Location: PHPKode > projects > Internet Task Management System > itms_mysql_build_0111/toolbox.php
<?php

/*
 * toolbox.php
 * This file contains functions used throughout the system
 *
 * ITMS ValleyData source file version 1.0 May 11, 2001
 *
 *
 *
 * Internet Task Management System: An online system used for recording information about and assigning tasks and processes.
 * Copyright (C) 2001  ValleyData Programming Group
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 *
 * See file named "gpl.txt" included with source code or
 * visit http://www.gnu.org/copyleft/gpl.txt on the internet.
 */

// converts from raw format to 'March 21, 2001, 10:00 AM'
function convert_date($db_date)
{
    $timestamp = strtotime($db_date);
    $ret = date("F j, Y, g:i a", $timestamp);
    return $ret;
}

// Tell the user he has been assigned a task
function notifyAssigned($taskTitle, $to, $assignedTo, $assignedBy, $assigner_email, $cc, $info, $due_date, $priority, $is_html = "0")
{
	$date = date("F j, Y, g:i a");
	$body = "The task: $taskTitle\n" .
			"Assigned to: $assignedTo\n" .
			"Assigned by: $assignedBy\n" .
			"Assigned on: $date\n" .
		    "Is Due: " . convert_date($due_date) . "\n" .
		    "With Priority: $priority\n" .
		    "Info:\n$info";
	if ($assigner_email == "")
		$headers = "From: $assignedBy <$assigner_email>\n";
	else
		$headers = "From: $assigner_email <$assigner_email>\n";
	$headers .= "Reply-To: $assigner_email\n";

	if($cc != "")
	{
		$cc = str_replace(";", ",", $cc);
		$headers .= "Cc: $cc\n";
	}
	mail(stripslashes($to), "Task Assigned", stripslashes($body), stripslashes($headers));	
}

// Tell the user he has been unassigned a task
function notifyUnassigned($taskTitle, $to, $assignedTo, $assignedBy, $assigner_email, $info, $due_date, $priority, $is_html = "0")
{
	$date = date("F j, Y, g:i a");
	$body = "The task: $taskTitle, has been Unassigned\n" .
			"It Was Assigned to: $assignedTo\n" .
			"Unassigned by: $assignedBy\n" .
			"Unassigned on: $date\n" .
		    "Was Due: " . convert_date($due_date) . "\n" .
		    "With Priority: $priority\n" .
		    "Info:\n$info";
	if ($assigner_email == "")
		$headers = "From: $assignedBy <$assigner_email>\n";
	else
		$headers = "From: $assigner_email <$assigner_email>\n";
	$headers .= "Reply-To: $assigner_email\n";

	mail(stripslashes($to), "Task Unassigned", stripslashes($body), stripslashes($headers));	
}

// Tell the user their pending task has been updated
function notifyUpdate($taskTitle, $to, $assignedBy, $assigner_email, $info, $due_date, $priority, $is_html = "0")
{
	$date = date("F j, Y, g:i a");
	$body = "The task: $taskTitle\n" .
			"Assigned by: $assignedBy\n" .
			"Assigned on: $date\n" .
		    "Is Due: " . convert_date($due_date) . "\n" .
			"With Priority: $priority\n" .
		    "Info:\n$info";
	if ($assigner_email == "")
		$headers = "From: $assignedBy <$assigner_email>\n";
	else
		$headers = "From: $assigner_email <$assigner_email>\n";
	$headers .= "Reply-To: $assigner_email\n";

	mail(stripslashes($to), "Task Updated", stripslashes($body), stripslashes($headers));	
}

// Tell the assigner that the assignee has completed a task
function notifyComplete($taskTitle, $to, $assignedTo, $assignedTo_email, $info, $due_date, $priority, $is_html = "0")
{ 
	$date = date("F j, Y, g:i a");
	$body = "The task: $taskTitle\n" .
			"Assigned to: $assignedTo\n" .
            "Was Due on: " . convert_date($due_date) . "\n" .
			"Was completed on: $date\n" .
			"With Priority: $priority\n" .
		    "Info:\n$info";
	if ($assignedTo_email == "")
		$headers = "From: $assignedTo <$assignedTo_email>\n";
	else
		$headers = "From: $assignedTo_email <$assigner_email>\n";
	$headers .= "Reply-To: $assignedTo_email\n";
	
	mail(stripslashes($to), "Task Completed", stripslashes($body), stripslashes($headers));
}

