Exemplo n.º 1
0
 public function validate()
 {
     # Overloading validate method: http://programmers.stackexchange.com/a/274135
     list($old_field, $new_field, $confirm_field) = func_get_args();
     $user = User::current();
     $old_password = new PasswordValidator($this->request->post($old_field, ''), $user);
     $new_password = new PasswordValidator($this->request->post($new_field, ''), $user);
     $confirmation = new PasswordValidator($this->request->post($confirm_field, ''), $user);
     $this->fields = array($old_field => $old_password, $new_field => $new_password, $confirm_field => $confirmation);
     $old_password->validate_present();
     $new_password->validate_present();
     $confirmation->validate_present();
     if ($old_password->is_valid() && $new_password->is_valid()) {
         $old_password->authenticate_user_password();
         $new_password->validate_min_length();
         $new_password->validate_not_user_name();
         $this->validate_confirmation_match($new_field, $confirm_field);
     }
     if ($new_password->is_valid() && $confirmation->is_valid()) {
         $this->set_valid_field_value($new_field, $new_password->value);
         $this->set_valid_field_value($confirm_field, $confirmation->value);
     }
     $this->flatten_validator_errors();
     return $this->is_valid();
 }
Exemplo n.º 2
0
 public static function current()
 {
     if (self::$current !== '') {
         return self::$current;
     }
     return self::$current = ($id = Session::getData('user_id')) ? User::find_by_id($id) : null;
 }
Exemplo n.º 3
0
 public function action_index()
 {
     $id = intval($this->request->param('id'));
     $attachment = DB::select()->from('attachments')->where('id', '=', $id)->execute()->current();
     if (!preg_match('/^image\\/.*$/i', $attachment['mime']) || $attachment['folder'] == 'Signatures') {
         throw new HTTP_Exception_403('Forbidden');
     }
     $job = Database_Mongo::collection('jobs')->findOne(array('_id' => strval($attachment['job_id'])));
     if (!$job) {
         throw new HTTP_Exception_404('Not found');
     }
     if (!Group::current('show_all_jobs') && !in_array((int) User::current('company_id'), Arr::get($job, 'companies', array()), true) && !in_array((int) User::current('company_id'), Arr::get($job, 'ex', array()), true)) {
         throw new HTTP_Exception_403('Forbidden');
     }
     if (!file_exists(DOCROOT . 'storage/' . $id)) {
         throw new HTTP_Exception_404('Not found');
     }
     list(, $data) = explode(',', file_get_contents('php://input'), 2);
     $src = imagecreatefromstring(file_get_contents(DOCROOT . 'storage/' . $id));
     $image = imagecreatefromstring(base64_decode($data));
     imagealphablending($src, true);
     imagesavealpha($src, true);
     imagecopyresampled($src, $image, 0, 0, 0, 0, imagesx($src), imagesy($src), imagesx($image), imagesy($image));
     if ($attachment['mime'] == 'image/png') {
         imagepng($src, DOCROOT . 'storage/' . $id, 9);
     } else {
         imagejpeg($src, DOCROOT . 'storage/' . $id, 90);
     }
     if (file_exists(DOCROOT . 'storage/' . $id . '.thumb')) {
         unlink(DOCROOT . 'storage/' . $id . '.thumb');
     }
     imagedestroy($src);
     imagedestroy($image);
     die(json_encode(array('success' => true)));
 }
Exemplo n.º 4
0
 public function before()
 {
     parent::before();
     if (!User::current('is_admin')) {
         throw new HTTP_Exception_403('Forbidden');
     }
 }
Exemplo n.º 5
0
 public static function load_current_user(){
     if (!isset(self::$current) && !empty($_SESSION['userid'])) {
         self::$current = new User($_SESSION['userid']);
         Logger::debug('Loading current user ' . self::$current->username);
     }
     return true;
 }
Exemplo n.º 6
0
 public function handle()
 {
     #
     if ($this->is_console) {
         $this->params = $this->service->params;
         return $this->console();
     }
     # If not logged in, redirect to login page
     if (!User::is_logged_in()) {
         $this->t->flash('Please login to access that page.', 'warning');
         return $this->redirect('auth', 'login');
     }
     # Change password request
     if ($this->request->action_is('change-password')) {
         $form = new PasswordFormValidator($this->request);
