X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fcurrent_user.inc;h=515f6e4e0d57bcd8f04e3c62cd0ff7d3918e0586;hb=e38a784395ef02ae89ca5cc2d40cbd2ca1ab6246;hp=6ae7160f335f4d887f0676f8bc2346cb61f61e19;hpb=aedd4b780e70d009180a227acff8b2108f5459b1;p=fa-stable.git diff --git a/includes/current_user.inc b/includes/current_user.inc index 6ae7160f..515f6e4e 100644 --- a/includes/current_user.inc +++ b/includes/current_user.inc @@ -9,27 +9,32 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the License here . ***********************************************************************/ -include_once($path_to_root . "/includes/prefs/userprefs.inc"); +include_once($path_to_root . "/includes/prefs/userprefs.inc"); +if (!defined('TB_PREF')) { + define('TB_PREF', '&TB_PREF&'); +} //-------------------------------------------------------------------------- class current_user { - var $user; + var $user = 0; var $loginname; var $username; var $name; - var $company; + var $email; + var $company; // user's company var $pos; var $access; var $timeout; var $last_act; var $role_set = false; - var $old_db; + var $old_db; var $logged; var $ui_mode = 0; var $prefs; + var $cur_con; // current db connection (can be different from $company for superuser) function current_user() { @@ -49,21 +54,32 @@ class current_user function set_company($company) { - $this->company = $company; + $this->company = (int)$company; } function login($company, $loginname, $password) { - global $security_areas, $security_groups, $security_headings, $path_to_root; - + global $security_areas, $security_groups, $security_headings, $path_to_root, $login_delay; + $this->set_company($company); $this->logged = false; - $Auth_Result = get_user_for_login($loginname, $password); + set_global_connection(); + + // Use external authentication source if any. + // Keep in mind you need to have user data set for $loginname + // in FA users table anyway to successfully log in. + $Auth_Result = hook_authenticate($loginname, $password); + + if (!isset($Auth_Result)) // if not used: standard method + $Auth_Result = get_user_auth($loginname, md5($password)); - if (db_num_rows($Auth_Result) > 0) + if ($login_delay > 0) + write_login_filelog($loginname, $Auth_Result); + + if ($Auth_Result) { - $myrow = db_fetch($Auth_Result); + $myrow = get_user_by_login($loginname); $this->old_db = isset($myrow["full_access"]); if (! @$myrow["inactive"]) { if ($this->old_db) { @@ -105,6 +121,7 @@ class current_user $this->username = $this->loginname; $this->prefs = new user_prefs($myrow); $this->user = @$myrow["id"]; + $this->email = @$myrow["email"]; update_user_visitdate($this->username); $this->logged = true; $this->last_act = time(); @@ -114,6 +131,32 @@ class current_user return $this->logged; } + function reset_password($company, $email) { + global $app_title; + + $this->set_company($company); + $this->logged = false; + + set_global_connection(); + + $user = get_user_by_email($email); + + if ($user != false) { + + $bytes = openssl_random_pseudo_bytes(8, $cstrong); + $password = base64_encode($bytes); + + $hash = md5($password); + + update_user_password($user['id'], $user['user_id'], $hash); + + mail($user['email'], _("New password for")." ".$app_title, $password); + + return true; + } + return false; + } + function check_user_access() { global $security_groups; @@ -149,50 +192,87 @@ class current_user return $this->can_access($page_level); } - function get_db_connection($id=-1) + function check_application_access($waapp) { - global $db_connections; + if (!$this->hide_inaccessible_menu_items()) + { + return true; + } - $connection = $db_connections[$id == -1 ? $this->company : $id]; + foreach ($waapp->modules as $module) + { + if ($this->check_module_access($module)) + { + return true; + } + } + + return false; + + } - //print_r($connection); + function check_module_access($module) + { + + if (!$this->hide_inaccessible_menu_items()) + { + return true; + } + + if (sizeof($module->lappfunctions) > 0) + { + foreach ($module->lappfunctions as $appfunction) + { + if ($appfunction->label != "" && $this->can_access_page($appfunction->access)) + { + return true; + } + } + } - $db = mysql_connect($connection["host"] , - $connection["dbuser"], $connection["dbpassword"]); - mysql_select_db($connection["dbname"],$db); + if (sizeof($module->rappfunctions) > 0) + { + foreach ($module->rappfunctions as $appfunction) + { + if ($appfunction->label != "" && $this->can_access_page($appfunction->access)) + { + return true; + } + } + } - if (!defined('TB_PREF')) - define('TB_PREF', $connection["tbpref"]); + return false; - return $db; } - function update_prefs($price_dec, $qty_dec, $exrate_dec, $percent_dec, - $showgl, $showcodes, $date_format, $date_sep, $tho_sep, $dec_sep, - $theme, $pagesize, $show_hints, $profile, $rep_popup, $query_size, - $graphic_links, $lang, $stickydate, $startup_tab) + function hide_inaccessible_menu_items() { - global $allow_demo_mode; + global $hide_inaccessible_menu_items; + + if (!isset($hide_inaccessible_menu_items) || $hide_inaccessible_menu_items == 0) + { + return false; + } + + else + { + return true; + } + } - $user = array( - 'prices_dec' => $price_dec, 'qty_dec' => $qty_dec, - 'rates_dec' => $exrate_dec, 'percent_dec' => $percent_dec, - 'show_gl' => $showgl, 'show_codes' => $showcodes, - 'date_format' => $date_format, 'date_sep' => $date_sep, - 'tho_sep' => $tho_sep, 'dec_sep' => $dec_sep, - 'theme' => $theme, 'page_size' => $pagesize, - 'show_hints' => $show_hints, 'print_profile' => $profile, - 'rep_popup' => $rep_popup, 'query_size' => $query_size, - 'graphic_links' => $graphic_links, 'language' => $lang, - 'sticky_doc_date' => $stickydate, 'startup_tab' => $startup_tab - ); + function set_db_connection($id = -1) + { + return set_global_connection($id); + } + function update_prefs($prefs) + { + global $allow_demo_mode; + if(!$allow_demo_mode) { - update_user_display_prefs($this->user, $price_dec, - $qty_dec, $exrate_dec, $percent_dec, $showgl, $showcodes, - $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize, - $show_hints, $profile, $rep_popup, $query_size, $graphic_links, $lang, $stickydate, $startup_tab); + update_user_prefs($this->user, $prefs); } + $this->prefs = new user_prefs(get_user($this->user)); } } @@ -205,15 +285,44 @@ function round2($number, $decimals=0) return round($number+$delta, $decimals); } +/* + Returns number formatted according to user setup and using $decimals digits after dot + (defualt is 0). When $decimals is set to 'max' maximum available precision is used + (decimals depend on value) and trailing zeros are trimmed. +*/ function number_format2($number, $decimals=0) { global $thoseps, $decseps; $tsep = $thoseps[$_SESSION["wa_current_user"]->prefs->tho_sep()]; $dsep = $decseps[$_SESSION["wa_current_user"]->prefs->dec_sep()]; //return number_format($number, $decimals, $dsep, $tsep); - $delta = ($number < 0 ? -.0000000001 : .0000000001); - return number_format($number+$delta, $decimals, $dsep, $tsep); + if($decimals==='max') + $dec = 15 - floor(log10(abs($number))); + else { + $delta = ($number < 0 ? -.0000000001 : .0000000001); + $number += $delta; + $dec = $decimals; + } + + $num = number_format($number, $dec, $dsep, $tsep); + + return $decimals==='max' ? rtrim($num, '0') : $num; + } + +/* price/float comparision helper to be used in any suspicious place for zero values? +usage: +if (!floatcmp($value1, $value2)) + compare value is 0 +*/ + +define('FLOAT_COMP_DELTA', 0.004); + +function floatcmp($a, $b) +{ + return $a - $b > FLOAT_COMP_DELTA ? 1 : ($b - $a > FLOAT_COMP_DELTA ? -1 : 0); +} + // // Current ui mode. // @@ -254,6 +363,7 @@ function qty_format($number, $stock_id=null, &$dec) { $dec = get_qty_dec($stock_id); return number_format2($number, $dec); } + // and get_qty_dec function get_qty_dec($stock_id=null) { @@ -266,6 +376,13 @@ function get_qty_dec($stock_id=null) return $dec; } //------------------------------------------------------------------- +// +// Maximum precision format. Strips trailing unsignificant digits. +// +function maxprec_format($number) { + return number_format2($number, 'max'); +} + function exrate_format($number) { return number_format2($number, $_SESSION["wa_current_user"]->prefs->exrate_dec()); @@ -299,7 +416,9 @@ function user_numeric($input) { function user_company() { - return $_SESSION["wa_current_user"]->company; + global $def_coy; + + return isset($_SESSION["wa_current_user"]) ? $_SESSION["wa_current_user"]->company : $def_coy; } function user_pos() @@ -369,7 +488,8 @@ function user_dec_sep() function user_theme() { - return $_SESSION["wa_current_user"]->prefs->get_theme(); + return isset($_SESSION["wa_current_user"]) ? + $_SESSION["wa_current_user"]->prefs->get_theme() : 'default'; } function user_pagesize() @@ -412,14 +532,9 @@ function user_startup_tab() return $_SESSION["wa_current_user"]->prefs->start_up_tab(); } -function set_user_prefs($price_dec, $qty_dec, $exrate_dec, $percent_dec, $showgl, $showcodes, - $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize, $show_hints, - $print_profile, $rep_popup, $query_size, $graphic_links, $lang, $stickydate, $startup_tab) +function set_user_prefs($prefs) { - - $_SESSION["wa_current_user"]->update_prefs($price_dec, $qty_dec, $exrate_dec, $percent_dec, $showgl, $showcodes, - $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize, $show_hints, - $print_profile, $rep_popup, $query_size, $graphic_links, $lang, $stickydate, $startup_tab); + $_SESSION["wa_current_user"]->update_prefs($prefs); } function add_user_js_data() { @@ -483,26 +598,83 @@ function array_append(&$array, $elements) $array[$key] = $el; } } - +// +// Search $needle in $haystack or in $haystack[][$valuekey] +// returns $needle found or null. +// function array_search_value($needle, $haystack, $valuekey=null) { foreach($haystack as $key => $value) { - $val = isset($valuekey) ? $value[$valuekey] : $value; + $val = isset($valuekey) ? @$value[$valuekey] : $value; if ($needle == $val){ return $value; } } return null; } - +// +// Search $needle in $haystack or in $haystack[][$valuekey] +// returns array of keys of $haystack elements found +// +function array_search_keys($needle, $haystack, $valuekey=null) +{ + $keys = array(); + if($haystack) + foreach($haystack as $key => $value) { + $val = isset($valuekey) ? @$value[$valuekey] : $value; + if ($needle == $val){ + $keys[] = $key; + } + } + return $keys; +} +// +// Find first (single) $needle in $haystack or in $haystack[][$valuekey] +// returns $haystack element found or null +// function array_search_key($needle, $haystack, $valuekey=null) { - foreach($haystack as $key => $value) { - $val = isset($valuekey) ? $value[$valuekey] : $value; - if ($needle == $val){ - return $key; - } + $keys = array_search_keys($needle, $haystack, $valuekey); + return @$keys[0]; +} + +// Recalculate report columns if orientation is landscape. +function recalculate_cols(&$cols) +{ + $factor = (user_pagesize() == "A4" ? 1.4 : 1.3); + foreach($cols as $key => $col) + $cols[$key] = intval($col * $factor); +} + +function flush_dir($path, $wipe = false) +{ + $dir = opendir($path); + if(!$dir) + return; + while(false !== ($fname = readdir($dir))) { + if($fname=='.' || $fname=='..' || $fname=='CVS' || (!$wipe && $fname=='index.php')) continue; + if(is_dir($path.'/'.$fname)) { + flush_dir($path.'/'.$fname, $wipe); + if ($wipe) @rmdir($path.'/'.$fname); + } else + @unlink($path.'/'.$fname); } - return null; } +/* + Returns current path to company private folder. + (Current path can change after chdir). +*/ +function company_path($comp=null) +{ + global $path_to_root, $comp_path; + + if (!isset($comp)) + $comp = user_company(); + + // if path is relative, set current path_to_root + return ($comp_path[0]=='.' ? $path_to_root.'/'.basename($comp_path) : $comp_path) + . '/'.$comp; +} + + ?> \ No newline at end of file