/**
*
* @param integer $id
* @return Spot
*/
static function getSpotById($id)
{
$spot = self::_getSpotById($id);
if ($spot == FALSE || $spot->user != User::getUID()) {
return NULL;
}
return $spot;
}
static function deleteSubscription()
{
if (($uid = User::getUID()) == NULL) {
throw new Exception("Użytkownik jest niezalogowany");
}
$conn = (new Database())->getConnection();
$stmt = $conn->prepare("DELETE FROM subscription WHERE user=? && id=?");
$stmt->execute(array($uid, $_POST["id"]));
}
static function getMenuById($id)
{
$conn = (new Database())->getConnection();
$stmt = $conn->prepare("SELECT * FROM spots WHERE id=?");
$stmt->execute(array($id));
/**
* @var Spot
*/
$menu = $stmt->fetchObject("Menu");
if ($menu == FALSE || $menu->user != User::getUID()) {
return NULL;
}
return $menu;
}
static function testUser()
{
$user = new User();
$logout = User::logout();
$_POST["user"] = self::generateRandomString();
$_POST["pass"] = self::generateRandomString();
$_POST["email"] = self::generateRandomString();
if ($register = User::createUser()) {
echo 'CREATE USER: <font color="green">Stworzono uzytkownika o id: ' . $register . ' Dane: ' . $_POST["user"] . ' Haslo: ' . $_POST["pass"] . '</font></br>';
} else {
echo 'CREATE USER: <font color="red">ERROR!</font>';
}
$login = User::login();
$id = User::getUID();
if ($login == true) {
echo 'LOGIN: <font color="green">Zalogowano, twoje UID: ' . $id . '</font></br>';
} else {
echo '<font color="red">LOGIN: ERROR!</font></br>';
return false;
}
if (User::checkLogin()) {
echo 'CHECK LOGIN: <font color="green">Zalogowany</font></br>';
} else {
echo 'CHECK LOGIN: <font color="red">Niezalogowany</font></br>';
return false;
}
if ($delete = User::deleteUser() == true) {
echo 'DELETE USER: <font color="green">Usunieto uzytkownika</font></br>';
} else {
echo 'DELETE USER: <font color="red">ERROR</font></br>';
return false;
}
User::logout();
if (!isset($_SESSION["uid"])) {
echo 'LOGOUT: <font color="green">Wylogowano!</font></br>';
} else {
echo 'LOGOUT: <font color="red">ERROR!</font></br>';
return false;
}
return true;
}
function addGroupMember()
{
$session = Session::singletone();
$db = Database::singletone()->db();
$uid = Utils::pg("uid", 0);
$gid = Utils::pg("gid", 0);
$login = Utils::pg("user-login", 0);
$this->_query->appendChild($this->_dom->createElement("group-id", $gid));
$this->_query->appendChild($this->_dom->createElement("user-id", $uid));
if (!empty($login)) {
$this->_query->appendChild($this->_dom->createElement("user-login", $login));
$uid = User::getUID($login);
}
if ($uid <= 0 || $gid <= 0) {
$this->error("bad-arguments");
return;
}
$group = new Group($gid);
$user = new User($uid);
if (!$session->checkPermAndLevelVal("add-group-members", $group->getLevel())) {
$this->error("permission-denied");
return;
}
$group->addMember($user);
$memb = $group->getMemberInfo($uid);
$member = $this->_dom->createElement("member");
$member->appendChild($this->_dom->createElement("user-id", $memb['user_id']));
$member->appendChild($this->_dom->createElement("user-login", $memb['user_login']));
$member->appendChild($this->_dom->createElement("user-name", $memb['user_name']));
$member->appendChild($this->_dom->createElement("user-title", $memb['user_title']));
$member->appendChild($this->_dom->createElement('addedby-id', $memb['addedby_id']));
$member->appendChild($this->_dom->createElement('addedby-login', $memb['addedby_login']));
$member->appendChild($this->_dom->createElement('addedby-name', $memb['addedby_name']));
$member->appendChild($this->_dom->createElement('addedby-title', $memb['addedby_title']));
$member->appendChild($this->_dom->createElement('add-time', Utils::formatTime($memb['add_time'], Config::getUser($session->uid(), 'datetime-format'))));
$member->appendChild($this->_dom->createElement('allow-remove', $session->checkPermAndLevel('remove-group-members', $memb['user_id'])));
$this->_response->appendChild($member);
$this->success();
}
/**
*
* @var Spot
*/
function validate()
{
return $_GET["sub"] == "spots" && isset($_GET["id"]) && $this->main->user == User::getUID();
}
public function UpdateUser(User $user = null)
{
if ($user == null || $user->getUID() == null) {
return false;
}
$props = array("UName" => $user->getUserName(), "UPass" => $user->getPassword(), "UEmail" => $user->getEmail(), "Session" => $user->getSession(), "FirstName" => $user->getFirstName(), "LastName" => $user->getLastName(), "Phone" => $user->getPhoneNumber(), "LastCheckInLocation" => $user->getLocation(), "Department" => $user->getDeparment(), "PayRate" => $user->getPayRate(), "Online" => $user->getActive(), "AccType" => $user->getAccountType(), "StatusID" => $user->getCurrentStatus(), "LastCheckIn" => $user->getLastActive(), "ManagerID" => $user->getManagerID(), "AccountVerified" => $user->getVerifStatus(), "IsManager" => $user->getIsManager());
foreach ($props as $k => $v) {
if ($v != null) {
if ($k == "IsManager") {
$_props[$k] = "{$v}";
} else {
if (gettype($v) == "string") {
$_props[$k] = "'" . $v . "', ";
} else {
$_props[$k] = "{$v}, ";
}
}
}
}
$cond = array("UID = " => $user->getUID());
$this->_dbAdapt->UStatement(DB_TBL_USER, $_props, $cond);
$tmp = $this->_dbAdapt->getLnk();
$tmp->query($this->_dbAdapt->getQry());
unset($tmp);
return true;
}
session_start();
include "include/config.php";
include "class/user.class.php";
require "resources/libs/class.phpmailer.php";
if (!isset($_GET["op"])) {
die(json_encode(array("status" => "ERROR", "msg" => "No tienes permitido hacer eso")));
}
if (isset($_SESSION["uid"])) {
$user = new User($_SESSION["uid"]);
} else {
$user = new User();
}
switch ($_GET["op"]) {
case "login":
if ($user->getUID()) {
die(json_encode(array("status" => "ERROR", "msg" => "No tienes permitido hacer eso")));
}
if (isset($_POST["username"]) && isset($_POST["password"]) && ($_POST["username"] != "" && $_POST["password"] != "")) {
if ($user->doLogin(htmlspecialchars($_POST["username"], ENT_QUOTES, 'UTF-8'), htmlspecialchars($_POST["password"], ENT_QUOTES, 'UTF-8'))) {
die(json_encode(array("status" => "OK", "data" => array("userid" => $user->getUID(), "sessionid" => $user->getSessionID()))));
} else {
die(json_encode(array("status" => "ERROR", "msg" => "El usuario/email o la contraseña no coinciden")));
}
} else {
die(json_encode(array("status" => "ERROR", "msg" => "El usuario/email y la contraseña no pueden estar en blanco")));
}
break;
case "register":
if ($user->getUID()) {
die(json_encode(array("status" => "ERROR", "msg" => "No tienes permitido hacer eso")));
