function perform()
{
// set display requirements
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Add Date Criteria', 'content' => 'content/reportFormDate.php');
// don't lose the db!
$db = $_REQUEST['db'];
// where are we?
$userFinder = new UserFinder($db);
$user = $userFinder->findById($_SESSION['userId']);
$library = $user['library_short_name'];
$libraryID = $user['library_id'];
$result['library_id'] = $libraryID;
$result['library'] = $library;
$result['user'] = $user;
$report_id = grwd('report_id');
$result['report_id'] = $report_id;
// get all the info on the reports
$reportFinder = new ReportFinder($db);
$reportCount = $reportFinder->getReportCount();
$result['reportCount'] = $reportCount;
// get the information for the chosen report by requiring Reports.php and all the reports
$report_class_handle = new Report();
$report_class_get = $report_class_handle->get();
// declare the report class by using it's ID
$report_info = new $report_id();
$result['reportList'] = $report_info->info();
$libraryFinder = new LibraryFinder($db);
$result['libraryList'] = $libraryFinder->getAllLibraries();
$locationFinder = new LocationFinder($db);
$result['locationList'] = $locationFinder->getAllLocations();
return $result;
}
public function userLogin()
{
$Request = new Request();
if ($_SESSION['BadLogin'] >= 5 && BADLOGIN_ACTIVATED) {
$this->showLogin("Maximale Logins verbraucht bitte Probieren Sie es In einer stunde wieder");
return false;
}
$UserFinder = new UserFinder();
/* TODO: Salt für neuen Benutzeranmeldung !!! */
$User = $UserFinder->findByNameAndPass($Request->getAsString("tb_Name"), md5($Request->getAsString("tb_Pass")));
if ($User->getId() == 0) {
$this->showLogin();
if (!$_SESSION['BadLogin']) {
$_SESSION['BadLogin'] = 1;
} else {
$_SESSION['BadLogin']++;
}
return false;
}
$_SESSION['UserId'] = $User->getId();
$_SESSION['UserName'] = $Request->getAsString("tb_Name");
$_SESSION['UserPass'] = md5($Request->getAsString("tb_Pass"));
if ($User->getLooked()) {
// der User ist gesperrt und darf sich nicht einloggen
$TempLate = Template::getInstance("tpl_Login.php");
$TempLate->renderError("Fehler", ":T_LOGIN_ERROR1:", "index.php");
return false;
}
Controler_Main::getInstance()->setUser($User);
Controler_Main::getInstance()->addPermanentOutPut();
$UserManager = new UserManager();
$UserManager->updateLoginTime($User->getId());
$HomeControler = new Controler_Home();
$HomeControler->showHomescreen();
}
function perform()
{
// set display requirements
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Library Admin ', 'content' => 'content/admin/libraryAdmin.php');
// don't lose the db!
$db = $_REQUEST['db'];
// where are we?
$uf = new UserFinder($db);
$user = $uf->findById($_SESSION['userId']);
$result['user'] = $user;
$lf = new LibraryFinder($db);
$libraryList = $lf->getAllLibraries();
$result['libraryList'] = $libraryList;
if (isset($_POST['library_id'])) {
$libraryID = $_POST['library_id'];
$library = $lf->getLibraryName($libraryID);
} else {
$library = $user['library_short_name'];
$libraryID = $user['library_id'];
}
$result['library_id'] = $libraryID;
$result['library'] = $library;
$locationFinder = new LocationFinder($db);
$result['locationList'] = $locationFinder->findByLibraryID($libraryID);
$result['distinctLocationList'] = $locationFinder->getDistinctLocations();
$af = new AdminFinder($db);
$adminTableList = $af->getAdminTables();
$result['adminTables'] = $adminTableList;
return $result;
}
function perform()
{
// set display requirements
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Advanced Search', 'content' => 'content/advancedSearchForm.php');
// don't lose the db!
$db = $_REQUEST['db'];
//var_dump($_REQUEST);
// where are we?
$userFinder = new UserFinder($db);
$user = $userFinder->findById($_SESSION['userId']);
$library = $user['library_short_name'];
$libraryId = $user['library_id'];
$result['library_id'] = $libraryId;
$result['library'] = $library;
$result['user'] = $user;
// The library that got searched for last time, probably...
