public function init() { $this->setBasePath(APPLICATION_PATH . '/templates/'); $this->addHelperPath(APPLICATION_PATH . '/templates/helpers/', 'Zend_View_Helper'); $this->addHelperPath(APPLICATION_PATH . '/libraries/Kimai/View/Helper/', 'Kimai_View_Helper'); parent::init(); $kga = Kimai_Registry::getConfig(); $this->assign('kga', $kga); }
protected function resetKga() { if (null === $this->kgaLast) { return; } global $kga; $kga = $this->kgaLast; \Kimai_Registry::setConfig($kga); }
/** * @return string */ public function getName() { if (null === $this->skinName) { $skin = Kimai_Config::getDefault(Kimai_Config::DEFAULT_SKIN); $kga = Kimai_Registry::getConfig(); if (!empty($kga->getSettings()->getSkin())) { $skin = $kga->getSettings()->getSkin(); } else { if (!empty($kga->getSkin())) { $skin = $kga->getSkin(); } } $this->skinName = $this->view->escape($skin); } return $this->skinName; }
/** * Check if a user is logged in or kick them. */ function checkUser() { $database = Kimai_Registry::getDatabase(); if (isset($_COOKIE['kimai_user']) && isset($_COOKIE['kimai_key']) && $_COOKIE['kimai_user'] != "0" && $_COOKIE['kimai_key'] != "0") { $kimai_user = addslashes($_COOKIE['kimai_user']); $kimai_key = addslashes($_COOKIE['kimai_key']); if ($database->get_seq($kimai_user) != $kimai_key) { Logger::logfile("Kicking user {$kimai_user} because of authentication key mismatch."); kickUser(); } else { $user = $database->checkUserInternal($kimai_user); Kimai_Registry::setUser(new Kimai_User($user)); return $user; } } Logger::logfile("Kicking user because of missing cookie."); kickUser(); }
} if (!isset($_REQUEST['name']) || is_array($_REQUEST['name'])) { $name = ''; } else { $name = $_REQUEST['name']; } if (!isset($_REQUEST['key']) || is_array($_REQUEST['key'])) { $key = 'nokey'; // will never match since hash values are either NULL or 32 characters } else { $key = $_REQUEST['key']; } require 'includes/basics.php'; $view = new Zend_View(); $view->setBasePath(WEBROOT . '/templates'); $authPlugin = Kimai_Registry::getAuthenticator(); $view->assign('kga', $kga); // current database setup correct? checkDBversion("."); // processing login and displaying either login screen or errors $name = htmlspecialchars(trim($name)); $is_customer = $database->is_customer_name($name); if ($is_customer) { $id = $database->customer_nameToID($name); $customer = $database->customer_get_data($id); $keyCorrect = $key === $customer['passwordResetHash']; } else { $id = $database->user_name2id($name); $user = $database->user_get_data($id); $keyCorrect = $key === $user['passwordResetHash']; }
$kga['server_username'] = $server_ext_username[$dbnr]; } if ($server_ext_password[$dbnr] != '') { $kga['server_password'] = $server_ext_password[$dbnr]; } if ($server_ext_prefix[$dbnr] != '') { $kga['server_prefix'] = $server_ext_prefix[$dbnr]; } } } $database = new Kimai_Database_Mysql($kga); $database->connect($kga['server_hostname'], $kga['server_database'], $kga['server_username'], $kga['server_password'], $kga['utf8'], $kga['server_type']); if (!$database->isConnected()) { die('Kimai could not connect to database. Check your autoconf.php.'); } Kimai_Registry::setDatabase($database); global $translations; $translations = new Translations($kga); if ($kga['language'] != 'en') { $translations->load($kga['language']); } $vars = $database->configuration_get_data(); if (!empty($vars)) { $kga['currency_name'] = $vars['currency_name']; $kga['currency_sign'] = $vars['currency_sign']; $kga['show_sensible_data'] = $vars['show_sensible_data']; $kga['show_update_warn'] = $vars['show_update_warn']; $kga['check_at_startup'] = $vars['check_at_startup']; $kga['show_daySeperatorLines'] = $vars['show_daySeperatorLines']; $kga['show_gabBreaks'] = $vars['show_gabBreaks']; $kga['show_RecordAgain'] = $vars['show_RecordAgain'];
/** * Returns the configured Authenticator for Kimai. * * @return Kimai_Auth_Abstract */ protected function getAuthenticator() { return Kimai_Registry::getAuthenticator(); }
* Create the autoconf.php file. */ case "write_config": include "../includes/func.php"; // special characters " and $ are escaped $database = $_REQUEST['database']; $hostname = $_REQUEST['hostname']; $username = $_REQUEST['username']; $password = $_REQUEST['password']; $charset = 'utf8'; $prefix = addcslashes($_REQUEST['prefix'], '"$'); $lang = $_REQUEST['lang']; $salt = createPassword(20); $timezone = $_REQUEST['timezone']; $kimaiConfig = new Kimai_Config(array('server_prefix' => $server_prefix, 'server_hostname' => $hostname, 'server_database' => $database, 'server_username' => $username, 'server_password' => $password, 'server_charset' => $charset, 'defaultTimezone' => $timezone, 'password_salt' => $salt)); Kimai_Registry::setConfig($kimaiConfig); write_config_file($database, $hostname, $username, $password, $charset, $prefix, $lang, $salt, $timezone); break; /** * Create the database. */ /** * Create the database. */ case 'make_database': $databaseName = $_REQUEST['database']; $hostname = $_REQUEST['hostname']; $username = $_REQUEST['username']; $password = $_REQUEST['password']; $db_error = false; $result = false;
