6 * - base application setup (variables etc to javascript)
8 * - authentication and permission info about user / application
9 * - json output methods.
10 * - file upload error checking - checkFileUploadError
11 * - logging to event table
12 * - sendTemplate code (normally use the Person version for sending to specific people..)
14 * - doc managment code?? - remarks and tracking??? - MOVEME
15 * - authentication link checking?? MOVEME?
16 * - authentication reset password ?? MOVEME?
17 * ?? arrayClean.. what's it doing here?!? ;)
20 * DB_DataObject*:*toEventString (for logging - this is generically prefixed to all database operations.)
21 * - any data object where this method exists, the result will get prefixed to the log remarks
24 class Pman extends HTML_FlexyFramework_Page
27 var $appShortName= "";
28 var $appVersion = "1.8";
40 * ------------- Standard getAuth/get/post methods of framework.
45 function getAuth() // everyone allowed in!!!!!
47 $this->loadOwnerCompany();
55 if (isset($this->_hasInit)) {
58 $this->_hasInit = true;
60 $boot = HTML_FlexyFramework::get();
61 // echo'<PRE>';print_R($boot);exit;
62 $this->appName= $boot->appName;
63 $this->appNameShort= $boot->appNameShort;
64 $this->appModules= $boot->enable;
65 $this->isDev = empty($boot->Pman['isDev']) ? false : $boot->Pman['isDev'];
66 $this->appDisable = $boot->disable;
67 $this->version = $boot->version;
69 if (!empty($ff->Pman['local_autoauth']) &&
70 ($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
71 ($_SERVER['REMOTE_ADDR'] == '127.0.0.1')
82 //$this->allowSignup= empty($opts['allowSignup']) ? 0 : 1;
83 $bits = explode('/', $base);
85 if ($bits[0] == 'Link') {
86 $this->linkFail = $this->linkAuth(@$bits[1],@$bits[2]);
87 header('Content-type: text/html; charset=utf-8');
90 if ($bits[0] == 'PasswordReset') {
91 $this->linkFail = $this->resetPassword(@$bits[1],@$bits[2],@$bits[3]);
92 header('Content-type: text/html; charset=utf-8');
97 if ($this->getAuthUser()) {
98 $this->addEvent("RELOAD");
103 $this->addEvent("BADURL", false, $base);
104 $this->jerr("invalid url");
107 if (isset($_GET['onloadTrack'])) {
108 $this->onloadTrack = (int)$_GET['onloadTrack'];
110 // getting this to work with xhtml is a nightmare
111 // = nbsp / <img> issues screw everyting up.
112 //var_dump($this->isDev);
113 // force regeneration on load for development enviroments..
114 HTML_FlexyFramework::get()->generateDataobjectsCache($this->isDev);
116 //header('Content-type: application/xhtml+xml; charset=utf-8');
117 header('Content-type: text/html; charset=utf-8');
120 function post($base) {
121 return $this->get($base);
125 * ------------- Authentication and permission info about logged in user!!!
130 function loadOwnerCompany()
132 $this->company = DB_DataObject::Factory('Companies');
133 if ($this->company) { // non-core pman projects
136 $this->company->get('comptype', 'OWNER');
139 function staticGetAuthUser()
141 $ff = HTML_FlexyFramework::get();
142 $tbl = empty($ff->Pman['authTable']) ? 'Person' : $ff->Pman['authTable'];
144 $u = DB_DataObject::factory($tbl);
148 return $u->getAuthUser();
150 function getAuthUser()
152 if (!empty($this->authUser)) {
153 return $this->authUser;
155 $ff = HTML_FlexyFramework::get();
156 $tbl = empty($ff->Pman['authTable']) ? 'Person' : $ff->Pman['authTable'];
158 $u = DB_DataObject::factory( $tbl );
162 $this->authUser =$u->getAuthUser();
163 return $this->authUser ;
165 function hasPerm($name, $lvl) // do we have a permission
167 static $pcache = array();
168 $au = $this->getAuthUser();
169 return $au->hasPerm($name,$lvl);
173 function modules($with_component=false)
175 // appModules/appDisable contain a comma limited list of
176 // both modules and components that can be enabled/disabled..
