public static function start() { global $gvSessionTimeout; if (session_status() != PHP_SESSION_NONE) { return; } session_start(); if (isset($_SESSION['lastActivity'])) { if (time() - $_SESSION['lastActivity'] >= $gvSessionTimeout) { if (isset($_SESSION['op_code'])) { Operator::clearTableForLogout($_SESSION['op_code']); } // Session expired session_destroy(); unset($_SESSION); session_start(); session_regenerate_id(); gfSetDelayedMsg('La sessione è scaduta.', 'Err'); } } $_SESSION['lastActivity'] = time(); // Set userlevel if (!isset($_SESSION['userLevel'])) { $_SESSION['userLevel'] = Page::NORMAL_USER; } if (isset($_SESSION['op_code'])) { $op = Operator::fromDatabaseByCode($_SESSION['op_code']); if ($op) { // This is not really a session variable // It will be reloaded at every request // It's just to be used in other classes $_SESSION['operator'] = $op; if (!isset($_SESSION['td_served'])) { $_SESSION['td_served'] = array(); } } else { // Operator deleted while still logged in? self::logoutOperator(); } } if (isset($_SESSION['desk_number'])) { $desk = Desk::fromDatabaseByNumber($_SESSION['desk_number']); if ($desk) { $_SESSION['desk'] = $desk; $desk->updateLastActivityTime(); $desk->save(); } else { self::logoutOperator(); } } }
public function getOutput() { global $gvPath; if ($_SESSION['userLevel'] === Page::OPERATOR_USER) { Session::logoutOperator(); } session_destroy(); unset($_SESSION); session_start(); session_regenerate_id(); gfSetDelayedMsg('Logout effettuato correttamente.'); $redirect = new RedirectOutput("{$gvPath}/application/logoutPage"); return $redirect; }
public function execute() { global $gvPath; // Trim data $this->dev_ip_address = trim($this->dev_ip_address); $this->dev_desk_number = trim($this->dev_desk_number); // Data validation if ($this->dev_ip_address === '' || $this->dev_desk_number === '') { $this->message = "Errore: tutti i campi sono obbligatori."; return true; } // dev_desk_number should contain... numbers if (preg_match('/^(0|[1-9][0-9]*)$/', $this->dev_desk_number) !== 1) { $this->message = "Errore: il numero dello sportello non è valido."; return true; } // Check ip_address if (!filter_var($this->dev_ip_address, FILTER_VALIDATE_IP)) { $this->message = "Errore: l'indirizzo IP non è valido."; return true; } // Check if desk number really exists if ((int) $this->dev_desk_number !== 0) { $desk = Desk::fromDatabaseByNumber($this->dev_desk_number); if (!$desk) { $this->message = "Errore: lo sportello specificato non esiste."; return true; } unset($desk); } // Check tdCode exists and active if ($this->dev_td_code) { $td = TopicalDomain::fromDatabaseByCode($this->dev_td_code); if (!$td || !$td->getActive()) { $this->message = "Errore: l'area tematica selezionata non è disponibile."; return true; } } // Check ip is not taken $device = Device::fromDatabaseByIpAddress($this->dev_ip_address); $desk = Desk::fromDatabaseByIpAddress($this->dev_ip_address); if ($desk || $device && ($this->dev_id === 0 || $this->dev_id !== (int) $device->getId())) { $this->message = "Errore: l'indirizzo IP è gia stato assegnato."; return true; } unset($device); if ($this->dev_id === 0) { $device = Device::newRecord(); } else { $device = Device::fromDatabaseById($this->dev_id); } $device->setIpAddress($this->dev_ip_address); $device->setDeskNumber($this->dev_desk_number); $device->setTdCode($this->dev_td_code); if ($device->save()) { gfSetDelayedMsg('Operazione effettuata correttamente', 'Ok'); $redirect = new RedirectOutput("{$gvPath}/application/adminDeviceList"); return $redirect; } else { $this->message = "Impossibile salvare le modifiche. Ritentare in seguito."; return true; } }
public function execute() { // Trim data $this->td_name = trim($this->td_name); $this->td_description = trim($this->td_description); // Data validation if ($this->td_name === '') { $this->message = "Errore: il campo nome è obbligatorio."; return true; } // Sanitize td_name if (preg_match('/^[0-9a-zàèéìò \']+$/i', $this->td_name) !== 1) { $this->message = "Errore: il nome contiene caratteri non validi."; return true; } // Sanitize td_description if (preg_match('/^[0-9a-zàèéìò \'.,();:"]*$/i', $this->td_description) !== 1) { $this->message = "Errore: la descrizione contiene caratteri non validi."; return true; } // Check that topical domain is disabled // Hopefully this has already been done before ;-) if ($this->td_id) { $td = TopicalDomain::fromDatabaseById($this->td_id); if ($td->getActive()) { $this->message = "Errore: l'area tematica non è disattivata."; return true; } } if ($this->td_id === 0) { $td = TopicalDomain::newRecord(); $td->setActive(1); } else { $td = TopicalDomain::fromDatabaseById($this->td_id); } $td->setCode($this->td_code); $td->setName($this->td_name); $td->setDescription($this->td_description); $td->setIcon($this->td_icon); $td->setColor($this->td_color); if ($td->save()) { gfSetDelayedMsg('Operazione effettuata correttamente', 'Ok'); global $gvPath; $redirect = new RedirectOutput("{$gvPath}/application/adminTopicalDomainList"); return $redirect; } else { $this->message = "Impossibile salvare le modifiche. Ritentare in seguito."; return true; } }