         if ($form->validate('old-password', 'new-password', 'new-password-confirm')) {
             $user = User::current();
             $user->set_password($this->request->post('new-password'));
             if ($user->save()) {
                 $this->t->flash('Your password has been changed.', 'success');
             } else {
                 $this->t->flash('There was a problem saving your password.', 'danger');
             }
         } else {
             $this->t->data('form-validator', $form);
         }
         $content = $this->render_view('content');
     } else {
         $content = $this->render_view('content');
     }
     return $content;
 }
Exemplo n.º 7
0
 public function before()
 {
     if (!User::current()) {
         $this->redirect('/login');
     }
     $url = str_replace('.', '_', URL::base() . $this->request->uri());
     if (isset($_GET[$url])) {
         unset($_GET[$url]);
     }
     if (isset($_GET[$url . '/'])) {
         unset($_GET[$url . '/']);
     }
     if (Group::current('is_admin') || Group::current('show_all_jobs') && Group::current('allow_finance')) {
         Pager::$counts[] = 2500;
     }
     if (Arr::get($_GET, 'limit') && in_array($_GET['limit'], Pager::$counts)) {
         DB::update('users')->set(array('list_items' => intval($_GET['limit'])))->where('id', '=', User::current('id'))->execute();
         die(json_encode(array('success' => 'true')));
     }
     if (Arr::get($_GET, 'dismiss')) {
         DB::delete('notifications')->where('user_id', '=', User::current('id'))->and_where('id', '=', intval($_GET['dismiss']))->execute();
         die(json_encode(array('success' => 'true')));
     }
     if (!Group::current('allow_assign')) {
         Enums::$statuses[Enums::STATUS_UNALLOC] = 'Not active';
     }
     View::set_global('notifications', DB::select()->from('notifications')->where('user_id', '=', User::current('id'))->order_by('id', 'desc')->execute());
 }
Exemplo n.º 8
0
 public function action_fda()
 {
     $query = array();
     if (!Group::current('allow_assign')) {
         $query['$or'] = array(array('companies' => intval(User::current('company_id'))), array('ex' => intval(User::current('company_id'))));
     } else {
         if (Arr::get($_GET, 'company')) {
             $company = is_array($_GET['company']) ? $_GET['company'] : explode(',', $_GET['company']);
             $company = array_map('intval', $company);
             if (count($company) == 1) {
                 $company = array_shift($company);
             }
             $query['$or'] = array(array('companies' => is_array($company) ? array('$in' => $company) : $company), array('ex' => is_array($company) ? array('$in' => $company) : $company));
         }
         if (Arr::get($_GET, 'region')) {
             $query['region'] = strval($_GET['region']);
         }
     }
     if (Arr::get($_GET, 'fsam')) {
         $fsam = is_array($_GET['fsam']) ? array_map('strval', $_GET['fsam']) : explode(',', $_GET['fsam']);
         $query['data.13'] = count($fsam) == 1 ? array_shift($fsam) : array('$in' => $fsam);
     }
     $list = Database_Mongo::collection('jobs')->distinct('data.14', $query ?: NULL);
     sort($list);
     die(json_encode($list));
 }
Exemplo n.º 9
0
 public function testShouldReturnLoggedInUser()
 {
     $user = User::find_by_name('NeechyUser');
     $user->login();
     $this->assertInstanceOf('User', User::current());
     $this->assertEquals($user->field('name'), User::current('name'));
     $this->assertEquals($user->field('name'), User::current()->field('name'));
 }
Exemplo n.º 10
0
 public function login()
 {
     if (User::current() && User::current()->is_login()) {
         return redirect_message(array('admin'), array());
     } else {
         $this->load_view();
     }
 }
Exemplo n.º 11
0
 function test_current()
 {
     $user = User::$user;
     $u2 = User::current();
     $this->assertEquals($user, $u2);
     User::current($u2);
     $u3 = User::current();
     $this->assertEquals($user, $u3);
 }
 /**
  * Tests
  */
 public function testShouldRedirectUserWhenNotLoggedIn()
 {
     $request = new NeechyRequest();
     # Mock out redirect function (note: 3.7 syntax)
     $handler = $this->getMockBuilder('PasswordHandler')->setConstructorArgs(array($request))->setMethods(array('redirect'))->getMock();