178 // the modules call just lists the modules
179 $enabled = array('Core' => true);
180 $am = !empty($this->appModules) ? explode(',', $this->appModules) : array();
182 if (!$with_component && strpos( $k ,'.') ) {
187 $disabled = explode(',', $this->appDisable ? $this->appDisable: '');
188 foreach($disabled as $k) {
189 if (!$with_component && strpos( $k ,'.') ) {
194 $enabled = !empty($this->appModules) ?
195 array_merge($enabled, explode(',', $this->appModules)) :
197 $disabled = explode(',', $this->appDisable ? $this->appDisable: '');
201 return in_array($name, $enabled) && !in_array($name, $disabled);
204 function hasModule($name)
207 if (!strpos( $name,'.') ) {
208 // use enable / disable..
211 $enabled = array('Core') ;
212 $enabled = !empty($this->appModules) ?
213 array_merge($enabled, explode(',', $this->appModules)) :
215 $disabled = explode(',', $this->appDisable ? $this->appDisable: '');
219 return in_array($name, $enabled) && !in_array($name, $disabled);
222 $x = DB_DataObject::factory('Group_Rights');
223 $ar = $x->defaultPermData();
224 if (empty($ar[$name]) || empty($ar[$name][0])) {
234 * ---------------- Global Tools ---------------
240 * send a template to the user
241 * rcpts are read from the resulting template.
243 * @arg $templateFile - the file in mail/XXXXXX.txt
244 * @arg $args - variables available to the form as {t.*} over and above 'this'
249 function sendTemplate($templateFile, $args)
254 $content = clone($this);
256 foreach((array)$args as $k=>$v) {
259 $content->msgid = md5(time() . rand());
261 $content->HTTP_HOST = $_SERVER["HTTP_HOST"];
262 /* use the regex compiler, as it doesnt parse <tags */
263 require_once 'HTML/Template/Flexy.php';
264 $template = new HTML_Template_Flexy( array(
265 'compiler' => 'Regex',
266 'filters' => array('SimpleTags','Mail'),
270 // this should be done by having multiple template sources...!!!
272 $template->compile('mail/'. $templateFile.'.txt');
274 /* use variables from this object to ouput data. */
275 $mailtext = $template->bufferedOutputObject($content);
276 //echo "<PRE>";print_R($mailtext);
278 /* With the output try and send an email, using a few tricks in Mail_MimeDecode. */
279 require_once 'Mail/mimeDecode.php';
280 require_once 'Mail.php';
282 $decoder = new Mail_mimeDecode($mailtext);
283 $parts = $decoder->getSendArray();
284 if (PEAR::isError($parts)) {
286 //echo "PROBLEM: {$parts->message}";
289 list($recipents,$headers,$body) = $parts;
290 ///$recipents = array($this->email);
291 $mailOptions = PEAR::getStaticProperty('Mail','options');
292 $mail = Mail::factory("SMTP",$mailOptions);
293 $headers['Date'] = date('r');
294 if (PEAR::isError($mail)) {
297 $oe = error_reporting(E_ALL ^ E_NOTICE);
298 $ret = $mail->send($recipents,$headers,$body);
299 error_reporting($oe);
305 function checkFileUploadError() // check for file upload errors.
308 empty($_FILES['File'])
309 || empty($_FILES['File']['name'])
310 || empty($_FILES['File']['tmp_name'])
311 || empty($_FILES['File']['type'])
312 || !empty($_FILES['File']['error'])
313 || empty($_FILES['File']['size'])
315 $this->jerr("File upload error: <PRE>" . print_r($_FILES,true) . print_r($_POST,true) . "</PRE>");
321 * generate a tempory file with an extension (dont forget to delete it)
324 function tempName($ext)
326 $x = tempnam(ini_get('session.save_path'), HTML_FlexyFramework::get()->appNameShort.'TMP');
328 return $x .'.'. $ext;
331 * ------------- Authentication testing ------ ??? MOVEME?
335 function linkAuth($trid, $trkey)
337 $tr = DB_DataObject::factory('Documents_Tracking');
338 if (!$tr->get($trid)) {
339 return "Invalid URL";
341 if (strtolower($tr->authkey) != strtolower($trkey)) {
342 $this->AddEvent("ERROR-L", false, "Invalid Key");
343 return "Invalid KEY";
346 $this->onloadTrack = (int) $tr->doc_id;
347 if (strtotime($tr->date_sent) < strtotime("NOW - 14 DAYS")) {
348 $this->AddEvent("ERROR-L", false, "Key Expired");
349 return "Key Expired";
351 // user logged in and not
352 $au = $this->getAuthUser();
353 if ($au && $au->id && $au->id != $tr->person_id) {
356 return "Logged Out existing Session\n - reload to log in with correct key";
358 if ($au) { // logged in anyway..