//This function is called from each page that Administrators have exclusive access to 
function admin_only($isadmin)
{
    if(!$isadmin)
    {
        print("</body>\n");
        print("<head>\n");
        print("<META HTTP-EQUIV=\"Refresh\" content=\"0;URL=logout.php\">\n");
        print("</head>\n");
        message_box("You are not authorized to view this page.", "error");
        exit;
    }
}//end admin_only()

//Precondition: $username and $password have already been "made clean"
// Verify that the user password combination is in the database
function db_is_user($username, $password)
{
    //please make sure that $username and $password are clean before calling this function

    db_open();
    db_use();
    $query = "SELECT * FROM ldap WHERE name LIKE '$username'";
    $result = db_query($query); // Check for valid user name in DB
    if($row = db_fetch_row($result)) // If user exists... get the user
    {
		$passcheck = $row["password"];
        if($passcheck == crypt($password, substr($row["password"], 0, 2))) // Check that the password matches
        {
            return true;
        }
        else
        {
            error_out("Password didn't match for user: " . $username, "LOG_INFO");
        }
    }
    else
    {
        error_out("Couldn't Query LDAP table");
    }
    
    return false;
}//end db_is_user()

//Precondition: $username and $password have already been "made clean"
// Verify that the user password combination is in LDAP
function ldap_is_user($username, $password)
{
    //please make sure that $username and $password are clean before calling this function
	$ret = "false";
    global $LDAP_SERVER_ADDRESS;
	global $LDAP_SERVER_PORT;
	global $LDAP_BASE_DN;

	$ds=ldap_connect($LDAP_SERVER_ADDRESS, $LDAP_SERVER_PORT);  // must be a valid LDAP server!

	if ($ds) // If connected...
	{ 
		$r=ldap_bind($ds);     // this is an "anonymous" bind, typically
							   // read-only access

		// Search surname entry
		$sr=ldap_search($ds, "cn=$username, " . $LDAP_BASE_DN, "(objectclass=person)");  

		$info = ldap_get_entries($ds, $sr);

		$cryptpass = $info[0]["password"][0];
		if($cryptpass == crypt($password, substr($cryptpass, 0, 2))) // Check password matches
		{
			$ret = "true";
		}
	
		ldap_close($ds);
	} 
	else
	{
		echo "<h4>Unable to connect to LDAP server</h4>";
	}

    return $ret;
}//end ldap_is_user()

//Precondition: $username has already been "made clean"
// Get the user ID corresponding to a user name
function get_uid($username)
{
    //please make sure that $username is clean before calling this function
    $ret = "";
    db_open();
    db_use();
    $query = "SELECT uid FROM users WHERE name = '$username'";
    $result = db_query($query); // Get the user ID that matches the user name 
    if($row = db_fetch_row($result))
    {
        $ret = $row["uid"];
    }
    return $ret;
}//end get_uid()

// Display a formatted message box
function message_box($message, $type = "info")
{
    //we can add icons for each of these later too
    $MESSBOXCFG["error"]["color"] = "#FF3333";
    $MESSBOXCFG["warning"]["color"] = "#FF9900";
    $MESSBOXCFG["info"]["color"] = "#00FF00";
    $MESSBOXCFG["error"]["text"] = "Error:";
    $MESSBOXCFG["warning"]["text"] = "Warning:";
    $MESSBOXCFG["info"]["text"] = "Info:";

    $color = $MESSBOXCFG[$type]["color"];
    $text = $MESSBOXCFG[$type]["text"];
	$text = stripslashes($text);
	$message = stripslashes($message);

$box = <<<BOX
<TABLE border="0" bgcolor="#FFFFFF">
<TR>
	<TD bgcolor="$color"><b>$text</b></TD>
</TR>
<TR>
	<TD bgcolor="$color">$message</TD>
</TR>
</TABLE>

BOX;

    print($box);
}//end message_box()

