (empty($default_module)) {
/*
* If administrateur, then we insert a default profile (1)
* for him
*/
if ($g_user->admin == 1) {
$cn->exec_sql('insert into profile_user(user_name,p_id) values ($1,1) ', array($g_user->login));
return find_default_module();
}
echo_warning(_("Utilisateur n'a pas de profil, votre administrateur doit en configurer un dans CFGSEC"));
exit;
}
}
return $default_module[0]['me_code'];
}
if (count($default_module) > 1) {
// return the first module found
return $default_module[0]['me_code'];
} elseif (count($default_module) == 1) {
return $default_module[0]['me_code'];
}
}
}
require_once NOALYSS_INCLUDE . '/class_database.php';
require_once NOALYSS_INCLUDE . '/class_dossier.php';
require_once NOALYSS_INCLUDE . '/ac_common.php';
require_once NOALYSS_INCLUDE . '/constant.php';
require_once NOALYSS_INCLUDE . '/function_javascript.php';
require_once NOALYSS_INCLUDE . '/class_extension.php';
require_once NOALYSS_INCLUDE . '/class_html_input.php';
require_once NOALYSS_INCLUDE . '/class_iselect.php';
require_once NOALYSS_INCLUDE . '/constant.security.php';
require_once NOALYSS_INCLUDE . '/class_user.php';
/**
* included from do.php + extension_choice.inc.php
*/
// find file and check security
global $cn, $g_user;
$ext = new Extension($cn);
if ($ext->search($_REQUEST['plugin_code']) == -1) {
echo_warning("plugin non trouvé");
return;
}
if ($ext->can_request($g_user->login) == -1) {
alert("Plugin non authorisé");
return;
}
if (!file_exists(NOALYSS_PLUGIN . '/' . trim($ext->me_file))) {
alert(j(_("Ce fichier n'existe pas ")));
return;
}
echo '<div class="content">';
require_once NOALYSS_PLUGIN . DIRECTORY_SEPARATOR . trim($ext->me_file);
function Generate($p_array, $p_filename = "")
{
// create a temp directory in /tmp to unpack file and to parse it
$dirname = tempnam($_ENV['TMP'], 'doc_');
unlink($dirname);
mkdir($dirname);
// Retrieve the lob and save it into $dirname
$this->db->start();
$dm_info = "select md_name,md_type,md_lob,md_filename,md_mimetype\n from document_modele where md_id=" . $this->md_id;
$Res = $this->db->exec_sql($dm_info);
$row = Database::fetch_array($Res, 0);
$this->d_lob = $row['md_lob'];
$this->d_filename = $row['md_filename'];
$this->d_mimetype = $row['md_mimetype'];
$this->d_name = $row['md_name'];
chdir($dirname);
$filename = $row['md_filename'];
$exp = $this->db->lo_export($row['md_lob'], $dirname . DIRECTORY_SEPARATOR . $filename);
if ($exp === false) {
echo_warning(__FILE__ . ":" . __LINE__ . "Export NOK {$filename}");
}
$type = "n";
// if the doc is a OOo, we need to unzip it first
// and the name of the file to change is always content.xml
if (strpos($row['md_mimetype'], 'vnd.oasis') != 0) {
ob_start();
$zip = new Zip_Extended();
if ($zip->open($filename) === TRUE) {
$zip->extractTo($dirname . DIRECTORY_SEPARATOR);
$zip->close();
} else {
echo __FILE__ . ":" . __LINE__ . "cannot unzip model " . $filename;
}
// Remove the file we do not need anymore
unlink($filename);
ob_end_clean();
$file_to_parse = "content.xml";
$type = "OOo";
} else {
$file_to_parse = $filename;
}
// affect a number
$this->d_number = $this->db->get_next_seq("seq_doc_type_" . $row['md_type']);
// parse the document - return the doc number ?
$this->ParseDocument($dirname, $file_to_parse, $type, $p_array);
$this->db->commit();
// if the doc is a OOo, we need to re-zip it
if (strpos($row['md_mimetype'], 'vnd.oasis') != 0) {
ob_start();
$zip = new Zip_Extended();
$res = $zip->open($filename, ZipArchive::CREATE);
if ($res !== TRUE) {
throw new Exception(__FILE__ . ":" . __LINE__ . "cannot recreate zip");
}
$zip->add_recurse_folder($dirname . DIRECTORY_SEPARATOR);
$zip->close();
ob_end_clean();
$file_to_parse = $filename;
}
if ($p_filename != "") {
$this->d_filename = $this->compute_filename($p_filename, $this->d_filename);
}
$this->SaveGenerated($dirname . DIRECTORY_SEPARATOR . $file_to_parse);
// Invoice
$ret = '<A class="mtitle" HREF="show_document.php?d_id=' . $this->d_id . '&' . dossier::get() . '">Document généré</A>';
@rmdir($dirname);
return $ret;
}
// check it isn't a ip address
if (!isset($parts['host'])) {
echo_error("There is no host in the URI");
$proceed = false;
} elseif (filter_var($parts['host'], FILTER_VALIDATE_IP)) {
echo_error("The host '" . $parts['host'] . "' appears to be an IP address. These are not considered persistent. You must use a domain name.");
$proceed = false;
} else {
echo_ok("The host has the domain name of '" . $parts['host'] . "'");
}
// warn if we have no path info. There isn't a requirement to have one but
// it is unlikely people would do it all with subdomains.
