/** * Show user for editing. * * @param Request $request * @param int $id * * @return Response */ public function edit(UserAdminWebRequest $request, User $user) { Form::populate($user); $permissions = $this->permission->groupedPermissions(true); $roles = $this->roles->all(); return response()->view('user::admin.user.edit', compact('user', 'roles', 'permissions')); }
/** * Show the form for editing the specified resource. * * @param Request $request * @param int $id * * @return Response */ public function edit(UserAdminRequest $request, User $user) { $permissions = $this->permission->groupedPermissions(true); $roles = $this->roles->all(); Form::populate($user); $this->responseCode = 200; $this->responseMessage = trans('messages.success.loaded', ['Module' => 'User']); $this->responseData = $user; $this->responseView = view('user::admin.user.edit', compact('user', 'roles', 'permissions')); return $this->respond($request); }
| PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT | | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT | | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE | | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | | | +-------------------------------------------------------------------------+ */ include "../../include/session.php"; include "include/tables.php"; include "include/fields.php"; include "include/roles.php"; $thetable = new roles($db, "tbld:87b9fe06-afe5-d9c6-0fa0-4a0f2ec4ee8a"); $therecord = $thetable->processAddEditPage(); if (isset($therecord["phpbmsStatus"])) { $statusmessage = $therecord["phpbmsStatus"]; } $pageTitle = "Role"; $phpbms->cssIncludes[] = "pages/roles.css"; $phpbms->jsIncludes[] = "modules/base/javascript/roles.js"; //Form Elements //============================================================== $theform = new phpbmsForm(); $theform->onsubmit = "return submitForm(this);"; $theinput = new inputCheckbox("inactive", $therecord["inactive"]); $theform->addField($theinput); $theinput = new inputField("name", $therecord["name"], NULL, true, NULL, 28, 64); $theinput->setAttribute("class", "important");
} } elseif ($action == "showproject") { if (!$userpermissions["files"]["view"]) { $errtxt = $langfile["nopermission"]; $noperm = $langfile["accessdenied"]; $template->assign("errortext", "{$errtxt}<br>{$noperm}"); $template->display("error.tpl"); die; } $files = $myfile->getProjectFiles($id); $filenum = count($files); if (empty($finfiles)) { $filenum = 0; } $myproject = new project(); $rolesobj = new roles(); //get folders $folders = $myfile->getProjectFolders($id); //get all folders $allfolders = $myfile->getAllProjectFolders($id); //get the project $pro = $myproject->getProject($id); //get the project members $members = $myproject->getProjectMembers($id, 10000); //get all roles $allroles = $rolesobj->getAllRoles(); $projectname = $pro["name"]; $title = $langfile['files']; $template->assign("title", $title); $template->assign("projectname", $projectname); SmartyPaginate::assign($template);
private function addPeople($peopleArray) { $user = new user(); foreach ($peopleArray->person as $person) { $company = 0; //note that this should be updated when company becomes a used object $isAdmin = 1; $rolesobj = new roles(); $adminrid = $rolesobj->add("BasecampAdmin", array("add" => 1, "edit" => 1, "del" => 1, "close" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1), array("add" => 1, "edit" => 1, "del" => 1), array("add" => 1, "edit" => 1, "del" => 1, "read" => 1), array("add" => 0), array("add" => 1)); $userrid = $rolesobj->add("BasecampUser", array("add" => 1, "edit" => 1, "del" => 0, "close" => 0), array("add" => 1, "edit" => 1, "del" => 0), array("add" => 1, "edit" => 1, "del" => 1), array("add" => 1, "edit" => 1, "del" => 1), array("add" => 1, "edit" => 1, "del" => 1), array("add" => 1, "edit" => 1, "del" => 1, "read" => 0), array("add" => 1), array("add" => 0)); $username = $person->{'user-name'}; $email = $person->{'email-address'}; $pass = $email; $uid = $user->add($username, $email, $company, $pass); if ($uid) { if ($person->{'administrator'} == "true") { $rolesobj->assign($adminrid, $uid); $isAdmin = 5; } elseif ($person->{'client-id'} != 0) { $rolesobj->assign($userrid, $uid); $isAdmin = 0; } $iid = "" . $person->{'id'}; $this->peopleHash[$iid] = $uid; ++$this->peopleCount; } } }
