6 * - base application setup (variables etc to javascript)
8 * - authentication and permission info about user / application
9 * - json output methods.
10 * - file upload error checking - checkFileUploadError
11 * - logging to event table
12 * - sendTemplate code (normally use the Person version for sending to specific people..)
14 * - doc managment code?? - remarks and tracking??? - MOVEME
15 * - authentication link checking?? MOVEME?
16 * - authentication reset password ?? MOVEME?
17 * ?? arrayClean.. what's it doing here?!? ;)
20 * DB_DataObject*:*toEventString (for logging - this is generically prefixed to all database operations.)
21 * - any data object where this method exists, the result will get prefixed to the log remarks
24 class Pman extends HTML_FlexyFramework_Page
28 var $appShortName= "";
29 var $appVersion = "1.8";
36 var $appDisabled = array(); // array of disabled modules..
37 // (based on config option disable)
39 var $authUser; // always contains the authenticated user..
41 var $disable_jstemplate = false; /// disable inclusion of jstemplate code..
45 * ------------- Standard getAuth/get/post methods of framework.
50 function getAuth() // everyone allowed in!!!!!
52 $this->loadOwnerCompany();
60 if (isset($this->_hasInit)) {
63 $this->_hasInit = true;
64 // move away from doing this ... you can access bootLoader.XXXXXX in the master template..
65 $boot = HTML_FlexyFramework::get();
66 // echo'<PRE>';print_R($boot);exit;
67 $this->appName= $boot->appName;
68 $this->appNameShort= $boot->appNameShort;
71 $this->appModules= $boot->enable;
73 // echo $this->arrayToJsInclude($files);
74 $this->isDev = empty($boot->Pman['isDev']) ? false : $boot->Pman['isDev'];
76 $this->appDisable = $boot->disable;
77 $this->appDisabled = explode(',', $boot->disable);
78 $this->version = $boot->version;
79 $this->uiConfig = empty($boot->Pman['uiConfig']) ? false : $boot->Pman['uiConfig'];
81 if (!empty($ff->Pman['local_autoauth']) &&
82 ($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
83 ($_SERVER['REMOTE_ADDR'] == '127.0.0.1')
88 // if a file Pman_{module}_Pman exists.. and it has an init function... - call that..
90 //var_dump($this->appModules);
96 * module init is only loaded on main page call, and includes checks for configuration settings.
98 function initModules()
100 foreach(explode(',',$this->appModules) as $m) {
101 $cls = 'Pman_'. $m . '_Pman';
103 //echo $this->rootDir . '/'.str_replace('_','/', $cls). '.php';
105 if (!file_exists($this->rootDir . '/'.str_replace('_','/', $cls). '.php')) {
108 require_once str_replace('_','/', $cls). '.php';
110 if (method_exists($c,'init')) {
122 $this->initModules();
125 //$this->allowSignup= empty($opts['allowSignup']) ? 0 : 1;
126 $bits = explode('/', $base);
128 if ($bits[0] == 'Link') {
129 $this->linkFail = $this->linkAuth(@$bits[1],@$bits[2]);
130 header('Content-type: text/html; charset=utf-8');
134 // should really be moved to Login...
136 if ($bits[0] == 'PasswordReset') {
137 $this->linkFail = $this->resetPassword(@$bits[1],@$bits[2],@$bits[3]);
138 header('Content-type: text/html; charset=utf-8');
142 $au = $this->getAuthUser();
144 $ff= HTML_FlexyFramework::get();
146 if (!empty($ff->Pman['auth_comptype']) && $au->id > 0 &&
147 ( !$au->company_id || ($ff->Pman['auth_comptype'] != $au->company()->comptype))) {
151 $this->jerr("Login not permited to outside companies - please reload");
153 $this->addEvent("RELOAD");
158 $this->addEvent("BADURL", false, $base);
159 $this->jerr("invalid url");
162 if (isset($_GET['onloadTrack'])) {
163 $this->onloadTrack = (int)$_GET['onloadTrack'];
165 // getting this to work with xhtml is a nightmare
166 // = nbsp / <img> issues screw everyting up.
167 //var_dump($this->isDev);
168 // force regeneration on load for development enviroments..
