예제 #1
0
 /**
  *
  * @param WOOOF $wo
  * @param array $in
  * @return boolean
  */
 public static function passwordChange(WOOOF $wo, $in)
 {
     $place = __CLASS__ . '::' . __FUNCTION__;
     $wo->debug("{$place}:  ChangePassword");
     $movieRamaPerson = $wo->db->getRowByColumn('v_movierama_persons', 'VUS_id', $in['movieRamaUserId']);
     if ($movieRamaPerson === FALSE) {
         return false;
     }
     if ($movieRamaPerson === NULL) {
         $wo->logError(self::_ECP . "3352 No MovieRama person found.");
         return false;
     }
     $user = $wo->db->getRow('__users', $movieRamaPerson['VUS_userId']);
     if ($user === FALSE) {
         return false;
     }
     if ($user === NULL) {
         $wo->logError(self::_ECP . "3357 No user found.");
         return false;
     }
     //change password here
     $passwordErrors = [];
     $res = WOOOF_User::changePassword($wo, $user['loginName'], $in['newPass'], $passwordErrors, $in['oldPass']);
     if ($res === FALSE) {
         return false;
     }
     return $res;
 }
    }
    
    $thePassword = $wo->getPasswordHash($wo->cleanUserInput($value), $cUser['id']);
    	
    if ( $thePassword == FALSE ) {
    	echo "FAILED*****";
    }
    else {
    	$succ = $wo->db->query('update __users set loginPass=\''. $thePassword .'\' where id=\''. $cUser['id'] .'\'');
    	if ( $succ === FALSE ) {
    		echo "Failed to update: " . nl2br($wo->getErrorsAsStringAndClear()) ;
    	}
    	else {
    		$wo->db->commit();
    		echo "Ok";
    	}
    }
    */
    $checkPasswordValidity = true;
    $succ = WOOOF_User::changePassword($wo, $key, $value, $errors, '', $checkPasswordValidity);
    echo "{$key}: " . ($succ ? "changed OK" : "FAILED to change password") . "<br>";
    echo nl2br($wo->getErrorsAsStringAndClear());
    var_dump($errors);
    if ($succ) {
        $wo->db->commit();
    } else {
        $wo->db->rollback();
    }
    echo "<br>";
}
echo "Finished.";
예제 #3
0
    public static function initDatabase(WOOOF $wo, $databaseName, $usersArray = NULL, $recreate = false)
    {
        //
        echo '<h2>' . __CLASS__ . '.' . __FUNCTION__ . '</h2>';
        if (!$wo->hasContent($databaseName)) {
            $wo->logError(self::_ECP . "0045 Empty 'databaseName' was provided");
            return false;
        }
        if (!$recreate) {
            $sql = "\n\t\t\t\tSELECT count(*)\n\t\t\t\tFROM information_schema.tables\n\t\t\t\tWHERE \n\t\t\t\t\ttable_schema = '{$databaseName}' and\n\t\t\t\t\ttable_name   = '__tableMetaData'\n\t\t\t";
            $res = $wo->db->query($sql);
            if ($res === FALSE) {
                return false;
            }
            if ($wo->db->fetchArray($res)[0] != '0') {
                $wo->logError(self::_ECP . "0070 Database [{$databaseName}] looks already initialized.");
                return false;
            }
        }
        // no recreate
        //
        //echo "Remember to remove this file as soon as the db is initialised for WOOOF!!!!<br><br>";
        $ddl = array();
        $ddl[] = 'DROP TABLE IF EXISTS __dbLog';
        $ddl[] = 'CREATE TABLE __dbLog (
		id int unsigned not null auto_increment primary key,
		executionTime   DECIMAL(16,5) NOT NULL,
		queryText       LONGTEXT
		) ENGINE = MyISAM CHARACTER SET = utf8';
