/**
* Return project messages
*
* @access public
* @param void
* @return array
*/
function index()
{
$this->addHelper('textile');
$page = (int) array_var($_GET, 'page', 1);
if ($page < 0) {
$page = 1;
}
$this->canGoOn();
// Gets desired view 'detail' or 'list'
// $view_type is from URL, Cookie or set to default: 'list'
$view_type = array_var($_GET, 'view', Cookie::getValue('messagesViewType', 'list'));
$expiration = Cookie::getValue('remember' . TOKEN_COOKIE_NAME) ? REMEMBER_LOGIN_LIFETIME : null;
Cookie::setValue('messagesViewType', $view_type, $expiration);
$period_type = array_var($_GET, 'period', Cookie::getValue('messagesPeriodType', 'fresh'));
$expiration = Cookie::getValue('remember' . TOKEN_COOKIE_NAME) ? REMEMBER_LOGIN_LIFETIME : null;
Cookie::setValue('messagesPeriodType', $period_type, $expiration);
/*
extended the time that project pier auto archives
*/
$archive_condition = ' AND `updated_on` >= (now() - interval 990 day)';
if ($period_type == 'archive') {
$archive_condition = ' AND `updated_on` < (now() - interval 990 day)';
}
$conditions = logged_user()->isMemberOfOwnerCompany() ? array('`project_id` = ?' . $archive_condition, active_project()->getId()) : array('`project_id` = ? AND `is_private` = ?' . $archive_condition, active_project()->getId(), 0);
list($messages, $pagination) = ProjectMessages::paginate(array('conditions' => $conditions, 'order' => '`created_on` DESC'), config_option('messages_per_page', 10), $page);
// paginate
tpl_assign('view_type', $view_type);
tpl_assign('period_type', $period_type);
tpl_assign('messages', $messages);
tpl_assign('messages_pagination', $pagination);
tpl_assign('important_messages', active_project()->getImportantMessages());
$this->setSidebar(get_template_path('index_sidebar', 'message'));
}
public function testCookie()
{
$cookie = new Cookie('DNR=deleted; expires=Tue, 24-Dec-2013 11:39:14 GMT; path=/; domain=.www.yahoo.com');
$this->assertEquals('DNR', $cookie->getName());
$this->assertEquals('deleted', $cookie->getValue());
$this->assertEquals(date('r', strtotime('Tue, 24-Dec-2013 11:39:14 GMT')), $cookie->getExpires()->format('r'));
$this->assertEquals('/', $cookie->getPath());
$this->assertEquals('www.yahoo.com', $cookie->getDomain());
}
/**
* Edit logged user password
*
* @access public
* @param void
* @return null
*/
function edit_password()
{
$user = Contacts::findById(get_id());
if (!($user instanceof Contact && $user->isUser()) || $user->getDisabled()) {
flash_error(lang('user dnx'));
ajx_current("empty");
return;
}
// if
if (!$user->canUpdateProfile(logged_user())) {
flash_error(lang('no access permissions'));
ajx_current("empty");
return;
}
// if
$redirect_to = array_var($_GET, 'redirect_to');
if (trim($redirect_to) == '' || !is_valid_url($redirect_to)) {
$redirect_to = $user->getCardUserUrl();
}
// if
tpl_assign('redirect_to', null);
$password_data = array_var($_POST, 'password');
tpl_assign('user', $user);
if (is_array($password_data)) {
$old_password = array_var($password_data, 'old_password');
$new_password = array_var($password_data, 'new_password');
$new_password_again = array_var($password_data, 'new_password_again');
try {
if (!logged_user()->isAdminGroup()) {
if (trim($old_password) == '') {
throw new Error(lang('old password required'));
}
// if
if (!$user->isValidPassword($old_password)) {
throw new Error(lang('invalid old password'));
}
// if
}
// if
if (trim($new_password) == '') {
throw new Error(lang('password value required'));
}
// if
if ($new_password != $new_password_again) {
throw new Error(lang('passwords dont match'));
}
// if
$user_password = new ContactPassword();
$user_password->setContactId(get_id());
$user_password->password_temp = $new_password;
$user_password->setPasswordDate(DateTimeValueLib::now());
$user_password->setPassword(cp_encrypt($new_password, $user_password->getPasswordDate()->getTimestamp()));
$user_password->save();
$user->setPassword($new_password);
$user->setUpdatedOn(DateTimeValueLib::now());
$user->save();
if ($user->getId() == logged_user()->getId()) {
CompanyWebsite::instance()->logUserIn($user, Cookie::getValue("remember", 0));
}
ApplicationLogs::createLog($user, ApplicationLogs::ACTION_EDIT);
flash_success(lang('success edit user', $user->getUsername()));
ajx_current("back");
} catch (Exception $e) {
DB::rollback();
ajx_current("empty");
flash_error($e->getMessage());
}
// try
}
// if
}
/**
* This function will use session ID from session or cookie and if presend log user
* with that ID. If not it will simply break.