170 HTML_FlexyFramework::get()->generateDataobjectsCache($this->isDev);
172 //header('Content-type: application/xhtml+xml; charset=utf-8');
176 if ($this->company && $this->company->logo_id) {
177 $im = DB_DataObject::Factory('Images');
178 $im->get($this->company->logo_id);
179 $this->appLogo = $this->baseURL . '/Images/Thumb/300x100/'. $this->company->logo_id .'/' . $im->filename;
182 header('Content-type: text/html; charset=utf-8');
185 function post($base) {
186 return $this->get($base);
190 // --------------- AUTHENTICATION or system information
193 * finds the compay with comptype=='OWNER'
195 * @return {Pman_Core_DataObjects_Companies} the owner company
197 function loadOwnerCompany()
199 // only applies if authtable is person..
200 $ff = HTML_FlexyFramework::get();
201 if (!empty($ff->Pman['authTable']) && $ff->Pman['authTable'] != 'Person') {
205 $this->company = DB_DataObject::Factory('Companies');
206 if (!is_a($this->company, 'DB_DataObject')) { // non-core pman projects
209 $this->company->get('comptype', 'OWNER');
210 return $this->company;
216 * getAuthUser: - get the authenticated user..
218 * @return {DB_DataObject} of type Pman[authTable] if authenticated.
221 function getAuthUser()
223 if (!empty($this->authUser)) {
224 return $this->authUser;
226 $ff = HTML_FlexyFramework::get();
227 $tbl = empty($ff->Pman['authTable']) ? 'Person' : $ff->Pman['authTable'];
229 $u = DB_DataObject::factory( $tbl );
233 $this->authUser =$u->getAuthUser();
234 print_R($this->authUser);exit;
235 return $this->authUser ;
239 * wrapper arround authuser->hasPerm
240 * @see Pman_Core_DataObjects_User::hasPerm
242 * @param {String} $name The permission name (eg. Projects.List)
243 * @param {String} $lvl eg. (C)reate (E)dit (D)elete ... etc.
246 function hasPerm($name, $lvl) // do we have a permission
248 static $pcache = array();
249 $au = $this->getAuthUser();
250 return $au && $au->hasPerm($name,$lvl);
255 * modulesList: List the modules in the application
257 * @return {Array} list of modules
259 function modulesList()
261 $boot = HTML_FlexyFramework::get();
262 // echo'<PRE>';print_R($boot);exit;
265 $mods = explode(',', $boot->enable);
266 if (in_array('Core',$mods)) { // core has to be the first modules loaded as it contains Pman.js
267 array_unshift($mods, 'Core');
270 if (in_array($boot->appNameShort,$mods)) { // Project has to be the last modules loaded as it contains Pman.js
271 unset($mods[array_search($boot->appNameShort, $mods)]);
272 $mods[] = $boot->appNameShort;
275 $mods = array_unique($mods);
277 $disabled = explode(',', $boot->disable ? $boot->disable : '');
279 foreach($mods as $mod) {
280 // add the css file..
281 if (in_array($mod, $disabled)) {
292 function hasModule($name)
295 if (!strpos( $name,'.') ) {
296 // use enable / disable..
297 return in_array($name, $this->modules());
300 $x = DB_DataObject::factory('Group_Rights');
301 $ar = $x->defaultPermData();
302 if (empty($ar[$name]) || empty($ar[$name][0])) {
317 * ---------------- Global Tools ---------------
319 function checkFileUploadError() // check for file upload errors.
322 empty($_FILES['File'])
323 || empty($_FILES['File']['name'])
324 || empty($_FILES['File']['tmp_name'])
325 || empty($_FILES['File']['type'])
326 || !empty($_FILES['File']['error'])
327 || empty($_FILES['File']['size'])
329 $this->jerr("File upload error: <PRE>" . print_r($_FILES,true) . print_r($_POST,true) . "</PRE>");
335 * generate a tempory file with an extension (dont forget to delete it)
338 function tempName($ext)
340 $x = tempnam(ini_get('session.save_path'), HTML_FlexyFramework::get()->appNameShort.'TMP');
342 return $x .'.'. $ext;
345 * ------------- Authentication testing ------ ??? MOVEME?
