public function act_subformat_delete()
{
$this->subformat_name = $_GET['subformat'];
$subformats_model = new SubformatsModel($this->subformat_name);
$subformats_model->delete($_GET['subid']);
set_redirect_header($_GET['mod'], 'subformat_list', null, array(subformat => $this->subformat_name));
$this->subformats_list = $subformats_model->get_by_id($_POST['delete_subformats']);
}
$user_id = $_POST['user_id'];
if (isset($_POST['email'])) {
$email = $_POST['email'];
}
$process_form = true;
}
if ($process_form == true) {
if ($user = $dbManager->get_user_by_id_if_password_is_correct($user_id, $old_password)) {
$dbManager->update_user_info($user->getId(), $name, $new_password, $email);
if ($_SESSION['username'] == $user->getName()) {
login($name, $new_password);
}
$message[] = new Message("User info changed successfully.", Message::SUCCESS);
$smarty->assign('message', $message);
$smarty->assign('title', 'Index page');
set_redirect_header("index.php");
$smarty->display('index.tpl');
} else {
$message[] = new Message("Cannot change user info. Try again please.", Message::WARNING);
$user = $dbManager->get_user_by_id($user_id);
$user->setPassword(null);
$smarty->assign('user', $user);
$smarty->assign('message', $message);
$smarty->assign('title', 'Change user');
$smarty->display('change_user.tpl');
}
} else {
$message[] = new Message("Something goes wrong.", Message::WARNING);
$user = $dbManager->get_user_by_id($user_id);
$user->setPassword(null);
$smarty->assign('user', $user);
function act_default()
{
set_redirect_header('dashboard', 'dashboard');
}
public function act_download()
{
//get file id
//load document detaild
$supporting_docs_meta = new SupportingDocsMeta();
$supporting_docs_meta->LoadfromRecordNumber($_GET['doc_id']);
$supporting_docs_meta->LoadRelationships();
$supporting_docs = new SupportingDocs();
$supporting_docs->LoadfromRecordNumber($_GET['doc_id']);
//set headers
if ($supporting_docs->uri != null) {
//echo $supporting_docs->uri;
$ext = shn_file_findexts($supporting_docs->uri);
//fetch document
//stream document
$title = $supporting_docs_meta->title;
$file_name = str_replace(" ", "_", $title);
header("Content-Type: application/{$ext}");
header("Content-Disposition: filename=" . urlencode("{$file_name}.{$ext}"));
header("Content-Length: " . filesize($supporting_docs->uri));
$fp = fopen($supporting_docs->uri, 'rb');
fpassthru($fp);
//inthis case we dont need to go to the templates so exit from the script
} else {
shnMessageQueue::addInformation('No attachment found to this document.');
set_redirect_header('docu', 'view_document', null, null);
}
exit;
}
public function act_edit_password()
{
include_once APPROOT . 'inc/lib_form.inc';
include_once APPROOT . 'inc/lib_form_util.inc';
include_once APPROOT . 'inc/lib_validate.inc';
include_once APPROOT . 'inc//security/lib_auth.inc';
include_once APPROOT . 'mod/admin/change_password_form.inc';
$this->username = $_SESSION['username'];
if (isset($_POST['save'])) {
$password_current = $_POST['password_current'];
$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
$user = UserHelper::loadFromUsername($this->username);
if ($user->isPasswordMatch($password_current)) {
if ($password1 == $password2) {
$user->setOldSalt($user->getSalt());
$user->setOldPasswordHash($user->getPasswordHash());
$salt = generate_salt();
$user->setSalt($salt);
$user->setPassword($password1);
$user->Save();
set_redirect_header('home', 'edit_user');
} else {
$change_password_form['password1']['extra_opts'] = array();
