/**
* Constructor
*
* init superclass, create navigation
*/
function PageAdminPanel()
{
// MANDATORY SECURITY CHECK IN CONSTRUCTOR OF EACH PAGE
$rightsManager = RightsManager::getSingleton();
if (!$rightsManager->currentUserIsAllowedTo('administrate')) {
ErrorHandler::getSingleton()->standardError('PERMISSION_DENIED', basename($_SERVER['SCRIPT_NAME']));
}
$this->Page('Admin Panel');
$this->nav = new Navigation('admin-menu');
$this->nav->addEntry('return', 'return', Navigation::mainPageUrl());
}
/**
* Constructor: ONLY TO BE CALLED by factory method of Page::newPage(...)!
*
* init {@link $contactList}, and menu
* @param string $search DUMMY
* @param string $searchtype $_GET['type'] may be 'export' for CSV export of the result
* @param boolean $expand whether to expand entries or not
* @param integer $maxEntriesPerPage limit of entries (default = 0 which means unlimited)
*/
function PageProjectSearchList($search, $searchtype, $expand = false, $maxEntriesPerPage = 0)
{
$this->Page('Search List');
$this->expand = $expand;
$this->type = $searchtype;
$this->nav = new Navigation('options-menu');
//$this->nav->addEntry('expand','expand','../contact/searchlist.php?search=' . $search .
// '&type=' . $searchtype . '&expand=1');
$this->nav->addEntry('return', 'return', Navigation::mainPageUrl());
$this->contactList = new ContactList($this->createQuery());
$this->contactList->setEntriesPerPage($maxEntriesPerPage);
}
/** Returns previous page from the page stack or the mainPageUrl() (does not pop the stack) */
function previousPageUrl()
{
if (isset($_SESSION['pageUrlStack'])) {
$c = count($_SESSION['pageUrlStack']) - 2;
if ($c >= 0) {
$t = $_SESSION['pageUrlStack'][$c];
if ($t !== null) {
return $t;
}
}
}
return Navigation::mainPageUrl();
}
/**
* create the content of login page
* @return string html-content
* @global Options used to determine login message and whether to display register link
* @global ErrorHandler used for error handling
*/
function innerCreate()
{
global $options, $errorHandler, $CONFIG_TAB_SERVER_ROOT;
//$cont ='<div class="login-form"><img src="'.$CONFIG_TAB_SERVER_ROOT.'images/banner.png" class="tab-title" alt="The Address Book" />';
$cont = '<div class="login-form">';
if ($options->getOption('msgLogin') != '') {
$cont .= '<div class="login-message">' . $options->getOption('msgLogin') . '</div>';
}
$err = $errorHandler->getLastError('login');
if ($err) {
$cont .= '<div class="login-error">' . $err['cause'] . '</div>';
}
$redirect = !empty($this->redirect) ? '?redirect=' . $this->redirect : '';
$cont .= '<form method="post" action="' . $CONFIG_TAB_SERVER_ROOT . 'user/authorize.php' . $redirect . '">';
$cont .= <<<EOC
<div><label for="user_email">E-Mail</label></div>
<div><input type="text" name="user_email" id="user_email" size="40" /></div>
<br/>
<div><label for="user_password">Password</label></div>
<div><input type="password" name="user_password" id="user_password" size="40" /></div>
<br/>
<div><button type="submit">login</button></div>
</form>
<br/>
EOC;
if ($options->getOption('defaultloginaddress') != '') {
$cont .= '<script>document.getElementById(\'user_email\').value = "' . $options->getOption('defaultloginaddress') . '";document.getElementById(\'user_password\').focus();</script>';
}
$redirect = !empty($this->redirect) ? '&redirect=' . $this->redirect : '';
if ($options->getOption('lostpassword') != 0) {
$cont .= '<div class="login-register"><a href="' . $CONFIG_TAB_SERVER_ROOT . 'user/register.php?mode=lostpasswd' . $redirect . '">lost password</a></div>';
}
if ($options->getOption('allowUserReg') != 'no') {
$cont .= '<br/><div class="login-register"><a href="' . $CONFIG_TAB_SERVER_ROOT . 'user/register.php?mode=register">register</a></div>';
}
if ($options->getOption('requireLogin') != 1) {
$cont .= '<br/><div class="login-guest"><a href="' . Navigation::mainPageUrl() . '">enter as a guest</a></div>';
}
$cont .= '</div>';
return $cont;
}
/**
* Constructor: ONLY TO BE CALLED like this: Page::newPage(classname,$id,$add) factory method!!
