示例#1
0
function profile_main()
{
    $model = new CTForm("PasswortChangeForm", "prooveOldPassword");
    if ($_SESSION["user"]->password != null) {
        $model->setHeader(t("change.password"), t("to.change.password.complete.following.fields"));
        $model->addField("password", "", "PASSWORD", t("old.password"));
        $model->addButton(t("change.password"), "ok");
    } else {
        $model->setHeader(t("welcome"), t("to.login.later.set.own.password"));
        $model->addButton(t("set.password"), "ok");
    }
    $model->addField("newpassword1", "", "PASSWORD", t("new.password"));
    $model->addField("newpassword2", "", "PASSWORD", t("repeat.new.password"));
    return $model->render();
}
示例#2
0
function simulate_main()
{
    if (isset($_SESSION["simulate"])) {
        $user = churchcore_getPersonById($_SESSION["simulate"]);
        $user->auth = getUserAuthorization($user->id);
        $_SESSION["user"] = $user;
        unset($_SESSION["simulate"]);
        if (isset($_SESSION["back"])) {
            header("Location: ?q=" . $_SESSION["back"]);
            unset($_SESSION["back"]);
        } else {
            header("Location: ?q=" . $_GET["link"]);
        }
    }
    if (isset($_GET["id"])) {
        $res = churchcore_getPersonById($_GET["id"]);
        if ($res != false) {
            _simulateUser($res);
            header("Location: ?q=" . $_GET["location"]);
            return "";
        }
    }
    $model = new CTForm("SimulateUserForm", "prooveEmail");
    $model->setHeader("Benutzer simulieren", t("simulate.information.text") . " " . t("please.enter.valid.email") . ":");
    $model->addField("email", "", "EMAIL", "EMail");
    $model->addButton("Simulieren", "ok");
    return $model->render();
}
示例#3
0
function login_main()
{
    global $q, $config;
    $txt = "";
    if (isset($config["admin_message"]) && $config["admin_message"] != "") {
        addErrorMessage($config["admin_message"]);
    }
    if (isset($_GET["message"]) && $_GET["message"] != "") {
        addInfoMessage($_GET["message"]);
    }
    // Sicherstellen, dass keiner eingelogt ist!
    if (!userLoggedIn()) {
        if (isset($config["login_message"])) {
            addInfoMessage($config["login_message"], true);
        }
        $model = new CTForm("LoginForm", "prooveLogin", "Login");
        $model->setHeader(t("login.headline"), t("please.fill.following.fields"));
        $model->addField("email", "", "INPUT_REQUIRED", t("email.or.username"), true);
        $model->addField("password", "", "PASSWORD", t("password"));
        if (!isset($config["show_remember_me"]) || $config["show_remember_me"] == 1) {
            $model->addField("rememberMe", "", "CHECKBOX", t("remember.me"));
        }
        $model->addButton(t("login"), "ok");
        if (isset($_GET["newpwd"])) {
            $res = db_query("select count(*) c from {cdb_person} where email='" . $_GET["email"] . "' and archiv_yn=0")->fetch();
            if ($_GET["email"] == "" || $res->c == 0) {
                $txt .= '<div class="alert alert-error"><p>Bitte ein g&uuml;ltige EMail-Adresse angeben, 
          an die das neue Passwort gesendet werden kann! 
          Diese Adresse muss im System schon eingerichtet sein.
