public static function from_idmobject() { $perm = new Permissions(); $grant = array(); if (\IDMObject::authZ('role', 'tcert')) { $grant[] = 'tcert'; } if (\IDMObject::authz('permission', 'tcert_admin')) { $grant[] = 'admin'; } if (\IDMObject::authz('permission', 'tcert_gatesystem_ug')) { $grant[] = 'gatesystem_ug'; } if (\IDMObject::authz('permission', 'tcert_gatesystem_gr')) { $grant[] = 'gatesystem_gr'; } if (\IDMObject::authz('permission', 'mis')) { $grant[] = 'superadmin'; } if (\IDMObject::authz('role', 'faculty')) { $grant[] = 'faculty'; } $perm->grant($grant); $perm->pidm = $_SESSION['pidm']; return $perm; }
public function __construct($title = null) { parent::__construct($title); $this->user = new PSUPerson($_SESSION['wp_id']); $this->params = new FinaidParams(); $this->params['admin'] = IDMObject::authZ('permission', 'mis') || IDMObject::authZ('permission', 'finaid_myfinaid_admin'); $this->tpl->assign('params', $this->params); $this->_init_person($this->params['id']); $this->params['aid_year'] = $this->_init_aid_years($this->params['aid_year']); // // setup testing data // $this->testing = new FinaidTesting(); // admins can do test mode if ($this->params['admin']) { $this->params['testable'] = true; } if ($this->params['testable']) { $this->testing->mock($this->target); } $this->tpl->assign('testing', $this->testing); // Warn user about pending relationships, no more than once every 5 minutes if ($this->params['warned-pending'] < time() - 300 && ($pending = $this->user->myrelationships->get('pending'))) { $this->params['warned-pending'] = time(); $count = count($pending); $_SESSION['warnings']['finaid-pending'] = sprintf('You have %d pending relationship%s. Please note that you can\'t see another person\'s financial aid information until your relationship with that person is confirmed. Visit <a href="http://go.plymouth.edu/familychannel">Family Access</a> for more details.', $count, $count == 1 ? '' : 's'); } }
/** * initializeSession * * Set up necessary session variables. */ function initializeSession() { if (!isset($_SESSION['errors'])) { $_SESSION['errors'] = array(); } if (!isset($_SESSION['messages'])) { $_SESSION['messages'] = array(); } $_SESSION['student'] = array(); $_SESSION['user_type'] = null; $_SESSION['editing'] = true; // first time through means we're editing $_SESSION['ae_init'] = true; $_SESSION['pidm'] = $GLOBALS['BannerIDM']->getIdentifier($_SESSION['username'], 'username', 'pidm'); if (IDMObject::authZ('permission', 'academic_excellence_admin')) { $_SESSION['user_type'] = 'admin'; } else { $gpa = $GLOBALS['BannerStudent']->getOverallGPA($_SESSION['pidm']); $_SESSION['gpa'] = $gpa['r_gpa']; unset($gpa); if ($_SESSION['username'] == 'ambackstrom') { $_SESSION['gpa'] = 3.5; // DEBUG: always let student through } // they're 'aestudent' only if their gpa qualifies if ($_SESSION['gpa'] < 3.5) { return; } $_SESSION['user_type'] = 'aestudent'; $name = $GLOBALS['BannerStudent']->getName($_SESSION['pidm']); $_SESSION['student']['full_name'] = sprintf('%s %s %s', $name['r_first_name'], $name['r_mi'], $name['r_last_name']); $_SESSION['student']['first_name'] = $name['r_first_name']; $_SESSION['student']['middle_name'] = $name['r_mi']; $_SESSION['student']['last_name'] = $name['r_last_name']; unset($name); $student = AEStudent::getStudentData($_SESSION['pidm'], $GLOBALS['TERM']); $_SESSION['student'] = array_merge($_SESSION['student'], $student); // (confirmed != -1) means that they have already submitted the form in a previous session if ($student['confirmed'] > -1) { $_SESSION['editing'] = false; } } }