// Check if user is an Administrator
function is_admin($user_id)
{
    db_open();
    db_use();
    $query = "SELECT * FROM users WHERE uid = '$user_id'";
    $result = db_query($query);
	$row = db_fetch_row($result);
	if($row["isadmin"] == "1")
		return true;
	else
		return false;
}

// Get the process name given a process ID
function get_process_name($pid)
{
	db_open();
	db_use();
	$query = "SELECT title FROM processes WHERE pid='$pid'";
	$row = db_fetch_row(db_query($query));
	$process_name = $row["title"];
	return $process_name;
}

// Get the task name given a task ID
function get_task_name($ttid)
{
	db_open();
	db_use();
	$query = "SELECT title FROM task_types WHERE ttid='$ttid'";
	$row = db_fetch_row(db_query($query));
	$task_name = $row["title"];
	return $task_name;
}

// Get the pending task name given a pending task ID
function get_pending_task_name($tid)
{
	db_open();
	db_use();
	$query = "SELECT title FROM pending_tasks WHERE tid='$tid'";
	$row = db_fetch_row(db_query($query));
	$task_name = $row["title"];
	return $task_name;
}

// Get the process owner's name given a process ID
function get_process_owner($pid)
{
	db_open();
    db_use();
	//first find out if the process is group owned, or is privately owned
    $query = "SELECT group_owned, owner FROM processes WHERE pid = '$pid'";
    $result = db_query($query);
	$row = db_fetch_row($result);
	$owner = $row["owner"];
	//if it is group owned, return the name of the group who ownes it
	if($row["group_owned"] == "1")
	{
		$query = "SELECT groupname FROM groups WHERE gid = '$owner'";
		$result = db_query($query);
		$row = db_fetch_row($result);
		$groupname = $row["groupname"];
		return $groupname;
	}
	//else return the name of the user who owns it
	else
	{
		$query = "SELECT name FROM users WHERE uid = '$owner'";
		$result = db_query($query);
		$row = db_fetch_row($result);
		$name = $row["name"];
		return $name;
	}
}

// Get the task owner's name given a task ID
function get_task_owner($ttid)
{
	db_open();
    db_use();
	//first find out if the task is group owned, or is privately owned
    $query = "SELECT group_owned, owner FROM task_types WHERE ttid = '$ttid'";
    $result = db_query($query);
	$row = db_fetch_row($result);
	$owner = $row["owner"];
	//if it is group owned, return the name of the group who ownes it
	if($row["group_owned"] == "1")
	{
		$query = "SELECT groupname FROM groups WHERE gid = '$owner'";
		$result = db_query($query);
		$row = db_fetch_row($result);
		$groupname = $row["groupname"];
		return $groupname;
	}
	//else return the name of the user who owns it
	else
	{
		$query = "SELECT name FROM users WHERE uid = '$owner'";
		$result = db_query($query);
		$row = db_fetch_row($result);
		$name = $row["name"];
		return $name;
	}
}

// Gets all processes that task is in
function get_processes_with_task($ttid)
{
    $ret = array();
    db_open();
    db_use();
    $query = "SELECT title, P.pid FROM process_tasks PT, processes P WHERE PT.ttid='$ttid' " .
    "AND PT.pid = P.pid GROUP BY pid";
    $result = db_query($query);
	while($row = db_fetch_row($result))
    {
        array_push($ret, $row);
    }
    return $ret;
}

// Get all tasks in process
function get_tasks_in_process($pid)
{
    $ret = array();
    db_open();
    db_use();
    $query = "SELECT title, T.ttid FROM process_tasks PT, task_types T WHERE PT.pid='$pid' " .
    "AND PT.ttid = T.ttid GROUP BY ttid";
    $result = db_query($query);
	while($row = db_fetch_row($result))
    {
        array_push($ret, $row);
    }
    return $ret;
}

// Returns true if task is in process
function is_task_in_process($ttid, $pid)
{
    db_open();
    db_use();
    $query = "SELECT * FROM process_tasks WHERE ttid='$ttid' AND pid='$pid'";
    $result = db_query($query);
	if(db_fetch_row($result))
		return true;
	else
		return false;
}

// Returns true if user is in group
function is_user_in_group($user_id, $group_id)
{
    db_open();
    db_use();
    $query = "SELECT * FROM user_groups WHERE gid = '$group_id' AND uid = '$user_id'";
    $result = db_query($query);
	if(db_fetch_row($result))
		return true;
	else
		return false;
}

