functions->intval($_SESSION['s']['user']['userid']); } public function is_admin() { if($_SESSION['s']['user']['typ'] == 'admin') { return true; } else { return false; } } public function is_superadmin() { if($_SESSION['s']['user']['typ'] == 'admin' && $_SESSION['s']['user']['userid'] == 1) { return true; } else { return false; } } public function has_clients($userid) { global $app, $conf; $userid = $app->functions->intval($userid); $client = $app->db->queryOneRecord("SELECT client.limit_client FROM sys_user, client WHERE sys_user.userid = ? AND sys_user.client_id = client.client_id", $userid); if($client['limit_client'] != 0) { return true; } else { return false; } } //** This function adds a given group id to a given user. public function add_group_to_user($userid, $groupid) { global $app; $userid = $app->functions->intval($userid); $groupid = $app->functions->intval($groupid); if($userid > 0 && $groupid > 0) { $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = ?", $userid); $groups = explode(',', $user['groups']); if(!in_array($groupid, $groups)) $groups[] = $groupid; $groups_string = implode(',', $groups); $sql = "UPDATE sys_user SET groups = ? WHERE userid = ?"; $app->db->query($sql, $groups_string, $userid); return true; } else { return false; } } //** This function returns given client limit as integer, -1 means no limit public function get_client_limit($userid, $limitname) { global $app; $userid = $app->functions->intval($userid); if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$limitname)) $app->error('Invalid limit name '.$limitname); // simple query cache if($this->client_limits===null) $this->client_limits = $app->db->queryOneRecord("SELECT client.* FROM sys_user, client WHERE sys_user.userid = ? AND sys_user.client_id = client.client_id", $userid); // isn't client -> no limit if(!$this->client_limits) return -1; if(isset($this->client_limits['limit_'.$limitname])) { return $this->client_limits['limit_'.$limitname]; } } //** This function removes a given group id from a given user. public function remove_group_from_user($userid, $groupid) { global $app; $userid = $app->functions->intval($userid); $groupid = $app->functions->intval($groupid); if($userid > 0 && $groupid > 0) { $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = ", $userid); $groups = explode(',', $user['groups']); $key = array_search($groupid, $groups); unset($groups[$key]); $groups_string = implode(',', $groups); $sql = "UPDATE sys_user SET groups = ? WHERE userid = ?"; $app->db->query($sql, $groups_string, $userid); return true; } else { return false; } } public function check_module_permissions($module) { // Check if the current user has the permissions to access this module $module = trim(preg_replace('@\s+@', '', $module)); $user_modules = explode(',',$_SESSION["s"]["user"]["modules"]); if(strpos($module, ',') !== false){ $can_use_module = false; $tmp_modules = explode(',', $module); if(is_array($tmp_modules) && !empty($tmp_modules)){ foreach($tmp_modules as $tmp_module){ if($tmp_module != ''){ if(in_array($tmp_module,$user_modules)) { $can_use_module = true; break; } } } } if(!$can_use_module){ // echo "LOGIN_REDIRECT:/index.php"; header("Location: /index.php"); exit; } } else { if(!in_array($module,$user_modules)) { // echo "LOGIN_REDIRECT:/index.php"; header("Location: /index.php"); exit; } } } public function check_security_permissions($permission) { global $app; $app->uses('getconf'); $security_config = $app->getconf->get_security_config('permissions'); $security_check = false; if($security_config[$permission] == 'yes') $security_check = true; if($security_config[$permission] == 'superadmin' && $app->auth->is_superadmin()) $security_check = true; if($security_check !== true) { $app->error($app->lng('security_check1_txt').' '.$permission.' '.$app->lng('security_check2_txt')); } } public function get_random_password($length = 8) { $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; $password = ''; for ($n=0;$n<$length;$n++) { $password.=$base64_alphabet[mt_rand(0, 63)]; } return $password; } public function crypt_password($cleartext_password) { $salt="$1$"; $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; for ($n=0;$n<8;$n++) { $salt.=$base64_alphabet[mt_rand(0, 63)]; } $salt.="$"; return crypt($cleartext_password, $salt); } } ?>