/** * Log a user in * * @param string $user User name * @param string $pass Password * @return bool */ function openIdLogin($url) { /* here the openid auth should take place */ try { $openid = new LightOpenID($_SERVER['HTTP_HOST']); if (!$openid->mode) { $openid->identity = $url; header('Location: ' . $openid->authUrl()); } elseif ($openid->mode == 'cancel') { return false; } else { $identity = $openid->data['openid_identity']; $sel1 = $conn->query("SELECT ID from openids WHERE identity='{$identity}'"); if ($row = $sel1->fetch()) { $id = $row['ID']; } else { return false; } // die("SELECT ID,name,locale,lastlogin,gender FROM user WHERE ID=$id"); $sel1 = $conn->query("SELECT ID,name,locale,lastlogin,gender FROM user WHERE ID={$id}"); $chk = $sel1->fetch(); if ($chk["ID"] != "") { $rolesobj = new roles(); $now = time(); $_SESSION['userid'] = $chk['ID']; $_SESSION['username'] = stripslashes($chk['name']); $_SESSION['lastlogin'] = $now; $_SESSION['userlocale'] = $chk['locale']; $_SESSION['usergender'] = $chk['gender']; $_SESSION["userpermissions"] = $rolesobj->getUserRole($chk["ID"]); $userid = $_SESSION['userid']; $seid = session_id(); $staylogged = getArrayVal($_POST, 'staylogged'); if ($staylogged == 1) { setcookie("PHPSESSID", "{$seid}", time() + 14 * 24 * 3600); } $upd1 = $conn->prepare("UPDATE user SET lastlogin = ? WHERE ID = ?"); $upd1Stmt = $upd1->execute(array($now, $userid)); return true; } else { return false; } } } catch (ErrorException $e) { return false; } }
function getModuleButtons() { global $module_id; $roles = new roles(); $class_btn = "btn btn-default btn-sm"; $btns .= "<div class='pull-right'>"; $link = ""; if (strtolower(end(explode('.', $_SERVER['REQUEST_URI']))) == 'php') { $link = $_SERVER['REQUEST_URI'] . ""; } else { $link = str_replace(array("&action=add", "action=_edit", "&action=add", "action=_edit"), "", $_SERVER['REQUEST_URI']); } $btns .= "<a href='{$link}' class='{$class_btn}'><i class='fa fa-refresh'></i></a>"; $role_insert = $roles->getUserRoles($_SESSION['cms-grp-id'], $module_id, 'insert'); echo $this->pageInsert; if ($role_insert != "") { $id = "Add"; $link = $this->pageInsert; if (strtolower(end(explode('.', $_SERVER['REQUEST_URI']))) == 'php') { $link = $_SERVER['REQUEST_URI'] . "?action=add"; } else { $link = str_replace(array("&action=add", "action=_edit", "&action=add", "action=add"), "", $_SERVER['REQUEST_URI']) . "&action=add"; } $btns .= "<a href='{$link}' id='{$id}' class='{$class_btn}'><i class='fa fa-plus'></i></a>"; } $role_delete = $roles->getUserRoles($_SESSION['cms-grp-id'], $module_id, 'delete'); if ($role_delete != "") { $id = "AskDelete"; $link = "javascript:void(0);"; $btns .= "<a href='{$link}' id='{$id}' class='{$class_btn}'><i class='fa fa-trash'></i></a>"; } $btns .= "</div>"; return "<div class='row'><div class='col-sm-12'>" . $this->FilterTable() . '</div><div class="col-sm-12" style="padding-top: 10px;"><button type="button" class="btn btn-sm btn-default" id="collapseAll">Collapse All</button><button class="btn btn-sm btn-default" type="button" id="expandAll">Expand All</button>' . $btns . "</div></div>"; }
/** * Log a user in * * @param string $user User name * @param string $pass Password * @return bool */ function login($user, $pass) { if (!$user) { return false; } //fixed by for CS 577 Lab 6 using `prepare` statement //note conn is defined in class.datenbank.php assuming we have access to that we can do this: $stmnt = $conn->prepare("SELECT ID,name,locale,lastlogin,gender FROMuser WHERE (name=? OR email=?) AND pass=?"); $stmnt->bind_param("sss", $user, $user, sha1($pass)); $stmnt->execute(); $stmnt->bind_result($bind_ID, $bind_name, $bind_locale, $bind_lastlogin, $bind_gender); $chk = $stmnt->fetch(); if ($bind_ID != "") { $rolesobj = new roles(); $now = time(); $_SESSION['userid'] = $bind_ID; $_SESSION['username'] = stripslashes($bind_name); $_SESSION['lastlogin'] = $now; $_SESSION['userlocale'] = $bind_locale; $_SESSION['usergender'] = $bind_gender; $_SESSION["userpermissions"] = $rolesobj->getUserRole($bind_ID); $userid = $_SESSION['userid']; $seid = session_id(); $staylogged = getArrayVal($_POST, 'staylogged'); if ($staylogged == 1) { setcookie("PHPSESSID", "{$seid}", time() + 14 * 24 * 3600); } $upd1 = mysql_query("UPDATE user SET lastlogin = '******' WHERE ID = {$userid}"); return true; } else { return false; } }
require CL_ROOT . "/config/" . CL_CONFIG . "/config.php"; // Start database connection $conn = new PDO("mysql:host={$db_host};dbname={$db_name}", $db_user, $db_pass); $user = $_POST['name']; $pass = $_POST['pass']; // create the first user $usr = new user(); $installChk = $usr->getAllUsers(); if ($installChk) { // There already are users. abort install. die("Collabtive seems to be already installed.<br />If this is an error, please clear your database."); } $usrid = $usr->add($user, "", 0, $pass); if (!$usrid) { $template->assign("errortext", "Error: Failed to create first user."); $template->display("error.tpl"); die; } // insert default roles $rolesobj = new roles(); $adminrid = $rolesobj->add("Admin", array("add" => 1, "edit" => 1, "del" => 1, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "read" => 1, "view" => 1), array("add" => 1), array("add" => 1)); $userrid = $rolesobj->add("User", array("add" => 1, "edit" => 1, "del" => 0, "close" => 0, "view" => 1), array("add" => 1, "edit" => 1, "del" => 0, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "close" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "view" => 1), array("add" => 1, "edit" => 1, "del" => 1, "read" => 0, "view" => 1), array("add" => 1), array("add" => 0)); $clientrid = $rolesobj->add("Client", array("add" => 0, "edit" => 0, "del" => 0, "close" => 0), array("add" => 0, "edit" => 0, "del" => 0, "close" => 0), array("add" => 0, "edit" => 0, "del" => 0, "close" => 0), array("add" => 0, "edit" => 0, "del" => 0, "close" => 0), array("add" => 0, "edit" => 0, "del" => 0), array("add" => 0, "edit" => 0, "del" => 0, "read" => 0), array("add" => 0), array("add" => 0)); if (!$adminrid or !$userrid or !$clientrid) { $template->assign("errortext", "Error: Failed to create initial roles."); $template->display("error.tpl"); die; } $rolesobj->assign($adminrid, $usrid); $template->display("install3.tpl"); }
$lang2 = $lang . " (" . $fin . "%)"; $fin = array("val" => $lang, "str" => $lang2); } array_push($languages_fin, $fin); } $template->assign("languages_fin", $languages_fin); $user = $user->getProfile($id); $roleobj = (object) new roles(); $roles = $roleobj->getAllRoles(); $title = $langfile['useradministration']; $template->assign("title", $title); $template->assign("user", $user); $template->assign("roles", $roles); $template->display("edituseradminform.tpl"); } elseif ($action == "edituser") { $roleobj = new roles(); $roleobj->assign($role, $id); if ($id == $userid) { $_SESSION['userlocale'] = $locale; $_SESSION['username'] = $name; } if (!isset($isadmin)) { $isadmin = 1; } // Upload of avatar if (!empty($_FILES['userfile']['name'])) { $fname = $_FILES['userfile']['name']; $typ = $_FILES['userfile']['type']; $size = $_FILES['userfile']['size']; $tmp_name = $_FILES['userfile']['tmp_name']; $error = $_FILES['userfile']['error'];
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ This File: dept.php Description: System File ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*/ if (!defined('PARENT')) { $HEADERS->err403(true); } // Access.. if (!in_array($cmd, $userAccess) && $MSTEAM->id != '1') { $HEADERS->err403(true); } // Class.. include_once PATH . 'control/classes/class.roles.php'; $MSDEPT = new roles(); // Add.. if (isset($_POST['process'])) { if (trim($_POST['name'])) { $MSDEPT->add($MSTEAM->id); $OK1 = true; } } // Update.. if (isset($_POST['update'])) { if (trim($_POST['name'])) { $MSDEPT->update(); $OK2 = true; } } $title = isset($_GET['edit']) ? $msg_dept5 : $msg_dept2;
