toolbox.php

Internet Task Management System可以让用户分配和管理一个组织内的任务。ITMS可以发送任务管理通知

    $result = db_query($query);
    while($row = db_fetch_row($result))
    {
        array_push($ret, $row);
    }
    db_close();
    return $ret;
}

// Returns an array containing user names and user IDs
function get_all_users()
{
	$ret = array();
    db_open();
    db_use();
    $query = "SELECT * FROM users ORDER BY name";
    $result = db_query($query);
    while($row = db_fetch_row($result))
    {
        array_push($ret, $row);
    }
    db_close();
    return $ret;
}

// Returns an array containing user names and user email addresses from LDAP;
// so if you ever update ITMS to store groups in LDAP you can use this code!
function get_all_ldap_users()
{
    $ret = array();
    global $LDAP_SERVER_ADDRESS;
	global $LDAP_SERVER_PORT;
	global $LDAP_BASE_DN;

	$ds=ldap_connect($LDAP_SERVER_ADDRESS, $LDAP_SERVER_PORT);  // must be a valid LDAP server!

	if ($ds)
	{ 
		$r=ldap_bind($ds);     // this is an "anonymous" bind, typically
							   // read-only access

		// Search surname entry
		$sr=ldap_search($ds, $LDAP_BASE_DN, "(objectclass=person)");  

		$info = ldap_get_entries($ds, $sr);
		
        for($i = 0; $i < $info["count"]; $i++)
        {
            $user_name_string = $info[$i]["cn"][0];
            $email_address = $info[$i]["email"][0];
            array_push($ret, array("name"=>$user_name_string, "email"=>$email_address));
        }
	    asort($ret);
		ldap_close($ds);
	} 
	else
	{
		echo "<h4>Unable to connect to LDAP server</h4>";
	}
    return $ret;
}

// Get all users other than the specified user
function get_all_other_users($user_id)
{
	$ret = array();
    db_open();
    db_use();
    $query = "SELECT * FROM users WHERE user_id != '$user_id' ORDER BY name";
    $result = db_query($query);
    while($row = db_fetch_row($result))
    {
        array_push($ret, $row);
    }
    db_close();
    return $ret;
}

// Get all users other than the specified user in LDAP 
function get_all_other_ldap_users($user_id)
{
    $ret = array();
    $user_name = get_user_name($user_id);
    global $LDAP_SERVER_ADDRESS;
	global $LDAP_SERVER_PORT;
	global $LDAP_BASE_DN;

	$ds=ldap_connect($LDAP_SERVER_ADDRESS, $LDAP_SERVER_PORT);  // must be a valid LDAP server!

	if ($ds)
	{ 
		$r=ldap_bind($ds);     // this is an "anonymous" bind, typically
							   // read-only access

		// Search surname entry
		$sr=ldap_search($ds, $LDAP_BASE_DN, "(objectclass=person)");

		$info = ldap_get_entries($ds, $sr);

        for($i = 0; $i < $info["count"]; $i++)
        {
            $user_name_string = $info[$i]["cn"][0];
            if($user_name_string != $user_name)
                array_push($ret, array("name"=>$user_name_string));
        }
	    asort($ret);
		ldap_close($ds);
	} 
	else
	{
		echo "<h4>Unable to connect to LDAP server</h4>";
	}
    return $ret;
}

// Return group name from group ID
function get_group_name($gid)
{
    db_open();
    db_use();
    $query = "SELECT groupname FROM groups WHERE gid = '$gid'";
    
    $result = db_query($query);
    $row = db_fetch_row($result);
    //db_close();
    return $row["GROUPNAME"];
}

// Return user name from user ID
function get_user_name($userid)
{
    db_open();
    db_use();
    $query = "SELECT name FROM users WHERE user_id = '$userid'";
    
    $result = db_query($query);
    $row = db_fetch_row($result);
    //db_close();
    return $row["NAME"];
}

//return the user id corresponding to the name passed in
function get_user_id($user_name)
{
    db_open();
    db_use();
    $query = "SELECT user_id FROM users WHERE name LIKE '$user_name'";
    
    $result = db_query($query);
    $row = db_fetch_row($result);
    return $row["USER_ID"];
}

// Return user email address from user ID
function get_user_email($userid)
{
    db_open();
    db_use();
    $query = "SELECT email FROM users WHERE user_id = '$userid'";
    
    $result = db_query($query);
    $row = db_fetch_row($result);
    //db_close();
    return $row["EMAIL"];
}

// Make clean for database queries
function make_clean($str)//makes a string from the user safe to do stuff with
{
    return htmlspecialchars(str_replace ("%", "0/0", $str), ENT_QUOTES);
}