// Returns all users in group, all users are returned if no group is specified
function get_users_in_group($groupnum = "%")
{
    $ret = array();
    db_open();
    db_use();
    $query = "SELECT name, users.uid FROM users, user_groups " . 
    "WHERE gid like '$groupnum' AND users.uid = user_groups.uid GROUP BY uid ORDER BY name";
    
    $result = db_query($query);
    while($row = db_fetch_row($result))
    {
        array_push($ret, $row);
    }
    db_close();
    return $ret;
}

// Get all the users from the groups that the specified user is in;
// returns all users in groups if no user ID specified
function get_users_in_groups($usernum = "%")
{
    $ret = array();
    db_open();
    db_use();
    $query = "SELECT gid FROM user_groups WHERE uid = '$usernum'";
	$first = "true";
	$set_str = "";
    $result = db_query($query);
    while($row = db_fetch_row($result))
    {
		if($first == "true")
		{
			$set_str .= $row["gid"];
			$first = "false";
		}
		else
		{
			$set_str .= ", " . $row["gid"]; 
		}
    }
	$query2 = "SELECT name, U.uid FROM user_groups UG, users U WHERE U.uid = UG.uid " .
		"AND UG.gid IN ($set_str) GROUP BY U.uid ORDER BY name";
	$result = db_query($query2);
	while($row = db_fetch_row($result))
    {
        array_push($ret, $row);
    }
    db_close();
    return $ret;
}

// Gets all the groups that the user is currently in; gets all groups if the user is not specified
function get_user_groups($usernum = "%")
{
    $ret = array();
    db_open();
    db_use();
    $query = "SELECT gid, uid FROM user_groups WHERE uid = '$usernum'";
    
    $result = db_query($query);
    while($row = db_fetch_row($result))
    {
        array_push($ret, $row);
    }
    db_close();
    return $ret;
}

// Returns an array containing group names and group IDs
function get_all_groups()
{
	$ret = array();
    db_open();
    db_use();
    $query = "SELECT groupname, gid FROM groups ORDER BY groupname";
    $result = db_query($query);
    while($row = db_fetch_row($result))
    {
        array_push($ret, $row);
    }
    db_close();
    return $ret;
}

// Get all groups other than the specified group id
function get_all_other_groups($gid)
{
	$ret = array();
    db_open();
    db_use();
    $query = "SELECT * FROM groups WHERE gid != '$gid' ORDER BY groupname";
    $result = db_query($query);
    while($row = db_fetch_row($result))
    {
        array_push($ret, $row);
    }
    db_close();
    return $ret;
}

// Returns an array containing user names and user IDs
function get_all_users()
{
	$ret = array();
    db_open();
    db_use();
    $query = "SELECT * FROM users ORDER BY name";
    $result = db_query($query);
    while($row = db_fetch_row($result))
    {
        array_push($ret, $row);
    }
    db_close();
    return $ret;
}

// Returns an array containing user names and user email addresses from LDAP;
// so if you ever update ITMS to store groups in LDAP you can use this code!
function get_all_ldap_users()
{
    $ret = array();
    global $LDAP_SERVER_ADDRESS;
	global $LDAP_SERVER_PORT;
	global $LDAP_BASE_DN;

	$ds=ldap_connect($LDAP_SERVER_ADDRESS, $LDAP_SERVER_PORT);  // must be a valid LDAP server!

	if ($ds)
	{ 
		$r=ldap_bind($ds);     // this is an "anonymous" bind, typically
							   // read-only access

		// Search surname entry
		$sr=ldap_search($ds, $LDAP_BASE_DN, "(objectclass=person)");  

		$info = ldap_get_entries($ds, $sr);
		
        for($i = 0; $i < $info["count"]; $i++)
        {
            $user_name_string = $info[$i]["cn"][0];
            $email_address = $info[$i]["email"][0];
            array_push($ret, array("name"=>$user_name_string, "email"=>$email_address));
        }
	    asort($ret);
		ldap_close($ds);
	} 
	else
	{
		echo "<h4>Unable to connect to LDAP server</h4>";
	}
    return $ret;
}

