Example #1
0
            $content .= 'allowedContent: true, });';
            $content .= 'CKEDITOR.config.height = 400;';
            $content .= '</script>';
            $content .= '<div class="row">';
            $content .= DialogInputsYesNo('edit', $_POST['type'], $ob_id, Language::Word('save'), Language::Word('cancel'));
            $content .= '</div>';
            $content .= '</form>';
            $title = Language::Word('report editing');
            $header = $title;
        }
    } else {
        if (!isset($_REQUEST['id'])) {
            echo 'user id is unset';
            exit;
        }
        $ob = Report::FetchBy(['eq_conds' => ['id' => $_REQUEST['id']], 'is_unique' => true]);
        $user_id = GetUserID();
        $user = User::FetchBy(['eq_conds' => ['id' => $user_id], 'is_unique' => true, 'select_list' => 'received_reports']);
        if ($user_id !== $ob->GetAuthorID() && !in_array($ob->GetID(), $user->GetReceivedReports()) && GetUserPrivileges() !== admin_user_id) {
            $content = AlertMessage('alert-danger', Language::Word('access denied'));
        } else {
            $title = '';
            $header = '';
            $content = '';
            $title = Language::Word('report');
            $header = htmlspecialchars($ob->GetName());
            $content = $ob->ToHTMLAutoFull(GetUserPrivileges());
        }
    }
}
include_once $link_to_admin_template;
Example #2
0
 public static function Delete($id)
 {
     global $db_connection;
     global $link_to_report_images;
     global $link_to_report_files;
     global $link_to_logo;
     $ob = Report::FetchBy(['select_list' => 'id, author_id', 'eq_conds' => ['id' => $id], 'is_unique' => true]);
     if (Error::IsError($ob)) {
         return $ob;
     }
     if (!$db_connection->query("DELETE FROM `" . self::$table . "` WHERE `id` = " . $id)) {
         echo $db_connection->error;
         return 0;
     } else {
         removeDirectory($link_to_report_images . $id);
         removeDirectory($link_to_report_files . $id);
         $sended = User::FetchBy(['select_list' => 'sended_reports', 'eq_conds' => ['id' => $ob->GetAuthorID()], 'is_unique' => true]);
         $new_sended = [];
         foreach ($sended->GetSendedReports() as $key => $repid) {
             if ($repid != $id) {
                 array_push($new_sended, $repid);
             }
         }
         $rc = $db_connection->query('UPDATE ' . User::$table . ' SET sended_reports = "' . $db_connection->real_escape_string(json_encode($new_sended)) . '" WHERE id = ' . $ob->GetAuthorID());
         if (!$rc) {
             return new Error($db_connection->error, Error::db_error);
         }
         $received = User::FetchBy(['select_list' => 'received_reports, id', 'where_addition' => '(received_reports LIKE ("%\\"' . $id . '\\"%"))']);
         if (Error::IsError($received)) {
             return $received;
         }
         foreach ($received as $key => $user) {
             $new_received = [];
             foreach ($user->GetReceivedReports() as $key => $repid) {
                 if ($repid != $id) {
                     array_push($new_received, $repid);
                 }
             }
             $rc = $db_connection->query('UPDATE ' . User::$table . ' SET received_reports = "' . $db_connection->real_escape_string(json_encode($new_received)) . '" WHERE id = ' . $user->GetID());
             if (!$rc) {
                 return new Error($db_connection->error, Error::db_error);
             }
         }
         return 0;
     }
 }
Example #3
0
<?php

$is_public = false;
include_once 'utility_lgmis_lib.php';
include_once $link_to_utility_authorization;
clear_tmp_files_dir(MyFile::$type, 0);
$perms = MyFile::perm_to_only_empls;
$user = User::FetchBy(['select_list' => 'position', 'eq_conds' => ['id' => GetUserID()], 'is_unique' => true]);
if ($user->GetPositionNum() == NotEmployeeNum) {
    $perms = MyFile::perm_to_all_registered;
}
$header = '';
$content = '';
$footer = '';
if ($perms > MyFile::perm_to_all_registered) {
    $head_addition = '<script type="text/javascript" src="js/files_upload.js"></script>';