     $handler->expects($this->any())->method('redirect')->will($this->returnValue('redirected'));
     $this->assertNull(User::current());
     $redirected = $handler->handle();
     $this->assertEquals('redirected', $redirected);
 }
Exemplo n.º 13
0
 public function action_delete()
 {
     if (!User::current('is_admin') && !Group::current('item_remove')) {
         throw new HTTP_Exception_403('Forbidden');
     }
     $id = $this->request->param('id');
     DB::delete('items')->where('id', '=', $id)->execute();
     Messages::save('Item was successfully deleted!', 'info');
     $this->redirect('/items');
 }
Exemplo n.º 14
0
 public function action_index()
 {
     $items = DB::select(DB::expr('COUNT(*) as cnt'), DB::expr('COALESCE(`status`, "unattached") as status'))->from('unit_items')->join('tasks', 'left')->on('task_id', '=', 'tasks.id')->group_by('status');
     if (!User::current('is_admin') && !Group::current('all_projects')) {
         $items->where('company_id', '=', User::current('company_id'));
     }
     $items = $items->execute()->as_array('status', 'cnt');
     $view = View::factory('Dashboard')->bind('items', $items);
     $this->response->body($view);
 }
Exemplo n.º 15
0
 public function action_index()
 {
     $id = $this->request->param('id');
     $location = Arr::get($_GET, 'location', '');
     $type = Arr::get($_GET, 'type', 'other');
     $title = Arr::get($_GET, 'title', 'other');
     $job = Database_Mongo::collection('jobs')->findOne(array('_id' => strval($id)));
     if (!$job) {
         throw new HTTP_Exception_404('Not found');
     }
     if (!Group::current('show_all_jobs') && !in_array((int) User::current('company_id'), Arr::get($job, 'companies', array()), true) && !in_array((int) User::current('company_id'), Arr::get($job, 'ex', array()), true)) {
         throw new HTTP_Exception_403('Forbidden');
     }
     switch ($type) {
         case 'photo-before':
             $type = 'Photos';
             $filename = $id . '.' . Arr::path($job, 'data.9') . '.' . Arr::path($job, 'data.14') . '.before.%NUM%';
             $title = '';
             break;
         case 'photo-after':
             $type = 'Photos';
             $filename = $id . '.' . Arr::path($job, 'data.9') . '.' . Arr::path($job, 'data.14') . '.after.%NUM%';
             $title = '';
             break;
         case 'jsa':
             $type = 'JSA-forms';
             $filename = $id . '.' . Arr::path($job, 'data.9') . '.' . Arr::path($job, 'data.14') . '.JSA.%NUM%';
             $title = '';
             break;
         case 'waiver':
             $type = 'Waiver';
             $filename = $id . '.' . Arr::path($job, 'data.9') . '.' . Arr::path($job, 'data.14') . '.Waiver.%NUM%';
             $title = '';
             break;
         case 'odtr':
             $title = '';
             $type = 'otdr-traces';
             $filename = '';
             break;
         default:
             $type = 'Other';
             $filename = '';
             break;
     }
     $number = DB::select('numbering')->from('attachments')->where('job_id', '=', $id)->and_where('folder', '=', $type)->order_by('numbering', 'desc')->limit(1)->execute()->get('numbering');
     $data = array('filename' => $filename, 'mime' => '', 'uploaded' => 0, 'user_id' => User::current('id'), 'job_id' => $id, 'folder' => $type, 'fda_id' => Arr::path($job, 'data.14'), 'address' => trim(preg_replace('/-{2,}/', '-', preg_replace('/[^0-9a-z\\-]/i', '-', Arr::path($job, 'data.8'))), '-'), 'title' => $title, 'numbering' => intval($number) + 1);
     $result = Arr::get(DB::insert('attachments', array_keys($data))->values(array_values($data))->execute(), 0);
     if (file_exists(DOCROOT . 'storage/' . $result)) {
         unlink(DOCROOT . 'storage/' . $result);
     }
     die(json_encode(array('success' => true, 'id' => $result)));
 }
Exemplo n.º 16
0
 public function action_boms()
 {
     $id = intval($this->request->param('id'));
     if (User::current('is_admin') || Group::current('allow_assign')) {
         $result = DB::select('bom_items.id', 'code', 'bom_items.name', 'estimated', array('uoms.name', 'uom'))->from('bom_items')->join('unit_boms', 'left')->on('bom_id', '=', 'bom_items.id')->on('unit_id', '=', DB::expr($id))->on('task_id', '=', DB::expr(0))->join('uoms', 'left')->on('uom', '=', 'uoms.id')->order_by('name', 'asc')->execute()->as_array();
