/**
* put your comment there...
*
* @param mixed $recID - group id to be deleted
*/
function deleteGroup($recID)
{
global $db;
$ret = array();
$ret2 = checkPermission('group', $recID);
if ($ret2 != null) {
$ret['error'] = $ret2;
return $ret;
}
$query = "select rec_ID from Records where rec_OwnerUGrpID={$recID} and rec_FlagTemporary=0 limit 1";
$rows = execSQL($db, $query, null, true);
if (is_string($rows)) {
$ret['error'] = "error finding Records for User {$recID} in deleteGroup - " . $rows;
} else {
if ($rows > 0) {
$ret['error'] = "Error. Deleting Group ({$recID}) with existing Records not allowed";
} else {
// no Records belong this User - ok to delete this User.
/*
$query = "select ugl_UserID from sysUsrGrpLinks where ugl_GroupID=$recID limit 1";
$rows = execSQL($db, $query, null, true);
if (!is_numeric($rows)) {
$ret['error'] = "error finding Users for Group $recID in deleteGroup - ".$rows;
}else if ($rows>0){
$ret['error'] = "Error. Deleting Group ($recID) with existing Users not allowed";
}else{
}*/
//delete temporary records
$query = "select rec_ID from Records where rec_OwnerUGrpID={$recID} and rec_FlagTemporary=1";
$res = mysql_query($query);
while ($row = mysql_fetch_row($res)) {
deleteRecord($row[0]);
}
$query = "delete from sysUsrGrpLinks where ugl_GroupID={$recID}";
$rows = execSQL($db, $query, null, true);
if ($rows == 0 || is_string($rows)) {
$ret['error'] = "db error deleting relations for Group {$recID} from sysUsrGrpLinks - " . $rows;
} else {
$query = "delete from sysUGrps where ugr_ID={$recID}";
$rows = execSQL($db, $query, null, true);
if ($rows == 0 || is_string($rows)) {
$ret['error'] = "db error deleting of Group {$recID} from sysUGrps - " . $rows;
} else {
$ret['result'] = $recID;
$groups = reloadUserGroups(get_user_id());
updateSessionForUser(get_user_id(), 'user_access', $groups);
}
}
}
}
return $ret;
}
/**
* put your comment there...
*
* @param mixed $grpID - group ID
* @param mixed $recIds - comma separated list of affected user IDs
* @param mixed $newRole - new role
*/
function changeRole($grpID, $recIds, $newRole, $oldRole, $needCheck, $updateSession)
{
global $db;
$ret = array();
/*****DEBUG****/
//error_log(">>>>> grpId=".$grpID.", recIds=".$recIds.", newrole=".$newRole.", oldrole=".$oldRole);
if ($needCheck) {
$ret2 = checkPermission('group', $grpID);
if ($ret2 != null) {
$ret['error'] = $ret2;
return $ret;
}
}
if (is_numeric($recIds)) {
$arrUsers = array();
$arrUsers[0] = $recIds;
} else {
$arrUsers = split(",", $recIds);
}
$is_myself_affected = false;
$current_user_id = get_user_id();
//remove from group
if ($newRole == "delete") {
$ret['results'] = array();
$ret['errors'] = array();
foreach ($arrUsers as $userID) {
$is_myself_affected = $is_myself_affected || $userID == $current_user_id;
if ($userID == 2) {
$error = "Not possible to delete database owner";
} else {
$error = checkLastAdmin($userID, $grpID);
}
if ($error == null) {
/*****DEBUG****/
//error_log("DELETED DELETED DELETED DELETED DELETED DELETED DELETED DELETED ");
$query = "delete from sysUsrGrpLinks where ugl_UserID={$userID} and ugl_GroupID={$grpID}";
$rows = execSQL($db, $query, null, true);
if ($rows == 0 || is_string($rows)) {
// error delete reference for this user
array_push($ret['errors'], "db error deleting relations for user# {$userID}");
} else {
array_push($ret['results'], $userID);
}
} else {
array_push($ret['errors'], $error);
}
}
} else {
if ($oldRole != null) {
//modification of role
$ret['errors'] = array();
$ret['results'] = array();
foreach ($arrUsers as $userID) {
$is_myself_affected = $is_myself_affected || $userID == $current_user_id;
$error = null;
if ($userID == 2 && $grpID == 1) {