        $ddl[] = 'DROP TABLE IF EXISTS __columnMetaData';
        $ddl[] = 'DROP TABLE IF EXISTS __tableMetaData';
        $ddl[] = 'DROP TABLE IF EXISTS __lrbs';
        $ddl[] = 'DROP TABLE IF EXISTS __roles';
        $ddl[] = 'DROP TABLE IF EXISTS __userRoleRelation';
        $ddl[] = 'DROP TABLE IF EXISTS __users';
        $ddl[] = 'DROP TABLE IF EXISTS __sessions';
        $ddl[] = 'DROP TABLE IF EXISTS __cache';
        $ddl[] = 'DROP TABLE IF EXISTS __userPaths';
        $ddl[] = 'DROP TABLE IF EXISTS __bannedIPs';
        $ddl[] = 'DROP TABLE IF EXISTS __externalFiles';
        $ddl[] = 'DROP TABLE IF EXISTS __domains';
        $ddl[] = 'DROP TABLE IF EXISTS __domain_values';
        $ddl[] = 'DROP TABLE IF EXISTS __options';
        $ddl[] = 'CREATE TABLE `__cache` ( `address` varchar(255) NOT NULL DEFAULT \'0\', `payload` longblob, PRIMARY KEY (`address`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8';
        $ddl[] = 'CREATE TABLE `__options` (`id` int unsigned not null auto_increment primary key, `optionName` varchar(255) not null, `optionValue` varchar(255) not null, `optionDisplay` int not null default \'1\', ord int unsigned not null default \'0\') ENGINE=InnoDB CHARSET=utf8';
        $ddl[] = 'CREATE TABLE `__domains` ( `id` char(10) CHARACTER SET ascii COLLATE ascii_bin NOT NULL, `isDeleted` char(1) NOT NULL DEFAULT \'0\', `code` varchar(20) NOT NULL, `description` varchar(255) NOT NULL, `comments` mediumtext, PRIMARY KEY (`id`), UNIQUE KEY `__domains_idxA` (`code`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8';
        $ddl[] = 'CREATE TABLE `__userPaths` ( `sessionId` char(40) DEFAULT NULL, `requestPage` longblob, `requestData` longblob, `timeStamp` char(14) NOT NULL, KEY `sessionId` (`sessionId`), KEY `timeStamp` (`timeStamp`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8';
        $ddl[] = 'CREATE TABLE `__domain_values` ( `id` char(10) CHARACTER SET ascii COLLATE ascii_bin NOT NULL, `isDeleted` char(1) NOT NULL DEFAULT \'0\', `active` int(11) DEFAULT \'1\', `domainId` char(10) CHARACTER SET ascii COLLATE ascii_bin NOT NULL, `domainValueCode` varchar(100) NOT NULL, `description` varchar(255) DEFAULT NULL, `comments` mediumtext, `subDomain` varchar(255) DEFAULT NULL, `picture` varchar(255) DEFAULT NULL, `iconFont` varchar(255) DEFAULT NULL, `extraInfo1` varchar(255) DEFAULT NULL, PRIMARY KEY (`id`), UNIQUE KEY `__domain_values_idxA` (`domainId`,`domainValueCode`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8';
        $ddl[] = 'CREATE TABLE `__bannedIPs` ( `IP` char(15) NOT NULL, `banExpiration` char(14) NOT NULL, KEY `IP` (`IP`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8';
        $ddl[] = self::createTableMetaDataSQL('__tableMetaData');
        $ddl[] = self::createColumnMetaDataSQL('__columnMetaData');
        $ddl[] = 'CREATE TABLE `__externalFiles` ( 
			`id` char(10) NOT NULL, 
			`entryDate` varchar(255) NOT NULL, 
			`fileName` char(40) NOT NULL, 
			`originalFileName` varchar(255) NOT NULL, 
			PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8';
        $ddl[] = 'CREATE TABLE `__lrbs` ( 
			`location` varchar(255) NOT NULL DEFAULT \'0\', 
			`role` char(10) NOT NULL DEFAULT \'none\', 
			`action` varchar(255) NOT NULL DEFAULT \'none\', 
			`allowed` char(1) NOT NULL DEFAULT \'0\', 