/** * Log a user in * * @param string $user User name * @param string $pass Password * @return bool */ function login($user, $pass) { global $conn; if (!$user) { return false; } $user = $conn->quote($user); $pass = sha1($pass); $sel1 = $conn->query("SELECT ID,name,locale,lastlogin,gender FROM user WHERE (name = {$user} OR email = {$user}) AND pass = '******'"); $chk = $sel1->fetch(); if ($chk["ID"] != "") { $rolesobj = new roles(); $now = time(); $_SESSION['userid'] = $chk['ID']; $_SESSION['username'] = stripslashes($chk['name']); $_SESSION['lastlogin'] = $now; $_SESSION['userlocale'] = $chk['locale']; $_SESSION['usergender'] = $chk['gender']; $_SESSION["userpermissions"] = $rolesobj->getUserRole($chk["ID"]); $userid = $_SESSION['userid']; $seid = session_id(); $staylogged = getArrayVal($_POST, 'staylogged'); if ($staylogged == 1) { setcookie("PHPSESSID", "{$seid}", time() + 14 * 24 * 3600); } $upd1 = $conn->query("UPDATE user SET lastlogin = '******' WHERE ID = {$userid}"); return true; } else { return false; } }
function getModuleButtons() { global $module_id; $roles = new roles(); $class_btn = "btn btn-default btn-sm"; $btns .= "<div class='pull-right'>"; $btns .= $this->getRelatedModulesButtons($class_btn); $link = ""; if ($this->Help == true && $this->HelpLink != "") { /* alaa */ $btns .= "<a href='{$this->HelpLink}' target='_blank' class='{$class_btn}' title='" . $this->getConstant("help") . "' data-toggle='tooltip'><i class='fa fa-question'></i></a>"; } if (strtolower(end(explode('.', $_SERVER['REQUEST_URI']))) == 'php') { $link = $_SERVER['REQUEST_URI'] . ""; } else { $link = str_replace(array("&action=add", "action=_edit", "&action=add", "action=_edit"), "", $_SERVER['REQUEST_URI']); } $btns .= "<a href='{$link}' title='" . $this->getConstant("refresh") . "' data-toggle='tooltip' class='{$class_btn}'><i class='fa fa-refresh'></i></a>"; $role_insert = $roles->getUserRoles($_SESSION['cms-grp-id'], $module_id, 'insert'); if ($role_insert != "" && $this->Add == true) { /* alaa */ $id = "Add"; $link = $this->pageInsert; if ($this->isGridList == true) { if (strtolower(end(explode('.', $_SERVER['REQUEST_URI']))) == 'php') { $link = $_SERVER['REQUEST_URI'] . "?action=add"; } else { $link = str_replace(array("&action=add", "action=add"), "", $_SERVER['REQUEST_URI']) . "&action=add"; } } $btns .= "<a href='{$link}' id='{$id}' title='" . $this->getConstant("add") . "' data-toggle='tooltip' class='{$class_btn}'><i class='fa fa-plus'></i></a>"; } $role_delete = $roles->getUserRoles($_SESSION['cms-grp-id'], $module_id, 'delete'); if ($role_delete != "" && $this->delete == true) { /* alaa */ $id = "AskDelete"; $link = "javascript:void(0);"; $btns .= "<a href='{$link}' id='{$id}' class='{$class_btn}' title='" . $this->getConstant("delete") . "' data-toggle='tooltip'><i class='fa fa-trash'></i></a>"; } $btns .= "</div>"; return $btns; }
/** * Log a user in * * @param string $user User name * @param string $pass Password * @return bool */ function login($user, $pass) { if (!$user) { return false; } $user = mysql_real_escape_string($user); $pass = mysql_real_escape_string($pass); $pass = sha1($pass); $sel1 = mysql_query("SELECT ID,name,locale,lastlogin,gender FROM user WHERE (name = '$user' OR email = '$user') AND pass = '******'"); $chk = mysql_fetch_array($sel1); if ($chk["ID"] != "") { $rolesobj = new roles(); $now = time(); $_SESSION['userid'] = $chk['ID']; $_SESSION['username'] = stripslashes($chk['name']); $_SESSION['lastlogin'] = $now; $_SESSION['userlocale'] = $chk['locale']; $_SESSION['usergender'] = $chk['gender']; $_SESSION["userpermissions"] = $rolesobj->getUserRole($chk["ID"]); $userid = $_SESSION['userid']; $seid = session_id(); $staylogged = getArrayVal($_POST, 'staylogged'); if ($staylogged == 1) { setcookie("PHPSESSID", "$seid", time() + 14 * 24 * 3600); } $upd1 = mysql_query("UPDATE user SET lastlogin = '******' WHERE ID = $userid"); return true; } else { return false; } }