          <p>Falls die E-Mail-Adresse schon eingerichtet sein sollte, 
          wende Dich bitte an <a href="' . variable_get("site_mail") . '">' . variable_get("site_mail") . '</a>.</div>';
            } else {
                $newpwd = random_string(8);
                $scrambled_password = scramble_password($newpwd);
                db_query("update {cdb_person} set password='******' where email='" . $_GET["email"] . "'");
                $content = "<h3>Hallo!</h3><p>Ein neues Passwort wurde f&uuml;r die E-Mail-Adresse <i>" . $_GET["email"] . "</i> angefordert: {$newpwd}";
                churchcore_systemmail($_GET["email"], "[" . variable_get('site_name') . "] Neues Passwort", $content, true, 1);
                churchcore_sendMails(1);
                $txt .= '<div class="alert alert-info">Hinweis: Ein neues Passwort wurde nun an <i>' . $_GET["email"] . '</i> gesendet.</div>';
                ct_log("Neues Passwort angefordert " . $_GET["email"], 2, "-1", "login");
            }
        } else {
            if (isset($_POST["email"]) && isset($_POST["password"]) && isset($_POST["directtool"])) {
                include_once CHURCHCORE . "/churchcore_db.php";
                $sql = "select * from {cdb_person} where email=:email and active_yn=1 and archiv_yn=0";
                $res = db_query($sql, array(":email" => $_POST["email"]))->fetch();
                if ($res == false) {
                    drupal_json_output(jsend()->fail("Unbekannte E-Mail-Adresse"));
                } else {
                    if (user_check_password($_POST["password"], $res)) {
                        login_user($res);
                        ct_log("Login durch Direct-Tool " . $_POST["directtool"] . " mit " . $_POST["email"], 2, "-1", "login");
                        drupal_json_output(jsend()->success());
                    } else {
                        drupal_json_output(jsend()->fail("Falsches Passwort"));
                    }
                }
                return;
            } else {
                if (isset($_GET["loginstr"]) && $_GET["loginstr"] != "" && isset($_GET["id"])) {
                    // L�sche alte cc_loginurrls die �lter sind als 14 tage
                    db_query("delete from {cc_loginstr} where DATEDIFF( current_date, create_date ) > 13");
                    $sql = "select * from {cc_loginstr} where loginstr=:loginstr and person_id=:id";
                    $res = db_query($sql, array(":loginstr" => $_GET["loginstr"], ":id" => $_GET["id"]))->fetch();
                    if ($res == false) {
                        $txt .= '<div class="alert alert-info">Fehler: Der verwendete Login-Link ist nicht mehr aktuell und kann deshalb nicht mehr verwendet werden. Bitte mit E-Mail-Adresse und Passwort anmelden!</div>';
                    } else {
                        // Nehme den LoginStr heraus, damit er nicht mi�braucht werden kann.
                        $sql = "delete from {cc_loginstr} where loginstr=:loginstr and person_id=:id";
                        $res = db_query($sql, array(":loginstr" => $_GET["loginstr"], ":id" => $_GET["id"]));
                        ct_log("Login User " . $_GET["id"] . " erfolgreich mit loginstr ", 2, "-1", "login");
                        $res = churchcore_getPersonById($_GET["id"]);
                        login_user($res);
                    }
                }
            }
        }
        $txt .= $model->render();
        $txt .= '<script>jQuery("#newpwd").click(function(k,a) {
         if (confirm("' . t('want.to.receive.new.password') . '")) {
           window.location.href="?newpwd=true&email="+jQuery("#LoginForm_email").val()+"&q=' . $q . '";
            }
          });</script>';
    } else {
        // Wenn man sich ummelden m�chte und zur Familie geh�rt (also gleiche E-Mail-Adresse)
        if (isset($_GET["family_id"])) {
            if (isset($_SESSION["family"][$_GET["family_id"]])) {
                //logout_current_user();
                login_user($_SESSION["family"][$_GET["family_id"]]);
                $txt .= '<div class="alert alert-info">Ummelden erfolgreich! Du arbeitest nun mit der Berechtigung von ' . $_SESSION["user"]->vorname . ' ' . $_SESSION["user"]->name . '.</div>';
            } else {
                $txt .= '<div class="alert alert-info">Ummelden zu Id:' . $_GET["family_id"] . ' hat nicht funktioniert, Session ist leer!</div>';
            }
        } else {
            $txt .= '<div class="alert alert-info"><i>Hinweis:</i> Du bist angemeldet als ' . $_SESSION["user"]->vorname . ', weiter geht es <a href="?q=home">hier</a>!</div>';
        }
    }
    return $txt;
}
示例#4
0
/**
 * main function for login
 * @return string
 */
function login_main()
{
    global $q, $config, $user;
    $txt = "";
    if ($t = getConf("admin_message")) {
        addErrorMessage($t);
    }
    if ($t = getVar("message")) {
        addInfoMessage($t);
    }
    // Sicherstellen, dass keiner eingelogt ist!