if (isset($parts['path'])) {
echo_ok("The path component is '" . $parts['path'] . "'");
} else {
echo_warning("The URI lacks a path component. Are you sure this is what you intended?");
}
// they shouldn't have a query string
// this stops the use of db queries
if (isset($parts['query'])) {
echo_error("The URI contains the query string: '" . $parts['query'] . "'. This is not permitted.");
$proceed = false;
} else {
echo_ok("The URI lacks a query string component which is a good thing.");
}
//var_dump($parts);
}
if ($proceed) {
echo_ok("Format of URI appears OK. Continuing test.");
?>
<script type="text/javascript">
// get default curl handle
$curl = get_curl_handle($uri);
// set other things here
curl_setopt($curl, CURLOPT_HTTPHEADER, array("Accept: text/html"));
echo_info("Requesting HTML by passing 'Accept: text/html' header.");
$response = run_curl_request($curl);
// we either got a 303 redirect or we got a 200 or something else!
$iFrameUri = false;
$requestRdf = false;
if ($response->info['http_code'] == 303) {
echo_ok("Recieved 303 Redirect HTTP code.");
echo_ok("Redirect to URI: <a target=\"_new\" href=\"" . $response->info['redirect_url'] . "\">" . $response->info['redirect_url'] . "</a>");
$iFrameUri = $response->info['redirect_url'];
$requestRdf = true;
} elseif ($response->info['http_code'] == 302) {
echo_warning("Recieved 302 Redirect HTTP code. This should be a 303 as we are assuming support for HTTP1.1 ~ 302 is so last century :)");
echo_ok("Redirect to URI: <a target=\"_new\" href=\"" . $response->info['redirect_url'] . "\">" . $response->info['redirect_url'] . "</a>");
$iFrameUri = $response->info['redirect_url'];
$requestRdf = true;
} elseif ($response->info['http_code'] == 200) {
echo_ok("Recieved 200 OK HTTP code.");
$iFrameUri = $uri;
} elseif ($response->info['http_code'] == 404) {
echo_error("Got HTTP response code of 404 Not Found.");
$iFrameUri = false;
} else {
echo_error("Unexpected response code: '" . $response->info['http_code'] . "'. Expecting 303 Redirect or 200 OK.");
$iFrameUri = false;
}
if ($iFrameUri) {
echo "<iframe id=\"herbal-html-response\" src=\"{$iFrameUri}\"></iframe>";
$p_msg = "";
//----------------------------------------
// Confirm the operations
//----------------------------------------
if (isset($_POST['save'])) {
try {
$Ledger->verify($_POST);
} catch (Exception $e) {
alert($e->getMessage());
$p_msg = $e->getMessage();
$correct = 1;
}
if (!isset($correct)) {
echo '<div class="content">';
echo h1(_('Confirmation'), '');
echo_warning(_("Attention, cette opération n'est pas encore sauvée : vous devez encore confirmer"));
echo '<form name="form_detail" class="print" enctype="multipart/form-data" class="print" METHOD="POST">';
echo HtmlInput::hidden('ac', $_REQUEST['ac']);
echo $Ledger->confirm($_POST);
echo HtmlInput::submit('confirm', _('Confirmer'));
echo HtmlInput::submit('correct', _('Corriger'));
echo '</form>';
echo '</div>';
return;
}
}
//----------------------------------------
// Confirm and save the operations
// into the database
//----------------------------------------
if (isset($_POST['confirm'])) {
}
//----------------------------------------------------------------------
// Upgrade the template
//----------------------------------------------------------------------
$Resdossier = $cn->exec_sql("select mod_id, mod_name from modeledef");
$MaxDossier = $cn->size();
echo "<h2>Mise à jour modèle</h2>";
for ($e = 0; $e < $MaxDossier; $e++) {
$db_row = Database::fetch_array($Resdossier, $e);
echo "<h3>Patching " . $db_row['mod_name'] . "</h3>";
$name = $cn->format_name($db_row['mod_id'], 'mod');
if ($cn->exist_database($name) > 0) {
$db = new Database($db_row['mod_id'], 'mod');
$db->apply_patch($db_row['mod_name']);
} else {
echo_warning(_("Modèle inexistant") . " {$name}");
}
}
//----------------------------------------------------------------------
// Upgrade the account_repository
//----------------------------------------------------------------------
echo "<h2>Mise à jour Repository</h2>";
$cn = new Database();
if (DEBUG == false) {
ob_start();
}
$MaxVersion = DBVERSIONREPO - 1;
for ($i = 4; $i <= $MaxVersion; $i++) {
if ($cn->get_version() <= $i) {
$cn->execute_script('sql/patch/ac-upgrade' . $i . '.sql');
}