$selLibId = grwd('search_library_id', $libraryId);
$result['search_library_id'] = $selLibId;
$libraryFinder = new LibraryFinder($db);
$libraryList = $libraryFinder->getAllLibraries();
array_unshift($libraryList, array('library_id' => $libraryId, 'short_name' => $user['library_short_name'], 'full_name' => $user['library_full_name']), array('library_id' => '0', 'short_name' => 'All Libraries', 'full_name' => 'All Libraries'), array('library_id' => '', 'short_name' => '----------------------------', 'full_name' => '----------------------------'));
$result['libraryList'] = $libraryList;
$locationFinder = new LocationFinder($db);
$result['locationList'] = $locationFinder->getAllLocations();
return $result;
}
function perform()
{
// set display requirements
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Library Admin', 'content' => 'content/admin/libraryEditForm.php');
// don't lose the db!
$db = $_REQUEST['db'];
// where are we?
$uf = new UserFinder($db);
$user = $uf->findById($_SESSION['userId']);
$result['user'] = $user;
$af = new AdminFinder($db);
$adminTableList = $af->getAdminTables();
$result['adminTables'] = $adminTableList;
$lf = new LibraryFinder($db);
$table = 'libraries';
$result['everything'] = $lf->getAllLibraries();
if (isset($_POST['library_id'])) {
$libraryID = $_POST['library_id'];
$library = $lf->getLibraryName($libraryID);
} else {
$library = $user['library_short_name'];
$libraryID = $user['library_id'];
}
$af = new AdminFinder($db);
$parent_table_data = $af->getAdminTableRow($table);
$result['parent_table_data'] = $parent_table_data;
return $result;
}
public function getFileList()
{
$Request = new Request();
$UserName = $Request->getAsString("User");
$UserPass = $Request->getAsString("Pass");
$UserFinder = new UserFinder();
$User = $UserFinder->findByNameAndPass($UserName, $UserPass);
if ($User->getId() == 0) {
return false;
}
//echo $User->getFolder();
$this->listDir("./" . $User->getFolder());
return true;
}
function perform()
{
// set display requirements
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Reports', 'content' => 'content/reportForm.php');
// don't lose the db!
$db = $_REQUEST['db'];
// where are we?
$userFinder = new UserFinder($db);
$user = $userFinder->findById($_SESSION['userId']);
$result['user'] = $user;
$reportFinder = new ReportFinder($db);
$reportCount = $reportFinder->getReportCount($db);
$result['reportCount'] = $reportCount;
return $result;
}
function isAdmin()
{
//Check for Admin
if (AUTO_ADMIN_LOGON) {
return true;
}
$userId = $_SESSION['userId'] + 0;
$admin = false;
$uf = new UserFinder($_REQUEST['db']);
$result = $uf->findByID($userId);
if ($result['admin'] == 1) {
$admin = true;
}
return $admin;
}
/**
* Looks up user supplied email address / alias and sends a mail
*
* @param $email email address or username
*/
function sendMail($in)
{
$in = trim($in);
if (is_email($in)) {
$user_id = UserFinder::byEmail($in);
} else {
$user_id = UserFinder::byUsername($in);
}
$error = ErrorHandler::getInstance();
if (!$user_id) {
$error->add('Invalid email address or username');
return false;
}
$email = UserSetting::getEmail($user_id);
if (!$email) {
throw new \Exception('entered email not found');
}
$code = Token::generate($user_id, 'activation_code');
$pattern = array('/@USERNAME@/', '/@IP@/', '/@URL@/', '/@EXPIRETIME@/');
$user = User::get($user_id);
$page = XmlDocumentHandler::getInstance();
$url = $page->getUrl() . 'u/reset_pwd/' . $code;
$replacement = array($user->getName(), client_ip(), $url, shortTimePeriod($this->expire_time_email));
$msg = preg_replace($pattern, $replacement, $this->password_msg);
//d($msg);
$mail = SendMail::getInstance();
$mail->addRecipient($email);
$mail->setSubject('Forgot password');
$mail->send($msg);
return true;
}
function perform()
{
$db = $_REQUEST['db'];
$uf = new UserFinder($db);
$cookieVal = isset($_COOKIE['login']) ? $_COOKIE['login'] : '';
$uf->clearCookieCredentials($cookieVal);
setcookie('login', '', mktime(0, 0, 0, 0, 0, 2038));
// Destroy the loggedIn and userId session varialbes
$_SESSION['loggedIn'] = false;
unset($_SESSION['loggedIn']);
unset($_SESSION['userId']);
// and kill the whole session
session_destroy();
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Logged Out', 'content' => 'content/loggedOut.php');
$result['username'] = '';
return $result;
}
function perform()
{
// set display requirements
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Option Admin ', 'content' => 'content/admin/optionAdminForm.php');
// don't lose the db!