     } else {
         $result = DB::select('bom_items.id', 'code', 'bom_items.name', DB::expr('0 as estimated'), array('uoms.name', 'uom'))->from('bom_items')->join('uoms', 'left')->on('uom', '=', 'uoms.id')->order_by('name', 'asc')->execute()->as_array();
     }
     $items = array();
     foreach ($result as $item) {
         $items[] = array('id' => intval($item['id']), 'code' => $item['code'], 'name' => $item['name'], 'avail' => floatval($item['estimated']), 'uom' => $item['uom'] ?: 'Unknown');
     }
     header('Content-type: application/json');
     die(json_encode($items));
 }
Exemplo n.º 17
0
 public function action_approve()
 {
     if (!Group::current('allow_assign')) {
         throw new HTTP_Exception_403('Forbidden');
     }
     $id = Arr::get($_GET, 'id');
     $submission = Database_Mongo::collection('submissions')->findOne(array('_id' => new MongoId($id)));
     if (!$submission || Arr::get($submission, 'active')) {
         throw new HTTP_Exception_404('Not found');
     }
     $job = Database_Mongo::collection('jobs')->findOne(array('_id' => $submission['job_key']));
     $value = Arr::get($job, $submission['key'], '');
     $update_time = time();
     if ($value != $submission['value']) {
         $archive = array('data' => array(substr($submission['key'], 5) => array('old_value' => $value, 'new_value' => $submission['value'])), 'fields' => substr($submission['key'], 5), 'job_key' => $job['_id'], 'user_id' => User::current('id'), 'update_time' => $update_time, 'update_type' => 2, 'filename' => 'MANUAL');
         $update = array('$set' => array('last_update' => $update_time));
         if ($submission['value']) {
             $update['$set'][$submission['key']] = $submission['value'];
         } else {
             $update['$unset'][$submission['key']] = 1;
         }
         if ($submission['key'] == 'data.44') {
             $status = preg_replace('/[^a-z]/', '', strtolower($submission['value']));
             if ($status == 'built' && !Arr::path($job, 'data.264')) {
                 $update['$set']['data.264'] = $update_time;
             }
             if ($status == 'tested' && !Arr::path($job, 'data.265')) {
                 $update['$set']['data.265'] = $update_time;
                 if (!Arr::path($job, 'data.264')) {
                     $update['$set']['data.264'] = $update_time;
                 }
             }
         }
         $company = intval(User::get($submission['user_id'], 'company_id'));
         $sub = array('$set' => array('admin_id' => User::current('id'), 'process_time' => $update_time, 'active' => -1));
         $financial = floatval(DB::select('financial')->from('job_columns')->where('id', '=', substr($submission['key'], 5))->execute()->get('financial'));
         if ($financial && !in_array($company, Arr::get($job, 'companies', array()), true)) {
             $sub['$set']['financial_time'] = 0;
         }
         Database_Mongo::collection('archive')->insert($archive);
         Database_Mongo::collection('jobs')->update(array('_id' => $job['_id']), $update);
         Database_Mongo::collection('submissions')->update(array('_id' => new MongoId($id)), $sub);
     }
     die(json_encode(array('success' => true)));
 }
Exemplo n.º 18
0
 private function _set_current_user()
 {
     if (User::$current !== null) {
         return;
     }
     // already set
     if (false === ($uid = Session::read('_user_id'))) {
         // no user
         User::$current = false;
         return;
     }
     // TODO auth by token
     $user = User()->find_by_id($uid, array('limit' => 1));
     User::$current = empty($user) ? false : $user[0];
     // if we've got a user, touch timestamps
     if (User::$current) {
         User::$current->touch_last_request();
     }
 }
Exemplo n.º 19
0
 /**
  * Devuelve true si el usuario actual tiene acceso a la URL $url
  *
  * @param string $url
  * @return boolean
  */
 public static function open_url($url)
 {
     list($controller, $action, $type) = controller_action($url);
     switch ($controller) {
         case 'admin':
             $result = acl('p:Admin');