349 function linkAuth($trid, $trkey)
351 $tr = DB_DataObject::factory('Documents_Tracking');
352 if (!$tr->get($trid)) {
353 return "Invalid URL";
355 if (strtolower($tr->authkey) != strtolower($trkey)) {
356 $this->AddEvent("ERROR-L", false, "Invalid Key");
357 return "Invalid KEY";
360 $this->onloadTrack = (int) $tr->doc_id;
361 if (strtotime($tr->date_sent) < strtotime("NOW - 14 DAYS")) {
362 $this->AddEvent("ERROR-L", false, "Key Expired");
363 return "Key Expired";
365 // user logged in and not
366 $au = $this->getAuthUser();
367 if ($au && $au->id && $au->id != $tr->person_id) {
370 return "Logged Out existing Session\n - reload to log in with correct key";
372 if ($au) { // logged in anyway..
373 $this->AddEvent("LOGIN", false, "With Key (ALREADY)");
374 header('Location: ' . $this->baseURL.'?onloadTrack='.$this->onloadTrack);
379 // authenticate the user...
381 $u = DB_DataObject::factory('Person');
383 $u->get($tr->person_id);
385 $this->AddEvent("LOGIN", false, "With Key");
387 // we need to redirect out - otherwise refererer url will include key!
388 header('Location: ' . $this->baseURL.'?onloadTrack='.$this->onloadTrack);
400 * ------------- Authentication password reset ------ ??? MOVEME?
406 function resetPassword($id,$t, $key)
409 $au = $this->getAuthUser();
411 return "Already Logged in - no need to use Password Reset";
414 $u = DB_DataObject::factory('Person');
415 //$u->company_id = $this->company->id;
417 if (!$u->get($id) || !strlen($u->passwd)) {
422 if ($key != $u->genPassKey($t)) {
423 return "invalid key";
426 $u->no_reset_sent = 0;
429 if ($t < strtotime("NOW - 1 DAY")) {
432 $this->showNewPass = implode("/", array($id,$t,$key));
437 * jerrAuth: standard auth failure - with data that let's the UI know..
441 $au = $this->authUser();
443 // is it an authfailure?
444 $this->jerr("Permission denied to view this resource", array('authFailure' => true));
446 $this->jerr("Not authenticated", array('authFailure' => true));
452 * ---------------- Standard JSON outputers. - used everywhere
455 * ---------------- Standard JSON outputers. - used everywhere
456 * JSON error - simple error with logging.
460 function jerr($str, $errors=array(), $content_type = false) // standard error reporting..
462 return $this->jerror('ERROR', $str,$errors,$content_type);
465 * Recomended JSON error indicator
468 * @param string $type - normally 'ERROR' - you can use this to track error types.
469 * @param string $message - error message displayed to user.
470 * @param array $errors - optioanl data to pass to front end.
471 * @param string $content_type - use text/plain to return plan text - ?? not sure why...
475 function jerror($type, $str, $errors=array(), $content_type = false) // standard error reporting..
477 if ($type !== false) {
478 $this->addEvent($type, false, $str);
481 $cli = HTML_FlexyFramework::get()->cli;
483 echo "ERROR: " .$str . "\n";
488 if ($content_type == 'text/plain') {
489 header('Content-Disposition: attachment; filename="error.txt"');
490 header('Content-type: '. $content_type);
491 echo "ERROR: " .$str . "\n";
497 require_once 'Services/JSON.php';
498 $json = new Services_JSON();
503 if (!empty($_REQUEST['returnHTML']) ||
504 (isset($_SERVER['CONTENT_TYPE']) && preg_match('#multipart/form-data#i', $_SERVER['CONTENT_TYPE']))
506 header('Content-type: text/html');
507 echo "<HTML><HEAD></HEAD><BODY>";
508 echo $json->encodeUnsafe(array(
511 'message' => $str, // compate with exeption / loadexception.
513 'errors' => $errors ? $errors : true, // used by forms to flag errors.
514 'authFailure' => !empty($errors['authFailure']),
516 echo "</BODY></HTML>";
520 if (isset($_REQUEST['_debug'])) {
521 echo '<PRE>'.htmlspecialchars(print_r(array(
525 'message' => $str, // compate with exeption / loadexception.