$error = "Not possible to change role for database owner";
array_push($ret['errors'], $error);
} else {
if ($oldRole == "admin" && $newRole == "member") {
$error = checkLastAdmin($userID, $grpID);
if ($error) {
array_push($ret['errors'], $error);
}
}
}
if ($error == null) {
$query = "UPDATE sysUsrGrpLinks set ugl_Role='{$newRole}' where ugl_GroupID={$grpID} and ugl_UserID={$userID}";
$rows = execSQL($db, $query, null, true);
if ($rows == 0 || is_string($rows)) {
array_push($ret['errors'], "DB error changing roles in sysUsrGrpLinks for group {$grpID}, user {$userID} - " . $rows);
} else {
array_push($ret['results'], $userID);
}
}
}
//for
} else {
//insert new roles for non-existing entries
$query = "INSERT INTO sysUsrGrpLinks (ugl_GroupID, ugl_UserID, ugl_Role) VALUES ";
$nofirst = false;
$resIDs = "";
foreach ($arrUsers as $userID) {
$is_myself_affected = $is_myself_affected || $userID == $current_user_id;
if ($nofirst) {
$query = $query . ", ";
$resIDs = $resIDs . ", ";
}
$query = $query . "({$grpID}, {$userID}, '{$newRole}')";
$resIDs = $resIDs . "{$userID}";
$nofirst = true;
}
/* DEBUG
if($nofirst){
/*****DEBUG****/
//error_log("DOWN TO DOWN TO DOWN TO DOWN TO DOWN TO DOWN TO DOWN TO DOWN TO $newRole");
/* //$nofirst = false;
//$ret['result'] = $resIDs;
}
*/
if ($nofirst) {
$query = $query . " ON DUPLICATE KEY UPDATE ugl_Role='{$newRole}'";
$rows = execSQL($db, $query, null, true);
if ($rows == 0 || is_string($rows)) {
$ret['error'] = "DB error setting role in sysUsrGrpLinks - " . $rows;
} else {
$ret['result'] = $resIDs;
}
}
}
}
//update group info for affected users
if ($updateSession) {
foreach ($arrUsers as $userID) {
$groups = reloadUserGroups($userID);
updateSessionForUser($userID, 'user_access', $groups);
}
}
//if($is_myself_affected){
// updateSessionInfo();
//}
return $ret;
}
$needRegistration = false;
$_REQUEST['username'] = $username;
$_REQUEST['password'] = $password;
}
} else {
mysql_connection_select(USERS_DATABASE);
//verify that this database has proper owner userId=2
$res = mysql_query('select ugr_Password from ' . USERS_TABLE . ' where ' . USERS_ID_FIELD . ' = 2');
$needRegistration = ($user = mysql_fetch_assoc($res)) && $user[USERS_PASSWORD_FIELD] == "TO BE RESET";
}
if (!$needRegistration) {
$LOGIN_ERROR = '';
if (@$_REQUEST['username'] or @$_REQUEST['password']) {
$res = mysql_query('select * from ' . USERS_TABLE . ' where ' . USERS_USERNAME_FIELD . ' = "' . mysql_real_escape_string($_REQUEST['username']) . '"');
if (($user = mysql_fetch_assoc($res)) && $user[USERS_ACTIVE_FIELD] == 'y' && crypt($_REQUEST['password'], $user[USERS_PASSWORD_FIELD]) == $user[USERS_PASSWORD_FIELD]) {
$groups = reloadUserGroups($user[USERS_ID_FIELD]);
// a person is a member, not admin, of their own user group as they can't add users to this group
$groups[$user[USERS_ID_FIELD]] = 'member';
$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']['cookie_version'] = COOKIE_VERSION;
$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']['user_name'] = $user[USERS_USERNAME_FIELD];
$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']['user_realname'] = $user[USERS_FIRSTNAME_FIELD] . ' ' . $user[USERS_LASTNAME_FIELD];
$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']['user_id'] = $user[USERS_ID_FIELD];
$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']['user_access'] = $groups;
$_SESSION[HEURIST_SESSION_DB_PREFIX . 'heurist']['user_systemadmin'] = defined('HEURIST_MAIL_TO_ADMIN') && @$user[USERS_EMAIL_FIELD] == HEURIST_MAIL_TO_ADMIN ? "1" : "0";
$time = 0;
if ($_REQUEST['session_type'] == 'public') {
//expire on exit
$time = 0;
} else {
if ($_REQUEST['session_type'] == 'shared') {
$time = time() + 24 * 60 * 60;