*
* @param $idOrContact integer|Contact the id of the contact, or the contact that is to be edited
* @param $add boolean whether the contact is to be added or not (cannot be detected through {@link $id}, because a contact can be passed if an error occurs to preserve already inserted information)
* @global Options admin options
*/
function PageProjectContactEdit($idOrContact, $add = false)
{
global $options;
$this->counters = array();
$this->add = $add;
if ($idOrContact === null) {
$this->contact = Contact::newContact();
$this->add = TRUE;
} elseif (is_numeric($idOrContact)) {
$this->contact = Contact::newContact($idOrContact);
} else {
$this->contact =& $idOrContact;
}
if ($add) {
$this->Page('Add new entry');
} else {
$this->Page('Edit entry for <span>' . $this->contact->contact['firstname'] . ' ' . $this->contact->contact['lastname'] . '</span>');
}
$this->menu = new Navigation('edit-menu');
$this->menu->addEntry('save', 'save', 'javascript:saveEntry();');
if (isset($this->contact->contact['id'])) {
$this->menu->addEntry('cancel', 'cancel', '?id=' . $this->contact->contact['id']);
} else {
$this->menu->addEntry('cancel', 'cancel', Navigation::mainPageUrl());
}
if (!$this->add) {
$rightsManager = RightsManager::getSingleton();
if ($rightsManager->mayDeleteContact($this->contact)) {
$this->menu->addEntry('delete', 'delete', 'javascript:deleteEntry(' . $this->contact->contact['id'] . ');');
if ($_SESSION['user']->isAtLeast('admin') && $options->getOption('deleteTrashMode')) {
$this->menu->addEntry('trash', 'trash', '?mode=trash&id=' . $this->contact->contact['id']);
}
}
}
if ($_SESSION['user']->isAtLeast('admin')) {
// no putting on changed list
$this->menu->addEntry('adminsave', 'adminsave', 'javascript:adminsaveEntry();');
}
}
$flag = 'created';
}
$page = new PageRegister('confirm', $flag, isset($_GET['redirect']) ? $_GET['redirect'] : '');
echo $page->create();
exit;
} else {
// User#136 has set an error message; redisplay login page
$page = new PageLoginScreen(isset($_GET['redirect']) ? $_GET['redirect'] : '');
echo $page->create();
exit;
}
}
// DONE WE ARE LOGGED IN - REDIRECT TO REQUESTED PAGE
// we loose the session cookie here (not sent reliably), but it is unchanged from last time,
// so the browser will restore it with the next request automatically (if the redirect is to THIS site)
if (isset($_GET['redirect'])) {
header('Location: ' . $_GET['redirect']);
} else {
header('Location: ' . Navigation::mainPageUrl());
}
exit;
}
// FAILED LOGIN ... clear session variables
$f = 1 + $_SESSION['failedLoginAttempts'];
session_unset();
$_SESSION = array();
$_SESSION['failedLoginAttempts'] = $f;
}
// FAILED LOGIN redisplay login page
$page = new PageLoginScreen(isset($_GET['redirect']) ? $_GET['redirect'] : '');
echo $page->create();
function postEmail($eUser)
{
global $errorHandler;
if (isset($_POST['email'])) {
$eUser->setEmail(StringHelper::cleanGPC($_POST['email']));
if (($err = $errorHandler->getLastError('register')) || ($err = $errorHandler->getLastError('mail'))) {
break;
}
if ($eUser->id == $_SESSION['user']->id) {
$_SESSION['user'] = null;
header('Location:' . Navigation::mainPageUrl());
}
}
}
/**
* create page to show user, that his contact has been confirmed
* also show link to contact page
* @global ErrorHandler used to catch errors that occured
* @return string html-content
*/
function createConfirm()
{
global $errorHandler;
$cont = '<div class="login-form">';
$cont .= '<img class="tab-title" src="../images/banner.png" />';
switch ($this->flag) {
case 'found':
$cont .= '<div>Your contact-entry has already been found in the address book.</div>';
$cont .= '<div>Please check, if all data is correct by following this link:</div>';
$cont .= '<br/><div><a href="../contact/contact.php?id=' . $_SESSION['user']->contact['id'] . '">open my address-card</a></div>';
break;
case 'created':
$cont .= '<div>A contact-entry has been created for you.</div>';
$cont .= '<div>Please enter, all contact data: <a href="../contact/contact.php?id=' . $_SESSION['user']->contact['id'] . '&mode=edit">open my address-card</a></div>';
break;
case 'error':
($err = $errorHandler->getLastError('register')) || ($err = $errorHandler->getLastError('login'));
$cont .= '<div class="login-error">' . $err['cause'] . '</div>';
break;
case 'ok':
$cont .= '<div>Your email has been successfully confirmed.</div>';
$cont .= '<div>You can <a href="' . Navigation::mainPageUrl() . '">use</a> the application now.</div>';
break;
default:
$cont .= '<div class="login-message">Email verified. Please log in to confirm your account.</div>';
$cont .= '<form action="../user/register.php?mode=confirm" method="post">';
$cont .= '<input class="register-input" type="hidden" name="userid" value="' . $_GET['userid'] . '" />';