// Prints all necessary javascript functions
function print_js()
{
global $EXPIRE_INTERVAL;
$verify = <<<SCRIPT
<SCRIPT LANGUAGE="JavaScript">
<!--
//pass in a reference to the <select> list element
function getListSelections(list)
{
    var selectedvalue = "";
    var selectedcount = 0;

    for (i=0; i< list.options.length; i++)
    {
        if (list.options(i).selected)
        {
          selectedcount++;
          selectedvalue = selectedvalue + list.options(i).value + " ";
        }
    }

    if (selectedcount>0)
        alert("# of Selected items: " + selectedcount + " " + selectedvalue);

    return selectedvalue;
}
//this function will make sure non-empty values are numeric
function verify_int(it)
{
	val = it.value;

	if(val != null && val != "")
    {
        //removes leading 0's that would make parseInt read the number as an octal
        while(val.length > 1 && val.charAt(0) == 0)
        {
            val=val.substring(1, val.length);
        }

        var v = parseInt(val);
        if(isNaN(v))
        {
            it.focus();
			it.select();
        }
     }
	 else
	 {
		 it.value = 1;
		 it.focus();
  		 it.select();
	 }
}

// Client side verification of date format
function verify_date(it, year, month, day, hours, minutes)
{
    var error = false;
    
    //removes leading 0's that would make parseInt read the number as an octal
    while(month.length > 1 && month.charAt(0) == 0)
    {
        month=month.substring(1, month.length);
    }
    while(day.length > 1 && day.charAt(0) == 0)
    {
        day=day.substring(1, day.length);
    }
    while(year.length > 1 && year.charAt(0) == 0)
    {
        year=year.substring(1, year.length1);
    }
    while(hours.length > 1 && hours.charAt(0) == 0)
    {
        hours=hours.substring(1, hours.length);
    }
    while(minutes.length > 1 && minutes.charAt(0) == 0)
    {
        minutes=minutes.substring(1, minutes.length);
    }

    year = parseInt(year);
	month = parseInt(month) - 1;
	day = parseInt(day);
	hours = parseInt(hours);
	minutes = parseInt(minutes);

	var date = new Date(year, month, day, hours, minutes, 0, 0);
	if(date.getMonth() != month)
	{
		it.value = 1;
		it.focus();
		it.select();
	}

}
        
var exp = new Date();
exp.setTime(exp.getTime() + ($EXPIRE_INTERVAL * 1000));
document.cookie="timer=on;expires=" + exp.toGMTString();

// ==========================
// The following code was lifted:
// (C) 2000 by CodeLifter.com
// http://www.codelifter.com
function doTheClock()
{
	window.setTimeout( "doTheClock()", 1000 );
	t = new Date();
	if(document.all || document.getElementById)
	{
		window.status = t.toString();
	}
	else
	{   
	  self.status = t.toString();
	}
}
doTheClock()
//-->
</SCRIPT>\n
SCRIPT;

    print($verify);
}

// Return the priority level of task
function get_priority_string($num)
{
	$ret = "Unknown";
	switch($num)
	{
		case 0: $ret = "Low";
				break;
		case 1: $ret = "Medium";
				break;
		case 2: $ret = "High";
				break;
		case 3: $ret = "ASAP!!!";
				break;
	}
	return $ret;
}

// Returns the days in the month corresponding to the time stamp
function get_days_in_month($timestamp) 
{
	$timepieces = getdate($timestamp); 
	$thisYear = $timepieces["YEAR"]; 
	$thisMonth = $timepieces["MON"]; 
	for($thisDay=1;checkdate($thisMonth,$thisDay,$thisYear);$thisDay++); 
	$thisDay--;
	//message_box("days in toolbox: $thisDay, toolbox month: $thisMonth");
	return $thisDay;
} 

// Add the user to LDAP
function ldap_add_user($newusername, $newpassword)
{
	global $LDAP_SERVER_ADDRESS;
	global $LDAP_SERVER_PORT;
	global $LDAP_BASE_DN;
	global $LDAP_BIND_AS;
	global $LDAP_BIND_PW;

	$ds=ldap_connect($LDAP_SERVER_ADDRESS, $LDAP_SERVER_PORT);  // must be a valid LDAP server!

	if ($ds)
	{ 
		$r=ldap_bind($ds, $LDAP_BIND_AS, $LDAP_BIND_PW);     // write access

		$info["cn"] = $newusername;
		//$info["password"] =  crypt($newpassword);
		$info["password"] =  crypt($newpassword, substr($newpassword, 0, 2)); //new line for encryption_patch
		$info["objectclass"] = "person";
		// add entry
		$sr=ldap_add($ds, "cn=$newusername, $LDAP_BASE_DN", $info);  

		ldap_close($ds);
	} 
	else
	{
		echo "<h4>Unable to connect to LDAP server</h4>";
	}
	