// ============ setup database ============ // we do not unset the $database variable // as it is historically referenced in many places from the global namespace $database = new Kimai_Database_Mysql($kga, true); if (!$database->isConnected()) { die('Kimai could not connect to database. Check your autoconf.php.'); } Kimai_Registry::setDatabase($database); // ============ setup authenticator ============ $authClass = 'Kimai_Auth_' . ucfirst($kga->getAuthenticator()); if (!class_exists($authClass)) { $authClass = 'Kimai_Auth_Kimai'; } $authPlugin = new $authClass($database, $kga); Kimai_Registry::setAuthenticator($authPlugin); unset($authPlugin); // ============ load global configurations ============ $database->initializeConfig($kga); // ============ setup translation object ============ $service = new Kimai_Translation_Service(); Kimai_Registry::setTranslation($service->load($kga->getLanguage())); unset($service); $tmpDir = WEBROOT . 'temporary/'; if (!file_exists($tmpDir) || !is_dir($tmpDir) || !is_writable($tmpDir)) { die('Kimai needs write permissions for: temporary/'); } $frontendOptions = array('lifetime' => 7200, 'automatic_serialization' => true); $backendOptions = array('cache_dir' => $tmpDir); $cache = Zend_Cache::factory('Core', 'File', $frontendOptions, $backendOptions); Kimai_Registry::setCache($cache); Zend_Locale::setCache($cache);
$logdatei = fopen(WEBROOT . "temporary/logfile.txt", "w"); fwrite($logdatei, ""); fclose($logdatei); echo $kga['lang']['log_delete']; } else { die; } break; /** * Write some message to the logfile. */ /** * Write some message to the logfile. */ case "shoutbox": Kimai_Logger::logfile("[" . Kimai_Registry::getUser()->getName() . "] " . $axValue); break; /** * Return the $kga variable (Kimai Global Array). Strip out some sensitive * information if not configured otherwise. */ /** * Return the $kga variable (Kimai Global Array). Strip out some sensitive * information if not configured otherwise. */ case "reloadKGA": $output = $kga; $filter = array('server_hostname' => "xxx", 'server_database' => "xxx", 'server_username' => "xxx", 'server_password' => "xxx", 'password_salt' => "xxx", 'user' => array('secure' => "xxx", 'userID' => "xxx", 'pw' => "xxx", 'password' => "xxx", 'apikey' => "xxx")); switch ($axValue) { case 'plain': $output = $kga;
/** * A drop-in function to replace checkuser() and be compatible with none-cookie environments. * * @author th/kp */ public function checkUserInternal($kimai_user) { $p = $this->kga['server_prefix']; if (strncmp($kimai_user, 'customer_', 9) == 0) { $customerName = MySQL::SQLValue(substr($kimai_user, 9)); $query = "SELECT customerID FROM {$p}customers WHERE name = {$customerName} AND NOT trash = '1';"; $this->conn->Query($query); $row = $this->conn->RowArray(0, MYSQLI_ASSOC); $customerID = $row['customerID']; if ($customerID < 1) { Kimai_Logger::logfile("Kicking customer {$customerName} because he is unknown to the system."); kickUser(); } } else { $query = "SELECT userID FROM {$p}users WHERE name = '{$kimai_user}' AND active = '1' AND NOT trash = '1';"; $this->conn->Query($query); $row = $this->conn->RowArray(0, MYSQLI_ASSOC); $userID = $row['userID']; $name = $kimai_user; if ($userID < 1) { Kimai_Logger::logfile("Kicking user {$name} because he is unknown to the system."); kickUser(); } } $this->kga['timezone'] = $this->kga['defaultTimezone']; // and add user or customer specific settings on top if (strncmp($kimai_user, 'customer_', 9) == 0) { $configs = $this->get_customer_config($customerID); if ($configs !== null) { foreach ($configs as $key => $value) { $this->kga['customer'][$key] = $value; } $this->kga->setTimezone($this->kga['customer']['timezone']); } } else { $configs = $this->get_user_config($userID); if ($configs !== null) { $user = new Kimai_User($configs); $user->setGroups($this->getGroupMemberships($userID)); $this->kga->setUser($user); Kimai_Registry::setUser($user); $this->kga->getSettings()->add($this->user_get_preferences_by_prefix('ui.', $userID)); $userTimezone = $this->user_get_preference('timezone', $userID); if ($userTimezone != '') { $this->kga->setTimezone($userTimezone); } } } date_default_timezone_set($this->kga->getTimezone()); // skin fallback if (!is_dir(WEBROOT . "/skins/" . $this->kga->getSettings()->getSkin())) { $this->kga->getSettings()->setSkin($this->kga->getSkin()); } // load user specific translation Kimai_Registry::getTranslation()->addTranslations($this->kga->getLanguage()); if (isset($this->kga['user'])) { return $this->kga['user']; } return null; }
/** * @param $database * @param $hostname * @param $username * @param $password * @param $charset * @param $prefix * @param $lang * @param $salt * @param $timezone * @return bool */ function write_config_file($database, $hostname, $username, $password, $charset, $prefix, $lang, $salt, $timezone = null) { $kga = Kimai_Registry::getConfig(); $database = addcslashes($database, '"$'); $hostname = addcslashes($hostname, '"$'); $username = addcslashes($username, '"$'); $password = addcslashes($password, '"$'); $file = fopen(realpath(dirname(__FILE__)) . '/autoconf.php', 'w'); if (!$file) { return false; } // fallback if timezone was not provided if (!empty($timezone)) { $timezone = addcslashes($timezone, '"$'); $timezone = '"' . $timezone . '"'; } else { if (isset($kga['defaultTimezone'])) { $timezone = '"' . $kga['defaultTimezone'] . '"'; } else { $timezone = 'date_default_timezone_get()'; } } // fetch skin from global config with "standard" fallback $skin = !empty($kga->getSkin()) ? $kga->getSkin() : Kimai_Config::getDefault(Kimai_Config::DEFAULT_SKIN); $billable = !empty($kga->getBillable()) ? var_export($kga->getBillable(), true) : var_export(Kimai_Config::getDefault(Kimai_Config::DEFAULT_BILLABLE), true); $authenticator = !empty($kga->getAuthenticator()) ? $kga->getAuthenticator() : Kimai_Config::getDefault(Kimai_Config::DEFAULT_AUTHENTICATOR); $lang = !empty($lang) ? $lang : Kimai_Config::getDefault(Kimai_Config::DEFAULT_LANGUAGE); $config = <<<EOD <?php /** * This file is part of * Kimai - Open Source Time Tracking // http://www.kimai.org * (c) Kimai-Development-Team since 2006 * * Kimai is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; Version 3, 29 June 2007 * * Kimai is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with Kimai; If not, see <http://www.gnu.org/licenses/>. */ // This file was automatically generated by the installer \$server_hostname = "{$hostname}"; \$server_database = "{$database}"; \$server_username = "******"; \$server_password = "******"; \$server_charset = "{$charset}"; \$server_prefix = "{$prefix}"; \$language = "{$lang}"; \$password_salt = "{$salt}"; \$defaultTimezone = {$timezone}; \$skin = "{$skin}"; \$authenticator = "{$authenticator}"; \$billable = {$billable}; EOD; fputs($file, $config); fclose($file); return true; }
$view->assign('months_short_array', sprintf("['%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s']", $kga['lang']['months_short'][0], $kga['lang']['months_short'][1], $kga['lang']['months_short'][2], $kga['lang']['months_short'][3], $kga['lang']['months_short'][4], $kga['lang']['months_short'][5], $kga['lang']['months_short'][6], $kga['lang']['months_short'][7], $kga['lang']['months_short'][8], $kga['lang']['months_short'][9], $kga['lang']['months_short'][10], $kga['lang']['months_short'][11])); // assign view placeholders $view->assign('current_timer_hour', $current_timer['hour']); $view->assign('current_timer_min', $current_timer['min']); $view->assign('current_timer_sec', $current_timer['sec']); $view->assign('current_timer_start', $current_timer['all'] ? $current_timer['all'] : time()); $view->assign('current_time', time()); $view->assign('timeframe_in', $in); $view->assign('timeframe_out', $out); $view->assign('kga', $kga); $view->assign('extensions', $extensions->extensionsTabData()); $view->assign('css_extension_files', $extensions->cssExtensionFiles()); $view->assign('js_extension_files', $extensions->jsExtensionFiles()); $view->assign('currentRecording', -1); if (isset($kga['user'])) { $view->assign('user', Kimai_Registry::getUser()); $currentRecordings = $database->get_current_recordings($kga['user']['userID']); if (count($currentRecordings) > 0) { $view->assign('currentRecording', $currentRecordings[0]); } } $view->assign('openAfterRecorded', $kga->getSettings()->isShowAfterRecorded()); $view->assign('lang_checkUsername', $kga['lang']['checkUsername']); $view->assign('lang_checkGroupname', $kga['lang']['checkGroupname']); $view->assign('lang_checkStatusname', $kga['lang']['checkStatusname']); $view->assign('lang_checkGlobalRoleName', $kga['lang']['checkGlobalRoleName']); $view->assign('lang_checkMembershipRoleName', $kga['lang']['checkMembershipRoleName']); $customerData = array('customerID' => false, 'name' => ''); $projectData = array('projectID' => false, 'name' => ''); $activityData = array('activityID' => false, 'name' => ''); if (!isset($kga['customer'])) {