public function addRole($role)
{
if ($this > hasRole($role)) {
return;
}
$this->recordThat(new RoleWasAddedToGroup($this->getIdentity(), $role));
$this->roles[] = $role;
return $this;
}
<?php
die;
header('Content-type: application/json');
require_once "include.php";
require_once "../../configuration.php";
require_once "../../include.php";
session_start();
$con = mysql_connect($MYSQL_HOSTNAME, $MYSQL_USERNAME, $MYSQL_PASSWORD);
if (!$con) {
die("-2");
}
if (!mysql_select_db($MYSQL_DATABASE, $con)) {
mysql_close($con);
die("-3");
}
if (!hasRole($_GET["googleid"], "ROLE_USER", $con)) {
mysql_close($con);
die("-4");
}
$paymentObject = executePayment(getPaypalAccessToken(), $_SESSION["paypalPaymentId"], $_GET["PayerID"]);
if ($paymentObject->state === "approved") {
addRole($_GET["googleid"], "ROLE_PRO", $con);
//grant user pro
echo json_encode($paymentObject);
} else {
echo "-1";
}
unset($_SESSION["paypalPaymentId"]);
mysql_close($con);
function initBrowseProposalsByTypeLayout($owner_only = false)
{
$only_mine_query = (bool) $owner_only ? '&mine_only=true' : '';
$only_mine_js = (bool) $owner_only ? 'true' : 'false';
// ORG ADMIN & MENTOR VIEWS
if (hasRole(array(_ORGADMIN_TYPE)) || hasRole(array(_MENTOR_TYPE))) {
$org_id = 0;
if (isset($_GET['organisation'])) {
$org_id = $_GET['organisation'];
}
echo "<a href='" . _WEB_URL . "/dashboard/proposals/browsebytype'>" . t('Show all proposals for my organisation') . "</a>";
echo " | ";
echo "<a href='" . _WEB_URL . "/dashboard/proposals/browsebytype/mine'>" . t('Show only mine') . "</a>";
?>
<div class="filtering" style="width: 800px;">
<span id="infotext" style="margin-left: 34px"></span>
<form id="proposal_filter">
<?php
echo t('Filter by Organisation');
?>
:
<?php
// echo t('Organisations');
?>
<select id="organisation" name="organisation">
<option <?php
echo !$org_id ? 'selected="selected"' : '';
?>
value="0"><?php
echo t('All My Organisations');
?>
</option><?php
$result = Organisations::getInstance()->getMyOrganisations(TRUE);
foreach ($result as $record) {
$selected = $record->org_id == $org_id ? 'selected="selected" ' : '';
echo '<option ' . $selected . 'value="' . $record->org_id . '">' . $record->name . '</option>';
}
?>
</select>
</form>
</div>
<div id="TableContainer" style="width: 800px;"></div>
<script type="text/javascript">
jQuery(document).ready(function($){
window.view_settings = {};
function loadFilteredProposals(){
$("#TableContainer").jtable("load", {
organisation: $("#organisation").val(),
});
}
//Prepare jTable
$("#TableContainer").jtable({
paging: true,
pageSize: 10,
sorting: true,
defaultSorting: "pid ASC",
actions: {
listAction: moduleUrl + "actions/project_actions.php?action=list_search_proposal_count<?php
echo $only_mine_query;
?>
"
},
fields: {
pid: {
key: true,
create: false,
edit: false,
list: false
},
title: {
title: "Project",
width: "49%",
display: function (data) {
return "<a title=\"View project details\" href=\"javascript:void(0);\" onclick=\"getProjectDetail("+data.record.pid+")\">"
+ data.record.title+"</a>";
},
},
org_name: {
title: "Organisation",
width: "35%",
display: function (data){return data.record.org_name;}
},
proposal_count : {
title: "Proposals",
width: "10%",
display: function (data){return data.record.proposal_count;}
},
proposal_view : {
width: "6%",
title: "View",
sorting: false,
display: function (data) {
if(data.record.proposal_count > 0){
return "<a title=\"View Proposals\" href=\"javascript:void(0);\" "+
"onclick=\"getProposalsForProject("+data.record.pid+",<?php
echo $only_mine_js;
?>
)\">"+
"<span class=\"ui-icon ui-icon-info\">See detail</span></a>";
}
},
create: false,
edit: false
},
},
});
//Load proposal list from server on initial page load
loadFilteredProposals();
$("#organisation").change(function(e) {
e.preventDefault();
loadFilteredProposals();
});
$("#proposal_filter").submit(function(e){
e.preventDefault();
loadFilteredProposals()
});
});
</script><?php
} else {
if (hasRole(array(_INSTADMIN_TYPE)) || hasRole(array(_SUPERVISOR_TYPE))) {
$studentgroup_id = 0;
if (isset($_GET['group'])) {
$studentgroup_id = $_GET['group'];
}
echo "<a href='" . _WEB_URL . "/dashboard/proposals/browsebytype'>" . t('Show all proposals from my Institution') . "</a>";
echo " | ";
echo "<a href='" . _WEB_URL . "/dashboard/proposals/browsebytype/mine'>" . t('Show only mine') . "</a>";
?>
<div class="filtering" style="width: 800px;">
<span id="infotext" style="margin-left: 34px"></span>
<form id="proposal_filter">
<?php
echo t('Filter by Group');
?>
:
<?php
// echo t('Organisations');
$option_text = (bool) $owner_only ? t('All My Groups') : t('All Groups from my Institution');
if ($owner_only) {
$result = Groups::getGroups(_STUDENT_GROUP, $GLOBALS['user']->uid);
} else {
$institutes = Users::getInstituteForUser($GLOBALS['user']->uid);
if ($institutes->rowCount() > 0) {
$result = Groups::getGroups(_STUDENT_GROUP, 'all', $institutes->fetchObject()->inst_id);
} else {
// give up, just get their own
$result = Groups::getGroups(_STUDENT_GROUP, $GLOBALS['user']->uid);
}
}
?>
<select id="group" name="group">
<option
<?php
echo !$studentgroup_id ? 'selected="selected"' : '';
?>
value="0"><?php
echo $option_text;
?>
</option><?php
foreach ($result as $record) {
$selected = $record->studentgroup_id == $studentgroup_id ? 'selected="selected" ' : '';
echo '<option ' . $selected . 'value="' . $record->studentgroup_id . '">' . $record->name . '</option>';
}
?>
</select>
</form>
</div>
<div id="TableContainer" style="width: 800px;"></div>
<script type="text/javascript">
jQuery(document).ready(function($){
window.view_settings = {};
function loadFilteredProposals(){
$("#TableContainer").jtable("load", {
group: $("#group").val(),
});
}
//Prepare jTable
$("#TableContainer").jtable({
paging: true,
pageSize: 10,
sorting: true,
defaultSorting: "pid ASC",
actions: {
listAction: moduleUrl + "actions/institute_actions.php?action=list_search_proposal_count_student<?php
echo $only_mine_query;
?>
"
},
fields: {
uid: {
key: true,
create: false,
edit: false,
list: false
},
username: {
title: "Student",
width: "42%",
display: function (data) {
return data.record.username;
},
},
groupname: {
title: "Group name",
width: "42%",
display: function (data){return data.record.groupname;}
},
proposal_count : {
title: "Proposals",
width: "10%",
display: function (data){return data.record.proposal_count;}
},
proposal_view : {
width: "6%",
title: "View",
sorting: false,
display: function (data) {
if(data.record.proposal_count > 0){
return "<a title=\"View Proposals\" href=\"javascript:void(0);\" "+
"onclick=\"getProposalsForStudent("+data.record.uid+",<?php
echo $only_mine_js;
?>
)\">"+
"<span class=\"ui-icon ui-icon-info\">See detail</span></a>";
}
},
create: false,
edit: false
},
},
});
//Load proposal list from server on initial page load
loadFilteredProposals();
$("#group").change(function(e) {
e.preventDefault();
loadFilteredProposals();
});
$("#proposal_filter").submit(function(e){
e.preventDefault();
loadFilteredProposals()
});
});
</script><?php
} else {
}
}
}
<?php
header('Content-type: application/json');
require_once "../../configuration.php";
require_once "../../include.php";
if ($AUTO_ESCAPE) {
$google_token = stripslashes($_GET["googletoken"]);
} else {
$google_token = $_GET["googletoken"];
}
$google_id = getGoogleId($google_token);
$con = mysql_connect($MYSQL_HOSTNAME, $MYSQL_USERNAME, $MYSQL_PASSWORD);
mysql_select_db($MYSQL_DATABASE, $con);
if (hasRole($google_id, "ROLE_ADMIN", $con)) {
$query = mysql_query("select count(*) from emailUpdates;", $con);
if ($row = mysql_fetch_row($query)) {
echo json_encode(["status" => "success", "numEmails" => $row[0]]);
} else {
echo json_encode(["status" => "failed", "error" => "SERVER_ERROR"]);
}
} else {
echo json_encode(["status" => "failed", "error" => "PERMISSION_DENIED"]);
}
mysql_close($con);
// Il doit aussi redéfinir la variable $ROLE qui donne le role nécessaire
// à l'appel de ce service. Si $ROLE est vide, tout le monde est autorisé.
$ROLE = "ADMINISTRATOR";
try {
include "svc/{$service}.php";
} catch (Exception $e) {
echo "<pre>";
echo $e->getMessage();
echo "</pre>\n";
$fatal = 'SYNTAX';
}
echo "<pre>SERVER:";
print_r($_SERVER);
echo "</pre>";
$fatal = '';
if (hasRole($ROLE)) {
try {
$output = execService($input, new System());
} catch (Exception $e) {
$msg = $e->getMessage();
echo "<pre>{$msg}</pre>\n";
if (substr($msg, 0, 1) == '!') {
$fatal = $msg;
} else {
$fatal = 'ERROR';
}
}
} else {
// Pas de droits. Role insuffisant.
$fatal = '!' . $ROLE;
}
} else {
$google_token = $_POST["googleToken"];
}
$google_id = getGoogleId($google_token);
$con = mysql_connect($MYSQL_HOSTNAME, $MYSQL_USERNAME, $MYSQL_PASSWORD);
if (!$con) {
header("HTTP/1.1 307 Temporary Redirect");
header("Location: http://{$PREFERRED_HOSTNAME}/goPro");
die;
}
if (!mysql_select_db($MYSQL_DATABASE, $con)) {
header("HTTP/1.1 307 Temporary Redirect");
header("Location: http://{$PREFERRED_HOSTNAME}/goPro");
die;
}
if (hasRole($google_id, "ROLE_PRO", $con)) {
header("HTTP/1.1 307 Temporary Redirect");
header("Location: http://{$PREFERRED_HOSTNAME}/home");
die;
}
mysql_close($con);
if ($google_id == null || $_POST["payAmount"] < 5) {
header("HTTP/1.1 307 Temporary Redirect");
header("Location: http://{$PREFERRED_HOSTNAME}/goPro");
die;
}
session_start();
$paymentObject = createPaypalPayment(getpayPalAccessToken(), getPaymentDataObject("http://{$PREFERRED_HOSTNAME}/goPro?finishPurchase=true&googleid={$google_id}", "http://{$PREFERRED_HOSTNAME}/goPro", $_POST["payAmount"], "USD", "PWYW Lifetime Googulator Pro", "Lifetime Googulator Pro", "PWYWGOOGPRO"));
foreach ($paymentObject->links as $link) {
if ($link->rel == "approval_url") {
$redirectUrl = $link->href;
function getListView()
{
if (hasRole(array(_ORGADMIN_TYPE)) || hasRole(array(_MENTOR_TYPE)) || hasRole(array(_INSTADMIN_TYPE)) || hasRole(array(_SUPERVISOR_TYPE))) {
?>
<div id="TableContainer" style="width: 800px;"></div>
<script type="text/javascript">
jQuery(document).ready(function($){
window.view_settings = {};
function loadFilteredProjects(){
$("#TableContainer").jtable("load", {
//organisation: $("#organisation").val(),
});
}
//Prepare jTable
$("#TableContainer").jtable({
paging: true,
pageSize: 10,
sorting: true,
defaultSorting: "pid ASC",
actions: {
listAction: moduleUrl + "actions/agreement_actions.php?action=list_search"
},
fields: {
agreement_id: {
key: true,
create: false,
edit: false,
list: false
},
title: {
title: "Project",
width: "34%",
display: function (data) {
return "<a title=\"View project details\" href=\"javascript:void(0);\" onclick=\"getProjectDetail("+data.record.project_id+")\">"
+ data.record.title+"</a>";
},
},
name: {
title: "Student",
width: "30%",
display: function (data){
var op = data.record.name;
if(data.record.student_name != null){
op += ' (' +data.record.student_name + ')';
}
return op;
}
},
<?php
if (hasRole(array(_ORGADMIN_TYPE)) || hasRole(array(_MENTOR_TYPE))) {
?>
supervisor_user_name: {
title: "Supervisor",
width: "30%",
display: function (data){
var op = data.record.supervisor_user_name;
if(data.record.supervisor_name != null){
op += ' (' +data.record.supervisor_name + ')';
}
return op;
}
},
<?php
}
?>
<?php
if (hasRole(array(_INSTADMIN_TYPE)) || hasRole(array(_SUPERVISOR_TYPE))) {
?>
mentor_user_name: {
title: "Mentor",
width: "30%",
display: function (data){
var op = data.record.mentor_user_name;
if(data.record.mentor_name != null){
op += ' (' +data.record.mentor_name + ')';
}
return op;
}
},
<?php
}
?>
proposal_view : {
width: "6%",
title: "View",
sorting: false,
display: function (data) {
return "<a title=\"View Project\" href=\"javascript:void(0);\" "+
"onclick=\"getAcceptedProjectOverview("+data.record.agreement_id+")\">"+
"<span class=\"ui-icon ui-icon-info\">See detail</span></a>";
},
create: false,
edit: false
},
},
});
//Load projects list from server on initial page load
loadFilteredProjects();
});
</script><?php
} else {
echo t('Sorry you are not allowed to access this page');
}
}
if ($google_id == null) {
die("-1");
}
//we know this is a valid token, now we need to confirm it's the primary administrator
if (strcmp($PRIMARY_ADMIN_USER, $google_id) != 0) {
//we can also try checking the database to see if this user is set as an administrator
//during this process we have to check for errors all along the way in case the database isn't there or is broken
$sql = mysql_connect($MYSQL_HOSTNAME, $MYSQL_USERNAME, $MYSQL_PASSWORD);
if (mysqli_connect_errno()) {
die(json_encode(["status" => "failed", "error" => "PERMISSION_DENIED"]));
}
if (!mysql_select_db($MYSQL_DATABASE, $sql)) {
mysql_close($sql);
die(json_encode(["status" => "failed", "error" => "PERMISSION_DENIED"]));
}
if (!hasRole($google_id, "ROLE_ADMIN", $sql)) {
mysql_close($sql);
die(json_encode(["status" => "failed", "error" => "PERMISSION_DENIED"]));
}
mysql_close($sql);
}
$sql = new mysqli($MYSQL_HOSTNAME, $MYSQL_USERNAME, $MYSQL_PASSWORD);
if (mysqli_connect_errno()) {
die(json_encode(["status" => "failed", "error" => "MYSQL_CONFIG_ERROR"]));
}
if (!$sql->select_db($MYSQL_DATABASE)) {
$sql->query("create schema {$MYSQL_DATABASE} default character set utf8mb4 collate utf8mb4_unicode_ci;");
if (!$sql->select_db($MYSQL_DATABASE)) {
$sql->close();
die(json_encode(["status" => "failed", "error" => "MYSQL_SCHEMA_CREATE_FAIL"]));
}
