* You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * * For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. * */ if (($RBAC_Response = $RBAC->userCanAccess("PM_SETUP")) != 1) { return $RBAC_Response; } $G_ENABLE_BLANK_SKIN = true; $uid = $_SESSION['USER_LOGGED']; $dbc = new DBConnection(); $ses = new DBSession($dbc); G::LoadClass('templateTable'); $query = $ses->execute('select USR_COUNTRY ,USR_CITY ,USR_LOCATION from USER where UID = "' . $uid . '"'); $param = $query->read(); $city = $param['USR_CITY']; $query = $ses->execute('SELECT UID,CAPTION FROM TERRITORY WHERE TERRITORY="LOCATION" AND RELATION="' . $city . '"'); /* $table=new templateTable('list_template.html','DIV_LOCATIONS'); $table->formatTitleCol(0,'width="80%"'); $table->formatTitleCol(1,'align="center"'); $table->formatCol(0,'width="80%" '); $table->formatCol(1,'align="center"'); $table->addTitle(array(G::LoadTranslation('ID_LOCATION'),'')); for($r=0;$r<$query->count();$r++) { $row=$query->read(); $vrow=array($row['CAPTION']);
} else { $ntarget = gethostbyaddr($target); } $msg .= $ntarget; return $msg; } $G_MAIN_MENU = 'rbac.login'; $G_MENU_SELECTED = 1; if (file_exists(PATH_METHODS . 'login/version-rbac.php')) { include 'version-rbac.php'; } else { define('RBAC_VERSION', 'Development Version'); } $dbc = new DBConnection(DB_HOST, DB_RBAC_USER, DB_RBAC_PASS, DB_RBAC_NAME); $ses = new DBSession($dbc); $dset = $ses->execute('SELECT VERSION() AS VERSION '); $row = $dset->Read(); if (getenv('HTTP_CLIENT_IP')) { $ip = getenv('HTTP_CLIENT_IP'); } elseif (getenv('HTTP_X_FORWARDED_FOR')) { $ip = getenv('HTTP_X_FORWARDED_FOR'); } else { $ip = getenv('REMOTE_ADDR'); } if (file_exists('/etc/redhat-release')) { $fnewsize = filesize('/etc/redhat-release'); $fp = fopen('/etc/redhat-release', 'r'); $redhat = fread($fp, $fnewsize); fclose($fp); } $Fields = $dbc->db->dsn;
* Coral Gables, FL, 33134, USA, or email info@colosa.com. */ if (($RBAC_Response = $RBAC->userCanAccess("PM_FACTORY")) != 1) { return $RBAC_Response; //G::genericForceLogin( 'WF_MYINFO' , 'login/noViewPage', $urlLogin = '******' ); } G::LoadInclude('ajax'); G::LoadClass('dynaform'); G::LoadClass('xmlDb'); $dbc = new DBConnection(); $ses = new DBSession($dbc); //$dynaform = new dynaform( $dbc ); if ($_POST['form']['DYN_UID'] === '') { unset($_POST['form']['DYN_UID']); } $Fields = $_POST['form']; if (!isset($Fields['DYN_UID'])) { return; } $file = G::decrypt($Fields['A'], URL_KEY); $Fields['DYN_FILENAME'] = strcasecmp(substr($file, -5), '_tmp0') == 0 ? substr($file, 0, strlen($file) - 5) : $file; $_SESSION['CURRENT_DYNAFORM'] = $Fields; //$dynaform->Save( $Fields ); $dbc2 = new DBConnection(PATH_DYNAFORM . $file . '.xml', '', '', '', 'myxml'); $ses2 = new DBSession($dbc2); if (!isset($Fields['ENABLETEMPLATE'])) { $Fields['ENABLETEMPLATE'] = "0"; } $ses2->execute(G::replaceDataField("UPDATE . SET WIDTH = @@WIDTH WHERE XMLNODE_NAME = 'dynaForm' ", $Fields)); $ses2->execute(G::replaceDataField("UPDATE . SET ENABLETEMPLATE = @@ENABLETEMPLATE WHERE XMLNODE_NAME = 'dynaForm' ", $Fields)); $ses2->execute(G::replaceDataField("UPDATE . SET MODE = @@MODE WHERE XMLNODE_NAME = 'dynaForm' ", $Fields));
