/** * Displays the specified 'step' of the wizard * @param WizardStep $oStep The 'step' to display */ protected function DisplayStep(WizardStep $oStep) { $oPage = new SetupPage($oStep->GetTitle()); if ($oStep->RequiresWritableConfig()) { $sConfigFile = utils::GetConfigFilePath(); if (file_exists($sConfigFile)) { // The configuration file already exists if (!is_writable($sConfigFile)) { $oP = new SetupPage('Installation Cannot Continue'); $oP->add("<h2>Fatal error</h2>\n"); $oP->error("<b>Error:</b> the configuration file '" . $sConfigFile . "' already exists and cannot be overwritten."); $oP->p("The wizard cannot modify the configuration file for you. If you want to upgrade " . ITOP_APPLICATION . ", make sure that the file '<b>" . realpath($sConfigFile) . "</b>' can be modified by the web server."); $oP->output(); return; } } } $oPage->add_linked_script('../setup/setup.js'); $oPage->add_script("function CanMoveForward()\n{\n" . $oStep->JSCanMoveForward() . "\n}\n"); $oPage->add_script("function CanMoveBackward()\n{\n" . $oStep->JSCanMoveBackward() . "\n}\n"); $oPage->add('<form id="wiz_form" method="post">'); $oStep->Display($oPage); // Add the back / next buttons and the hidden form // to store the parameters $oPage->add('<input type="hidden" id="_class" name="_class" value="' . get_class($oStep) . '"/>'); $oPage->add('<input type="hidden" id="_state" name="_state" value="' . $oStep->GetState() . '"/>'); foreach ($this->aParameters as $sCode => $value) { $oPage->add('<input type="hidden" name="_params[' . $sCode . ']" value="' . htmlentities($value, ENT_QUOTES, 'UTF-8') . '"/>'); } $oPage->add('<input type="hidden" name="_steps" value="' . htmlentities(json_encode($this->aSteps), ENT_QUOTES, 'UTF-8') . '"/>'); $oPage->add('<table style="width:100%;"><tr>'); if (count($this->aSteps) > 0 && $oStep->CanMoveBackward()) { $oPage->add('<td style="text-align: left"><button id="btn_back" type="submit" name="operation" value="back"> << Back </button></td>'); } if ($oStep->CanMoveForward()) { $oPage->add('<td style="text-align:right;"><button id="btn_next" class="default" type="submit" name="operation" value="next">' . htmlentities($oStep->GetNextButtonLabel(), ENT_QUOTES, 'UTF-8') . '</button></td>'); } $oPage->add('</tr></table>'); $oPage->add("</form>"); $oPage->add('<div id="async_action" style="display:none;overflow:auto;max-height:100px;color:#F00;font-size:small;"></div>'); // The div may become visible in case of error // Hack to have the "Next >>" button, be the default button, since the first submit button in the form is the default one $oPage->add_ready_script(<<<EOF \$('form').each(function () { \tvar thisform = \$(this); \t\tthisform.prepend(thisform.find('button.default').clone().removeAttr('id').removeAttr('disabled').css({ \t\tposition: 'absolute', \t\tleft: '-999px', \t\ttop: '-999px', \t\theight: 0, \t\twidth: 0 \t})); }); \$('#btn_back').click(function() { \$('#wiz_form').data('back', true); }); \$('#wiz_form').submit(function() { \tif (\$(this).data('back')) \t{ \t\treturn CanMoveBackward(); \t} \telse \t{ \t\treturn CanMoveForward(); \t} }); \$('#wiz_form').data('back', false); WizardUpdateButtons(); EOF ); $oPage->output(); }
/** * Check if the user is already authentified, if yes, then performs some additional validations to redirect towards the desired "portal" * @param string|null $sRequestedPortalId The requested "portal" interface, null for any * @param bool $bMustBeAdmin Whether or not the user must be an admin to access the current page * @param int iOnExit What action to take if the user is not logged on (one of the class constants EXIT_...) */ static function DoLoginEx($sRequestedPortalId = null, $bMustBeAdmin = false, $iOnExit = self::EXIT_PROMPT) { $operation = utils::ReadParam('loginop', ''); $sMessage = self::HandleOperations($operation); // May exit directly $iRet = self::Login($iOnExit); if ($iRet == self::EXIT_CODE_OK) { if ($bMustBeAdmin && !UserRights::IsAdministrator()) { if ($iOnExit == self::EXIT_RETURN) { return self::EXIT_CODE_MUSTBEADMIN; } else { require_once APPROOT . '/setup/setuppage.class.inc.php'; $oP = new SetupPage(Dict::S('UI:PageTitle:FatalError')); $oP->add("<h1>" . Dict::S('UI:Login:Error:AccessAdmin') . "</h1>\n"); $oP->p("<a href=\"" . utils::GetAbsoluteUrlAppRoot() . "pages/logoff.php\">" . Dict::S('UI:LogOffMenu') . "</a>"); $oP->output(); exit; } } $iRet = call_user_func(array(self::$sHandlerClass, 'ChangeLocation'), $sRequestedPortalId, $iOnExit); } if ($iOnExit == self::EXIT_RETURN) { return $iRet; } else { return $sMessage; } }
/** * Check if the user is already authentified, if yes, then performs some additional validations: * - if $bMustBeAdmin is true, then the user must be an administrator, otherwise an error is displayed * - if $bIsAllowedToPortalUsers is false and the user has only access to the portal, then the user is redirected to the portal * @param bool $bMustBeAdmin Whether or not the user must be an admin to access the current page * @param bool $bIsAllowedToPortalUsers Whether or not the current page is considered as part of the portal * @param int iOnExit What action to take if the user is not logged on (one of the class constants EXIT_...) */ static function DoLogin($bMustBeAdmin = false, $bIsAllowedToPortalUsers = false, $iOnExit = self::EXIT_PROMPT) { $sMessage = ''; // In case we need to return a message to the calling web page $operation = utils::ReadParam('loginop', ''); if ($operation == 'logoff') { if (isset($_SESSION['login_mode'])) { $sLoginMode = $_SESSION['login_mode']; } else { $aAllowedLoginTypes = MetaModel::GetConfig()->GetAllowedLoginTypes(); if (count($aAllowedLoginTypes) > 0) { $sLoginMode = $aAllowedLoginTypes[0]; } else { $sLoginMode = 'form'; } } self::ResetSession(); $oPage = self::NewLoginWebPage(); $oPage->DisplayLoginForm($sLoginMode, false); $oPage->output(); exit; } else { if ($operation == 'forgot_pwd') { $oPage = self::NewLoginWebPage(); $oPage->DisplayForgotPwdForm(); $oPage->output(); exit; } else { if ($operation == 'forgot_pwd_go') { $oPage = self::NewLoginWebPage(); $oPage->ForgotPwdGo(); $oPage->output(); exit; } else { if ($operation == 'reset_pwd') { $oPage = self::NewLoginWebPage(); $oPage->DisplayResetPwdForm(); $oPage->output(); exit; } else { if ($operation == 'do_reset_pwd') { $oPage = self::NewLoginWebPage(); $oPage->DoResetPassword(); $oPage->output(); exit; } else { if ($operation == 'change_pwd') { $sAuthUser = $_SESSION['auth_user']; UserRights::Login($sAuthUser); // Set the user's language $oPage = self::NewLoginWebPage(); $oPage->DisplayChangePwdForm(); $oPage->output(); exit; } } } } } } if ($operation == 'do_change_pwd') { $sAuthUser = $_SESSION['auth_user']; UserRights::Login($sAuthUser); // Set the user's language $sOldPwd = utils::ReadPostedParam('old_pwd', '', false, 'raw_data'); $sNewPwd = utils::ReadPostedParam('new_pwd', '', false, 'raw_data'); if (UserRights::CanChangePassword() && (!UserRights::CheckCredentials($sAuthUser, $sOldPwd) || !UserRights::ChangePassword($sOldPwd, $sNewPwd))) { $oPage = self::NewLoginWebPage(); $oPage->DisplayChangePwdForm(true); // old pwd was wrong $oPage->output(); exit; } $sMessage = Dict::S('UI:Login:PasswordChanged'); } $iRet = self::Login($iOnExit); if ($iRet == self::EXIT_CODE_OK) { if ($bMustBeAdmin && !UserRights::IsAdministrator()) { if ($iOnExit == self::EXIT_RETURN) { return self::EXIT_CODE_MUSTBEADMIN; } else { require_once APPROOT . '/setup/setuppage.class.inc.php'; $oP = new SetupPage(Dict::S('UI:PageTitle:FatalError')); $oP->add("<h1>" . Dict::S('UI:Login:Error:AccessAdmin') . "</h1>\n"); $oP->p("<a href=\"" . utils::GetAbsoluteUrlAppRoot() . "pages/logoff.php\">" . Dict::S('UI:LogOffMenu') . "</a>"); $oP->output(); exit; } } $iRet = call_user_func(array(self::$sHandlerClass, 'ChangeLocation'), $bIsAllowedToPortalUsers, $iOnExit); } if ($iOnExit == self::EXIT_RETURN) { return $iRet; } else { return $sMessage; } }