}
$head_addition .= '<script type="text/javascript" src="js/file_manager.js"></script>';
$head_addition .= MakeScript('files_type="' . MyFile::$type . '"; author_id=' . GetUserID() . '; max_files=10; files_action="add";');
$content .= '<div style="display: table; width: 100%; height: 80%;">';
$content .= '<div class="row" style="height: 100%; display: table-row;">';
$col_width = 8;
if ($perms <= MyFile::perm_to_all_registered) {
    $col_width = 12;
}
$content .= '<div class="' . ColAllTypes($col_width) . ' modal-open" style="border: 3px solid #dadada; display: table-cell; float: none;">';
$content .= '<ol class="breadcrumb" id="current_manager_path" align="left">';
$content .= '<li><a href="#" onclick="goUpDir(0);">Home</a></li>';
$content .= '</ol>';
$content .= '<div class="row" id="files_place"></div>';
$content .= '<div id="file_backdrop_area" align="center"></div>';
Example #4
0
         $content = AlertMessage('alert-danger', Language::Word('access denied'));
         break;
     }
 }
 if ($content_type === 'received_reps') {
     $title .= ' :' . Language::Word('received reports');
 } else {
     if ($content_type === 'sended_reps') {
         $title .= ' :' . Language::Word('sended reports');
     } else {
         $title .= ' :' . Language::Word('all reports');
     }
 }
 $header = $title;
 $reports = array();
 $user = User::FetchBy(['select_list' => 'id, received_reports, sended_reports', 'eq_conds' => ['id' => GetUserID()], 'is_unique' => true]);
 $size = 0;
 $received = array();
 $sended = array();
 if ($content_type === 'received_reps') {
     $received = $user->GetReceivedReports();
     $size = count($received);
 } else {
     if ($content_type === 'sended_reps') {
         $sended = $user->GetSendedReports();
         $size = count($sended);
     } else {
         $size = Report::GetCount();
     }
 }
 if ($size) {
Example #5
0
<?php

$is_public = true;
include_once 'utility_lgmis_lib.php';
include_once $link_to_utility_authorization;
if (isset($_POST['id']) && isset($_GET['id']) && $_POST['id'] !== $_GET['id']) {
    $content = AlertMessage('alert-danger', 'Неоднозначные id');
} else {
    $user = User::FetchBy(['eq_conds' => ['id' => $_REQUEST['id']], 'is_unique' => true]);
    $header = '';
    $content = '';
    $footer = '';
    $header_type = 'h3';
    $title = Language::Translit($user->GetSurname() . ' ' . $user->GetName() . ' ' . $user->GetFathername());
    $header = htmlspecialchars(Language::Translit($user->GetSurname() . ' ' . $user->GetName() . ' ' . $user->GetFathername()));
    $content .= '<div class="row" align="center">';
    $content .= '<div class="' . ColAllTypes(4) . '"><img src="' . Link::Get($user->GetPathToPhoto()) . '" class="img-avatar"></div>';
    $content .= '<div class="' . ColAllTypes(8) . '">';
    $content .= '<br><div class="row" align="center">';
    $content .= '<div class="' . ColAllTypes(6) . '" align="right"><font color="grey">' . Language::Word('position') . ':</font></div>';
    $content .= '<div class="' . ColAllTypes(6) . '" align="left">' . $user->GetPosition() . '</div>';
    $content .= '</div>';
    $articles = Article::FetchCountOf(['where' => 'author_id = ' . $user->GetID()]);
    $content .= '<div class="row" align="center">';
    $content .= '<div class="' . ColAllTypes(6) . '" align="right"><font color="grey">' . Language::Word('news published') . ':</font></div>';
    $content .= '<div class="' . ColAllTypes(6) . '" align="left">' . $articles . '</div>';
    $content .= '</div>';
    $content .= '<hr>';
    $content .= ToPageHeader(Language::PublicMenu('contacts'), 'h4', 'grey');
    $content .= '<div class="row" align="center">';
    $content .= '<div class="' . ColAllTypes(6) . '" align="right"><font color="grey">' . Language::Word('mail') . ':</font></div>';
<?php

include_once 'utility_lgmis_lib.php';
//Проверка авторизационных данных
if (isset($_POST['exit'])) {
    session_unset();
    session_destroy();
    echo Language::Word('you logout') . '<br>';
    echo OnStartAdminPage();
    exit;
}
if (isset($_POST['login']) && !isset($_POST['name'])) {