function searchText($searchText) { global $_SESSION; global $RBAC; $curAuthSource = $_SESSION['CURRENT_AUTH_SOURCE']; $dbc = new DBConnection(DB_HOST, DB_RBAC_USER, DB_RBAC_PASS, DB_RBAC_NAME); $tpl = new TemplatePower(PATH_TPL . 'authListUsers.html'); $tpl->prepare(); $tpl->assign("STYLE_CSS", defined('STYLE_CSS') ? STYLE_CSS : 'simple'); $tpl->assign("title", 'Search Results'); //authentication source G::LoadClassRBAC('authentication'); $obj = new authenticationSource(); $obj->SetTo($dbc); $data = $obj->searchUsers($curAuthSource, $searchText); if ($data['codError'] == 0 && isset($data['rows']) && !is_array($data['rows'])) { $tpl->newBlock("empty-rows"); $tpl->assign("title", 'Search Results'); $tpl->assign("empty-rows-text", 'no records found'); $tpl->printToScreen(); die; } if ($data['codError'] != 0) { $tpl->newBlock("error"); $tpl->assign("title", 'Log Error'); $tpl->assign("text", "<font color='Red'>" . $data['rows'] . "</font>"); $tpl->printToScreen(); die; } //build the options to create...an user, list the applications and their roles.. $ses = new DBSession($dbc); $ses2 = new DBSession($dbc); $dset = $ses->execute("SELECT * from APPLICATION where APP_CODE != 'RBAC' "); $appRow = $dset->Read(); $checkboxs = "<br><input type='checkbox' @@disabled name='C-@@Y' id='C-@@Y' onclick='emptyDropdowns( \"@@X\");' ><input type='hidden' name='H-@@Y' id='H-@@Y' value='@@X' ><input type='hidden' name='E-@@Y' id='E-@@Y' value='' >"; $inputs = "<div id='D-@@Y'>@@validuser</div><input type='text' name='T-@@Y' id='T-@@Y' value=\"@@Z\" onchange='verifyUserName ( this, \"@@Y\" );' size='14' maxlength='16'> "; $options = "<table cellpadding='0' cellspacing='0'><tr>"; $options .= ""; while (is_array($appRow)) { $appid = $appRow['UID']; $selectId = 'S-@@Y-' . $appid; $dset2 = $ses2->execute('SELECT * from ROLE where ROL_APPLICATION = ' . $appid); $rolRow = $dset2->Read(); $selectEnabled = false; if (is_array($rolRow)) { $options .= '<td>' . $appRow['APP_CODE'] . '<br>'; $options .= "<select name='{$selectId}' id='{$selectId}' @@disabled onchange='flipCheckbox( \"@@Y\");' >\n"; $options .= "<option value='0'>select a Role</option>"; $selectEnabled = true; } while (is_array($rolRow)) { $options .= "<option value='" . $rolRow['UID'] . "'>" . $rolRow['ROL_CODE'] . "</option>"; $rolRow = $dset2->Read(); } if ($selectEnabled) { $options .= "</select>\n<td>"; } $appRow = $dset->Read(); } $options .= '</tr></table>'; $i = 0; if (isset($data['rows'])) { foreach ($data['rows'] as $row) { $tpl->newBlock("users"); if (++$i % 2 == 0) { $tpl->assign("class", 'Row2'); } else { $tpl->assign("class", 'Row1'); } $tpl->assign("index", $i); $tpl->assign("dn", $row['dn']); $tpl->assign("name", $row['attr']['givenName']); $tpl->assign("lastname", $row['attr']['sn']); $tpl->assign("fullname", $row['attr']['cn']); $tpl->assign("email", $row['attr']['mail']); $tpl->assign("uid", $row['attr']['uid']); //verificar uid $userid = $row['attr']['uid']; $res = $RBAC->UserNameRepetido(0, $userid); $input = str_replace('@@Z', $userid, str_replace('@@X', $row['dn'], str_replace('@@Y', $i, $inputs))); $input = str_replace('@@validuser', $res == 0 ? "<font color='green'>valid user</font>" : "<font color='red'>user already used</font>", $input); $checkbox = str_replace('@@X', $row['dn'], str_replace('@@Y', $i, $checkboxs)); $checkbox = str_replace('@@disabled', $res != 0 ? 