/** * Return array of this $user can do to this user account * * @param User $user * @return NamedList */ function getOptions($user) { if (!isset($this->options[$user->getId()])) { $options = new NamedList(); if (User::canAdd($user, $this)) { $options->add('add_user', array('text' => lang('New User'), 'url' => $this->getAddUserUrl())); } // if if ($this->canEdit($user)) { $options->add('edit', array('text' => lang('Change Details'), 'url' => $this->getEditUrl())); $options->add('edit_logo', array('text' => lang('Change Logo'), 'url' => $this->getEditLogoUrl())); } // if if ($this->canArchive($user)) { if ($this->getIsArchived()) { $options->add('unarchive', array('text' => lang('Unarchive'), 'url' => $this->getUnarchiveUrl(), 'method' => 'post', 'confirm' => lang('Are you sure that you want to move this company from list of archive into list of active companies?'))); } else { $options->add('archive', array('text' => lang('Archive'), 'url' => $this->getArchiveUrl(), 'method' => 'post', 'confirm' => lang('Are you sure that you want to move this company to the archive?'))); } // if } // if if ($this->canDelete($user)) { $options->add('delete', array('text' => lang('Delete'), 'url' => $this->getDeleteUrl(), 'method' => 'post', 'confirm' => lang('Are you sure that you want to delete this company and all of its users? This cannot be undone!'))); } // if // Additional event_trigger('on_company_options', array(&$this, &$options, &$user)); $this->options[$user->getId()] = $options; } // if return $this->options[$user->getId()]; }
<?php set_page_title(lang('members')); administration_tabbed_navigation(ADMINISTRATION_TAB_MEMBERS); administration_crumbs(lang('members')); if (User::canAdd(logged_user(), owner_company())) { add_page_action(array(lang('add user') => owner_company()->getAddUserUrl())); } // if $this->includeTemplate(get_template_path('list_users', 'administration'));
if ($company->isOwner()) { administration_tabbed_navigation(ADMINISTRATION_TAB_COMPANY); administration_crumbs(lang('company')); } else { administration_tabbed_navigation(ADMINISTRATION_TAB_CLIENTS); administration_crumbs(array(array(lang('clients'), get_url('administration', 'clients')), array($company->getName()))); } // if if ($company->canEdit(logged_user())) { add_page_action(lang('edit company'), $company->getEditUrl()); add_page_action(lang('edit company logo'), $company->getEditLogoUrl()); if (!$company->isOwner()) { add_page_action(lang('update permissions'), $company->getUpdatePermissionsUrl()); } // if } // if if (User::canAdd(logged_user(), $company)) { add_page_action(lang('add user'), $company->getAddUserUrl()); } // if $this->includeTemplate(get_template_path('company_card', 'company')); ?> <h2><?php echo lang('users'); ?> </h2> <?php $this->assign('users', $company->getUsers()); $this->includeTemplate(get_template_path('list_users', 'administration'));
The hidden field's accessible name cannot be more than one word. PHP cannot access multiple word variables. Therefore, javascript spTo_(string) (space to underscore) will go through and substitute all the spaces with the underscore character. */ session_start(); include 'odm-load.php'; if (!isset($_SESSION['uid'])) { redirect_visitor(); } include 'udf_functions.php'; require_once "AccessLog_class.php"; require_once "File_class.php"; require_once 'Reviewer_class.php'; require_once 'Email_class.php'; $user_obj = new User($_SESSION['uid'], $pdo); if (!$user_obj->canAdd()) { redirect_visitor('out.php'); } if (!isset($_POST['submit'])) { $last_message = isset($_REQUEST['last_message']) ? $_REQUEST['last_message'] : ''; draw_header(msg('area_add_new_file'), $last_message); $current_user_dept = $user_obj->getDeptId(); $index = 0; //CHM - Pull in the sub-select values $query = "SELECT table_name FROM {$GLOBALS['CONFIG']['db_prefix']}udf WHERE field_type = '4'"; $stmt = $pdo->prepare($query); $stmt->execute(); $result = $stmt->fetchAll(); $num_rows = $stmt->rowCount(); $i = 0; $t_name = array();
/** * Check if this user can add new account to this company * * @access public * @param User $user * @return boolean */ function canAddUser(User $user) { return User::canAdd($user, $this); }