// Get all users other than the specified user
function get_all_other_users($uid)
{
	$ret = array();
    db_open();
    db_use();
    $query = "SELECT * FROM users WHERE uid != '$uid' ORDER BY name";
    $result = db_query($query);
    while($row = db_fetch_row($result))
    {
        array_push($ret, $row);
    }
    db_close();
    return $ret;
}

// Get all users other than the specified user in LDAP 
function get_all_other_ldap_users($uid)
{
    $ret = array();
    $user_name = get_user_name($uid);
    global $LDAP_SERVER_ADDRESS;
	global $LDAP_SERVER_PORT;
	global $LDAP_BASE_DN;

	$ds=ldap_connect($LDAP_SERVER_ADDRESS, $LDAP_SERVER_PORT);  // must be a valid LDAP server!

	if ($ds)
	{ 
		$r=ldap_bind($ds);     // this is an "anonymous" bind, typically
							   // read-only access

		// Search surname entry
		$sr=ldap_search($ds, $LDAP_BASE_DN, "(objectclass=person)");

		$info = ldap_get_entries($ds, $sr);

        for($i = 0; $i < $info["count"]; $i++)
        {
            $user_name_string = $info[$i]["cn"][0];
            if($user_name_string != $user_name)
                array_push($ret, array("name"=>$user_name_string));
        }
	    asort($ret);
		ldap_close($ds);
	} 
	else
	{
		echo "<h4>Unable to connect to LDAP server</h4>";
	}
    return $ret;
}

// Return group name from group ID
function get_group_name($gid)
{
    db_open();
    db_use();
    $query = "SELECT groupname FROM groups WHERE gid = '$gid'";
    
    $result = db_query($query);
    $row = db_fetch_row($result);
    //db_close();
    return $row["groupname"];
}

// Return user name from user ID
function get_user_name($userid)
{
    db_open();
    db_use();
    $query = "SELECT name FROM users WHERE uid = '$userid'";
    
    $result = db_query($query);
    $row = db_fetch_row($result);
    //db_close();
    return $row["name"];
}

//return the user id corresponding to the name passed in
function get_user_id($user_name)
{
    db_open();
    db_use();
    $query = "SELECT uid FROM users WHERE name LIKE '$user_name'";
    
    $result = db_query($query);
    $row = db_fetch_row($result);
    return $row["uid"];
}

// Return user email address from user ID
function get_user_email($userid)
{
    db_open();
    db_use();
    $query = "SELECT email FROM users WHERE uid = '$userid'";
    
    $result = db_query($query);
    $row = db_fetch_row($result);
    //db_close();
    return $row["email"];
}

// Make clean for database queries
function make_clean($str)//makes a string from the user safe to do stuff with
{
    return htmlspecialchars(str_replace ("%", "0/0", $str));
}

// Prints all necessary javascript functions
function print_js()
{
global $EXPIRE_INTERVAL;
$verify = <<<SCRIPT
<SCRIPT LANGUAGE="JavaScript">
<!--
//pass in a reference to the <select> list element
function getListSelections(list)
{
    var selectedvalue = "";
    var selectedcount = 0;

    for (i=0; i< list.options.length; i++)
    {
        if (list.options(i).selected)
        {
          selectedcount++;
          selectedvalue = selectedvalue + list.options(i).value + " ";
        }
    }

    if (selectedcount>0)
        alert("# of Selected items: " + selectedcount + " " + selectedvalue);

    return selectedvalue;
}
//this function will make sure non-empty values are numeric
function verify_int(it)
{
	val = it.value;

	if(val != null && val != "")
    {
        //removes leading 0's that would make parseInt read the number as an octal
        while(val.length > 1 && val.charAt(0) == 0)
        {
            val=val.substring(1, val.length);
        }

        var v = parseInt(val);
        if(isNaN(v))
        {
            it.focus();
			it.select();
        }
     }
	 else
	 {
		 it.value = 1;
		 it.focus();
  		 it.select();
	 }
}

// Client side verification of date format
function verify_date(it, year, month, day, hours, minutes)
{
    var error = false;
    