$db = $_REQUEST['db'];
// where are we?
$uf = new UserFinder($db);
$user = $uf->findById($_SESSION['userId']);
$result['user'] = $user;
$af = new AdminFinder($db);
$adminTableList = $af->getAdminTables();
$result['adminTables'] = $adminTableList;
if (isset($_GET['table'])) {
$table = $_GET['table'];
}
//echo($table);
$result['everything'] = $af->getTableFields($table);
//var_dump($result['everything']);
$lf = new LibraryFinder($db);
$libraryList = $lf->getAllLibraries();
$result['libraryList'] = $libraryList;
if (isset($_GET['library_id'])) {
$libraryID = $_GET['library_id'];
$library = $lf->getLibraryName($libraryID);
} else {
$library = $user['library_short_name'];
$libraryID = $user['library_id'];
}
if (isset($table)) {
$parent_table = $table;
} else {
$parent_table = 'locations';
}
$af = new AdminFinder($db);
$parent_table_data = $af->getAdminTableRow($parent_table);
$result['library_id'] = $libraryID;
$result['library'] = $library;
$parentFinder = new $parent_table_data['parent_finder']($db);
$result['bridgeTableList'] = $parentFinder->findByLibraryID($libraryID);
$result['parentTableList'] = $parentFinder->getDistinctList();
$result['parent_table_data'] = $parent_table_data;
return $result;
}
function perform()
{
// set display requirements
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => 'Help? ', 'content' => 'content/admin/help.php');
// don't lose the db!
$db = $_REQUEST['db'];
// where are we?
$userFinder = new UserFinder($db);
$user = $userFinder->findById($_SESSION['userId']);
$result['user'] = $user;
$library_id_post = $user['library_id'];
$help_id = $_REQUEST['advice'];
$result['help_id'] = $help_id;
//$help_id = 1;
$helpFinder = new HelpFinder($db);
$result['helpList'] = $helpFinder->getHelpDesc($help_id);
$table = $result['helpList']['related_table'];
//$result['pageTitle'] .= $result['helpList']['help_name'];
$library_id = array('database_field' => 'library_id', 'relation' => '=', 'value' => $library_id_post, 'type' => 'INT');
$criteria = array('library_id' => $library_id);
$sql = " FROM " . $table . " WHERE ";
$i = 0;
$param = array();
foreach ($criteria as $value) {
if ($value["value"] == 0 and $value["type"] == 'INT') {
continue;
}
if ($i != 0) {
$sql .= 'AND' . ' ' . $value["database_field"] . ' ' . $value["relation"] . ' ? ';
$param[$i] = $value["value"];
} else {
$sql .= $value["database_field"] . ' ' . $value["relation"] . ' ? ';
$param[$i] = $value["value"];
}
$i++;
}
$sql .= " ORDER BY list_order";
$result['optionList'] = $helpFinder->getFieldOptions($sql, $param);
$result['descPatron'] = $helpFinder->getPatronOptions($library_id_post);
$result['descQuestionType'] = $helpFinder->getQuestionTypeOptions($library_id_post);
$result['descLocation'] = $helpFinder->getLocationOptions($library_id_post);
return $result;
}
/**
* prepare information to save in database
* @result = array containing information to insert/update in the table
*
*/
function perform()
{
// Don't set up default destination here. We're going to use the
// userAdminFormAction to display the result page.
// don't lose the db!
$db = $_REQUEST['db'];
// where are we?
$uf = new UserFinder($db);
$user = $uf->findById($_SESSION['userId']);
$result['user'] = $user;
$editUser = $this->parseUserFromForm();
$saveResult = $uf->saveUser($editUser['user_id'], $editUser['username'], md5($editUser['password']), $editUser['library_id'], $editUser['admin']);
$_REQUEST['selUserId'] = $editUser['user_id'];
$_REQUEST['saveResult'] = $saveResult;
$act = new UserAdminFormAction();
$result = $act->perform();
$result['saveResult'] = $saveResult;
return $result;
}
function perform()
{
$userFact = new UserFinder($_REQUEST['db']);
$username = gpwd('username');
$password = gpwd('password');
$userId = $userFact->authenticate($username, md5($password));
if (!($userId === null)) {
$_SESSION['loggedIn'] = true;
$_SESSION['userId'] = $userId;
// Set a cookie as well...