             break;
         case 'profile':
             $result = User::current() instanceof User;
             break;
         case 'special':
             $result = acl('p:Special');
             break;
         default:
             $result = true;
             break;
     }
     return $result;
 }
Exemplo n.º 20
0
 public function before()
 {
     if (!User::current()) {
         $this->redirect('/login');
     }
     $url = str_replace('.', '_', URL::base() . $this->request->uri());
     if (isset($_GET[$url])) {
         unset($_GET[$url]);
     }
     if (isset($_GET[$url . '/'])) {
         unset($_GET[$url . '/']);
     }
     if (Arr::get($_GET, 'limit') && in_array($_GET['limit'], Pager::$counts)) {
         DB::update('users')->set(array('list_items' => intval($_GET['limit'])))->where('id', '=', User::current('id'))->execute();
         die(json_encode(array('success' => 'true')));
     }
     if (Arr::get($_GET, 'dismiss')) {
         DB::delete('notifications')->where('user_id', '=', User::current('id'))->and_where('id', '=', intval($_GET['dismiss']))->execute();
         die(json_encode(array('success' => 'true')));
     }
     View::set_global('notifications', DB::select()->from('notifications')->where('user_id', '=', User::current('id'))->order_by('id', 'desc')->execute());
 }
Exemplo n.º 21
0
 public function pages($do = '', $id = '')
 {
     $data = ['heading' => 'Administrasi: Halaman'];
     switch ($do) {
         case 'form':
             if (post('submit')) {
                 $data = ['id_pengguna' => User::current('id'), 'tgl_input' => date('Y-m-d'), 'judul' => post('judul'), 'alias' => post('alias'), 'konten' => post('konten', false)];
                 $data['konten'] = str_replace(['<br>', '<br/>'], '', $data['konten']);
                 if (Page::save($data, $id)) {
                     if ($id) {
                         set_alert('success', 'Halaman <b>' . $data['judul'] . '</b> berhasil diperbarui');
                     } else {
                         set_alert('success', 'Halaman <b>' . $data['judul'] . '</b> berhasil dibuat');
                     }
                     return redirect('admin/pages');
                 }
                 set_alert('error', 'Terjadi kesalahan dalam penyimpanan halaman <b>' . $data['judul'] . '</b>');
                 return redirect($this->uri->path());
             }
             if ($id) {
                 $data['data'] = Page::show([Page::primary() => $id])->fetchOne();
             }
             return $this->render('page-form', $data);
             break;
         case 'delete':
             if (Page::del([Page::primary() => $id])) {
                 set_alert('success', 'Halaman berhasil terhapus');
             } else {
                 set_alert('error', 'Terjadi kesalahan dalam penghapusan halaman');
             }
             return redirect('admin/pages');
             break;
         default:
             $data['data'] = Page::show();
             return $this->render('page-table', $data);
             break;
     }
 }
Exemplo n.º 22
0
 public function __construct()
 {
     parent::__construct();
     if (!(User::current() && User::current()->is_login())) {
         Session::setData('_flash_message', '', true);
         return redirect_message(array('login'), array('_flash_message' => '請先登入,或者您沒有後台權限!'));
     }
     $class = $this->get_class();
     $method = $this->get_method();
     $menus_list = array_map(function ($menus) use($class, $method, &$has_active) {
         return array_map(function ($item) use($class, $method, &$has_active) {
             $has_active |= $a = isset($item['class']) && $item['class'] && $class == $item['class'] && (isset($item['method']) && $item['method']) && $method == $item['method'] || isset($item['class']) && $item['class'] && $class == $item['class'] && !(isset($item['method']) && $item['method']) || !(isset($item['class']) && $item['class']) && (isset($item['method']) && $item['method']) && $method == $item['method'];
             return array_merge($item, array('active' => $a));
         }, $menus);
     }, array_filter(array_map(function ($group) {
         return array_filter($group, function ($item) {
             return User::current()->in_roles($item['roles']);
         });
     }, Cfg::setting('menu', 'admin'))));
     if (!$has_active) {
         return redirect_message(array('admin'), array('_flash_message' => '您沒有此頁面的管理權限。'));
     }
     $this->set_componemt_path('component', 'admin')->set_frame_path('frame', 'admin')->set_content_path('content', 'admin')->set_public_path('public')->set_title(Cfg::setting('site', 'admin', 'title'))->_add_meta()->_add_css()->_add_js()->add_param('_menus_list', $menus_list);
 }
Exemplo n.º 23
0
 public function controller_init($args)
 {
     $vars["user"] = User::current();
     return $this->GetComponentResponse("./init.tpl", $vars);
 }
Exemplo n.º 24
0
    ?>
				</tr>
				<tr class="pk_cevent_<?php 
    echo $cevent->id;
    ?>
 <?php 
    echo $cevent->visible ? '' : 'b_event_hidden';
    ?>
">
					<th class="js_locale_dates"><?php 
    echo $cevent->date;
    ?>
</th>
					<th>
						<?php 
    if (User::current() && User::current()->is_admin) {
        ?>
							<a class="btn btn-default btn-sm" data-toggle="modal" data-target="#w_event_setting"
								data-pk="<?php 
        echo $cevent->id;
        ?>
"
								data-label="<?php 
        echo $cevent->team_home;
        ?>
 - <?php 
        echo $cevent->team_away;
        ?>
" 
								data-event_date="<?php 
        echo $cevent->date;
Exemplo n.º 25
0
Arquivo: User.php Projeto: hqd276/bigs
<?
User::$current = new User();
class User
{
    var $groups = array(), $privilege = array(), $data = array('id' => '0', 'email' => '', 'user_name' => 'guest');
    static $current = false, $permits = '', $permit_cats = '', $user_lock = 0;
    const TBL_NAME = 'account';

    function User()
    {
        if (!isset($_SESSION['user_id'])) {
            $_SESSION['user_id'] = 0;
        }
        if ($_SESSION['user_id']) {
            $user = User::getUser((int)$_SESSION['user_id']);

            if ($user && (!USER_ACTIVE_ON || (USER_ACTIVE_ON && $user['is_active'] == 0))) {
                $this->groups = User::get_groups($user['gids']);

                if (!self::checkLock4Ever(true)) {
                    if (!isset($this->groups[1]) && !isset($this->groups[2]) && $_SESSION['user_id'] != 4 && (trim($user['user_name']) == '' || $user['block_time'] > TIME_NOW || $user['block_time'] == -1)) {
                        self::$user_lock = 1;

                        if ($user['block_time'] == -1) { //Khoá vĩnh viễn
                            $acc_lock = DB::select('acc_lock', 'user_id=' . $user['id'] . ' AND type IN(1,3) ORDER BY id DESC', __LINE__ . __FILE__);

                            if ($acc_lock) {
                                if ($acc_lock['type'] == 3) { //Khoá cookie
                                    self::lock4Ever(true, $user['id']);
                                }
                            }
function set_current_user()
{
    $AnonymousUser = array('id' => null, 'level' => 0, 'name' => "Anonymous", 'pretty_name' => "Anonymous", 'is_anonymous' => true, 'show_samples' => true, 'has_avatar' => false, 'language' => '', 'secondary_languages' => '', 'secondary_language_array' => array(), 'ip_addr' => $_SERVER['REMOTE_ADDR'], 'pool_browse_mode' => 1);
    // if(!empty(User::$current)) {
    if (!empty($_SESSION[CONFIG::app_name]['user_id'])) {
        User::$current = User::find($_SESSION[CONFIG::app_name]['user_id']);
    } elseif (isset($_COOKIE['login']) && isset($_COOKIE['pass_hash'])) {
        User::$current = User::authenticate_hash($_COOKIE['login'], $_COOKIE['pass_hash']);
    } elseif (isset(Request::$params->login) && isset(Request::$params->password_hash)) {
        User::$current = User::authenticate(Request::$params->login, Request::$params->password_hash);
    } elseif (isset(Request::$params->user['name']) && isset(Request::$params->user['password'])) {
        User::$current = User::authenticate(Request::$params->user['name'], Request::$params->user['password']);
    }
    // vde(User::$current);
    if (User::$current) {
        # TODO:
        // if(User::$current->is_blocked && User::$current->ban && User::$current->ban->expires_at < gmd()) {
        // User::$current->update_attribute(array('level'->CONFIG["starting_level"]));
        // Ban::destroy_all("user_id = #{@current_user.id}")
        // }
    } else {
