Beispiel #1
0
 private function _updateDetails()
 {
     // method to validate update details form fields
     if ($this->validateForm() === TRUE) {
         $update = array();
         // START: retrieve $_POST data if $_POST data is not same as existing customer library data
         $update['first_name'] = $this->input->post('first_name');
         $update['last_name'] = $this->input->post('last_name');
         $update['telephone'] = $this->input->post('telephone');
         $update['security_question_id'] = $this->input->post('security_question_id');
         $update['security_answer'] = $this->input->post('security_answer');
         $update['password'] = $this->input->post('new_password');
         $update['newsletter'] = $this->input->post('newsletter');
         $update['status'] = '1';
         // END: retrieve $_POST data if $_POST data is not same as existing customer library data
         if (!empty($update)) {
             // if update array is not empty then update customer details and display success message
             if ($this->Customers_model->saveCustomer($this->customer->getId(), $update)) {
                 log_activity($this->customer->getId(), 'updated', 'customers', get_activity_message('activity_updated_account', array('{customer}', '{link}'), array($this->customer->getName(), admin_url('customers/edit?id=' . $this->customer->getId()))));
                 if (!empty($update['password'])) {
                     log_activity($this->customer->getId(), 'updated', 'customers', get_activity_message('activity_changed_password', array('{customer}', '{link}'), array($this->customer->getName(), admin_url('customers/edit?id=' . $this->customer->getId()))));
                 }
                 $this->alert->set('alert', $this->lang->line('alert_updated_success'));
             }
             return TRUE;
         }
     }
 }
Beispiel #2
0
 public function index()
 {
     $this->lang->load('login');
     if ($this->user->islogged()) {
         redirect('dashboard');
     }
     $this->template->setTitle($this->lang->line('text_title'));
     $data['site_name'] = $this->config->item('site_name');
     $data['reset_url'] = site_url('login/reset');
     if ($this->input->post() and $this->validateLoginForm() === TRUE) {
         if (!$this->user->login($this->input->post('user'), $this->input->post('password'))) {
             // checks if form validation routines ran successfully
             $this->alert->set('danger', $this->lang->line('alert_username_not_found'));
             redirect('login');
         } else {
             log_activity($this->user->getStaffId(), 'logged in', 'staffs', get_activity_message('activity_logged_in', array('{staff}', '{link}'), array($this->user->getStaffName(), admin_url('staffs/edit?id=' . $this->user->getStaffId()))));
             if ($previous_url = $this->session->tempdata('previous_url')) {
                 $this->session->unset_tempdata('previous_url');
                 redirect($previous_url);
             }
             redirect(referrer_url());
         }
     }
     $this->template->setPartials(array('header', 'footer'));
     $this->template->render('login', $data);
 }
Beispiel #3
0
function auth()
{
    $id = mysql_escape_string($_POST['login']);
    $password = mysql_escape_string($_POST['password']);
    $query = mysql_query("SELECT * FROM tbl_auth WHERE id = '{$id}' and password ='{$password}' limit 1");
    if (mysql_num_rows($query) == 1) {
        $_SESSION['auth'] = "1";
        $_SESSION['id'] = $id;
        $_SESSION['name'] = get_agency_name($id);
        //this is the first time we use this function to pull the agency name.