    if (!userLoggedIn()) {
        if ($t = getVar("login_message")) {
            addInfoMessage($t, true);
        }
        $form = new CTForm("LoginForm", "validateLogin", "Login");
        $form->setHeader(t("login.headline"), t("please.fill.following.fields"));
        $form->addField("email", "", "INPUT_REQUIRED", t("email.or.username"), true);
        if (getVar("email")) {
            $form->fields["email"]->setValue(getVar("email"));
        }
        $form->addField("password", "", "PASSWORD", t("password"));
        // TODO: when is this false?
        if (getConf("show_remember_me", 1) == 1) {
            $form->addField("rememberMe", "", "CHECKBOX", t("remember.me"));
        }
        $form->addButton(t("login"), "ok");
        // access through externale tools through GET and additional direct
        // POST so no GET is used , so it is not visible in the URL
        if (getVar("email", false, $_POST) && getVar("password", false, $_POST) && getVar("directtool", false, $_POST)) {
            include_once CHURCHCORE . "/churchcore_db.php";
            $email = getVar("email", false, $_POST);
            $password = getVar("password", false, $_POST);
            $directTool = getVar("directtool", false, $_POST);
            $res = db_query("SELECT * FROM {cdb_person}\n                       WHERE email=:email AND active_yn=1 AND archiv_yn=0", array(":email" => $email))->fetch();
            if (!$res) {
                drupal_json_output(jsend()->fail(t('email.unknown')));
            } else {
                if (user_check_password($password, $res)) {
                    login_user($res, null, false);
                    ct_log("Login by Direct-Tool {$directTool} with {$email}", 2, "-1", "login");
                    drupal_json_output(jsend()->success());
                } else {
                    drupal_json_output(jsend()->fail(t('wrong.password')));
                }
            }
            return;
        } else {
            if (($loginstr = getVar("loginstr")) && ($id = getVar('id'))) {
                // delete login strings older then 14 days
                db_query("DELETE FROM {cc_loginstr}\n                WHERE DATEDIFF( current_date, create_date ) > 13");
                $res = db_query("SELECT * FROM {cc_loginstr}\n                       WHERE loginstr=:loginstr AND person_id=:id", array(":loginstr" => $loginstr, ":id" => $id))->fetch();
                if (!$res) {
                    $txt .= '<div class="alert alert-info">' . t('login.string.too.old') . '</div>';
                } else {
                    // delete current loginKey to prevent misuse
                    $res = db_query("DELETE FROM {cc_loginstr}\n                         WHERE loginstr=:loginstr AND person_id=:id", array(":loginstr" => $loginstr, ":id" => $id));
                    ct_log("Login User {$id} erfolgreich mit loginstr ", 2, "-1", "login");
                    $res = churchcore_getPersonById($id);
                    login_user($res);
                }
            }
        }
        $txt .= $form->render();
        $txt .= '<script>jQuery("#newpwd").click(function(k,a) {
         if (confirm("' . t('want.to.receive.new.password') . '")) {
           window.location.href="?q=login/newpwd&email="+jQuery("#LoginForm_email").val();
            }
          });</script>';
    } else {
        // switch to another family user (same email)
        if ($familyId = getVar("family_id")) {
            if (isset($_SESSION["family"][$familyId])) {
                // logout_current_user();
                login_user($_SESSION["family"][$familyId]);
                $txt .= '<div class="alert alert-info">' . t('user.succesfully.changed.now.you.work.with.permissions.of.x', $_SESSION["user"]->vorname . ' ' . $_SESSION["user"]->name) . '</div>';
            } else {