*
* When this function uses session ID from cookie the whole process will be treated
* as new login and users last login time will be set to current time.
*
* @access public
* @param void
* @return boolean
*/
private function initLoggedUser()
{
$user_id = Cookie::getValue('id' . TOKEN_COOKIE_NAME);
$twisted_token = Cookie::getValue(TOKEN_COOKIE_NAME);
$remember = (bool) Cookie::getValue('remember' . TOKEN_COOKIE_NAME, false);
if (empty($user_id) || empty($twisted_token)) {
return false;
// we don't have a user
}
// if
$user = Users::findById($user_id);
if (!$user instanceof User) {
return false;
// failed to find user
}
// if
if (!$user->isValidToken($twisted_token)) {
return false;
// failed to validate token
}
// if
$session_expires = $user->getLastActivity()->advance(SESSION_LIFETIME, false);
if (DateTimeValueLib::now()->getTimestamp() < $session_expires->getTimestamp()) {
$this->setLoggedUser($user, $remember, true);
} else {
$this->logUserIn($user, $remember);
}
// if
}
/**
* This function will use session ID from session or cookie and if presend log user
* with that ID. If not it will simply break.
*
* When this function uses session ID from cookie the whole process will be treated
* as new login and users last login time will be set to current time.
*
* @access public
* @param void
* @return boolean
*/
private function initLoggedUser()
{
//Hack for API Auth & Magic login!
if (isset($_REQUEST['auth']) && !empty($_REQUEST['auth']) || array_var($_REQUEST, 'm') == "login") {
if (array_var($_REQUEST, 'm') != "login") {
$contact = Contacts::findAll(array("conditions" => "`token` = '" . $_REQUEST['auth'] . "'"));
$contact = $contact[0];
} else {
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
if (preg_match(EMAIL_FORMAT, $username)) {
$contact = Contacts::getByEmail($username);
} else {
$contact = Contacts::getByUsername($username);
}
if ($contact) {
if (!$contact->isValidPassword($password)) {
die('API Response: Invalid password.');
}
} else {
die('API Response: Invalid username.');
}
}
if ($contact instanceof Contact) {
$this->logUserIn($contact, false);
if (array_var($_REQUEST, 'm') == "login") {
$temp = array('token' => $contact->getToken(), 'username' => $contact->getUsername(), 'user_id' => $contact->getId(), 'company' => owner_company()->getName());
echo json_encode($temp);
exit;
}
} else {
die('API Response: Invalid authorization code.');
}
}
$user_id = Cookie::getValue('id');
$twisted_token = Cookie::getValue('token');
$remember = (bool) Cookie::getValue('remember', false);
if (empty($user_id) || empty($twisted_token)) {
return false;
// we don't have a user
}
// if
$user = Contacts::findById($user_id);
if (!$user instanceof Contact) {
return false;
// failed to find user
}
// if
if (!$user->isValidToken($twisted_token)) {
return false;
// failed to validate token
}
// if
$last_act = $user->getLastActivity();
if ($last_act instanceof DateTimeValue) {
$session_expires = $last_act->advance(SESSION_LIFETIME, false);
}
if (!$last_act instanceof DateTimeValue || $session_expires != null && DateTimeValueLib::now()->getTimestamp() < $session_expires->getTimestamp()) {
$this->setLoggedUser($user, $remember, true);
} else {
$this->logUserIn($user, $remember);
}
// if
}
/**
* Log out user
*
* @access public
* @param void
* @return null
*/
function logUserOut()
{
$this->logged_user = null;
Cookie::unsetValue('id');
Cookie::unsetValue('token');
Cookie::unsetValue('remember');
//check if thers a cross domain cookie
$user_id = Cookie::getValue('idCross');
$twisted_token = Cookie::getValue('tokenCross');
if (!empty($user_id) || !empty($twisted_token)) {
$local_domain = parse_url(ROOT_URL, PHP_URL_HOST);
if (($pos = strpos($local_domain, '.')) !== false) {
$local_domain = substr($local_domain, $pos);
}
$domain = defined('COOKIE_CROSS_DOMAIN') ? COOKIE_CROSS_DOMAIN : $local_domain;
//croos
Cookie::setValue('idCross', false, null, $domain);
Cookie::setValue('tokenCross', false, null, $domain);
//local
Cookie::unsetValue('idCross');
Cookie::unsetValue('tokenCross');
}
if (session_id() != "") {
@session_destroy();
}
}
/**
* This function will use session ID from session or cookie and if presend log user
* with that ID. If not it will simply break.