        $_SESSION['ses_start'] = date('Y-m-d-h-i-s');
        $_SESSION['log_ip'] = $_SERVER['REMOTE_ADDR'];
        log_activity('login');
        load_index();
    } else {
        $error_message = 'Sorry, try again! (your ip address has been recorded)';
        // This is an example of a generic log entry
        $_SESSION['extra'] = $id;
        //we set the extra var to the attemped user id
        $_SESSION['log_ip'] = $_SERVER['REMOTE_ADDR'];
        //we record the ip address
        log_activity('failed login');
        //we use a string to id the activity and write the log
        //  end of logging
        show_login($error_message);
    }
    //echo $query;
}
Beispiel #4
0
 private function _addCustomer()
 {
     if ($this->validateForm() === TRUE) {
         $this->load->model('Customers_model');
         // load the customers model
         $this->load->model('Customer_groups_model');
         $add = array();
         // if successful CREATE an array with the following $_POST data values
         $add['first_name'] = $this->input->post('first_name');
         $add['last_name'] = $this->input->post('last_name');
         $add['email'] = $this->input->post('email');
         $add['password'] = $this->input->post('password');
         $add['telephone'] = $this->input->post('telephone');
         $add['security_question_id'] = $this->input->post('security_question');
         $add['security_answer'] = $this->input->post('security_answer');
         $add['newsletter'] = $this->input->post('newsletter');
         $add['terms_condition'] = $this->input->post('terms_condition');
         $add['customer_group_id'] = $this->config->item('customer_group_id');
         $add['date_added'] = mdate('%Y-%m-%d', time());
         $result = $this->Customer_groups_model->getCustomerGroup($this->config->item('customer_group_id'));
         if ($result['approval'] === '1') {
             $add['status'] = '0';
         } else {
             $add['status'] = '1';
         }
         if (!empty($add) and $customer_id = $this->Customers_model->saveCustomer(NULL, $add)) {
             // pass add array data to saveCustomer method in Customers model then return TRUE
             log_activity($customer_id, 'registered', 'customers', get_activity_message('activity_registered_account', array('{customer}', '{link}'), array($this->input->post('first_name') . ' ' . $this->input->post('last_name'), admin_url('customers/edit?id=' . $customer_id))));
             return TRUE;
         }
     }
 }
Beispiel #5
0
 /**
  * Create a Groups object.
  *
  * @return void
  */
 public function create()
 {
     $this->load->config('address');
     $this->load->helper('address');
     if (isset($_POST['save'])) {
         if ($insert_id = $this->save_groups()) {
             log_activity($this->auth->user_id(), lang('groups_act_create_record') . ': ' . $insert_id . ' : ' . $this->input->ip_address(), 'groups');
             Template::set_message(lang('groups_create_success'), 'success');
             redirect('/');
         }
         // Not validation error
         if (!empty($this->groups_model->error)) {
             Template::set_message(lang('groups_create_failure') . $this->groups_model->error, 'error');
         }
     }
     if ($this->siteSettings['auth.password_show_labels'] == 1) {
         Assets::add_js($this->load->view('users_js', array('settings' => $this->siteSettings), true), 'inline');
     }
     // Generate password hint messages.
     $this->user_model->password_hints();
     $result = array();
     $group_type_options = $this->group_types_model->get_group_types_list();
     array_unshift($group_type_options, "Select");
     Template::set('group_type_options', $group_type_options);
     Template::set('toolbar_title', lang('groups_action_create'));
     Template::set_view('content/create', $result);
     Template::render();
 }
Beispiel #6
0
 public function index()
 {
     if ($this->customer->islogged()) {
         // checks if customer is logged in then redirect to account page.