			PRIMARY KEY (`location`,`role`,`action`))
			ENGINE=InnoDB DEFAULT CHARSET=utf8';
        $ddl[] = 'CREATE TABLE `__roles` ( 
			`id` char(10) NOT NULL DEFAULT \'0\', 
			`role` varchar(255) NOT NULL DEFAULT \'none\', 
			PRIMARY KEY (`id`)) 
			ENGINE=InnoDB DEFAULT CHARSET=utf8';
        $ddl[] = 'CREATE TABLE `__userRoleRelation` ( 
			`userId` char(10) NOT NULL DEFAULT \'0\', 
			`roleId` char(10) NOT NULL DEFAULT \'none\', 
			PRIMARY KEY (`userId`,`roleId`), 
			KEY `userId` (`userId`,`roleId`)) 
			ENGINE=InnoDB DEFAULT CHARSET=utf8';
        $ddl[] = 'CREATE TABLE `__users` ( 
			`id` char(10) NOT NULL DEFAULT \'0\', 
			`loginName` varchar(255) NOT NULL, 
			`loginPass` varchar(255) NOT NULL, 
			PRIMARY KEY (`id`),
			KEY `loginName` (`loginName`,`loginPass`))
			ENGINE=InnoDB DEFAULT CHARSET=utf8';
        $ddl[] = 'CREATE TABLE `__sessions` ( 
			`sessionId` char(40) NOT NULL, 
			`userId` char(10) NOT NULL DEFAULT \'0\', 
			`loginDateTime` char(14) NOT NULL, 
			`loginIP` char(15) NOT NULL, 
			`active` char(1) NOT NULL DEFAULT \'1\', 
			`lastAction` char(14) NOT NULL, 
			PRIMARY KEY (`sessionId`), 
			KEY `active` (`active`,`sessionId`))
			ENGINE=MyISAM DEFAULT CHARSET=utf8';
        // Execute all ddl commands
        $succ = $wo->db->queryMultiple($ddl);
        if ($succ === FALSE) {
            return FALSE;
        }
        // Fill-in initial data
        //
        $dml = array();
        // Roles
        $dml[] = "insert into __roles (id, role) values ('0000000000','System Operator')";
        $dml[] = "insert into __roles (id, role) values ('0123456789','Not Logged In')";
        $dml[] = "insert into __roles (id, role) values ('9876543210','Email Not Active')";
        $dml[] = "insert into __roles (id, role) values ('9999999999','Normal User')";
        // system operator role rights on database creation and manipulation
        $dml[] = "insert into __lrbs (location, role, action, allowed) values\n\t\t('3', '0000000000', 'viewUncontroled','1'),\n\t\t('3', '0000000000', 'logIn','1'),\n\t\t('3', '0000000000', 'signOut','1'),\n\t\t('1', '0000000000', 'modifyProperties','1'),\n\t\t('1', '0000000000', 'read','1'),\n\t\t('1', '0000000000', 'edit','1'),\n\t\t('1', '0000000000', 'activate', '1'),\n\t\t('1', '0000000000', 'deactivate', '1'),\n\t\t('1', '0000000000', 'delete', '1'),\n\t\t('1', '0000000000', 'insert', '1'),\n\t\t('1', '0000000000', 'moveDown', '1'),\n\t\t('1', '0000000000', 'moveUp', '1'),\n\t\t('1', '0000000000', 'signOut', '1'),\n\t\t('1', '0000000000', 'update', '1'),\n\t\t('1', '0000000000', 'users', '1')\n\t\t";
        $dml[] = "insert into __lrbs (location, role, action, allowed) values ('3','0123456789','logIn','1'),('3','0123456789','signIn','1'),('3','0123456789','viewUncontroled','1')";
        $dml[] = "insert into __lrbs (location, role, action, allowed) values ('3','9876543210','activateEmail','1')";
        $dml[] = "insert into __lrbs (location, role, action, allowed) values\n\t\t\t('3','9999999999','viewUncontroled','1'),\n\t\t\t('3','9999999999','signOut','1'),\n\t\t\t('3','9999999999','test','1')\n\t\t";
        $succ = $wo->db->queryMultiple($dml);
        if ($succ === FALSE) {
            return FALSE;
        }
        $wo->db->commit();
        // MD Version in __options
        $succ = self::versionWriteToDB($wo);