                $txt .= "<div class='alert alert-info'>" . t('user.change.to.familyX.failed.session.is.empty', $familyId) . "</div>";
            }
        } else {
            if (getVar("directtool", false, $_POST)) {
                drupal_json_output(jsend()->success("Already logged in"));
            } else {
                $txt .= '<div class="alert alert-info">' . t('you.are.logged.in.as.x.click.y.to.continue', $_SESSION["user"]->vorname, '<a href="?q=home">' . t('home') . '</a>') . '</div>';
            }
        }
    }
    return $txt;
}
示例#5
0
function admin_main()
{
    global $config;
    drupal_add_css(ASSETS . '/fileuploader/fileuploader.css');
    drupal_add_js(ASSETS . '/fileuploader/fileuploader.js');
    $model = new CTForm("AdminForm", "admin_saveSettings");
    $model->addField("site_name", "", "INPUT_REQUIRED", t("name.of.website"))->setValue($config["site_name"]);
    $model->addField("site_logo", "", "FILEUPLOAD", t("logo.of.website"))->setValue(readConf("site_logo"));
    $model->addField("welcome", "", "INPUT_REQUIRED", t("welcome.message"));
    $model->fields["welcome"]->setValue($config["welcome"]);
    $model->addField("welcome_subtext", "", "INPUT_REQUIRED", "Untertitel der Willkommensnachricht");
    $model->fields["welcome_subtext"]->setValue($config["welcome_subtext"]);
    $model->addField("login_message", "", "INPUT_REQUIRED", "Willkommensnachricht vor dem Login");
    $model->fields["login_message"]->setValue($config["login_message"]);
    $model->addField("invite_email_text", "", "TEXTAREA", "Text der Einladungs-EMail");
    $model->fields["invite_email_text"]->setValue($config["invite_email_text"]);
    $model->addField("admin_message", "", "INPUT_OPTIONAL", "Admin-Nachricht auf Login- und Startseite z.B. f&uuml;r geplante Downtimes");
    $model->fields["admin_message"]->setValue(variable_get("admin_message", ""));
    if (!isset($config["site_startpage"])) {
        $config["site_startpage"] = "home";
    }
    $model->addField("site_startpage", "", "INPUT_REQUIRED", "Startseite beim Aufrufen von " . variable_get("site_name") . " (Standard ist <i>home</i>, m&ouml;glich ist z.B. churchwiki, churchcal)");
    $model->fields["site_startpage"]->setValue($config["site_startpage"]);
    $model->addField("site_mail", "", "EMAIL", "E-Mail-Adresse der Website (E-Mails werden von hier aus gesendet)");
    $model->fields["site_mail"]->setValue($config["site_mail"]);
    if (!isset($config["admin_mail"])) {
        $config["admin_mail"] = $config["site_mail"];
    }
    $model->addField("admin_mail", "", "EMAIL", "E-Mail-Adressen der Admins f&uuml;r Anfragen von Benutzern (Kommasepariert)");
    $model->fields["admin_mail"]->setValue($config["admin_mail"]);
    // Now iterate through each module for naming the module
    $modules = churchcore_getModulesSorted(false, true);
    foreach ($modules as $module) {
        $model->addField($module . "_name", "", "INPUT_OPTIONAL", "Name f&uuml;r <i>{$module}</i> (Bitte Feld leerlassen, wenn das Modul nicht ben&ouml;tigt wird)");
        $model->fields[$module . "_name"]->setValue(variable_get($module . "_name", ""));
    }
    $model->addField("max_uploadfile_size_kb", "", "INPUT_REQUIRED", "Maximale Upload-Dateigr&ouml;sse in Kilobytes (z.B. 10MB entsprechen hier ca. 10000)");
    $model->fields["max_uploadfile_size_kb"]->setValue($config["max_uploadfile_size_kb"]);
    $model->addField("cronjob_delay", "", "INPUT_REQUIRED", "Zeit in Sekunden zwischen automatischen Cronjob (0=kein automatischer Cron, sinnvolle Werte z.B. 3600)");
    $model->fields["cronjob_delay"]->setValue($config["cronjob_delay"]);
    $model->addField("timezone", "", "INPUT_REQUIRED", "Standard-Zeitzone. Z.b. Europe/Berlin");
    $model->fields["timezone"]->setValue($config["timezone"]);
    $model->addField("show_remember_me", "", "CHECKBOX", "Anzeige von <i>Zuk&uuml;nftig an mich erinnern</i> auf der Login-Seite");