526 'errors' => $errors ? $errors : true, // used by forms to flag errors.
527 'authFailure' => !empty($errors['authFailure']),
533 echo $json->encode(array(
537 'message' => $str, // compate with exeption / loadexception.
538 'errors' => $errors ? $errors : true, // used by forms to flag errors.
539 'authFailure' => !empty($errors['authFailure']),
548 $cli = HTML_FlexyFramework::get()->cli;
550 echo "OK: " .$str . "\n";
553 require_once 'Services/JSON.php';
554 $json = new Services_JSON();
556 if (!empty($_REQUEST['returnHTML']) ||
557 (isset($_SERVER['CONTENT_TYPE']) && preg_match('#multipart/form-data#i', $_SERVER['CONTENT_TYPE']))
560 header('Content-type: text/html');
561 echo "<HTML><HEAD></HEAD><BODY>";
562 // encode html characters so they can be read..
563 echo str_replace(array('<','>'), array('\u003c','\u003e'),
564 $json->encodeUnsafe(array('success'=> true, 'data' => $str)));
565 echo "</BODY></HTML>";
570 echo $json->encode(array('success'=> true, 'data' => $str));
576 * output data for grids or tree
577 * @ar {Array} ar Array of data
578 * @total {Number|false} total number of records (or false to return count(ar)
579 * @extra {Array} extra key value list of data to pass as extra data.
582 function jdata($ar,$total=false, $extra=array(), $cachekey = false)
584 // should do mobile checking???
585 if ($total == false) {
588 $extra= $extra ? $extra : array();
589 require_once 'Services/JSON.php';
590 $json = new Services_JSON();
591 if (isset($_SERVER['CONTENT_TYPE']) && preg_match('#multipart/form-data#i', $_SERVER['CONTENT_TYPE'])) {
593 header('Content-type: text/html');
594 echo "<HTML><HEAD></HEAD><BODY>";
595 // encode html characters so they can be read..
596 echo str_replace(array('<','>'), array('\u003c','\u003e'),
597 $json->encodeUnsafe(array('success' => true, 'total'=> $total, 'data' => $ar) + $extra));
598 echo "</BODY></HTML>";
603 // see if trimming will help...
604 if (!empty($_REQUEST['_pman_short'])) {
607 foreach($ar as $as) {
609 foreach($as as $k=>$v) {
610 if (is_string($v) && !strlen(trim($v))) {
622 $ret = $json->encode(array('success' => true, 'total'=> $total, 'data' => $ar) + $extra);
624 if (!empty($cachekey)) {
626 $fn = ini_get('session.save_path') . '/json-cache'.date('/Y/m/d').'.'. $cachekey . '.cache.json';
627 if (!file_exists(dirname($fn))) {
628 mkdir(dirname($fn), 0777,true);
630 file_put_contents($fn, $ret);
638 /** a daily cache **/
639 function jdataCache($cachekey)
641 $fn = ini_get('session.save_path') . '/json-cache'.date('/Y/m/d').'.'. $cachekey . '.cache.json';
642 if (file_exists($fn)) {
643 header('Content-type: application/json');
644 echo file_get_contents($fn);
654 * ---------------- OUTPUT
656 function hasBg($fn) // used on front page to check if logos exist..
658 return file_exists($this->rootDir.'/Pman/'.$this->appNameShort.'/templates/images/'. $fn);
661 * outputJavascriptIncludes:
663 * output <script....> for all the modules in the applcaiton
666 function outputJavascriptIncludes()
669 $mods = $this->modulesList();
671 foreach($mods as $mod) {
672 // add the css file..
675 $files = $this->moduleJavascriptList($mod.'/widgets');
676 foreach($files as $f) {
677 echo '<script type="text/javascript" src="'. $f. '"></script>'."\n";
680 $files = $this->moduleJavascriptList($mod);
681 foreach($files as $f) {
682 echo '<script type="text/javascript" src="'. $f. '"></script>'."\n";
686 if (empty($this->disable_jstemplate)) {
687 // and finally the JsTemplate...
688 echo '<script type="text/javascript" src="'. $this->baseURL. '/Core/JsTemplate"></script>'."\n";
695 * output <link rel=stylesheet......> for all the modules in the applcaiton
698 * This could css minify as well.