    //removes leading 0's that would make parseInt read the number as an octal
    while(month.length > 1 && month.charAt(0) == 0)
    {
        month=month.substring(1, month.length);
    }
    while(day.length > 1 && day.charAt(0) == 0)
    {
        day=day.substring(1, day.length);
    }
    while(year.length > 1 && year.charAt(0) == 0)
    {
        year=year.substring(1, year.length1);
    }
    while(hours.length > 1 && hours.charAt(0) == 0)
    {
        hours=hours.substring(1, hours.length);
    }
    while(minutes.length > 1 && minutes.charAt(0) == 0)
    {
        minutes=minutes.substring(1, minutes.length);
    }

    year = parseInt(year);
	month = parseInt(month) - 1;
	day = parseInt(day);
	hours = parseInt(hours);
	minutes = parseInt(minutes);

	var date = new Date(year, month, day, hours, minutes, 0, 0);
	if(date.getMonth() != month)
	{
		it.value = 1;
		it.focus();
		it.select();
	}

}
        
var exp = new Date();
exp.setTime(exp.getTime() + ($EXPIRE_INTERVAL * 1000));
document.cookie="timer=on;expires=" + exp.toGMTString();

// ==========================
// The following code was lifted:
// (C) 2000 by CodeLifter.com
// http://www.codelifter.com
function doTheClock()
{
	window.setTimeout( "doTheClock()", 1000 );
	t = new Date();
	if(document.all || document.getElementById)
	{
		window.status = t.toString();
	}
	else
	{   
	  self.status = t.toString();
	}
}
doTheClock()
//-->
</SCRIPT>\n
SCRIPT;

    print($verify);
}

// Return the priority level of task
function get_priority_string($num)
{
	$ret = "Unknown";
	switch($num)
	{
		case 0: $ret = "Low";
				break;
		case 1: $ret = "Medium";
				break;
		case 2: $ret = "High";
				break;
		case 3: $ret = "ASAP!!!";
				break;
	}
	return $ret;
}

// Returns the days in the month corresponding to the time stamp
function get_days_in_month($timestamp) 
{
	$timepieces = getdate($timestamp); 
	$thisYear = $timepieces["year"]; 
	$thisMonth = $timepieces["mon"]; 
	for($thisDay=1;checkdate($thisMonth,$thisDay,$thisYear);$thisDay++); 
	$thisDay--;
	//message_box("days in toolbox: $thisDay, toolbox month: $thisMonth");
	return $thisDay;
} 

// Add the user to LDAP
function ldap_add_user($newusername, $newpassword)
{
	global $LDAP_SERVER_ADDRESS;
	global $LDAP_SERVER_PORT;
	global $LDAP_BASE_DN;
	global $LDAP_BIND_AS;
	global $LDAP_BIND_PW;

	$ds=ldap_connect($LDAP_SERVER_ADDRESS, $LDAP_SERVER_PORT);  // must be a valid LDAP server!

	if ($ds)
	{ 
		$r=ldap_bind($ds, $LDAP_BIND_AS, $LDAP_BIND_PW);     // write access

		$info["cn"] = $newusername;
		//$info["password"] =  crypt($newpassword);
		$info["password"] =  crypt($newpassword, substr($newpassword, 0, 2)); //new line for encryption_patch
		$info["objectclass"] = "person";
		// add entry
		$sr=ldap_add($ds, "cn=$newusername, $LDAP_BASE_DN", $info);  

		ldap_close($ds);
	} 
	else
	{
		echo "<h4>Unable to connect to LDAP server</h4>";
	}
	
}

// Add the user to the DB
function db_add_user($newusername, $newpassword)
{
	//$query = "INSERT INTO ldap (name, password) VALUES ('$newusername', '" . crypt($newpassword) . "')";
	$query = "INSERT INTO ldap (name, password) VALUES ('$newusername', '" . crypt($newpassword, substr($newpassword, 0, 2)) . "')"; //new line for encryption_patch
	if(db_query($query))
	{
		message_box("User '$newusername' added.");
	}
	else
	{
		error_out("Could not add user to: ldap", "LOG_INFO");
	}
}

// Update the user's pasword in LDAP
function ldap_update_password($username, $newpassword)
{
	global $LDAP_SERVER_ADDRESS;
	global $LDAP_SERVER_PORT;
	global $LDAP_BASE_DN;
	global $LDAP_BIND_AS;
	global $LDAP_BIND_PW;

