X-Git-Url: https://delta.frontaccounting.com/gitweb/?a=blobdiff_plain;f=includes%2Fcurrent_user.inc;h=f4533ddf30a59136e75c42ab74c8626782113b4e;hb=96f82e64b766fa59a3ebc3176e4efd17736f6878;hp=5430b1104c2eb1d59b1ae31df94f364a0901bf1b;hpb=a905e25b57bd657012685ac6836177888a95b93c;p=fa-stable.git diff --git a/includes/current_user.inc b/includes/current_user.inc index 5430b110..f4533ddf 100644 --- a/includes/current_user.inc +++ b/includes/current_user.inc @@ -9,8 +9,11 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the License here . ***********************************************************************/ -include_once($path_to_root . "/includes/prefs/userprefs.inc"); +include_once($path_to_root . "/includes/prefs/userprefs.inc"); +if (!defined('TB_PREF')) { + define('TB_PREF', '&TB_PREF&'); +} //-------------------------------------------------------------------------- class current_user @@ -19,17 +22,18 @@ class current_user var $loginname; var $username; var $name; - var $company; + var $company; // user's company var $pos; var $access; var $timeout; var $last_act; var $role_set = false; - + var $old_db; var $logged; var $ui_mode = 0; var $prefs; + var $cur_con; // current db connection (can be different from $company for superuser) function current_user() { @@ -54,16 +58,25 @@ class current_user function login($company, $loginname, $password) { - global $security_areas, $security_groups, $security_headings; + global $security_areas, $security_groups, $security_headings, $path_to_root; $this->set_company($company); $this->logged = false; - $Auth_Result = get_user_for_login($loginname, $password); + set_global_connection(); + + // Use external authentication source if any. + // Keep in mind you need to have user data set for $loginname + // in FA users table anyway to successfully log in. + $Auth_Result = hook_authenticate($loginname, $password); + + if (!isset($Auth_Result)) // if not used: standard method + $Auth_Result = get_user_auth($loginname, md5($password)); - if (db_num_rows($Auth_Result) > 0) + if ($Auth_Result) { - $myrow = db_fetch($Auth_Result); + $myrow = get_user_by_login($loginname); + $this->old_db = isset($myrow["full_access"]); if (! @$myrow["inactive"]) { if ($this->old_db) { @@ -73,6 +86,7 @@ class current_user if (!isset($security_groups) || !isset($security_headings)) { echo "


"; echo _('Before software upgrade you have to include old $security_groups and $security_headings arrays from old config.php file to the new one.'); + echo '
'.""._("Back").""; echo "

"; exit; } @@ -123,21 +137,24 @@ class current_user return !isset($security_groups) && is_array($this->role_set); } - function can_access($page_level) + function can_access($sec_area) { global $security_groups, $security_areas; - if (isset($security_groups)) { return $this->company == 0 && in_array(20, $security_groups[$this->access]); } - if ($page_level === 'SA_OPEN') + if ($sec_area === 'SA_OPEN') return true; - $code = $security_areas[$page_level][0]; + if ($sec_area === 'SA_DENIED' || $sec_area === '') + return false; + + $code = $security_areas[$sec_area][0]; + // only first registered company has site admin privileges return $code && in_array($code, $this->role_set) - && ($this->company == 0 || ($code&~0xff != SS_SADMIN)); + && ($this->company == 0 || (($code&~0xff) != SS_SADMIN)); } function can_access_page($page_level) @@ -145,36 +162,20 @@ class current_user return $this->can_access($page_level); } - function get_db_connection() + function set_db_connection($id = -1) { - global $db_connections; - - $connection = $db_connections[$this->company]; - - //print_r($connection); - - $db = mysql_connect($connection["host"] , - $connection["dbuser"], $connection["dbpassword"]); - mysql_select_db($connection["dbname"],$db); - - if (!defined('TB_PREF')) - define('TB_PREF', $connection["tbpref"]); - - return $db; + return set_global_connection($id); } - function