X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fcurrent_user.inc;h=515f6e4e0d57bcd8f04e3c62cd0ff7d3918e0586;hb=1466764d49233238c6097c95341875be552d7487;hp=b97db9f374bdf747390201ef5f29da3765c0d444;hpb=46c5f7a65a7659a44ae8254c63152074363d3987;p=fa-stable.git

diff --git a/includes/current_user.inc b/includes/current_user.inc
index b97db9f3..515f6e4e 100644
--- a/includes/current_user.inc
+++ b/includes/current_user.inc
@@ -18,10 +18,11 @@ if (!defined('TB_PREF')) {
 
 class current_user
 {
-	var $user;
+	var $user = 0;
 	var $loginname;
 	var $username;
 	var $name;
+	var $email;
 	var $company; // user's company
 	var $pos;
 	var $access;
@@ -53,21 +54,32 @@ class current_user
 
 	function set_company($company)
 	{
-		$this->company = $company;
+		$this->company = (int)$company;
 	}
 
 	function login($company, $loginname, $password)
 	{
-		global $security_areas, $security_groups, $security_headings, $path_to_root;
-		
+		global $security_areas, $security_groups, $security_headings, $path_to_root, $login_delay;
+
 		$this->set_company($company);
 	    $this->logged = false;
 
-		$Auth_Result = get_user_for_login($loginname, $password);
+		set_global_connection();
+
+		// Use external authentication source if any.
+		// Keep in mind you need to have user data set for $loginname
+		// in FA users table anyway to successfully log in.
+		$Auth_Result = hook_authenticate($loginname, $password);
+
+		if (!isset($Auth_Result))	// if not used: standard method
+			$Auth_Result = get_user_auth($loginname, md5($password));
+
+		if ($login_delay > 0)
+			write_login_filelog($loginname, $Auth_Result);
 
-		if (db_num_rows($Auth_Result) > 0)
+		if ($Auth_Result)
 		{
-			$myrow = db_fetch($Auth_Result);
+			$myrow = get_user_by_login($loginname);
 			$this->old_db = isset($myrow["full_access"]);
 			if (! @$myrow["inactive"]) {
 				if ($this->old_db) { 
@@ -109,6 +121,7 @@ class current_user
         	    $this->username = $this->loginname;
         	    $this->prefs = new user_prefs($myrow);
         	    $this->user = @$myrow["id"];
+                $this->email = @$myrow["email"];
 		    	update_user_visitdate($this->username);
 		    	$this->logged = true;
 				$this->last_act = time();
@@ -118,6 +131,32 @@ class current_user
 		return $this->logged;
 	}
 
+	function reset_password($company, $email) {
+		global $app_title;
+
+		$this->set_company($company);
+		$this->logged = false;
+
+		set_global_connection();
+
+		$user = get_user_by_email($email);
+
+		if ($user != false) {
+
+			$bytes = openssl_random_pseudo_bytes(8, $cstrong);
+			$password   = base64_encode($bytes);
+
+			$hash = md5($password);
+
+			update_user_password($user['id'], $user['user_id'], $hash);
+
+			mail($user['email'], _("New password for")." ".$app_title, $password);
+
+			return true;
+		}
+   		return false;
+    }
+
 	function check_user_access()
 	{
 		global $security_groups;
@@ -153,6 +192,74 @@ class current_user
 		return $this->can_access($page_level);
 	}
 
+	function check_application_access($waapp)
+	{
+		if (!$this->hide_inaccessible_menu_items())
+		{
+			return true;
+		}
+
+		foreach ($waapp->modules as $module)
+		{
+			if ($this->check_module_access($module))
+			{
+				return true;
+			}
+		}
+
+		return false;
+
+	}
+
+	function check_module_access($module)
+	{
+
+		if (!$this->hide_inaccessible_menu_items())
+		{
+			return true;
+		}
+
+		if (sizeof($module->lappfunctions) > 0)
+		{
+			foreach ($module->lappfunctions as $appfunction)
+			{
+				if ($appfunction->label != "" && $this->can_access_page($appfunction->access))
+				{
+					return true;
+				}
+			}
+		}
+
+		if (sizeof($module->rappfunctions) > 0)
+		{
+			foreach ($module->rappfunctions as $appfunction)
+			{
+				if ($appfunction->label != "" && $this->can_access_page($appfunction->access))
+				{
+					return true;
+				}
+			}
+		}
+
+		return false;
+
+	}
+
+	function hide_inaccessible_menu_items()
+	{
+		global $hide_inaccessible_menu_items;
+
+		if (!isset($hide_inaccessible_menu_items) || $hide_inaccessible_menu_items == 0)
+		{
+			return false;
+		}
+
+		else
+		{
+			return true;
+		}
+	}
+
 	function set_db_connection($id = -1)
 	{
 		return set_global_connection($id);
@@ -202,6 +309,20 @@ function number_format2($number, $decimals=0)
 	return $decimals==='max' ? rtrim($num, '0') : $num;
 
 }
+
+/* price/float comparision helper to be used in any suspicious place for zero values? 
+usage:
+if (!floatcmp($value1, $value2)) 
+	compare value is 0
+*/
+
+define('FLOAT_COMP_DELTA', 0.004);
+
+function floatcmp($a, $b)
+{
+    return $a - $b > FLOAT_COMP_DELTA ? 1 : ($b - $a > FLOAT_COMP_DELTA ? -1 : 0);
+}
+
 //
 //	Current ui mode.
 //
@@ -517,9 +638,19 @@ function array_search_key($needle, $haystack, $valuekey=null)
 	return @$keys[0];
 }
 
+// Recalculate report columns if orientation is landscape.
+function recalculate_cols(&$cols)
+{
+	$factor = (user_pagesize() == "A4" ? 1.4 : 1.3);
+	foreach($cols as $key => $col)
+		$cols[$key] = intval($col * $factor); 
+}
+
 function flush_dir($path, $wipe = false) 
 {
 	$dir = opendir($path);
+	if(!$dir)
+		return;
 	while(false !== ($fname = readdir($dir))) {
 		if($fname=='.' || $fname=='..' || $fname=='CVS' || (!$wipe && $fname=='index.php')) continue;
   		if(is_dir($path.'/'.$fname)) {
@@ -545,4 +676,5 @@ function company_path($comp=null)
 			. '/'.$comp;
 }
 
+
 ?>
\ No newline at end of file