$cookieVal = $this->createCookieValue();
setcookie('login', $cookieVal, mktime(0, 0, 0, 0, 0, 2038));
$userFact->setCookieCredentials($cookieVal, $userId);
header("Location: {$_SESSION['destination']}");
exit;
} else {
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Please Log In', 'header' => 'headers/header.php', 'content' => 'content/loginForm.php');
$result['username'] = $username;
return $result;
}
}
function perform()
{
$layout = grwd('layout', 'menus');
$optionFunctions = array('pulldown' => 'getSelectPulldown', 'radio' => 'getRadioList', 'menus' => 'getSelectBox');
$optionFunction = $optionFunctions[$layout];
// Ensure we have the variable questionId
$questionId = grwd('questionId', -1) + 0;
$db = $_REQUEST['db'];
$tsf = new TimeSpentFinder($db);
$ptf = new PatronTypeFinder($db);
$qff = new QuestionFormatFinder($db);
$qtf = new QuestionTypeFinder($db);
$if = new InitialsFinder($db);
$lf = new LocationFinder($db);
$userFinder = new UserFinder($db);
$user = $userFinder->findById($_SESSION['userId']);
if ($questionId != -1) {
// to the edit form!
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Edit Question', 'content' => 'content/questionEditForm.php');
$result['optionFunction'] = $optionFunction;
$libId = $user['library_id'];
$result['timeSpentOpts'] = $tsf->findByLibrary($libId);
$result['patronTypeOpts'] = $ptf->findByLibrary($libId);
$result['questionTypeOpts'] = $qtf->findByLibrary($libId);
$result['questionFormatOpts'] = $qff->findByLibrary($libId);
$result['locationOpts'] = $lf->findByLibrary($libId);
$result['locationId'] = $lf->getLastLocationId($_SERVER['REMOTE_ADDR'], $libId);
$result['user'] = $user;
$questionFinder = new QuestionFinder($db);
$result['question'] = $questionFinder->getQuestion($questionId);
$result['answer'] = $questionFinder->getQuestion($questionId);
$result['delete_hide'] = gpwd('delete_hide');
$result['origin'] = grwd('origin', 'questionAddForm.do');
} else {
echo "QuestionID {$questionId} not found";
// Send somewere else
}
return $result;
}
function perform()
{
// set display requirements
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : User Admin', 'content' => 'content/admin/userAdminForm.php');
// don't lose the db!
$db = $_REQUEST['db'];
// where are we?
$uf = new UserFinder($db);
$user = $uf->findById($_SESSION['userId']);
$result['user'] = $user;
// Find the list of users, and flag one as selected
// If one isn't found, use "new" as the requester id
$userList = $uf->findUsers();
$result['userList'] = $userList;
$result['selId'] = grwd('selUserId', -1);
$result['selUser'] = $uf->findById($result['selId']);
if (!is_numeric($result['selId'])) {
$result['selUser']['user_id'] = 'new';
}
// Find libraries, and which library is selected
$lf = new LibraryFinder($db);
$result['libraryList'] = $lf->getAllLibraries();
return $result;
}
// marking item approved is all that's needed
case MODERATE_UPLOAD:
case MODERATE_USER:
case MODERATE_PHOTO:
break;
default:
throw new \Exception('Unhandled ModerationObject type ' . $o->type);
}
redir('a/moderation');
}
echo '<h1>Moderate object # ' . $this->child . '</h1>';
switch ($o->type) {
case MODERATE_CHANGE_USERNAME:
$u = User::get($o->owner);
echo '<h2>' . $u->name . ' wants to change username to ' . $o->data . '</h2>';
if (UserFinder::byUsername($o->data)) {
echo 'Username is taken!<br/>';
} else {
echo '» ' . ahref('?approve', 'Approve') . '<br/>';
}
echo '<br/>';
echo '» ' . ahref('?deny', 'Deny') . '<br/>';
break;
case MODERATE_UPLOAD:
echo '<h2>Moderate file with reference ' . $o->reference . '</h2>';
if ($o->owner) {
$u = User::get($o->owner);
echo 'Uploaded by ' . $u->name;
}
$view = new ViewModel('views/user/file_details.php');
$view->registerVar('owner', $o->data);
<?php require_once '../common.php'; $name = $_POST['username']; $uf = new UserFinder($pdo); $user = $uf->findOrCreate($name); $regs = $user->getRegistrations(); $req_data = $u2f->getRegisterData($regs); list($request, $sigs) = $req_data; $out = ['request' => $request, 'signatures' => $sigs]; echo json_encode($out);
function perform()
{
// set display requirements
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Search Results', 'content' => 'content/questionSearchResults.php');
// The number of questions and page offset we want
$count = grwd('count', 50);
$page = grwd('page', 1);
$result['count'] = $count;
$result['page'] = $page;
// don't lose the db!