<?php require dirname(dirname(__DIR__)) . '/legacy/git-bootstrap.php'; require_once 'autoload.php'; PSU::session_start(); require_once 'PSUWordPress.php'; $GLOBALS['BASE_URL'] = $GLOBALS['RELATIVE_URL'] = '/webapp/els'; $GLOBALS['BASE_DIR'] = __DIR__; $GLOBALS['UPLOAD_DIR'] = PSU::UPLOAD_DIR . $GLOBALS['BASE_URL']; $GLOBALS['TITLE'] = 'ELS Administration'; $GLOBALS['META_WEBAPP'] = 'webapp_els'; require_once $GLOBALS['BASE_DIR'] . '/includes/ELS.class.php'; IDMObject::authN(); if (!IDMObject::authZ('permission', 'els_admin')) { die('You do not have access to this application.'); }
$response['status'] = 'success'; $response['message'] = sprintf('%s "%s" was sucessfully added.', ucfirst($type), $attribute['attribute']); $name = $GLOBALS['BannerIDM']->getName($person->pidm, 'f,l'); list($response['first_name'], $response['last_name']) = explode(',', $name); $response['username'] = $person->username; $response['source'] = $attribute['source']; $response['pid'] = $person->pidm; $GLOBALS['ape']->log($person->pidm, $action, $action_status, $type, $log_attribute); } } elseif ($action == 'remove') { $id = $_REQUEST['id']; $role = $GLOBALS['BannerIDM']->getLog($id); if ($role['source'] !== $GLOBALS['IDM_SOURCE']) { throw new Exception(sprintf('That role was added via %s, and cannot be deleted through %s.', $role['source'], $GLOBALS['IDM_SOURCE'])); } if (!$global_attribute_admin && !IDMObject::authZ('admin', $role['attribute'])) { throw new Exception("You cannot administer the {$role['attribute']} attribute"); } $GLOBALS['BannerIDM']->removeAttribute($person->pidm, $id); list($type_id, $type) = $GLOBALS['BannerIDM']->any2type($role['type_id']); $log_attribute = $role['attribute']; $response['status'] = 'success'; $response['message'] = sprintf('%s "%s" has been removed.', ucfirst($type), $role['attribute']); $GLOBALS['ape']->log($person->pidm, $action, $action_status, $type, $log_attribute); } else { $GLOBALS['ape']->log($person->pidm, $action, $action_status, $type, $log_attribute); } } catch (Exception $e) { $response['message'] = $e->GetMessage() . ($e->GetCode() ? '(' . $e->GetCode() . ')' : ''); $GLOBALS['ape']->log($person->pidm, $action, $action_status, $type, $log_attribute); }
<?php // Generic response (don't force the trailing slash: this should catch any accidental laziness) respond('/?', function ($request, $response, $app) { // Let's create a session variable, so we know where to redirect back to $redirect_to = $request->param('redirect_to'); // Let's log the user out IDMObject::unauthN($redirect_to); }); // Let's create a success page respond('/logout-success/?', function ($request, $response, $app) { // Display the template $app->tpl->assign('show_page', 'logout-success'); $app->tpl->display('_wrapper.tpl'); }); // Let's create a cute little message page... so that PhoneGap users just see a flashing page respond('/logout-message/?', function ($request, $response, $app) { // Display the template $app->tpl->assign('show_page', 'logout-message'); $app->tpl->display('_wrapper.tpl'); });
<?php $person = new PSUPerson($_REQUEST['pidm']); $action = $_REQUEST['action']; $value = $_REQUEST['value']; if (!$person->pidm) { $person = new PSUPerson($_REQUEST['username']); } $logs = $GLOBALS['BannerIDM']->getLogs($person->pidm); $attribute_log = current(current($logs[$action])); if ($attribute_log['source'] == 'ape') { $log = $GLOBALS['BannerIDM']->getLog($attribute_log['origin_id']); if (IDMObject::authZ('admin', $log['attribute']) || IDMObject::authZ('permission', 'ape_attribute_admin')) { $GLOBALS['BannerIDM']->setAttribute($person->pidm, $action, $value, 'ape', false, 'parent_id=' . $attribute_log['parent_id'] . '&origin_id=' . $attribute_log['origin_id']); } } //end if // bail here if request was javascript if (isset($_GET['method']) && $_GET['method'] == 'js') { header('Content-type: text/javascript'); $response['pidm'] = $person->pidm; $response['type'] = $type; $response['attribute'] = $log_attribute; die($value); } PSUHTML::redirect($GLOBALS['BASE_URL'] . '/user/' . $person->pidm);
<?php PSU::get()->banner = PSU::db('psc1'); respond('/?', function ($request, $response, $app) { $ecommerce_running = shell_exec('ps ef | grep ecommerce_process.php | grep -v grep'); if ($ecommerce_running) { $_SESSION['messages'][] = 'The ECommerce processing script is currently running. Reload to check the status.'; $app->tpl->assign('ecommerce_processing', true); } //end if $app->tpl->assign('ecommerce_pending_files', \PSU\Ecommerce::pending_files()); $app->tpl->assign('ecommerce_pending', \PSU\Ecommerce::pending()); $app->tpl->assign('ecommerce_files', \PSU\Ecommerce::file_info()); $app->tpl->assign('ecommerce_report', \PSU\Ecommerce::report()); $app->tpl->display('ecommerce.tpl'); }); respond('/process', function ($request, $response, $app) { $user = PSU::isDev() ? 'nrporter' : 'webguru'; if (PSU::isDev() && !IDMObject::authN('mis')) { return; } //end if $command = '~' . $user . '/scripts/ecommerce_process.php --instance=' . strtolower(PSU::db('banner')->database) . ' &'; exec($command); $_SESSION['successes'][] = 'The ECommerce processing script has begun. Please check back shortly.'; PSU::redirect($GLOBALS['BASE_URL']); });
$pdf->SetFillColor(5, 66, 6); $pdf->SetTextColor(255, 255, 255); $fill = true; $pdf->SetFont('Arial', '', 13); $pdf->Cell(190, 7, 'Employee Clearance Checklist for ' . $person->formatName('f m l'), 0, 1, 'C', $fill); $pdf->SetFont('Arial', '', 10); $pdf->Cell(190, 6, 'Username: '******'C', $fill); $pdf->setTextColor(5, 66, 6); $pdf->ln(5); $checklist_items = array(); $categories = array(); $checklist = HRChecklist::get($person->pidm, $list); $categories = HRChecklist::categories($checklist['type']); $checklist_id = HRChecklist::get($person->pidm, $list, 'id'); $closed = HRChecklist::meta_exists($checklist_id, 'closed', 1); if (IDMObject::authZ('permission', 'ape_checklist_employee_exit_hr')) { if ($_POST['checklist_closed'] && !$closed) { HRChecklist::add_meta($checklist_id, 'closed', 1); HRChecklist::toggle_checklist($checklist_id, $_REQUEST['identifier'], true); HRChecklist::add_meta($checklist_id, 'closed_marked_by', $_SESSION['pidm']); } elseif (!$_POST['checklist_closed'] && $closed) { HRChecklist::add_meta($checklist_id, 'closed', 0); HRChecklist::toggle_checklist($checklist_id, $_REQUEST['identifier'], false); HRChecklist::add_meta($checklist_id, 'closed_marked_by', $_SESSION['pidm']); } //end elseif } //end if $closed_person = HRChecklist::get_meta($checklist['id'], 'closed_marked_by', 1); $closed_person = $closed_person['meta_value']; if ($closed_person) {
<?php /** * reset the expiration date on person_phone so that they are prompted to sign up with and re-confirm mobile number when logging into myPlymouth */ try { // can the user perform this action? if (!IDMObject::authZ('permission', 'mis') && !APEAuthZ::infodesk()) { throw new Exception('You are not authorized to reset emergency phone information.'); } // end if // did we get all the needed data? if (!isset($_GET['wp_id'])) { throw new Exception('wp_id was missing in request.'); } // end if $person = PSUPerson::get($_GET['wp_id']); if ($ok = $person->emergency_phone->unconfirm()) { $GLOBALS['LOG']->write('Emergency phone reset', $_GET['wp_id']); $response['message'] = 'Emergency number reset. They will be prompted to confirm on next login (assuming they are a student/employee)'; $response['status'] = 'success'; } else { throw new Exception('Error resetting: ' . $ok); } // end else } catch (Exception $e) { $response['message'] = $e->getMessage(); } // end catch // // ajax requests end here
/** * redirects if not admin */ private function _force_admin() { if (!IDMObject::authZ('role', 'myplymouth')) { $_SESSION['errors'][] = 'You are not allowed to view the MyPlymouth administration interface.'; PSU::redirect($GLOBALS['BASE_URL']); } //end if }
/** * Convenience function to test if the user can administer this role. * * @param $role \b array an associative array of the role data */ function canAdminRole($role = null) { // can't admin attributes if (!IDMObject::authZ('permission', 'ape_attribute_admin')) { return false; } // wasn't a role-specific query, user is allowed if ($role == null) { return true; } // allowed to edit this role? if ($role['origin_id'] == null && $role['source'] == $GLOBALS['IDM_SOURCE']) { return true; } return false; }
}); respond('/?', function ($request, $response, $app) { $contracts = new PSU\AR\PaymentPlan\Feed\Contracts(10); $disbursements = new PSU\AR\PaymentPlan\Feed\Disbursements(4); $app->tpl->assign('date_format', '%b %e @ %l:%M %P'); $app->tpl->assign('contracts', $contracts); $app->tpl->assign('disbursements', $disbursements); $app->tpl->display('payment-plans.tpl'); }); respond('/process/[contract|disbursement:script]', function ($request, $response, $app) { $script = $request->script; if ($app->running[$script]) { PSU::redirect($GLOBALS['BASE_URL'] . '/payment-plans'); } //end if $user = PSU::isDev() ? 'nrporter' : 'webguru'; if (PSU::isDev() && !IDMObject::authZ('permission', 'mis')) { $_SESSION['errors'][] = 'Only MIS can run this script in development'; PSU::redirect($GLOBALS['BASE_URL'] . '/payment-plans'); } //end if if ('contract' == $script) { $command = '/usr/local/bin/php ~' . $user . '/scripts/payment_plan_' . $script . '.php -i ' . strtolower(PSU::db('banner')->database) . ' &'; } else { $command = '/usr/local/bin/php ~' . $user . '/scripts/payment_plan_' . $script . '.php --instance=' . strtolower(PSU::db('banner')->database) . ' &'; } //end else exec($command); $_SESSION['successes'][] = 'The Payment Plan ' . ucwords($script) . ' processing script has begun. Please check back shortly.'; PSU::redirect($GLOBALS['BASE_URL'] . '/payment-plans'); });
/** * Return true if current user is a portal admin, false if not */ public function is_admin() { return IDMObject::authZ('role', 'myplymouth'); }
$GLOBALS['USER_DB'] = PSUDatabase::connect('mysql/user_info-admin'); //$GLOBALS['EPO'] = PSUDatabase::connect('mssql/epo_mercury'); $GLOBALS['ASTER'] = PSUDatabase::connect('mysql/aster-misuser'); $GLOBALS['MYPLYMOUTH'] = PSUDatabase::connect('mysql/myplymouth'); /*******************[End Database Connections]*****************/ // which portal we are working in, for now there is only one, and we hardcode it! $GLOBALS['Workflow'] = new Workflow(); $GLOBALS['BannerGeneral'] = new BannerGeneral($GLOBALS['BANNER']); $GLOBALS['BannerStudent'] = new BannerStudent($GLOBALS['BANNER']); $GLOBALS['PWMAN'] = new PasswordManager($GLOBALS['MYPLYMOUTH'], $_ = false, $GLOBALS['USER_DB']); $GLOBALS['LOG'] = new PSULog('ape', $_SESSION['username']); $GLOBALS['ZimbraAdmin'] = new zimbraAdmin(); /*******************[Authorization Stuff]*****************/ $GLOBALS['user_roles'] = PSU::get('idmobject')->getAllBannerRoles($_SESSION['username']); $path_parts = pathinfo($_SERVER['SCRIPT_FILENAME']); if (!IDMObject::authZ('role', 'staff') && !IDMObject::authZ('role', 'ape') && !APEAuthZ::infodesk() && !APEAuthZ::family() && !APEAuthZ::student() && !APEAuthZ::advancement() && !$_SESSION['impersonate']) { echo 'You (' . $_SESSION['username'] . ') do not have access to use this application. If ' . $_SESSION['username'] . ' is not your username, please log in to <a href="http://go.plymouth.edu/logout">myPlymouth</a> and try again.'; exit; } //end if /*******************[End Authorization Stuff]*****************/ if ($_GET['mobile']) { $_SESSION['psu_mobile'] = true; } elseif ($_GET['nomobile']) { $_SESSION['psu_mobile'] = false; } //end else $GLOBALS['myuser'] = new PSUPerson($_SESSION['username']); // first-time init. of error and message vars if (!isset($_SESSION['errors'])) { $_SESSION['errors'] = $_SESSION['messages'] = array();
throw new Exception('An identity confirmation must be provided.'); } if (!$GLOBALS['ape']->canResetPassword()) { $GLOBALS['LOG']->write('Password Reset Attempt Failed: Not authorized to reset passwords.', $username); throw new Exception('You are not allowed to perform password resets (missing role, or not in IP whitelist).'); } if (!$username) { throw new Exception('Username missing from password reset request.'); } $person = new PSUPerson($username); if (!$reason && ($ssn != substr($person->ssn, -4) || $dob != $person->birth_date)) { $GLOBALS['LOG']->write('Password Reset Attempt Failed: invalid DOB & SSN portion provided.', $username); throw new Exception('The identity verification failed. Either the last 4 of the SSN OR the Date of Birth did not match.'); } //end if if ($reason && !IDMObject::authZ('permission', 'ape_pw')) { throw new Exception('You are not allowed to perform password resets without the last 4 of the SSN and Birth Date.'); } //end if if (!$reason) { $reason = 'Private Data Provided and Verified'; } //end if list($username, $password) = $GLOBALS['PWMAN']->defaultCredentials($username); $GLOBALS['PWMAN']->setPassword($username, $password); $GLOBALS['PWMAN']->expire($username, 'reset'); $GLOBALS['LOG']->write('Resetting password: '******'Password Reset', 'Reset password.', array('call_status' => 'closed'))) { $message .= ' Ticket #<a href="http://go.plymouth.edu/log/' . $call_id . '">' . $call_id . '</a> has been logged.'; }
<?php /** * Save changes to hardware from hardware.html. */ if (!IDMObject::authZ('permission', 'ape_hardware')) { die('You do not have hardware privileges.'); } $pidm = (int) $_GET['pidm']; $id = (int) $_GET['id']; $person = new PSUPerson($pidm); $person->hardware->deleteHardware($id); PSUHTML::redirect($BASE_URL . '/hardware/u/' . $person->username);
// Iterate all valid document roots, looking for this file foreach ($valid_roots as $root) { if ($fullpath = realpath($root . '/' . $path)) { if (substr($fullpath, 0, strlen($root) + 1) === $root . '/') { break; } } $fullpath = false; } // Production currently specifies "RewriteCond %{REQUEST_FILENAME} -f", so // in theory we won't reach this line of code. if (false == $fullpath || !is_file($fullpath)) { header('HTTP/1.1 404 Not Found'); exit('File not found error (' . $path . ')'); } $user = IDMObject::authN(); $fullpath_dir = dirname($fullpath); // Find path to our "secure" directory if ('/secure' === substr($fullpath_dir, -7)) { $secure_dir = $fullpath_dir; } else { $parts = explode('/', $fullpath_dir); while ('secure' !== array_pop($parts)) { if (0 === count($parts)) { break; } } $secure_dir = implode('/', $parts) . '/secure'; } // Examine optional .htrole if (file_exists($htrole = $secure_dir . '/.htrole')) {
<?php // TODO: move the functionality in this file into an API // // action page for deleting windows profiles (vista roaming or terminal services) // $response = array('status' => 'error', 'message' => null); try { // can the user perform this action? if (!IDMObject::authZ('permission', 'ape_profilereset')) { throw new Exception('You are not authorized to reset profiles.'); } // did we get all the needed data? if (!isset($_GET['username']) || !isset($_GET['profile'])) { throw new Exception('Username or profile type was missing in request.'); } $args = array('username' => $_GET['username'], 'profile' => $_GET['profile'] == 0 ? 0 : 1); // validate the username $pidm = $GLOBALS['BannerIDM']->getIdentifier($args['username'], 'username', 'pid'); if ($pidm === false) { throw new Exception('An invalid username was specified (pidm not found).'); } // // everything's good, insert the record // $systems = PSUDatabase::connect('mysql/systems'); $sql = "INSERT INTO profile_reset (uname, profile) VALUES (?, ?)"; $systems->Execute($sql, $args); $profile_type = $args['profile'] == 0 ? 'Vista roaming' : 'Terminal Services'; $GLOBALS['LOG']->write('Profile reset (' . $profile_type . ')', $args['username']); $response['message'] = sprintf("%s profile queued for deletion, this may take up to three minutes.", $profile_type);
/** * displays a ticket's public updates */ public function ticket($ticket) { IDMObject::authN(); $sql = "SELECT *,\n\t\t\t\t\t\t\t\t\t CONCAT(date_assigned, ' ', time_assigned) update_date\n\t\t\t FROM call_history\n\t\t\t\t\t\t WHERE call_id = ?\n AND (updated_by = ?\n\t\t\t\t\t\t OR\n\t\t\t\t\t\t tlc_assigned_to = ?\n\t\t\t\t\t\t\t\t\t\tOR\n\t\t\t\t\t\t\t\t\t\tupdated_by = ?\n\t\t\t\t\t\t\t\t\t\tOR\n\t\t\t\t\t\t\t\t\t\ttlc_assigned_to = ?\n\t\t\t\t\t\t\t\t\t )\n\t\t\t\t\t\t ORDER BY date_assigned, time_assigned"; $args = array($ticket, $this->myuser->login_name, $this->myuser->login_name, $this->myuser->wp_id, $this->myuser->wp_id); $details = PSU::db('calllog')->GetAll($sql, $args); foreach ($details as &$detail) { $p = new PSUPerson($detail['updated_by']); $detail['updated_by_name'] = $p->wp_id == $_SESSION['wp_id'] ? 'You' : $p->formatName('f'); $p->destroy(); unset($p); } //end foreach $sql = "SELECT call_status\n\t\t\t FROM call_history\n\t\t\t\t\t\t WHERE call_id = ? AND current = 1"; $args = array($ticket); $this->tpl->assign('call_status', PSU::db('calllog')->GetOne($sql, $args)); $this->tpl->assign('details', $details); $this->tpl->assign('ticket', $ticket); $tpl = new PSUSmarty(); $tpl->assign('hide_checklist', true); $tpl->assign('details_title', 'Update Ticket'); $form = $tpl->fetch(PSU_BASE_DIR . '/webapp/calllog/templates/ticket_form.tpl'); $this->tpl->assign('form', $form); $this->tpl->display('ticket.tpl'); }
exit; } // Local Includes $GLOBALS['LOCAL_INCLUDES'] = $GLOBALS['BASE_DIR'] . '/includes'; $GLOBALS['TEMPORARY_FILES'] = '/web/temp'; // Directory to hold Smarty's compiled templates $GLOBALS['SMARTY_COMPILE'] = $GLOBALS['TEMPORARY_FILES'] . '/phonebook'; if (!is_writable($GLOBALS['SMARTY_COMPILE'])) { mkdir($GLOBALS['SMARTY_COMPILE'], 0700); } /*******************[End Site Constants]*******************/ $GLOBALS['TITLE'] = 'Public Directory'; /*******************[Authorization]*****************/ $can_see_images = false; if ($_SESSION['pidm']) { /**** TODO: make this based off of APE *****/ $GLOBALS['BANNER'] = PSUDatabase::connect('oracle/psc1_psu/fixcase'); if (IDMObject::authZ('department', 'University Police')) { $can_see_images = true; } //end if /**** END TODO: make this based off of APE *****/ IDMObject::loadAuthZ($_SESSION['pidm']); if (IDMObject::authZ('permission', 'view_idcard_images')) { $can_see_images = true; } //end if } //end if /*******************[End Authorization]*****************/ $tpl = new PSUTemplate();
public static function visit_plymouth_state() { return IDMObject::authZ('banner', 'ug_app') && !IDMObject::authZ('banner', 'ug_app_denied'); }
<?php try { if (!IDMObject::authZ('permission', 'ape_wp_email_reset')) { throw new Exception('You are not authorized to reset profiles.'); } require_once '/web/connect.plymouth.edu/wp-includes/registration.php'; $person = new PSUPerson($_GET['identifier']); if (!$person->pidm) { throw new Exception('Could not load person for pidm: ' . $_GET['pidm']); } //end if $user = get_userdatabypidm($person->pidm); update_usermeta($user->ID, 'psuname', $person->login_name); delete_usermeta($user->ID, 'ac_pwreset'); $response['message'] = 'WP psuname has been synched.'; $email = trim($_GET['email']); if ($email) { if ($_GET['type'] == 'primary') { $user_data = array('ID' => $user->ID, 'user_email' => $email); $which = "Email"; $old_email = $user->user_email; $result = wp_update_user((array) $user_data); } else { $which = "Alt. email"; $old_email = $user->email_alt; $result = update_usermeta($user->ID, 'email_alt', $email); } if ($result) { $response['message'] .= sprintf(' %s changed from "%s" to "%s"', $which, $old_email, $email); }
<?php /** * Utility script to dump email addresses for every portal user who * has done some customization. Currently, this includes adding a * relationship and modifying the layout. * * Append ?simple=1 to URL to hide names. */ require __DIR__ . '/init.php'; require_once 'autoload.php'; IDMObject::authN(); if (!IDMObject::authZ('role', 'myplymouth')) { die('no access'); } echo '<pre>'; PSU::get()->portal = PSU::db('portal_dev'); $sql = "SELECT DISTINCT wpid1 FROM relsearch WHERE substr(wpid1, 1, 1) <> 't'"; $wpids = PSU::db('portal')->GetCol($sql); $sql = "SELECT DISTINCT wp_id FROM usertabs WHERE wp_id != 0 AND substr(wp_id, 1, 1) <> 't'"; $wpids2 = PSU::db('portal')->GetCol($sql); $wpids = array_merge($wpids, $wpids2); $wpids = array_unique($wpids); sort($wpids); if (!$_GET['simple']) { echo "// append ?simple=1 to url to hide names\n\n"; } foreach ($wpids as $wpid) { $p = new PSUPerson($wpid); if ($_GET['simple'] == 1) { if ($p->wp_email) {
<?php require_once 'autoload.php'; PSU::session_start(); // force ssl + start a session $GLOBALS['BASE_URL'] = '/webapp/mobile-notifications'; $GLOBALS['BASE_DIR'] = __DIR__; $GLOBALS['TITLE'] = 'PSU Mobile Notifications'; $GLOBALS['TEMPLATES'] = $GLOBALS['BASE_DIR'] . '/templates'; $GLOBALS['EMERGENCY_GROUP'] = 8306124; require_once 'klein/klein.php'; if (file_exists($GLOBALS['BASE_DIR'] . '/debug.php')) { include $GLOBALS['BASE_DIR'] . '/debug.php'; } IDMObject::authN(); /** * Routing provided by klein.php (https://github.com/chriso/klein.php) * Make some objects available elsewhere. */ respond(function ($request, $response, $app) { // initialize the template $app->tpl = new PSUTemplate(); // get the logged in user $app->user = PSUPerson::get($_SESSION['wp_id']); $app->groups = array(); // assign user to template $app->tpl->assign('user', $app->user); $app->config = new PSU\Config(); $app->config->load(); if ('Registered and confirmed' == $app->user->rave_state) { $rave_user = \PSU\Rave\User::get($app->user->wpid);
<?php header('Content-type: application/json'); $idm = new IDMObject($GLOBALS['BANNER']); if (isset($_GET['attribute'])) { $attribute = $_GET['attribute']; $children = $idm->getChildAttributes($attribute); $attributes = array(); foreach ($children as $type) { $attributes = array_merge($attributes, array_keys($type)); } } else { $roles = $idm->getRoles(); $attributes = array(); foreach ($roles as &$role) { $attributes[] = $role['attribute']; } } echo json_encode($attributes);