$cont .= '<input class="register-input" type="hidden" name="hash" value="' . $_GET['hash'] . '" />';
$cont .= '<br/><div><label class="register-label" for="email">email</label>';
$cont .= '<input class="register-input" type="text" name="email" id="email" size="40"/></div>';
$cont .= '<br/><div><label class="register-label" for="password">password</label>';
$cont .= '<input class="register-input" type="password" name="password" id="password" /></div>';
$cont .= '<br/><div><input class="register-input" type="submit" value="confirm" /></div>';
$cont .= '</form>';
break;
}
$cont .= '</div>';
return $cont;
}
/**
* create error page according to error that occured
* @return string html-content
*/
function innerCreate()
{
global $CONFIG_TAB_ROOT;
$cont = <<<EOC
<div class="error-box">
EOC;
switch ($this->error['type']) {
case 'db':
$cont .= '<div class="error-title">An error in the database occured:</div>';
$cont .= '<div class="error-body">' . $this->errorHandler->errorString() . '</div>';
$cont .= '<div class="error-body">NOTE: Developers (SVN repository users) will see development DB upgrades that run the same upgrade file multiple times. This may result in an error (Duplicate column name or similar) as soon as MySQL attempts a change that is already in the DB from the previous upgrade. This error should be ignored. The database should be at the newest version.</div>';
break;
case 'noLogin':
// DISABLED - REDIRECTS IMMEDIATELY TO LOGIN PAGE IN ErrorHandler
// DISABLED - REDIRECTS IMMEDIATELY TO LOGIN PAGE IN ErrorHandler
case 'denied':
// permission denied error
$cont .= '<div class="error-title">An error with your login occured:</div>';
$cont .= '<div class="error-body">' . $this->errorHandler->errorString() . '</div>';
break;
case 'adminLock':
$cont .= '<div class="error-title">Administrative Lock Active</div>';
$cont .= '<div class="error-body">This application is currently locked by an administrator because of database maintainance. You may not edit or delete any entries. Please retry later.</div>';
break;
case 'install':
$cont .= '<div class="error-title">During installation the following error occurred:</div>';
$cont .= '<div class="error-body">' . $this->errorHandler->errorString() . '</div>';
break;
case 'noFile':
$cont .= '<div class="error-title">File not found:</div>';
$cont .= '<div class="error-body">The file ' . $this->errorHandler->errorString() . ' could not be found.</div>';
break;
default:
$cont .= '<div class="error-title">The following error occurred:</div>';
$cont .= '<div class="error-body">' . $this->errorHandler->errorString() . '</div>';
break;
}
$cont .= '<div class="error-footer">If necessary, please press the BACK button on your browser to return to the previous screen and correct any possible mistakes. You can also try the following actions that might solve your problem:<ul>';
// not sure if we need this ...
// $cont .= '<li><a style="font-size:larger;" href="'.$_SERVER['PHP_SELF'].'">go back</a></li>';
$cont .= '<li><a style="font-size:larger;" href="' . Navigation::mainPageUrl() . '">default page</a></li>';
$cont .= '<li><a href="' . $CONFIG_TAB_ROOT . 'user/login.php?redirect=' . Navigation::mainPageUrl() . '">login</a></li>';
$cont .= '<li><a href="' . $CONFIG_TAB_ROOT . 'user/logout.php">logout</a></li>';
$cont .= '<li id="em0"><a href="#" onclick="Effect.SlideUp(\'em0\'); Effect.SlideDown(\'em1\'); Effect.SlideDown(\'em2\'); Effect.SlideDown(\'em3\'); Effect.SlideDown(\'em4\'); return false;">advanced</a></li>';
$cont .= '<li style="display:none" id="em1"><a href="' . $CONFIG_TAB_ROOT . 'lib/support/destroysession.php">destroy session (force logout)</a></li>';
// Cannot be moved to admin section. Authozization does not work.
$cont .= '<li style="display:none" id="em3"><a href="' . $CONFIG_TAB_ROOT . 'admin/upgrade.php">[upgrade database]</a></li>';
$cont .= '<li style="display:none" id="em2"><a href="' . $CONFIG_TAB_ROOT . 'admin/install.php">[install database]</a></li>';
// Avoid recursion from rightsManager if 'no user error' occurs!
if (isset($_SESSION['user'])) {
$rightsManager = RightsManager::getSingleton();
if ($rightsManager->currentUserIsAllowedTo('administrate')) {
$cont .= '<li style="display:none" id="em4"><a href="' . $CONFIG_TAB_ROOT . 'lib/support/phpinfo.php">[php info]</a></li>';
}
}
$cont .= '</ul><br/>If you still need help, or you believe this to be a bug, copy the calling URL from the browser <b>NOW</b> and then please notify ';
global $CONFIG_BUG_TRACK_LINK;
$cont .= isset($CONFIG_BUG_TRACK_LINK) ? $CONFIG_BUG_TRACK_LINK : '<a href="http://sourceforge.net/tracker/?atid=861161&group_id=172286&func=browse" target="_blank">Bug Tracker</a>.';
$cont .= '</div></div>';
return $cont;
}