    $model->fields["show_remember_me"]->setValue($config["show_remember_me"]);
    $model->addField("mail_enabled", "", "CHECKBOX", "Senden von E-Mails erlauben");
    $model->fields["mail_enabled"]->setValue($config["mail_enabled"]);
    $model->addField("site_offline", "", "CHECKBOX", "Seite offline schalten");
    $model->fields["site_offline"]->setValue($config["site_offline"]);
    $model->addButton("Speichern", "ok");
    $txtCommonForm = $model->render();
    // Now iterate through each module getting the admin forms
    $m = array();
    foreach ($modules as $module) {
        include_once constant(strtoupper($module)) . "/{$module}.php";
        if (function_exists($module . "_getAdminForm")) {
            $model = call_user_func($module . "_getAdminForm");
            if ($model != null) {
                $m[$module] = $model->render();
            }
        }
    }
    $txt = '<h1>' . t("settings.for", variable_get("site_name")) . '</h1><p>Der Administrator kann hier Einstellung vornehmen. Diese gelten f&uuml;r alle Benutzer, bitte vorsichtig anpassen!</p>';
    $txt .= '<div class="tabbable">';
    $txt .= '<ul class="nav nav-tabs">';
    $txt .= '<li class="active"><a href="#tab1" data-toggle="tab">' . t("general") . '</a></li>';
    foreach ($modules as $module) {
        if (isset($m[$module]) && isset($config[$module . "_name"]) && $config[$module . "_name"] != "") {
            $txt .= '<li><a href="#tab' . $module . '" data-toggle="tab">' . $config[$module . "_name"] . '</a></li>';
        }
    }
    $txt .= '</ul>';
    $txt .= '<div class="tab-content">';
    $txt .= '<div class="tab-pane active" id="tab1">';
    $txt .= $txtCommonForm;
    $txt .= '</div>';
    foreach ($modules as $module) {
        if (isset($m[$module])) {
            $txt .= '<div class="tab-pane" id="tab' . $module . '">';
            $txt .= $m[$module];
            $txt .= '</div>';
        }
    }
    $txt .= '</div></div>';
    return $txt;
}
function churchwiki__create()
{
    $model = new CTForm("EditHtml", "editHtml");
    $model->setHeader("Editieren eines Hilfeeintrages", "Hier kann die Hilfe editiert werden.");
    $model->addField("doc_id", "", "INPUT_REQUIRED", "Doc-Id");
    $model->addField("text", "", "TEXTAREA", "Text");
    if (isset($_GET["doc"])) {
        $model->fields["doc_id"]->setValue($_GET["doc"]);
        $res = db_query("select text from {cc_wiki} where doc_id=:doc_id", array(":doc_id" => $_GET["doc"]))->fetch();
        if ($res) {
            $res->text = preg_replace('/\\\\/', "", $res->text);
            $model->fields["text"]->setValue($res->text);
        }
    }
    $model->addButton("Speichern", "ok");
    return $model->render();
}
示例#7
0
/**
 * main function for admin
 *
 * @return string
 */
function admin_main()
{
    global $config;
    drupal_add_css(ASSETS . '/fileuploader/fileuploader.css');
    drupal_add_js(ASSETS . '/fileuploader/fileuploader.js');
    $form = new CTForm('AdminForm', 'admin_saveSettings');
    $form->addField('site_name', '', 'INPUT_REQUIRED', t('site.name'))->setValue($config['site_name']);
    $form->addField('site_logo', '', 'FILEUPLOAD', t('site.logo'))->setValue(getConf('site_logo'));
    $form->addField('welcome', '', 'INPUT_REQUIRED', t('welcome.message'))->setValue($config['welcome']);
    $form->addField('welcome_subtext', '', 'INPUT_REQUIRED', t('subtitle.welcome.message'))->setValue($config['welcome_subtext']);
    $form->addField('login_message', '', 'INPUT_REQUIRED', t('welcome.message.before.login'))->setValue($config['login_message']);
    $form->addField('invite_email_text', '', 'TEXTAREA', t('text.of.invitation.email'))->setValue($config['invite_email_text']);
    $form->addField('admin_message', '', 'INPUT_OPTIONAL', t('admin.message.on.home.and.login.pages.for.planned.downtimes'))->setValue(getConf('admin_message', ''));