700 function outputCSSIncludes() // includes on CSS links.
703 $mods = $this->modulesList();
706 foreach($mods as $mod) {
707 // add the css file..
708 $dir = $this->rootDir.'/Pman/'.$mod;
709 $ar = glob($dir . '/*.css');
710 foreach($ar as $fn) {
711 $css = $this->rootURL .'/Pman/'.$mod.'/'.basename($fn) . '?ts=' . filemtime($fn);
712 echo '<link rel="stylesheet" type="text/css" href="'.$css.'" />'."\n";
721 * Gather infor for javascript files..
723 * @param {String} $mod the module to get info about.
724 * @return {StdClass} details about module.
726 function moduleJavascriptFilesInfo($mod)
729 static $cache = array();
731 if (isset($cache[$mod])) {
736 $ff = HTML_FlexyFramework::get();
738 $base = dirname($_SERVER['SCRIPT_FILENAME']);
739 $dir = $this->rootDir.'/Pman/'. $mod;
740 $path = $this->rootURL ."/Pman/$mod/";
742 $ar = glob($dir . '/*.js');
748 foreach($ar as $fn) {
750 // got the 'module file..'
751 $mtime = filemtime($dir . '/'. $f);
752 $maxtime = max($mtime, $maxtime);
753 $arfiles[$fn] = $mtime;
754 $files[] = $path . $f . '?ts='.$mtime;
757 ksort($arfiles); // just sort by name so it's consistant for serialize..
759 $compile = empty($ff->Pman['public_cache_dir']) ? 0 : 1;
760 $basedir = $compile ? $ff->Pman['public_cache_dir'] : false;
761 $baseurl = $compile ? $ff->Pman['public_cache_url'] : false;
763 $lsort = create_function('$a,$b','return strlen($a) > strlen($b) ? 1 : -1;');
764 usort($files, $lsort);
766 $smod = str_replace('/','.',$mod);
768 $output = date('Y-m-d-H-i-s-', $maxtime). $smod .'-'.md5(serialize($arfiles)) .'.js';
771 // why are translations done like this - we just build them on the fly frmo the database..
772 $tmtime = file_exists($this->rootDir.'/_translations_/'. $smod.'.js')
773 ? filemtime($this->rootDir.'/_translations_/'. $smod.'.js') : 0;
775 $cache[$mod] = (object) array(
776 'smod' => $smod, // module name without '/'
777 'files' => $files, // list of all files.
778 'filesmtime' => $arfiles, // map of mtime=>file
779 'maxtime' => $maxtime, // max mtime
780 'compile' => $this->isDev ? false : $compile,
781 'translation_file' => $base .'/_translations_/' . $smod . '.js',
782 'translation_mtime' => $tmtime,
784 'translation_data' => preg_replace('/\.js$/', '.__translation__.js', $output),
785 'translation_base' => $dir .'/', //prefix of filename (without moudle name))
786 'basedir' => $basedir,
787 'baseurl' => $baseurl,
788 'module_dir' => $dir,
795 * moduleJavascriptList: list the javascript files in a module
797 * The original version of this.. still needs more thought...
799 * Compiled is in Pman/_compiled_/{$mod}/{LATEST...}.js
800 * Translations are in Pman/_translations_/{$mod}.js
802 * if that stuff does not exist just list files in Pman/{$mod}/*.js
804 * Compiled could be done on the fly..
808 * @param {String} $mod the module to look at - eg. Pman/{$mod}/*.js
809 * @return {Array} list of include paths (either compiled or raw)
815 function moduleJavascriptList($mod)
819 $dir = $this->rootDir.'/Pman/'. $mod;
822 if (!file_exists($dir)) {
823 echo '<!-- missing directory '. htmlspecialchars($dir) .' -->';
827 $info = $this->moduleJavascriptFilesInfo($mod);
831 if (empty($info->files)) {
834 // finally sort the files, so they are in the right order..
836 // only compile this stuff if public_cache is set..
840 // public_cache_dir = /var/www/myproject_cache
841 // public_cache_url = /myproject_cache (with Alias apache /myproject_cache/ /var/www/myproject_cache/)
844 if (!$info->compile) {
845 echo "<!-- Javascript compile turned off (isDev on, or public_cache_dir not set) -->\n";
849 // where are we going to write all of this..
