else {
$result->success = false;
$result->fileError = true;
print(G::json_encode($result));
die;
}
*/
} else {
$aData['USR_UID'] = $form['USR_UID'];
$aData['USR_USERNAME'] = $form['USR_USERNAME'];
if (isset($form['USR_PASSWORD'])) {
if ($form['USR_PASSWORD'] != '') {
$aData['USR_PASSWORD'] = $form['USR_PASSWORD'];
require_once 'classes/model/UsersProperties.php';
$oUserProperty = new UsersProperties();
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($form['USR_UID'], array('USR_PASSWORD_HISTORY' => serialize(array(md5($form['USR_PASSWORD'])))));
$memKey = 'rbacSession' . session_id();
$memcache =& PMmemcached::getSingleton(defined('SYS_SYS') ? SYS_SYS : '');
if (($RBAC->aUserInfo = $memcache->get($memKey)) === false) {
$RBAC->loadUserRolePermission($RBAC->sSystem, $_SESSION['USER_LOGGED']);
$memcache->set($memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS);
}
if ($RBAC->aUserInfo['PROCESSMAKER']['ROLE']['ROL_CODE'] == 'PROCESSMAKER_ADMIN') {
$aUserProperty['USR_LAST_UPDATE_DATE'] = date('Y-m-d H:i:s');
$aUserProperty['USR_LOGGED_NEXT_TIME'] = 1;
$oUserProperty->update($aUserProperty);
}
$aErrors = $oUserProperty->validatePassword($form['USR_NEW_PASS'], $aUserProperty['USR_LAST_UPDATE_DATE'], 0);
if (count($aErrors) > 0) {
$sDescription = G::LoadTranslation('ID_POLICY_ALERT') . ':,';
foreach ($aErrors as $sError) {
}
} else {
$sLocation = G::sanitizeInput($_REQUEST['form']['URL']);
}
} else {
if (isset($_REQUEST['u']) && $_REQUEST['u'] != '') {
$sLocation = G::sanitizeInput($_REQUEST['u']);
} else {
$sLocation = $oUserProperty->redirectTo($_SESSION['USER_LOGGED'], $lang);
}
}
if ($RBAC->singleSignOn) {
G::header('Location: ' . $sLocation);
die;
}
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($_SESSION['USER_LOGGED'], array('USR_PASSWORD_HISTORY' => serialize(array(md5($pwd)))));
$aErrors = $oUserProperty->validatePassword($_POST['form']['USR_PASSWORD'], $aUserProperty['USR_LAST_UPDATE_DATE'], $aUserProperty['USR_LOGGED_NEXT_TIME'], true);
if (!empty($aErrors) && in_array("ID_PPP_CHANGE_PASSWORD_AFTER_NEXT_LOGIN", $aErrors)) {
if (!defined('NO_DISPLAY_USERNAME')) {
define('NO_DISPLAY_USERNAME', 1);
}
$aFields = array();
$aFields['DESCRIPTION'] = '<span style="font-weight:normal;">';
$aFields['DESCRIPTION'] .= G::LoadTranslation('ID_POLICY_ALERT') . ':<br /><br />';
foreach ($aErrors as $sError) {
switch ($sError) {
case 'ID_PPP_MINIMUM_LENGTH':
$aFields['DESCRIPTION'] .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MINIMUM_LENGTH . '<br />';
$aFields[substr($sError, 3)] = PPP_MINIMUM_LENGTH;
$aFields['PPP_MINIMUN_LENGTH'] = PPP_MINIMUM_LENGTH;
break;
public function setHashPassword($object)
{
$type = array('md5', 'sha256');
if (!in_array($object->hash, $type)) {
throw new Exception('Type: ' . $object->hash . ' No valid.');
return false;
}
G::LoadClass("configuration");
$config = new Configurations();
$typeEncrypt = $config->getConfiguration('ENTERPRISE_SETTING_ENCRYPT', '');
if ($typeEncrypt == null) {
$typeEncrypt = array('current' => $object->hash, 'previous' => 'md5');
} else {
$typeEncrypt['previous'] = $typeEncrypt['current'];
$typeEncrypt['current'] = $object->hash;
}
if ($object->hash != $typeEncrypt['previous']) {
$config->aConfig = $typeEncrypt;
$config->saveConfig('ENTERPRISE_SETTING_ENCRYPT', '');
}
require_once 'classes/model/RbacUsersPeer.php';
require_once 'classes/model/UsersProperties.php';
$userProperty = new UsersProperties();
$criteria = new Criteria($object->workspace->dbInfo['DB_RBAC_NAME']);