    if (!isset($config['site_startpage'])) {
        $config['site_startpage'] = 'home';
    }
    $form->addField('site_startpage', '', 'INPUT_REQUIRED', t('startpage.for.siteX.standard.is.y', getConf('site_name'), '<i>home</i>'))->setValue($config['site_startpage']);
    $form->addField('site_mail', '', 'EMAIL', t('emailaddress.for.site.as.sender.for.emails'))->setValue($config['site_mail']);
    $form->addField('admin_mail', '', 'EMAIL', t('admin.emails.for.user.requests'))->setValue(isset($config['admin_mail']) ? $config['admin_mail'] : $config['site_mail']);
    // iterate through modules for naming them
    $modules = churchcore_getModulesSorted(false, true);
    foreach ($modules as $module) {
        $form->addField($module . '_name', '', 'INPUT_OPTIONAL', t('name.for.moduleX.keep.empty.to.deactivate', "<i>{$module}</i>"))->setValue(getConf($module . '_name', ''));
    }
    $form->addField('max_uploadfile_size_kb', '', 'INPUT_REQUIRED', t('max.upload.size.in.kb'))->setValue($config['max_uploadfile_size_kb']);
    $form->addField('cronjob_delay', '', 'INPUT_REQUIRED', t('time.in.seconds.beetwen.cronjobs.with.explanation'))->setValue($config['cronjob_delay']);
    $form->addField('timezone', '', 'INPUT_REQUIRED', t('standard.timezone.like.europe.berlin'))->setValue($config['timezone']);
    $form->addField('show_remember_me', '', 'CHECKBOX', t('show.remember.me.on.login.page', '<i>' . t('remember.me') . '</i>'))->setValue($config['show_remember_me']);
    $form->addField('mail_enabled', '', 'CHECKBOX', t('enable.sending.emails'))->setValue($config['mail_enabled']);
    $form->addField('site_offline', '', 'CHECKBOX', t('disable.site'))->setValue($config['site_offline']);
    $form->addButton(t('save'), 'ok');
    $txtCommonForm = $form->render(false);
    // iterate through modules getting the admin forms
    $m = array();
    foreach ($modules as $module) {
        include_once constant(strtoupper($module)) . "/{$module}.php";
        if (function_exists($module . "_getAdminForm")) {
            $form = call_user_func($module . "_getAdminForm");
            if ($form) {
                $m[$module] = $form->render();
            }
        }
    }
    $txt = '<h1>' . t("settings.for", getConf("site_name")) . '</h1>
      <p>' . t('admin.settings.info.text') . '</p>
      <div class="tabbable">
        <ul class="nav nav-tabs">
          <li class="active"><a href="#tab1" data-toggle="tab">' . t("general") . '</a></li>';
    foreach ($modules as $module) {
        if (isset($m[$module]) && getConf($module . "_name")) {
            $txt .= '
          <li><a href="#tab' . $module . '" data-toggle="tab">' . getConf($module . "_name") . '</a></li>';
        }
    }
    $txt .= '
        </ul>
        <div class="tab-content">
        <div class="tab-pane active" id="tab1">' . $txtCommonForm . '</div>';
    foreach ($modules as $module) {
        if (isset($m[$module])) {
            $txt .= '<div class="tab-pane" id="tab' . $module . '">' . $m[$module] . '</div>';
        }
    }
    $txt .= '</div></div>';
    return $txt;
}
示例#8
0
/**
 *
 * @return string
 */
function churchwiki__create()
{
    $form = new CTForm("EditHtml", "editHtml");
    // TODO: help entry or better wiki entry?
    $form->setHeader(t('edit.help.entry'), t('edit.help.entry.subtitle'));
    $form->addField("doc_id", "", "INPUT_REQUIRED", "Doc-Id");
    $form->addField("text", "", "TEXTAREA", "Text");
    if ($doc = urldecode(getVar("doc"))) {
        $form->fields["doc_id"]->setValue($doc);
        $res = db_query("SELECT text FROM {cc_wiki}\n                     WHERE doc_id=:doc_id", array(":doc_id" => $doc))->fetch();
        if ($res) {
            $res->text = preg_replace('/\\\\/', "", $res->text);
            $form->fields["text"]->setValue($res->text);
        }
    }
    $form->addButton(t('save'), t('ok'));
    return $form->render();
}