public function execute() { global $gvMinPasswordLength, $gvPath; $op_password = gfPostVar('op_password', ''); $op_password_repete = gfPostVar('op_password_repete', ''); // Trim data $this->op_code = trim($this->op_code); $this->op_name = trim($this->op_name); $this->op_surname = trim($this->op_surname); // Data validation if ($this->op_code === '' || $this->op_name === '' || $this->op_surname === '') { $this->message = "Errore: tutti i campi sono obbligatori."; return true; } if ($this->op_id === 0 && $op_password === '') { $this->message = "Errore: il campo password è obbligatorio."; return true; } if ($op_password && strlen($op_password) < $gvMinPasswordLength) { $this->message = "Errore: la password deve contenere almeno " . "{$gvMinPasswordLength} caratteri."; return true; } if ($op_password !== $op_password_repete) { $this->message = "Errore: le password non coincidono."; return true; } // Allow only letters and digits in op_code if (preg_match('/^[0-9a-z]+$/i', $this->op_code) !== 1) { $this->message = "Errore: il codice operatore non è valido."; return true; } // Check name if (preg_match('/^[a-z \'àèéìòù]+$/i', $this->op_name) !== 1) { $this->message = "Errore: il nome contiene caratteri non validi."; return true; } // Check surname if (preg_match('/^[a-z \'àèéìòù]+$/i', $this->op_surname) !== 1) { $this->message = "Errore: il cognome contiene caratteri non validi."; return true; } // Check if code is taken for new operator $op = Operator::fromDatabaseByCode($this->op_code); if ($op && ($this->op_id === 0 || $this->op_id !== (int) $op->getId())) { $this->message = "Errore: il codice operatore non è disponibile."; return true; } unset($op); // Check operator is offline (only when edit) if ($this->op_id !== 0) { $operator = Operator::fromDatabaseById($this->op_id); if (!$operator) { $this->message = "Errore interno: il record non è presente."; return true; } if ($operator->isOnline()) { $this->message = "L'operatore è online, impossibile modificarlo."; return true; } } if ($this->op_id === 0) { $op = Operator::newRecord(); $op->setCode($this->op_code); $op->setName($this->op_name); $op->setSurname($this->op_surname); $op->setPassword($op_password); } else { $op = Operator::fromDatabaseById($this->op_id); $op->setCode($this->op_code); $op->setName($this->op_name); $op->setSurname($this->op_surname); if ($op_password) { $op->setPassword($op_password); } } if ($op->save()) { gfSetDelayedMsg('Operazione effettuata correttamente', 'Ok'); $redirect = new RedirectOutput("{$gvPath}/application/adminOperatorList"); return $redirect; } else { $this->message = "Impossibile salvare le modifiche. Ritentare in seguito."; return true; } }
public function execute() { global $gvPath; // Trim data $this->desk_number = trim($this->desk_number); $this->desk_ip_address = trim($this->desk_ip_address); // Data validation if ($this->desk_number === '' && $this->desk_ip_address === '') { $this->message = "Errore: tutti i campi sono obbligatori."; return true; } // desk_number should contain... numbers if (preg_match('/^[1-9][0-9]*$/', $this->desk_number) !== 1) { $this->message = "Errore: il numero dello sportello non è valido."; return true; } // Check ip_address if (!filter_var($this->desk_ip_address, FILTER_VALIDATE_IP)) { $this->message = "Errore: l'indirizzo IP non è valido."; return true; } $desk = Desk::fromDatabaseByNumber($this->desk_number); if ($desk && ($this->desk_id === 0 || $this->desk_id !== (int) $desk->getId())) { $this->message = "Errore: il numero sportello non è disponibile."; return true; } unset($desk); // Check ip is not taken $desk = Desk::fromDatabaseByIpAddress($this->desk_ip_address); $device = Device::fromDatabaseByIpAddress($this->desk_ip_address); if ($device || $desk && ($this->desk_id === 0 || $this->desk_id !== (int) $desk->getId())) { $this->message = "Errore: l'indirizzo IP è gia stato assegnato."; return true; } unset($desk); if ($this->desk_id === 0) { $desk = Desk::newRecord(); } else { $desk = Desk::fromDatabaseById($this->desk_id); } if ($desk->isOpen()) { $this->message = "Errore: il desk è aperto. Chiudere la sessione prima di continuare."; return true; } $desk->setNumber($this->desk_number); $desk->setIpAddress($this->desk_ip_address); if ($desk->save()) { gfSetDelayedMsg('Operazione effettuata correttamente', 'Ok'); $redirect = new RedirectOutput("{$gvPath}/application/adminDeskList"); return $redirect; } else { $this->message = "Impossibile salvare le modifiche. Ritentare in seguito."; return true; } }