Talenttic_survey/CATI_Tool
2
0
Fork 0
mirror of https://github.com/ACSPRI/queXS synced 2024-04-02 12:12:16 +00:00
Code Issues Releases Activity

Remove references to HTPASSWD

Browse Source 
Updated user creation / editing code to refer to limesurvey session
This commit is contained in:
Adam Zammit
2015-08-24 15:46:15 +10:00
parent 8a139b9b07
commit 517e6f551c
7 changed files with 136 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
CHANGELOG
View File

@@ -1,3 +1,25 @@
Database changes for session authentication:
/* Make the first user the admin user - with default password of: password */
INSERT INTO `lime_users` (`users_name`, `password`, `full_name`, `parent_id`, `lang`, `superadmin`)
SELECT username, '0x35653838343839386461323830343731353164306535366638646336323932373733363033643064366161626264643632613131656637323164313534326438', firstName, 1, 'auto', 1
FROM operators
WHERE operator_id = 1;
/* Make all other users operators - with default password of: password */
INSERT INTO `lime_users` (`users_name`, `password`, `full_name`, `parent_id`, `lang`, `superadmin`)
SELECT username, '0x35653838343839386461323830343731353164306535366638646336323932373733363033643064366161626264643632613131656637323164313534326438', firstName, 1, 'auto', 0
FROM operators
WHERE operator_id != 1;
/* Make all clients - with default password of: password */
INSERT INTO `lime_users` (`users_name`, `password`, `full_name`, `parent_id`, `lang`, `superadmin`)
SELECT username, '0x35653838343839386461323830343731353164306535366638646336323932373733363033643064366161626264643632613131656637323164313534326438', firstName, 1, 'auto', 0
FROM clients
WHERE 1;
/* Remove redundant table */
DROP TABLE `sessions2`; DROP TABLE `sessions2`;
queXS 1.13.0 - Changes since 1.12.1 queXS 1.13.0 - Changes since 1.12.1