*
* When this function uses session ID from cookie the whole process will be treated
* as new login and users last login time will be set to current time.
*
* @access public
* @param void
* @return boolean
*/
private function initLoggedUser()
{
trace(__FILE__, 'initLoggedUser()');
$user_id = Cookie::getValue('id' . TOKEN_COOKIE_NAME);
$twisted_token = Cookie::getValue(TOKEN_COOKIE_NAME);
$remember = (bool) Cookie::getValue('remember' . TOKEN_COOKIE_NAME, false);
$controller = array_var($_GET, 'c');
// needed to check for RSS feed
if (empty($user_id) || empty($twisted_token)) {
trace(__FILE__, "initLoggedUser():end, user_id={$user_id}, twisted_token={$twisted_token} session_lifetime=" . SESSION_LIFETIME);
return false;
// we don't have a user
}
// if
$user = Users::findById($user_id);
if (!$user instanceof User) {
trace(__FILE__, "initLoggedUser():end, user_id={$user_id}, not found in database");
return false;
// failed to find user
}
// if
if (!$user->isValidToken($twisted_token)) {
trace(__FILE__, "initLoggedUser():end, user_id={$user_id}, twisted_token={$twisted_token} invalid token");
return false;
// failed to validate token
}
// if
if ($controller == 'feed') {
$this->setLoggedUser($user, $remember, false);
} else {
$session_expires = $user->getLastActivity()->advance(SESSION_LIFETIME, false);
if (DateTimeValueLib::now()->getTimestamp() < $session_expires->getTimestamp()) {
trace(__FILE__, 'initLoggedUser(): session not expired');
$this->setLoggedUser($user, $remember, true);
} else {
trace(__FILE__, 'initLoggedUser(): session expired');
$this->logUserIn($user, $remember);
}
// if
}
// if
}
/**
* Shows weekly schedule in a calendar view
*
* @param void
* @return null
*/
function weekly_schedule()
{
$this->addHelper('textile');
// Gets desired view 'detail', 'list' or 'calendar'
// $view_type is from URL, Cookie or set to default: 'calendar'
$view_type = array_var($_GET, 'view', Cookie::getValue('weeklyScheduleViewType', 'calendar'));
$expiration = Cookie::getValue('remember' . TOKEN_COOKIE_NAME) ? REMEMBER_LOGIN_LIFETIME : null;
Cookie::setValue('weeklyScheduleViewType', $view_type, $expiration);
$monthYear = array_var($_GET, 'month');
if (!isset($monthYear) || trim($monthYear) == '' || preg_match('/^(\\d{4})(\\d{2})$/', $monthYear, $matches) == 0) {
$year = gmdate('Y');
$month = gmdate('m');
} else {
list(, $year, $month) = $matches;
}
// TODO make first day of week configurable
$from_date = DateTimeValueLib::makeFromString('monday' . (date('w') == 1 ? '' : ' last week'));
$to_date = $from_date->advance(60 * 60 * 24 * 7 * 3, false);
// +3 weeks
$upcoming_milestones = ProjectMilestones::getActiveMilestonesInPeriodByUser(logged_user(), $from_date, $to_date);
$upcoming_tickets = array();
if (plugin_active('tickets')) {
$upcoming_tickets = ProjectTickets::getOpenTicketsInPeriodByUser(logged_user(), $from_date, $to_date);
}
$active_projects = array();
$projects_index = array();
$counter = 1;
if (is_array($upcoming_milestones)) {
foreach ($upcoming_milestones as $milestone) {
if (!isset($projects_index[$milestone->getProjectId()])) {
$projects_index[$milestone->getProjectId()] = $counter;
$active_projects[] = $milestone->getProject();
$counter++;
}
// if
}
// foreach
}
// if
if (is_array($upcoming_tickets)) {
foreach ($upcoming_tickets as $ticket) {