/** * Add user * * @access public * @param void * @return null */ function add() { $this->setTemplate('add_user'); $company = Companies::findById(get_id('company_id')); if (!$company instanceof Company) { flash_error(lang('company dnx')); $this->redirectTo('administration'); } // if if (!User::canAdd(logged_user(), $company)) { flash_error(lang('no access permissions')); $this->redirectToReferer(get_url('dashboard')); } // if $user = new User(); $user_data = array_var($_POST, 'user'); if (!is_array($user_data)) { $user_data = array('password_generator' => 'random', 'company_id' => $company->getId(), 'timezone' => $company->getTimezone()); // array } // if $projects = $company->getProjects(); $permissions = ProjectUsers::getNameTextArray(); tpl_assign('user', $user); tpl_assign('company', $company); tpl_assign('projects', $projects); tpl_assign('permissions', $permissions); tpl_assign('user_data', $user_data); if (is_array(array_var($_POST, 'user'))) { $user->setFromAttributes($user_data); $user->setCompanyId($company->getId()); try { // Generate random password if (array_var($user_data, 'password_generator') == 'random') { $password = substr(sha1(uniqid(rand(), true)), rand(0, 25), 13); // Validate user input } else { $password = array_var($user_data, 'password'); if (trim($password) == '') { throw new Error(lang('password value required')); } // if if ($password != array_var($user_data, 'password_a')) { throw new Error(lang('passwords dont match')); } // if } // if $user->setPassword($password); DB::beginWork(); $user->save(); ApplicationLogs::createLog($user, null, ApplicationLogs::ACTION_ADD); if (is_array($projects)) { foreach ($projects as $project) { if (array_var($user_data, 'project_permissions_' . $project->getId()) == 'checked') { $relation = new ProjectUser(); $relation->setProjectId($project->getId()); $relation->setUserId($user->getId()); foreach ($permissions as $permission => $permission_text) { $permission_value = array_var($user_data, 'project_permission_' . $project->getId() . '_' . $permission) == 'checked'; $setter = 'set' . Inflector::camelize($permission); $relation->{$setter}($permission_value); } // foreach $relation->save(); } // if } // forech } // if DB::commit(); // Send notification... try { if (array_var($user_data, 'send_email_notification')) { Notifier::newUserAccount($user, $password); } // if } catch (Exception $e) { } // try flash_success(lang('success add user', $user->getDisplayName())); $this->redirectToUrl($company->getViewUrl()); // Translate to profile page } catch (Exception $e) { DB::rollback(); tpl_assign('error', $e); } // try } // if }
/** * Create new user * * @param void * @return null */ function add() { $this->wireframe->print_button = false; if ($this->request->isApiCall() && !$this->request->isSubmitted()) { $this->httpError(HTTP_ERR_BAD_REQUEST); } // if if (!User::canAdd($this->logged_user, $this->active_company)) { $this->httpError(HTTP_ERR_FORBIDDEN); } // if $user_data = $this->request->post('user'); if (!is_array($user_data)) { $user_data = array('role_id' => ConfigOptions::getValue('default_role'), 'auto_assign' => false); } // if $this->smarty->assign(array('user_data' => $user_data)); if ($this->request->isSubmitted()) { db_begin_work(); // Validate password if ($this->request->isApiCall() || array_var($user_data, 'specify_password')) { $errors = new ValidationErrors(); $password = array_var($user_data, 'password'); $password_a = array_var($user_data, 'password_a'); if (strlen(trim($password)) < 3) { $errors->addError(lang('3 Letters or Longer'), 'password'); } else { if ($password != $password_a) { $errors->addError(lang('Passwords Mismatch'), 'password_a'); } // if } // if if ($errors->hasErrors()) { if ($this->request->getFormat() == FORMAT_HTML) { $this->smarty->assign('errors', $errors); $this->render(); } else { $this->serveData($errors); } // if } // if } else { $password = make_password(11); } // if $this->active_user = new User(); $this->active_user->setAttributes($user_data); $this->active_user->setPassword($password); $this->active_user->setCompanyId($this->active_company->getId()); if ($this->logged_user->isPeopleManager()) { $this->active_user->setAutoAssignData((bool) array_var($user_data, 