         redirect('account/account');
     }
     $this->load->model('Pages_model');
     $this->lang->load('account/login_register');
     $this->template->setTitle($this->lang->line('text_heading'));
     $data['reset_url'] = site_url('account/reset');
     $data['register_url'] = site_url('account/register');
     if ($this->input->post()) {
         // checks if $_POST data is set
         if ($this->validateForm() === TRUE) {
             $email = $this->input->post('email');
             // retrieves email value from $_POST data if set
             $password = $this->input->post('password');
             // retrieves password value from $_POST data if set
             if ($this->customer->login($email, $password) === FALSE) {
                 // invoke login method in customer library with email and password $_POST data value then check if login was unsuccessful
                 $this->alert->set('alert', $this->lang->line('alert_invalid_login'));
                 // display error message and redirect to account login page
                 redirect(current_url());
             } else {
                 // else if login was successful redirect to account page
                 log_activity($this->customer->getId(), 'logged in', 'customers', get_activity_message('activity_logged_in', array('{customer}', '{link}'), array($this->customer->getName(), admin_url('customers/edit?id=' . $this->customer->getId()))));
                 if ($redirect_url = $this->input->get('redirect')) {
                     redirect($redirect_url);
                 }
                 redirect('account/account');
             }
         }
     }
     $this->template->render('account/login', $data);
 }
Beispiel #7
0
 public function index()
 {
     $this->lang->load('login');
     log_activity($this->user->getStaffId(), 'logged out', 'staffs', get_activity_message('activity_logged_out', array('{staff}', '{link}'), array($this->user->getStaffName(), admin_url('staffs/edit?id=' . $this->user->getStaffId()))));
     $this->user->logout();
     $this->alert->set('success', $this->lang->line('alert_success_logout'));
     redirect('login');
 }
Beispiel #8
0
 public function index()
 {
     $this->load->model('Pages_model');
     $this->lang->load('account/login_register');
     $this->template->setBreadcrumb('<i class="fa fa-home"></i>', '/');
     $this->template->setBreadcrumb($this->lang->line('text_heading'), 'account/logout');
     $this->template->setTitle($this->lang->line('text_logout_heading'));
     $this->alert->set('success', $this->lang->line('alert_logout_success'));
     log_activity($this->customer->getId(), 'logged out', 'customers', get_activity_message('activity_logged_out', array('{customer}', '{link}'), array($this->customer->getName(), admin_url('customers/edit?id=' . $this->customer->getId()))));
     $this->customer->logout();
     if ($redirect_url = $this->input->get('redirect')) {
         redirect($redirect_url);
     }
     redirect('account/login');
 }
Beispiel #9
0
 public function status()
 {
     if ($D = $this->menu_model->find($this->uri->segment(5))) {
         $depart['status'] = $D->status == "1" ? '0' : '1';
         $this->db->where('id', $D->id);
         if ($this->db->update('bf_menu', $depart)) {
             log_activity($this->current_user->id, lang('menu_act_edit_record') . ': ' . $D->ID . ' : ' . $this->input->ip_address(), 'menu');
             Template::set_message(lang('menu_edit_success'), 'success');
             redirect("admin/content/menu");
         } else {
             Template::set_message(lang('menu_edit_failure') . $this->menu_model->error, 'error');
         }
     }
 }
Beispiel #10
0
 private function _saveMenu()
 {
     if ($this->validateForm() === TRUE) {
         $save_type = !is_numeric($this->input->get('id')) ? $this->lang->line('text_added') : $this->lang->line('text_updated');
         if ($menu_id = $this->Menus_model->saveMenu($this->input->get('id'), $this->input->post())) {
             log_activity($this->user->getStaffId(), $save_type, 'menus', get_activity_message('activity_custom', array('{staff}', '{action}', '{context}', '{link}', '{item}'), array($this->user->getStaffName(), $save_type, 'menu item', site_url('menus/edit?id=' . $menu_id), $this->input->post('menu_name'))));
             $this->alert->set('success', sprintf($this->lang->line('alert_success'), 'Menu ' . $save_type));
         } else {
             $this->alert->set('warning', sprintf($this->lang->line('alert_error_nothing'), $save_type));
         }
         return $menu_id;
     }
 }
Beispiel #11
0
 /**
  * Allows the user to create a new password for their account. At the moment,
  * the only way to get here is to go through the forgot_password() process,
  * which creates a unique code that is only valid for 24 hours.
  *
  * Since 0.7 this method is also reached via the force_password_reset security
  * features.
  *
  * @param string $email The email address to check against.
  * @param string $code  A randomly generated alphanumeric code. (Generated by
  * forgot_password()).