$db = $_REQUEST['db'];
$userFinder = new UserFinder($db);
$user = $userFinder->findById($_SESSION['userId']);
$result['user'] = $user;
// Generate a base URL for this search -- can't have page or count data
// cos we're going to build pagination links from this
$criteriaArray = $_GET;
unset($criteriaArray['page']);
unset($criteriaArray['count']);
$advancedSearchString = implode_assoc('=', '&', $criteriaArray, true, true);
$result['criteria_array'] =& $criteriaArray;
$baseUrl = 'advancedSearch.do?' . $advancedSearchString;
$result['advanced_search_string'] = $advancedSearchString;
// gather request data
$date1 = grwd('date1');
$date2 = grwd('date2');
$library_id_post = grwd('library_id') + 0;
$location_id_post = grwd('location_id') + 0;
$initials = grwd('initials');
$searchString = grwd('searchString');
$result['searchWords'] = $searchString;
$questionFinder = new QuestionFinder($db);
$startDate = array('database_field' => 'questions.question_date', 'relation' => '>=', 'value' => $date1, 'type' => 'DATE');
$endDate = array('database_field' => 'questions.question_date', 'relation' => '<=', 'value' => $date2, 'type' => 'DATE');
$library_id = array('database_field' => 'questions.library_id', 'relation' => '=', 'value' => $library_id_post, 'type' => 'INT');
$location_id = array('database_field' => 'questions.location_id', 'relation' => '=', 'value' => $location_id_post, 'type' => 'INT');
$initials = array('database_field' => 'questions.initials', 'relation' => 'LIKE', 'value' => $initials, 'type' => 'TEXT');
$searchCriteria = array('database_field' => array('question', 'answer'), 'relation' => 'fulltext', 'value' => $searchString, 'type' => 'FULLTEXT');
// pull together all of the search criteria
$criteria = array('start_date' => $startDate, 'end_date' => $endDate, 'library_id' => $library_id, 'location_id' => $location_id, 'initials' => $initials, 'search_criteria' => $searchCriteria);
$sql = "";
$param = array();
foreach ($criteria as $value) {
if (!$value["value"]) {
continue;
}
if (count($param) != 0) {
$sql .= ' AND ';
}
if ($value["type"] == "FULLTEXT") {
// Track if this is the first fulltext in group
$orNeeded = false;
$sql .= ' ( ';
foreach ($value["database_field"] as $field) {
if ($orNeeded) {
$sql .= " OR ";
}
$sql .= 'MATCH(' . $field . ") AGAINST(? IN BOOLEAN MODE)";
$param[] = mySqlFulltextString($value["value"]);
$orNeeded = true;
}
$sql .= ' ) ';
} else {
if ($value['type'] == "DATE") {
// Make dates sane; the only part of this that's special
$sDate = makeDateSane($value['value']);
$sDate = date('Y-m-d', strtotime($sDate));
$sql .= $value["database_field"] . ' ' . $value["relation"] . ' ? ';
$param[] = $sDate;
} else {
$sql .= $value["database_field"] . ' ' . $value["relation"] . ' ? ';
$param[] = $value["value"];
}
}
}
$questionFinder = new QuestionFinder($db);
$qList =& $questionFinder->getPagedList($count, $page, $sql, $param);
$result['questionList'] =& $qList['list'];
$result['list_meta'] = $qList['meta'];
$libraryFinder = new LibraryFinder($db);
$searchLibName = $libraryFinder->getLibraryName($library_id_post);
if ($library_id_post == 0) {
$searchLibName = "All Libraries";
}
if (isset($location_id_post)) {
$locationFinder = new LocationFinder($db);
$searchLocName = $locationFinder->getLocation($location_id_post);
}
$result['origin'] = $baseUrl . "&page={$page}&count={$count}";
$result['base_url'] = $baseUrl;
$result['date1'] = $date1;
$result['date2'] = $date2;
$result['library_id'] = $library_id;
$result['library_name'] = $searchLibName;
$result['search_library_id'] = $library_id_post;
$result['location_id'] = $location_id;
$result['location_name'] = $searchLocName;
$result['criteria'] = $criteria;
// $result['sql'] = $sql;
return $result;
}
function perform()
{
// set display requirements
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Finished Report', 'content' => 'content/reportReturn.php');
// don't lose the db!