'auto_assign'), (int) array_var($user_data, 'auto_assign_role_id'), array_var($user_data, 'auto_assign_permissions')); } else { $this->active_user->setRoleId(ConfigOptions::getValue('default_role')); } // if $save = $this->active_user->save(); if ($save && !is_error($save)) { $welcome_message_sent = false; if (array_var($user_data, 'send_welcome_message')) { $welcome_message = trim(array_var($user_data, 'welcome_message')); if ($welcome_message) { UserConfigOptions::setValue('welcome_message', $welcome_message, $this->active_user); } // if $welcome_message_sent = ApplicationMailer::send(array($this->active_user), 'system/new_user', array('created_by_id' => $this->logged_user->getId(), 'created_by_name' => $this->logged_user->getDisplayName(), 'created_by_url' => $this->logged_user->getViewUrl(), 'email' => $this->active_user->getEmail(), 'password' => $password, 'login_url' => assemble_url('login'), 'welcome_body' => $welcome_message ? nl2br(clean($welcome_message)) : '')); } // if $title = trim(array_var($user_data, 'title')); if ($title) { UserConfigOptions::setValue('title', $title, $this->active_user); } // if db_commit(); if ($this->request->isApiCall()) { $this->serveData($this->active_user, 'user'); } else { if ($welcome_message_sent) { flash_success('New user account has been created. Login information has been sent to :email', array('email' => $this->active_user->getEmail())); } else { flash_success('New user account has been created'); } // if $this->redirectToUrl($this->active_user->getViewUrl()); } // if } else { db_rollback(); if ($this->request->isApiCall()) { $this->serveData($save); } else { $this->smarty->assign('errors', $save); } // if } // if } // if }
/** * Add user * * @access public * @param void * @return null */ function add() { $this->setTemplate('add_user'); $company = Companies::findById(get_id('company_id')); if (!$company instanceof Company) { flash_error(lang('company dnx')); $this->redirectTo('administration'); } // if if (!User::canAdd(logged_user(), $company)) { flash_error(lang('no access permissions')); $this->redirectToReferer(get_url('dashboard')); } // if $user = new User(); $user_data = array_var($_POST, 'user'); if (!is_array($user_data)) { $user_data = array('password_generator' => 'random', 'company_id' => $company->getId(), 'timezone' => $company->getTimezone()); // array } // if $projects = $company->getProjects(); $permissions = PermissionManager::getPermissionsText(); tpl_assign('user', $user); tpl_assign('company', $company); tpl_assign('projects', $projects); tpl_assign('permissions', $permissions); tpl_assign('user_data', $user_data); if (is_array(array_var($_POST, 'user'))) { $user->setFromAttributes($user_data); $user->setCompanyId($company->getId()); try { // Generate random password if (array_var($user_data, 'password_generator') == 'random') { $password = substr(sha1(uniqid(rand(), true)), rand(0, 25), 13); // Validate user input } else { $password = array_var($user_data, 'password'); if (trim($password) == '') { throw new Error(lang('password value required')); } // if if ($password != array_var($user_data, 'password_a')) { throw new Error(lang('passwords dont match')); } // if } // if $user->setPassword($password); if (config_option('check_email_unique', '1') == '1') { if (!$user->validateUniquenessOf('email')) { throw new Error(lang('email address is already used')); } } DB::beginWork(); $user->save(); ApplicationLogs::createLog($user, null, ApplicationLogs::ACTION_ADD); if (is_array($projects)) { foreach ($projects as $project) { if (array_var($user_data, 'project_permissions_' . $project->getId()) == 'checked') { $relation = new ProjectUser(); $relation->setProjectId($project->getId()); $relation->setUserId($user->getId()); foreach ($permissions as $permission => $permission_text) { $permission_value = array_var($user_data, 'project_permission_' . $project->getId() . '_' . $permission) == 'checked'; $user->setProjectPermission($project, $permission, $permission_value); } // foreach $relation->save(); } // if } // foreach } // if DB::commit(); // Send notification... try { if (array_var($user_data, 