  *
  * @return void
  */
 public function reset_password($email = '', $code = '')
 {
     // If the user is logged in, go home.
     if ($this->auth->is_logged_in() !== false) {
         Template::redirect('/');
     }
     // Bonfire may have stored the email and code in the session.
     if (empty($code) && $this->session->userdata('pass_check')) {
         $code = $this->session->userdata('pass_check');
     }
     if (empty($email) && $this->session->userdata('email')) {
         $email = $this->session->userdata('email');
     }
     // If there is no code/email, then it's not a valid request.
     if (empty($code) || empty($email)) {
         Template::set_message(lang('us_reset_invalid_email'), 'error');
         Template::redirect(LOGIN_URL);
     }
     // Handle the form
     if (isset($_POST['set_password'])) {
         $this->form_validation->set_rules('password', 'lang:bf_password', 'required|max_length[120]|valid_password');
         $this->form_validation->set_rules('pass_confirm', 'lang:bf_password_confirm', 'required|matches[password]');
         if ($this->form_validation->run() !== false) {
             // The user model will create the password hash.
             $data = array('password' => $this->input->post('password'), 'reset_by' => 0, 'reset_hash' => '', 'force_password_reset' => 0);
             if ($this->user_model->update($this->input->post('user_id'), $data)) {
                 log_activity($this->input->post('user_id'), lang('us_log_reset'), 'users');
                 Template::set_message(lang('us_reset_password_success'), 'success');
                 Template::redirect(LOGIN_URL);
             }
             if (!empty($this->user_model->error)) {
                 Template::set_message(sprintf(lang('us_reset_password_error'), $this->user_model->error), 'error');
             }
         }
     }
     // Check the code against the database
     $email = str_replace(':', '@', $email);
     $user = $this->user_model->find_by(array('email' => $email, 'reset_hash' => $code, 'reset_by >=' => time()));
     // $user will be an Object if a single result was returned.
     if (!is_object($user)) {
         Template::set_message(lang('us_reset_invalid_email'), 'error');
         Template::redirect(LOGIN_URL);
     }
     if ($this->siteSettings['auth.password_show_labels'] == 1) {
         Assets::add_js($this->load->view('users_js', array('settings' => $this->siteSettings), true), 'inline');
     }
     // At this point, it is a valid request....
     Template::set('user', $user);
     Template::set_view('users/reset_password');
     Template::render();
 }
Beispiel #12
0
 private function _uninstall()
 {
     if ($this->input->get('action') === 'uninstall') {
         if ($this->Extensions_model->uninstall('payment', $this->input->get('name'), $this->input->get('id'))) {
             log_activity($this->user->getStaffId(), 'uninstalled', 'extensions', get_activity_message('activity_custom_no_link', array('{staff}', '{action}', '{context}', '{item}'), array($this->user->getStaffName(), 'uninstalled', 'extension payment', $this->input->get('name'))));
             $this->alert->set('success', sprintf($this->lang->line('alert_success'), 'Payment uninstalled '));
             return TRUE;
         }
         $this->alert->danger_now($this->lang->line('alert_error_try_again'));
         return TRUE;
     }
 }
Beispiel #13
0
 /**
  * Perform form validation and save the settings to the database
  *
  * @param array	$extended_settings	An optional array of settings from the
  * extended_settings config file
  *
  * @return bool
  */
 private function save_settings($extended_settings = array())
 {
     $this->form_validation->set_rules('title', 'lang:bf_site_name', 'required|trim');
     $this->form_validation->set_rules('system_email', 'lang:bf_site_email', 'required|trim|valid_email');
     $this->form_validation->set_rules('list_limit', 'Items <em>p.p.</em>', 'required|trim|numeric');
