function checkHotels($userId, $hotels)
{
if (isSuperUser($userId) || isManager($userId)) {
return $hotels;
}
$db = JFactory::getDBO();
$query = "SELECT b.hotel_id\r\n\t\t\t\t FROM #__users a,\r\n\t\t\t\t\t\t#__hotelreservation_user_hotel_mapping b\r\n\t\t\t\t\tWHERE a.id=b.user_id\r\n\t\t\t\t\t\t and a.id=" . $userId;
$db->setQuery($query);
$userHotels = $db->loadColumn();
if (count($userHotels) == 0) {
return null;
}
for ($i = 0, $a = count($hotels); $i < $a; $i++) {
$hotel = $hotels[$i];
if (!in_array($hotel->hotel_id, $userHotels) > 0) {
unset($hotels[$i]);
}
}
return $hotels;
}
'left fc-150',
'left fc-150',
'left fc-100',
'left fc-100',
'left fc-120',
'left fc-dates',
'left fc-16',
'left fc-16',
'',
),
);
*/
if (isAdmin()) {
$parent = '';
} elseif (isManager() or isGridManager()) {
$parent = 'AND needy.user_parent = ' . CUSER;
/*elseif(isGridManager()) :
$children = array();
foreach(listData('users', 'user_acctype = 1 AND user_active = 1 AND user_parent = '.CUSER) as $child) $children[] = 'needy.user_parent = '.$child['user_id'];
$parent = 'AND (('.implode(' OR ', $children).') OR needy.user_parent_ta = '.CUSER.')';*/
}
getSort('need_id');
$where = 'SELECT need_id, need_name, cat_name, user_fname, user_lname, user_orgname, need_expires, need_desc, need_regdate, a.deleted AS deleted FROM (SELECT need_id, need_name, cat_name, need_type, need_needy, need_expires, need_desc, need_regdate, needs.deleted AS deleted FROM needs LEFT JOIN cats ON needs.need_cat = cats.cat_id WHERE needs.need_type=' . subpage() . ' AND needs.need_full=0) a LEFT JOIN needy ON a.need_needy = needy.user_id WHERE a.need_type=' . subpage() . ' ' . $parent . ' ORDER BY ' . $getsort . $getorder;
/*
$sortby = array(0 => 'need_id', 1 => 'need_name', 2 => 'cat_name', 3 => 'user_fname', 4 => 'user_lname', 5 => 'user_orgname', 6 => 'need_regdate');*/
formatTable(listData(false, false, pageNum(), $where), $tablefields, $tablehead, $sortby, true, 'nomargin');
pagination(countData(false, false, $where));
$poreikis = array(1 => 'darbo', 2 => 'daikto');
?>
?>
</select><br>
<?php
}
?>
<input type="submit" value="Sukurti" name="newuser" />
</form>
<?php
return;
}
$us = $_GET['user'];
if (countData('needy', "user_id = '{$us}'") == 0) {
err('Toks vartotojas neegzistuoja', 'red');
return;
}
if (isManager() and countData('needy', "user_parent = " . CUSER . " AND user_id = '{$us}'") == 0) {
err('Neturite teisės keisti šio vartotojo duomenis', 'red');
return;
}
if (isGridManager()) {
$children = array();
foreach (listData('users', 'user_acctype = 1 AND user_active = 1 AND user_parent = ' . CUSER) as $child) {
$children[] = 'user_parent = ' . $child['user_id'];
}
$parent = '(' . implode(' OR ', $children) . ')';
if (countData('needy', "(({$parent}) OR user_parent = " . CUSER . " OR user_parent_ta = " . CUSER . ") AND user_id = '{$us}'") == 0) {
err('Neturite teisės keisti šio vartotojo duomenis', 'red');
return;
}
}
// Edit
<?php
if ($login->isUserLoggedIn() == false) {
return;
}
if (!isGridManager()) {
return;
}
if (isAction('salinti') and getParam()) {
if (isManager() and countData('needy', "user_parent = " . CUSER . " AND user_id = '" . getParam() . "'") == 0) {
err('Neturite teisės keisti šio vartotojo duomenis', 'red');
return;
}
if (isGridManager()) {
$children = array();
foreach (listData('users', 'user_acctype = 1 AND user_active = 1 AND user_parent = ' . CUSER) as $child) {
$children[] = 'user_parent = ' . $child['user_id'];
}
$parent = '(' . implode(' OR ', $children) . ')';
if (countData('needy', "(({$parent}) OR user_parent_ta = " . CUSER . ") AND user_id = '" . getParam() . "'") == 0) {
err('Neturite teisės keisti šio vartotojo duomenis', 'red');
return;
}
}
$row = getRow('needy', 'user_id = ' . getParam());
$act = $row['deleted'];
$act = !$act;
if (isset($_POST['reason']) or $act == 0) {
updateFieldWhere('needy', 'deleted', $act, 'user_id = ' . getParam());
if (isset($_POST['reason']) and ($_POST['reason'] == 1 or $_POST['reason'] == 2 or $_POST['reason'] == 3)) {
updateFieldWhere('needy', 'delreason', $_POST['reason'], 'user_id = ' . getParam());
<small>Slaptažodis</small><br>
<input id="user_password" type="password" name="user_password" autocomplete="off" required />
</div>
<input type="hidden" id="user_rememberme" name="user_rememberme" value="1" />
<input type="submit" name="login" value="Prisijungti" />
</form>
<?php
}
?>
</div>
<?php
if (isset($login) and $login->isUserLoggedIn() == true) {
?>
<?php
if (isAdmin() or isManager() or isGridManager()) {
?>
<form class="srchform" action="" method="GET">
Paieška <input type="text" value="<?php
if (isset($_GET['srch'])) {
echo $_GET['srch'];
}
?>
" name="srch" />
<input type="hidden" value="search" name="p" />
</form>
<?php
}
?>
<ul class="menulist">
<?php
<?php
if ($login->isUserLoggedIn() == false) {
return;
}
if (!isAdmin() and !isManager() and !isGridManager()) {
return;
}
$tablefields = array('obj_type', 'obj_name', 'obj_desc', array('convArray' => array(array('obj_type', 'obj_id'), 'getSearchLink')), 'null');
$tablehead = array('titles' => array('Tipas', 'Rezultatas', 'Kita informacija', '', ''), 'columns' => array('left fc-150', 'left fc-150', 'left fc-300', 'left fc-16', ''));
$term = isset($_GET['srch']) ? $_GET['srch'] : '';
if ($term == '' or strlen($term) < 3) {
err('Per trumpa paieškos užklausa');
return;
}
getSort('obj_id');
$where = "\n\tSELECT user_id AS obj_id, 'Vartotojas' AS obj_type, CONCAT(user_fname, ' ', user_lname, ' ', user_orgname) AS obj_name, CONCAT('Paskyros vardas: ', user_name,', el. paštas: ', user_email, ', telefonas: ', user_phone) AS obj_desc FROM users WHERE user_name LIKE ('%{$term}%') OR user_fname LIKE ('%{$term}%') OR user_lname LIKE ('%{$term}%') OR user_orgname LIKE ('%{$term}%') OR user_phone LIKE ('%{$term}%') OR user_email LIKE ('%{$term}%')\n\tUNION\n\tSELECT user_id AS obj_id, 'Stokojantysis' AS obj_type, CONCAT(user_fname, ' ', user_lname, ' ', user_orgname) AS obj_name, CONCAT('El. paštas: ', user_email, ', telefonas: ', user_phone) AS obj_desc FROM needy WHERE user_fname LIKE ('%{$term}%') OR user_lname LIKE ('%{$term}%') OR user_orgname LIKE ('%{$term}%') OR user_phone LIKE ('%{$term}%') OR user_email LIKE ('%{$term}%')\n\tUNION\n\tSELECT need_id AS obj_id, 'Dovanotojas/geradarys' AS obj_type, CONCAT(user_fname, ' ', user_lname) AS obj_name, CONCAT('El. paštas: ', user_email, ', telefonas: ', user_phone) AS obj_desc FROM needs WHERE user_fname LIKE ('%{$term}%') OR user_lname LIKE ('%{$term}%') OR user_phone LIKE ('%{$term}%') OR user_email LIKE ('%{$term}%')\n\tUNION\n\tSELECT need_id AS obj_id, 'Daiktas/darbas' AS obj_type, need_name AS obj_name, need_desc AS obj_desc FROM needs WHERE need_name LIKE ('%{$term}%')\n\t";
$sortby = false;
formatTable(listData(false, false, pageNum(), $where), $tablefields, $tablehead, $sortby, true, 'nomargin');
pagination(countData(false, false, $where));
/**
* Method to build an SQL query to load the list data.
*
* @return string An SQL query
*
* @since 1.6
*/
protected function getListQuery()
{
// Create a new query object.
$db = $this->getDbo();
$query = $db->getQuery(true);
// Select all fields from the table.
$query->select($this->getState('list.select', 'c.confirmation_id,c.hotel_id, c.start_date, c.end_date, c.first_name,c.cancellation_notes ,
c.last_name, c.reservation_status, c.voucher, c.created, c.adults, c.children,c.rooms, c.total'));
$query->from($db->quoteName('#__hotelreservation_confirmations') . ' AS c');
$query->select('h.hotel_name');
$query->join('LEFT', '#__hotelreservation_hotels AS h ON c.hotel_id=h.hotel_id');
$query->select(' sum(cr.adults) as total_adults,sum(cr.adults) as total_children');
$query->join('LEFT', '#__hotelreservation_confirmations_rooms AS cr ON c.confirmation_id=cr.confirmation_id');
$query->select('s.status_reservation_name, s.bkcolor, s.color, s.is_modif');
$query->join('LEFT', '#__hotelreservation_status_reservation AS s ON c.reservation_status=s.status_reservation_id');
$query->select('min(cp.payment_status) as payment_status, (cp.amount) as amount_paid');
$query->join('LEFT', '#__hotelreservation_confirmations_payments as cp on c.confirmation_id= cp.confirmation_id');
//if other than super user restrict hotels
$userId = JFactory::getUser()->id;
if (!(isSuperUser($userId) || isManager($userId))) {
$query->join('INNER', $db->quoteName('#__hotelreservation_user_hotel_mapping') . ' AS hum ON h.hotel_id=hum.hotel_id');
$query->where("hum.user_id = " . $userId);
}
// Filter by search in title.
$search = $this->getState('filter.search');
if (!empty($search)) {
if (is_numeric($search)) {
$query->where("c.confirmation_id={$search}");
} else {
$query->where("(c.first_name LIKE '%{$search}%' or c.last_name LIKE '%{$search}%' or h.hotel_name LIKE '%{$search}%')");
}
}
// Filter by search in title.
$searchVoucher = $this->getState('filter.voucher');
if (!empty($searchVoucher)) {
//dmp($searchVoucher);
$query->where("c.voucher LIKE '%" . $searchVoucher . "%'");
}
$searchStartDate = $this->getState('filter.start_date');
$searchEndDate = $this->getState('filter.end_date');
if (!empty($searchEndDate) && !empty($searchStartDate)) {
$query->where("c.start_date between '" . JHotelUtil::convertToMysqlFormat($searchStartDate) . "' and '" . JHotelUtil::convertToMysqlFormat($searchEndDate) . "'");
} else {
if (!empty($searchStartDate)) {
$query->where("c.start_date >= " . JHotelUtil::convertToMysqlFormat($searchStartDate));
}
}
// Filter the items over the menu id if set.
$hotelId = $this->getState('filter.hotel_id');
if (!empty($hotelId)) {
$query->where('h.hotel_id = ' . $hotelId);
}
// Filter the items over the menu id if set.
$roomId = $this->getState('filter.room_type');
if (!empty($roomId)) {
$query->where('cr.room_id = ' . $roomId);
}
// Filter the items over the menu id if set.
$status = $this->getState('filter.status');
if (!empty($status)) {
$query->where('s.status_reservation_id = ' . $status);
}
// Filter the items over the menu id if set.
$payment_status = $this->getState('filter.payment_status');
if ($payment_status != -1 && $payment_status != "") {
$query->where('cp.payment_status = ' . $db->quote($payment_status));
}
$query->group('c.confirmation_id');
// Add the list ordering clause.
$query->order($db->escape($this->getState('list.ordering', 'c.confirmation_id')) . ' ' . $db->escape($this->getState('list.direction', 'ASC')));
return $query;
}
function theMenu()
{
$menu = array();
if (isCustom()) {
$menu = array();
if (haveRight(0)) {
$menu[] = array('need', 'Poreikiai', '1');
}
if (haveRight(1)) {
$menu[] = array('thing', 'Darbai', '1');
}
if (haveRight(2)) {
$menu[] = array('thingd', 'Geradariai', '1');
}
if (haveRight(3)) {
$menu[] = array('needy', 'Stokojantieji / pagalbos gavėjai');
}
if (haveRight(4)) {
$menu[] = array('stats', 'Statistika');
}
if (haveRight(5)) {
$menu[] = array('atsarg', 'Atsarginė duomenų kopija');
}
if (haveRight(7)) {
$menu[] = array('hefo', 'Antraštės ir poraštės');
}
if (haveRight(6)) {
$menu[] = array('pages', 'Statiniai puslapiai');
}
if (haveRight(8)) {
$menu[] = array('blogpages', 'Naujienos');
}
}
if (isManager()) {
$menu = array(array('home', 'Pradžia'), array('head' => 'PAGALBADAIKTAIS.LT'), array('need', 'Poreikiai', '2'), array('thing', 'Daiktai', '2'), array('head' => 'PAGALBADARBAIS.LT'), array('need', 'Poreikiai', '1'), array('thing', 'Darbai', '1'), array('head' => 'Bendri duomenys'), array('needy', 'Stokojantieji ir paslaugų gavėjai'), array('colleagues', 'Kolegų kontaktai'));
}
if (isGridManager()) {
$menu = array(array('home', 'Pradžia'), array('head' => 'PAGALBADAIKTAIS.LT'), array('need', 'Poreikiai', '2'), array('thing', 'Daiktai', '2'), array('head' => 'PAGALBADARBAIS.LT'), array('need', 'Poreikiai', '1'), array('thing', 'Darbai', '1'), array('head' => 'Bendri duomenys'), array('needy', 'Stokojantieji ir paslaugų gavėjai'), array('users', 'Kuratoriai', '1'), array('colleagues', 'Kolegų kontaktai'), array('head' => 'MANO KURATORIŲ DUOMENYS'), array('needyman', 'Stokojantieji'), array('needman', 'pagalbadaiktais.lt poreikiai', '2'), array('thingman', 'Daiktai', '2'), array('needman', 'pagalbadarbais.lt poreikiai', '1'), array('thingman', 'Darbai', '1'));
}
if (isAdmin()) {
$menu = array(array('home', 'Pradžia'), array('head' => 'PAGALBADAIKTAIS.LT'), array('need', 'Poreikiai', '2'), array('thing', 'Daiktai', '2'), array('thingd', 'Dovanotojai', '2'), array('head' => 'PAGALBADARBAIS.LT'), array('need', 'Poreikiai', '1'), array('thing', 'Darbai', '1'), array('thingd', 'Geradariai', '1'), array('head' => 'Bendri duomenys'), array('edituser', 'Sukurti / keisti vartotojo paskyrą'), array('users', 'Dovanotojai / geradariai', '0'), array('users', 'Kuratoriai', '1'), array('users', 'Tinklo atstovai', '2'), array('users', 'Administratoriai', '3'), array('needy', 'Stokojantieji / pagalbos gavėjai'), array('rights', 'Vartotojų grupės ir teisės'), array('fields', 'Matomi laukai'), array('allusers', 'Visi vartotojai'), array('stats', 'Statistika'), array('atsarg', 'Atsarginė duomenų kopija'), array('laiskai', 'Laiškų siuntimas'), array('head' => 'SVETAINIŲ TURINYS'), array('hefo', 'Antraštės ir poraštės'), array('pages', 'Statiniai puslapiai'), array('blogpages', 'Naujienos'));
}
if (CUSER == 1) {
$menu = array(array('home', 'Pradžia'), array('head' => 'INFORMACINĖ SISTEMA'), array('need', 'Poreikiai', '1'), array('thing', 'Darbai', '1'), array('thingd', 'Geradariai', '1'), array('edituser', 'Sukurti / keisti vartotojo paskyrą'), array('users', 'Dovanotojai / geradariai', '0'), array('users', 'Kuratoriai', '1'), array('users', 'Tinklo atstovai', '2'), array('users', 'Administratoriai', '3'), array('needy', 'Stokojantieji / pagalbos gavėjai'), array('rights', 'Vartotojų grupės ir teisės'), array('fields', 'Matomi laukai'), array('allusers', 'Visi vartotojai'), array('stats', 'Statistika'), array('atsarg', 'Atsarginė duomenų kopija'), array('laiskai', 'Laiškų siuntimas'), array('head' => 'SVETAINĖS TURINYS'), array('hefo', 'Antraštės ir poraštės'), array('pages', 'Statiniai puslapiai'), array('blogpages', 'Naujienos'));
