X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fcurrent_user.inc;h=5dd2c197e02a52587af77ce1fd31b78b8feff9d4;hb=0b63d898491b6577a5a5bf90e771dca0dcbbcf1f;hp=f4533ddf30a59136e75c42ab74c8626782113b4e;hpb=96f82e64b766fa59a3ebc3176e4efd17736f6878;p=fa-stable.git diff --git a/includes/current_user.inc b/includes/current_user.inc index f4533ddf..5dd2c197 100644 --- a/includes/current_user.inc +++ b/includes/current_user.inc @@ -18,10 +18,11 @@ if (!defined('TB_PREF')) { class current_user { - var $user; + var $user = 0; var $loginname; var $username; var $name; + var $email; var $company; // user's company var $pos; var $access; @@ -53,17 +54,20 @@ class current_user function set_company($company) { - $this->company = $company; + $this->company = (int)$company; } function login($company, $loginname, $password) { - global $security_areas, $security_groups, $security_headings, $path_to_root; - + global $security_areas, $security_groups, $security_headings, $path_to_root, $dflt_lang, $login_delay; + $this->set_company($company); $this->logged = false; - set_global_connection(); + set_global_connection($company); + $lang = &$_SESSION['language']; + $lang->set_language($_SESSION['language']->code); + db_set_encoding($_SESSION['language']->encoding); // Use external authentication source if any. // Keep in mind you need to have user data set for $loginname @@ -73,9 +77,18 @@ class current_user if (!isset($Auth_Result)) // if not used: standard method $Auth_Result = get_user_auth($loginname, md5($password)); + if ($login_delay > 0) + write_login_filelog($loginname, $Auth_Result); + if ($Auth_Result) { $myrow = get_user_by_login($loginname); + if ($myrow['language'] != $dflt_lang) + { // refresh language and user data + $lang->set_language($myrow['language']); + db_set_encoding($_SESSION['language']->encoding); + $myrow = get_user_by_login($loginname); + } $this->old_db = isset($myrow["full_access"]); if (! @$myrow["inactive"]) { @@ -118,6 +131,7 @@ class current_user $this->username = $this->loginname; $this->prefs = new user_prefs($myrow); $this->user = @$myrow["id"]; + $this->email = @$myrow["email"]; update_user_visitdate($this->username); $this->logged = true; $this->last_act = time(); @@ -127,6 +141,32 @@ class current_user return $this->logged; } + function reset_password($company, $email) { + global $app_title; + + $this->set_company($company); + $this->logged = false; + + set_global_connection(); + + $myrow = get_user_by_email($email); + + if ($myrow['id'] != "") { + + $bytes = openssl_random_pseudo_bytes(8, $cstrong); + $password = base64_encode($bytes); + + $hash = md5($password); + + update_user_password($myrow['id'], $myrow['user_id'], $hash); + + mail($myrow['email'], _("New password for")." ".$app_title, $password); + + return true; + } + return false; + } + function check_user_access() { global $security_groups; @@ -141,7 +181,7 @@ class current_user { global $security_groups, $security_areas; if (isset($security_groups)) { - return $this->company == 0 && + return is_admin_company() && in_array(20, $security_groups[$this->access]); } @@ -162,6 +202,74 @@ class current_user return $this->can_access($page_level); } + function check_application_access($waapp) + { + if (!$this->hide_inaccessible_menu_items()) + { + return true; + } + + foreach ($waapp->modules as $module) + { + if ($this->check_module_access($module)) + { + return true; + } + } + + return false; + + } + + function check_module_access($module) + { + + if (!$this->hide_inaccessible_menu_items()) + { + return true; + } + + if (sizeof($module->lappfunctions) > 0) + { + foreach ($module->lappfunctions as $appfunction) + { + if ($appfunction->label != "" && $this->can_access_page($appfunction->access)) + { + return true; + } + } + } + + if (sizeof($module->rappfunctions) > 0) + { + foreach ($module->rappfunctions as $appfunction) + { + if ($appfunction->label != "" && $this->can_access_page($appfunction->access)) + { + return true; + } + } + } + + return false; + + } + + function hide_inaccessible_menu_items() + { + global $hide_inaccessible_menu_items; + + if (!isset($hide_inaccessible_menu_items) || $hide_inaccessible_menu_items == 0) + { + return false; + } + + else + { + return true; + } + } + function set_db_connection($id = -1) { return set_global_connection($id); @@ -222,7 +330,7 @@ define('FLOAT_COMP_DELTA', 0.004); function floatcmp($a, $b) { - return $a - $b > FLOAT_COMP_DELTA ? 1 : $b - $a > FLOAT_COMP_DELTA ? -1 : 0; + return $a - $b > FLOAT_COMP_DELTA ? 1 : ($b - $a > FLOAT_COMP_DELTA ? -1 : 0); } // @@ -551,6 +659,14 @@ function array_search_key($needle, $haystack, $valuekey=null) return @$keys[0]; } +// Recalculate report columns if orientation is landscape. +function recalculate_cols(&$cols) +{ + $factor = (user_pagesize() == "A4" ? 1.4 : 1.3); + foreach($cols as $key => $col) + $cols[$key] = intval($col * $factor); +} + function flush_dir($path, $wipe = false) { $dir = opendir($path); @@ -582,4 +698,9 @@ function company_path($comp=null) . '/'.$comp; } +function is_admin_company() +{ + return $this->company == 0; +} + ?> \ No newline at end of file