     $this->form_validation->set_rules('password_min_length', 'lang:bf_password_length', 'required|trim|numeric');
     $this->form_validation->set_rules('password_force_numbers', 'lang:bf_password_force_numbers', 'trim|numeric');
     $this->form_validation->set_rules('password_force_symbols', 'lang:bf_password_force_symbols', 'trim|numeric');
     $this->form_validation->set_rules('password_force_mixed_case', 'lang:bf_password_force_mixed_case', 'trim|numeric');
     $this->form_validation->set_rules('password_show_labels', 'lang:bf_password_show_labels', 'trim|numeric');
     $this->form_validation->set_rules('languages[]', 'lang:bf_language', 'required|trim|is_array');
     // Setup the validation rules for any extended settings
     $extended_data = array();
     foreach ($extended_settings as $field) {
         if (empty($field['permission']) || has_permission($field['permission'])) {
             $this->form_validation->set_rules($field['name'], $field['label'], $field['rules']);
             $extended_data["ext.{$field['name']}"] = $this->input->post($field['name']);
         }
     }
     if ($this->form_validation->run() === false) {
         return false;
     }
     $data = array(array('name' => 'site.title', 'value' => $this->input->post('title')), array('name' => 'site.system_email', 'value' => $this->input->post('system_email')), array('name' => 'site.status', 'value' => $this->input->post('status')), array('name' => 'site.list_limit', 'value' => $this->input->post('list_limit')), array('name' => 'auth.allow_register', 'value' => isset($_POST['allow_register']) ? 1 : 0), array('name' => 'auth.user_activation_method', 'value' => isset($_POST['user_activation_method']) ? $_POST['user_activation_method'] : 0), array('name' => 'auth.login_type', 'value' => $this->input->post('login_type')), array('name' => 'auth.use_usernames', 'value' => isset($_POST['use_usernames']) ? $this->input->post('use_usernames') : 0), array('name' => 'auth.allow_remember', 'value' => isset($_POST['allow_remember']) ? 1 : 0), array('name' => 'auth.remember_length', 'value' => (int) $this->input->post('remember_length')), array('name' => 'auth.use_extended_profile', 'value' => isset($_POST['use_ext_profile']) ? 1 : 0), array('name' => 'auth.allow_name_change', 'value' => $this->input->post('allow_name_change') ? 1 : 0), array('name' => 'auth.name_change_frequency', 'value' => $this->input->post('name_change_frequency')), array('name' => 'auth.name_change_limit', 'value' => $this->input->post('name_change_limit')), array('name' => 'auth.password_min_length', 'value' => $this->input->post('password_min_length')), array('name' => 'auth.password_force_numbers', 'value' => $this->input->post('password_force_numbers')), array('name' => 'auth.password_force_symbols', 'value' => $this->input->post('password_force_symbols')), array('name' => 'auth.password_force_mixed_case', 'value' => $this->input->post('password_force_mixed_case')), array('name' => 'auth.password_show_labels', 'value' => $this->input->post('password_show_labels') ? 1 : 0), array('name' => 'site.show_profiler', 'value' => isset($_POST['show_profiler']) ? 1 : 0), array('name' => 'site.show_front_profiler', 'value' => isset($_POST['show_front_profiler']) ? 1 : 0), array('name' => 'site.languages', 'value' => $this->input->post('languages') != '' ? serialize($this->input->post('languages')) : ''), array('name' => 'password_iterations', 'value' => $this->input->post('password_iterations')));
     log_activity($this->current_user->id, lang('bf_act_settings_saved') . ': ' . $this->input->ip_address(), 'core');
     // Save the settings to the DB
     $updated = $this->settings_model->update_batch($data, 'name');
     // If the update was successful and there are extended settings to save,
     if ($updated && !empty($extended_data)) {
         // Save them
         $updated = $this->save_extended_settings($extended_data);
     }
     return $updated;
 }
 /**
  * Activates or deavtivates a user from the users dashboard.
  * Redirects to /settings/users on completion.