}
foreach ($menu as $menuit) {
if (isset($menuit['head'])) {
echo '<li class="menuhead">' . $menuit['head'] . '</li>';
} else {
$class = '';
$allowed = array($menuit[0], 'edit' . $menuit[0], 'edit' . $menuit[0] . 's', 'cat' . $menuit[0], 'cat' . $menuit[0] . '1', 'cat' . $menuit[0] . '2', 'cat' . $menuit[0] . 's');
$allowed2 = array(rtrim($menuit[0], 's'), 'edit' . rtrim($menuit[0], 's'), 'edit' . $menuit[0]);
if ((in_array(page(), $allowed) or in_array(page(), $allowed2)) and !isset($menuit[2])) {
$class = 'class="current"';
}
if (in_array(page(), $allowed) and isset($menuit[2]) and ($menuit[2] == subpage() or isset($_GET['type']) and $menuit[2] == $_GET['type'])) {
$class = 'class="current"';
}
echo '<li><a href="?p=' . $menuit[0] . (isset($menuit[2]) ? '&subp=' . $menuit[2] : '') . '"' . $class . '>' . $menuit[1] . '</a></li>';
}
}
}
<?php
if ($login->isUserLoggedIn() == false) {
return;
}
if (!isGridManager() and !isManager()) {
return;
}
$tablefields = array(array('converter' => array('user_thumb', 'getThumb')), 'user_fname', 'user_lname', 'user_email', 'user_phone', array('converter' => array('user_city', 'getCountry')), 'null');
$tablehead = array('titles' => array('', 'Vardas', 'Pavardė', 'El. paštas', 'Telefonas', 'Savivaldybė', ''), 'columns' => array('left fc-30', 'left fc-75', 'left fc-100', 'left fc-200', 'left fc-100', 'left fc-125', ''));
$subpage = (subpage() == 1 or subpage() == 2) ? "user_acctype =" . subpage() : "(user_acctype = 1 OR user_acctype = 2)";
getSort('user_id');
$where = "SELECT * FROM users WHERE {$subpage} AND user_active = 1 ORDER BY " . $getsort . $getorder;
$sortby = array(1 => 'user_fname', 2 => 'user_lname', 3 => 'user_email', 4 => 'user_phone', 5 => 'user_city');
formatTable(listData(false, false, pageNum(), $where), $tablefields, $tablehead, $sortby, true, 'nomargin');
pagination(countData(false, false, $where));
?>
<br><br>
<form action="" method="GET">
<input type="hidden" name="p" value="colleagues" />
<select name="subp">
<option value="0"<?php
if (subpage() != 2 and subpage() != 1) {
echo 'selected="selected"';
}
?>
>Tinklo atstovai ir kuratoriai</option>
<option value="2"<?php
if (subpage() == 2) {
echo 'selected="selected"';
}
?>
">1 metai</option>
</select>
<br>
<input type="submit" value="Sukurti" name="newneed" />
</form>
<?php
return;
}
$us = $_GET['need'];
if (countData('needs', "need_id = '{$us}'") == 0) {
err('Toks poreikis neegzistuoja', 'red');
return;
}
if (isManager() and countData(false, false, "SELECT * FROM needs INNER JOIN needy ON needs.need_needy = needy.user_id WHERE needs.need_id = {$us} AND needy.user_parent = " . CUSER) == 0) {
err('Neturite teisės keisti šio poreikio duomenis', 'red');
return;
}
if (isGridManager()) {
$children = array();
foreach (listData('users', 'user_acctype = 1 AND user_active = 1 AND user_parent = ' . CUSER) as $child) {
$children[] = 'needy.user_parent = ' . $child['user_id'];
}
$parent2 = '((' . implode(' OR ', $children) . ') OR needy.user_parent_ta = ' . CUSER . ')';
if (countData(false, false, "SELECT * FROM needs INNER JOIN needy ON needs.need_needy = needy.user_id WHERE needs.need_id = {$us} AND " . $parent2) == 0) {
err('Neturite teisės keisti šio poreikio duomenis', 'red');
return;
}
}
// Edit
<?php
/**
*author:future
*/
require_once 'bk_base.php';
require_once 'qa_base.php';
require_once QA_INCLUDE_DIR . 'qa-db.php';
require_once QA_INCLUDE_DIR . 'qa-app-users.php';
$isManager = isManager();
if (!$isManager) {
// header('Location: ../');
// exit;
}
/**
*判断是否为超级管理员
*/
function isManager()
{
if (qa_get_logged_in_level() >= QA_USER_LEVEL_ADMIN) {
return true;
} else {
return false;
}
}
function deleteUser($userid)
{
require_once QA_INCLUDE_DIR . "db/users.php";
qa_db_user_delete($userid);
}
/**