359 $this->AddEvent("LOGIN", false, "With Key (ALREADY)");
360 header('Location: ' . $this->baseURL.'?onloadTrack='.$this->onloadTrack);
365 // authenticate the user...
367 $u = DB_DataObject::factory('Person');
369 $u->get($tr->person_id);
371 $this->AddEvent("LOGIN", false, "With Key");
373 // we need to redirect out - otherwise refererer url will include key!
374 header('Location: ' . $this->baseURL.'?onloadTrack='.$this->onloadTrack);
386 * ------------- Authentication password reset ------ ??? MOVEME?
392 function resetPassword($id,$t, $key)
395 $au = $this->getAuthUser();
397 return "Already Logged in - no need to use Password Reset";
400 $u = DB_DataObject::factory('Person');
401 //$u->company_id = $this->company->id;
403 if (!$u->get($id) || !strlen($u->passwd)) {
408 if ($key != $u->genPassKey($t)) {
409 return "invalid key";
412 $u->no_reset_sent = 0;
415 if ($t < strtotime("NOW - 1 DAY")) {
418 $this->showNewPass = implode("/", array($id,$t,$key));
424 * ---------------- Standard JSON outputers. - used everywhere
427 function jerr($str, $errors=array()) // standard error reporting..
429 require_once 'Services/JSON.php';
430 $json = new Services_JSON();
433 $this->addEvent("ERROR", false, $str);
435 if (!empty($_REQUEST['returnHTML']) ||
436 (isset($_SERVER['CONTENT_TYPE']) && preg_match('#multipart/form-data#i', $_SERVER['CONTENT_TYPE']))
438 header('Content-type: text/html');
439 echo "<HTML><HEAD></HEAD><BODY>";
440 echo $json->encodeUnsafe(array(
443 'message' => $str, // compate with exeption / loadexception.
445 'errors' => $errors ? $errors : true, // used by forms to flag errors.
446 'authFailure' => !empty($errors['authFailure']),
448 echo "</BODY></HTML>";
452 echo $json->encode(array(
456 'message' => $str, // compate with exeption / loadexception.
457 'errors' => $errors ? $errors : true, // used by forms to flag errors.
458 'authFailure' => !empty($errors['authFailure']),
466 require_once 'Services/JSON.php';
467 $json = new Services_JSON();
469 if (!empty($_REQUEST['returnHTML']) ||
470 (isset($_SERVER['CONTENT_TYPE']) && preg_match('#multipart/form-data#i', $_SERVER['CONTENT_TYPE']))
473 header('Content-type: text/html');
474 echo "<HTML><HEAD></HEAD><BODY>";
475 echo $json->encodeUnsafe(array('success'=> true, 'data' => $str));
476 echo "</BODY></HTML>";
481 echo $json->encode(array('success'=> true, 'data' => $str));
486 * output data for grids or tree
487 * @ar {Array} ar Array of data
488 * @total {Number|false} total number of records (or false to return count(ar)
489 * @extra {Array} extra key value list of data to pass as extra data.
492 function jdata($ar,$total=false, $extra=array())
494 // should do mobile checking???
495 if ($total == false) {
498 $extra= $extra ? $extra : array();
499 require_once 'Services/JSON.php';
500 $json = new Services_JSON();
501 echo $json->encode(array('success' => true, 'total'=> $total, 'data' => $ar) + $extra);
512 * ---------------- Page output?!?!?
516 function hasBg($fn) // used on front page to check if logos exist..
518 return file_exists($this->rootDir.'/Pman/'.$this->appNameShort.'/templates/images/'. $fn);
521 function outputJavascriptIncludes() // includes on devel version..
524 $mods = explode(',', $this->appModules);
525 if (in_array('Core',$mods)) { // core has to be the first modules loaded as it contains Pman.js
526 array_unshift($mods, 'Core');
529 $mods = array_unique($mods);
531 $disabled = explode(',', $this->appDisable ? $this->appDisable: '');
533 foreach($mods as $mod) {
534 // add the css file..