    if (isset($_POST['enter'])) {
        if (isset($_POST['login'])) {
            if (isset($_POST['password'])) {
                $user = User::FetchBy(['select_list' => 'login, password', 'eq_conds' => ['login' => $_POST['login']], 'is_unique' => true]);
                if (!password_verify($_POST['password'], $user->GetPassword())) {
                    echo Language::Word('incorrect password') . '<br>' . OnStartAdminPage();
                    exit;
                }
                $_SESSION['user_login'] = $user->GetLogin();
            } else {
                echo Language::Word('it was not succeeded to be authorized') . '<br>' . OnStartAdminPage();
                exit;
            }
        } else {
            echo Language::Word('it was not succeeded to be authorized') . '<br>' . OnStartAdminPage();
            exit;
        }
    } else {
        echo 'Ошибка 1';
Example #7
0
 public function ToHTMLUserPrivateShortInTable()
 {
     global $content_types_full;
     $res = '<tr>';
     $res .= '<td>' . htmlspecialchars($this->name) . '</td>';
     $res .= '<td>' . User::FetchBy(['eq_conds' => ['id' => $this->author_id], 'select_list' => 'id, name, surname', 'is_unique' => true])->LinkToThis() . '</td>';
     $res .= '<td>' . date('d : m : Y - H : i', $this->creating_date) . '</td>';
     $res .= '<td>' . htmlspecialchars($content_types_full[$this->role]) . '</td>';
     $res .= '<td>';
     $res .= '<div class="row">';
     $res .= '<div class="' . ColAllTypes(4) . '">';
     $res .= $this->ToHTMLFullVers();
     $res .= '</div>';
     $res .= '<div class="' . ColAllTypes(4) . '">';
     $res .= $this->ToHTMLEdit();
     $res .= '</div>';
     $res .= '<div class="' . ColAllTypes(4) . '">';
     $res .= $this->ToHTMLDel();
     $res .= '</div>';
     $res .= '</div>';
     $res .= '</td>';
     $res .= '</tr>';
     return $res;
 }
Example #8
0
 public function ToJSON($needed = array('id', 'author_id', 'name', 'annotation', 'creating_date', 'path_to_image', 'text_block'))
 {
     $res = array();
     if (in_array('id', $needed)) {
         $res['id'] = $this->id;
     }
     if (in_array('author_id', $needed)) {
         $res['author_id'] = $this->author_id;
     }
     if (in_array('author_link', $needed)) {
         $res['author_link'] = User::FetchBy(['eq_conds' => ['id' => $this->author_id], 'select_list' => 'id, name, surname', 'is_unique' => true])->LinkToThis('btn-sm');
     }
     if (in_array('name', $needed)) {
         $res['name'] = $this->name;
     }
     if (in_array('annotation', $needed)) {
         $res['annotation'] = $this->annotation;
     }
     if (in_array('creating_date', $needed)) {
         $res['creating_date'] = $this->creating_date;
     }
     if (in_array('path_to_image', $needed)) {
         $res['path_to_image'] = $this->path_to_image;
     }
     if (in_array('text_block', $needed)) {
         $res['text_block'] = $this->text_block;
     }
     if (in_array('full_vers_link', $needed)) {
         $res['full_vers_link'] = $this->ToHTMLFullVers(true);
     }
     return json_encode($res);
 }
Example #9
0
 public function ToHTMLUserPrivateShortInTable()
 {
     $author_login = User::FetchBy(['eq_conds' => ['id' => $this->author_id], 'select_list' => 'login', 'is_unique' => true])->GetLogin();
     $res = '';
     $res .= '<div class="row">';
     $res .= '<div class="' . ColAllTypes(1) . '"></div>';
     $res .= '<div class="' . ColAllTypes(10) . '">';
     $res .= '<div class="panel panel-default"><div class="panel-body">';
     $res .= '<div class="panel panel-default">';
     $res .= '<div class="panel-heading" role="tab" id="' . $this->id . '">';
     $res .= '<div class="panel-title">';
     $res .= '<a data-toggle="collapse" data-parent="#accordion" href="#collapse' . $this->id . '" aria-expanded="false" aria-controls="collapse' . $this->id . '" class="collapsed">';
     if (GetUserLogin() === $author_login || GetUserLogin() === 'admin') {
         $res .= '<div class="row">';
         $res .= '<div class="' . ColAllTypes(7) . '">';
     }