	$ds=ldap_connect($LDAP_SERVER_ADDRESS, $LDAP_SERVER_PORT);  // must be a valid LDAP server!

	if ($ds)
	{ 
		$r=ldap_bind($ds, $LDAP_BIND_AS, $LDAP_BIND_PW);     // write access
							   
		$info["cn"] = $newusername;
		$info["password"] =  crypt($newpassword, substr($newpassword, 0, 2)); //updated line for Build 0107
		$info["objectclass"] = "person";
		// modify entry
		$sr=ldap_modify($ds, "cn=$username, $LDAP_BASE_DN", $info);  
		if($newpassword == "")
		{
			message_box("This password is now empty, this can be a security risk", "warning");
		}
		else
		{
			message_box("This password has been successfully changed");
		}
		ldap_close($ds);
	} 
	else
	{
		echo "<h4>Unable to connect to LDAP server</h4>";
	}
}

// Update the user's pasword in DB
function db_update_password($username, $newpassword)
{
	db_open();
	db_use();

	$newpassword = crypt($newpassword, substr($newpassword, 0, 2)); //updated line for Build 0107

	$query = "UPDATE ldap SET password = '$newpassword' WHERE name = '$username'";

	if(db_query($query))
	{
		if($newpassword == "")
		{
			message_box("This password is now empty, this can be a security risk", "warning");
		}
		else
		{
			message_box("This password has been successfully changed");
		}
	}
	else
		message_box("Password Update Failed", "error");
	db_close();
}

// Delete user from LDAP
function ldap_delete_user($username)
{
	global $LDAP_SERVER_ADDRESS;
	global $LDAP_SERVER_PORT;
	global $LDAP_BASE_DN;
	global $LDAP_BIND_AS;
	global $LDAP_BIND_PW;

	$ds=ldap_connect($LDAP_SERVER_ADDRESS, $LDAP_SERVER_PORT);  // must be a valid LDAP server!

	if ($ds)
	{ 
		$r=ldap_bind($ds, $LDAP_BIND_AS, $LDAP_BIND_PW);     // write access
							   
		// modify entry
		$sr=ldap_delete($ds, "cn=$username, $LDAP_BASE_DN");  

		ldap_close($ds);
	} 
	else
	{
		echo "<h4>Unable to connect to LDAP server</h4>";
	}
	$user_id = get_user_id($username);
    db_open();
    db_use();
	$query_group = "DELETE FROM user_groups WHERE uid='$user_id'";
	$query_pending_tasks = "DELETE FROM pending_tasks WHERE uid='$user_id'";
	$query_private_tasks = "DELETE FROM task_types WHERE group_owned='0' AND owner='$user_id'";
	if(db_query($query_group) && db_query($query_pending_tasks) && db_query($query_private_tasks))
	{
		message_box("$username's pending tasks and private task templates have been sucessfully removed");
	}
    $query = "DELETE FROM users WHERE name LIKE '$username'";
    if(db_query($query))
    {
        message_box("User: $username has been sucessfully removed");
    }
    else
    {
        message_box("Couldn't remove user: $username");
    }
}

// Delete user from DB
function db_delete_user($username)
{
	$user_id = get_user_id($username);
    db_open();
    db_use();
	$query_group = "DELETE FROM user_groups WHERE uid='$user_id'";
	$query_pending_tasks = "DELETE FROM pending_tasks WHERE uid='$user_id'";
	$query_private_tasks = "DELETE FROM task_types WHERE group_owned='0' AND owner='$user_id'";
	if(db_query($query_group) && db_query($query_pending_tasks) && db_query($query_private_tasks))
	{
		message_box("$username's pending tasks and private task templates have been sucessfully removed");
	}
    $query = "DELETE FROM users WHERE name LIKE '$username'";
    $query2 = "DELETE FROM ldap WHERE name LIKE '$username'";
    if(db_query($query) && db_query($query2))
    {
        message_box("User: $username has been sucessfully removed");
    }
    else
    {
        message_box("Couldn't remove user: $username");
    }
}

?>
Return current item: Internet Task Management System