29
admin/clients.php
View File

@@ -61,6 +61,7 @@ if (isset($_POST['client']))
{ {
$client = $db->qstr($_POST['client'],get_magic_quotes_gpc()); $client = $db->qstr($_POST['client'],get_magic_quotes_gpc());
$firstname = $db->qstr($_POST['firstname'],get_magic_quotes_gpc()); $firstname = $db->qstr($_POST['firstname'],get_magic_quotes_gpc());
$email = $db->qstr($_POST['email'],get_magic_quotes_gpc());
$lastname = $db->qstr($_POST['lastname'],get_magic_quotes_gpc()); $lastname = $db->qstr($_POST['lastname'],get_magic_quotes_gpc());
$time_zone_name = $db->qstr($_POST['Time_zone_name'],get_magic_quotes_gpc()); $time_zone_name = $db->qstr($_POST['Time_zone_name'],get_magic_quotes_gpc());
@@ -72,17 +73,15 @@ if (isset($_POST['client']))
if ($db->Execute($sql)) if ($db->Execute($sql))
{ {
if (HTPASSWD_PATH !== false && HTGROUP_PATH !== false) include_once("../include/limesurvey/admin/classes/core/sha256.php");
{
//Get password and add it to the configured htpassword
include_once("../functions/functions.htpasswd.php");
$htp = New Htpasswd(HTPASSWD_PATH);
$htg = New Htgroup(HTGROUP_PATH);
$htp->addUser($_POST['client'],$_POST['password']);
$htg->addUserToGroup($_POST['client'],HTGROUP_CLIENT);
}
//Insert into lime_users
$sql = "INSERT INTO " . LIME_PREFIX . "users (`users_name`,`password`,`full_name`,`parent_id`,`superadmin`,`email`,`lang`)
VALUES ($client, '" . SHA256::hashing($_POST['password']) . "',$firstname,1,0,$email,'auto')";
$db->Execute($sql);
$a = T_("Added: $client"); $a = T_("Added: $client");
} }
else else
@@ -154,16 +153,14 @@ function generate() {
<label class="control-label col-sm-3"><?php echo T_("Enter the username of a client to add:"); ?></label> <label class="control-label col-sm-3"><?php echo T_("Enter the username of a client to add:"); ?></label>
<input name="client" type="text" class="form-control pull-left" required size="40" /> <input name="client" type="text" class="form-control pull-left" required size="40" />
</div> </div>
<?php if (HTPASSWD_PATH !== false && HTGROUP_PATH !== false) { ?>
<div class="form-group form-inline"> <div class="form-group form-inline">
<label class="control-label col-sm-3"><?php echo T_("Enter the password of a client to add:"); ?></label> <label class="control-label col-sm-3"><?php echo T_("Enter the password of a client to add:"); ?></label>
<input name="password" type="text" class="form-control pull-left" size="40" required pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,}" /> <input name="password" type="text" class="form-control pull-left" size="40" required />
<div class="form-inline">&emsp;&emsp; <div class="form-inline">&emsp;&emsp;
<input type="button" onclick="generate();" value="<?php echo T_("Generate");?>" class="btn btn-default fa" />&emsp;<?php echo T_("Password with");?>&ensp; <input type="button" onclick="generate();" value="<?php echo T_("Generate");?>" class="btn btn-default fa" />&emsp;<?php echo T_("Password with");?>&ensp;
<input type="number" name="number" value="25" min="8" max="50" style="width:5em;" class="form-control" />&ensp;<?php echo T_("characters");?> <input type="number" name="number" value="25" min="8" max="50" style="width:5em;" class="form-control" />&ensp;<?php echo T_("characters");?>
</div> </div>
</div> </div>
<?php } ?>
<div class="form-group form-inline"> <div class="form-group form-inline">
<label class="control-label col-sm-3"><?php echo T_("Enter the first name of a client to add:"); ?></label> <label class="control-label col-sm-3"><?php echo T_("Enter the first name of a client to add:"); ?></label>
<input name="firstname" type="text" class="form-control pull-left" size="40" /> <input name="firstname" type="text" class="form-control pull-left" size="40" />
@@ -171,7 +168,11 @@ function generate() {
<div class="form-group form-inline"> <div class="form-group form-inline">
<label class="control-label col-sm-3"><?php echo T_("Enter the surname of a client to add:"); ?></label> <label class="control-label col-sm-3"><?php echo T_("Enter the surname of a client to add:"); ?></label>
<input name="lastname" type="text" class="form-control pull-left" size="40"/> <input name="lastname" type="text" class="form-control pull-left" size="40"/>
</div> </div>
<div class="form-group form-inline">
<label class="col-sm-3 control-label"><?php echo T_("Email") . ": ";?></label>
<input name="email" type="text" class="form-control pull-left"/>
</div>
<div class="form-group form-inline"> <div class="form-group form-inline">
<label class="control-label col-sm-3"><a href='timezonetemplate.php'><?php echo T_("Enter the Time Zone of a client to add:"); echo "</a></label>"; <label class="control-label col-sm-3"><a href='timezonetemplate.php'><?php echo T_("Enter the Time Zone of a client to add:"); echo "</a></label>";
display_chooser($rs,"Time_zone_name","Time_zone_name",false,false,false,false,array("value",get_setting("DEFAULT_TIME_ZONE")),true,"pull-left"); ?> display_chooser($rs,"Time_zone_name","Time_zone_name",false,false,false,false,array("value",get_setting("DEFAULT_TIME_ZONE")),true,"pull-left"); ?>