850 // This has to be done via a
851 if (!file_exists($info->basedir.'/'.$info->output) || !filesize($info->basedir.'/'.$info->output)) {
852 require_once 'Pman/Core/JsCompile.php';
853 $x = new Pman_Core_JsCompile();
855 $x->pack($info->filesmtime,$info->basedir.'/'.$info->output, $info->translation_base);
857 echo "<!-- file exists not exist: {$info->basedir}/{$info->output} -->\n";
860 if (file_exists($info->basedir.'/'.$info->output) &&
861 filesize($info->basedir.'/'.$info->output)) {
864 $info->baseurl.'/'. $info->output,
867 // output all the ava
868 // fixme - this needs the max datetime for the translation file..
869 $ret[] = $this->baseURL."/Admin/InterfaceTranslations/".$mod.".js"; //?ts=".$info->translation_mtime;
871 //if ($info->translation_mtime) {
872 // $ret[] = $this->rootURL."/_translations_/". $info->smod.".js?ts=".$info->translation_mtime;
879 // give up and output original files...
889 * PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, array($this, 'onPearError'));
892 static $permitError = false;
894 function onPearError($err)
896 static $reported = false;
901 if (Pman::$permitError) {
909 $out = $err->toString();
912 //print_R($bt); exit;
915 foreach($err->backtrace as $b) {
916 $ret[] = @$b['file'] . '(' . @$b['line'] . ')@' . @$b['class'] . '::' . @$b['function'];
922 //convert the huge backtrace into something that is readable..
923 $out .= "\n" . implode("\n", $ret);
935 * ---------------- Logging ---------------
940 * Log an action (only if it has not been logged already.
942 * @param {String} action - group/name of event
943 * @param {DataObject|false} obj - dataobject action occured on.
944 * @param {String} any remarks
945 * @return {false|DB_DataObject} Event object.,
948 function addEventOnce($act, $obj = false, $remarks = '')
950 if (!empty(HTML_FlexyFramework::get()->Pman['disable_events'])) {
953 $e = DB_DataObject::factory('Events');
954 $e->init($act,$obj,$remarks);
955 if ($e->find(true)) {
958 return $this->addEvent($act, $obj, $remarks);
964 * @param {String} action - group/name of event
965 * @param {DataObject|false} obj - dataobject action occured on.
966 * @param {String} any remarks
967 * @return {DB_DataObject} Event object.,
970 function addEvent($act, $obj = false, $remarks = '')
973 if (!empty(HTML_FlexyFramework::get()->Pman['disable_events'])) {
976 $au = $this->getAuthUser();
978 $e = DB_DataObject::factory('Events');
979 $e->init($act,$obj,$remarks);
981 $e->event_when = date('Y-m-d H:i:s');
985 // fixme - this should be in onInsert..
986 $wa = DB_DataObject::factory('core_watch');
987 if (method_exists($wa,'notifyEvent')) {
988 $wa->notifyEvent($e); // trigger any actions..
992 $e->onInsert(isset($_REQUEST) ? $_REQUEST : array() , $this);
998 // ------------------ DEPERCIATED ----------------------------
1000 // DEPRECITAED - use moduleslist
1001 function modules() { return $this->modulesList(); }
1003 // DEPRECIATED.. - use getAuthUser...
1004 function staticGetAuthUser() { $x = new Pman(); return $x->getAuthUser(); }
1007 // DEPRICATED USE Pman_Core_Mailer
1009 function emailTemplate($templateFile, $args)
1012 require_once 'Pman/Core/Mailer.php';
1013 $r = new Pman_Core_Mailer(array(
1014 'template'=>$templateFile,
1015 'contents' => $args,
1018 return $r->toData();
1021 // DEPRICATED - USE Pman_Core_Mailer
1022 // WHAT Part about DEPRICATED Does no one understand??
1023 function sendTemplate($templateFile, $args)
1025 require_once 'Pman/Core/Mailer.php';
1026 $r = new Pman_Core_Mailer(array(
1027 'template'=>$templateFile,
1028 'contents' => array(),