X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fcurrent_user.inc;h=5dd2c197e02a52587af77ce1fd31b78b8feff9d4;hb=0b63d898491b6577a5a5bf90e771dca0dcbbcf1f;hp=51c03ee626f0e29f75fa453e756a541732a31bd8;hpb=ab5bb181d749dae6f681ee44cba86c9ef2d26c06;p=fa-stable.git

diff --git a/includes/current_user.inc b/includes/current_user.inc
index 51c03ee6..5dd2c197 100644
--- a/includes/current_user.inc
+++ b/includes/current_user.inc
@@ -18,10 +18,11 @@ if (!defined('TB_PREF')) {
 
 class current_user
 {
-	var $user;
+	var $user = 0;
 	var $loginname;
 	var $username;
 	var $name;
+	var $email;
 	var $company; // user's company
 	var $pos;
 	var $access;
@@ -53,17 +54,20 @@ class current_user
 
 	function set_company($company)
 	{
-		$this->company = $company;
+		$this->company = (int)$company;
 	}
 
 	function login($company, $loginname, $password)
 	{
-		global $security_areas, $security_groups, $security_headings, $path_to_root;
-		
+		global $security_areas, $security_groups, $security_headings, $path_to_root, $dflt_lang, $login_delay;
+
 		$this->set_company($company);
 	    $this->logged = false;
 
-		set_global_connection();
+		set_global_connection($company);
+		$lang = &$_SESSION['language'];
+		$lang->set_language($_SESSION['language']->code);
+		db_set_encoding($_SESSION['language']->encoding);
 
 		// Use external authentication source if any.
 		// Keep in mind you need to have user data set for $loginname
@@ -73,9 +77,19 @@ class current_user
 		if (!isset($Auth_Result))	// if not used: standard method
 			$Auth_Result = get_user_auth($loginname, md5($password));
 
+		if ($login_delay > 0)
+			write_login_filelog($loginname, $Auth_Result);
+
 		if ($Auth_Result)
 		{
 			$myrow = get_user_by_login($loginname);
+			if ($myrow['language'] != $dflt_lang)
+			{	 // refresh language and user data
+ 				$lang->set_language($myrow['language']);
+				db_set_encoding($_SESSION['language']->encoding);
+				$myrow = get_user_by_login($loginname);
+			}
+
 			$this->old_db = isset($myrow["full_access"]);
 			if (! @$myrow["inactive"]) {
 				if ($this->old_db) { 
@@ -117,6 +131,7 @@ class current_user
         	    $this->username = $this->loginname;
         	    $this->prefs = new user_prefs($myrow);
         	    $this->user = @$myrow["id"];
+                $this->email = @$myrow["email"];
 		    	update_user_visitdate($this->username);
 		    	$this->logged = true;
 				$this->last_act = time();
@@ -126,6 +141,32 @@ class current_user
 		return $this->logged;
 	}
 
+	function reset_password($company, $email) {
+		global $app_title;
+
+		$this->set_company($company);
+		$this->logged = false;
+
+		set_global_connection();
+
+		$myrow = get_user_by_email($email);
+
+		if ($myrow['id'] != "") {
+
+			$bytes = openssl_random_pseudo_bytes(8, $cstrong);
+			$password   = base64_encode($bytes);
+
+			$hash = md5($password);
+
+			update_user_password($myrow['id'], $myrow['user_id'], $hash);
+
+			mail($myrow['email'], _("New password for")." ".$app_title, $password);
+
+			return true;
+		}
+   		return false;
+    }
+
 	function check_user_access()
 	{
 		global $security_groups;
@@ -136,20 +177,20 @@ class current_user
 			return !isset($security_groups) && is_array($this->role_set);
 	}
 
-	function can_access($page_level)
+	function can_access($sec_area)
 	{
 		global $security_groups, $security_areas;
 		if (isset($security_groups)) {
-			return $this->company == 0 &&
+			return is_admin_company() &&
 				in_array(20, $security_groups[$this->access]);
 		}
 
-		if ($page_level === 'SA_OPEN') 
+		if ($sec_area === 'SA_OPEN') 
 			return true;
-		if ($page_level === 'SA_DENIED' || $page_level === '') 
+		if ($sec_area === 'SA_DENIED' || $sec_area === '') 
 			return false;
 
-		$code = $security_areas[$page_level][0];
+		$code = $security_areas[$sec_area][0];
 
 		// only first registered company has site admin privileges
 		return $code && in_array($code, $this->role_set)
@@ -161,6 +202,74 @@ class current_user
 		return $this->can_access($page_level);
 	}
 
+	function check_application_access($waapp)
+	{
+		if (!$this->hide_inaccessible_menu_items())
+		{
+			return true;
+		}
+
+		foreach ($waapp->modules as $module)
+		{
+			if ($this->check_module_access($module))
+			{
+				return true;
+			}
+		}
+
+		return false;
+
+	}
+
+	function check_module_access($module)
+	{
+
+		if (!$this->hide_inaccessible_menu_items())
+		{
+			return true;
+		}
+
+		if (sizeof($module->lappfunctions) > 0)
+		{
+			foreach ($module->lappfunctions as $appfunction)
+			{
+				if ($appfunction->label != "" && $this->can_access_page($appfunction->access))
+				{
+					return true;
+				}
+			}
+		}
+
+		if (sizeof($module->rappfunctions) > 0)
+		{
+			foreach ($module->rappfunctions as $appfunction)
+			{
+				if ($appfunction->label != "" && $this->can_access_page($appfunction->access))
+				{
+					return true;
+				}
+			}
+		}
+
+		return false;
+
+	}
+
+	function hide_inaccessible_menu_items()
+	{
+		global $hide_inaccessible_menu_items;
+
+		if (!isset($hide_inaccessible_menu_items) || $hide_inaccessible_menu_items == 0)
+		{
+			return false;
+		}
+
+		else
+		{
+			return true;
+		}
+	}
+
 	function set_db_connection($id = -1)
 	{
 		return set_global_connection($id);
@@ -217,11 +326,11 @@ if (!floatcmp($value1, $value2))
 	compare value is 0
 */
 
-define('FLOAT_COMP_DELTA', 0.0000001);
+define('FLOAT_COMP_DELTA', 0.004);
 
 function floatcmp($a, $b)
 {
-    return $a - $b > FLOAT_COMP_DELTA ? 1 : $b - $a > FLOAT_COMP_DELTA ? -1 : 0;
+    return $a - $b > FLOAT_COMP_DELTA ? 1 : ($b - $a > FLOAT_COMP_DELTA ? -1 : 0);
 }
 
 //
@@ -433,6 +542,17 @@ function user_startup_tab()
 	return $_SESSION["wa_current_user"]->prefs->start_up_tab();
 }
 
+function user_transaction_days()
+{
+    return $_SESSION["wa_current_user"]->prefs->transaction_days();
+}
+
+
+function user_check_access($sec_area)
+{
+	return $_SESSION["wa_current_user"]->can_access($sec_area);
+}
+
 function set_user_prefs($prefs)
 {
 	$_SESSION["wa_current_user"]->update_prefs($prefs);
@@ -539,11 +659,20 @@ function array_search_key($needle, $haystack, $valuekey=null)
 	return @$keys[0];
 }
 
+// Recalculate report columns if orientation is landscape.
+function recalculate_cols(&$cols)
+{
+	$factor = (user_pagesize() == "A4" ? 1.4 : 1.3);
+	foreach($cols as $key => $col)
+		$cols[$key] = intval($col * $factor); 
+}
+
 function flush_dir($path, $wipe = false) 
 {
 	$dir = opendir($path);
 	if(!$dir)
 		return;
+
 	while(false !== ($fname = readdir($dir))) {
 		if($fname=='.' || $fname=='..' || $fname=='CVS' || (!$wipe && $fname=='index.php')) continue;
   		if(is_dir($path.'/'.$fname)) {
@@ -569,4 +698,9 @@ function company_path($comp=null)
 			. '/'.$comp;
 }
 
+function is_admin_company()
+{
+	return $this->company == 0;
+}
+
 ?>
\ No newline at end of file