107
admin/operatorlist.php
View File

@@ -60,25 +60,43 @@ if (isset($_POST['submit']))
if (isset($_POST['chat_enable'])) $chat_enable = 1; if (isset($_POST['chat_enable'])) $chat_enable = 1;
if (isset($_POST['enabled'])) $enabled = 1; if (isset($_POST['enabled'])) $enabled = 1;
if (HTPASSWD_PATH !== false && $_POST['existing_username'] != $_POST['username'] && empty($_POST['password'])) //get username
{ $sql = "SELECT username
$msg = "<div class='alert alert-danger'><h3>" . T_("If changing usernames, you must specify a new password") . "</h3></div>"; FROM operator
} WHERE operator_id = $operator_id";
else
{
$sql = "UPDATE operator
SET username = " . $db->qstr($_POST['username']) . ",
lastName = " . $db->qstr($_POST['lastName']) . ",
firstName = " . $db->qstr($_POST['firstName']) . ",
chat_user = " . $db->qstr($_POST['chat_user']) . ",
chat_password = " . $db->qstr($_POST['chat_password']) . ",
Time_zone_name = " . $db->qstr($_POST['timezone']) . ",
voip = $voip, enabled = $enabled, chat_enable = $chat_enable
WHERE operator_id = $operator_id";
$rs = $db->Execute($sql); $uname = $db->GetOne($sql);
if (!empty($rs)) $sql = "UPDATE " . LIME_PREFIX . "users
SET users_name = " . $db->qstr($_POST['username']) . ",
email = " . $db->qstr($_POST['email']) . ",
full_name = " . $db->qstr($_POST['firstName']);
if (!empty($_POST['password']))
{
include_once("../include/limesurvey/admin/classes/core/sha256.php");
$sql .= ", password = '" . SHA256::hashing($_POST['password']) . "' ";
}
$sql .= " WHERE users_name = '$uname'";
$rs = $db->Execute($sql);
if (!empty($rs))
{
$sql = "UPDATE operator
SET username = " . $db->qstr($_POST['username']) . ",
lastName = " . $db->qstr($_POST['lastName']) . ",
firstName = " . $db->qstr($_POST['firstName']) . ",
chat_user = " . $db->qstr($_POST['chat_user']) . ",
chat_password = " . $db->qstr($_POST['chat_password']) . ",
Time_zone_name = " . $db->qstr($_POST['timezone']) . ",
voip = $voip, enabled = $enabled, chat_enable = $chat_enable
WHERE operator_id = $operator_id";
$rs = $db->Execute($sql);
if (!empty($rs))
{ {
//only update extension if we aren't on a case //only update extension if we aren't on a case
$sql = "SELECT case_id $sql = "SELECT case_id
@@ -94,38 +112,28 @@ if (isset($_POST['submit']))
WHERE current_operator_id= $operator_id"; WHERE current_operator_id= $operator_id";
$db->Execute($sql); $db->Execute($sql);
if (!empty($_POST['extension_id'])) if (!empty($_POST['extension_id']))
{ {
$sql = "UPDATE extension $sql = "UPDATE extension
SET current_operator_id = $operator_id SET current_operator_id = $operator_id
WHERE extension_id = " . intval($_POST['extension_id']); WHERE extension_id = " . intval($_POST['extension_id']);
$db->Execute($sql); $db->Execute($sql);
} }
} }
$msg = "<div class='alert alert-info'><h3>" . T_("Successfully updated user") . ": " . $_POST['username'] . "</h3></div>";
if (HTPASSWD_PATH !== false && !empty($_POST['password'])) }
{ else
//update password in htaccess {
include_once(dirname(__FILE__).'/../functions/functions.htpasswd.php'); $msg = "<div class='alert alert-danger'><h3>" . T_("Failed to update user") . ": " . $_POST['username'] . " " . T_("Please make sure the username is unique") . "</h3></div>";
$htp = New Htpasswd(HTPASSWD_PATH); }
$htp->deleteUser($_POST["existing_username"]); }
$htp->deleteUser($_POST["username"]); else
$htp->addUser($_POST["username"],$_POST["password"]); {
$htg = New Htgroup(HTGROUP_PATH); $msg = "<div class='alert alert-danger'><h3>" . T_("Failed to update user") . ": " . $_POST['username'] . " " . T_("Please make sure the username is unique") . "</h3></div>";
$htg->deleteUserFromGroup($_POST["existing_username"],HTGROUP_INTERVIEWER); }
$htg->addUserToGroup($_POST["username"],HTGROUP_INTERVIEWER); $_GET['edit'] = $operator_id;
}
$msg = "<div class='alert alert-info'><h3>" . T_("Successfully updated user") . ": " . $_POST['username'] . "</h3></div>";
}
else
{
$msg = "<div class='alert alert-danger'><h3>" . T_("Failed to update user") . ": " . $_POST['username'] . " " . T_("Please make sure the username is unique") . "</h3></div>";
}
}
$_GET['edit'] = $operator_id;
} }
@@ -135,9 +143,10 @@ if (isset($_GET['edit']))
$operator_id = intval($_GET['edit']); $operator_id = intval($_GET['edit']);
$sql = "SELECT * $sql = "SELECT o.*,l.superadmin,l.email
FROM operator FROM operator as o, " . LIME_PREFIX ."users as l
WHERE operator_id = $operator_id"; WHERE o.operator_id = $operator_id
AND l.users_name = o.username";
$rs = $db->GetRow($sql); $rs = $db->GetRow($sql);
@@ -205,7 +214,6 @@ function generate() {