'disabled' : '', $checkbox); $option = str_replace('@@X', $row['dn'], str_replace('@@Y', $i, $options)); // $option = str_replace ( '@@disabled', ( $res <> 0 ? 'disabled' : ''), $option ); $tpl->assign("checkbox", $checkbox); $tpl->assign("input", $input); $tpl->assign("options", $option); } } $tpl->gotoBlock("_ROOT"); $tpl->newBlock("start-users"); $tpl->assign("dummy", 'dummy'); $tpl->gotoBlock("_ROOT"); $tpl->newBlock("end-users"); $tpl->assign("dummy", 'dummy'); $tpl->printToScreen(); }
/** * execute a xml query * * @param &$owner reference of owner * @param $row * @return $result array of results */ private function executeXmlDB(&$owner, $row = -1) { if (!$this->sqlConnection) { $dbc = new DBConnection(); } else { if (defined('DB_' . $this->sqlConnection . '_USER')) { if (defined('DB_' . $this->sqlConnection . '_HOST')) { eval('$res[\'DBC_SERVER\'] = DB_' . $this->sqlConnection . '_HOST;'); } else { $res['DBC_SERVER'] = DB_HOST; } if (defined('DB_' . $this->sqlConnection . '_USER')) { eval('$res[\'DBC_USERNAME\'] = DB_' . $this->sqlConnection . '_USER;'); } if (defined('DB_' . $this->sqlConnection . '_PASS')) { eval('$res[\'DBC_PASSWORD\'] = DB_' . $this->sqlConnection . '_PASS;'); } else { $res['DBC_PASSWORD'] = DB_PASS; } if (defined('DB_' . $this->sqlConnection . '_NAME')) { eval('$res[\'DBC_DATABASE\'] = DB_' . $this->sqlConnection . '_NAME;'); } else { $res['DBC_DATABASE'] = DB_NAME; } if (defined('DB_' . $this->sqlConnection . '_TYPE')) { eval('$res[\'DBC_TYPE\'] = DB_' . $this->sqlConnection . '_TYPE;'); } else { $res['DBC_TYPE'] = defined('DB_TYPE') ? DB_TYPE : 'mysql'; } $dbc = new DBConnection($res['DBC_SERVER'], $res['DBC_USERNAME'], $res['DBC_PASSWORD'], $res['DBC_DATABASE'], $res['DBC_TYPE']); } else { $dbc0 = new DBConnection(); $dbs0 = new DBSession($dbc0); $res = $dbs0->execute("select * from DB_CONNECTION WHERE DBC_UID=" . $this->sqlConnection); $res = $res->read(); $dbc = new DBConnection($res['DBC_SERVER'], $res['DBC_USERNAME'], $res['DBC_PASSWORD'], $res['DBC_DATABASE']); } } $query = G::replaceDataField($this->sql, $owner->values); $dbs = new DBSession($dbc); $res = $dbs->execute($query); $result = array(); while ($row = $res->Read()) { $result[] = $row; } return $result; }
/** * Function prepareQuery * @author David S. Callizaya S. <*****@*****.**> * @access public * @return string */ function prepareQuery() { //DBConnection if (!