        User::$current = User::create_from_array($AnonymousUser);
    }
    // User::$current = new User('from_array', $AnonymousUser);
    // vde(User::$current);
}
Exemplo n.º 27
0
 public static function limit()
 {
     return intval(User::current('list_items')) ?: self::$limit;
 }
Exemplo n.º 28
0
 public function action_index()
 {
     $id = intval($this->request->param('id'));
     $attachment = DB::select()->from('attachments')->where('id', '=', $id)->execute()->current();
     if (!$attachment) {
         throw new HTTP_Exception_404('Not found');
     }
     if (Arr::get($attachment, 'uploaded')) {
         throw new HTTP_Exception_403('Forbidden');
     }
     $job_id = Arr::get($attachment, 'job_id');
     $job = Database_Mongo::collection('jobs')->findOne(array('_id' => strval($job_id)));
     if (!$job) {
         throw new HTTP_Exception_404('Not found');
     }
     if (!Group::current('show_all_jobs') && !in_array((int) User::current('company_id'), Arr::get($job, 'companies', array()), true) && !in_array((int) User::current('company_id'), Arr::get($job, 'ex', array()), true)) {
         throw new HTTP_Exception_403('Forbidden');
     }
     if ($_FILES) {
         try {
             $file = Arr::get($_FILES, 'attachment', array());
             $file['name'] = trim(preg_replace('/-{2,}/', '-', preg_replace('/[^0-9a-z\\-\\.]/i', '-', Arr::get($file, 'name', ''))), '-');
             preg_match_all("/([0-9]+)/", Arr::get($_SERVER, 'HTTP_CONTENT_RANGE', ''), $matches);
             $range = Arr::get($matches, 0);
             $size = Arr::get($range, 2, filesize($file['tmp_name']));
             if (!is_uploaded_file($file['tmp_name'])) {
                 die(json_encode(array('attachment' => array('name' => $file['name'], 'size' => $size, 'error' => 'Error!'))));
             }
             $src = fopen($file['tmp_name'], 'r');
             $dest = fopen(DOCROOT . 'storage/' . $id, 'c');
             fseek($dest, Arr::get($range, 0, 0));
             $buf = fread($src, $size);
             fwrite($dest, $buf);
             fclose($dest);
             fclose($src);
             unlink($file['tmp_name']);
             if (!$range || Arr::get($range, 1) + 1 == Arr::get($range, 2)) {
                 $data = array('filename' => $file['name'], 'mime' => $file['type'], 'uploaded' => time());
                 if ($attachment['filename']) {
                     $data['filename'] = $attachment['filename'];
                     $pos = strrpos($file['name'], '.');
                     if ($pos !== false) {
                         $data['filename'] .= substr($file['name'], $pos);
                     }
                 } else {
                     $data['filename'] = ($attachment['folder'] == 'Other' ? $attachment['title'] : '') . $file['name'];
                 }
                 $data['filename'] = str_replace('%NUM%', $attachment['numbering'], $data['filename']);
                 Database::instance()->begin();
                 DB::update('attachments')->set($data)->where('id', '=', $id)->execute();
                 $filename = $data['filename'];
                 $data = array('user_id' => User::current('id'), 'job_id' => $attachment['job_id'], 'uploaded' => $data['uploaded'], 'location' => $attachment['location'], 'filename' => $attachment['folder'] . ' / ' . $attachment['fda_id'] . ' / ' . $attachment['address'] . ' / ' . $data['filename'], 'action' => 1);
                 DB::insert('upload_log', array_keys($data))->values(array_values($data))->execute();
                 Database::instance()->commit();
                 Database_Mongo::collection('jobs')->update(array('_id' => $attachment['job_id']), array('$unset' => array('downloaded' => 1), '$set' => array('last_update' => time())));
                 Messages::save("File " . $file['name'] . ' was successfully uploaded!', 'success');
                 $is_image = preg_match('/^image\\/.*$/i', $file['type']);
                 die(json_encode(array('attachment' => array('name' => $file['name'], 'size' => $size, 'content' => '<table><tr>' . (Group::current('allow_assign') ? '<td><a href="' . URL::base() . 'search/view/' . $id . '?delete=' . $id . '"
                             confirm="Do you really want to delete this attachment? This action can\'t be undone!!!"