$change_password_form['password1']['extra_opts']['error'] = array();
$change_password_form['password1']['extra_opts']['error'][] = _t("THE_TWO_PASSWORDS_ARE_DIFFERENT");
$change_password_form['password2']['extra_opts'] = array();
$change_password_form['password2']['extra_opts']['error'] = array();
$change_password_form['password2']['extra_opts']['error'][] = _t("THE_TWO_PASSWORDS_ARE_DIFFERENT");
}
} else {
$change_password_form['password_current']['extra_opts'] = array();
$change_password_form['password_current']['extra_opts']['error'] = array();
$change_password_form['password_current']['extra_opts']['error'][] = _t("PASSWORD_INVALID");
}
}
$this->change_password_form = $change_password_form;
}
public function act_delete_query()
{
if (isset($_POST['delete_yes']) && is_array($_POST['sq'])) {
$saveQuery = new SaveQuery();
foreach ($_POST['sq'] as $query) {
$saveQuery->DeleteFromRecordNumber($query);
}
shnMessageQueue::addInformation(_t('QUERIES_DELETED_SUCCESSFULLY_'));
}
set_redirect_header('analysis', 'search_query');
}
public function act_delete_coe()
{
if (!isset($_POST['coes']) || isset($_POST['no'])) {
set_redirect_header('events', 'coe_list');
return;
}
$this->del_confirm = true;
if (isset($_POST['yes'])) {
if (isset($_POST['coe'])) {
array_push($_POST['coes'], $_POST['coe']);
}
//if multiplt events are selected
if (is_array($_POST['coes'])) {
foreach ($_POST['coes'] as $coe) {
$c = new ChainOfEvents();
$c->DeleteFromRecordNumber($coe);
}
}
set_redirect_header('events', 'coe_list');
return;
}
$this->related_events = Browse::getCOEListArray($_POST['coes']);
}
function redirect($url, $status_code = 303)
{
set_redirect_header($url, $status_code);
die;
}
public function act_permissions()
{
$gacl_api = acl_get_gacl_api();
$this->roles = acl_get_roles();
if (isset($_POST['update'])) {
foreach ($this->roles as $role_val => $role_name) {
if ($role_val == 'admin') {
continue;
}
$acl_id = $gacl_api->search_acl('access', 'access', FALSE, FALSE, $role_name, 'person', $this->person->person_record_number, FALSE, FALSE);
if (isset($_POST['roles']) && in_array($role_val, $_POST['roles'])) {
if (count($acl_id) == 0) {
$aro_grp = $gacl_api->get_group_id($role_val, $role_name, 'ARO');
$return = $gacl_api->add_acl(array('access' => array('access')), null, array($aro_grp), array('person' => array($this->person->person_record_number)), null, 1);
}
} else {
$gacl_api->del_acl($acl_id[0]);
}
}
set_redirect_header('person', 'permissions');
}
if (isset($_POST['add_user']) && $_POST['add_user'] != '') {
$username = $_POST['add_user'];
if (UserHelper::isUser($username)) {
$return = $gacl_api->add_acl(array('access' => array('access')), array("users" => array($username)), null, array('person' => array($this->person->person_record_number)), null, 1);
} else {
shnMessageQueue::addError(_t('USERID_DOES_NOT_EXISTS_'));
}
}
if (isset($_POST['remove_user'])) {
$acl_id = $gacl_api->search_acl('access', 'access', 'users', $_POST['remove_user'], FALSE, 'person', $this->person->person_record_number, FALSE, FALSE);
if (isset($acl_id[0])) {
$gacl_api->del_acl($acl_id[0]);
}
}
//populate checkboxes
$this->value = array();
foreach ($this->roles as $role_val => $role_name) {
$acl_id = $gacl_api->search_acl('access', 'access', FALSE, FALSE, $role_name, 'person', $this->person->person_record_number, FALSE, FALSE);
if (count($acl_id) > 0) {
$this->value[$role_val] = $role_val;
}
}
//get users with permissions
$this->users = acl_get_allowed_users($this->person->person_record_number, $type = 'person');
}