update_prefs($price_dec, $qty_dec, $exrate_dec, $percent_dec, - $showgl, $showcodes, $date_format, $date_sep, $tho_sep, $dec_sep, - $theme, $pagesize, $show_hints, $profile, $rep_popup, $query_size, - $graphic_links, $lang, $stickydate, $startup_tab) { - update_user_display_prefs($this->user, $price_dec, - $qty_dec, $exrate_dec, $percent_dec, $showgl, $showcodes, - $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize, - $show_hints, $profile, $rep_popup, $query_size, $graphic_links, $lang, $stickydate, $startup_tab); - - // re-read the prefs - $user = get_user($this->user); - $this->prefs = new user_prefs($user); + function update_prefs($prefs) + { + global $allow_demo_mode; + + if(!$allow_demo_mode) { + update_user_prefs($this->user, $prefs); + } + + $this->prefs = new user_prefs(get_user($this->user)); } } @@ -182,19 +183,48 @@ class current_user function round2($number, $decimals=0) { - $delta = ($number < 0 ? -.000001 : .000001); + $delta = ($number < 0 ? -.0000000001 : .0000000001); return round($number+$delta, $decimals); } +/* + Returns number formatted according to user setup and using $decimals digits after dot + (defualt is 0). When $decimals is set to 'max' maximum available precision is used + (decimals depend on value) and trailing zeros are trimmed. +*/ function number_format2($number, $decimals=0) { global $thoseps, $decseps; $tsep = $thoseps[$_SESSION["wa_current_user"]->prefs->tho_sep()]; $dsep = $decseps[$_SESSION["wa_current_user"]->prefs->dec_sep()]; //return number_format($number, $decimals, $dsep, $tsep); - $delta = ($number < 0 ? -.000001 : .000001); - return number_format($number+$delta, $decimals, $dsep, $tsep); + if($decimals==='max') + $dec = 15 - floor(log10(abs($number))); + else { + $delta = ($number < 0 ? -.0000000001 : .0000000001); + $number += $delta; + $dec = $decimals; + } + + $num = number_format($number, $dec, $dsep, $tsep); + + return $decimals==='max' ? rtrim($num, '0') : $num; + +} + +/* price/float comparision helper to be used in any suspicious place for zero values? +usage: +if (!floatcmp($value1, $value2)) + compare value is 0 +*/ + +define('FLOAT_COMP_DELTA', 0.004); + +function floatcmp($a, $b) +{ + return $a - $b > FLOAT_COMP_DELTA ? 1 : $b - $a > FLOAT_COMP_DELTA ? -1 : 0; } + // // Current ui mode. // @@ -220,12 +250,22 @@ function price_decimal_format($number, &$dec) } return number_format2($number, $dec); } +// function money_format doesn't exist in OS Win. +if (!function_exists('money_format')) +{ + function money_format($format, $number) + { + return price_format($number); + } +} + // 2008-06-15. Added extra parameter $stock_id and reference for $dec //-------------------------------------------------------------------- function qty_format($number, $stock_id=null, &$dec) { $dec = get_qty_dec($stock_id); return number_format2($number, $dec); } + // and get_qty_dec function get_qty_dec($stock_id=null) { @@ -238,6 +278,13 @@ function get_qty_dec($stock_id=null) return $dec; } //------------------------------------------------------------------- +// +// Maximum precision format. Strips trailing unsignificant digits. +// +function maxprec_format($number) { + return number_format2($number, 'max'); +} + function exrate_format($number) { return number_format2($number, $_SESSION["wa_current_user"]->prefs->exrate_dec()); @@ -253,10 +300,12 @@ function user_numeric($input) { $num = trim($input); $sep = $thoseps[user_tho_sep()]; - if($sep!='') $num = str_replace( $sep, '', $num); - str_replace($sep, '', $num); + if ($sep!='') + $num = str_replace( $sep, '', $num); + $sep = $decseps[user_dec_sep()]; - if($sep!='.') $num = str_replace( $sep, '.', $num); + if ($sep!