                             class="text-danger glyphicon glyphicon-remove remove-link"></a></td>' : '') . '<td><div class="td-image-center">' . ($is_image ? '<img src="' . URL::base() . 'download/thumb/' . $id . '" alt="Thumbnail" />' : '<img src="http://stdicon.com/' . $file['type'] . '?size=96&default=http://stdicon.com/text" />') . '</div></td><td><a data-id="' . $id . '" class="' . ($is_image && $attachment['folder'] != 'Signatures' ? 'image-attachments' : '') . '" href="' . URL::base() . 'download/attachment/' . $id . '">' . HTML::chars($attachment['folder']) . '<br/>' . HTML::chars($attachment['fda_id']) . '<br/>' . HTML::chars($attachment['address']) . '<br/>' . HTML::chars($filename) . '</a><br/>
                             - Uploaded ' . date('d-m-Y H:i', $data['uploaded']) . ' by ' . User::current('login') . '</td></tr></table>', 'message' => Messages::render()))));
             }
         } catch (Exception $e) {
             die($e->getMessage());
         }
         die(json_encode(array('attachment' => array('name' => $file['name'], 'size' => $size))));
     }
     $view = View::factory("Jobs/UploadFile");
     $this->response->body($view);
 }
Exemplo n.º 29
0
 /**
  * Returns the current user
  *
  * @param string $username Optional way to search for a single user
  * @return User
  */
 public function user($username = null)
 {
     if (is_null($username)) {
         return User::current();
     }
     try {
         return new User($username);
     } catch (Exception $e) {
         return null;
     }
 }
Exemplo n.º 30
0
                                </li>
                                <li><a class="tools" href="<?= URL::base() ?>tools/underbore">Fix underbore</a></li>
                            <?php endif; ?>
                            <li><a class="tools" href="<?= URL::base() ?>tools/financial">Fix financial values</a></li>
                        </ul>
                    </li>
                <?php endif; ?>
                <?php if (Group::current('allow_assign')): ?>
                    <li class="<?= Request::current()->directory() == '' && Request::current()->controller() == 'Attachments' ? 'active' : '' ?>">
                        <a href="<?= URL::base() ?>attachments">Attachments</a></li>
                <?php endif; ?>
                <li class="divider"></li>
            </ul>
            <ul class="nav navbar-nav navbar-right">
                <li>
                    <a href="javascript:;"><?= User::current('login') . (User::current('company_id') ? ' (' . Company::current('name') . ')' : '') ?></a>
                </li>
                <li><a href="<?= URL::base() ?>login/deauth">Log out</a></li>
            </ul>
        </div>
    </div>
</nav>
<div class="container col-xs-12">
    <div class="content">
        <?php foreach ($notifications as $notification): ?>
            <div class="alert alert-<?= $notification['type'] ?>">
                <a href="javascript:;" class="pull-right text-danger notification" data-id="<?= $notification['id'] ?>"><span
                        class="glyphicon glyphicon-remove"></span></a>
                <div><?= $notification['message'] ?></div>
            </div>
        <?php endforeach; ?>