diff --git a/core/trunk/core/class/class_core_tools.php b/core/trunk/core/class/class_core_tools.php
index 03b00aa3b417e7eda4264f0b302f8352d74eec67..b47e9c04625166384db38b7d4a87dee49ba93c62 100644
--- a/core/trunk/core/class/class_core_tools.php
+++ b/core/trunk/core/class/class_core_tools.php
@@ -406,7 +406,7 @@ class core_tools extends functions
}
$tmp = htmlentities ( $tmp,ENT_COMPAT, 'UTF-8', true); // Encodes
?>
- <li id="<?php echo $menu[$i]['style'];?>" onmouseover="this.className='on';" onmouseout="this.className='';"><a href="#" onclick="window.open('<?php echo $tmp;?>', '<?php if($menu[$i]['target'] <> ''){echo $menu[$i]['target'];}else{echo '_self';}?>');"><span><span class="menu_item"><?php echo trim($menu[$i]['libconst']);?></span></span></a></li>
+ <li id="<?php echo $menu[$i]['style'];?>" onmouseover="this.className='on';" onmouseout="this.className='';"><a href="#" onclick="window.open('<?php echo $tmp;?>', '<?php if(isset($menu[$i]['target']) && $menu[$i]['target'] <> ''){echo $menu[$i]['target'];}else{echo '_self';}?>');"><span><span class="menu_item"><?php echo trim($menu[$i]['libconst']);?></span></span></a></li>
<?php
}
}
@@ -697,7 +697,7 @@ class core_tools extends functions
{
for($i=0;$i < count($modules_services[$id_module]);$i++)
{
- if($modules_services[$id_module][$i]['id'] == $id_service)
+ if($modules_services[$id_module][$i]['id'] == $id_service && isset($modules_services[$id_module][$i]['whereamiused']))
{
for($k=0; $k < count($modules_services[$id_module][$i]['whereamiused']);$k++)
{
@@ -760,76 +760,81 @@ class core_tools extends functions
else
{
$tab_view = array();
- foreach(array_keys($modules_services) as $value)
+ if(isset($modules_services))
{
- for($i=0;$i<count($modules_services[$value]);$i++)
+ foreach(array_keys($modules_services) as $value)
{
- if(isset($modules_services[$value][$i]['whereamiused']))
+ if(isset($modules_services[$value]))
{
- for($k=0;$k<count($modules_services[$value][$i]['whereamiused']);$k++)
+ for($i=0;$i<count($modules_services[$value]);$i++)
{
- if($modules_services[$value][$i]['whereamiused'][$k]['page'] == $whereami )
+ if(isset($modules_services[$value][$i]) && isset($modules_services[$value][$i]['whereamiused']))
{
- if($modules_services[$value][$i]['whereamiused'][$k]['nature'] == "frame" && $_SESSION['user']['services'][$modules_services[$value][$i]['id']] && ($servicenature == "all" || $servicenature == "frame") && !in_array($modules_services[$value][$i]['id'], $executed_services))
+ for($k=0;$k<count($modules_services[$value][$i]['whereamiused']);$k++)
{
- array_push($executed_services,$modules_services[$value][$i]['id']);
-
- if (isset($modules_services[$value][$i]['whereamiused'][$k]['frame_id']) && !empty($modules_services[$value][$i]['whereamiused'][$k]['frame_id'])) { $name = 'name="'.$modules_services[$value][$i]['whereamiused'][$k]['frame_id'].'"';}
- if (isset($modules_services[$value][$i]['whereamiused'][$k]['frame_id']) && !empty($modules_services[$value][$i]['whereamiused'][$k]['frame_id'])) { $id = 'id="'.$modules_services[$value][$i]['whereamiused'][$k]['frame_id'].'"'; }
- if (isset($modules_services[$value][$i]['whereamiused'][$k]['width']) && strlen($modules_services[$value][$i]['whereamiused'][$k]['width']) >0) { $width = 'width="'.$modules_services[$value][$i]['whereamiused'][$k]['width'].'" '; }
- if (isset($modules_services[$value][$i]['whereamiused'][$k]['height']) && strlen($modules_services[$value][$i]['whereamiused'][$k]['height']) > 0) { $height = 'height="'.$modules_services[$value][$i]['whereamiused'][$k]['height'].'"'; }
- if (isset($modules_services[$value][$i]['whereamiused'][$k]['border']) && strlen($modules_services[$value][$i]['whereamiused'][$k]['border']) > 0) { $frameborder = 'frameborder="'.$modules_services[$value][$i]['whereamiused'][$k]['border'].'" '; }
- if (isset($modules_services[$value][$i]['whereamiused'][$k]['scrolling']) && !empty($modules_services[$value][$i]['whereamiused'][$k]['scrolling'])) { $scrolling = 'scrolling="'.$modules_services[$value][$i]['whereamiused'][$k]['scrolling'].'"'; }
- if (isset($modules_services[$value][$i]['whereamiused'][$k]['style']) && !empty($modules_services[$value][$i]['whereamiused'][$k]['style'])) { $style = 'style="'.$modules_services[$value][$i]['whereamiused'][$k]['style'].'"'; }
-
- $str_iframe = '<iframe src="'.$_SESSION['config']['businessappurl'].'index.php?display=true&module='.$value.'&page='.$modules_services[$value][$i]['servicepage'].'" '.$name.' '.$id.' '.$width.' '.$height.' '.$frameborder.' '.$scrolling.' '.$style.'></iframe>';
-
- return $str_iframe;
-
- }
- elseif($modules_services[$value][$i]['whereamiused'][$k]['nature'] == "tab" && $_SESSION['user']['services'][$modules_services[$value][$i]['id']] && ($servicenature == "tab") && !in_array($modules_services[$value][$i]['id'], $executed_services))
- {
- array_push($executed_services,$modules_services[$value][$i]['id']);
- $tab_label = $modules_services[$value][$i]['whereamiused'][$k]['tab_label'];
- $tab_order = $modules_services[$value][$i]['whereamiused'][$k]['tab_order'];
-
- $frame_src = $_SESSION['config']['businessappurl'].'index.php?display=true&module='.$value."&page=".$modules_services[$value][$i]['servicepage'];
- //$frame_src = $_SESSION['urltomodules'].$value."/".$modules_services[$value][$i]['servicepage'];
- $tab_view[$tab_order]['tab_label'] = $this->retrieve_constant_lang($tab_label, $_SESSION['modules_loaded'][$value]['path'].'lang'.DIRECTORY_SEPARATOR.$_SESSION['config']['lang'].".php");
- $tab_view[$tab_order]['frame_src'] = $frame_src;
- }
- elseif($modules_services[$value][$i]['whereamiused'][$k]['nature'] == "popup" && $_SESSION['user']['services'][$modules_services[$value][$i]['id']] && ($servicenature == "all" || $servicenature == "popup") && !in_array($modules_services[$value][$i]['id'], $executed_services))
- {
- array_push($executed_services,$modules_services[$value][$i]['id']);
- echo $modules_services[$value][$i]['name'];
- ?>
- <br />
- <a href='<?php echo $_SESSION['config']['businessappurl'].'index.php?display=true&module='.$value."&page=".$modules_services[$value][$i]['servicepage'];?>' target='_blank'><?php echo _ACCESS_TO_SERVICE;?></a><br /><br />
- <?php
- }
- elseif($modules_services[$value][$i]['whereamiused'][$k]['nature'] == "button" && $_SESSION['user']['services'][$modules_services[$value][$i]['id']]&& ($servicenature == "all" || $servicenature == "button") && !in_array($modules_services[$value][$i]['id'], $executed_services))
- {
- array_push($executed_services,$modules_services[$value][$i]['id']);
- $tmp = $modules_services[$value][$i]['whereamiused'][$k]['button_label'];
- $tmp2 = $this->retrieve_constant_lang($modules_services[$value][$i]['whereamiused'][$k]['button_label'], $_SESSION['modules_loaded'][$value]['path'].'lang'.DIRECTORY_SEPARATOR.$_SESSION['config']['lang'].".php");
- if($tmp2 <> false)
+ if(isset($modules_services[$value][$i]['whereamiused'][$k]['page'] ) && $modules_services[$value][$i]['whereamiused'][$k]['page'] == $whereami )
{
- $tmp = $tmp2;
+ if($modules_services[$value][$i]['whereamiused'][$k]['nature'] == "frame" && $_SESSION['user']['services'][$modules_services[$value][$i]['id']] && ($servicenature == "all" || $servicenature == "frame") && !in_array($modules_services[$value][$i]['id'], $executed_services))
+ {
+ array_push($executed_services,$modules_services[$value][$i]['id']);
+
+ if (isset($modules_services[$value][$i]['whereamiused'][$k]['frame_id']) && !empty($modules_services[$value][$i]['whereamiused'][$k]['frame_id'])) { $name = 'name="'.$modules_services[$value][$i]['whereamiused'][$k]['frame_id'].'"';}
+ if (isset($modules_services[$value][$i]['whereamiused'][$k]['frame_id']) && !empty($modules_services[$value][$i]['whereamiused'][$k]['frame_id'])) { $id = 'id="'.$modules_services[$value][$i]['whereamiused'][$k]['frame_id'].'"'; }
+ if (isset($modules_services[$value][$i]['whereamiused'][$k]['width']) && strlen($modules_services[$value][$i]['whereamiused'][$k]['width']) >0) { $width = 'width="'.$modules_services[$value][$i]['whereamiused'][$k]['width'].'" '; }
+ if (isset($modules_services[$value][$i]['whereamiused'][$k]['height']) && strlen($modules_services[$value][$i]['whereamiused'][$k]['height']) > 0) { $height = 'height="'.$modules_services[$value][$i]['whereamiused'][$k]['height'].'"'; }
+ if (isset($modules_services[$value][$i]['whereamiused'][$k]['border']) && strlen($modules_services[$value][$i]['whereamiused'][$k]['border']) > 0) { $frameborder = 'frameborder="'.$modules_services[$value][$i]['whereamiused'][$k]['border'].'" '; }
+ if (isset($modules_services[$value][$i]['whereamiused'][$k]['scrolling']) && !empty($modules_services[$value][$i]['whereamiused'][$k]['scrolling'])) { $scrolling = 'scrolling="'.$modules_services[$value][$i]['whereamiused'][$k]['scrolling'].'"'; }
+ if (isset($modules_services[$value][$i]['whereamiused'][$k]['style']) && !empty($modules_services[$value][$i]['whereamiused'][$k]['style'])) { $style = 'style="'.$modules_services[$value][$i]['whereamiused'][$k]['style'].'"'; }
+
+ $str_iframe = '<iframe src="'.$_SESSION['config']['businessappurl'].'index.php?display=true&module='.$value.'&page='.$modules_services[$value][$i]['servicepage'].'" '.$name.' '.$id.' '.$width.' '.$height.' '.$frameborder.' '.$scrolling.' '.$style.'></iframe>';
+
+ return $str_iframe;
+
+ }
+ elseif($modules_services[$value][$i]['whereamiused'][$k]['nature'] == "tab" && $_SESSION['user']['services'][$modules_services[$value][$i]['id']] && ($servicenature == "tab") && !in_array($modules_services[$value][$i]['id'], $executed_services))
+ {
+ array_push($executed_services,$modules_services[$value][$i]['id']);
+ $tab_label = $modules_services[$value][$i]['whereamiused'][$k]['tab_label'];
+ $tab_order = $modules_services[$value][$i]['whereamiused'][$k]['tab_order'];
+
+ $frame_src = $_SESSION['config']['businessappurl'].'index.php?display=true&module='.$value."&page=".$modules_services[$value][$i]['servicepage'];
+ //$frame_src = $_SESSION['urltomodules'].$value."/".$modules_services[$value][$i]['servicepage'];
+ $tab_view[$tab_order]['tab_label'] = $this->retrieve_constant_lang($tab_label, $_SESSION['modules_loaded'][$value]['path'].'lang'.DIRECTORY_SEPARATOR.$_SESSION['config']['lang'].".php");
+ $tab_view[$tab_order]['frame_src'] = $frame_src;
+ }
+ elseif($modules_services[$value][$i]['whereamiused'][$k]['nature'] == "popup" && $_SESSION['user']['services'][$modules_services[$value][$i]['id']] && ($servicenature == "all" || $servicenature == "popup") && !in_array($modules_services[$value][$i]['id'], $executed_services))
+ {
+ array_push($executed_services,$modules_services[$value][$i]['id']);
+ echo $modules_services[$value][$i]['name'];
+ ?>
+ <br />
+ <a href='<?php echo $_SESSION['config']['businessappurl'].'index.php?display=true&module='.$value."&page=".$modules_services[$value][$i]['servicepage'];?>' target='_blank'><?php echo _ACCESS_TO_SERVICE;?></a><br /><br />
+ <?php
+ }
+ elseif($modules_services[$value][$i]['whereamiused'][$k]['nature'] == "button" && $_SESSION['user']['services'][$modules_services[$value][$i]['id']]&& ($servicenature == "all" || $servicenature == "button") && !in_array($modules_services[$value][$i]['id'], $executed_services))
+ {
+ array_push($executed_services,$modules_services[$value][$i]['id']);
+ $tmp = $modules_services[$value][$i]['whereamiused'][$k]['button_label'];
+ $tmp2 = $this->retrieve_constant_lang($modules_services[$value][$i]['whereamiused'][$k]['button_label'], $_SESSION['modules_loaded'][$value]['path'].'lang'.DIRECTORY_SEPARATOR.$_SESSION['config']['lang'].".php");
+ if($tmp2 <> false)
+ {
+ $tmp = $tmp2;
+ }
+ ?>
+ <input type="button" name="<?php echo $modules_services[$value][$i]['id'];?>" value="<?php echo $tmp;?>" onclick="window.open('<?php echo $_SESSION['config']['businessappurl'].'index.php?display=true&module='.$id_module."&page=".$modules_services[$id_module][$i]['servicepage'];?>', '<?php echo $modules_services[$value][$i]['id'];?>','width=<?php echo $modules_services[$value][$i]['whereamiused'][$k]['width'];?>,height=<?php echo $modules_services[$value][$i]['whereamiused'][$k]['height'];?>,scrollbars=yes,resizable=yes' );" class="button" /><br/>
+ <?php
+ }
+ elseif($modules_services[$value][$i]['whereamiused'][$k]['nature'] == "include" && $_SESSION['user']['services'][$modules_services[$value][$i]['id']] && ($servicenature == "all" || $servicenature == "include") && !in_array($modules_services[$value][$i]['id'], $executed_services))
+ {
+ array_push($executed_services,$modules_services[$value][$i]['id']);
+ include('modules'.DIRECTORY_SEPARATOR.$value.DIRECTORY_SEPARATOR.$modules_services[$value][$i]['servicepage']);
+ }
}
- ?>
- <input type="button" name="<?php echo $modules_services[$value][$i]['id'];?>" value="<?php echo $tmp;?>" onclick="window.open('<?php echo $_SESSION['config']['businessappurl'].'index.php?display=true&module='.$id_module."&page=".$modules_services[$id_module][$i]['servicepage'];?>', '<?php echo $modules_services[$value][$i]['id'];?>','width=<?php echo $modules_services[$value][$i]['whereamiused'][$k]['width'];?>,height=<?php echo $modules_services[$value][$i]['whereamiused'][$k]['height'];?>,scrollbars=yes,resizable=yes' );" class="button" /><br/>
- <?php
- }
- elseif($modules_services[$value][$i]['whereamiused'][$k]['nature'] == "include" && $_SESSION['user']['services'][$modules_services[$value][$i]['id']] && ($servicenature == "all" || $servicenature == "include") && !in_array($modules_services[$value][$i]['id'], $executed_services))
- {
- array_push($executed_services,$modules_services[$value][$i]['id']);
- include('modules'.DIRECTORY_SEPARATOR.$value.DIRECTORY_SEPARATOR.$modules_services[$value][$i]['servicepage']);
}
}
}
- }
+ } //print_r($executed_services);
}
- //print_r($executed_services);
}
// $this->show_array($executed_services);
if($servicenature == "tab")
@@ -1338,11 +1343,14 @@ class core_tools extends functions
if($module == "apps")
{
$system = false;
- for($i=0; $i< count($_SESSION['apps_services']); $i++)
+ if(isset($_SESSION['apps_services']))
{
- if($_SESSION['apps_services'][$i]['system_service'])
+ for($i=0; $i< count($_SESSION['apps_services']); $i++)
{
- return true;
+ if($_SESSION['apps_services'][$i]['system_service'])
+ {
+ return true;
+ }
}
}
}
diff --git a/core/trunk/core/class/class_security.php b/core/trunk/core/class/class_security.php
index eb0e5cec79ca85673ed41d1f14cac33a77f19607..af7832f0f1c4e1645843e5bff672bd00e3152d1f 100644
--- a/core/trunk/core/class/class_security.php
+++ b/core/trunk/core/class/class_security.php
@@ -46,589 +46,593 @@ require_once("core/where_targets.php");
class security extends dbquery
{
- /**
- * Gets the indice of the collection in the $_SESSION['collections'] array
- *
- * @param $coll_id string Collection identifier
- * @return integer Indice of the collection in the $_SESSION['collections'] or -1 if not found
- */
- public function get_ind_collection($coll_id)
- {
- for($i=0;$i< count($_SESSION['collections']); $i++)
- {
- if(trim($_SESSION['collections'][$i]['id']) == trim($coll_id))
- {
- return $i;
- }
- }
- return -1;
- }
-
-
- /**
- * Logs a user
- *
- * @param $s_login string User login
- * @param $pass string User password
- */
- public function login($s_login,$pass, $method = false)
- {
- require_once('core/class/users_controler.php');
- if ($this->test_column($_SESSION['tablename']['users'], 'loginmode')) //Compatibility test, if loginmode column doesn't exists, Maarch can't crash
- {
- if ($method == 'activex')
- $comp =" and STATUS <> 'DEL' and loginmode = 'activex'";
- else
- $comp = " and password = '".$pass."' and STATUS <> 'DEL' and loginmode = 'standard'";
- }
- else
- $comp = " and password = '".$pass."' and STATUS <> 'DEL'";
-
- $user = users_controler::get($s_login, $comp);
-
- if(isset($user))
- {
- if($user->__get('enabled') == "Y")
- {
- require_once("core/class/usergroups_controler.php");
- require_once("core/class/ServiceControler.php");
- $_SESSION['user']['change_pass'] = $user->__get('change_password');
- $_SESSION['user']['UserId'] = $user->__get('user_id');
- $_SESSION['user']['FirstName'] = $user->__get('firstname');
- $_SESSION['user']['LastName'] = $user->__get('lastname');
- $_SESSION['user']['Phone'] = $user->__get('phone');
- $_SESSION['user']['Mail'] = $user->__get('mail');
- $_SESSION['user']['department'] = $user->__get('department');
- $_SESSION['error'] = "";
- setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$user->__get('cookie_key'),time()-3600000);
- $key = md5(time()."%".$_SESSION['user']['FirstName']."%".$_SESSION['user']['UserId']."%".$_SESSION['user']['UserId']."%".date("dmYHmi")."%");
-
- $user->__set('cookie_key', functions::protect_string_db($key));
- if ($_SESSION['config']['databasetype'] == "ORACLE")
- $user->__set('cookie_date', 'SYSDATE');
- else
- $user->__set('cookie_date',date("Y-m-d")." ".date("H:m:i"));
-
- users_controler::save($user, 'up');
- setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$key,time()+($_SESSION['config']['cookietime']*1000));
- $_SESSION['user']['primarygroup'] = usergroups_controler::getPrimaryGroup($_SESSION['user']['UserId']);
- $tmp = SecurityControler::load_security($_SESSION['user']['UserId']);
-
- $_SESSION['user']['collections'] = $tmp['collections'];
- $_SESSION['user']['security'] = $tmp['security'];
-
- ServiceControler::loadEnabledServices();
- require_once("apps".DIRECTORY_SEPARATOR.$_SESSION['config']['app_id'].DIRECTORY_SEPARATOR."class".DIRECTORY_SEPARATOR."class_business_app_tools.php");
- $business_app_tools = new business_app_tools();
- $core_tools = new core_tools();
- $business_app_tools->load_app_var_session();
- $core_tools->load_var_session($_SESSION['modules']);
- $_SESSION['user']['services'] = ServiceControler::loadUserServices($_SESSION['user']['UserId']);
- $core_tools->load_menu($_SESSION['modules']);
-
- if($_SESSION['history']['userlogin'] == "true")
- {
- //add new instance in history table for the user's connexion
- $hist = new history();
- $ip = $_SERVER['REMOTE_ADDR'];
- $navigateur = addslashes($_SERVER['HTTP_USER_AGENT']);
-
- $hist->add($_SESSION['tablename']['users'],$_SESSION['user']['UserId'],"LOGIN","IP : ".$ip.", BROWSER : ".$navigateur , $_SESSION['config']['databasetype']);
- }
-
- if($_SESSION['user']['change_pass'] == 'Y')
- {
- header("location: ".$_SESSION['config']['businessappurl']."index.php?display=true&page=change_pass");
- exit();
- }
-
- elseif(isset($_SESSION['requestUri']) && trim($_SESSION['requestUri']) <> ""&& !preg_match('/page=login/', $_SESSION['requestUri']))
- {
- header("location: ".$_SESSION['config']['businessappurl']."index.php?".$_SESSION['requestUri']);
- exit();
- }
- else
- {
- header("location: ".$_SESSION['config']['businessappurl']."index.php");
- exit();
- }
- }
- else
- {
- $_SESSION['error'] = _SUSPENDED_ACCOUNT.'. '._MORE_INFOS." <a href=\"mailto:".$_SESSION['config']['adminmail']."\">".$_SESSION['config']['adminname']."</a>";
- header("location: ".$_SESSION['config']['businessappurl']."index.php");
- exit();
- }
- }
- else
- {
-
- $_SESSION['error'] = _BAD_LOGIN_OR_PSW."…";
- header("location: ".$_SESSION['config']['businessappurl']."index.php?display=true&page=login&coreurl=".$_SESSION['config']['coreurl']);
- exit();
- }
- }
-
- /**
- * Reopens a session with the user's cookie
- *
- * @param $s_UserId string User identifier
- * @param $s_key string Cookie key
- */
- public function reopen($s_UserId,$s_key)
- {
- $this->connect();
-
- $comp = " and cookie_key = '".$s_key."' and STATUS <> 'DEL'";
-
- $user = users_controler::get($s_login, $comp);
-
- if(isset($user))
- {
- if($user->__get('enabled') == "Y")
- {
- require_once("core/class/usergroups_controler.php");
- require_once("core/class/ServiceControler.php");
- $_SESSION['user']['change_pass'] = $user->__get('change_password');
- $_SESSION['user']['UserId'] = $user->__get('user_id');
- $_SESSION['user']['FirstName'] = $user->__get('firstname');
- $_SESSION['user']['LastName'] = $user->__get('lastname');
- $_SESSION['user']['Phone'] = $user->__get('phone');
- $_SESSION['user']['Mail'] = $user->__get('mail');
- $_SESSION['user']['department'] = $user->__get('department');
- $_SESSION['error'] = "";
- setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$line->cookie_key,time()-3600000);
- $key = md5(time()."%".$_SESSION['user']['FirstName']."%".$_SESSION['user']['UserId']."%".$_SESSION['user']['UserId']."%".date("dmYHmi")."%");
-
- $user->__set('cookie_key', functions::protect_string_db($key));
- if ($_SESSION['config']['databasetype'] == "ORACLE")
- $user->__set('cookie_date', 'SYSDATE');
- else
- $user->__set('cookie_date',date("Y-m-d")." ".date("H:m:i"));
-
- users_controler::save($user, 'up');
- setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$key,time()+($_SESSION['config']['cookietime']*60));
-
- $_SESSION['user']['primarygroup'] = usergroups_controler::getPrimaryGroup($_SESSION['user']['UserId']);
-
- $tmp = SecurityControler::load_security($_SESSION['user']['UserId']);
- $_SESSION['user']['collections'] = $tmp['collections'];
- $_SESSION['user']['security'] = $tmp['security'];
- ServiceControler::loadEnabledServices();
-
- require_once("apps".DIRECTORY_SEPARATOR.$_SESSION['config']['app_id'].DIRECTORY_SEPARATOR."class".DIRECTORY_SEPARATOR."class_business_app_tools.php");
-
- $business_app_tools = new business_app_tools();
- $core_tools = new core_tools();
- $business_app_tools->load_app_var_session();
- $core_tools->load_var_session($_SESSION['modules']);
-
- $_SESSION['user']['services'] = ServiceControler::loadUserServices($_SESSION['user']['UserId']);
- $core_tools->load_menu($_SESSION['modules']);
+ /**
+ * Gets the indice of the collection in the $_SESSION['collections'] array
+ *
+ * @param $coll_id string Collection identifier
+ * @return integer Indice of the collection in the $_SESSION['collections'] or -1 if not found
+ */
+ public function get_ind_collection($coll_id)
+ {
+ for($i=0;$i< count($_SESSION['collections']); $i++)
+ {
+ if(trim($_SESSION['collections'][$i]['id']) == trim($coll_id))
+ {
+ return $i;
+ }
+ }
+ return -1;
+ }
+
+
+ /**
+ * Logs a user
+ *
+ * @param $s_login string User login
+ * @param $pass string User password
+ */
+ public function login($s_login,$pass, $method = false)
+ {
+ require_once('core/class/users_controler.php');
+ if ($this->test_column($_SESSION['tablename']['users'], 'loginmode')) //Compatibility test, if loginmode column doesn't exists, Maarch can't crash
+ {
+ if ($method == 'activex')
+ $comp =" and STATUS <> 'DEL' and loginmode = 'activex'";
+ else
+ $comp = " and password = '".$pass."' and STATUS <> 'DEL' and loginmode = 'standard'";
+ }
+ else
+ $comp = " and password = '".$pass."' and STATUS <> 'DEL'";
+
+ $user = users_controler::get($s_login, $comp);
+
+ if(isset($user))
+ {
+ if($user->__get('enabled') == "Y")
+ {
+ require_once("core/class/usergroups_controler.php");
+ require_once("core/class/ServiceControler.php");
+ $_SESSION['user']['change_pass'] = $user->__get('change_password');
+ $_SESSION['user']['UserId'] = $user->__get('user_id');
+ $_SESSION['user']['FirstName'] = $user->__get('firstname');
+ $_SESSION['user']['LastName'] = $user->__get('lastname');
+ $_SESSION['user']['Phone'] = $user->__get('phone');
+ $_SESSION['user']['Mail'] = $user->__get('mail');
+ $_SESSION['user']['department'] = $user->__get('department');
+ $_SESSION['error'] = "";
+ setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$user->__get('cookie_key'),time()-3600000);
+ $key = md5(time()."%".$_SESSION['user']['FirstName']."%".$_SESSION['user']['UserId']."%".$_SESSION['user']['UserId']."%".date("dmYHmi")."%");
+
+ $user->__set('cookie_key', functions::protect_string_db($key));
+ if ($_SESSION['config']['databasetype'] == "ORACLE")
+ $user->__set('cookie_date', 'SYSDATE');
+ else
+ $user->__set('cookie_date',date("Y-m-d")." ".date("H:m:i"));
+
+ users_controler::save($user, 'up');
+ setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$key,time()+($_SESSION['config']['cookietime']*1000));
+ $_SESSION['user']['primarygroup'] = usergroups_controler::getPrimaryGroup($_SESSION['user']['UserId']);
+ $tmp = SecurityControler::load_security($_SESSION['user']['UserId']);
+
+ $_SESSION['user']['collections'] = $tmp['collections'];
+ $_SESSION['user']['security'] = $tmp['security'];
+
+ ServiceControler::loadEnabledServices();
+ require_once("apps".DIRECTORY_SEPARATOR.$_SESSION['config']['app_id'].DIRECTORY_SEPARATOR."class".DIRECTORY_SEPARATOR."class_business_app_tools.php");
+ $business_app_tools = new business_app_tools();
+ $core_tools = new core_tools();
+ $business_app_tools->load_app_var_session();
+ $core_tools->load_var_session($_SESSION['modules']);
+ $_SESSION['user']['services'] = ServiceControler::loadUserServices($_SESSION['user']['UserId']);
+ $core_tools->load_menu($_SESSION['modules']);
+
+ if($_SESSION['history']['userlogin'] == "true")
+ {
+ //add new instance in history table for the user's connexion
+ $hist = new history();
+ $ip = $_SERVER['REMOTE_ADDR'];
+ $navigateur = addslashes($_SERVER['HTTP_USER_AGENT']);
+
+ $hist->add($_SESSION['tablename']['users'],$_SESSION['user']['UserId'],"LOGIN","IP : ".$ip.", BROWSER : ".$navigateur , $_SESSION['config']['databasetype']);
+ }
+
+ if($_SESSION['user']['change_pass'] == 'Y')
+ {
+ header("location: ".$_SESSION['config']['businessappurl']."index.php?display=true&page=change_pass");
+ exit();
+ }
+
+ elseif(isset($_SESSION['requestUri']) && trim($_SESSION['requestUri']) <> ""&& !preg_match('/page=login/', $_SESSION['requestUri']))
+ {
+ header("location: ".$_SESSION['config']['businessappurl']."index.php?".$_SESSION['requestUri']);
+ exit();
+ }
+ else
+ {
+ header("location: ".$_SESSION['config']['businessappurl']."index.php");
+ exit();
+ }
+ }
+ else
+ {
+ $_SESSION['error'] = _SUSPENDED_ACCOUNT.'. '._MORE_INFOS." <a href=\"mailto:".$_SESSION['config']['adminmail']."\">".$_SESSION['config']['adminname']."</a>";
+ header("location: ".$_SESSION['config']['businessappurl']."index.php");
+ exit();
+ }
+ }
+ else
+ {
+
+ $_SESSION['error'] = _BAD_LOGIN_OR_PSW."…";
+ header("location: ".$_SESSION['config']['businessappurl']."index.php?display=true&page=login&coreurl=".$_SESSION['config']['coreurl']);
+ exit();
+ }
+ }
+
+ /**
+ * Reopens a session with the user's cookie
+ *
+ * @param $s_UserId string User identifier
+ * @param $s_key string Cookie key
+ */
+ public function reopen($s_UserId,$s_key)
+ {
+ $this->connect();
+
+ $comp = " and cookie_key = '".$s_key."' and STATUS <> 'DEL'";
+
+ $user = users_controler::get($s_login, $comp);
+
+ if(isset($user))
+ {
+ if($user->__get('enabled') == "Y")
+ {
+ require_once("core/class/usergroups_controler.php");
+ require_once("core/class/ServiceControler.php");
+ $_SESSION['user']['change_pass'] = $user->__get('change_password');
+ $_SESSION['user']['UserId'] = $user->__get('user_id');
+ $_SESSION['user']['FirstName'] = $user->__get('firstname');
+ $_SESSION['user']['LastName'] = $user->__get('lastname');
+ $_SESSION['user']['Phone'] = $user->__get('phone');
+ $_SESSION['user']['Mail'] = $user->__get('mail');
+ $_SESSION['user']['department'] = $user->__get('department');
+ $_SESSION['error'] = "";
+ setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$line->cookie_key,time()-3600000);
+ $key = md5(time()."%".$_SESSION['user']['FirstName']."%".$_SESSION['user']['UserId']."%".$_SESSION['user']['UserId']."%".date("dmYHmi")."%");
+
+ $user->__set('cookie_key', functions::protect_string_db($key));
+ if ($_SESSION['config']['databasetype'] == "ORACLE")
+ $user->__set('cookie_date', 'SYSDATE');
+ else
+ $user->__set('cookie_date',date("Y-m-d")." ".date("H:m:i"));
+
+ users_controler::save($user, 'up');
+ setcookie("maarch", "UserId=".$_SESSION['user']['UserId']."&key=".$key,time()+($_SESSION['config']['cookietime']*60));
+
+ $_SESSION['user']['primarygroup'] = usergroups_controler::getPrimaryGroup($_SESSION['user']['UserId']);
+
+ $tmp = SecurityControler::load_security($_SESSION['user']['UserId']);
+ $_SESSION['user']['collections'] = $tmp['collections'];
+ $_SESSION['user']['security'] = $tmp['security'];
+ ServiceControler::loadEnabledServices();
+
+ require_once("apps".DIRECTORY_SEPARATOR.$_SESSION['config']['app_id'].DIRECTORY_SEPARATOR."class".DIRECTORY_SEPARATOR."class_business_app_tools.php");
+
+ $business_app_tools = new business_app_tools();
+ $core_tools = new core_tools();
+ $business_app_tools->load_app_var_session();
+ $core_tools->load_var_session($_SESSION['modules']);
+
+ $_SESSION['user']['services'] = ServiceControler::loadUserServices($_SESSION['user']['UserId']);
+ $core_tools->load_menu($_SESSION['modules']);
/*
- if($_SESSION['history']['userlogin'] == "true")
- {
- //add new instance in history table for the user's connexion
- $hist = new history();
- $ip = $_SERVER['REMOTE_ADDR'];
- $navigateur = addslashes($_SERVER['HTTP_USER_AGENT']);
-
- $hist->add($_SESSION['tablename']['users'],$_SESSION['user']['UserId'],"LOGIN","IP : ".$ip.", BROWSER : ".$navigateur , $_SESSION['config']['databasetype']);
- }
+ if($_SESSION['history']['userlogin'] == "true")
+ {
+ //add new instance in history table for the user's connexion
+ $hist = new history();
+ $ip = $_SERVER['REMOTE_ADDR'];
+ $navigateur = addslashes($_SERVER['HTTP_USER_AGENT']);
+
+ $hist->add($_SESSION['tablename']['users'],$_SESSION['user']['UserId'],"LOGIN","IP : ".$ip.", BROWSER : ".$navigateur , $_SESSION['config']['databasetype']);
+ }
*/
- if($_SESSION['user']['change_pass'] == 'Y')
- {
- header("location: ".$_SESSION['config']['businessappurl']."index.php?display=true&page=change_pass");
- exit();
- }
- /*if($_SESSION['origin'] == "scan")
- {
- header("location: ../../modules/indexing_searching/index_file.php");
- exit();
- }
- elseif($_SESSION['origin'] == "files")
- {
- header("location: ../../modules/indexing_searching/index_file.php");
- exit();
- }*/
- else
- {
- header("location: ".$_SESSION['config']['businessappurl']."index.php");
- exit();
- }
- }
- else
- {
- $_SESSION['error'] = _SUSPENDED_ACCOUNT.'. '._MORE_INFOS." <a href=\"mailto:".$_SESSION['config']['adminmail']."\">".$_SESSION['config']['adminname']."</a>";
- header("location: ".$_SESSION['config']['businessappurl']."index.php");
- exit();
- }
- }
- else
- {
- $_SESSION['error'] = _ERROR;
- header("location: ".$_SESSION['config']['businessappurl']."index.php?display=true&page=login&coreurl=".$_SESSION['config']['coreurl']);
- exit();
- }
- }
-
- /******************* COLLECTION MANAGEMENT FUNCTIONS *******************/
-
- /**
- * Returns all collections where we can insert new documents (with tables)
- *
- * @return array Collections where inserts are allowed
- */
- public function retrieve_insert_collections()
- {
- $arr = array();
- for($i=0; $i<count($_SESSION['collections']);$i++)
- {
- if(isset($_SESSION['collections'][$i]['table']) && !empty($_SESSION['collections'][$i]['table']))
- {
- array_push($arr, $_SESSION['collections'][$i]);
- }
- }
- return $arr;
- }
-
- /**
- * Returns a script related to a collection
- *
- * @param $coll_id string Collection identifier
- * @param $script_name string Script name "script_add", "script_search", "script_search_result", "script_details"
- * @return string Script name or empty string if not found
- */
- public function get_script_from_coll($coll_id, $script_name)
- {
- for($i=0; $i < count($_SESSION['collections']);$i++)
- {
- if(trim($_SESSION['collections'][$i]['id']) == trim($coll_id))
- {
- return trim($_SESSION['collections'][$i][$script_name]);
- }
- }
- return '';
- }
-
- /**
- * Returns the collection identifier from a table
- *
- * @param $table string Tablename
- * @return string Collection identifier or empty string if not found
- */
- public function retrieve_coll_id_from_table($table)
- {
- for($i=0; $i<count($_SESSION['collections']);$i++)
- {
- if($_SESSION['collections'][$i]['table'] == $table)
- {
- return $_SESSION['collections'][$i]['id'];
- }
- }
- return '';
- }
-
- /**
- * Returns the collection table from a view
- *
- * @param $view string View
- * @return string Collection table or empty string if not found
- */
- public function retrieve_coll_table_from_view($view)
- {
- for($i=0; $i<count($_SESSION['collections']);$i++)
- {
- if($_SESSION['collections'][$i]['view'] == $view)
- {
- return $_SESSION['collections'][$i]['table'];
- }
- }
- return '';
- }
-
- /**
- * Returns the collection identifier from a view
- *
- * @param $view string View
- * @return string Collection identifier or empty string if not found
- */
- public function retrieve_coll_id_from_view($view)
- {
- for($i=0; $i<count($_SESSION['collections']);$i++)
- {
- if($_SESSION['collections'][$i]['view'] == $view)
- {
- return $_SESSION['collections'][$i]['id'];
- }
- }
- return '';
- }
-
-
- /**
- * Returns the view of a collection from the collection identifier
- *
- * @param string $coll_id Collection identifier
- * @return string View name or empty string if not found
- */
- public function retrieve_view_from_coll_id($coll_id)
- {
- for($i=0; $i<count($_SESSION['collections']);$i++)
- {
- if($_SESSION['collections'][$i]['id'] == $coll_id)
- {
- return $_SESSION['collections'][$i]['view'];
- }
- }
- return '';
- }
-
- /**
- * Returns the view of a collection from the table of the collection
- *
- * @param string $table Tablename
- * @return string View name or empty string if not found
- */
- public function retrieve_view_from_table($table)
- {
- for($i=0; $i<count($_SESSION['collections']);$i++)
- {
- if($_SESSION['collections'][$i]['table'] == $table)
- {
- return $_SESSION['collections'][$i]['view'];
- }
- }
- return '';
- }
-
- /**
- * Returns the table of the collection from the collection identifier
- *
- * @param string $coll_id Collection identifier
- * @return string Table name or empty string if not found
- */
- public function retrieve_table_from_coll($coll_id)
- {
- for($i=0; $i<count($_SESSION['collections']);$i++)
- {
- if($_SESSION['collections'][$i]['id'] == $coll_id)
- {
- return $_SESSION['collections'][$i]['table'];
- }
- }
- return '';
- }
-
- /**
- * Returns the table of the collection from the view of the collection
- *
- * @param string $view View
- * @return string Table name or empty string if not found
- */
- public function retrieve_table_from_view($view)
- {
- for($i=0; $i<count($_SESSION['collections']);$i++)
- {
- if($_SESSION['collections'][$i]['view'] == $view)
- {
- return $_SESSION['collections'][$i]['table'];
- }
- }
- return '';
- }
-
- /**
- * Returns the collection label from the table of the collection
- *
- * @param string $table Tablename
- * @return string Collection label or empty string if not found
- */
- public function retrieve_coll_label_from_table($table)
- {
- for($i=0; $i<count($_SESSION['collections']);$i++)
- {
- if($_SESSION['collections'][$i]['table'] == $table)
- {
- return $_SESSION['collections'][$i]['label'];
- }
- }
- return '';
- }
-
- /**
- * Returns the collection label from the collection identifier
- *
- * @param string $coll_id Collection identifier
- * @return string Collection label or empty string if not found
- */
- public function retrieve_coll_label_from_coll_id($coll_id)
- {
- for($i=0; $i<count($_SESSION['collections']);$i++)
- {
- if($_SESSION['collections'][$i]['id'] == $coll_id)
- {
- return $_SESSION['collections'][$i]['label'];
- }
- }
- return '';
- }
-
- ////////////////USER RELATED
-
- /**
- * Returns the collection identifier for the current user from the collection table (using $_SESSION['user']['security'])
- *
- * @param $table string Tablename
- * @return string Collection identifier or empty string if not found
- */
+ if($_SESSION['user']['change_pass'] == 'Y')
+ {
+ header("location: ".$_SESSION['config']['businessappurl']."index.php?display=true&page=change_pass");
+ exit();
+ }
+ /*if($_SESSION['origin'] == "scan")
+ {
+ header("location: ../../modules/indexing_searching/index_file.php");
+ exit();
+ }
+ elseif($_SESSION['origin'] == "files")
+ {
+ header("location: ../../modules/indexing_searching/index_file.php");
+ exit();
+ }*/
+ else
+ {
+ header("location: ".$_SESSION['config']['businessappurl']."index.php");
+ exit();
+ }
+ }
+ else
+ {
+ $_SESSION['error'] = _SUSPENDED_ACCOUNT.'. '._MORE_INFOS." <a href=\"mailto:".$_SESSION['config']['adminmail']."\">".$_SESSION['config']['adminname']."</a>";
+ header("location: ".$_SESSION['config']['businessappurl']."index.php");
+ exit();
+ }
+ }
+ else
+ {
+ $_SESSION['error'] = _ERROR;
+ header("location: ".$_SESSION['config']['businessappurl']."index.php?display=true&page=login&coreurl=".$_SESSION['config']['coreurl']);
+ exit();
+ }
+ }
+
+ /******************* COLLECTION MANAGEMENT FUNCTIONS *******************/
+
+ /**
+ * Returns all collections where we can insert new documents (with tables)
+ *
+ * @return array Collections where inserts are allowed
+ */
+ public function retrieve_insert_collections()
+ {
+ $arr = array();
+ for($i=0; $i<count($_SESSION['collections']);$i++)
+ {
+ if(isset($_SESSION['collections'][$i]['table']) && !empty($_SESSION['collections'][$i]['table']))
+ {
+ array_push($arr, $_SESSION['collections'][$i]);
+ }
+ }
+ return $arr;
+ }
+
+ /**
+ * Returns a script related to a collection
+ *
+ * @param $coll_id string Collection identifier
+ * @param $script_name string Script name "script_add", "script_search", "script_search_result", "script_details"
+ * @return string Script name or empty string if not found
+ */
+ public function get_script_from_coll($coll_id, $script_name)
+ {
+ for($i=0; $i < count($_SESSION['collections']);$i++)
+ {
+ if(trim($_SESSION['collections'][$i]['id']) == trim($coll_id))
+ {
+ return trim($_SESSION['collections'][$i][$script_name]);
+ }
+ }
+ return '';
+ }
+
+ /**
+ * Returns the collection identifier from a table
+ *
+ * @param $table string Tablename
+ * @return string Collection identifier or empty string if not found
+ */
+ public function retrieve_coll_id_from_table($table)
+ {
+ for($i=0; $i<count($_SESSION['collections']);$i++)
+ {
+ if($_SESSION['collections'][$i]['table'] == $table)
+ {
+ return $_SESSION['collections'][$i]['id'];
+ }
+ }
+ return '';
+ }
+
+ /**
+ * Returns the collection table from a view
+ *
+ * @param $view string View
+ * @return string Collection table or empty string if not found
+ */
+ public function retrieve_coll_table_from_view($view)
+ {
+ for($i=0; $i<count($_SESSION['collections']);$i++)
+ {
+ if($_SESSION['collections'][$i]['view'] == $view)
+ {
+ return $_SESSION['collections'][$i]['table'];
+ }
+ }
+ return '';
+ }
+
+ /**
+ * Returns the collection identifier from a view
+ *
+ * @param $view string View
+ * @return string Collection identifier or empty string if not found
+ */
+ public function retrieve_coll_id_from_view($view)
+ {
+ for($i=0; $i<count($_SESSION['collections']);$i++)
+ {
+ if($_SESSION['collections'][$i]['view'] == $view)
+ {
+ return $_SESSION['collections'][$i]['id'];
+ }
+ }
+ return '';
+ }
+
+
+ /**
+ * Returns the view of a collection from the collection identifier
+ *
+ * @param string $coll_id Collection identifier
+ * @return string View name or empty string if not found
+ */
+ public function retrieve_view_from_coll_id($coll_id)
+ {
+ for($i=0; $i<count($_SESSION['collections']);$i++)
+ {
+ if($_SESSION['collections'][$i]['id'] == $coll_id)
+ {
+ return $_SESSION['collections'][$i]['view'];
+ }
+ }
+ return '';
+ }
+
+ /**
+ * Returns the view of a collection from the table of the collection
+ *
+ * @param string $table Tablename
+ * @return string View name or empty string if not found
+ */
+ public function retrieve_view_from_table($table)
+ {
+ for($i=0; $i<count($_SESSION['collections']);$i++)
+ {
+ if($_SESSION['collections'][$i]['table'] == $table)
+ {
+ return $_SESSION['collections'][$i]['view'];
+ }
+ }
+ return '';
+ }
+
+ /**
+ * Returns the table of the collection from the collection identifier
+ *
+ * @param string $coll_id Collection identifier
+ * @return string Table name or empty string if not found
+ */
+ public function retrieve_table_from_coll($coll_id)
+ {
+ for($i=0; $i<count($_SESSION['collections']);$i++)
+ {
+ if($_SESSION['collections'][$i]['id'] == $coll_id)
+ {
+ return $_SESSION['collections'][$i]['table'];
+ }
+ }
+ return '';
+ }
+
+ /**
+ * Returns the table of the collection from the view of the collection
+ *
+ * @param string $view View
+ * @return string Table name or empty string if not found
+ */
+ public function retrieve_table_from_view($view)
+ {
+ for($i=0; $i<count($_SESSION['collections']);$i++)
+ {
+ if($_SESSION['collections'][$i]['view'] == $view)
+ {
+ return $_SESSION['collections'][$i]['table'];
+ }
+ }
+ return '';
+ }
+
+ /**
+ * Returns the collection label from the table of the collection
+ *
+ * @param string $table Tablename
+ * @return string Collection label or empty string if not found
+ */
+ public function retrieve_coll_label_from_table($table)
+ {
+ for($i=0; $i<count($_SESSION['collections']);$i++)
+ {
+ if($_SESSION['collections'][$i]['table'] == $table)
+ {
+ return $_SESSION['collections'][$i]['label'];
+ }
+ }
+ return '';
+ }
+
+ /**
+ * Returns the collection label from the collection identifier
+ *
+ * @param string $coll_id Collection identifier
+ * @return string Collection label or empty string if not found
+ */
+ public function retrieve_coll_label_from_coll_id($coll_id)
+ {
+ for($i=0; $i<count($_SESSION['collections']);$i++)
+ {
+ if($_SESSION['collections'][$i]['id'] == $coll_id)
+ {
+ return $_SESSION['collections'][$i]['label'];
+ }
+ }
+ return '';
+ }
+
+ ////////////////USER RELATED
+
+ /**
+ * Returns the collection identifier for the current user from the collection table (using $_SESSION['user']['security'])
+ *
+ * @param $table string Tablename
+ * @return string Collection identifier or empty string if not found
+ */
/*
- public function retrieve_user_coll_id($table)
- {
-
- foreach(array_keys($_SESSION['user']['security']) as $coll_id)
- {
- if($_SESSION['user']['security'][$coll_id]['DOC']['table'] == $table)
- {
- return $coll_id;
- }
- }
- return false;
- }
+ public function retrieve_user_coll_id($table)
+ {
+
+ foreach(array_keys($_SESSION['user']['security']) as $coll_id)
+ {
+ if($_SESSION['user']['security'][$coll_id]['DOC']['table'] == $table)
+ {
+ return $coll_id;
+ }
+ }
+ return false;
+ }
*/
//////////////////////// A REFAIRE
- /**
- * Return all collections where the current user can insert new documents (with table)
- *
- * @return array Array of all collections where the current user can insert new documents
- */
- public function retrieve_user_insert_coll()
- {
- $arr = array();
- for($i=0; $i<count($_SESSION['user']['security']);$i++)
- {
- if(isset($_SESSION['user']['security'][$i]['table']) && !empty( $_SESSION['user']['security'][$i]['table']) && $_SESSION['user']['security'][$i]['can_insert'] == 'Y')
- {
- $ind = $this->get_ind_collection($_SESSION['user']['security'][$i]['coll_id']);
- array_push($arr, array('coll_id'=> $_SESSION['user']['security'][$i]['coll_id'], 'label_coll' => $_SESSION['collections'][$ind]['label'] , 'table' => $_SESSION['user']['security'][$i]['table']));
- }
- }
- return $arr;
- }
-
-
- /**
- * Checks if the current user can do the action on the collection
- *
- * @param string $coll_id Collection identifier
- * @param string $action can_insert, can_update, can_delete
- * @return True if the user can do the action on the collection, False otherwise
- */
- public function collection_user_right($coll_id, $action)
- {
- $func = new functions();
- $flag = false;
- for($i=0; $i<count($_SESSION['user']['security']);$i++)
- {
- if(($_SESSION['user']['security'][$i]['coll_id'] == $coll_id) && $_SESSION['user']['security'][$i][$action] == 'Y')
- {
- $flag = true;
- }
- }
- return $flag;
- }
+ /**
+ * Return all collections where the current user can insert new documents (with table)
+ *
+ * @return array Array of all collections where the current user can insert new documents
+ */
+ public function retrieve_user_insert_coll()
+ {
+ $arr = array();
+ for($i=0; $i<count($_SESSION['user']['security']);$i++)
+ {
+ if(isset($_SESSION['user']['security'][$i]['table']) && !empty( $_SESSION['user']['security'][$i]['table']) && $_SESSION['user']['security'][$i]['can_insert'] == 'Y')
+ {
+ $ind = $this->get_ind_collection($_SESSION['user']['security'][$i]['coll_id']);
+ array_push($arr, array('coll_id'=> $_SESSION['user']['security'][$i]['coll_id'], 'label_coll' => $_SESSION['collections'][$ind]['label'] , 'table' => $_SESSION['user']['security'][$i]['table']));
+ }
+ }
+ return $arr;
+ }
+
+
+ /**
+ * Checks if the current user can do the action on the collection
+ *
+ * @param string $coll_id Collection identifier
+ * @param string $action can_insert, can_update, can_delete
+ * @return True if the user can do the action on the collection, False otherwise
+ */
+ public function collection_user_right($coll_id, $action)
+ {
+ if(!isset($coll_id))
+ {
+ return false;
+ }
+ $func = new functions();
+ $flag = false;
+ for($i=0; $i<count($_SESSION['user']['security']);$i++)
+ {
+ if(($_SESSION['user']['security'][$i]['coll_id'] == $coll_id) && $_SESSION['user']['security'][$i][$action] == 'Y')
+ {
+ $flag = true;
+ }
+ }
+ return $flag;
+ }
/////////////////////////////
- /**
- * Returns where clause of the collection for the current user from the collection identifier
- *
- * @param $coll_id string Collection identifier
- * @return string Collection where clause or empty string if not found or the where clause is empty
- */
- public function get_where_clause_from_coll_id($coll_id)
- {
- if(isset($_SESSION['user']['security'][$coll_id]['DOC']['where']))
- {
- return $_SESSION['user']['security'][$coll_id]['DOC']['where'];
- }
- return '';
- }
-
- /**
- * Returns where clause of the collection for the current user from the collection view
- *
- * @param $view string View
- * @return string Collection where clause or empty string if not found or the where clause is empty
- */
- public function get_where_clause_from_view($view)
- {
- foreach(array_keys($_SESSION['user']['security']) as $coll_id)
- {
- if($_SESSION['user']['security'][$coll_id]['DOC']['view'] == $view)
- {
- return $_SESSION['user']['security'][$coll_id]['DOC']['where'];
- }
- }
- return '';
- }
-
- /**
- * Returns the collection table for the current user from the collection view (using $_SESSION['user']['security'])
- *
- * @param $table string Tablename
- * @return string Table name or False if not found
- */
- public function retrieve_user_coll_table($view)
- {
- foreach(array_keys($_SESSION['user']['security']) as $coll_id)
- {
- if($_SESSION['user']['security'][$coll_id]['DOC']['view'] == $view)
- {
- return $_SESSION['user']['security'][$coll_id]['DOC']['where'];
- }
- }
- return false;
- }
-
- /**
- * Checks the right on the document of a collection for the current user
- *
- * @param $coll_id string Collection identifier
- * @param $s_id string Document Identifier (res_id)
- * @return bool True if the current user has the right, False otherwise
- */
- public function test_right_doc($coll_id, $s_id)
- {
- if(empty($coll_id) || empty($s_id))
- {
- return false;
- }
- $view = $this->retrieve_view_from_coll_id($coll_id);
- if(empty($view))
- {
- $view = $this->retrieve_table_from_coll($coll_id);
- }
- $where_clause = $this->get_where_clause_from_coll_id($coll_id);
-
- $query = "select res_id from ".$view." where res_id = ".$s_id;
-
- if(!empty($where_clause))
- {
- $query .= " and (".$where_clause.") ";
- }
- $this->connect();
- $this->query($query);
-
- if($this->nb_result() < 1)
- {
- return false;
- }
- else
- {
- return true;
- }
- }
+ /**
+ * Returns where clause of the collection for the current user from the collection identifier
+ *
+ * @param $coll_id string Collection identifier
+ * @return string Collection where clause or empty string if not found or the where clause is empty
+ */
+ public function get_where_clause_from_coll_id($coll_id)
+ {
+ if(isset($_SESSION['user']['security'][$coll_id]['DOC']['where']))
+ {
+ return $_SESSION['user']['security'][$coll_id]['DOC']['where'];
+ }
+ return '';
+ }
+
+ /**
+ * Returns where clause of the collection for the current user from the collection view
+ *
+ * @param $view string View
+ * @return string Collection where clause or empty string if not found or the where clause is empty
+ */
+ public function get_where_clause_from_view($view)
+ {
+ foreach(array_keys($_SESSION['user']['security']) as $coll_id)
+ {
+ if($_SESSION['user']['security'][$coll_id]['DOC']['view'] == $view)
+ {
+ return $_SESSION['user']['security'][$coll_id]['DOC']['where'];
+ }
+ }
+ return '';
+ }
+
+ /**
+ * Returns the collection table for the current user from the collection view (using $_SESSION['user']['security'])
+ *
+ * @param $table string Tablename
+ * @return string Table name or False if not found
+ */
+ public function retrieve_user_coll_table($view)
+ {
+ foreach(array_keys($_SESSION['user']['security']) as $coll_id)
+ {
+ if($_SESSION['user']['security'][$coll_id]['DOC']['view'] == $view)
+ {
+ return $_SESSION['user']['security'][$coll_id]['DOC']['where'];
+ }
+ }
+ return false;
+ }
+
+ /**
+ * Checks the right on the document of a collection for the current user
+ *
+ * @param $coll_id string Collection identifier
+ * @param $s_id string Document Identifier (res_id)
+ * @return bool True if the current user has the right, False otherwise
+ */
+ public function test_right_doc($coll_id, $s_id)
+ {
+ if(empty($coll_id) || empty($s_id))
+ {
+ return false;
+ }
+ $view = $this->retrieve_view_from_coll_id($coll_id);
+ if(empty($view))
+ {
+ $view = $this->retrieve_table_from_coll($coll_id);
+ }
+ $where_clause = $this->get_where_clause_from_coll_id($coll_id);
+
+ $query = "select res_id from ".$view." where res_id = ".$s_id;
+
+ if(!empty($where_clause))
+ {
+ $query .= " and (".$where_clause.") ";
+ }
+ $this->connect();
+ $this->query($query);
+
+ if($this->nb_result() < 1)
+ {
+ return false;
+ }
+ else
+ {
+ return true;
+ }
+ }
}
?>
diff --git a/core/trunk/core/class/usergroups_controler.php b/core/trunk/core/class/usergroups_controler.php
index 43bee0dc85e982bbf797fcda85e6961c5949fd5f..373f3536e5ab02f595b243b44fb2ba8f4726cf2e 100644
--- a/core/trunk/core/class/usergroups_controler.php
+++ b/core/trunk/core/class/usergroups_controler.php
@@ -20,8 +20,8 @@
/**
* @brief Contains the controler of the usergroup object (create, save, modify, etc...)
-*
-*
+*
+*
* @file
* @author Claire Figueras <dev@maarch.org>
* @date $date$
@@ -39,20 +39,20 @@ define("_CODE_INCREMENT",1);
// Loads the required class
try {
- require_once("core/core_tables.php");
- require_once("modules/basket/basket_tables.php");
- require_once("core/class/usergroups.php");
- require_once("core/class/ObjectControlerAbstract.php");
- require_once("core/class/ObjectControlerIF.php");
- require_once("core/class/SecurityControler.php");
-
+ require_once("core/core_tables.php");
+ require_once("modules/basket/basket_tables.php");
+ require_once("core/class/usergroups.php");
+ require_once("core/class/ObjectControlerAbstract.php");
+ require_once("core/class/ObjectControlerIF.php");
+ require_once("core/class/SecurityControler.php");
+
} catch (Exception $e){
- echo $e->getMessage().' // ';
+ echo $e->getMessage().' // ';
}
/**
-* @brief Controler of the usergroup object
+* @brief Controler of the usergroup object
*
*<ul>
* <li>Get an usergroup object from an id</li>
@@ -64,432 +64,439 @@ try {
class usergroups_controler extends ObjectControler implements ObjectControlerIF
{
- /**
- * Returns an usergroup object based on a usegroup identifier
- *
- * @param $group_id string Usergroup identifier
- * @param $can_be_disabled bool if true gets the group even if it is disabled in the database (false by default)
- * @return usergroup object with properties from the database or null
- */
- public function get($group_id, $can_be_disabled = false)
- {
- self::set_foolish_ids(array('group_id'));
- self::set_specific_id('group_id');
- return self::advanced_get($group_id,USERGROUPS_TABLE);
- }
-
- /**
- * Returns all usergroups (enabled by default) from the database in an array of usergroup objects (ordered by group_desc by default)
- *
- * @param $order_str string Order string passed to the query ("order by group_desc asc" by default)
- * @param $enabled_only bool if true returns only the enabled usergroups, otherwise returns even the disabled (true by default)
- * @return Array of usergroup objects with properties from the database
- */
- public function getAllUsergroups($order_str = "order by group_desc asc", $enabled_only = true)
- {
- self::$db=new dbquery();
- self::$db->connect();
- $query = "select * from ".USERGROUPS_TABLE." ";
- if($enabled_only)
- $query .= "where enabled = 'Y'";
-
- $query.= $order_str;
-
- try{
- if($_ENV['DEBUG'])
- echo $query.' // ';
- self::$db->query($query);
- } catch (Exception $e){}
-
- $groups = array();
- while($res = self::$db->fetch_object())
- {
- $group=new usergroups();
- $tmp_array = array('group_id' => $res->group_id, 'group_desc' => $res->group_desc, 'enabled' => $res->enabled);
- $group->setArray($tmp_array);
- array_push($groups, $group);
- }
- self::$db->disconnect();
- return $groups;
- }
-
- /**
- * Returns in an array all the members of a usergroup (user_id only)
- *
- * @param $group_id string Usergroup identifier
- * @return Array of user_id or null
- */
- public function getUsers($group_id)
- {
- if(empty($group_id))
- return null;
-
- $users = array();
- self::$db=new dbquery();
- self::$db->connect();
- $query = "select user_id from ".USERGROUP_CONTENT_TABLE." where group_id = '".$group_id."'";
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
- } catch (Exception $e){
- echo _NO_GROUP_WITH_ID.' '.$group_id.' // ';
- }
-
- while($res = self::$db->fetch_object())
- {
- array_push($users, $res->user_id);
- }
- self::$db->disconnect();
- return $users;
- }
-
- /**
- * Returns the id of the primary group for a given user_id
- *
- * @param $user_id string User identifier
- * @return String group_id or null
- */
- public function getPrimaryGroup($user_id)
- {
- if(empty($user_id))
- return null;
-
- $users = array();
- self::$db=new dbquery();
- self::$db->connect();
- $query = "select group_id from ".USERGROUP_CONTENT_TABLE." where user_id = '".$user_id."' and primary_group = 'Y'";
-
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
- } catch (Exception $e){
- echo _NO_USER_WITH_ID.' '.$user_id.' // ';
- }
-
- $res = self::$db->fetch_object();
- $group_id = $res->group_id;
- self::$db->disconnect();
- return $group_id;
- }
-
- /**
- * Returns in an array all the baskets associated with a usergroup (basket_id only)
- *
- * @param $group_id string Usergroup identifier
- * @return Array of basket_id or null
- */
- public function getBaskets($group_id)
- {
- if(empty($group_id))
- return null;
-
- $baskets = array();
- self::$db=new dbquery();
- self::$db->connect();
- $query = "select basket_id from ".GROUPBASKET_TABLE." where group_id = '".$group_id."'";
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
- } catch (Exception $e){
- echo _NO_GROUP_WITH_ID.' '.$group_id.' // ';
- }
-
- while($res = self::$db->fetch_object())
- {
- array_push($baskets, $res->basket_id);
- }
- self::$db->disconnect();
- return $baskets;
- }
-
- /**
- * Returns in an array all the services linked to a usergroup (service_id only)
- *
- * @param $group_id string Usergroup identifier
- * @return Array of service_id or null
- */
- public function getServices($group_id)
- {
- if(empty($group_id))
- return null;
-
- self::$db=new dbquery();
- self::$db->connect();
- $query = "select service_id from ".USERGROUPS_SERVICES_TABLE." where group_id = '".$group_id."'";
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
- } catch (Exception $e){
- echo _NO_GROUP_WITH_ID.' '.$group_id.' // ';
- }
-
- $services = array();
- while($queryResult=self::$db->fetch_object())
- {
- array_push($services,trim($queryResult->service_id));
- }
- self::$db->disconnect();
- return $services;
- }
-
- /**
- * Saves in the database a usergroup object
- *
- * @param $group usergroups object to be saved
- * @return bool true if the save is complete, false otherwise
- */
- public function save($group)
- {
- if(!isset($group) )
- return false;
-
- self::set_foolish_ids(array('group_id'));
- self::set_specific_id('group_id');
- if(self::groupExists($group->group_id))
- return self::update($group);
- else
- return self::insert($group);
-
- return false;
- }
-
- /**
- * Inserts in the database (usergroups table) a usergroup object
- *
- * @param $group usergroups object
- * @return bool true if the insertion is complete, false otherwise
- */
- private function insert($group)
- {
- return self::advanced_insert($group);
- }
-
- /**
- * Updates a usergroup in the database (usergroups table) with an usergroup object
- *
- * @param $group usergroup object
- * @return bool true if the update is complete, false otherwise
- */
- private function update($group)
- {
- return self::advanced_update($group);
- }
-
- /**
- * Deletes in the database (usergroups related tables) a given usergroup
- *
- * @param $group usergroup object
- * @return bool true if the deletion is complete, false otherwise
- */
- public function delete($group)
- {
- self::set_foolish_ids(array('group_id'));
- self::set_specific_id('group_id');
-
- $group_id = $group->__get('group_id');
- $ok = self::advanced_delete($group);
- if($ok)
- $ok = self::cleanUsergroupContent($group_id);
-
- if($ok)
- $ok = self::deleteServicesForGroup($group_id);
-
- if($ok)
- $ok = SecurityControler::deleteForGroup($group_id);
-
- return $ok;
- }
-
- /**
- * Cleans the usergroup_content table in the database from a given usergroup (group_id)
- *
- * @param $group_id string Usergroup identifier
- * @return bool true if the cleaning is complete, false otherwise
- */
- private function cleanUsergroupContent($group_id)
- {
- if(!isset($group_id)|| empty($group_id) )
- return false;
-
- self::$db=new dbquery();
- self::$db->connect();
- $query="delete from ".USERGROUP_CONTENT_TABLE." where group_id='".$group_id."'";
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
- $ok = true;
- } catch (Exception $e){
- echo _CANNOT_DELETE_GROUP_ID." ".$group_id.' // ';
- $ok = false;
- }
-
- return $ok;
- }
-
-
- /**
- * Disables a given usergroup
- *
- * @param $group usergroup object
- * @return bool true if the disabling is complete, false otherwise
- */
- public function disable($group)
- {
- self::set_foolish_ids(array('group_id'));
- self::set_specific_id('group_id');
- return self::advanced_disable($group);
- }
-
- /**
- * Enables a given usergroup
- *
- * @param $group usergroup object
- * @return bool true if the enabling is complete, false otherwise
- */
- public function enable($group)
- {
- self::set_foolish_ids(array('group_id'));
- self::set_specific_id('group_id');
- return self::advanced_enable($group);
- }
-
- /**
- * Asserts if a given usergroup (group_id) exists in the database
- *
- * @param $group_id String Usergroup identifier
- * @return bool true if the usergroup exists, false otherwise
- */
- public function groupExists($group_id)
- {
- if(!isset($group_id) || empty($group_id))
- return false;
-
- self::$db=new dbquery();
- self::$db->connect();
- $query = "select group_id from ".USERGROUPS_TABLE." where group_id = '".$group_id."'";
-
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
- } catch (Exception $e){
- echo _UNKNOWN._GROUP." ".$group_id.' // ';
- }
-
- if(self::$db->nb_result() > 0)
- {
- self::$db->disconnect();
- return true;
- }
- self::$db->disconnect();
- return false;
- }
-
- /**
- * Deletes all the services for a given usergroup in the usergroups_service table
- *
- * @param $group_id String Usergroup identifier
- * @return bool true if the deleting is complete, false otherwise
- */
- public function deleteServicesForGroup($group_id)
- {
- if(!isset($group_id)|| empty($group_id) )
- return false;
- self::$db=new dbquery();
- self::$db->connect();
- $query="delete from ".USERGROUPS_SERVICES_TABLE." where group_id='".$group_id."'";
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
- $ok = true;
- } catch (Exception $e){
- echo _CANNOT_DELETE_GROUP_ID." ".$group_id.' // ';
- $ok = false;
- }
- self::$db->disconnect();
- return $ok;
- }
-
- /**
- * Inserts a given service for a given group into the usergroups_services table
- *
- * @param $group_id String Usergroup identifier
- * @param $service_id String Service identifier
- * @return bool true if the insertion is complete, false otherwise
- */
- public function insertServiceForGroup($group_id, $service_id)
- {
- if(!isset($group_id)|| empty($group_id) || !isset($service_id)|| empty($service_id) )
- return false;
-
- self::$db=new dbquery();
- self::$db->connect();
- $query = "insert into ".USERGROUPS_SERVICES_TABLE." (group_id, service_id) values ('".$group_id."', '".$service_id."')";
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
- $ok = true;
- } catch (Exception $e){
- echo _CANNOT_INSERT." ".$group_id.' '.$service_id.' // ';
- $ok = false;
- }
- self::$db->disconnect();
- return $ok;
- }
-
- /**
- * Checks if a given user is a member of the given group
- *
- * @param $user_id String User identifier
- * @param $group_id String Usergroup identifier
- * @return bool true if the user is a member, false otherwise
- */
- public function inGroup($user_id, $group_id)
- {
- if(!isset($group_id)|| empty($group_id) || !isset($user_id)|| empty($user_id) )
- return false;
-
- self::$db=new dbquery();
- self::$db->connect();
- $query = "select user_id from ".USERGROUP_CONTENT_TABLE." where user_id ='".$user_id."' and group_id = '".$group_id."'";
-
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
- } catch (Exception $e){
- echo _CANNOT_FIND." ".$group_id.' '.$user_id.' // ';
- }
- self::$db->disconnect();
-
- if(self::$db->nb_result() > 0)
- return true;
- else
- return false;
- }
-
- /**
- * Returns the number of usergroup of the usergroups table (only the enabled by default)
- *
- * @param $enabled_only Bool if true counts only the enabled ones, otherwise counts all usergroups even the disabled ones (true by default)
- * @return Integer the number of usergroups in the usergroups table
- */
- public function getUsergroupsCount($enabled_only = true)
- {
- $nb = 0;
- self::$db=new dbquery();
- self::$db->connect();
-
- $query = "select group_id from ".USERGROUPS_TABLE." " ;
- if($enabled_only)
- $query .= "where enabled ='Y'";
-
- try{
- if($_ENV['DEBUG']){echo $query.' // ';}
- self::$db->query($query);
- } catch (Exception $e){}
-
- $nb = self::$db->nb_result();
- self::$db->disconnect();
- return $nb;
- }
+ /**
+ * Returns an usergroup object based on a usegroup identifier
+ *
+ * @param $group_id string Usergroup identifier
+ * @param $can_be_disabled bool if true gets the group even if it is disabled in the database (false by default)
+ * @return usergroup object with properties from the database or null
+ */
+ public function get($group_id, $can_be_disabled = false)
+ {
+ self::set_foolish_ids(array('group_id'));
+ self::set_specific_id('group_id');
+ return self::advanced_get($group_id,USERGROUPS_TABLE);
+ }
+
+ /**
+ * Returns all usergroups (enabled by default) from the database in an array of usergroup objects (ordered by group_desc by default)
+ *
+ * @param $order_str string Order string passed to the query ("order by group_desc asc" by default)
+ * @param $enabled_only bool if true returns only the enabled usergroups, otherwise returns even the disabled (true by default)
+ * @return Array of usergroup objects with properties from the database
+ */
+ public function getAllUsergroups($order_str = "order by group_desc asc", $enabled_only = true)
+ {
+ self::$db=new dbquery();
+ self::$db->connect();
+ $query = "select * from ".USERGROUPS_TABLE." ";
+ if($enabled_only)
+ $query .= "where enabled = 'Y'";
+
+ $query.= $order_str;
+
+ try{
+ if($_ENV['DEBUG'])
+ echo $query.' // ';
+ self::$db->query($query);
+ } catch (Exception $e){}
+
+ $groups = array();
+ while($res = self::$db->fetch_object())
+ {
+ $group=new usergroups();
+ $tmp_array = array('group_id' => $res->group_id, 'group_desc' => $res->group_desc, 'enabled' => $res->enabled);
+ $group->setArray($tmp_array);
+ array_push($groups, $group);
+ }
+ self::$db->disconnect();
+ return $groups;
+ }
+
+ /**
+ * Returns in an array all the members of a usergroup (user_id only)
+ *
+ * @param $group_id string Usergroup identifier
+ * @return Array of user_id or null
+ */
+ public function getUsers($group_id)
+ {
+ if(empty($group_id))
+ return null;
+
+ $users = array();
+ self::$db=new dbquery();
+ self::$db->connect();
+ $query = "select user_id from ".USERGROUP_CONTENT_TABLE." where group_id = '".$group_id."'";
+ try{
+ if($_ENV['DEBUG']){echo $query.' // ';}
+ self::$db->query($query);
+ } catch (Exception $e){
+ echo _NO_GROUP_WITH_ID.' '.$group_id.' // ';
+ }
+
+ while($res = self::$db->fetch_object())
+ {
+ array_push($users, $res->user_id);
+ }
+ self::$db->disconnect();
+ return $users;
+ }
+
+ /**
+ * Returns the id of the primary group for a given user_id
+ *
+ * @param $user_id string User identifier
+ * @return String group_id or null
+ */
+ public function getPrimaryGroup($user_id)
+ {
+ if(empty($user_id))
+ return null;
+
+ $users = array();
+ self::$db=new dbquery();
+ self::$db->connect();
+ $query = "select group_id from ".USERGROUP_CONTENT_TABLE." where user_id = '".$user_id."' and primary_group = 'Y'";
+
+ try{
+ if($_ENV['DEBUG']){echo $query.' // ';}
+ self::$db->query($query);
+ } catch (Exception $e){
+ echo _NO_USER_WITH_ID.' '.$user_id.' // ';
+ }
+
+ $res = self::$db->fetch_object();
+ if(isset($res->group_id))
+ {
+ $group_id = $res->group_id;
+ }
+ else
+ {
+ return null;
+ }
+ self::$db->disconnect();
+ return $group_id;
+ }
+
+ /**
+ * Returns in an array all the baskets associated with a usergroup (basket_id only)
+ *
+ * @param $group_id string Usergroup identifier
+ * @return Array of basket_id or null
+ */
+ public function getBaskets($group_id)
+ {
+ if(empty($group_id))
+ return null;
+
+ $baskets = array();
+ self::$db=new dbquery();
+ self::$db->connect();
+ $query = "select basket_id from ".GROUPBASKET_TABLE." where group_id = '".$group_id."'";
+ try{
+ if($_ENV['DEBUG']){echo $query.' // ';}
+ self::$db->query($query);
+ } catch (Exception $e){
+ echo _NO_GROUP_WITH_ID.' '.$group_id.' // ';
+ }
+
+ while($res = self::$db->fetch_object())
+ {
+ array_push($baskets, $res->basket_id);
+ }
+ self::$db->disconnect();
+ return $baskets;
+ }
+
+ /**
+ * Returns in an array all the services linked to a usergroup (service_id only)
+ *
+ * @param $group_id string Usergroup identifier
+ * @return Array of service_id or null
+ */
+ public function getServices($group_id)
+ {
+ if(empty($group_id))
+ return null;
+
+ self::$db=new dbquery();
+ self::$db->connect();
+ $query = "select service_id from ".USERGROUPS_SERVICES_TABLE." where group_id = '".$group_id."'";
+ try{
+ if($_ENV['DEBUG']){echo $query.' // ';}
+ self::$db->query($query);
+ } catch (Exception $e){
+ echo _NO_GROUP_WITH_ID.' '.$group_id.' // ';
+ }
+
+ $services = array();
+ while($queryResult=self::$db->fetch_object())
+ {
+ array_push($services,trim($queryResult->service_id));
+ }
+ self::$db->disconnect();
+ return $services;
+ }
+
+ /**
+ * Saves in the database a usergroup object
+ *
+ * @param $group usergroups object to be saved
+ * @return bool true if the save is complete, false otherwise
+ */
+ public function save($group)
+ {
+ if(!isset($group) )
+ return false;
+
+ self::set_foolish_ids(array('group_id'));
+ self::set_specific_id('group_id');
+ if(self::groupExists($group->group_id))
+ return self::update($group);
+ else
+ return self::insert($group);
+
+ return false;
+ }
+
+ /**
+ * Inserts in the database (usergroups table) a usergroup object
+ *
+ * @param $group usergroups object
+ * @return bool true if the insertion is complete, false otherwise
+ */
+ private function insert($group)
+ {
+ return self::advanced_insert($group);
+ }
+
+ /**
+ * Updates a usergroup in the database (usergroups table) with an usergroup object
+ *
+ * @param $group usergroup object
+ * @return bool true if the update is complete, false otherwise
+ */
+ private function update($group)
+ {
+ return self::advanced_update($group);
+ }
+
+ /**
+ * Deletes in the database (usergroups related tables) a given usergroup
+ *
+ * @param $group usergroup object
+ * @return bool true if the deletion is complete, false otherwise
+ */
+ public function delete($group)
+ {
+ self::set_foolish_ids(array('group_id'));
+ self::set_specific_id('group_id');
+
+ $group_id = $group->__get('group_id');
+ $ok = self::advanced_delete($group);
+ if($ok)
+ $ok = self::cleanUsergroupContent($group_id);
+
+ if($ok)
+ $ok = self::deleteServicesForGroup($group_id);
+
+ if($ok)
+ $ok = SecurityControler::deleteForGroup($group_id);
+
+ return $ok;
+ }
+
+ /**
+ * Cleans the usergroup_content table in the database from a given usergroup (group_id)
+ *
+ * @param $group_id string Usergroup identifier
+ * @return bool true if the cleaning is complete, false otherwise
+ */
+ private function cleanUsergroupContent($group_id)
+ {
+ if(!isset($group_id)|| empty($group_id) )
+ return false;
+
+ self::$db=new dbquery();
+ self::$db->connect();
+ $query="delete from ".USERGROUP_CONTENT_TABLE." where group_id='".$group_id."'";
+ try{
+ if($_ENV['DEBUG']){echo $query.' // ';}
+ self::$db->query($query);
+ $ok = true;
+ } catch (Exception $e){
+ echo _CANNOT_DELETE_GROUP_ID." ".$group_id.' // ';
+ $ok = false;
+ }
+
+ return $ok;
+ }
+
+
+ /**
+ * Disables a given usergroup
+ *
+ * @param $group usergroup object
+ * @return bool true if the disabling is complete, false otherwise
+ */
+ public function disable($group)
+ {
+ self::set_foolish_ids(array('group_id'));
+ self::set_specific_id('group_id');
+ return self::advanced_disable($group);
+ }
+
+ /**
+ * Enables a given usergroup
+ *
+ * @param $group usergroup object
+ * @return bool true if the enabling is complete, false otherwise
+ */
+ public function enable($group)
+ {
+ self::set_foolish_ids(array('group_id'));
+ self::set_specific_id('group_id');
+ return self::advanced_enable($group);
+ }
+
+ /**
+ * Asserts if a given usergroup (group_id) exists in the database
+ *
+ * @param $group_id String Usergroup identifier
+ * @return bool true if the usergroup exists, false otherwise
+ */
+ public function groupExists($group_id)
+ {
+ if(!isset($group_id) || empty($group_id))
+ return false;
+
+ self::$db=new dbquery();
+ self::$db->connect();
+ $query = "select group_id from ".USERGROUPS_TABLE." where group_id = '".$group_id."'";
+
+ try{
+ if($_ENV['DEBUG']){echo $query.' // ';}
+ self::$db->query($query);
+ } catch (Exception $e){
+ echo _UNKNOWN._GROUP." ".$group_id.' // ';
+ }
+
+ if(self::$db->nb_result() > 0)
+ {
+ self::$db->disconnect();
+ return true;
+ }
+ self::$db->disconnect();
+ return false;
+ }
+
+ /**
+ * Deletes all the services for a given usergroup in the usergroups_service table
+ *
+ * @param $group_id String Usergroup identifier
+ * @return bool true if the deleting is complete, false otherwise
+ */
+ public function deleteServicesForGroup($group_id)
+ {
+ if(!isset($group_id)|| empty($group_id) )
+ return false;
+ self::$db=new dbquery();
+ self::$db->connect();
+ $query="delete from ".USERGROUPS_SERVICES_TABLE." where group_id='".$group_id."'";
+ try{
+ if($_ENV['DEBUG']){echo $query.' // ';}
+ self::$db->query($query);
+ $ok = true;
+ } catch (Exception $e){
+ echo _CANNOT_DELETE_GROUP_ID." ".$group_id.' // ';
+ $ok = false;
+ }
+ self::$db->disconnect();
+ return $ok;
+ }
+
+ /**
+ * Inserts a given service for a given group into the usergroups_services table
+ *
+ * @param $group_id String Usergroup identifier
+ * @param $service_id String Service identifier
+ * @return bool true if the insertion is complete, false otherwise
+ */
+ public function insertServiceForGroup($group_id, $service_id)
+ {
+ if(!isset($group_id)|| empty($group_id) || !isset($service_id)|| empty($service_id) )
+ return false;
+
+ self::$db=new dbquery();
+ self::$db->connect();
+ $query = "insert into ".USERGROUPS_SERVICES_TABLE." (group_id, service_id) values ('".$group_id."', '".$service_id."')";
+ try{
+ if($_ENV['DEBUG']){echo $query.' // ';}
+ self::$db->query($query);
+ $ok = true;
+ } catch (Exception $e){
+ echo _CANNOT_INSERT." ".$group_id.' '.$service_id.' // ';
+ $ok = false;
+ }
+ self::$db->disconnect();
+ return $ok;
+ }
+
+ /**
+ * Checks if a given user is a member of the given group
+ *
+ * @param $user_id String User identifier
+ * @param $group_id String Usergroup identifier
+ * @return bool true if the user is a member, false otherwise
+ */
+ public function inGroup($user_id, $group_id)
+ {
+ if(!isset($group_id)|| empty($group_id) || !isset($user_id)|| empty($user_id) )
+ return false;
+
+ self::$db=new dbquery();
+ self::$db->connect();
+ $query = "select user_id from ".USERGROUP_CONTENT_TABLE." where user_id ='".$user_id."' and group_id = '".$group_id."'";
+
+ try{
+ if($_ENV['DEBUG']){echo $query.' // ';}
+ self::$db->query($query);
+ } catch (Exception $e){
+ echo _CANNOT_FIND." ".$group_id.' '.$user_id.' // ';
+ }
+ self::$db->disconnect();
+
+ if(self::$db->nb_result() > 0)
+ return true;
+ else
+ return false;
+ }
+
+ /**
+ * Returns the number of usergroup of the usergroups table (only the enabled by default)
+ *
+ * @param $enabled_only Bool if true counts only the enabled ones, otherwise counts all usergroups even the disabled ones (true by default)
+ * @return Integer the number of usergroups in the usergroups table
+ */
+ public function getUsergroupsCount($enabled_only = true)
+ {
+ $nb = 0;
+ self::$db=new dbquery();
+ self::$db->connect();
+
+ $query = "select group_id from ".USERGROUPS_TABLE." " ;
+ if($enabled_only)
+ $query .= "where enabled ='Y'";
+
+ try{
+ if($_ENV['DEBUG']){echo $query.' // ';}
+ self::$db->query($query);
+ } catch (Exception $e){}
+
+ $nb = self::$db->nb_result();
+ self::$db->disconnect();
+ return $nb;
+ }
}
?>
diff --git a/core/trunk/core/manage_action.php b/core/trunk/core/manage_action.php
index 4bb3c8b15726ad04fc4442c080dbd5f70a0644f8..1fa121c8cd230b8e7f1d2c59cbe82f70434c4c12 100644
--- a/core/trunk/core/manage_action.php
+++ b/core/trunk/core/manage_action.php
@@ -42,301 +42,304 @@ $res_action = array();
*/
function get_values_in_array($val)
{
- $tab = explode('$$',$val);
- $values = array();
- for($i=0; $i<count($tab);$i++)
- {
- $tmp = explode('#', $tab[$i]);
- array_push($values, array('ID' => $tmp[0], 'VALUE' => trim($tmp[1])));
- }
- return $values;
+ $tab = explode('$$',$val);
+ $values = array();
+ for($i=0; $i<count($tab);$i++)
+ {
+ $tmp = explode('#', $tab[$i]);
+ if(isset($tmp[1]))
+ {
+ array_push($values, array('ID' => $tmp[0], 'VALUE' => trim($tmp[1])));
+ }
+ }
+ return $values;
}
// Form validation
if($_POST['req'] == 'valid_form' && !empty($_POST['action_id']) && isset($_POST['action_id']) && !empty($_POST['form_to_check'])&& isset($_POST['form_to_check']))
{
- $id_action = $_POST['action_id'];
- $db->connect();
- // Gets the action informations from the database
- $db->query("select * from ".$_SESSION['tablename']['actions']." where id = ".$id_action);
+ $id_action = $_POST['action_id'];
+ $db->connect();
+ // Gets the action informations from the database
+ $db->query("select * from ".$_SESSION['tablename']['actions']." where id = ".$id_action);
- if($db->nb_result() < 1)
- {
- $_SESSION['action_error'] = _ACTION_NOT_IN_DB;
- echo "{status : 5, error_txt : '".addslashes($_SESSION['action_error'])."'}";
- exit();
- }
+ if($db->nb_result() < 1)
+ {
+ $_SESSION['action_error'] = _ACTION_NOT_IN_DB;
+ echo "{status : 5, error_txt : '".addslashes($_SESSION['action_error'])."'}";
+ exit();
+ }
- $res = $db->fetch_object();
- $label_action = $res->label_action;
- $status = $res->id_status;
- $action_page = $res->action_page;
- $bool_history = $res->history;
- $create_id = $res->create_id;
+ $res = $db->fetch_object();
+ $label_action = $res->label_action;
+ $status = $res->id_status;
+ $action_page = $res->action_page;
+ $bool_history = $res->history;
+ $create_id = $res->create_id;
- //No script defined for this action
- if($action_page == '')
- {
- $_SESSION['action_error'] = _ACTION_NOT_IN_DB;
- echo "{status : 5, error_txt : '".addslashes($_SESSION['action_error'])."'}";
- exit();
- }
- $custom_path = '';
- $path_action_page = $core->get_path_action_page($action_page);
-
- if(isset($_SESSION['custom_override_id']) && !empty($_SESSION['custom_override_id']))
- {
- $custom_path = 'custom'.DIRECTORY_SEPARATOR.$_SESSION['custom_override_id'].DIRECTORY_SEPARATOR.$path_action_page;
- }
- if($custom_path <> '' && file_exists($_SESSION['config']['corepath'].$custom_path))
- {
- include($custom_path);
- }
- else
- {
- if(file_exists($path_action_page))
- {
- include($path_action_page);
- }
- else
- {
- // Invalid path to script
- $_SESSION['action_error'] = $label_action.' '._ACTION_PAGE_MISSING;
- echo "{status : 8, error_txt: '".addslashes($_SESSION['action_error'])."'}";
- exit();
- }
- }
-
-
- $frm_error = check_form(trim($_POST['form_to_check']),get_values_in_array($_POST['form_values']));
- if($frm_error == false)
- {
- echo "{status : 1, error_txt : '".addslashes($_SESSION['action_error'])."'}";
- exit();
- }
- else
- {
- if($create_id == 'N')
- {
- echo "{status : 0, error_txt : '".addslashes($_SESSION['action_error'])."', page_result : '', manage_form_now : false}";
- }
- else
- {
- echo "{status : 0, error_txt : '".addslashes($_SESSION['action_error'])."', page_result : '', manage_form_now : true}";
- }
- exit();
- }
+ //No script defined for this action
+ if($action_page == '')
+ {
+ $_SESSION['action_error'] = _ACTION_NOT_IN_DB;
+ echo "{status : 5, error_txt : '".addslashes($_SESSION['action_error'])."'}";
+ exit();
+ }
+ $custom_path = '';
+ $path_action_page = $core->get_path_action_page($action_page);
+
+ if(isset($_SESSION['custom_override_id']) && !empty($_SESSION['custom_override_id']))
+ {
+ $custom_path = 'custom'.DIRECTORY_SEPARATOR.$_SESSION['custom_override_id'].DIRECTORY_SEPARATOR.$path_action_page;
+ }
+ if($custom_path <> '' && file_exists($_SESSION['config']['corepath'].$custom_path))
+ {
+ include($custom_path);
+ }
+ else
+ {
+ if(file_exists($path_action_page))
+ {
+ include($path_action_page);
+ }
+ else
+ {
+ // Invalid path to script
+ $_SESSION['action_error'] = $label_action.' '._ACTION_PAGE_MISSING;
+ echo "{status : 8, error_txt: '".addslashes($_SESSION['action_error'])."'}";
+ exit();
+ }
+ }
+
+
+ $frm_error = check_form(trim($_POST['form_to_check']),get_values_in_array($_POST['form_values']));
+ if($frm_error == false)
+ {
+ echo "{status : 1, error_txt : '".addslashes($_SESSION['action_error'])."'}";
+ exit();
+ }
+ else
+ {
+ if($create_id == 'N')
+ {
+ echo "{status : 0, error_txt : '".addslashes($_SESSION['action_error'])."', page_result : '', manage_form_now : false}";
+ }
+ else
+ {
+ echo "{status : 0, error_txt : '".addslashes($_SESSION['action_error'])."', page_result : '', manage_form_now : true}";
+ }
+ exit();
+ }
}
elseif(trim($_POST['req']) == 'change_status' && !empty($_POST['values']) && !empty($_POST['new_status']) && !empty($_POST['table']))
{
- $arr_id = explode(',', $_POST['values']);
- $result = '';
- $db->connect();
- for($i=0; $i<count($arr_id );$i++)
- {
- $arr_id[$i] = str_replace('#', '', $arr_id[$i]);
- $result .= $arr_id[$i].'#';
- $query_str = "update ".$_POST['table']. " set status = '".$_POST['new_status']."' where res_id = ".$arr_id[$i];
- // echo $query_str;
- $req = $db->query($query_str, true);
- if(!$req)
- {
- $_SESSION['action_error'] = _SQL_ERROR.' : '.$query_str;
- echo "{status : 1, error_txt : '".addslashes(_ERROR_WITH_STATUS)." ".$query_str."'}";
- exit();
- }
- }
- echo "{status : 0, error_txt : '".addslashes(_STATUS_UPDATED.' : '.$_POST['new_status'])."'}";
- exit();
+ $arr_id = explode(',', $_POST['values']);
+ $result = '';
+ $db->connect();
+ for($i=0; $i<count($arr_id );$i++)
+ {
+ $arr_id[$i] = str_replace('#', '', $arr_id[$i]);
+ $result .= $arr_id[$i].'#';
+ $query_str = "update ".$_POST['table']. " set status = '".$_POST['new_status']."' where res_id = ".$arr_id[$i];
+ // echo $query_str;
+ $req = $db->query($query_str, true);
+ if(!$req)
+ {
+ $_SESSION['action_error'] = _SQL_ERROR.' : '.$query_str;
+ echo "{status : 1, error_txt : '".addslashes(_ERROR_WITH_STATUS)." ".$query_str."'}";
+ exit();
+ }
+ }
+ echo "{status : 0, error_txt : '".addslashes(_STATUS_UPDATED.' : '.$_POST['new_status'])."'}";
+ exit();
}
// Post variables error
else if(empty($_POST['values']) || !isset($_POST['action_id']) || empty($_POST['action_id']) ||
($_POST['mode'] <> 'mass' && $_POST['mode'] <> 'page') || empty($_POST['table'])
|| empty($_POST['coll_id']) || empty($_POST['module']) || ($_POST['req'] <> 'first_request' && $_POST['req'] <> 'second_request' && $_POST['req'] <> 'change_status'))
{
- $tmp = 'values : '.$_POST['values'].', action_id : '.$_POST['action_id'].', mode : '. $_POST['mode'].', table : '.$_POST['table'].', coll_id : '.$_POST['coll_id'].', module : '.$_POST['module'].', req : '.$_POST['req'];
- $_SESSION['action_error'] = $tmp._AJAX_PARAM_ERROR;
- echo "{status : 1, error_txt : '".$id_action.addslashes($_SESSION['action_error'])."'}";
- exit();
+ $tmp = 'values : '.$_POST['values'].', action_id : '.$_POST['action_id'].', mode : '. $_POST['mode'].', table : '.$_POST['table'].', coll_id : '.$_POST['coll_id'].', module : '.$_POST['module'].', req : '.$_POST['req'];
+ $_SESSION['action_error'] = $tmp._AJAX_PARAM_ERROR;
+ echo "{status : 1, error_txt : '".$id_action.addslashes($_SESSION['action_error'])."'}";
+ exit();
}
else
{
- // Puts the res_id into an array
- $arr_id = explode(',', $_POST['values']);
- $id_action = $_POST['action_id'];
- $db->connect();
- // Gets the action informations from the database
- $db->query("select * from ".$_SESSION['tablename']['actions']." where id = ".$id_action);
+ // Puts the res_id into an array
+ $arr_id = explode(',', $_POST['values']);
+ $id_action = $_POST['action_id'];
+ $db->connect();
+ // Gets the action informations from the database
+ $db->query("select * from ".$_SESSION['tablename']['actions']." where id = ".$id_action);
+
+ if($db->nb_result() < 1)
+ {
+ $_SESSION['action_error'] = _ACTION_NOT_IN_DB;
+ echo "{status : 5, error_txt : '".addslashes($_SESSION['action_error'])."'}";
+ exit();
+ }
- if($db->nb_result() < 1)
- {
- $_SESSION['action_error'] = _ACTION_NOT_IN_DB;
- echo "{status : 5, error_txt : '".addslashes($_SESSION['action_error'])."'}";
- exit();
- }
+ $res = $db->fetch_object();
+ $label_action = $res->label_action;
+ $status = $res->id_status;
+ $action_page = $res->action_page;
+ $bool_history = $res->history;
- $res = $db->fetch_object();
- $label_action = $res->label_action;
- $status = $res->id_status;
- $action_page = $res->action_page;
- $bool_history = $res->history;
+ //No script defined for this action
+ if($action_page == '')
+ {
+ //If second request : Error
+ if($_POST['req'] == 'second_request')
+ {
+ $_SESSION['action_error'] = _ACTION_NOT_IN_DB;
+ echo "{status : 5, error_txt : '".addslashes($_SESSION['action_error'])."'}";
+ exit();
+ }
- //No script defined for this action
- if($action_page == '')
- {
- //If second request : Error
- if($_POST['req'] == 'second_request')
- {
- $_SESSION['action_error'] = _ACTION_NOT_IN_DB;
- echo "{status : 5, error_txt : '".addslashes($_SESSION['action_error'])."'}";
- exit();
- }
+ //If no status defined in the action file , error
+ if($status == '' || $status == 'NONE')
+ {
+ $_SESSION['action_error'] = $label_action.' : '._ERROR_PARAM_ACTION;
+ echo "{status : 6, error_txt : '".addslashes($_SESSION['action_error'])."'}";
+ exit();
+ }
- //If no status defined in the action file , error
- if($status == '' || $status == 'NONE')
- {
- $_SESSION['action_error'] = $label_action.' : '._ERROR_PARAM_ACTION;
- echo "{status : 6, error_txt : '".addslashes($_SESSION['action_error'])."'}";
- exit();
- }
+ // Update the status
+ $result = '';
+ for($i=0; $i<count($arr_id );$i++)
+ {
+ $arr_id[$i] = str_replace('#', '', $arr_id[$i]);
+ $result .= $arr_id[$i].'#';
+ $query_str = "update ".$_POST['table']. " set status = '".$status."' where res_id = ".$arr_id[$i];
+ $req = $db->query($query_str, true);
+ if(!$req)
+ {
+ $_SESSION['action_error'] = _SQL_ERROR.' : '.$query_str;
+ echo "{status : 7, error_txt : '".addslashes($label_action.' : '.$_SESSION['action_error'])."'}";
+ exit();
+ }
+ }
+ $res_action = array('result' => $result, 'history_msg' => '');
+ $_SESSION['action_error'] = _ACTION_DONE.' : '.$label_action;
+ echo "{status : 0, error_txt : '".addslashes($_SESSION['action_error']).", status : ".$status.", ".$_POST['values']."', page_result : ''}";
- // Update the status
- $result = '';
- for($i=0; $i<count($arr_id );$i++)
- {
- $arr_id[$i] = str_replace('#', '', $arr_id[$i]);
- $result .= $arr_id[$i].'#';
- $query_str = "update ".$_POST['table']. " set status = '".$status."' where res_id = ".$arr_id[$i];
- $req = $db->query($query_str, true);
- if(!$req)
- {
- $_SESSION['action_error'] = _SQL_ERROR.' : '.$query_str;
- echo "{status : 7, error_txt : '".addslashes($label_action.' : '.$_SESSION['action_error'])."'}";
- exit();
- }
- }
- $res_action = array('result' => $result, 'history_msg' => '');
- $_SESSION['action_error'] = _ACTION_DONE.' : '.$label_action;
- echo "{status : 0, error_txt : '".addslashes($_SESSION['action_error']).", status : ".$status.", ".$_POST['values']."', page_result : ''}";
+ }
+ // There is a script for the action
+ else
+ {
+ $custom_path = '';
+ $path_action_page = $core->get_path_action_page($action_page);
- }
- // There is a script for the action
- else
- {
- $custom_path = '';
- $path_action_page = $core->get_path_action_page($action_page);
-
- if(isset($_SESSION['custom_override_id']) && !empty($_SESSION['custom_override_id']))
- {
- $custom_path = 'custom'.DIRECTORY_SEPARATOR.$_SESSION['custom_override_id'].DIRECTORY_SEPARATOR.$path_action_page;
- }
- if($custom_path <> '' && file_exists($_SESSION['config']['corepath'].$custom_path))
- {
- include($custom_path);
- }
- else
- {
- if(file_exists($path_action_page))
- {
- include($path_action_page);
- }
- else
- {
- // Invalid path to script
- $_SESSION['action_error'] = $label_action.' '._ACTION_PAGE_MISSING;
- echo "{status : 8, error_txt: '".addslashes($_SESSION['action_error'])."'}";
- exit();
- }
- }
- if($_POST['req'] == 'first_request' && in_array('form', $etapes))
- {
- $frm_test = get_form_txt($arr_id, $_SESSION['config']['businessappurl'].'index.php?display=true&page=manage_action&module=core', $id_action, $_POST['table'],$_POST['module'], $_POST['coll_id'], $_POST['mode'] );
- echo "{status : 3, form_content : '".$frm_test."', height : '".$frm_height."', width : '".$frm_width."', 'mode_frm' : '".$mode_form."', 'action_status' : '".$status."'}";
- exit();
- }
- elseif( $_POST['req'] == 'first_request' && $confirm == true)
- {
- echo "{status : 2, confirm_content : '".addslashes(_ACTION_CONFIRM." ".$label_action)."', validate : '"._VALIDATE."', cancel : '"._CANCEL."', label_action : '".addslashes($label_action)."', 'action_status' : '".$status."'}";
- exit();
- }
- else
- {
- if($confirm == false)
- {
- $_SESSION['action_error'] = $label_action.' : '._ERROR_SCRIPT;
- }
- for($i=0; $i<count($etapes);$i++)
- {
- if($etapes[$i] <> 'status')
- {
- if( function_exists('manage_'.$etapes[$i]) )
- {
- try
- {
- if($_POST['req'] == 'second_request')
- {
- $res_action = call_user_func('manage_'.$etapes[$i],$arr_id, $bool_history, $id_action, $label_action, $status, $_POST['coll_id'], $_POST['table'], get_values_in_array($_POST['form_values']) );
- }
- else
- {
- $res_action = call_user_func('manage_'.$etapes[$i],$arr_id, $bool_history, $id_action, $label_action, $status, $_POST['coll_id'], $_POST['table']);
- }
- }
- catch(Exception $e)
- {
- echo "{status : 9, error_txt : '".addslashes($_SESSION['action_error'])."'}";
- exit();
- }
- }
- else
- {
- echo "{status : 9, error_txt : '".addslashes($_SESSION['action_error'])."'}";
- exit();
- }
- }
- }
- //print_r($res_action);
- if($res_action == false)
- {
- echo "{status : 9, error_txt : '".addslashes($_SESSION['action_error'])."'}";
- exit();
- }
- $comp = ", page_result : ''";
- if(isset($res_action['page_result']) && !empty($res_action['page_result']))
- {
- $comp = ", page_result : '".$res_action['page_result']."'";
- }
- if(isset($res_action['table_dest']) && !empty($res_action['table_dest']))
- {
- $comp .= ", table : '".$res_action['table_dest']."'";
- }
- $_SESSION['action_error'] = _ACTION_DONE.' : '.$label_action;
- echo "{status : 0, error_txt : '".addslashes($_SESSION['action_error'])."'".$comp.", result_id : '".$res_action['result']."'}";
- }
- }
- // Save action in history if needed
- if($bool_history=='Y')
- {
- require_once("core".DIRECTORY_SEPARATOR."class".DIRECTORY_SEPARATOR."class_history.php");
- $hist = new history();
- $arr_res = explode('#', $res_action['result']);
- for($i=0; $i<count($arr_res );$i++)
- {
- if(!empty($arr_res[$i]))
- {
- $what = $label_action.'('._NUM.$arr_res[$i].') ';
- if(isset($res_action['history_msg']) && !empty($res_action['history_msg']))
- {
- $what .= $res_action['history_msg'];
- }
- $hist->add($_POST['table'],$arr_res[$i],'ACTION#'.$id_action,$what, $_SESSION['config']['databasetype'], $_POST['module']);
- }
- }
- }
+ if(isset($_SESSION['custom_override_id']) && !empty($_SESSION['custom_override_id']))
+ {
+ $custom_path = 'custom'.DIRECTORY_SEPARATOR.$_SESSION['custom_override_id'].DIRECTORY_SEPARATOR.$path_action_page;
+ }
+ if($custom_path <> '' && file_exists($_SESSION['config']['corepath'].$custom_path))
+ {
+ include($custom_path);
+ }
+ else
+ {
+ if(file_exists($path_action_page))
+ {
+ include($path_action_page);
+ }
+ else
+ {
+ // Invalid path to script
+ $_SESSION['action_error'] = $label_action.' '._ACTION_PAGE_MISSING;
+ echo "{status : 8, error_txt: '".addslashes($_SESSION['action_error'])."'}";
+ exit();
+ }
+ }
+ if($_POST['req'] == 'first_request' && in_array('form', $etapes))
+ {
+ $frm_test = get_form_txt($arr_id, $_SESSION['config']['businessappurl'].'index.php?display=true&page=manage_action&module=core', $id_action, $_POST['table'],$_POST['module'], $_POST['coll_id'], $_POST['mode'] );
+ echo "{status : 3, form_content : '".$frm_test."', height : '".$frm_height."', width : '".$frm_width."', 'mode_frm' : '".$mode_form."', 'action_status' : '".$status."'}";
+ exit();
+ }
+ elseif( $_POST['req'] == 'first_request' && $confirm == true)
+ {
+ echo "{status : 2, confirm_content : '".addslashes(_ACTION_CONFIRM." ".$label_action)."', validate : '"._VALIDATE."', cancel : '"._CANCEL."', label_action : '".addslashes($label_action)."', 'action_status' : '".$status."'}";
+ exit();
+ }
+ else
+ {
+ if($confirm == false)
+ {
+ $_SESSION['action_error'] = $label_action.' : '._ERROR_SCRIPT;
+ }
+ for($i=0; $i<count($etapes);$i++)
+ {
+ if($etapes[$i] <> 'status')
+ {
+ if( function_exists('manage_'.$etapes[$i]) )
+ {
+ try
+ {
+ if($_POST['req'] == 'second_request')
+ {
+ $res_action = call_user_func('manage_'.$etapes[$i],$arr_id, $bool_history, $id_action, $label_action, $status, $_POST['coll_id'], $_POST['table'], get_values_in_array($_POST['form_values']) );
+ }
+ else
+ {
+ $res_action = call_user_func('manage_'.$etapes[$i],$arr_id, $bool_history, $id_action, $label_action, $status, $_POST['coll_id'], $_POST['table']);
+ }
+ }
+ catch(Exception $e)
+ {
+ echo "{status : 9, error_txt : '".addslashes($_SESSION['action_error'])."'}";
+ exit();
+ }
+ }
+ else
+ {
+ echo "{status : 9, error_txt : '".addslashes($_SESSION['action_error'])."'}";
+ exit();
+ }
+ }
+ }
+ //print_r($res_action);
+ if($res_action == false)
+ {
+ echo "{status : 9, error_txt : '".addslashes($_SESSION['action_error'])."'}";
+ exit();
+ }
+ $comp = ", page_result : ''";
+ if(isset($res_action['page_result']) && !empty($res_action['page_result']))
+ {
+ $comp = ", page_result : '".$res_action['page_result']."'";
+ }
+ if(isset($res_action['table_dest']) && !empty($res_action['table_dest']))
+ {
+ $comp .= ", table : '".$res_action['table_dest']."'";
+ }
+ $_SESSION['action_error'] = _ACTION_DONE.' : '.$label_action;
+ echo "{status : 0, error_txt : '".addslashes($_SESSION['action_error'])."'".$comp.", result_id : '".$res_action['result']."'}";
+ }
+ }
+ // Save action in history if needed
+ if($bool_history=='Y')
+ {
+ require_once("core".DIRECTORY_SEPARATOR."class".DIRECTORY_SEPARATOR."class_history.php");
+ $hist = new history();
+ $arr_res = explode('#', $res_action['result']);
+ for($i=0; $i<count($arr_res );$i++)
+ {
+ if(!empty($arr_res[$i]))
+ {
+ $what = $label_action.'('._NUM.$arr_res[$i].') ';
+ if(isset($res_action['history_msg']) && !empty($res_action['history_msg']))
+ {
+ $what .= $res_action['history_msg'];
+ }
+ $hist->add($_POST['table'],$arr_res[$i],'ACTION#'.$id_action,$what, $_SESSION['config']['databasetype'], $_POST['module']);
+ }
+ }
+ }
- exit();
+ exit();
}
?>