'send_email_notification')) { Notifier::newUserAccount($user, $password); } // if } catch (Exception $e) { } // try // Add task to Welcome project... try { if (array_var($user_data, 'add welcome task')) { $task_data = array('text' => lang('welcome task text', $user->getName(), get_url('account', 'edit')), 'due date' => DateTimeValueLib::now() + 7 * 24 * 60 * 60, 'assigned_to_company_id' => $user->getCompanyId(), 'assigned_to_user_id' => $user->getId()); $task_list = ProjectTaskLists::instance()->findById(2, true); DB::beginWork(); $task = new ProjectTask(); $task->setFromAttributes($task_data); $task_list->attachTask($task); $task->save(); DB::commit(); } // if } catch (Exception $e) { DB::rollback(); } // try flash_success(lang('success add user', $user->getDisplayName())); $projects = $company->getProjects(); if (is_array($projects) || count($projects)) { $this->redirectToUrl(get_url('account', 'update_permissions', $user->getId())); // Continue to permissions page } // if $this->redirectToUrl($company->getViewUrl()); } catch (Exception $e) { DB::rollback(); tpl_assign('error', $e); } // try } // if }
/** * Show company details * * @param void * @return null */ function view() { if ($this->active_company->isNew()) { $this->httpError(HTTP_ERR_NOT_FOUND); } // if if ($this->request->isApiCall()) { $this->serveData($this->active_company, 'company', array('describe_users' => true, 'describe_logo' => true)); } else { if (User::canAdd($this->logged_user, $this->active_company)) { $this->wireframe->addPageAction(lang('New User'), $this->active_company->getAddUserUrl()); } // if $this->smarty->assign(array('users' => $this->active_company->getUsers($this->logged_user->visibleUserIds()), 'add_user_url' => User::canAdd($this->logged_user, $this->active_company) ? $this->active_company->getAddUserUrl() : false)); } // if }
/** * Add user * * @access public * @param void * @return null */ function add() { if (logged_user()->isGuest()) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } $max_users = config_option('max_users'); if ($max_users && Users::count() >= $max_users) { flash_error(lang('maximum number of users reached error')); ajx_current("empty"); return; } $this->setTemplate('add_user'); $company = Companies::findById(get_id('company_id')); if (!$company instanceof Company) { $company = owner_company(); } // if if (!User::canAdd(logged_user(), $company)) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } // if $user = new User(); $user_data = array_var($_POST, 'user'); if (!is_array($user_data)) { //if it is a new user $contact_id = get_id('contact_id'); $contact = Contacts::findById($contact_id); if ($contact instanceof Contact) { //if it will be created from a contact $user_data = array('username' => $this->generateUserNameFromContact($contact), 'display_name' => $contact->getFirstname() . $contact->getLastname(), 'email' => $contact->getEmail(), 'contact_id' => $contact->getId(), 'password_generator' => 'random', 'company_id' => $company->getId(), 'timezone' => $contact->getTimezone(), 'create_contact' => false, 'type' => 'normal', 'can_manage_time' => true); // array } else { // if it is new, and created from admin interface $user_data = array('password_generator' => 'random', 'company_id' => $company->getId(), 'timezone' => $company->getTimezone(), 'create_contact' => true, 'send_email_notification' => true, 'type' => 'normal', 'can_manage_time' => true); // array } } // if $permissions = ProjectUsers::getNameTextArray(); tpl_assign('user', $user); tpl_assign('company', $company); tpl_assign('permissions', $permissions); tpl_assign('user_data', $user_data); tpl_assign('billing_categories', BillingCategories::findAll()); if (is_array(array_var($_POST, 'user'))) { if (!array_var($user_data, 'createPersonalProject')) { $user_data['personal_project'] = 0; } try { DB::beginWork(); $user = $this->createUser($user_data, array_var($_POST, 'permissions')); $object_controller = new ObjectController(); $object_controller->add_custom_properties($user); DB::commit(); flash_success(lang('success add user', $user->getDisplayName())); ajx_current("back"); } catch (Exception $e) { DB::rollback(); ajx_current("empty"); flash_error($e->getMessage()); } // try } // if }