if (!isset($projects_index[$ticket->getProjectId()])) {
$projects_index[$ticket->getProjectId()] = $counter;
$active_projects[] = $ticket->getProject();
$counter++;
}
// if
}
// foreach
}
// if
tpl_assign('from_date', $from_date);
tpl_assign('to_date', $to_date);
tpl_assign('view_type', $view_type);
tpl_assign('upcoming_tickets', $upcoming_tickets);
tpl_assign('late_tickets', array());
// logged_user()->getLateTickets());
tpl_assign('upcoming_milestones', $upcoming_milestones);
tpl_assign('late_milestones', array());
// logged_user()->getLateMilestones());
tpl_assign('projects', $active_projects);
tpl_assign('projects_index', $projects_index);
}
/**
* Return project tickets
*
* @access public
* @param void
* @return array
*/
function index()
{
$page = (int) array_var($_GET, 'page', 1);
if ($page < 0) {
$page = 1;
}
$this->canGoOn();
$params = array();
$params['sort_by'] = array_var($_GET, 'sort_by', Cookie::getValue('ticketsSortBy', 'id'));
$expiration = Cookie::getValue('remember' . TOKEN_COOKIE_NAME) ? REMEMBER_LOGIN_LIFETIME : null;
Cookie::setValue('ticketsSortBy', $params['sort_by'], $expiration);
$conditions = DB::prepareString('`project_id` = ?', array(active_project()->getId()));
if ($params['status'] = array_var($_GET, 'status')) {
$conditions .= DB::prepareString(' AND `state` IN (?)', array(explode(',', $params['status'])));
}
// if
if ($params['priority'] = array_var($_GET, 'priority')) {
$conditions .= DB::prepareString(' AND `priority` IN (?)', array(explode(',', $params['priority'])));
}
// if
if ($params['type'] = array_var($_GET, 'type')) {
$conditions .= DB::prepareString(' AND `type` IN (?)', array(explode(',', $params['type'])));
}
// if
if ($params['category_id'] = array_var($_GET, 'category_id')) {
$conditions .= DB::prepareString(' AND `category_id` IN (?)', array(explode(',', $params['category_id'])));
}
// if
if ($params['assigned_to_user_id'] = array_var($_GET, 'assigned_to_user_id')) {
$conditions .= DB::prepareString(' AND `assigned_to_user_id` IN (?)', array(explode(',', $params['assigned_to_user_id'])));
}
// if
if ($params['created_by_id'] = array_var($_GET, 'created_by_id')) {
$conditions .= DB::prepareString(' AND `created_by_id` IN (?)', array(explode(',', $params['created_by_id'])));
}
// if
$params['order'] = array_var($_GET, 'order') != 'DESC' ? 'ASC' : 'DESC';
$filtered = $params['status'] != "" || $params['priority'] != "" || $params['type'] != "" || $params['category_id'] != "" || $params['assigned_to_user_id'] != "" || $params['created_by_id'] != "";
// Clean up empty and malformed parameters
foreach ($params as $key => $value) {
$value = preg_replace("/,+/", ",", $value);
// removes multiple commas
$value = preg_replace("/^,?(.*),?\$/", "\$1", $value);
// removes commas at both ends
$params[$key] = $value;
if ($value == "") {
unset($params[$key]);
// deletes empty keys
}
// if
}
// foreach
$order = '`' . $params['sort_by'] . '` ' . $params['order'] . '';
if (!logged_user()->isMemberOfOwnerCompany()) {
$conditions .= DB::prepareString(' AND `is_private` = ?', array(0));
}
// if
list($tickets, $pagination) = ProjectTickets::paginate(array('conditions' => $conditions, 'order' => $order), config_option('tickets_per_page', 25), $page);
// paginate
tpl_assign('filtered', $filtered);
tpl_assign('params', $params);
tpl_assign('grouped_users', active_project()->getUsers(true));
tpl_assign('categories', ProjectCategories::getProjectCategories(active_project()));
tpl_assign('tickets', $tickets);
tpl_assign('tickets_pagination', $pagination);
$this->setSidebar(get_template_path('index_sidebar', 'tickets'));
}
/**
* Show calendar view milestone page
*
* @access public
* @param void
* @return null
*/
function calendar()
{
$this->addHelper('textile');
$project = active_project();
$id = get_id();
if (strlen($id) == 0) {
$id = gmdate('Ym');
}
if (preg_match('/^(\\d{4})(\\d{2})$/', $id, $matches)) {
list(, $year, $month) = $matches;
tpl_assign('year', $year);
tpl_assign('month', $month);
} else {
flash_error(lang('id missing'));
$this->redirectToReferer(get_url('milestone', 'index'));
}
$view_type = array_var($_GET, 'view', Cookie::getValue('milestonesViewType', 'list'));
$expiration = Cookie::getValue('remember' . TOKEN_COOKIE_NAME) ? REMEMBER_LOGIN_LIFETIME : null;
Cookie::setValue('milestonesViewType', $view_type, $expiration);
tpl_assign('view_type', $view_type);
tpl_assign('milestones', $project->getMilestonesByMonth($year, $month));
tpl_assign('task_lists', $project->getTaskListsByMonth($year, $month));
}
/**
* Create cookie.
*/
public function set(Cookie $cookie)
{
return setcookie($cookie->getName(), $cookie->getValue(), $cookie->getTime(), $cookie->getPath(), $cookie->getDomain(), $cookie->getSecure(), true);
}
private function assertCookieNameAndValue(Cookie $cookie, $expectedName, $expectedValue)
{
$this->assertEquals($expectedName, $cookie->getName());
$this->assertEquals($expectedValue, $cookie->getValue());
}
/**
* This function will use session ID from session or cookie and if presend log user
* with that ID. If not it will simply break.
*
* When this function uses session ID from cookie the whole process will be treated
* as new login and users last login time will be set to current time.
*
* @access public
* @param void
* @return boolean
*/
private function initLoggedUser()
{
$user_id = Cookie::getValue('id');
$twisted_token = Cookie::getValue('token');
$cn = Cookie::getValue('cn');
$remember = (bool) Cookie::getValue('remember', false);
if (empty($user_id) || empty($twisted_token)) {
return false;
// we don't have a user
}
// if
// check the cache if available
$user = null;
if (GlobalCache::isAvailable()) {
$user = GlobalCache::get('logged_user_' . $user_id, $success);
}
if (!$user instanceof User) {
$user = Users::findById($user_id);
// Update cache if available
if ($user instanceof User && GlobalCache::isAvailable()) {
GlobalCache::update('logged_user_' . $user->getId(), $user);
}
}
if (!$user instanceof User) {
return false;
// failed to find user
}
// if
if (!$user->isValidToken($twisted_token)) {
return false;
// failed to validate token
}
// if
if (!($cn == md5(array_var($_SERVER, 'REMOTE_ADDR', "")))) {
return false;
// failed to check ip address
}
// if
$last_act = $user->getLastActivity();
if ($last_act) {
$session_expires = $last_act->advance(SESSION_LIFETIME, false);
}
if (!$last_act || $session_expires != null && DateTimeValueLib::now()->getTimestamp() < $session_expires->getTimestamp()) {
$this->setLoggedUser($user, $remember, true);
} else {
$this->logUserIn($user, $remember);
}
// if
//$this->selected_project = $user->getPersonalProject();
}