535 if (in_array($mod, $disabled)) {
540 $files = $this->moduleJavascriptList($mod.'/widgets');
541 foreach($files as $f) {
542 echo '<script type="text/javascript" src="'. $f. '"></script>'."\n";
545 $files = $this->moduleJavascriptList($mod);
546 foreach($files as $f) {
547 echo '<script type="text/javascript" src="'. $f. '"></script>'."\n";
554 function outputCSSIncludes() // includes on CSS links.
557 $mods = explode(',', $this->appModules);
558 array_unshift($mods, 'Core');
559 $mods = array_unique($mods);
561 foreach($mods as $mod) {
562 // add the css file..
563 $css = $this->rootDir.'/Pman/'.$mod.'/'.strtolower($mod).'.css';
564 if (file_exists( $css)){
565 $css = $this->rootURL .'/Pman/'.$mod.'/'.strtolower($mod).'.css';
566 echo '<link rel="stylesheet" type="text/css" href="'.$css.'" />'."\n";
577 function moduleJavascriptList($mod)
580 $ff = HTML_FlexyFramework::get();
582 $dir = $this->rootDir.'/Pman/'. $mod;
584 $path = $this->rootURL."/Pman/$mod/";
585 $base = dirname($_SERVER['SCRIPT_FILENAME']);
586 $cfile = realpath($base .'/_compiled_/' . $mod);
587 $lfile = realpath($base .'/_translations_/' . $mod . '.js');
589 if (!file_exists($dir)) {
597 if (file_exists($cfile)) {
598 // $ctime = max(filemtime($cfile), filectime($cfile));
599 // otherwise use compile dfile..
601 $ar = glob($cfile . '/' . $mod . '*.js');
602 // default to first..
603 $cfile = basename($ar[count($ar) -1]);
604 foreach($ar as $fn) {
605 if (filemtime($fn) > $maxm) {
606 $cfile = basename($fn);
607 $maxm = filemtime($fn);
613 $files = array( $this->rootURL. "/_compiled_/".$mod . "/" . $cfile);
614 if (file_exists($lfile)) {
615 array_push($files, $this->rootURL."/_translations_/$mod.js");
619 // works out if stuff has been updated..
620 // technically the non-dev version should output compiled only?!!?
622 while (false !== ($f = readdir($dh))) {
624 if (!preg_match('/\.js$/', $f)) {
627 // got the 'module file..'
629 $maxtime = max(filemtime($dir . '/'. $f), $maxtime);
630 $files[] = $path . $f;
635 // var_dump(array($maxtime , $ctime));
636 //if ($maxtime > $ctime) {
637 $lsort = create_function('$a,$b','return strlen($a) > strlen($b) ? 1 : -1;');
638 usort($files, $lsort);
639 // if (file_exists($lfile)) {
640 // array_unshift($files, $this->rootURL."/_translations_/$mod.js");
651 * ---------------- Logging ---------------
656 * Log an action (only if it has not been logged already.
658 * @param {String} action - group/name of event
659 * @param {DataObject|false} obj - dataobject action occured on.
660 * @param {String} any remarks
663 function addEventOnce($act, $obj = false, $remarks = '')
665 $au = $this->getAuthUser();
666 $e = DB_DataObject::factory('Events');
667 $e->init($act,$obj,$remarks);
668 if ($e->find(true)) {
671 $this->addEvent($act, $obj, $remarks);
677 * @param {String} action - group/name of event
678 * @param {DataObject|false} obj - dataobject action occured on.
679 * @param {String} any remarks
682 function addEvent($act, $obj = false, $remarks = '')
684 $au = $this->getAuthUser();
685 $e = DB_DataObject::factory('Events');
686 $e->init($act,$obj,$remarks);
688 $e->event_when = date('Y-m-d H:i:s');
691 $ff = HTML_FlexyFramework::get();
692 if (empty($ff->Pman['event_log_dir'])) {
695 $file = $ff->Pman['event_log_dir']. date('/Y/m/d/'). $eid . ".php";
696 if (!file_exists(dirname($file))) {
697 mkdir(dirname($file),0700,true);
699 file_put_contents($file, var_export(array(
700 'REQUEST_URI' => empty($_SERVER['REQUEST_URI']) ? 'cli' : $_SERVER['REQUEST_URI'],
701 'GET' => empty($_GET) ? array() : $_GET,
702 'POST' => empty($_POST) ? array() : $_POST,