var $loginname;
var $username;
var $name;
+ var $email;
var $company; // user's company
var $pos;
var $access;
function set_company($company)
{
- $this->company = $company;
+ $this->company = (int)$company;
}
function login($company, $loginname, $password)
{
- global $security_areas, $security_groups, $security_headings, $path_to_root;
+ global $security_areas, $security_groups, $security_headings, $path_to_root, $dflt_lang, $login_delay;
$this->set_company($company);
$this->logged = false;
- set_global_connection();
+ set_global_connection($company);
+ $lang = &$_SESSION['language'];
+ $lang->set_language($_SESSION['language']->code);
+ db_set_encoding($_SESSION['language']->encoding);
// Use external authentication source if any.
// Keep in mind you need to have user data set for $loginname
if (!isset($Auth_Result)) // if not used: standard method
$Auth_Result = get_user_auth($loginname, md5($password));
- write_login_filelog($loginname, $Auth_Result);
+ if ($login_delay > 0)
+ write_login_filelog($loginname, $Auth_Result);
if ($Auth_Result)
{
$myrow = get_user_by_login($loginname);
+ if ($myrow['language'] != $dflt_lang)
+ { // refresh language and user data
+ $lang->set_language($myrow['language']);
+ db_set_encoding($_SESSION['language']->encoding);
+ $myrow = get_user_by_login($loginname);
+ }
+
$this->old_db = isset($myrow["full_access"]);
if (! @$myrow["inactive"]) {
if ($this->old_db) {
$this->username = $this->loginname;
$this->prefs = new user_prefs($myrow);
$this->user = @$myrow["id"];
+ $this->email = @$myrow["email"];
update_user_visitdate($this->username);
$this->logged = true;
$this->last_act = time();
return $this->logged;
}
+ function reset_password($company, $email) {
+ global $app_title;
+
+ $this->set_company($company);
+ $this->logged = false;
+
+ set_global_connection();
+
+ $myrow = get_user_by_email($email);
+
+ if ($myrow['id'] != "") {
+
+ $bytes = openssl_random_pseudo_bytes(8, $cstrong);
+ $password = base64_encode($bytes);
+
+ $hash = md5($password);
+
+ update_user_password($myrow['id'], $myrow['user_id'], $hash);
+
+ mail($myrow['email'], _("New password for")." ".$app_title, $password);
+
+ return true;
+ }
+ return false;
+ }
+
function check_user_access()
{
global $security_groups;
return !isset($security_groups) && is_array($this->role_set);
}
- function can_access($page_level)
+ function can_access($sec_area)
{
global $security_groups, $security_areas;
if (isset($security_groups)) {
- return $this->company == 0 &&
+ return is_admin_company() &&
in_array(20, $security_groups[$this->access]);
}
- if ($page_level === 'SA_OPEN')
+ if ($sec_area === 'SA_OPEN')
return true;
- if ($page_level === 'SA_DENIED' || $page_level === '')
+ if ($sec_area === 'SA_DENIED' || $sec_area === '')
return false;
- $code = $security_areas[$page_level][0];
+ $code = $security_areas[$sec_area][0];
// only first registered company has site admin privileges
return $code && in_array($code, $this->role_set)
return $_SESSION["wa_current_user"]->prefs->start_up_tab();
}
+function user_transaction_days()
+{
+ return $_SESSION["wa_current_user"]->prefs->transaction_days();
+}
+
+
+function user_check_access($sec_area)
+{
+ return $_SESSION["wa_current_user"]->can_access($sec_area);
+}
+
function set_user_prefs($prefs)
{
$_SESSION["wa_current_user"]->update_prefs($prefs);
return @$keys[0];
}
+// Recalculate report columns if orientation is landscape.
+function recalculate_cols(&$cols)
+{
+ $factor = (user_pagesize() == "A4" ? 1.4 : 1.3);
+ foreach($cols as $key => $col)
+ $cols[$key] = intval($col * $factor);
+}
+
function flush_dir($path, $wipe = false)
{
$dir = opendir($path);
if(!$dir)
return;
+
while(false !== ($fname = readdir($dir))) {
if($fname=='.' || $fname=='..' || $fname=='CVS' || (!$wipe && $fname=='index.php')) continue;
if(is_dir($path.'/'.$fname)) {
. '/'.$comp;
}
+function is_admin_company()
+{
+ return $this->company == 0;
+}
?>
\ No newline at end of file