     $res .= ToPageHeader(htmlspecialchars($this->name), 'h3', 'black');
     if (GetUserLogin() === $author_login || GetUserLogin() === 'admin') {
         $res .= '</div>';
         $res .= '<div class="' . ColAllTypes(5) . '">';
         $res .= ToPageHeader(Language::Word('rank') . ': ' . $this->priority, 'h4', 'grey');
         $res .= '</div>';
         $res .= '</div>';
     }
     $res .= '</a>';
     $res .= '</div>';
     $res .= '</div>';
     $res .= '<div id="collapse' . $this->id . '" class="panel-collapse collapse" role="tabpanel" aria-labelledby="' . $this->id . '" style="height: 0px;" aria-expanded="false">';
     $res .= '<div class="panel-body">';
     $res .= $this->text_block;
     $res .= '</div>';
     $res .= '</div>';
     $res .= '</div>';
     if (GetUserLogin() === $author_login || GetUserLogin() === 'admin') {
         $res .= '<div class="row">';
         $res .= '<div class="' . ColAllTypes(4) . '" align="right">';
         $res .= $this->ToHTMLEdit();
         $res .= '</div>';
         $res .= '<div class="' . ColAllTypes(4) . '" align="center">';
         $res .= $this->ToHTMLDel();
         $res .= '</div>';
         $res .= '<div class="' . ColAllTypes(4) . '" align="left">';
         $res .= $this->ToHTMLAddLanguage();
         $res .= '</div>';
         $res .= '</div>';
     }
     $res .= '</div></div>';
     $res .= '</div>';
     $res .= '</div>';
     return $res;
 }
Example #10
0
 public function ToHTMLUserPrivateShortInTable()
 {
     $author = User::FetchBy(['eq_conds' => ['id' => $this->author_id], 'select_list' => 'id, name, surname, login', 'is_unique' => true]);
     $res = '<tr>';
     $res .= '<td>' . htmlspecialchars($this->name) . '</td>';
     $res .= '<td>' . date('d : m : Y - H : i', $this->creating_date) . '</td>';
     $res .= '<td>' . $author->LinkToThis() . '</td>';
     $res .= '<td>';
     $res .= '<div class="row">';
     if (GetUserLogin() === $author->GetLogin() || GetUserLogin() === 'admin') {
         $res .= '<div class="' . ColAllTypes(4) . '">';
     } else {
         $res .= '<div class="' . ColAllTypes(12) . '">';
     }
     $res .= $this->ToHTMLFullVers();
     $res .= '</div>';
     if (GetUserLogin() === $author->GetLogin() || GetUserLogin() === 'admin') {
         $res .= '<div class="' . ColAllTypes(4) . '">';
         $res .= $this->ToHTMLEdit();
         $res .= '</div>';
         $res .= '<div class="' . ColAllTypes(4) . '">';
         $res .= $this->ToHTMLDel();
         $res .= '</div>';
     }
     $res .= '</div>';
     $res .= '</td>';
     $res .= '</tr>';
     return $res;
 }
Example #11
0
    ?>
                <li>
                    <form class="navbar-form navbar-left" method="post" action=<?php 
    echo '"' . $link_to_admin_user . '"';
    ?>
 >
                        <input class="btn btn-default" name="full" type="submit" value=<?php 
    echo '"' . Language::Word('my page') . '"';
    ?>
 >
                        <input type="hidden" name="type" value=<?php 
    echo '"' . User::$type . '"';
    ?>
 >
                        <input type="hidden" name="id" value=<?php 
    echo '"' . User::FetchBy(['eq_conds' => ['login' => $_SESSION['user_login']], 'select_list' => 'id', 'is_unique' => true])->GetID() . '"';
    ?>
 >
                        <input type="hidden" name="prev_page" value=<?php 
    echo '"' . $_SERVER['REQUEST_URI'] . '"';
    ?>
 >
                    </form>
                </li>
                <li>
                    <form class="navbar-form navbar-left dropdown" method="post" action="">
                        <div class="input-group">
                            <input style="min-width: 300px;" id="glob_search_input" placeholder=<?php 
    echo '"' . Language::Word('start to insert something') . '"';
    ?>
 onkeyup="showGlobalSearch(this);" class="form-control" aria-haspopup="true" name="search" type="text">
Example #12
0
 public function InsertToDB()
 {
     global $db_connection;
     $res = User::FetchBy(['eq_conds' => ['login' => $this->login], 'select_list' => 'id', 'is_unique' => true]);
     if (!Error::IsError($res)) {
