X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fcurrent_user.inc;h=7d80febbe3b4f02f8f1acb00a5bd1a8d6f3d1903;hb=e8ebca8f2b08eeb3bfd3da04ca946dfa8cc1fb3f;hp=3f9505671b8b8bbca515e015fcd3136d41edfce5;hpb=d657046566ffe70c3c2099464224de1a063d19d2;p=fa-stable.git diff --git a/includes/current_user.inc b/includes/current_user.inc index 3f950567..7d80febb 100644 --- a/includes/current_user.inc +++ b/includes/current_user.inc @@ -9,27 +9,32 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the License here . ***********************************************************************/ -include_once($path_to_root . "/includes/prefs/userprefs.inc"); +include_once($path_to_root . "/includes/prefs/userprefs.inc"); +if (!defined('TB_PREF')) { + define('TB_PREF', '&TB_PREF&'); +} //-------------------------------------------------------------------------- class current_user { - var $user; + var $user = 0; var $loginname; var $username; var $name; - var $company; + var $email; + var $company; // user's company var $pos; var $access; var $timeout; var $last_act; var $role_set = false; - var $old_db; + var $old_db; var $logged; var $ui_mode = 0; var $prefs; + var $cur_con; // current db connection (can be different from $company for superuser) function current_user() { @@ -54,16 +59,37 @@ class current_user function login($company, $loginname, $password) { - global $security_areas, $security_groups, $security_headings, $path_to_root; - + global $security_areas, $security_groups, $security_headings, $path_to_root, $dflt_lang, $login_delay; + $this->set_company($company); $this->logged = false; - $Auth_Result = get_user_for_login($loginname, $password); + set_global_connection($company); + $lang = &$_SESSION['language']; + $lang->set_language($_SESSION['language']->code); + db_set_encoding($_SESSION['language']->encoding); - if (db_num_rows($Auth_Result) > 0) + // Use external authentication source if any. + // Keep in mind you need to have user data set for $loginname + // in FA users table anyway to successfully log in. + $Auth_Result = hook_authenticate($loginname, $password); + + if (!isset($Auth_Result)) // if not used: standard method + $Auth_Result = get_user_auth($loginname, md5($password)); + + if ($login_delay > 0) + write_login_filelog($loginname, $Auth_Result); + + if ($Auth_Result) { - $myrow = db_fetch($Auth_Result); + $myrow = get_user_by_login($loginname); + if ($myrow['language'] != $dflt_lang) + { // refresh language and user data + $lang->set_language($myrow['language']); + db_set_encoding($_SESSION['language']->encoding); + $myrow = get_user_by_login($loginname); + } + $this->old_db = isset($myrow["full_access"]); if (! @$myrow["inactive"]) { if ($this->old_db) { @@ -105,6 +131,7 @@ class current_user $this->username = $this->loginname; $this->prefs = new user_prefs($myrow); $this->user = @$myrow["id"]; + $this->email = @$myrow["email"]; update_user_visitdate($this->username); $this->logged = true; $this->last_act = time(); @@ -124,20 +151,20 @@ class current_user return !isset($security_groups) && is_array($this->role_set); } - function can_access($page_level) + function can_access($sec_area) { global $security_groups, $security_areas; if (isset($security_groups)) { - return $this->company == 0 && + return is_admin_company() && in_array(20, $security_groups[$this->access]); } - if ($page_level === 'SA_OPEN') + if ($sec_area === 'SA_OPEN') return true; - if ($page_level === 'SA_DENIED' || $page_level === '') + if ($sec_area === 'SA_DENIED' || $sec_area === '') return false; - $code = $security_areas[$page_level][0]; + $code = $security_areas[$sec_area][0]; // only first registered company has site admin privileges return $code && in_array($code, $this->role_set) @@ -149,22 +176,77 @@ class current_user return $this->can_access($page_level); } - function get_db_connection($id=-1) + function check_application_access($waapp) + { + if (!$this->hide_inaccessible_menu_items()) + { + return true; + } + + foreach ($waapp->modules as $module) + { + if ($this->check_module_access($module)) + { + return true; + } + } + + return false; + + } + + function check_module_access($module) { - global $db_connections; - $connection = $db_connections[$id == -1 ? $this->company : $id]; + if (!$this->hide_inaccessible_menu_items()) + { + return true; + } + + if (sizeof($module->lappfunctions) > 0) + { + foreach ($module->lappfunctions as $appfunction) + { + if ($appfunction->label != "" && $this->can_access_page($appfunction->access)) + { + return true; + } + } + } + + if (sizeof($module->rappfunctions) > 0) + { + foreach ($module->rappfunctions as $appfunction) + { + if ($appfunction->label != "" && $this->can_access_page($appfunction->access)) + { + return true; + } + } + } + + return false; - //print_r($connection); + } - $db = mysql_connect($connection["host"] , - $connection["dbuser"], $connection["dbpassword"]); - mysql_select_db($connection["dbname"],$db); + function hide_inaccessible_menu_items() + { + global $hide_inaccessible_menu_items; - if (!defined('TB_PREF')) - define('TB_PREF', $connection["tbpref"]); + if (!isset($hide_inaccessible_menu_items) || $hide_inaccessible_menu_items == 0) + { + return false; + } - return $db; + else + { + return true; + } + } + + function set_db_connection($id = -1) + { + return set_global_connection($id); } function update_prefs($prefs) @@ -198,7 +280,7 @@ function number_format2($number, $decimals=0) $tsep = $thoseps[$_SESSION["wa_current_user"]->prefs->tho_sep()]; $dsep = $decseps[$_SESSION["wa_current_user"]->prefs->dec_sep()]; //return number_format($number, $decimals, $dsep, $tsep); - if($decimals=='max') + if($decimals==='max') $dec = 15 - floor(log10(abs($number))); else { $delta = ($number < 0 ? -.0000000001 : .0000000001); @@ -211,6 +293,20 @@ function number_format2($number, $decimals=0) return $decimals==='max' ? rtrim($num, '0') : $num; } + +/* price/float comparision helper to be used in any suspicious place for zero values? +usage: +if (!floatcmp($value1, $value2)) + compare value is 0 +*/ + +define('FLOAT_COMP_DELTA', 0.004); + +function floatcmp($a, $b) +{ + return $a - $b > FLOAT_COMP_DELTA ? 1 : ($b - $a > FLOAT_COMP_DELTA ? -1 : 0); +} + // // Current ui mode. // @@ -251,6 +347,7 @@ function qty_format($number, $stock_id=null, &$dec) { $dec = get_qty_dec($stock_id); return number_format2($number, $dec); } + // and get_qty_dec function get_qty_dec($stock_id=null) { @@ -267,7 +364,7 @@ function get_qty_dec($stock_id=null) // Maximum precision format. Strips trailing unsignificant digits. // function maxprec_format($number) { - return number_format2($number, null); + return number_format2($number, 'max'); } function exrate_format($number) { @@ -419,6 +516,17 @@ function user_startup_tab() return $_SESSION["wa_current_user"]->prefs->start_up_tab(); } +function user_transaction_days() +{ + return $_SESSION["wa_current_user"]->prefs->transaction_days(); +} + + +function user_check_access($sec_area) +{ + return $_SESSION["wa_current_user"]->can_access($sec_area); +} + function set_user_prefs($prefs) { $_SESSION["wa_current_user"]->update_prefs($prefs); @@ -525,9 +633,20 @@ function array_search_key($needle, $haystack, $valuekey=null) return @$keys[0]; } +// Recalculate report columns if orientation is landscape. +function recalculate_cols(&$cols) +{ + $factor = (user_pagesize() == "A4" ? 1.4 : 1.3); + foreach($cols as $key => $col) + $cols[$key] = intval($col * $factor); +} + function flush_dir($path, $wipe = false) { $dir = opendir($path); + if(!$dir) + return; + while(false !== ($fname = readdir($dir))) { if($fname=='.' || $fname=='..' || $fname=='CVS' || (!$wipe && $fname=='index.php')) continue; if(is_dir($path.'/'.$fname)) { @@ -553,4 +672,9 @@ function company_path($comp=null) . '/'.$comp; } +function is_admin_company() +{ + return $this->company == 0; +} + ?> \ No newline at end of file