$criteria->add(RbacUsersPeer::USR_STATUS, 0, Criteria::NOT_EQUAL);
$dataset = RbacUsersPeer::doSelectRS($criteria);
$dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
while ($dataset->next()) {
$row = $dataset->getRow();
$property = $userProperty->loadOrCreateIfNotExists($row['USR_UID'], array());
$property['USR_LOGGED_NEXT_TIME'] = 1;
$userProperty->update($property);
}
}
/**
* Update User
*
* @param string $userUid Unique id of User
* @param array $arrayData Data
* @param string $userUidLogged Unique id of User logged
*
* return array Return data of the User updated
*/
public function update($userUid, array $arrayData, $userUidLogged)
{
try {
\G::LoadSystem("rbac");
//Verify data
$process = new \ProcessMaker\BusinessModel\Process();
$validator = new \ProcessMaker\BusinessModel\Validator();
$validator->throwExceptionIfDataIsNotArray($arrayData, "\$arrayData");
$validator->throwExceptionIfDataIsEmpty($arrayData, "\$arrayData");
//Set data
$arrayData = array_change_key_case($arrayData, CASE_UPPER);
$arrayDataBackup = $arrayData;
//Verify data
$this->throwExceptionIfNotExistsUser($userUid, $this->arrayFieldNameForException["usrUid"]);
$this->throwExceptionIfDataIsInvalid($userUid, $arrayData);
//Permission Admin
$countPermission = 0;
$permission = $this->loadUserRolePermission("PROCESSMAKER", $userUidLogged);
foreach ($permission as $key => $value) {
if ($value["PER_CODE"] == "PM_USERS") {
$countPermission = $countPermission + 1;
}
}
if ($countPermission != 1) {
throw new \Exception(\G::LoadTranslation("ID_USER_CAN_NOT_UPDATE", array($userUidLogged)));
}
//Update
$cnn = \Propel::getConnection("workflow");
try {
$rbac = new \RBAC();
$user = new \Users();
$rbac->initRBAC();
if (isset($arrayData["USR_NEW_PASS"])) {
$arrayData["USR_PASSWORD"] = \Bootstrap::hashPassword($arrayData["USR_NEW_PASS"]);
}
$arrayData["USR_UID"] = $userUid;
$arrayData["USR_LOGGED_NEXT_TIME"] = (isset($arrayData["USR_LOGGED_NEXT_TIME"]))? $arrayData["USR_LOGGED_NEXT_TIME"] : 0;
$arrayData["USR_UPDATE_DATE"] = date("Y-m-d H:i:s");
$flagUserLoggedNextTime = false;
if (isset($arrayData["USR_PASSWORD"])) {
if ($arrayData["USR_PASSWORD"] != "") {
//require_once 'classes/model/UsersProperties.php';
$userProperty = new \UsersProperties();
$aUserProperty = $userProperty->loadOrCreateIfNotExists($userUid, array("USR_PASSWORD_HISTORY" => serialize(array(\Bootstrap::hashPassword($arrayData["USR_PASSWORD"])))));
$memKey = "rbacSession" . session_id();
$memcache = & \PMmemcached::getSingleton(defined("SYS_SYS")? SYS_SYS : "");
if (($rbac->aUserInfo = $memcache->get($memKey)) == false) {
$rbac->loadUserRolePermission("PROCESSMAKER", $userUidLogged);
$memcache->set($memKey, $rbac->aUserInfo, \PMmemcached::EIGHT_HOURS);
}
if ($rbac->aUserInfo["PROCESSMAKER"]["ROLE"]["ROL_CODE"] == "PROCESSMAKER_ADMIN") {
$aUserProperty["USR_LAST_UPDATE_DATE"] = date("Y-m-d H:i:s");
$aUserProperty["USR_LOGGED_NEXT_TIME"] = $arrayData["USR_LOGGED_NEXT_TIME"];
$userProperty->update($aUserProperty);
}
$aHistory = unserialize($aUserProperty["USR_PASSWORD_HISTORY"]);
if (!is_array($aHistory)) {
$aHistory = array();
}
if (!defined("PPP_PASSWORD_HISTORY")) {
define("PPP_PASSWORD_HISTORY", 0);
}
if (PPP_PASSWORD_HISTORY > 0) {
//it's looking a password igual into aHistory array that was send for post in md5 way
$c = 0;
$sw = 1;
while (count($aHistory) >= 1 && count($aHistory) > $c && $sw) {
if (strcmp(trim($aHistory[$c]), trim($arrayData['USR_PASSWORD'])) == 0) {
$sw = 0;
}
$c++;
}