<label for="username" class="col-sm-3 control-label"><?php echo T_("Username") . ": "; ?></label> <label for="username" class="col-sm-3 control-label"><?php echo T_("Username") . ": "; ?></label>
<div class="col-sm-3"><input type='text' name='username' class="form-control" value="<?php echo $rs['username'];?>"/></div> <div class="col-sm-3"><input type='text' name='username' class="form-control" value="<?php echo $rs['username'];?>"/></div>
</div> </div>
<?php if (HTPASSWD_PATH !== false) { ?>
<div class="form-group"> <div class="form-group">
<label for="password" class="col-sm-3 control-label"><?php echo T_("Password") . ": "; ?></label> <label for="password" class="col-sm-3 control-label"><?php echo T_("Password") . ": "; ?></label>
<div class="col-sm-3"><input type='text' name='password' class="form-control" placeholder="<?php echo T_("leave blank to keep existing password");?>"/></div> <div class="col-sm-3"><input type='text' name='password' class="form-control" placeholder="<?php echo T_("leave blank to keep existing password");?>"/></div>
@@ -214,7 +222,6 @@ function generate() {
<input type="number" name="number" value="25" min="8" max="50" style="width:5em;" class="form-control" />&ensp;<?php echo T_("characters");?> <input type="number" name="number" value="25" min="8" max="50" style="width:5em;" class="form-control" />&ensp;<?php echo T_("characters");?>
</div> </div>
</div> </div>
<?php } ?>
<div class="form-group"> <div class="form-group">
<label for="firstName" class="col-sm-3 control-label"><?php echo T_("First name") . ": "; ?></label> <label for="firstName" class="col-sm-3 control-label"><?php echo T_("First name") . ": "; ?></label>
<div class="col-sm-3"><input type='text' name='firstName' class="form-control" value="<?php echo $rs['firstName'];?>"/></div> <div class="col-sm-3"><input type='text' name='firstName' class="form-control" value="<?php echo $rs['firstName'];?>"/></div>
@@ -223,6 +230,10 @@ function generate() {
<label for="lastName" class="col-sm-3 control-label"><?php echo T_("Last name") . ": "; ?></label> <label for="lastName" class="col-sm-3 control-label"><?php echo T_("Last name") . ": "; ?></label>
<div class="col-sm-3"><input type='text' name='lastName' class="form-control" value="<?php echo $rs['lastName'];?>"/></div> <div class="col-sm-3"><input type='text' name='lastName' class="form-control" value="<?php echo $rs['lastName'];?>"/></div>
</div> </div>
<div class="form-group">
<label for="email" class="col-sm-3 control-label"><?php echo T_("Email") . ": "; ?></label>
<div class="col-sm-3"><input type='text' name='email' class="form-control" value="<?php echo $rs['email'];?>"/></div>
</div>
<div class="form-group"> <div class="form-group">
<label for="timezone" class="col-sm-3 control-label"><?php echo T_("Timezone") . ": ";?></label> <label for="timezone" class="col-sm-3 control-label"><?php echo T_("Timezone") . ": ";?></label>
<div class="col-sm-3"><?php display_chooser($tz,"timezone","timezone",false,false,false,true,array("value",$rs['Time_zone_name']),true,"form-inline"); ?></div> <div class="col-sm-3"><?php display_chooser($tz,"timezone","timezone",false,false,false,true,array("value",$rs['Time_zone_name']),true,"form-inline"); ?></div>
@@ -250,6 +261,10 @@ function generate() {
<div class="form-group"> <div class="form-group">
<label for="chat_password" class="col-sm-3 control-label"><?php echo T_("Jabber/XMPP chat password") . ": "; ?></label> <label for="chat_password" class="col-sm-3 control-label"><?php echo T_("Jabber/XMPP chat password") . ": "; ?></label>
<div class="col-sm-3"><input type='text' name='chat_password' class="form-control" value="<?php echo $rs['chat_password'];?>"/></div> <div class="col-sm-3"><input type='text' name='chat_password' class="form-control" value="<?php echo $rs['chat_password'];?>"/></div>
</div>
<div class="form-group">
<label for="admin" class="col-sm-3 control-label"><?php echo T_("Is the operator a system administrator?");?></label>
<div class="col-sm-3"><input name="admin" type="checkbox" data-toggle="toggle" data-on="<?php echo T_("Yes"); ?>" data-off="<?php echo T_("No"); ?>" data-offstyle="primary" data-onstyle="danger" <?php if ($rs['superadmin']) echo "checked=\"checked\""; ?> value="1"/></div>
</div> </div>
<div class="form-group"> <div class="form-group">
<label for="chat_enable" class="col-sm-3 control-label"><?php echo T_("Uses chat") . "? ";?></label> <label for="chat_enable" class="col-sm-3 control-label"><?php echo T_("Uses chat") . "? ";?></label>