        if ($succ === FALSE) {
            return FALSE;
        }
        // Users
        //
        if ($usersArray === NULL or !is_array($usersArray)) {
            $usersArray = array(array('sysOp', 'ultrex', array('System Operator', 'Normal User'), null, false), array('notLoggedIn', '', 'Not Logged In', WOOOF_User::ID_OF_NOT_LOGGED_IN, false), array('admin', 'admin123', array('System Operator', 'Normal User'), null, false), array('user1', 'user1', 'Normal User', null, false));
        }
        $succ = WOOOF_User::createMultipleUsers($wo, $usersArray, $newUserIds);
        if ($succ === FALSE) {
            return FALSE;
        }
        $wo->db->commit();
        return true;
    }
예제 #4
0
$pageLocation = '1';
$requestedAction = 'users';
$wo = new WOOOF();
if (!$wo->constructedOk) {
    $wo->handleShowStopperError("1000 Failed to init WOOOF.");
}
$database = $wo->db->getDatabaseName();
$dbString = "{$database}@" . $wo->getConfigurationFor('databaseHost')[$wo->getConfigurationFor('defaultDBIndex')];
echo "<h1>Create users</h1>";
echo "<h2>Db: {$dbString}</h2>";
// array( array( 0: loginName, 1: password, 2:string[]|string (of role names) 3: id (may be '' ) 4: checkPassword (default true) ), ... )
// The following is an example. Edit as desired.
// PLEASE, SET THE FOLLOWING
$newUsers = array(array('sysJohnL', '12345678A', array('Normal User', 'System Operator')), array('sysApapanto', '12345678A', array('Normal User', 'System Operator')));
$newUsers = array();
// COMMENT AFTER CHANGING $newUsers above
$commitEach = false;
// set to true to save users one by one. set to false to save them all or none!
$succ = WOOOF_User::createMultipleUsers($wo, $newUsers, $newUserIds, $commitEach);
//var_dump($succ, $newUsers, $newUserIds);
echo "<h2>Given Users</h2>";
echo WOOOF_Util::do_dump($newUsers);
echo "<h2>Created Users</h2>";
echo WOOOF_Util::do_dump($newUserIds);
if ($succ === TRUE) {
    $wo->db->commit();
    echo "<h2>Ok</h2>";
} else {
    $wo->db->rollback();
    echo "<h2>Failed</h2>";
}
예제 #5
0
 /**
  *
  * @param WOOOF $wo
  * @param array $in
  * @return boolean
  */
 public static function passwordReset(WOOOF $wo, $in)
 {
     $place = __CLASS__ . '::' . __FUNCTION__;
     $wo->debug("{$place}:  ResetPassword");
     $userRec = $wo->db->getRowByColumn('__users', 'loginName', $in['email']);
     if ($userRec === FALSE) {
         return false;
     }
     if ($userRec === NULL) {
         $wo->logError(self::_ECP . "2360 No such user found.");
         return false;
     }
     //create new password here
     $newPassword = WOOOF::randomString(10);
     $newPassword[0] = 'A';
     $newPassword[1] = '1';
     //change password here
     $passwordErrors = [];
     $res = WOOOF_User::changePassword($wo, $in['email'], $newPassword, $passwordErrors);
     if ($res === FALSE) {
         return false;
     }
     //send the password to user via email
     $emailAddress = $in['email'];
     $subject = 'New MovieRama Password';
     $message = 'Your new MovieRama Password is: ' . $newPassword;
     $replyTo = '';
     $cc = '';
     $htmlMessage = 'Your new MovieRama Password is: ' . $newPassword;
     $files = null;
     $res = $wo->sendMail('', $emailAddress, $subject, $message, $replyTo, $cc, $htmlMessage, $files);
     return $res;
 }