$this->sqlConnection) { $this->dbc = new DBConnection(); } else { if (defined('DB_' . $this->sqlConnection . '_USER')) { if (defined('DB_' . $this->sqlConnection . '_HOST')) { eval('$res[\'DBC_SERVER\'] = DB_' . $this->sqlConnection . '_HOST;'); } else { $res['DBC_SERVER'] = DB_HOST; } if (defined('DB_' . $this->sqlConnection . '_USER')) { eval('$res[\'DBC_USERNAME\'] = DB_' . $this->sqlConnection . '_USER;'); } if (defined('DB_' . $this->sqlConnection . '_PASS')) { eval('$res[\'DBC_PASSWORD\'] = DB_' . $this->sqlConnection . '_PASS;'); } else { $res['DBC_PASSWORD'] = DB_PASS; } if (defined('DB_' . $this->sqlConnection . '_NAME')) { eval('$res[\'DBC_DATABASE\'] = DB_' . $this->sqlConnection . '_NAME;'); } else { $res['DBC_DATABASE'] = DB_NAME; } if (defined('DB_' . $this->sqlConnection . '_TYPE')) { eval('$res[\'DBC_TYPE\'] = DB_' . $this->sqlConnection . '_TYPE;'); } else { $res['DBC_TYPE'] = defined('DB_TYPE') ? DB_TYPE : 'mysql'; } $this->dbc = new DBConnection($res['DBC_SERVER'], $res['DBC_USERNAME'], $res['DBC_PASSWORD'], $res['DBC_DATABASE'], $res['DBC_TYPE']); } else { $dbc = new DBConnection(); $dbs = new DBSession($dbc); $res = $dbs->execute("select * from DB_CONNECTION WHERE DBC_UID=" . $this->sqlConnection); $res = $res->read(); $this->dbc = new DBConnection($res['DBC_SERVER'], $res['DBC_USERNAME'], $res['DBC_PASSWORD'], $res['DBC_DATABASE']); } } $this->ses = new DBSession($this->dbc); //Query //Filter if (is_array($this->filter)) { $filterFields = $this->filter; } else { parse_str($this->filter, $filterFields); } $this->aFilter = $filterFields; $filter = ''; foreach ($filterFields as $field => $like) { if ($like != '') { if ($filter !== '') { $filter .= ' AND '; } if (isset($this->filterType[$field])) { switch ($this->filterType[$field]) { case '=': $filter .= $field . ' = "' . mysql_real_escape_string($like) . '"'; break; case '<>': $filter .= $field . ' <> "' . mysql_real_escape_string($like) . '"'; break; case 'contains': $filter .= $field . ' LIKE "%' . mysql_real_escape_string($like) . '%"'; break; case 'like': $filter .= $field . ' LIKE "' . mysql_real_escape_string($like) . '"'; break; } } else { $filter .= $field . ' = "' . mysql_real_escape_string($like) . '"'; } } } /* * QuickSearch */ if ($this->searchBy !== '') { $aSB = explode('|', $this->searchBy); $subFilter = ''; foreach ($aSB as $sBy) { $subFilter .= $subFilter !== '' ? ' OR ' : ''; $subFilter .= $sBy . ' LIKE "%' . G::sqlEscape($this->fastSearch, $this->dbc->type) . '%"'; } if ($subFilter !== '') { $filter .= $filter !== '' ? ' AND ' : ''; $filter .= '(' . $subFilter . ')'; } } //Merge sort array defined by USER with the array defined by SQL parse_str($this->order, $orderFields); parse_str($this->orderBy, $orderFields2); //User sort is more important (first in merge). $orderFields3 = array_merge($orderFields2, $orderFields); //User sort is overwrites XMLs definition. $orderFields = array_merge($orderFields3, $orderFields2); //Order (BY SQL DEFINITION AND USER'S DEFINITION) $this->aOrder = array(); $order = ''; foreach ($orderFields as $field => $fieldOrder) { $field = G::getUIDName($field, ''); $fieldOrder = strtoupper($fieldOrder); if ($fieldOrder === 'A') { $fieldOrder = 'ASC'; } if ($fieldOrder === 'D') { $fieldOrder = 'DESC'; } switch ($fieldOrder) { case 'ASC': case 'DESC': if ($order !== '') { $order .= ', '; } $order .= $field . ' ' . $fieldOrder; $this->aOrder[$field] = $fieldOrder; } } $this->sql = $this->sqlSelect . ($this->sqlWhere != '' || $filter != '' ? ' WHERE ' : '') . ($this->sqlWhere != '' ? '(' . $this->sqlWhere . ')' : '') . ($this->sqlWhere != '' && $filter != '' ? ' AND ' : '') . ($filter != '' ? '(' . $filter . ')' : '') . ($this->sqlGroupBy != '' ? ' GROUP BY ' . $this->sqlGroupBy : '') . ($order != '' ? ' ORDER BY ' . $order : ''); //$this->query=$this->ses->execute($this->sql); //$this->totpages=ceil($this->query->count()/$this->rowsPerPage); return; }
* For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. * */ if (($RBAC_Response = $RBAC->userCanAccess("PM_SETUP")) != 1) { return $RBAC_Response; } G::LoadInclude('ajax'); $G_ENABLE_BLANK_SKIN = true; $ARR_WEEKDAYS[0] = array('SUNDAY', 'MONDAY', 'TUESDAY', 'WEDNESDAY', 'THURSDAY', 'FRIDAY', 'SATURDAY'); $ARR_WEEKDAYS['es'] = array("Domingo?", "Lunes?", "Martes?", "Miércoles?", "Jueves?", "Viernes?", "Sábado?"); $ARR_WEEKDAYS['en'] = array("Sunday?", "Monday?", "Tuesday?", "Wednesday?", "Thursday?", "Friday?", "Saturday?"); $ARR_WEEKDAYS['fa'] = array('یکشنبه', 'دوشنبه', 'سه شنبه', 'چهارشنبه', 'پنجشنبه ', 'جمعه', 'آدینه'); $dbc = new DBConnection(); $ses = new DBSession($dbc); $holidays = $ses->execute("SELECT LEX_VALUE FROM LEXICO WHERE LEX_TOPIC ='NOWORKINGDAY' "); $config = array(); for ($id = 0; $id < 7; $id++) { $res = $ses->execute(" SELECT * FROM LEXICO WHERE LEX_KEY = '" . $ARR_WEEKDAYS[0][$id] . "' AND LEX_TOPIC ='HOLIDAY' "); $res = $res->read(); $config[$ARR_WEEKDAYS[0][$id]] = $res['LEX_VALUE']; } $G_PUBLISH = new Publisher(); $G_PUBLISH->AddContent('xmlform', 'xmlform', 'setup/weekend', '', $config, ''); G::RenderPage('publish'); ?> <script language="JavaScript"> function var_dump(obj) { msg=''; if (typeof(obj)=='object')
* along with this program. If not, see <http://www.gnu.org/licenses/>. * * For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. */ if (($RBAC_Response = $RBAC->userCanAccess("PM_FACTORY")) != 1) { return $RBAC_Response; } //G::genericForceLogin( 'WF_MYINFO' , 'login/noViewPage', $urlLogin = '******' ); G::LoadClass('xmlDb'); $G_MAIN_MENU = 'processmaker'; $G_SUB_MENU = 'processes'; $G_ID_MENU_SELECTED = 'PROCESSES'; $G_ID_SUB_MENU_SELECTED = 'DYNAFORMS'; $dbc = new DBConnection(); $ses = new DBSession($dbc); $xdbc = new DBConnection(PATH_XMLFORM . 'dynaforms/dynaform_Fields.xml', '', '', '', 'myxml'); $xses = new DBSession($xdbc); $res = $xses->execute('SELECT * FROM dynaForm'); for ($r = 0; $r < $res->count(); $r++) { $row = $res->read(); // var_dump( $row );echo('<br/>'); } define('DB_XMLDB_HOST', PATH_XMLFORM . 'dynaforms/dynaforms_List.xml'); define('DB_XMLDB_USER', ''); define('DB_XMLDB_PASS', ''); define('DB_XMLDB_NAME', ''); define('DB_XMLDB_TYPE', 'myxml'); $G_PUBLISH = new Publisher(); $G_PUBLISH->AddContent('pagedtable', 'paged-table', 'dynaforms/dynaform_Fields', '', array('SYS_LANG' => SYS_LANG), 'dynaforms_Save', 'dynaforms_PagedTableAjax'); G::RenderPage("publish");
*/ if (($RBAC_Response = $RBAC->userCanAccess("PM_SETUP")) != 1) { return $RBAC_Response; } G::ForceLogin('WF_PROCESS'); G::LoadInclude('ajax'); $G_HELP_PAGE = "setup-environment-time-controls-weekend"; $G_MAIN_MENU = "processmaker"; $G_SUB_MENU = "setupPM"; $G_THIRD_MENU = "workingTime"; $G_ID_MENU_SELECTED = "SETUP"; $G_ID_SUB_MENU_SELECTED = "ENVIRONMENT"; $G_ID_THIRD_MENU_SELECTED = "WEEKEND"; $dbc = new DBConnection(); $ses = new DBSession($dbc); $holidays = $ses->execute('SELECT LEX_VALUE FROM LEXICO WHERE LEX_TOPIC ="HOLIDAY"'); $funcion = strtolower(get_ajax_value('function')); $funcions = get_defined_functions(); if (in_array($funcion, $funcions['user'])) { eval($funcion . '();'); } function setDays() { $days = get_ajax_value('days'); $values = get_ajax_value('values'); $days = explode(',', $days); $values = explode(',', $values); for ($r = 1; $r < sizeof($days); $r++) { setDay($days[$r], $values[$r]); } }
{ global $ntarget; $msg = "{$target} => "; //if( eregi("[a-zA-Z]", $target) ) if (preg_match("[a-zA-Z]", $target)) { //Made compatible to PHP 5.3 $ntarget = gethostbyname($target); } else { $ntarget = gethostbyaddr($target); } $msg .= $ntarget; return $msg; } $dbc = new DBConnection(DB_HOST, DB_RBAC_USER, DB_RBAC_PASS, DB_RBAC_NAME); $ses = new DBSession($dbc); $dset = $ses->execute("SELECT VERSION() AS VERSION "); $row = $dset->Read(); if (getenv('HTTP_CLIENT_IP')) { $ip = getenv('HTTP_CLIENT_IP'); } elseif (getenv('HTTP_X_FORWARDED_FOR')) { $ip = getenv('HTTP_X_FORWARDED_FOR'); } else { $ip = getenv('REMOTE_ADDR'); } if (file_exists("/etc/redhat-release")) { $fnewsize = filesize("/etc/redhat-release"); $fp = fopen("/etc/redhat-release", "r"); $redhat = fread($fp, $fnewsize); fclose($fp); } $Fields = $dbc->db->dsn;
*/ ini_set('display_errors', 'off'); G::LoadInclude('ajax'); $function = get_ajax_value('function'); $cat = get_ajax_value('cat'); $node = get_ajax_value('node'); $lang = get_ajax_value('lang'); $langLabel = get_ajax_value('langLabel'); $text = get_ajax_value('text'); $table = "TRANSLATION"; $dbc = new DBConnection(); $ses = new DBSession($dbc); switch ($function) { case "editLabel": case "changeLabel": $query = $ses->execute("select * from {$table} where TRN_CATEGORY='{$cat}' and TRN_ID='{$node}' and TRN_LANG='{$lang}'", false); if ($query->count() === 0) { echo "Not found {$cat}:{$node}:{$lang} in table '{$table}'"; return; } if ($query->count() > 1) { echo "The {$cat}:{$node}:{$lang} in table '{$table}' is not unique"; return; } $res = $query->read(); switch ($function) { case "editLabel": $myID = "input_" . $cat . "_" . $node . "_" . $lang; $myID = 'aux'; echo "<input id='{$myID}' type='text' value='" . htmlspecialchars($res['TRN_VALUE']) . "' " . ajax_event("onblur", "translationsAjax.php", 'lang_' . $cat . '_' . $node . '_' . $lang, "'function=changeLabel&cat=" . urlencode($cat) . "&node=" . urlencode($node) . "&lang=" . urlencode($lang) . "&langLabel='+encodeURI(getElementById('{$myID}').value)", '') . "/>"; break;
/** * Set enable template * @param object $A * @param string $value * @return string */ function set_enabletemplate($A, $value) { $file = G::decrypt($A, URL_KEY); $value = $value == "1" ? "1" : "0"; $dbc2 = new DBConnection(PATH_DYNAFORM . $file . '.xml', '', '', '', 'myxml'); $ses2 = new DBSession($dbc2); $ses2->execute("UPDATE . SET ENABLETEMPLATE = '{$value}'"); return $value; }