42
admin/operators.php
View File

@@ -57,6 +57,8 @@ $a = false;
if (isset($_POST['operator']) && isset($_POST['adduser'])) if (isset($_POST['operator']) && isset($_POST['adduser']))
{ {
$operator = $db->qstr($_POST['operator'],get_magic_quotes_gpc()); $operator = $db->qstr($_POST['operator'],get_magic_quotes_gpc());
$email= $db->qstr($_POST['email'],get_magic_quotes_gpc());
$password = $db->qstr($_POST['password'],get_magic_quotes_gpc());
$firstname = $db->qstr($_POST['firstname'],get_magic_quotes_gpc()); $firstname = $db->qstr($_POST['firstname'],get_magic_quotes_gpc());
$lastname = $db->qstr($_POST['lastname'],get_magic_quotes_gpc()); $lastname = $db->qstr($_POST['lastname'],get_magic_quotes_gpc());
$chat_user = $db->qstr($_POST['chat_user'],get_magic_quotes_gpc()); $chat_user = $db->qstr($_POST['chat_user'],get_magic_quotes_gpc());
@@ -96,12 +98,14 @@ if (isset($_POST['operator']) && isset($_POST['adduser']))
} }
$supervisor = 0; $supervisor = 0;
$temporary = 0; $temporary = 0;
$admin = 0;
$refusal = 0; $refusal = 0;
$voip = 0; $voip = 0;
$chat = 0; $chat = 0;
if (isset($_POST['supervisor']) && $_POST['supervisor'] == "on") $supervisor = 1; if (isset($_POST['supervisor']) && $_POST['supervisor'] == "on") $supervisor = 1;
if (isset($_POST['refusal']) && $_POST['refusal'] == "on") $refusal = 1; if (isset($_POST['refusal']) && $_POST['refusal'] == "on") $refusal = 1;
if (isset($_POST['temporary']) && $_POST['temporary'] == "on") $temporary = 1; if (isset($_POST['temporary']) && $_POST['temporary'] == "on") $temporary = 1;
if (isset($_POST['admin']) && $_POST['admin'] == "on") $admin = 1;
if (isset($_POST['voip']) && $_POST['voip'] == "on") $voip = 1; if (isset($_POST['voip']) && $_POST['voip'] == "on") $voip = 1;
if (isset($_POST['chat_enable']) && $_POST['chat_enable'] == "on") $chat = 1; if (isset($_POST['chat_enable']) && $_POST['chat_enable'] == "on") $chat = 1;
@@ -113,7 +117,15 @@ if (isset($_POST['operator']) && isset($_POST['adduser']))
if ($db->Execute($sql)) if ($db->Execute($sql))
{ {
$oid = $db->Insert_ID(); $oid = $db->Insert_ID();
include_once("../include/limesurvey/admin/classes/core/sha256.php");
//Insert into lime_users
$sql = "INSERT INTO " . LIME_PREFIX . "users (`users_name`,`password`,`full_name`,`parent_id`,`superadmin`,`email`,`lang`)
VALUES ($operator, '" . SHA256::hashing($_POST['password']) . "',$firstname,1,$admin,$email,'auto')";
$db->Execute($sql);
if (FREEPBX_PATH !== false) if (FREEPBX_PATH !== false)
{ {
@@ -135,20 +147,6 @@ if (isset($_POST['operator']) && isset($_POST['adduser']))
$db->Execute($sql); $db->Execute($sql);
} }
if (HTPASSWD_PATH !== false && HTGROUP_PATH !== false)
{
//Get password and add it to the configured htpassword
include_once("../functions/functions.htpasswd.php");
$htp = New Htpasswd(HTPASSWD_PATH);
$htg = New Htgroup(HTGROUP_PATH);
$htp->addUser($_POST['operator'],$_POST['password']);
$htg->addUserToGroup($_POST['operator'],HTGROUP_INTERVIEWER);
if ($supervisor)
$htg->addUserGroup(HTGROUP_ADMIN);
}
$a = "<div class='alert alert-info'><h3>" . T_("Added operator :") . " " . $operator . "</h3>"; $a = "<div class='alert alert-info'><h3>" . T_("Added operator :") . " " . $operator . "</h3>";
if (FREEPBX_PATH !== false) if (FREEPBX_PATH !== false)
@@ -188,7 +186,7 @@ if ($a) {
else { else {
echo "<div class='well'>"; echo "<div class='well'>";
//echo "<p>" . T_("Adding an operator here will give the user the ability to call cases") . "<a href='operatorquestionnaire.php'>" . T_("Assign Operator to Questionnaire") . "</a>" . T_("tool") . ".</p>"; //echo "<p>" . T_("Adding an operator here will give the user the ability to call cases") . "<a href='operatorquestionnaire.php'>" . T_("Assign Operator to Questionnaire") . "</a>" . T_("tool") . ".</p>";
echo "<p>" . T_("Use this form to enter the username of a user based on your directory security system. For example, if you have secured the base directory of queXS using Apache file based security, enter the usernames of the users here.") . "</p>"; //echo "<p>" . T_("Use this form to enter the username of a user based on your directory security system. For example, if you have secured the base directory of queXS using Apache file based security, enter the usernames of the users here.") . "</p>";
echo "<p>" . T_("The username and extension must be unique for each operator.") . "</p>"; echo "<p>" . T_("The username and extension must be unique for each operator.") . "</p>";
echo "</div>"; echo "</div>";
} }
@@ -247,16 +245,14 @@ function generate() {
<label class="col-sm-3 control-label"><?php echo T_("Username") . ": ";?></label> <label class="col-sm-3 control-label"><?php echo T_("Username") . ": ";?></label>
<div class="col-sm-3"><input name="operator" type="text" class="form-control" required /></div> <div class="col-sm-3"><input name="operator" type="text" class="form-control" required /></div>
</div> </div>
<?php if (HTPASSWD_PATH !== false && HTGROUP_PATH !== false) { ?>
<div class="form-group"> <div class="form-group">
<label class="col-sm-3 control-label"><?php echo T_("Password") . ": ";?></label> <label class="col-sm-3 control-label"><?php echo T_("Password") . ": ";?></label>
<div class="col-sm-3"><input name="password" id="password" type="text" class="form-control" required pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,}" /></div> <div class="col-sm-3"><input name="password" id="password" type="text" class="form-control" required /></div>
<div class="col-sm-6 form-inline">&emsp; <div class="col-sm-6 form-inline">&emsp;
<input type="button" onclick="generate();" value="<?php echo T_("Generate");?>" class="btn btn-default fa" />&emsp;<?php echo T_("Password with");?>&ensp; <input type="button" onclick="generate();" value="<?php echo T_("Generate");?>" class="btn btn-default fa" />&emsp;<?php echo T_("Password with");?>&ensp;
<input type="number" name="number" value="25" min="8" max="50" style="width:5em;" class="form-control" />&ensp;<?php echo T_("characters");?> <input type="number" name="number" value="25" min="8" max="50" style="width:5em;" class="form-control" />&ensp;<?php echo T_("characters");?>
</div> </div>
</div> </div>
<?php } ?>
<div class="form-group"> <div class="form-group">
<label class="col-sm-3 control-label"><?php echo T_("First name") . ": ";?></label> <label class="col-sm-3 control-label"><?php echo T_("First name") . ": ";?></label>
<div class="col-sm-3"><input name="firstname" type="text" class="form-control" required/></div> <div class="col-sm-3"><input name="firstname" type="text" class="form-control" required/></div>
@@ -265,6 +261,10 @@ function generate() {
<label class="col-sm-3 control-label"><?php echo T_("Last name") . ": ";?></label> <label class="col-sm-3 control-label"><?php echo T_("Last name") . ": ";?></label>
<div class="col-sm-3"><input name="lastname" type="text" class="form-control"/></div> <div class="col-sm-3"><input name="lastname" type="text" class="form-control"/></div>
</div> </div>
<div class="form-group">
<label class="col-sm-3 control-label"><?php echo T_("Email") . ": ";?></label>
<div class="col-sm-3"><input name="email" type="text" class="form-control"/></div>
</div>
<div class="form-group"> <div class="form-group">
<label class="col-sm-3 control-label"><?php echo T_("Timezone") . ": ";?></label> <label class="col-sm-3 control-label"><?php echo T_("Timezone") . ": ";?></label>
<div class="col-sm-3"><?php display_chooser($rs,"Time_zone_name","Time_zone_name",false,false,false,true,array("value",get_setting("DEFAULT_TIME_ZONE")),true,"form-inline");?></div> <div class="col-sm-3"><?php display_chooser($rs,"Time_zone_name","Time_zone_name",false,false,false,true,array("value",get_setting("DEFAULT_TIME_ZONE")),true,"form-inline");?></div>
@@ -300,6 +300,10 @@ function generate() {
<label class="col-sm-3 control-label"><?php echo T_("Uses chat") . "? ";?></label> <label class="col-sm-3 control-label"><?php echo T_("Uses chat") . "? ";?></label>
<div class="col-sm-3"><input name="chat_enable" type="checkbox" data-toggle="toggle" data-on="<?php echo T_("Yes"); ?>" data-off="<?php echo T_("No"); ?>" /></div> <div class="col-sm-3"><input name="chat_enable" type="checkbox" data-toggle="toggle" data-on="<?php echo T_("Yes"); ?>" data-off="<?php echo T_("No"); ?>" /></div>
</div> </div>
<div class="form-group">
<label class="col-sm-3 control-label"><?php echo T_("Is the operator a system administrator?");?></label>
<div class="col-sm-3"><input name="admin" type="checkbox" data-toggle="toggle" data-on="<?php echo T_("Yes"); ?>" data-off="<?php echo T_("No"); ?>" data-offstyle="primary" data-onstyle="danger"/></div>
</div>
<div class="form-group"> <div class="form-group">
<label class="col-sm-3 control-label"><?php echo T_("Is the operator a normal interviewer?");?></label> <label class="col-sm-3 control-label"><?php echo T_("Is the operator a normal interviewer?");?></label>
<div class="col-sm-3"><input name="temporary" type="checkbox" data-toggle="toggle" data-on="<?php echo T_("Yes"); ?>" data-off="<?php echo T_("No"); ?>" data-offstyle="danger" checked="checked"/></div> <div class="col-sm-3"><input name="temporary" type="checkbox" data-toggle="toggle" data-on="<?php echo T_("Yes"); ?>" data-off="<?php echo T_("No"); ?>" data-offstyle="danger" checked="checked"/></div>

25
config.default.php
View File

@@ -168,31 +168,6 @@ if (!defined('PHP_EXEC')) define('PHP_EXEC', "php");
*/ */
if (!defined('ADODB_PATH')) define('ADODB_PATH',dirname(__FILE__).'/include/limesurvey/classes/adodb/'); if (!defined('ADODB_PATH')) define('ADODB_PATH',dirname(__FILE__).'/include/limesurvey/classes/adodb/');
/**
* Path to the HTPASSWD file read/writable by the web server user for htpasswd integration
*/
if (!defined('HTPASSWD_PATH')) define('HTPASSWD_PATH',false);
/**
* Path to the HTGROUP file read/writable by the web server user for htpasswd integration
*/
if (!defined('HTGROUP_PATH')) define('HTGROUP_PATH',false);
/**
* The name of the admin group for htaccess
*/
if (!defined('HTGROUP_ADMIN')) define('HTGROUP_ADMIN','admin');
/**
* The name of the interviewers group for htaccess
*/
if (!defined('HTGROUP_INTERVIEWER')) define('HTGROUP_INTERVIEWER','interviewers');
/**
* The name of the clients group for htaccess
*/
if (!defined('HTGROUP_CLIENT')) define('HTGROUP_CLIENT','clients');
/** /**
* Whether to automatically assign a call as complete if VoIP disabled at the end of a completed questionnaire * Whether to automatically assign a call as complete if VoIP disabled at the end of a completed questionnaire
*/ */

9
database/quexs.sql
View File

@@ -955,7 +955,7 @@ CREATE TABLE `lime_users` (
-- Dumping data for table `lime_users` -- Dumping data for table `lime_users`
-- --
INSERT INTO `lime_users` (`uid`, `users_name`, `password`, `full_name`, `parent_id`, `lang`, `email`, `create_survey`, `create_user`, `participant_panel`, `delete_user`, `superadmin`, `configurator`, `manage_template`, `manage_label`, `htmleditormode`, `templateeditormode`, `questionselectormode`, `one_time_pw`, `dateformat`) VALUES(1, 'admin', 0x35653838343839386461323830343731353164306535366638646336323932373733363033643064366161626264643632613131656637323164313534326438, 'Your Name', 0, 'en', 'your-email@example.net', 1, 1, 0, 1, 1, 1, 1, 1, 'default', 'default', 'default', NULL, 1); INSERT INTO `lime_users` (`uid`, `users_name`, `password`, `full_name`, `parent_id`, `lang`, `email`, `create_survey`, `create_user`, `participant_panel`, `delete_user`, `superadmin`, `configurator`, `manage_template`, `manage_label`, `htmleditormode`, `templateeditormode`, `questionselectormode`, `one_time_pw`, `dateformat`) VALUES(1, 'admin', 0x35653838343839386461323830343731353164306535366638646336323932373733363033643064366161626264643632613131656637323164313534326438, 'Your Name', 0, 'auto', 'your-email@example.net', 1, 1, 0, 1, 1, 1, 1, 1, 'default', 'default', 'default', NULL, 1);
-- -------------------------------------------------------- -- --------------------------------------------------------
@@ -1007,6 +1007,9 @@ CREATE TABLE `operator` (
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci; ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
-- -------------------------------------------------------- -- --------------------------------------------------------
INSERT INTO `operator` (`operator_id`, `username`, `firstName`, `lastName`, `Time_zone_name`, `enabled`, `voip`, `next_case_id`, `chat_enable`, `chat_user`, `chat_password`) VALUES
(1, 'admin', 'CATI', 'Admin', 'Australia/Victoria', 1, 0, NULL, 0, '', '');
-- --
-- Table structure for table `operator_questionnaire` -- Table structure for table `operator_questionnaire`
@@ -1032,6 +1035,10 @@ CREATE TABLE `operator_skill` (
-- -------------------------------------------------------- -- --------------------------------------------------------
INSERT INTO `operator_skill` (`operator_id`, `outcome_type_id`) VALUES
(1, 1),
(1, 5);
-- --
-- Table structure for table `outcome` -- Table structure for table `outcome`
-- --

8
include/limesurvey/admin/usercontrol.php
View File

@@ -240,7 +240,13 @@ if (!isset($_SESSION['loginID']))
//go to queXS //go to queXS
$loc = ""; $loc = "";
if ($_SESSION['USER_RIGHT_SUPERADMIN'] == 1) if ($_SESSION['USER_RIGHT_SUPERADMIN'] == 1)
$loc = "/admin"; $loc = "admin";
else
{
$utest = $connect->GetOne("SELECT username FROM client WHERE username = '" . $_SESSION['user'] . "'");
if (!empty($utest))
$loc = "client";
}
header('Location: ' . QUEXS_URL . $loc); header('Location: ' . QUEXS_URL . $loc);
die(); die();
} }