if ($sw == 0) {
$sDescription = G::LoadTranslation("ID_POLICY_ALERT") . ":\n\n";
$sDescription = $sDescription . " - " . G::LoadTranslation("PASSWORD_HISTORY") . ": " . PPP_PASSWORD_HISTORY . "\n";
$sDescription = $sDescription . "\n" . G::LoadTranslation("ID_PLEASE_CHANGE_PASSWORD_POLICY") . "";
throw new \Exception($this->arrayFieldNameForException["usrNewPass"] . ": " . $sDescription);
}
if (count($aHistory) >= PPP_PASSWORD_HISTORY) {
$sLastPassw = array_shift($aHistory);
}
$aHistory[] = $arrayData["USR_PASSWORD"];
}
$aUserProperty["USR_LAST_UPDATE_DATE"] = date("Y-m-d H:i:s");
$aUserProperty["USR_LOGGED_NEXT_TIME"] = $arrayData["USR_LOGGED_NEXT_TIME"];
$aUserProperty["USR_PASSWORD_HISTORY"] = serialize($aHistory);
$userProperty->update($aUserProperty);
} else {
$flagUserLoggedNextTime = true;
}
} else {
$flagUserLoggedNextTime = true;
}
if ($flagUserLoggedNextTime) {
//require_once "classes/model/Users.php";
$oUser = new \Users();
$aUser = $oUser->load($userUid);
//require_once "classes/model/UsersProperties.php";
$oUserProperty = new \UsersProperties();
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($userUid, array("USR_PASSWORD_HISTORY" => serialize(array($aUser["USR_PASSWORD"]))));
$aUserProperty["USR_LOGGED_NEXT_TIME"] = $arrayData["USR_LOGGED_NEXT_TIME"];
$oUserProperty->update($aUserProperty);
}
//Update in rbac
if (isset($arrayData["USR_ROLE"])) {
$rbac->updateUser($arrayData, $arrayData["USR_ROLE"]);
} else {
$rbac->updateUser($arrayData);
}
//Update in workflow
$result = $user->update($arrayData);
//Save Calendar assigment
if (isset($arrayData["USR_CALENDAR"])) {
//Save Calendar ID for this user
\G::LoadClass("calendar");
$calendar = new \Calendar();
$calendar->assignCalendarTo($userUid, $arrayData["USR_CALENDAR"], "USER");
}
//Return
$arrayData = $arrayDataBackup;
if (!$this->formatFieldNameInUppercase) {
$arrayData = array_change_key_case($arrayData, CASE_LOWER);
}
return $arrayData;
} catch (\Exception $e) {
$cnn->rollback();
throw $e;
}
} catch (\Exception $e) {
throw $e;
}
}
$_POST['form']['USR_CITY'] = '';
}
if (!isset($_POST['form']['USR_LOCATION'])) {
$_POST['form']['USR_LOCATION'] = '';
}
if (!isset($_POST['form']['USR_ROLE'])) {
$_POST['form']['USR_ROLE'] = '';
}
$aData['USR_UID'] = $_POST['form']['USR_UID'];
$aData['USR_USERNAME'] = $_POST['form']['USR_USERNAME'];
if (isset($_POST['form']['USR_PASSWORD'])) {
if ($_POST['form']['USR_PASSWORD'] != '') {
$aData['USR_PASSWORD'] = $_POST['form']['USR_PASSWORD'];
require_once 'classes/model/UsersProperties.php';
$oUserProperty = new UsersProperties();
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($_POST['form']['USR_UID'], array('USR_PASSWORD_HISTORY' => serialize(array(G::encryptOld($_POST['form']['USR_NEW_PASS'])))));
$aErrors = $oUserProperty->validatePassword($_POST['form']['USR_NEW_PASS'], $aUserProperty['USR_LAST_UPDATE_DATE'], $aUserProperty['USR_LOGGED_NEXT_TIME']);
if (count($aErrors) > 0) {
$sDescription = G::LoadTranslation('ID_POLICY_ALERT') . ':<br /><br />';
foreach ($aErrors as $sError) {
switch ($sError) {
case 'ID_PPP_MINIMUN_LENGTH':
$sDescription .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MINIMUN_LENGTH . '<br />';
break;
case 'ID_PPP_MAXIMUN_LENGTH':
$sDescription .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MAXIMUN_LENGTH . '<br />';
break;
case 'ID_PPP_EXPIRATION_IN':
$sDescription .= ' - ' . G::LoadTranslation($sError) . ' ' . PPP_EXPIRATION_IN . ' ' . G::LoadTranslation('ID_DAYS') . '<br />';
break;
default:
