public function testCanCurrentUserAccessAllComponentsWithLimitedAccessUser() { Yii::app()->user->userModel = User::getByUserName('bobby'); $componentForms = array(); $filter = new FilterForReportForm('AccountsModule', 'Account', Report::TYPE_ROWS_AND_COLUMNS); $filter->attributeIndexOrDerivedType = 'officePhone'; $filter->operator = OperatorRules::TYPE_EQUALS; $filter->value = '123456789'; $componentForms[] = $filter; $this->assertFalse(ReportSecurityUtil::canCurrentUserAccessAllComponents($componentForms)); Yii::app()->user->userModel->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS); Yii::app()->user->userModel->save(); $this->assertTrue(ReportSecurityUtil::canCurrentUserAccessAllComponents($componentForms)); //Test that bobby cannot access the related contacts $filter2 = new FilterForReportForm('AccountsModule', 'Account', Report::TYPE_ROWS_AND_COLUMNS); $filter2->attributeIndexOrDerivedType = 'contacts___website'; $filter2->operator = OperatorRules::TYPE_EQUALS; $filter2->value = 'zurmo.com'; $componentForms[] = $filter2; $this->assertFalse(ReportSecurityUtil::canCurrentUserAccessAllComponents($componentForms)); //Now add access, and bobby can. Yii::app()->user->userModel->setRight('ContactsModule', ContactsModule::RIGHT_ACCESS_CONTACTS); Yii::app()->user->userModel->save(); $this->assertTrue(ReportSecurityUtil::canCurrentUserAccessAllComponents($componentForms)); }
function on_submit() { $status = (int) Url::get('status'); $sms_total = (int) Url::get('sms_total'); $user_name = Url::get('user_name', ''); $note = Url::get('note', ''); if ($user_name != '') { if (DB::select("sms_user_active", "user_name='{$user_name}'")) { $this->setFormError("user_name", "Thành viên này đã tồn tại trong danh sách quản lý THÀNH VIÊN CHỨNG THỰC"); } else { if ($status == 1) { //Kích hoạt $user = User::getByUserName($user_name); $this->a_row['a_time'] = TIME_NOW; if ($user) { if ($user['level'] == 0) { DB::query("UPDATE account SET level = 1 WHERE id={$user['id']}"); if (MEMCACHE_ON) { $user['level'] = 1; eb_memcache::do_put("user:{$user['id']}", $user); } } } else { $this->setFormError('', "Tài khoản không tồn tại!"); } } else { //Bỏ Kích hoạt $this->a_row['a_time'] = 0; $user = User::getByUserName($user_name); if ($user) { if ($user['level'] == 1) { DB::query("UPDATE account SET level = 0 WHERE id={$user['id']}"); if (MEMCACHE_ON) { $user['level'] = 0; eb_memcache::do_put("user:{$user['id']}", $user); } } } else { $this->setFormError('', "Tài khoản không tồn tại!"); } } if (!$this->errNum) { $this->a_row['user_id'] = $user['id']; $this->a_row['user_name'] = $user['user_name']; $this->a_row['sms_total'] = (int) ($sms_total <= 0 ? 0 : $sms_total); $this->a_row['status'] = $status; $this->a_row['note'] = $note; DB::insert("sms_user_active", $this->a_row); Url::redirect_current(); } } } else { $this->setFormError('user_name', "Bạn chưa nhập vào tài khoản!"); } }
public static function newUserWithClientData($username, $password) { $user = User::getByUserName($username); if ($user == 0) { $instance = new self(); $instance->username = $username; $instance->password = md5($password); $instance->token = md5(uniqid($username, true)); return $instance; } return false; }
/** * @depends testCreateAndGetSocialItemById */ public function testAddingComments() { $socialItems = SocialItem::getAll(); $this->assertEquals(1, count($socialItems)); $socialItem = $socialItems[0]; $steven = User::getByUserName('steven'); $latestStamp = $socialItem->latestDateTime; //latestDateTime should not change when just saving the social item $this->assertTrue($socialItem->save()); $this->assertEquals($latestStamp, $socialItem->latestDateTime); sleep(2); // Sleeps are bad in tests, but I need some time to pass //Add comment, this should update the latestDateTime, $comment = new Comment(); $comment->description = 'This is my first comment'; $socialItem->comments->add($comment); $this->assertTrue($socialItem->save()); $this->assertNotEquals($latestStamp, $socialItem->latestDateTime); }
/** * Ensures another user can 'clone' an account they can see, but is not necessarily the owner and does not have * super privileges. */ public function testCopyingAModelOwnedByAnotherUserWhereYouHaveRestrictedAccess() { Yii::app()->user->userModel = User::getByUsername('super'); $account = AccountTestHelper::createAccountByNameForOwner('a super account', Yii::app()->user->userModel); //This will simulate sally having access to 'clone' the account. $sally = User::getByUserName('sally'); $account->addPermissions($sally, Permission::READ); $account->save(); AllPermissionsOptimizationUtil::securableItemGivenReadPermissionsForUser($account, $sally); Yii::app()->user->userModel = User::getByUsername('sally'); $copyOfAccount = new Account(); ZurmoCopyModelUtil::copy($account, $copyOfAccount); $saved = $copyOfAccount->save(); $this->assertTrue($saved); }
<?php require_once "../config.php"; $userName = $_POST['username']; $password = $_POST['password']; if ($userName != null && $password != null) { $user = User::getByUserName($userName); if ($user == false) { http_response_code(402); echo json_encode(array('error' => "This username not found.")); } else { $md5 = md5($password); if ($user->password == $md5) { echo json_encode(array('id' => $user->id, 'username' => $user->username, 'password' => $user->password, 'token' => $user->token)); } else { http_response_code(402); echo json_encode(array('error' => "Password is wrong.")); } } } else { http_response_code(402); echo json_encode(array('error' => "Username or password missing.")); }
function add_user_payandship() { $username = Url::get('username'); $status = Url::get('status'); $create_date = Url::get('create_date'); $contract = Url::get('contract'); $add_type = Url::get('add_type'); $add_gold = Url::get('add_gold'); $add_month = Url::get('add_month'); if (!$username) { echo 'err_username'; exit; } $user_detail = User::getByUserName($username); if (!$user_detail) { echo "not_exist"; exit; } $exist_user = DB::fetch("SELECT account_id FROM account_payship WHERE account_name = " . "'" . $username . "'"); if ($exist_user) { echo "exist_user"; exit; } $admin_user = User::user_name(); if ($create_date) { $date_arr = explode('-', $create_date); if (isset($date_arr[0]) && isset($date_arr[1]) && isset($date_arr[2])) { $create_date = mktime(23, 59, 59, (int) $date_arr[1], (int) $date_arr[0], (int) $date_arr[2]); } else { $create_date = TIME_NOW; } } else { $create_date = TIME_NOW; } if (!empty($add_type)) { $time_start1 = date("Y-m-d-H-m-s"); $time_start2 = explode('-', $time_start1); $time_start = mktime((int) $time_start2[3], (int) $time_start2[4], (int) $time_start2[5], (int) $time_start2[1], (int) $time_start2[2], (int) $time_start2[0]); $time_end1 = strtotime('+' . $add_month . ' month', strtotime($time_start1)); $time_end2 = date("Y-m-d-H-m-s", $time_end1); $time_end3 = explode('-', $time_end2); $time_end = mktime((int) $time_end3[3], (int) $time_end3[4], (int) $time_end3[5], (int) $time_end3[1], (int) $time_end3[2], (int) $time_end3[0]); $type_payship = 3; $user_golddetail = DB::fetch("SELECT * FROM account WHERE user_name = '{$username}' LIMIT 1"); if ($user_golddetail["gold"] < $add_gold) { echo "exit_gold"; exit; } DB::query("UPDATE `account` SET payship = {$type_payship}, gold = gold - {$add_gold} WHERE user_name = '{$username}' LIMIT 1"); $data_gold_log = array('user_id' => $user_detail['id'], 'user_name' => $user_detail['user_name'], 'time' => TIME_NOW, 'gold' => -$add_gold, 'gold_before' => $user_golddetail["gold"], 'gold_after' => $user_golddetail["gold"] - $add_gold, 'type_use' => '14', 'type_gold' => '2', 'note' => 'Trừ ' . $add_gold . ' gold của user đăng tin sử dụng tools quản lý'); DB::insert('gold_log', $data_gold_log); } else { $add_type = 1; DB::query("UPDATE `account` SET payship = 1 WHERE user_name = '{$username}' LIMIT 1"); } $data = array('account_id' => $user_detail['id'], 'account_name' => $user_detail['user_name'], 'email' => $user_detail['email'], 'address' => $user_detail['address'], 'mobile_phone' => $user_detail['mobile_phone'], 'user_modifie' => $admin_user, 'created_date' => $create_date, 'modifie_date' => TIME_NOW, 'contract' => $contract, 'type' => $add_type, 'time_start' => $time_start, 'time_end' => $time_end, 'status' => $status); DB::insert('account_payship', $data); if (MEMCACHE_ON) { eb_memcache::do_remove("user:"******"success"; exit; }
static function check_get_user() { if (Url::get('user_id')) { if (User::is_login() && User::id() == Url::get('user_id')) { CGlobal::$user_profile = User::$current->data; } else CGlobal::$user_profile = User::getUser(Url::get('user_id')); } if (!CGlobal::$user_profile && Url::get('user_name')) { if (User::is_login() && User::user_name() == Url::get('user_name')) { CGlobal::$user_profile = User::$current->data; } else { CGlobal::$user_profile = User::getByUserName(Url::get('user_name')); } } /*if(!CGlobal::$user_profile && Url::get('id')){ if(User::is_login() && User::user_name()==Url::get('id')){ CGlobal::$user_profile = User::$current->data; } else{ CGlobal::$user_profile = User::getByUserName(Url::get('id')); } }*/ if (!CGlobal::$user_profile && User::is_login() && in_array(EClass::$page['name'], array('personal', 'message', 'cart', 'gold_history'))) { CGlobal::$user_profile = User::$current->data; } if (!CGlobal::$user_profile) { Url::access_denied(); } }
/** * @depends testCreateAndGetConversationById */ public function testAddingComments() { $conversations = Conversation::getAll(); $this->assertEquals(1, count($conversations)); $conversation = $conversations[0]; $steven = User::getByUserName('steven'); $latestStamp = $conversation->latestDateTime; //latestDateTime should not change when just saving the conversation $conversation->conversationParticipants->offsetGet(0)->hasReadLatest = true; $conversation->ownerHasReadLatest = true; $this->assertTrue($conversation->save()); $this->assertEquals($latestStamp, $conversation->latestDateTime); $this->assertEquals(1, $conversation->ownerHasReadLatest); sleep(2); // Sleeps are bad in tests, but I need some time to pass //Add comment, this should update the latestDateTime, //and also it should reset hasReadLatest on conversation participants $comment = new Comment(); $comment->description = 'This is my first comment'; $conversation->comments->add($comment); $this->assertTrue($conversation->save()); $this->assertNotEquals($latestStamp, $conversation->latestDateTime); $this->assertEquals(0, $conversation->conversationParticipants->offsetGet(0)->hasReadLatest); //super made the comment, so this should remain the same. $this->assertEquals(1, $conversation->ownerHasReadLatest); //set it to read latest $conversation->conversationParticipants->offsetGet(0)->hasReadLatest = true; $this->assertTrue($conversation->save()); $this->assertEquals(1, $conversation->conversationParticipants->offsetGet(0)->hasReadLatest); //have steven make the comment. Now the ownerHasReadLatest should set to false, and hasReadLatest should remain true Yii::app()->user->userModel = $steven; $conversation = Conversation::getById($conversation->id); $comment = new Comment(); $comment->description = 'This is steven`\\s first comment'; $conversation->comments->add($comment); $this->assertTrue($conversation->save()); $this->assertEquals(1, $conversation->conversationParticipants->offsetGet(0)->hasReadLatest); $this->assertEquals(0, $conversation->ownerHasReadLatest); }
/** * @depends testUserHasNoAccessToAccountsAndTriesToConvertWhenAccountIsOptional */ public function testUserCanAccessAccountsButCannotCreateAccountShowConvertAction() { $super = $this->logoutCurrentUserLoginNewUserAndGetByUsername('super'); $belina = User::getByUserName('belina'); $lead = LeadTestHelper::createLeadbyNameForOwner('BelinaLead1', $belina); $belina->setRight('AccountsModule', AccountsModule::RIGHT_ACCESS_ACCOUNTS, Right::ALLOW); $this->assertTrue($belina->save()); $belina = $this->logoutCurrentUserLoginNewUserAndGetByUsername('belina'); $convertToAccountSetting = LeadsModule::getConvertToAccountSetting(); $this->assertEquals(Right::DENY, $belina->getEffectiveRight('AccountsModule', AccountsModule::RIGHT_CREATE_ACCOUNTS)); //The convert view should load up normally, except the option to create an account will not be pressent. //This tests that the view does in fact come up. $this->setGetArray(array('id' => $lead->id)); $this->runControllerWithNoExceptionsAndGetContent('leads/default/convert'); }
function _do_massCreateUsers() { $aIds = KTUtil::arrayGet($_REQUEST, 'id'); $oSource =& KTAuthenticationSource::get($_REQUEST['source_id']); $oAuthenticator = $this->getAuthenticator($oSource); $aNames = array(); foreach ($aIds as $sId) { $aResults = $oAuthenticator->getUser($sId); $dn = $sId; $sUserName = $aResults[$this->aAttributes[1]]; // With LDAP, if the 'uid' is null then try using the 'givenname' instead. // See activedirectoryauthenticationprovider.inc.php and ldapauthenticationprovider.inc.php for details. if ($this->sAuthenticatorClass == "KTLDAPAuthenticator" && empty($sUserName)) { $sUserName = strtolower($aResults[$this->aAttributes[2]]); } $sName = $aResults[$this->aAttributes[0]]; $sEmailAddress = $aResults[$this->aAttributes[4]]; $sMobileNumber = $aResults[$this->aAttributes[5]]; // If the user already exists append some text so the admin can see the duplicates. $appending = true; while ($appending) { if (!PEAR::isError(User::getByUserName($sUserName))) { $sUserName = $sUserName . "_DUPLICATE"; $appending = true; } else { $appending = false; } } $oUser = User::createFromArray(array("Username" => $sUserName, "Name" => $sName, "Email" => $sEmailAddress, "EmailNotification" => true, "SmsNotification" => false, "MaxSessions" => 3, "authenticationsourceid" => $oSource->getId(), "authenticationdetails" => $dn, "authenticationdetails2" => $sUserName, "password" => "")); $aNames[] = $sName; } $this->successRedirectToMain(_kt("Added users") . ": " . join(', ', $aNames)); }
public function testSavePermission() { $account = new Account(); $account->name = 'Yooples'; $account->addPermissions(User::getByUserName('billy'), Permission::READ); $this->assertTrue($account->save()); }
function draw() { global $display; $this->beginForm(); $join_field = ''; $join = ''; $where_join = ''; $where = ''; $order_by = Url::get('order_by', 1); $time = "sms_user_active.c_time"; if ($order_by == 1) { $order = ' ORDER BY sms_user_active.id DESC'; } elseif ($order_by == 2) { $order = ' ORDER BY sms_user_active.a_time,sms_user_active.id'; $time = "sms_user_active.a_time"; } elseif ($order_by == 3) { $order = ' ORDER BY sms_user_active.c_time,sms_user_active.id'; } elseif ($order_by == 4) { $order = ' ORDER BY sms_user_active.l_time,sms_user_active.id'; $time = "sms_user_active.l_time"; } elseif ($order_by == 5) { $order = ' ORDER BY sms_user_active.sms_total DESC,sms_user_active.id'; $time = "sms_user_active.l_time"; } elseif ($order_by == 6) { $order = ' ORDER BY sms_user_active.sms_total,sms_user_active.id'; $time = "sms_user_active.l_time"; } $page = Url::get('page', 1); $a_id = Url::get('a_id', 0); $m_user_name = Url::get('m_user_name', ''); $user_name = Url::get('user_name'); $status = Url::get('status', 0); if ($user_name) { $user = User::getByUserName($user_name); if ($user) { $where .= ($where != '' ? ' AND ' : 'WHERE ') . " sms_user_active.user_id = '{$user['id']}'"; } else { $where .= ($where != '' ? ' AND ' : 'WHERE ') . " 0 "; } } if ($m_user_name) { $where .= ($where != '' ? ' AND ' : 'WHERE ') . " sms_user_active.m_user_name = '{$m_user_name}'"; } if ($a_id) { $where .= ($where != '' ? ' AND ' : 'WHERE ') . " sms_user_active.id = {$a_id}"; } if ($status == 3) { $where .= ($where != '' ? ' AND ' : 'WHERE ') . " sms_user_active.status = 0"; } elseif ($status == 4) { $join_field = ", account.level"; $join = " LEFT JOIN account ON account.id = sms_user_active.user_id"; $where_join = ($where != '' ? ' AND ' : 'WHERE ') . " sms_user_active.status = 1 AND (account.level < 1 OR account.level IS NULL)"; //$where.=($where!=''?' AND ':'WHERE ')." (status = 1 AND user_id IN (SELECT id FROM account WHERE level < 1))"; } elseif ($status) { $where .= ($where != '' ? ' AND ' : 'WHERE ') . " sms_user_active.status = {$status}"; } $date_start = Url::get('date_start'); $date_end = Url::get('date_end'); if ($date_start) { $arr = explode('-', $date_start); $where .= ($where != '' ? ' AND ' : 'WHERE ') . " {$time}>=" . mktime(0, 0, 0, $arr[1], $arr[0], $arr[2]); } if ($date_end) { $arr = explode('-', $date_end); $where .= ($where != '' ? ' AND ' : 'WHERE ') . " {$time}<=" . mktime(23, 59, 59, $arr[1], $arr[0], $arr[2]); } $display->add('a_id', $a_id); $display->add('date_start', $date_start); $display->add('date_end', $date_end); $display->add('m_user_name', $m_user_name); $display->add('order_by', $order_by); $display->add('user_name', $user_name); $display->add('status', $status); $total = DB::fetch("SELECT COUNT(*) AS total_row FROM sms_user_active {$join} {$where} {$where_join}", 'total_row', 0); $display->add('total', $total); $pagging = ''; $items = array(); $sms_rows = array(); $item_ids = ''; if ($total) { //----- Pagging --------------- $limit = ''; require_once ROOT_PATH . 'core/ECPagging.php'; $pagging = ECPagging::pagingSE($limit, $total, 50, 10, 'page_no', true, ' Thành viên'); //----- Pagging --------------- // Lấy danh sách user_id để kiểm tra xem user đã thực sự được active trong bảng account hay chưa $lstIDs = ''; $sql = "SELECT user_id FROM sms_user_active {$where} {$order} {$limit}"; $reIDs = DB::query($sql); if ($reIDs) { $lstECSActive = ''; while ($row = mysql_fetch_assoc($reIDs)) { $lstECSActive .= $lstECSActive ? ',' : ''; $lstECSActive .= $row['user_id']; } if ($reIDs) { $sql = "SELECT id FROM account WHERE level > 0 AND id IN(" . $lstECSActive . ")"; $reActiveIDs = DB::query($sql); if ($reActiveIDs) { while ($row = mysql_fetch_assoc($reActiveIDs)) { $lstIDs .= $lstIDs ? ',' : ''; $lstIDs .= $row['id']; } } } } $sql = "SELECT sms_user_active.id,sms_user_active.user_id, sms_user_active.user_name, sms_user_active.sms_total, sms_user_active.c_time, \n\t\t\t\t\tsms_user_active.l_time, sms_user_active.a_time, sms_user_active.status, sms_user_active.m_time, sms_user_active.m_user_name, \n\t\t\t\t\tsms_user_active.note {$join_field} FROM sms_user_active {$join} {$where} {$where_join} {$order} {$limit}"; $re = DB::query($sql); if ($re) { while ($sms_row = mysql_fetch_assoc($re)) { if ($lstIDs) { if (strpos(',' . $lstIDs . ',', ',' . $sms_row['user_id'] . ',') === false && $sms_row['status']) { if ($sms_row['level'] != '') { // Nếu thành viên thực sự được kích hoạt ảo $sms_row['activeStyle'] = ' style="color:#C02C00;"'; } else { // Nếu thành viên đã được kích hoạt, nhưng đã bị xóa khỏi db $sms_row['activeStyle'] = ' style="color:#666666; text-decoration: line-through"'; } } } $sms_row['c_time'] = date('H\\hi d.m.Y', $sms_row['c_time']); if ($sms_row['l_time']) { $sms_row['l_time'] = date('H\\hi d.m.Y', $sms_row['l_time']); } else { $sms_row['l_time'] = ''; } if ($sms_row['m_time']) { $sms_row['m_user_name'] = "<b>Sửa:</b> {$sms_row['m_user_name']}<br /><b>Lúc:</b> " . date('H\\hi d.m.Y', $sms_row['m_time']); } else { $sms_row['m_user_name'] = ''; $sms_row['m_time'] = ''; } if ($sms_row['a_time']) { $sms_row['a_time'] = date('H\\hi d.m.Y', $sms_row['a_time']); } else { $sms_row['a_time'] = ''; } if ($sms_row['status'] != 1) { $sms_row['start_link'] = WEB_DIR . ECRewrite::formatUrl("?page=user_active&cmd=active&id={$sms_row['id']}"); } if ($sms_row['status'] == 1) { $sms_row['stop_link'] = WEB_DIR . ECRewrite::formatUrl("?page=user_active&cmd=deactive&id={$sms_row['id']}"); } $sms_row['del_link'] = WEB_DIR . ECRewrite::formatUrl("?page=user_active&cmd=del&id={$sms_row['id']}"); if ($sms_row['status'] == 0) { $sms_row['status'] = '<font color="orange">Chưa KH</font>'; } elseif ($sms_row['status'] == 1) { $sms_row['status'] = '<font color="green">Đã KH</font>'; } elseif ($sms_row['status'] == 2) { $sms_row['status'] = '<font color="brown">Vi phạm, không được KH</font>'; } $sms_row['edit_link'] = "?page=user_active&cmd=edit&id={$sms_row['id']}"; $sms_rows[$sms_row['id']] = $sms_row; } } } $display->add('is_root', User::is_root()); $display->add('items', $sms_rows); $display->add('pagging', $pagging); $display->output('UserActive'); $this->endForm(); }
function draw() { global $display; $this->beginForm(false, "POST", false, Url::build_current()); //search theo ngay thang nam $display->add('created_time_from', Url::get('created_time_from')); $display->add('created_time_to', Url::get('created_time_to')); $created_time_from = 0; $created_time_to = 0; if (Url::get('created_time_from')) { $date_arr = explode('/', Url::get('created_time_from')); if (isset($date_arr[0]) && isset($date_arr[1]) && isset($date_arr[2])) { $created_time_from = EClassApi::render_time($date_arr[1] . '/' . $date_arr[0] . '/' . (int) $date_arr[2], 0); } } if (Url::get('created_time_to')) { $date_arr = explode('/', Url::get('created_time_to')); if (isset($date_arr[0]) && isset($date_arr[1]) && isset($date_arr[2])) { $created_time_to = EClassApi::render_time($date_arr[1] . '/' . $date_arr[0] . '/' . (int) $date_arr[2], 1); } } $search_value = 1; $last_log = (int) Url::get('last_log'); if ($last_log) { if ($created_time_from) { $search_value .= ' AND last_login >= ' . $created_time_from; } if ($created_time_to) { $search_value .= ' AND last_login <= ' . $created_time_to; } } else { if ($created_time_from) { $search_value .= ' AND create_time >= ' . $created_time_from; } if ($created_time_to) { $search_value .= ' AND create_time <= ' . $created_time_to; } } $display->add('last_log', $last_log); if (Url::get('active') == 1) { $search_value .= ' AND (is_active=1)'; $display->add('active_checked', 'checked'); } else { $display->add('active_checked', ''); } if (Url::get('tracking') == 1) { $search_value .= ' AND (tracking=1)'; $display->add('tracking_checked', 'checked'); } else { $display->add('tracking_checked', ''); } if (Url::get('invalid') == 1) { $search_value .= ' AND (invalid_time > 0 OR invalid_time = -1)'; $order_by = ' ORDER BY invalid_time DESC '; $display->add('invalid_checked', 'checked'); } else { //$search_value .= ' AND invalid_time = 0'; $order_by = ' ORDER BY id DESC '; $display->add('invalid_checked', ''); } if (Url::get('block') == 1) { $search_value .= ' AND (block_time >= ' . TIME_NOW . ' OR block_time = -1)'; $order_by = ' ORDER BY block_time DESC '; $display->add('block_checked', 'checked'); } else { //$search_value .= ' AND block_time!=-1 AND block_time <= '.TIME_NOW; $display->add('block_checked', ''); } $od_by = Url::get('order_by'); $od_dir = Url::get('order_dir', 'DESC'); if ($od_by == 'name') { $order_by = ' ORDER BY user_name ' . $od_dir; } elseif ($od_by == 'id') { $order_by = ' ORDER BY id ' . $od_dir; } elseif ($od_by == 'time') { $order_by = ' ORDER BY create_time ' . $od_dir; } elseif ($last_log) { $order_by = ' ORDER BY last_login ' . $od_dir; } if (Url::get('ava')) { $search_value .= ' AND avatar_url != ""'; $display->add('ava_checked', 'checked'); } else { $display->add('ava_checked', ''); } // search ô textbox ID $id_search = (int) Url::get('id_search', 0); if ($id_search) { $search_value .= ' AND id=' . $id_search; } if ($id_search == 0) { $id_search = ''; } $display->add('id_search', $id_search); // search ô textbox tài khoản if (Url::get('text_value') != '') { $text_value = trim(Url::get('text_value')); $display->add('text_value', $text_value); $str_search = str_replace("'", '"', $text_value); $str_search = str_replace("'", '"', $str_search); $str_search = str_replace(""", '"', $str_search); $s_user = User::getByUserName($str_search, true); if ($s_user) { $search_value .= " AND id='{$s_user['id']}' "; } else { $search_value .= " AND 0 "; } } $cid = 0; if (Url::get('cid') != 0) { $cid = trim(Url::get('cid')); $search_value .= ' AND (CONCAT(",", class_id, ",") LIKE "%,' . $cid . ',%") '; } $display->add('id_phone', Url::get('id_phone')); $item_per_page = Url::get('item_per_page', 50); $sql_count = 'SELECT COUNT(id) AS total_item FROM account WHERE ' . $search_value; $total = DB::fetch($sql_count, 'total_item', 0); $items = array(); $str_id = ''; $uids = ''; if ($total) { $limit = ''; require_once ROOT_PATH . 'core/ECPagging.php'; $paging = ECPagging::pagingSE($limit, $total, $item_per_page, 10, 'page_no', true, 'Thành viên', 'Trang'); $sql = 'SELECT * FROM account WHERE ' . $search_value . ' ' . $order_by . $limit; $result = DB::query($sql); if ($result) { while ($row = mysql_fetch_assoc($result)) { $row['create_time'] = date('d/m/y H:i', $row['create_time']); if ($row['last_login']) { $row['last_login'] = date('d/m/y H:i', $row['last_login']); } else { $row['last_login'] = false; } if ($row['block_time'] > TIME_NOW || $row['block_time'] == -1) { if ($row['block_time'] != -1) { $row['status'] = "<font color=red><b>" . date('H:i d/m/y', $row['block_time']) . '</b></font>'; } else { $row['status'] = '<font color=red><b>Khóa vĩnh viễn</b></font>'; } $row['bgcolor'] = 'bgcolor="#CCCCCC"'; $row['is_block'] = true; $display->add('type_reason', 'Khóa'); } else { $row['status'] = ""; $row['bgcolor'] = ''; $row['is_block'] = false; } $row['gender'] = ''; $row['unban_nick'] = Url::build_all(array('chk_id', 'del_all', 'cmd', 'id', 'lock_die_all', 'hd_ac'), 'cmd=unban_nick&id=' . $row['id']); if (User::is_root()) { $row['del_link'] = Url::build_all(array('chk_id', 'del_all', 'cmd', 'id', 'lock_die_all', 'hd_ac'), 'cmd=del_user&id=' . $row['id']); } $row['detail'] = Url::build_current(array('cmd' => 'edit', 'id' => $row['id'])); $row['openids'] = array(); $row['del_cache'] = Url::build_all(array('cmd', 'id'), 'cmd=del_cache&id=' . $row['id']); $uids .= ($uids ? ',' : '') . $row['id']; $items[$row['id']] = $row; } } } else { $paging = ''; } // // if($uids){ // $re = DB::query("SELECT openid_url,user_id FROM openid WHERE user_id IN($uids)"); // // if($re){ // while ($oid = mysql_fetch_assoc($re)) { // $items[$oid['user_id']]['openids'][] = $oid['openid_url']; // } // } // } //lay ly do khoa nicks hoac kiem duyet nick $arr_reason = array(); if ($str_id) { $where = ''; if (Url::get('block') == 1) { $where = ' AND type IN (0,1) '; } else { if (Url::get('invalid') == 1) { $where = ' AND type = 2 '; } } $sql = 'SELECT user_id, time, note, type,admin_id, admin_name FROM acc_lock WHERE user_id IN(' . $str_id . ') ' . $where . ' ORDER BY id ASC'; $result = DB::query($sql); while ($row = mysql_fetch_assoc($result)) { $arr_reason[$row['user_id']] = $row; } } foreach ($items as $value) { if (isset($arr_reason[$value['id']]['user_id']) && $value['id'] == $arr_reason[$value['id']]['user_id']) { $items[$value['id']]['lock_reason'] = EClassApi::filter_title($arr_reason[$value['id']]['note']); $items[$value['id']]['lock_type'] = $arr_reason[$value['id']]['type']; $items[$value['id']]['time_lock'] = date("d/m/y H:i", $arr_reason[$value['id']]['time']); $items[$value['id']]['create_time_lock'] = $arr_reason[$value['id']]['time']; $items[$value['id']]['admin_name'] = $arr_reason[$value['id']]['admin_name']; } else { $items[$value['id']]['lock_reason'] = ''; $items[$value['id']]['lock_type'] = ''; $items[$value['id']]['time_lock'] = ''; $items[$value['id']]['create_time_lock'] = 0; $items[$value['id']]['admin_name'] = ''; } } //end lay ly do khoa nick if ($od_dir == 'ASC') { $od_dir = 'DESC'; } else { $od_dir = 'ASC'; } $href_id = Url::build_all(array('chk_id', 'del_all', 'cmd', 'id', 'lock_die_all', 'hd_ac'), 'order_by=id&order_dir=' . $od_dir); $href_name = Url::build_all(array('chk_id', 'del_all', 'cmd', 'id', 'lock_die_all', 'hd_ac'), 'order_by=name&order_dir=' . $od_dir); $href_up = Url::build_all(array('chk_id', 'del_all', 'cmd', 'id', 'lock_die_all', 'hd_ac'), 'order_by=up&order_dir=' . $od_dir); $href_time = Url::build_all(array('chk_id', 'del_all', 'cmd', 'id', 'lock_die_all', 'hd_ac'), 'order_by=time&order_dir=' . $od_dir); $img_id = '<img src="style/images/admin/downarrow.png" alt="">'; //default $img_name = ''; $img_up = ''; $img_time = ''; if ($od_by == 'id') { $img_id = '<img src="style/images/admin/' . ($od_dir != 'DESC' ? 'down' : 'up') . 'arrow.png" alt="">'; } if ($od_by == 'name') { $img_name = '<img src="style/images/admin/' . ($od_dir != 'DESC' ? 'down' : 'up') . 'arrow.png" alt="">'; $img_id = ''; } if ($od_by == 'up') { $img_up = '<img src="style/images/admin/' . ($od_dir != 'DESC' ? 'down' : 'up') . 'arrow.png" alt="">'; $img_id = ''; } if ($od_by == 'time') { $img_time = '<img src="style/images/admin/' . ($od_dir != 'DESC' ? 'down' : 'up') . 'arrow.png" alt="">'; $img_id = ''; } // neu show cac thanh vien bi khoa, se sap xep theo thoi diem khoa hien tai giam dan if (Url::get('block') == 1) { usort($items, array("ListUserAdminForm", "cmp")); } $display->add('img_id', $img_id); $display->add('img_name', $img_name); $display->add('img_up', $img_up); $display->add('img_time', $img_time); $display->add('href_id', $href_id); $display->add('href_name', $href_name); $display->add('href_up', $href_up); $display->add('href_time', $href_time); $display->add('total_account', $total); $display->add('limit_date', BAN_NICK_DATE); $display->add('items', $items); $display->add('cid', $cid); //System::debug($items); $display->add('paging', $paging); $display->add('is_root', User::is_root()); $display->output('list'); $this->endForm(); }
/** * start a root session. * * @author KnowledgeTree Team * @access public * @return object $session The KTAPI_SystemSession */ public function &start_system_session($username = null) { if (is_null($username)) { $user = User::get(1); } else { $user = User::getByUserName($username); } if (PEAR::isError($user)) { return new PEAR_Error('Username invalid'); } $session =& new KTAPI_SystemSession($this, $user); $this->session =& $session; return $session; }
<?php require_once "../../config/dmsDefaults.php"; require_once KT_LIB_DIR . '/authentication/authenticationsource.inc.php'; require_once KT_LIB_DIR . '/authentication/authenticationproviderregistry.inc.php'; $oSource = KTAuthenticationSource::get(2); $sProvider = $oSource->getAuthenticationProvider(); $oRegistry = KTAuthenticationProviderRegistry::getSingleton(); $oProvider =& $oRegistry->getAuthenticationProvider($sProvider); $oAuthenticator = $oProvider->getAuthenticator($oSource); $oUser = User::getByUserName('nbm'); $foo = $oAuthenticator->checkPassword($oUser, 'asdfa'); var_dump($foo);
/** * @depends testCreateAndGetMissionById */ public function testAddingComments() { $missions = Mission::getAll(); $this->assertEquals(1, count($missions)); $mission = $missions[0]; $steven = User::getByUserName('steven'); $super = User::getByUsername('super'); $latestStamp = $mission->latestDateTime; //latestDateTime should not change when just saving the mission $this->assertTrue($mission->save()); $this->assertEquals($latestStamp, $mission->latestDateTime); sleep(2); // Sleeps are bad in tests, but I need some time to pass //Add comment, this should update the latestDateTime, //and also it should mark takenByUser as not read latest $comment = new Comment(); $comment->description = 'This is my first comment'; $mission->comments->add($comment); $this->assertTrue($mission->save()); $this->assertNotEquals($latestStamp, $mission->latestDateTime); $this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $steven)); //super made the comment, so this should remain the same. $this->assertTrue(MissionsUtil::hasUserReadMissionLatest($mission, $super)); //have steven make the comment. Now the owner HasReadLatest, //and takenByUser HasNotReadLatest Yii::app()->user->userModel = $steven; $mission = Mission::getById($mission->id); $comment = new Comment(); $comment->description = 'This is steven`\\s first comment'; $mission->comments->add($comment); $this->assertTrue($mission->save()); $this->assertFalse(MissionsUtil::hasUserReadMissionLatest($mission, $super)); }
/** * Using the username, the user is resolved. * * @author KnowledgeTree Team * @access public * @static * @param string $username * @return KTAPI_User Returns null if there is no match. */ public static function getByUsername($username) { $user = User::getByUserName($username); if (PEAR::isError($user)) { return $user; } return new KTAPI_User($user); }
function do_createUser() { // FIXME generate and pass the error stack to adduser. $old_search = KTUtil::arrayGet($_REQUEST, 'old_search'); $aErrorOptions = array('redirect_to' => array('addUser', sprintf('old_search=%s&do_search=1', $old_search))); $aInputKeys = array('newusername', 'name', 'email_address', 'email_notifications', 'mobile_number', 'max_sessions'); $this->persistParams($aInputKeys); $username = $this->oValidator->validateString(KTUtil::arrayGet($_REQUEST, 'newusername'), KTUtil::meldOptions($aErrorOptions, array('message' => _kt("You must specify a new username.")))); $name = $this->oValidator->validateString(KTUtil::arrayGet($_REQUEST, 'name'), KTUtil::meldOptions($aErrorOptions, array('message' => _kt("You must provide a name")))); $email_address = KTUtil::arrayGet($_REQUEST, 'email_address'); $email_notifications = KTUtil::arrayGet($_REQUEST, 'email_notifications', false); if ($email_notifications !== false) { $email_notifications = true; } $mobile_number = KTUtil::arrayGet($_REQUEST, 'mobile_number'); $max_sessions = $this->oValidator->validateInteger(KTUtil::arrayGet($_REQUEST, 'max_sessions'), KTUtil::meldOptions($aErrorOptions, array('message' => _kt("You must specify a numeric value for maximum sessions.")))); $password = KTUtil::arrayGet($_REQUEST, 'new_password'); $confirm_password = KTUtil::arrayGet($_REQUEST, 'confirm_password'); $KTConfig =& KTConfig::getSingleton(); $minLength = (int) $KTConfig->get('user_prefs/passwordLength', 6); $restrictAdmin = (bool) $KTConfig->get('user_prefs/restrictAdminPasswords', false); if ($restrictAdmin && strlen($password) < $minLength) { $this->errorRedirectTo('addUser', sprintf(_kt("The password must be at least %d characters long."), $minLength), sprintf("old_search=%s&do_search=1", $old_search)); } else { if (empty($password)) { $this->errorRedirectTo('addUser', _kt("You must specify a password for the user."), sprintf("old_search=%s&do_search=1", $old_search)); } else { if ($password !== $confirm_password) { $this->errorRedirectTo('addUser', _kt("The passwords you specified do not match."), sprintf("old_search=%s&do_search=1", $old_search)); } } } if (preg_match('/[\\!\\$\\#\\%\\^\\&\\*]/', $username)) { $this->errorRedirectTo('addUser', _kt("You have entered an invalid character in your username.")); } if (preg_match('/[\\!\\$\\#\\%\\^\\&\\*]/', $name)) { $this->errorRedirectTo('addUser', _kt("You have entered an invalid character in your name.")); } $dupUser =& User::getByUserName($username); if (!PEAR::isError($dupUser)) { $this->errorRedirectTo('addUser', _kt("A user with that username already exists")); } $oUser =& User::createFromArray(array("sUsername" => $username, "sName" => $name, "sPassword" => md5($password), "iQuotaMax" => 0, "iQuotaCurrent" => 0, "sEmail" => $email_address, "bEmailNotification" => $email_notifications, "sMobile" => $mobile_number, "bSmsNotification" => false, "iMaxSessions" => $max_sessions)); if (PEAR::isError($oUser) || $oUser == false) { $this->errorRedirectToMain(_kt("failed to create user."), sprintf("old_search=%s&do_search=1", $old_search)); exit(0); } $this->successRedirectToMain(_kt('Created new user') . ': ' . $oUser->getUsername(), 'name=' . $oUser->getUsername(), sprintf("old_search=%s&do_search=1", $old_search)); }
/** * testGetNextLayoutId */ public function testCreateDashboardFromPost() { $user = User::getByUserName('billy'); Yii::app()->user->userModel = $user; $dashboard = new Dashboard(); $dashboard->owner = $user; $dashboard->layoutId = Dashboard::getNextLayoutId(); $fakePost = array('name' => 'abc123', 'layoutType' => '50,50'); $dashboard->setAttributes($fakePost); $dashboard->validate(); $this->assertEquals(array(), $dashboard->getErrors()); $this->assertTrue($dashboard->save()); }
public function testSummationResolveReportByWizardPostData() { $bobby = User::getByUserName('bobby'); $wizardFormClassName = 'SummationReportWizardForm'; $report = new Report(); $report->setType(Report::TYPE_SUMMATION); $data = array(); $data['moduleClassName'] = 'ReportsTestModule'; $data['description'] = 'a description'; $data['name'] = 'name'; $data['filtersStructure'] = '1 AND 2'; $data['ownerId'] = $bobby->id; $data['currencyConversionType'] = Report::CURRENCY_CONVERSION_TYPE_SPOT; $data['spotConversionCurrencyCode'] = 'EUR'; $data[ComponentForReportForm::TYPE_FILTERS][] = array('attributeIndexOrDerivedType' => 'date', 'valueType' => 'Between', 'value' => '2/24/2012', 'secondValue' => '2/28/2012'); $data[ComponentForReportForm::TYPE_ORDER_BYS][] = array('attributeIndexOrDerivedType' => 'string', 'order' => 'desc'); $data[ComponentForReportForm::TYPE_DISPLAY_ATTRIBUTES][] = array('attributeIndexOrDerivedType' => 'phone', 'label' => 'custom'); $data[ComponentForReportForm::TYPE_DRILL_DOWN_DISPLAY_ATTRIBUTES][] = array('attributeIndexOrDerivedType' => 'string', 'label' => 'custom string'); $data[ComponentForReportForm::TYPE_GROUP_BYS][] = array('attributeIndexOrDerivedType' => 'string', 'axis' => 'y'); $data['ChartForReportForm'] = array('type' => ChartRules::TYPE_BAR_2D, 'firstSeries' => 'string', 'firstRange' => 'integer__Maximum'); DataToReportUtil::resolveReportByWizardPostData($report, array('SummationReportWizardForm' => $data), $wizardFormClassName); $this->assertEquals('ReportsTestModule', $report->getModuleClassName()); $this->assertEquals('a description', $report->getDescription()); $this->assertEquals('name', $report->getName()); $this->assertEquals('1 AND 2', $report->getFiltersStructure()); $this->assertEquals($bobby->id, $report->getOwner()->id); $this->assertEquals(Report::CURRENCY_CONVERSION_TYPE_SPOT, $report->getCurrencyConversionType()); $this->assertEquals('EUR', $report->getSpotConversionCurrencyCode()); $filters = $report->getFilters(); $this->assertCount(1, $filters); $this->assertEquals('date', $filters[0]->getAttributeIndexOrDerivedType()); $this->assertEquals('Between', $filters[0]->valueType); $this->assertEquals('2012-02-24', $filters[0]->value); $this->assertEquals('2012-02-28', $filters[0]->secondValue); $orderBys = $report->getOrderBys(); $this->assertCount(1, $orderBys); $this->assertEquals('string', $orderBys[0]->getAttributeIndexOrDerivedType()); $this->assertEquals('desc', $orderBys[0]->order); $displayAttributes = $report->getDisplayAttributes(); $this->assertCount(1, $displayAttributes); $this->assertEquals('phone', $displayAttributes[0]->getAttributeIndexOrDerivedType()); $this->assertEquals('custom', $displayAttributes[0]->label); $groupBys = $report->getGroupBys(); $this->assertCount(1, $groupBys); $this->assertEquals('string', $groupBys[0]->getAttributeIndexOrDerivedType()); $this->assertEquals('y', $groupBys[0]->axis); $drillDownDisplayAttributes = $report->getDrillDownDisplayAttributes(); $this->assertCount(1, $drillDownDisplayAttributes); $this->assertEquals('string', $drillDownDisplayAttributes[0]->getAttributeIndexOrDerivedType()); $this->assertEquals('custom string', $drillDownDisplayAttributes[0]->label); $chart = $report->getChart(); $this->assertEquals(ChartRules::TYPE_BAR_2D, $chart->type); $this->assertEquals('string', $chart->firstSeries); $this->assertEquals('integer__Maximum', $chart->firstRange); }
/** * @depends testSavePortlet */ public function testBooleanSaveValueMatchesBooleanRetrieveValue() { $user = User::getByUserName('billy'); $portlet = new Portlet(); $portlet->column = 1; $portlet->position = 1; $portlet->layoutId = 'Test'; $portlet->collapsed = true; $portlet->viewType = 'RssReader'; $portlet->user = $user; $this->assertTrue($portlet->save()); $portlet = Portlet::getById($portlet->id); $this->assertEquals(1, $portlet->collapsed); }
/** * Changes the owner of a document and updates its permissions. * * @author KnowledgeTree Team * @access public * @param string $newusername The username of the new owner * @param string $reason The reason for changing the owner * @return void|PEAR_Error Returns nothing on success | a PEAR_Error on failure */ function change_owner($newusername, $reason = 'Changing of owner.') { $user = $this->can_user_access_object_requiring_permission($this->document, KTAPI_PERMISSION_CHANGE_OWNERSHIP); if (PEAR::isError($user)) { return $user; } DBUtil::startTransaction(); $user =& User::getByUserName($newusername); if (is_null($user) || PEAR::isError($user)) { return new KTAPI_Error('User could not be found', $user); } $newuserid = $user->getId(); $this->document->setOwnerID($newuserid); $res = $this->document->update(); if (PEAR::isError($res)) { DBUtil::rollback(); return new KTAPI_Error(KTAPI_ERROR_INTERNAL_ERROR, $res); } $res = KTPermissionUtil::updatePermissionLookup($this->document); if (PEAR::isError($res)) { DBUtil::rollback(); return new KTAPI_Error(KTAPI_ERROR_INTERNAL_ERROR, $res); } $oDocumentTransaction = new DocumentTransaction($this->document, $reason, 'ktcore.transactions.permissions_change'); $res = $oDocumentTransaction->create(); if ($res === false || PEAR::isError($res)) { DBUtil::rollback(); return new KTAPI_Error(KTAPI_ERROR_INTERNAL_ERROR, $res); } DBUtil::commit(); }
<?php require_once "../../config/dmsDefaults.php"; require_once KT_LIB_DIR . '/authentication/authenticationutil.inc.php'; $oUser =& User::getByUserName('nbm2'); if (0) { $foo = KTAuthenticationUtil::checkPassword($oUser, 'asdf'); var_dump($foo); } else { $foo = KTAuthenticationUtil::checkPassword($oUser, 'asdjasdjk'); var_dump($foo); }