X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fcurrent_user.inc;h=5dd2c197e02a52587af77ce1fd31b78b8feff9d4;hb=0b63d898491b6577a5a5bf90e771dca0dcbbcf1f;hp=3c5a92a82f9c4d0af0f17e2e758ac43b91ff4e37;hpb=77fc3cd3a7af72adadeee798bf666985870b5069;p=fa-stable.git

diff --git a/includes/current_user.inc b/includes/current_user.inc
index 3c5a92a8..5dd2c197 100644
--- a/includes/current_user.inc
+++ b/includes/current_user.inc
@@ -22,6 +22,7 @@ class current_user
 	var $loginname;
 	var $username;
 	var $name;
+	var $email;
 	var $company; // user's company
 	var $pos;
 	var $access;
@@ -53,17 +54,20 @@ class current_user
 
 	function set_company($company)
 	{
-		$this->company = $company;
+		$this->company = (int)$company;
 	}
 
 	function login($company, $loginname, $password)
 	{
-		global $security_areas, $security_groups, $security_headings, $path_to_root;
+		global $security_areas, $security_groups, $security_headings, $path_to_root, $dflt_lang, $login_delay;
 
 		$this->set_company($company);
 	    $this->logged = false;
 
-		set_global_connection();
+		set_global_connection($company);
+		$lang = &$_SESSION['language'];
+		$lang->set_language($_SESSION['language']->code);
+		db_set_encoding($_SESSION['language']->encoding);
 
 		// Use external authentication source if any.
 		// Keep in mind you need to have user data set for $loginname
@@ -73,11 +77,19 @@ class current_user
 		if (!isset($Auth_Result))	// if not used: standard method
 			$Auth_Result = get_user_auth($loginname, md5($password));
 
-		write_login_filelog($loginname, $Auth_Result);
+		if ($login_delay > 0)
+			write_login_filelog($loginname, $Auth_Result);
 
 		if ($Auth_Result)
 		{
 			$myrow = get_user_by_login($loginname);
+			if ($myrow['language'] != $dflt_lang)
+			{	 // refresh language and user data
+ 				$lang->set_language($myrow['language']);
+				db_set_encoding($_SESSION['language']->encoding);
+				$myrow = get_user_by_login($loginname);
+			}
+
 			$this->old_db = isset($myrow["full_access"]);
 			if (! @$myrow["inactive"]) {
 				if ($this->old_db) { 
@@ -119,6 +131,7 @@ class current_user
         	    $this->username = $this->loginname;
         	    $this->prefs = new user_prefs($myrow);
         	    $this->user = @$myrow["id"];
+                $this->email = @$myrow["email"];
 		    	update_user_visitdate($this->username);
 		    	$this->logged = true;
 				$this->last_act = time();
@@ -128,6 +141,32 @@ class current_user
 		return $this->logged;
 	}
 
+	function reset_password($company, $email) {
+		global $app_title;
+
+		$this->set_company($company);
+		$this->logged = false;
+
+		set_global_connection();
+
+		$myrow = get_user_by_email($email);
+
+		if ($myrow['id'] != "") {
+
+			$bytes = openssl_random_pseudo_bytes(8, $cstrong);
+			$password   = base64_encode($bytes);
+
+			$hash = md5($password);
+
+			update_user_password($myrow['id'], $myrow['user_id'], $hash);
+
+			mail($myrow['email'], _("New password for")." ".$app_title, $password);
+
+			return true;
+		}
+   		return false;
+    }
+
 	function check_user_access()
 	{
 		global $security_groups;
@@ -138,20 +177,20 @@ class current_user
 			return !isset($security_groups) && is_array($this->role_set);
 	}
 
-	function can_access($page_level)
+	function can_access($sec_area)
 	{
 		global $security_groups, $security_areas;
 		if (isset($security_groups)) {
-			return $this->company == 0 &&
+			return is_admin_company() &&
 				in_array(20, $security_groups[$this->access]);
 		}
 
-		if ($page_level === 'SA_OPEN') 
+		if ($sec_area === 'SA_OPEN') 
 			return true;
-		if ($page_level === 'SA_DENIED' || $page_level === '') 
+		if ($sec_area === 'SA_DENIED' || $sec_area === '') 
 			return false;
 
-		$code = $security_areas[$page_level][0];
+		$code = $security_areas[$sec_area][0];
 
 		// only first registered company has site admin privileges
 		return $code && in_array($code, $this->role_set)
@@ -503,6 +542,17 @@ function user_startup_tab()
 	return $_SESSION["wa_current_user"]->prefs->start_up_tab();
 }
 
+function user_transaction_days()
+{
+    return $_SESSION["wa_current_user"]->prefs->transaction_days();
+}
+
+
+function user_check_access($sec_area)
+{
+	return $_SESSION["wa_current_user"]->can_access($sec_area);
+}
+
 function set_user_prefs($prefs)
 {
 	$_SESSION["wa_current_user"]->update_prefs($prefs);
@@ -609,11 +659,20 @@ function array_search_key($needle, $haystack, $valuekey=null)
 	return @$keys[0];
 }
 
+// Recalculate report columns if orientation is landscape.
+function recalculate_cols(&$cols)
+{
+	$factor = (user_pagesize() == "A4" ? 1.4 : 1.3);
+	foreach($cols as $key => $col)
+		$cols[$key] = intval($col * $factor); 
+}
+
 function flush_dir($path, $wipe = false) 
 {
 	$dir = opendir($path);
 	if(!$dir)
 		return;
+
 	while(false !== ($fname = readdir($dir))) {
 		if($fname=='.' || $fname=='..' || $fname=='CVS' || (!$wipe && $fname=='index.php')) continue;
   		if(is_dir($path.'/'.$fname)) {
@@ -639,5 +698,9 @@ function company_path($comp=null)
 			. '/'.$comp;
 }
 
+function is_admin_company()
+{
+	return $this->company == 0;
+}
 
 ?>
\ No newline at end of file