$db = $_REQUEST['db'];
// where are we?
$userFinder = new UserFinder($db);
$user = $userFinder->findById($_SESSION['userId']);
$result['user'] = $user;
// gather posted data
$date1 = trim(grwd('date1'));
$date2 = trim(grwd('date2'));
if ($date1 == '') {
$date1 = '1/1/1990';
}
if ($date2 == '') {
$date2 = 'now';
}
$report_id = grwd('report_id');
$library_id_post = grwd('library_id') + 0;
$location_id_post = grwd('location_id') + 0;
// function to sanity check dates
$date1 = makeDateSane($date1);
$date1 = date('Y-m-d G:i:s', strtotime($date1));
$date2 = makeDateSane($date2);
$date2 = date('Y-m-d G:i:s', strtotime($date2));
$startDate = array('database_field' => 'questions.question_date', 'relation' => '>=', 'value' => $date1, 'type' => 'DATE');
$endDate = array('database_field' => 'questions.question_date', 'relation' => '<=', 'value' => $date2, 'type' => 'DATE');
$library_id = array('database_field' => 'questions.library_id', 'relation' => '=', 'value' => $library_id_post, 'type' => 'INT');
$location_id = array('database_field' => 'questions.location_id', 'relation' => '=', 'value' => $location_id_post, 'type' => 'INT');
// pull together all of the search criteria
$criteria = array('start_date' => $startDate, 'end_date' => $endDate, 'library_id' => $library_id, 'location_id' => $location_id);
$sql = " WHERE questions.delete_hide = 0 ";
$i = 0;
$param = array();
foreach ($criteria as $value) {
if (!$value["value"]) {
continue;
}
$sql .= 'AND' . ' ' . $value["database_field"] . ' ' . $value["relation"] . ' ? ';
$param[$i] = $value["value"];
$i++;
}
// get the relevant data from the Report class
$reportFinder = new ReportFinder($db);
$reportCount = $reportFinder->getReportCount();
$reportQuestionCount = $reportFinder->getReportQuestionCount($sql, $param);
// call the specific class of the report
$report_class_handle = new Report();
$report_class_get = $report_class_handle->get();
$report_info = new $report_id();
// declare the report class by using it's ID
$result['reportList'] = $report_info->info();
// start preparing the report for processing
$reportPerform = new $_REQUEST["report_id"]($db);
$reportResults = $reportPerform->perform($sql, $param);
$libraryFinder = new LibraryFinder($db);
$reportLibName = $libraryFinder->getLibraryName($library_id_post);
if (isset($location_id_post)) {
$locationFinder = new LocationFinder($db);
$reportLocName = $locationFinder->getLocation($location_id_post);
}
// prepare $results
// since a CSV report is handled differently with the headers, configure the report here
if ($report_id == "DataCSVReport" || isset($_REQUEST["csv_export"])) {
$result['renderer'] = 'template_csv.inc';
$result['content'] = 'content/outputCSV.php';
}
$result['report_id'] = $report_id;
$result['date1'] = $date1;
$result['date2'] = $date2;
$result['library_id'] = $library_id;
$result['library_id_post'] = $library_id_post;
$result['library_name'] = $reportLibName;
$result['location_id'] = $location_id;
$result['location_id_post'] = $location_id_post;
$result['location_name'] = $reportLocName;
$result['reportCount'] = $reportCount;
$result['reportQuestionCount'] = $reportQuestionCount;
$result['reportResults'] = $reportResults;
$result['criteria'] = $criteria;
$result['sql'] = $sql;
return $result;
}
function perform()
{
// Get the resources we need to do this update
$db = $_REQUEST['db'];
$userFinder = new UserFinder($db);
$user = $userFinder->findById($_SESSION['userId']);
$questionFinder = new QuestionFinder($db);
// Grok all the relevant data from the form
$qHash = array();
$qHash['library_id'] = $user['library_id'];
$qHash['location_id'] = gpwd('location', null);
$qHash['question_type_id'] = gpwd('questionType', null);
$qHash['question_type_other'] = gpwd('questionTypeOther');
$qHash['time_spent_id'] = gpwd('timeSpent', null);