         self::$last_error = Language::Word('user with such login already exists');
         return false;
     }
     $name_tmp = $db_connection->real_escape_string($this->name);
     $surname_tmp = $db_connection->real_escape_string($this->surname);
     $fathername_tmp = $db_connection->real_escape_string($this->fathername);
     $login_tmp = $db_connection->real_escape_string($this->login);
     $email_tmp = $db_connection->real_escape_string($this->email);
     $telephone_tmp = $db_connection->real_escape_string($this->telephone);
     $text_tmp = $db_connection->real_escape_string($this->text);
     $res = $db_connection->query("INSERT INTO `register_requests`\r\n\t\t\t\t(`name`, `surname`, `fathername`, `login`, `password`, `request_time`, `email`, `telephone`, `text`)\r\n\t\t\t\tVALUES\r\n\t\t\t\t('" . $name_tmp . "', '" . $surname_tmp . "', '" . $fathername_tmp . "',\r\n\t\t\t\t\t'" . $login_tmp . "', '" . password_hash($this->password, PASSWORD_DEFAULT) . "', CURRENT_TIMESTAMP, '" . $email_tmp . "', '" . $telephone_tmp . "',\r\n\t\t\t\t\t'" . $text_tmp . "')");
     if (!$res) {
         self::$last_error = $db_connection->error;
         return false;
     }
     return true;
 }
Example #13
0
    $content .= '<div class="row">';
    $content .= '<div class="' . ColAllTypes(2) . '"></div>';
    $content .= '<div class="' . ColAllTypes(8) . ' center-block">';
    $content .= '<table class="table table-striped text-center">';
    $content .= '<thead>';
    $content .= '<tr>';
    $content .= '<th class="text-center">' . Language::Word('name') . '</th>';
    $content .= '<th class="text-center">' . Language::Word('surname') . '</th>';
    $content .= '<th class="text-center">' . Language::Word('position') . '</th>';
    $content .= '<th class="text-center">' . Language::Word('actions') . '</th>';
    $content .= '</tr>';
    $content .= '</thead>';
    $content .= '<tbody>';
    $from = -1;
    $to = -1;
    require $link_to_pagination_init_template;
    $users = User::FetchBy(['limit' => $count, 'offset' => $from]);
    for ($i = 0; $i < $count; ++$i) {
        $content .= $users[$i]->ToHTMLAutoShortForTable(GetUserPrivileges());
    }
    $content .= '</tbody>';
    $content .= '</table>';
    $content .= '</div>';
    $content .= '</div>';
    $pagination = '';
    require $link_to_pagination_show_template;
    $content .= $pagination;
} else {
    $content = AlertMessage('alert-danger', Language::Word('error') . ': ' . User::$last_error);
}
require $link_to_admin_template;
         default:
             break;
     }
     break;
 case 'info':
     switch ($_REQUEST['type']) {
         case MyFile::$type:
             $optional_data = json_decode($_REQUEST['optional_data']);
             $dir = $optional_data->cur_directory;
             $dirstr = '';
             for ($i = 0, $size = count($dir); $i < $size; ++$i) {
                 $dirstr .= $dir[$i] . '/';
             }
             $my_rights = MyFile::perm_to_all_registered;
             $author_id = GetUserID();
             $iam = User::FetchBy(['select_list' => 'position', 'eq_conds' => array('id' => $author_id), 'is_unique' => true]);
             if (Error::IsError($iam)) {
                 $content = json_encode(['error' => Error::ToString($obs)]);
                 break;
             }
             if ($iam->GetPositionNum() != NotEmployeeNum) {
                 $my_rights = MyFile::perm_to_only_empls;
             }
             $obs = MyFile::FetchBy(['select_list' => 'id, name, is_directory, path_to_file, owner_id, permissions', 'order_by' => 'is_directory DESC, name', 'special' => ['file_type', 'link_to_download', 'link_to_delete', 'link_to_edit', 'link_to_link_to_download'], 'eq_conds' => ['path_to_file' => json_encode($dir)], 'is_assoc' => true, 'where_addition' => 'permissions <= ' . $my_rights]);
             if (Error::IsError($obs)) {
                 $content = json_encode(["error" => Error::ToString($obs)]);
                 break;
             }
             $content = json_encode($obs);
             break;
         default: