'.__('Please fill your Username and Password to Login!').'';
} else {
#
if ($sysconf['captcha']['member']['enable']) {
if ($sysconf['captcha']['member']['type'] == 'recaptcha') {
require_once LIB.$sysconf['captcha']['member']['folder'].'/'.$sysconf['captcha']['member']['incfile'];
$privatekey = $sysconf['captcha']['member']['privatekey'];
$resp = recaptcha_check_answer ($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
session_unset();
header("location:index.php?p=member&captchaInvalid=true");
die();
}
} else if ($sysconf['captcha']['member']['type'] == 'others') {
# other captchas here
}
}
#
// regenerate session ID to prevent session hijacking
session_regenerate_id(true);
// create logon class instance
$logon = new member_logon($username, $password, $sysconf['auth']['member']['method']);
if ($sysconf['auth']['member']['method'] === 'LDAP') {
$ldap_configs = $sysconf['auth']['member'];
}
if ($logon->valid($dbs)) {
// write log
utility::writeLogs($dbs, 'member', $username, 'Login', 'Login success for member '.$username.' from address '.$_SERVER['REMOTE_ADDR']);
header('Location: index.php?p=member');
exit();
} else {
// write log
utility::writeLogs($dbs, 'member', $username, 'Login', 'Login FAILED for member '.$username.' from address '.$_SERVER['REMOTE_ADDR']);
// message
$msg = '
'.__('Login FAILED! Wrong username or password!').'
';
simbio_security::destroySessionCookie($msg, MEMBER_COOKIES_NAME, SWB, false);
}
}
}
// check if member already login
if (!$is_member_login) {
?>
'.__('Wrong Captcha Code entered, Please write the right code!').'';
}
?>
'."\n";
$_form .= '
'."\n";
$_form .= '
'."\n";
$_form .= '
'.__('Current Password').'
';
$_form .= '
';
$_form .= '
'."\n";
$_form .= '
'."\n";
$_form .= '
'.__('New Password').'
';
$_form .= '
';
$_form .= '
'."\n";
$_form .= '
'."\n";
$_form .= '
'.__('Confirm Password').'
';
$_form .= '
';
$_form .= '
'."\n";
$_form .= '
'."\n";
$_form .= '
';
$_form .= '
'."\n";
$_form .= '
'."\n";
$_form .= ''."\n";
return $_form;
}
/*
* Function to process member's password changes
*
* @param string $str_curr_pass = member's current password
* @param string $str_new_pass = member's new password request
* @param string $str_conf_new_pass = member's new password request confirmation
* @return boolean true on success, false on failed
*/
function procChangePassword($str_curr_pass, $str_new_pass, $str_conf_new_pass)
{
global $dbs;
// current password checking
$_sql_pass_check = sprintf('SELECT member_id FROM member
WHERE mpasswd=MD5(\'%s\') AND member_id=\'%s\'',
$dbs->escape_string(trim($str_curr_pass)), $dbs->escape_string(trim($_SESSION['mid'])));
$_pass_check = $dbs->query($_sql_pass_check);
if ($_pass_check->num_rows == 1) {
$str_new_pass = trim($str_new_pass);
$str_conf_new_pass = trim($str_conf_new_pass);
// password confirmation check
if ($str_new_pass && $str_conf_new_pass && ($str_new_pass === $str_conf_new_pass)) {
$_sql_update_mpasswd = sprintf('UPDATE member SET mpasswd=MD5(\'%s\')
WHERE member_id=\'%s\'', $dbs->escape_string($str_conf_new_pass), $dbs->escape_string(trim($_SESSION['mid'])));
@$dbs->query($_sql_update_mpasswd);
if (!$dbs->error) {
return true;
} else {
return CANT_UPDATE_PASSWD;
}
} else {
return PASSWD_NOT_MATCH;
}
} else {
return CURR_PASSWD_WRONG;
}
}
/*
* Function to send reservation e-mail for titles in basket
*
* @return array
*/
function sendReserveMail()
{
if (count($_SESSION['m_mark_biblio']) > 0) {
$_ids = '(';
foreach ($_SESSION['m_mark_biblio'] as $_biblio) {
$_ids .= (integer)$_biblio.',';
}
$_ids = substr_replace($_ids, '', -1);
$_ids .= ')';
} else {
return array('status' => 'ERROR', 'message' => 'No Titles to reserve');
}
global $dbs, $sysconf;
require LIB.'phpmailer/class.phpmailer.php';
$_mail = new PHPMailer(false);
$_mail->IsSMTP();
// get message template
$_msg_tpl = @file_get_contents(SB.'template/reserve-mail-tpl.html');
// date
$_curr_date = date('Y-m-d H:i:s');
// query
$_biblio_q = $dbs->query("SELECT biblio_id, title FROM biblio WHERE biblio_id IN $_ids");
// compile reservation data
$_data = '
'."\n";
$_data .= '
Titles to reserve
'."\n";
while ($_title_d = $_biblio_q->fetch_assoc()) {
$_data .= '
';
$_data .= '
'.$_title_d['title'].'
'."\n";
$_data .= '
';
}
$_data .= '
';
// message
$_message = str_ireplace(array('', '', '', ''),
array($_SESSION['mid'], $_SESSION['m_name'], $_data, $_curr_date), $_msg_tpl);
// e-mail setting
// $_mail->SMTPDebug = 2;
$_mail->SMTPAuth = $sysconf['mail']['auth_enable'];
$_mail->Host = $sysconf['mail']['server'];
$_mail->Port = $sysconf['mail']['server_port'];
$_mail->Username = $sysconf['mail']['auth_username'];
$_mail->Password = $sysconf['mail']['auth_password'];
$_mail->SetFrom($sysconf['mail']['from'], $sysconf['mail']['from_name']);
$_mail->AddReplyTo($sysconf['mail']['reply_to'], $sysconf['mail']['reply_to_name']);
// send carbon copy off reserve e-mail to member/requester
$_mail->AddCC($_SESSION['m_email'], $_SESSION['m_name']);
// send reservation e-mail to librarian
$_mail->AddAddress($sysconf['mail']['from'], $sysconf['mail']['from_name']);
// additional recipient
if (isset($sysconf['mail']['add_recipients'])) {
foreach ($sysconf['mail']['add_recipients'] as $_recps) {
$_mail->AddAddress($_recps['from'], $_recps['from_name']);
}
}
$_mail->Subject = 'Reservation request from Member '.$_SESSION['m_name'].' ('.$_SESSION['m_email'].')';
$_mail->AltBody = strip_tags($_message);
$_mail->MsgHTML($_message);
$_sent = $_mail->Send();
if (!$_sent) {
return array('status' => 'ERROR', 'message' => $_mail->ErrorInfo);
utility::writeLogs($this->obj_db, 'member', isset($_SESSION['mid'])?$_SESSION['mid']:'0', 'membership', 'FAILED to send reservation e-mail to '.$_SESSION['m_email'].' ('.$_mail->ErrorInfo.')');
} else {
return array('status' => 'SENT', 'message' => 'Overdue notification E-Mail have been sent to '.$_SESSION['m_email']);
utility::writeLogs($this->obj_db, 'member', isset($_SESSION['mid'])?$_SESSION['mid']:'0', 'membership', 'Reservation notification e-mail sent to '.$_SESSION['m_email']);
}
}
/*
* Function to show member collection basket
*
* @param int number of loan records to show
* @return string
*/
function showBasket($num_recs_show = 20)
{
global $dbs;
// table spec
$_table_spec = 'biblio AS b';
// create datagrid
$_loan_list = new simbio_datagrid();
$_loan_list->table_ID = 'basket';
$_loan_list->setSQLColumn('b.biblio_id AS \''.__('Remove').'\'', 'b.title AS \''.__('Title').'\'');
$_loan_list->setSQLorder('b.last_update DESC');
$_criteria = 'biblio_id = 0';
if (count($_SESSION['m_mark_biblio']) > 0) {
$_ids = '';
foreach ($_SESSION['m_mark_biblio'] as $_biblio) {
$_ids .= (integer)$_biblio.',';
}
$_ids = substr_replace($_ids, '', -1);
$_criteria = "b.biblio_id IN ($_ids)";
}
$_loan_list->setSQLCriteria($_criteria);
$_loan_list->column_width[0] = '5%';
$_loan_list->modifyColumnContent(0, '');
// set table and table header attributes
$_loan_list->table_attr = 'align="center" class="memberBasketList" cellpadding="5" cellspacing="0"';
$_loan_list->table_header_attr = 'class="dataListHeader" style="font-weight: bold;"';
$_loan_list->using_AJAX = false;
// return the result
$_result = '";
return $_result;
}
/*
* Function to show membership detail of logged in member
*
* @return string
*/
function showMemberDetail()
{
// show the member information
$_detail = '
'."\n";
// member notes and pending information
if ($_SESSION['m_membership_pending'] || $_SESSION['m_is_expired']) {
$_detail .= '
'."\n";
$_detail .= '
Notes
';
if ($_SESSION['m_is_expired']) {
$_detail .= '
'.__('Your Membership Already EXPIRED! Please extend your membership.').'
';
}
if ($_SESSION['m_membership_pending']) {
$_detail .= '
'.__('Membership currently in pending state, no loan transaction can be made yet.').'
';
}
$_detail .= '
';
$_detail .= '
'."\n";
}
$_detail .= '
'."\n";
$_detail .= '
'.__('Member Name').'
'.$_SESSION['m_name'].'
';
$_detail .= '
'.__('Member ID').'
'.$_SESSION['mid'].'
';
$_detail .= '
'."\n";
$_detail .= '
'."\n";
$_detail .= '
'.__('Member Email').'
'.$_SESSION['m_email'].'
';
$_detail .= '
'.__('Member Type').'
'.$_SESSION['m_member_type'].'
';
$_detail .= '
'."\n";
$_detail .= '
'."\n";
$_detail .= '
'.__('Register Date').'
'.$_SESSION['m_register_date'].'
';
$_detail .= '
'.__('Expiry Date').'
'.$_SESSION['m_expire_date'].'
';
$_detail .= '
'."\n";
$_detail .= '
'."\n";
$_detail .= '
'.__('Institution').'
'
.'
'.$_SESSION['m_institution'].'
';
$_detail .= '
'."\n";
$_detail .= '
'."\n";
return $_detail;
}
/* callback function to show overdue */
function showOverdue($obj_db, $array_data)
{
$_curr_date = date('Y-m-d');
if (simbio_date::compareDates($array_data[3], $_curr_date) == $_curr_date) {
return ''.$array_data[3].' '.__('OVERDUED').'';
} else {
return $array_data[3];
}
}
/*
* Function to show list of logged in member loan
*
* @param int number of loan records to show
* @return string
*/
function showLoanList($num_recs_show = 20)
{
global $dbs;
require SIMBIO.'simbio_GUI/table/simbio_table.inc.php';
require SIMBIO.'simbio_DB/datagrid/simbio_dbgrid.inc.php';
require SIMBIO.'simbio_GUI/paging/simbio_paging.inc.php';
require SIMBIO.'simbio_UTILS/simbio_date.inc.php';
// table spec
$_table_spec = 'loan AS l
LEFT JOIN member AS m ON l.member_id=m.member_id
LEFT JOIN item AS i ON l.item_code=i.item_code
LEFT JOIN biblio AS b ON i.biblio_id=b.biblio_id';
// create datagrid
$_loan_list = new simbio_datagrid();
$_loan_list->disable_paging = true;
$_loan_list->table_ID = 'loanlist';
$_loan_list->setSQLColumn('l.item_code AS \''.__('Item Code').'\'',
'b.title AS \''.__('Title').'\'',
'l.loan_date AS \''.__('Loan Date').'\'',
'l.due_date AS \''.__('Due Date').'\'');
$_loan_list->setSQLorder('l.loan_date DESC');
$_criteria = sprintf('m.member_id=\'%s\' AND l.is_lent=1 AND is_return=0 ', $_SESSION['mid']);
$_loan_list->setSQLCriteria($_criteria);
// modify column value
$_loan_list->modifyColumnContent(3, 'callback{showOverdue}');
// set table and table header attributes
$_loan_list->table_attr = 'align="center" class="memberLoanList" cellpadding="5" cellspacing="0"';
$_loan_list->table_header_attr = 'class="dataListHeader" style="font-weight: bold;"';
$_loan_list->using_AJAX = false;
// return the result
$_result = $_loan_list->createDataGrid($dbs, $_table_spec, $num_recs_show);
$_result = '
'."\n".$_result;
return $_result;
}
/* Experimental Loan History - start */
function showLoanHist($num_recs_show = 20)
{
global $dbs;
// table spec
$_table_spec = 'loan AS l
LEFT JOIN member AS m ON l.member_id=m.member_id
LEFT JOIN item AS i ON l.item_code=i.item_code
LEFT JOIN biblio AS b ON i.biblio_id=b.biblio_id';
// create datagrid
$_loan_hist = new simbio_datagrid();
$_loan_hist->disable_paging = true;
$_loan_hist->table_ID = 'loanhist';
$_loan_hist->setSQLColumn('l.item_code AS \''.__('Item Code').'\'',
'b.title AS \''.__('Title').'\'',
'l.loan_date AS \''.__('Loan Date').'\'',
'l.return_date AS \''.__('Return Date').'\'');
$_loan_hist->setSQLorder('l.loan_date DESC');
$_criteria = sprintf('m.member_id=\'%s\' AND l.is_lent=1 AND is_return=1 ', $_SESSION['mid']);
$_loan_hist->setSQLCriteria($_criteria);
// modify column value
#$_loan_hist->modifyColumnContent(3, 'callback{showOverdue}');
// set table and table header attributes
$_loan_hist->table_attr = 'align="center" class="memberLoanList" cellpadding="5" cellspacing="0"';
$_loan_hist->table_header_attr = 'class="dataListHeader" style="font-weight: bold;"';
$_loan_hist->using_AJAX = false;
// return the result
$_result = $_loan_hist->createDataGrid($dbs, $_table_spec, $num_recs_show);
$_result = '