$qHash['patron_type_id'] = gpwd('patronType', null);
$qHash['question_format_id'] = gpwd('questionFormat', null);
$qHash['initials'] = gpwd('initials');
$qHash['client_ip'] = getRemoteIp();
$qHash['user_id'] = $_SESSION['userId'];
$qHash['question'] = gpwd('question');
$qHash['answer'] = gpwd('answer');
$qHash['question'] = trim($qHash['question']);
$qHash['answer'] = trim($qHash['answer']);
$qHash['hide'] = 0;
if ($qHash['question'] == '' && $qHash['answer'] == '') {
$qHash['hide'] = 1;
}
// Do the date
$qHash['question_date'] = trim(gpwd('mydate', 'now'));
if ($qHash['question_date'] == '') {
$qHash['question_date'] = 'now';
}
$stamp = strtotime($qHash['question_date']);
if ($stamp != -1) {
$qHash['question_date'] = date('Y-m-d H:i:s', $stamp);
} else {
$qHash['question_date'] = null;
}
$qHash['date_added'] = date('Y-m-d H:i:s');
// Clean up qHash; make numbers really numeric. The dirty little
// trick: add 0 to non-null values names .*_id
foreach ($qHash as $key => $val) {
if (strpos($key, '_id')) {
if ($val != null) {
$qHash[$key] = $val + 0;
}
}
}
$target = "questionAddForm.do";
$res = $questionFinder->addQuestion($qHash);
if (!DB::isError($res)) {
// Use a Location: header to fly back; we don't want to
// be able to double-enter by mistake.... I think.
$url = "http://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}";
$url = substr($url, 0, -strrchr($url, '/')) . $target;
header("Location: {$url}");
exit;
} else {
// A page error occurred!
$_REQUEST['dbResult'] = $res;
$act = new PageErrorAction();
return $act->perform();
}
}
<?php
require_once '../common.php';
$name = $_POST['username'];
$uf = new UserFinder($pdo);
$user = $uf->find($name);
if (!$user) {
throw new Exception('User not found');
}
$request = json_decode($_POST['request_str']);
$signature = json_decode($_POST['signature_str']);
$user->authenticateSignature($u2f, $request, $signature);
echo json_encode('Authentication successful!');
public function checkUser()
{
//
$ReQuest = new Request();
$UserFinder = new UserFinder();
$User = $UserFinder->findByNameAndPass($ReQuest->getAsString("UserName"), $ReQuest->getAsString("UserPass"));
if ($User->getId()) {
echo "true";
return true;
}
echo "false";
return false;
}
/**
*
* updateUserName
*
* @param String $ErrorString
* @param String $StatusString
*/
public function updateUserName($ErrorString = "", $StatusString = "")
{
if (Controler_Main::getInstance()->getUserLevel() < BACKEND_USERLEVEL) {
$ControlerStart = new Controler_Start();
$ControlerStart->start();
return false;
}
$Request = new Request();
$Controler_Main = Controler_Main::getInstance();
$ErrorString = "";
$ID = $Request->getAsString("EditUserID");
if (strlen($Request->getAsString("tb_Name")) < 3) {
$ErrorString .= ":T_REGISTER_ERROR1: <br />";
}
$UserFinder = new UserFinder();
if (strlen($Request->getAsString("tb_Name"))) {
$User = $UserFinder->findByName($Request->getAsString("tb_Name"));
if ($User->getId() != 0) {
$ErrorString .= ":T_REGISTER_ERROR7: <br />";
}
}
if (strlen($ErrorString) != 0) {
$this->showUserManagement($ErrorString);
return false;
}
$UserManager = new UserManager();
$UserManager->updateUserNameByID($ID, $Request->getAsString("tb_Name"));
$this->showEditUser("", ":T_USER_UPDATED_NAME_STATUS:");
}
public function userLogin()
{
$Request = new Request();
if ($_SESSION['BadLogin'] == 5) {
$this->showLogin();
return false;
}
$UserFinder = new UserFinder();
$User = $UserFinder->findByNameAndPass($Request->getAsString("tb_Name"), md5($Request->getAsString("tb_Pass")));
if ($User->getId() == 0) {
$this->showLogin();
if (!$_SESSION['BadLogin']) {
$_SESSION['BadLogin'] = 1;
} else {
$_SESSION['BadLogin']++;
}
return false;
}
$_SESSION['UserId'] = $User->getId();
$_SESSION['UserName'] = $Request->getAsString("tb_Name");
$_SESSION['UserPass'] = md5($Request->getAsString("tb_Pass"));
if ($User->getLooked()) {
// der User ist gesperrt und darf sich nicht einloggen
$TempLate = Template::getInstance("tpl_Login.php");
$TempLate->renderError("Fehler", ":T_LOGIN_ERROR1:", "index.php");
return false;
}
Controler_Main::getInstance()->setUser($User);
Controler_Main::getInstance()->addPermanentOutPut();
$UserManager = new UserManager();
$UserManager->updateLoginTime($User->getId());
$ControlerData = new Controler_Download();
$ControlerData->start();
}
function perform()
{
$times = array();
$start = 0;
$end = 0;
$result = array('renderer' => 'template_renderer.inc', 'pageTitle' => SITE_NAME . ' : Add Question', 'content' => 'content/questionAddForm.php');
// The number of questions and page offset we want
$count = grwd('count', 50);
$page = grwd('page', 1);
$result['count'] = $count;
$result['page'] = $page;
// Learn what kind of menus we need
$layout = grwd('layout', 'menus');
$optionFunction = array('pulldown' => 'getSelectPulldown', 'radio' => 'getRadioList', 'menus' => 'getSelectBox');
$result['optionFunction'] = $optionFunction[$layout];
$db = $_REQUEST['db'];
$tsf = new TimeSpentFinder($db);
$ptf = new PatronTypeFinder($db);
$qff = new QuestionFormatFinder($db);
$qtf = new QuestionTypeFinder($db);
$if = new InitialsFinder($db);
$lf = new LocationFinder($db);
$userFinder = new UserFinder($db);
$start = mTimeFloat();
$user = $userFinder->findById($_SESSION['userId']);
$end = mTimeFloat();
$times['userfind'] = $end - $start;
$clientIp = getRemoteIp();
$libId = $user['library_id'];
$start = mTimeFloat();
$result['timeSpentOpts'] = $tsf->findByLibrary($libId);
$result['patronTypeOpts'] = $ptf->findByLibrary($libId);
$result['questionTypeOpts'] = $qtf->findByLibrary($libId);
$result['questionFormatOpts'] = $qff->findByLibrary($libId);
$result['locationOpts'] = $lf->findByLibrary($libId);
$times['menus'] = mTimeFloat() - $start;
$start = mTimeFloat();
// Load the default (last used) values for this client
$result['locationId'] = $lf->getLastLocationId($clientIp, $libId);
if ($result['locationId'] == null) {
$result['locationId'] = $result['locationOpts'][0]['location_id'];
}
$start = mTimeFloat();
$result['lastInitials'] = $if->getLastInitials($clientIp);
$times['lastInitials'] = mTimeFloat() - $start;
$start = mTimeFloat();
$result['lastTimeSpent'] = $tsf->getLast($clientIp);
$times['lastTimeSpent'] = mTimeFloat() - $start;
$start = mTimeFloat();
$result['lastPatronType'] = $ptf->getLast($clientIp);
$times['lastPatronType'] = mTimeFloat() - $start;
$start = mTimeFloat();
$result['lastQuestionType'] = $qtf->getLast($clientIp);
$times['lastQuestionType'] = mTimeFloat() - $start;
$start = mTimeFloat();
$result['lastQuestionFormat'] = $qff->getLast($clientIp);
$times['lastQuestionFormat'] = mTimeFloat() - $start;
$result['user'] = $user;
$questionFinder = new QuestionFinder($db);
$start = mTimeFloat();
$result['lastAdded'] = $questionFinder->getLastQuestionTime($clientIp, $libId);
if ($result['lastAdded'] != null) {
$result['lastAdded'] = date('n/d g:i A', strtotime($result['lastAdded']));
}
$times['lastAdded'] = mTimeFloat() - $start;
$start = mTimeFloat();
$qResult = $questionFinder->getPagedList($count, $page, 'questions.library_id = ?', array((int) $libId));
$result['questionList'] =& $qResult['list'];
$result['list_meta'] = $qResult['meta'];
$result['questionCount'] = $qResult['meta']['totalQuestions'];
$result['nonemptyQuestionCount'] = $qResult['meta']['nonemptyQuestions'];
$times['getQuestions'] = mTimeFloat() - $start;
$origin = "questionAddForm.do?page=" . $result['page'] . "&count=" . $result['count'];
$result['origin'] = $origin;
$result['target'] = 'questionAddForm.do';
// Disabled debugging output
// echo "<!-- ";
// var_dump($times);
// echo " -->";
return $result;
}
