예제 #1
0
 public function process(\w2p_Core_CAppUI $AppUI, array $myArray)
 {
     if (!$this->object->bind($myArray)) {
         $AppUI->setMsg($this->object->getError(), UI_MSG_ERROR);
         $this->resultPath = $this->errorPath;
         return $AppUI;
     }
     /**
      * The nonce validation only throws a warning as of v3.1 so that we don't break anyone's forms. As of v4.0
      *   this validation will be turned on and any form processing using this controller will have to include
      *   the __nonce field. See http://wiki.web2project.net/index.php?title=Security_Nonce for more details.
      */
     if ('' != $AppUI->__nonce && $AppUI->__nonce != $myArray['__nonce']) {
         error_log("Your submission is missing the CSRF nonce. Please see http://wiki.web2project.net/index.php?title=Security_Nonce for details.");
         //            $AppUI->setMsg("There was an error processing the form. Please submit again.", UI_MSG_ERROR);
         //            $AppUI->holdObject($this->object);
         //            $this->resultPath = $this->errorPath;
         //            return $AppUI;
     }
     $action = $this->delete ? 'deleted' : 'stored';
     $this->success = $this->delete ? $this->object->delete() : $this->object->store();
     if ($this->success) {
         $AppUI->setMsg($this->prefix . ' ' . $action, UI_MSG_OK, true);
         $this->resultPath = $this->successPath;
     } else {
         $AppUI->holdObject($this->object);
         $AppUI->setMsg($this->object->getError(), UI_MSG_ERROR);
         $this->resultPath = $this->errorPath;
     }
     return $AppUI;
 }
예제 #2
0
 public function process(\w2p_Core_CAppUI $AppUI, array $myArray)
 {
     if (!canEdit('users')) {
         $this->resultPath = ACCESS_DENIED;
         return $AppUI;
     }
     $action = $this->delete ? 'deleted' : 'stored';
     $this->success = $this->delete ? $this->object->del_acl((int) $myArray['permission_id']) : $this->object->addUserPermission();
     if ($this->success) {
         $AppUI->setMsg($this->prefix . ' ' . $action, UI_MSG_OK, true);
         $this->resultPath = $this->successPath;
         $this->object->recalcPermissions(null, (int) $myArray['permission_user']);
     } else {
         $AppUI->setMsg($this->object->getError(), UI_MSG_ERROR);
         $this->resultPath = $this->errorPath;
         $AppUI->holdObject($this->object);
     }
     return $AppUI;
 }
예제 #3
0
}
$username = w2PgetParam($_POST, 'user_username', 0);
$username = preg_replace("/[^A-Za-z0-9]/", "", $username);
$user = new CAdmin_User();
$result = $user->loadAll(null, "user_username = '******'");
if (count($result)) {
    header('Location: newuser.php?msg=existing-user');
}
$email = w2PgetParam($_POST, 'contact_email', 0);
$contact = new CContact();
$result = $contact->loadAll(null, "contact_email = '{$email}'");
if (count($result)) {
    header('Location: newuser.php?msg=existing-email');
}
if (!$user->bind($_POST)) {
    $AppUI->setMsg($user->getError(), UI_MSG_ERROR);
    header('Location: newuser.php?msg=user');
}
if (!$contact->bind($_POST)) {
    $AppUI->setMsg($contact->getError(), UI_MSG_ERROR);
    header('Location: newuser.php?msg=contact');
}
$result = $contact->store();
if (count($contact->getError())) {
    header('Location: newuser.php?msg=contact');
} else {
    $user->user_contact = $contact->contact_id;
    $result = $user->store(null, true);
    if (count($user->getError())) {
        header('Location: newuser.php?msg=user');
    } else {
예제 #4
0
$contactListByUsername = CContact::getContactByUsername($username);
if ($contactListByUsername != 'User Not Found') {
    error_reporting(0);
    echo "<script language='javascript'>\n          alert('The username you selected already exists, please select another or if that user name is yours request the password recovery through the dedicated link.');\n          history.go(-2);\n        </script>";
    die;
}
$email = w2PgetParam($_POST, 'contact_email', 0);
$contactListByEmail = CContact::getContactByEmail($email);
if ($contactListByEmail != 'User Not Found') {
    error_reporting(0);
    echo "<script language='javascript'>\n          alert('The email you selected already exists, please select another or if that email is yours request the password recovery through the dedicated link.');\n          history.go(-2);\n        </script>";
    die;
}
$user = new CUser();
if (!$user->bind($_POST)) {
    $AppUI->setMsg($user->getError(), UI_MSG_ERROR);
    $AppUI->redirect();
}
$contact = new CContact();
if (!$contact->bind($_POST)) {
    $AppUI->setMsg($contact->getError(), UI_MSG_ERROR);
    $AppUI->redirect();
}
// prepare (and translate) the module name ready for the suffix
$AppUI->setMsg('User');
$isNewUser = !w2PgetParam($_REQUEST, 'user_id', 0);
if ($isNewUser) {
    // check if a user with the param Username already exists
    if (is_array($contactListByUsername)) {
        $AppUI->setMsg('This username is not available, please try another.', UI_MSG_ERROR, true);
        $AppUI->redirect();
예제 #5
0
$AppUI = new w2p_Core_CAppUI();
$updatekey = w2PgetParam($_GET, 'updatekey', 0);
$updatekey = preg_replace("/[^A-Za-z0-9]/", "", $updatekey);
$contact_id = CContact::getContactByUpdatekey($updatekey);
$company_id = intval(w2PgetParam($_REQUEST, 'company_id', 0));
$company_name = w2PgetParam($_REQUEST, 'company_name', null);
// check permissions for this record
if (!$contact_id) {
    echo $AppUI->_('You are not authorized to use this page. If you should be authorized please contact') . ' ' . $w2Pconfig['company_name'] . ' ' . $AppUI->_('to give you another valid link, thank you.');
    exit;
}
// load the record data
$msg = '';
$row = new CContact();
if (!$row->load($contact_id) && $contact_id > 0) {
    $AppUI->setMsg('Contact');
    $AppUI->setMsg('invalidID', UI_MSG_ERROR, true);
    $AppUI->redirect();
} else {
    //TODO: replace with the proper canEdit()
    if ($row->contact_private && $row->contact_owner != $AppUI->user_id && $row->contact_owner && $contact_id != 0) {
        // check only owner can edit
        $AppUI->redirect(ACCESS_DENIED);
    }
}
// setup the title block
$ttl = $contact_id > 0 ? 'Edit Contact' : 'Add Contact';
$company_detail = $row->getCompanyDetails();
$dept_detail = $row->getDepartmentDetails();
if ($contact_id == 0 && $company_id > 0) {
    $company_detail['company_id'] = $company_id;
예제 #6
0
        $msg = 'The username you selected already exists, please select another or if that user name is yours request the password recovery through the dedicated link.';
        break;
    case 'existing-email':
        $msg = 'The email you selected already exists, please select another or if that email is yours request the password recovery through the dedicated link.';
        break;
    case 'user':
    case 'contact':
        $msg = "There was an error creating your {$msg}. No further information is available at this time.";
        break;
    case 'ok':
        $msg = 'The User Administrator has been notified to grant you access to the system and an email message was sent to you with your login info. Thank you very much.';
        break;
    default:
        $msg = 'No clue what you just tried, but stop it.';
}
$AppUI->setMsg($msg, UI_MSG_ERROR);
// Can not load the passwordstrength.js file via AppUI->addJavascriptFile()
// because AppUI->loadFooterJS() is never called...
?>
<script type="text/javascript" src="<?php 
echo W2P_BASE_URL;
?>
/js/passwordstrength.js"></script>
<script language="javascript">
function submitIt(){
    var form = document.editFrm;
   if (form.user_username.value.length < <?php 
echo w2PgetConfig('username_min_len');
?>
) {
        alert("<?php