='.') + $num = str_replace( $sep, '.', $num); if (!is_numeric($num)) return false; @@ -269,7 +318,9 @@ function user_numeric($input) { function user_company() { - return $_SESSION["wa_current_user"]->company; + global $def_coy; + + return isset($_SESSION["wa_current_user"]) ? $_SESSION["wa_current_user"]->company : $def_coy; } function user_pos() @@ -339,7 +390,8 @@ function user_dec_sep() function user_theme() { - return $_SESSION["wa_current_user"]->prefs->get_theme(); + return isset($_SESSION["wa_current_user"]) ? + $_SESSION["wa_current_user"]->prefs->get_theme() : 'default'; } function user_pagesize() @@ -382,14 +434,20 @@ function user_startup_tab() return $_SESSION["wa_current_user"]->prefs->start_up_tab(); } -function set_user_prefs($price_dec, $qty_dec, $exrate_dec, $percent_dec, $showgl, $showcodes, - $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize, $show_hints, - $print_profile, $rep_popup, $query_size, $graphic_links, $lang, $stickydate, $startup_tab) +function user_transaction_days() +{ + return $_SESSION["wa_current_user"]->prefs->transaction_days(); +} + + +function user_check_access($sec_area) { + return $_SESSION["wa_current_user"]->can_access($sec_area); +} - $_SESSION["wa_current_user"]->update_prefs($price_dec, $qty_dec, $exrate_dec, $percent_dec, $showgl, $showcodes, - $date_format, $date_sep, $tho_sep, $dec_sep, $theme, $pagesize, $show_hints, - $print_profile, $rep_popup, $query_size, $graphic_links, $lang, $stickydate, $startup_tab); +function set_user_prefs($prefs) +{ + $_SESSION["wa_current_user"]->update_prefs($prefs); } function add_user_js_data() { @@ -420,4 +478,108 @@ function session_timeout() $tout = @get_company_pref('login_tout'); // mask warning for db ver. 2.2 return $tout ? $tout : ini_get('session.gc_maxlifetime'); } + +//----------------------------------------------------------------------------- +// Inserts $elements into $array at position $index. +// $elements is list of any objects +// +function array_insert(&$array, $index, $elements) +{ + if (!is_array($elements)) $elements = array($elements); + + $head = array_splice($array, 0, $index); + $array = array_merge($head, $elements, $array); +} + +function array_remove(&$array, $index, $len=1) +{ + array_splice($array, $index, $len); +} + +function array_substitute(&$array, $index, $len, $elements) +{ + array_splice($array, $index, $len); + array_insert($array, $index, $elements); +} + +function array_append(&$array, $elements) +{ + foreach($elements as $key => $el) { + if(is_int($key)) + $array[] = $el; + else + $array[$key] = $el; + } +} +// +// Search $needle in $haystack or in $haystack[][$valuekey] +// returns $needle found or null. +// +function array_search_value($needle, $haystack, $valuekey=null) +{ + foreach($haystack as $key => $value) { + $val = isset($valuekey) ? @$value[$valuekey] : $value; + if ($needle == $val){ + return $value; + } + } + return null; +} +// +// Search $needle in $haystack or in $haystack[][$valuekey] +// returns array of keys of $haystack elements found +// +function array_search_keys($needle, $haystack, $valuekey=null) +{ + $keys = array(); + if($haystack) + foreach($haystack as $key => $value) { + $val = isset($valuekey) ? @$value[$valuekey] : $value; + if ($needle == $val){ + $keys[] = $key; + } + } + return $keys; +} +// +// Find first (single) $needle in $haystack or in $haystack[][$valuekey] +// returns $haystack element found or null +// +function array_search_key($needle, $haystack, $valuekey=null) +{ + $keys = array_search_keys($needle, $haystack, $valuekey); + return @$keys[0]; +} + +function flush_dir($path, $wipe = false) +{ + $dir = opendir($path); + if(!$dir) + return; + + while(false !== ($fname = readdir($dir))) { + if($fname=='.' || $fname=='..' || $fname=='CVS' || (!$wipe && $fname=='index.php')) continue; + if(is_dir($path.'/'.$fname)) { + flush_dir($path.'/'.$fname, $wipe); + if ($wipe) @rmdir($path.'/'.$fname); + } else + @unlink($path.'/'.$fname); + } +} +/* + Returns current path to company private folder. + (Current path can change after chdir). +*/ +function company_path($comp=null) +{ + global $path_to_root, $comp_path; + + if (!isset($comp)) + $comp = user_company(); + + // if path is relative, set current path_to_root + return ($comp_path[0]=='.' ? $path_to_root.'/'.basename($comp_path) : $comp_path) + . '/'.$comp; +} + ?> \ No newline at end of file