}

// Add the user to the DB
function db_add_user($newusername, $newpassword)
{
	//$query = "INSERT INTO ldap (name, password) VALUES ('$newusername', '" . crypt($newpassword) . "')";
	$query = "INSERT INTO ldap (name, password) VALUES ('$newusername', '" . crypt($newpassword, substr($newpassword, 0, 2)) . "')"; //new line for encryption_patch
	if(db_query($query))
	{
		message_box("User '$newusername' added.");
	}
	else
	{
		error_out("Could not add user to: ldap", "LOG_INFO");
	}
}

// Update the user's pasword in LDAP
function ldap_update_password($username, $newpassword)
{
	global $LDAP_SERVER_ADDRESS;
	global $LDAP_SERVER_PORT;
	global $LDAP_BASE_DN;
	global $LDAP_BIND_AS;
	global $LDAP_BIND_PW;

	$ds=ldap_connect($LDAP_SERVER_ADDRESS, $LDAP_SERVER_PORT);  // must be a valid LDAP server!

	if ($ds)
	{ 
		$r=ldap_bind($ds, $LDAP_BIND_AS, $LDAP_BIND_PW);     // write access
							   
		$info["cn"] = $newusername;
		$info["password"] =  crypt($newpassword, substr($newpassword, 0, 2)); //updated line for Build 0107
		$info["objectclass"] = "person";
		// modify entry
		$sr=ldap_modify($ds, "cn=$username, $LDAP_BASE_DN", $info);  
		if($newpassword == "")
		{
			message_box("This password is now empty, this can be a security risk", "warning");
		}
		else
		{
			message_box("This password has been successfully changed");
		}
		ldap_close($ds);
	} 
	else
	{
		echo "<h4>Unable to connect to LDAP server</h4>";
	}
}

// Update the user's pasword in DB
function db_update_password($username, $newpassword)
{
	db_open();
	db_use();

	$newpassword = crypt($newpassword, substr($newpassword, 0, 2)); //updated line for Build 0107

	$query = "UPDATE ldap SET password = '$newpassword' WHERE name = '$username'";

	if(db_query($query))
	{
		if($newpassword == "")
		{
			message_box("This password is now empty, this can be a security risk", "warning");
		}
		else
		{
			message_box("This password has been successfully changed");
		}
	}
	else
		message_box("Password Update Failed", "error");
	db_close();
}

// Delete user from LDAP
function ldap_delete_user($username)
{
	global $LDAP_SERVER_ADDRESS;
	global $LDAP_SERVER_PORT;
	global $LDAP_BASE_DN;
	global $LDAP_BIND_AS;
	global $LDAP_BIND_PW;

	$ds=ldap_connect($LDAP_SERVER_ADDRESS, $LDAP_SERVER_PORT);  // must be a valid LDAP server!

	if ($ds)
	{ 
		$r=ldap_bind($ds, $LDAP_BIND_AS, $LDAP_BIND_PW);     // write access
							   
		// modify entry
		$sr=ldap_delete($ds, "cn=$username, $LDAP_BASE_DN");  

		ldap_close($ds);
	} 
	else
	{
		echo "<h4>Unable to connect to LDAP server</h4>";
	}
	$user_id = get_user_id($username);
    db_open();
    db_use();
	$query_group = "DELETE FROM user_groups WHERE user_id='$user_id'";
	$query_pending_tasks = "DELETE FROM pending_tasks WHERE user_id='$user_id'";
	$query_private_tasks = "DELETE FROM task_types WHERE group_owned='0' AND owner='$user_id'";
	if(db_query($query_group) && db_query($query_pending_tasks) && db_query($query_private_tasks))
	{
		message_box("$username's pending tasks and private task templates have been sucessfully removed");
	}
    $query = "DELETE FROM users WHERE name LIKE '$username'";
    if(db_query($query))
    {
        message_box("User: $username has been sucessfully removed");
    }
    else
    {
        message_box("Couldn't remove user: $username");
    }
}

// Delete user from DB
function db_delete_user($username)
{
	$user_id = get_user_id($username);
    db_open();
    db_use();
	$query_group = "DELETE FROM user_groups WHERE user_id='$user_id'";
	$query_pending_tasks = "DELETE FROM pending_tasks WHERE user_id='$user_id'";
	$query_private_tasks = "DELETE FROM task_types WHERE group_owned='0' AND owner='$user_id'";
	if(db_query($query_group) && db_query($query_pending_tasks) && db_query($query_private_tasks))
	{
		message_box("$username's pending tasks and private task templates have been sucessfully removed");
	}
    $query = "DELETE FROM users WHERE name LIKE '$username'";
    $query2 = "DELETE FROM ldap WHERE name LIKE '$username'";
    if(db_query($query) && db_query($query2))
    {
        message_box("User: $username has been sucessfully removed");
    }
    else
    {
        message_box("Couldn't remove user: $username");
    }
}

?>