require_once 'BannerStudent.class.php'; //student class require_once 'PSUECommerce.class.php'; require_once 'PSUECommerceInterface.class.php'; require_once 'PSUECommerceTransaction.class.php'; require_once 'ecommerce/ETrans.class.php'; require_once 'channel.class.php'; /*******************[End Common Includes]**********************/ /*******************[Local Includes]**********************/ require_once $GLOBALS['LOCAL_INCLUDES'] . '/ECommerceSmarty.class.php'; /*******************[End Local Includes]**********************/ /*******************[Database Connections]*****************/ $which = 'test'; if ($_GET['which'] == 'psc1') { $which = 'psc1'; } elseif (preg_match('/https?\\:\\/\\/www\\./', $GLOBALS['BASE_URL']) && $_GET['which'] != 'test') { $which = 'psc1'; } //end else $GLOBALS['BANNER'] = PSUDatabase::connect('oracle/' . $which . '_psu/fixcase'); /*******************[End Database Connections]*****************/ $GLOBALS['BannerStudent'] = new BannerStudent($GLOBALS['BANNER']); $GLOBALS['BannerIDM'] = new IDMObject(); if (strchr($_SERVER['SCRIPT_NAME'], '/admin/')) { $_SESSION['username'] = IDMObject::authN(); if (!IDMObject::authZ('permission', 'mis')) { exit("You do not have sufficient permissions to view this page."); } //end if } //end if
/** * Return the SQL code used to target elements. */ public static function targetSQL(PSUPerson $person, $class) { $response = array('tables' => '', 'where' => array("(t.type = 'public' AND t.value = 'public')")); // don't use targeting if the global identifier is 0 (editing the default layout) if (!$GLOBALS['identifier']) { self::use_targeting(false); } //end if // should we show everything, regardless of targeting? if (!self::use_targeting() || IDMObject::authZ('role', 'myplymouth')) { $response['where'] = 'AND 1=1'; return $response; } // join with center table and targets table $response['tables'] = sprintf(' LEFT JOIN %3$s ON %1$s.id = %3$s.%2$s LEFT JOIN targets t ON %3$s.target_id = t.id ', self::dbstr($class, 'table'), self::dbstr($class, 'fk'), self::dbstr($class, 'targets')); foreach ($_SESSION['AUTHZ']['sql'] as $subtype => $in_sql) { $response['where'][] = sprintf("(t.type = 'authz' AND t.subtype = '%s' AND value IN %s)", $subtype, $in_sql); } if ($person->ad_rules_sql) { $response['where'][] = sprintf("(t.type = 'ad' AND value IN %s)", $person->ad_roles_sql); } if ($person->banner_roles_sql) { $response['where'][] = sprintf("(t.type = 'banner' AND value IN %s)", $person->banner_roles_sql); } $response['where'] = sprintf("AND (%s)", implode(' OR ', $response['where'])); return $response; }
<?php include_once '../common.php'; $GLOBALS['p_administrators'] = array('nrporter', 'lrwilcox'); /*******************[End Site Constants]*****************/ /*******************[Authentication Stuff]*****************/ if (!$_GET['hash']) { $_SESSION['username'] = IDMObject::authN(); if (!in_array($_SESSION['username'], $GLOBALS['p_administrators'])) { echo 'You do not have access to use this application'; exit; } //end if } //end if /*******************[End Authentication Stuff]*****************/
<?php require dirname(dirname(__DIR__)) . '/legacy/git-bootstrap.php'; require_once 'autoload.php'; PSU::session_start(); $GLOBALS['BASE_DIR'] = dirname(__FILE__); $GLOBALS['BASE_URL'] = '/webapp/cdn'; $GLOBALS['TEMPLATES'] = $GLOBALS['BASE_DIR'] . '/templates'; $GLOBALS['TITLE'] = 'CDN Manager'; require_once 'includes/CDNController.class.php'; require_once 'includes/CDNAPI.class.php'; IDMObject::authN(); if (!IDMObject::authZ('permission', 'web_developer')) { die('You don\'t have access to ski on the moon.'); } CDNController::delegate();