  *
  * @access private
  *
  * @param int $user_id       User ID int
  * @param int $status        1 = Activate, -1 = Deactivate
  * @param int $supress_email 1 = Supress, All others = send email
  *
  * @return void
  */
 private function user_status($user_id = false, $status = 1, $supress_email = 0)
 {
     $supress_email = isset($supress_email) && $supress_email == 1 ? true : false;
     if ($user_id !== false && $user_id != -1) {
         $result = false;
         $type = '';
         if ($status == 1) {
             $result = $this->user_model->admin_activation($user_id);
             $type = lang('bf_action_activate');
         } else {
             $result = $this->user_model->admin_deactivation($user_id);
             $type = lang('bf_action_deactivate');
         }
         $user = $this->user_model->find($user_id);
         $log_name = $this->settings_lib->item('auth.use_own_names') ? $this->current_user->username : ($this->settings_lib->item('auth.use_usernames') ? $user->username : $user->email);
         log_activity($this->current_user->id, lang('us_log_status_change') . ': ' . $log_name . ' : ' . $type . "ed", 'users');
         if ($result) {
             $message = lang('us_active_status_changed');
             if ($status == 1 && !$supress_email) {
                 // Now send the email
                 $this->load->library('emailer/emailer');
                 $site_title = $this->settings_lib->item('site.title');
                 $data = array('to' => $this->user_model->find($user_id)->email, 'subject' => lang('us_account_active'), 'message' => $this->load->view('_emails/activated', array('link' => site_url(), 'title' => $site_title), true));
                 if ($this->emailer->send($data)) {
                     $message = lang('us_active_email_sent');
                 } else {
                     $message = lang('us_err_no_email') . $this->emailer->error;
                 }
             }
             Template::set_message($message, 'success');
         } else {
             Template::set_message(lang('us_err_status_error') . $this->user_model->error, 'error');
         }
         //end if
     } else {
         Template::set_message(lang('us_err_no_id'), 'error');
     }
     //end if
 }
Beispiel #15
0
 /**
  * Save multiple shortcut keys at the same time allowing the user to
  * edit the settings
  *
  * @param array $settings Array of shortcuts
  *
  * @return bool
  */
 private function save_settings($settings = array())
 {
     if (empty($settings)) {
         // Read available shortcuts from the application config
         $available_actions = config_item('ui.current_shortcuts');
         // We can't use an array like the remove buttons do
         // because the text inputs need set_value().
         // set_value("shortcut[$action]") is not supported
         foreach ($available_actions as $action => $shortcut) {
             if (isset($_POST["shortcut_{$action}"])) {
                 $this->form_validation->set_rules("shortcut_{$action}", lang('ui_shortcuts'), 'required|callback__validate_shortcuts');
                 $settings[$action] = $this->input->post("shortcut_{$action}");
             }
         }
         if ($this->form_validation->run() === FALSE) {
             return FALSE;
         }
     }
     //end if
     if (is_array($settings)) {
         foreach ($settings as $action => $shortcut) {
             $updated = $this->settings_lib->set($action, $shortcut, 'core.ui');
         }
     }
     // Log the activity
     log_activity($this->current_user->id, lang('bf_act_settings_saved') . ': ' . $this->input->ip_address(), 'ui');
     return $updated;
 }
 public function updateExtension($update = array(), $serialized = '0')
 {
     $query = FALSE;
     if (!empty($update['type']) and !empty($update['name'])) {
         $update['name'] = url_title(strtolower($update['name']), '-');
         if ($this->extensionExists($update['name'])) {
             if (empty($update['extension_id'])) {
                 $update['extension_id'] = $this->install($update['type'], $update['name']);
             }
             if (isset($update['data']) and $serialized === '1') {
                 $this->db->set('data', serialize($update['data']));
             } else {
                 if (!empty($update['data'])) {
                     $this->db->set('data', $update['data']);
                 }
             }
             $this->db->set('serialized', $serialized);
             if (!empty($update['title'])) {
                 $this->db->set('title', $update['title']);
             }
             $this->db->where('type', $update['type']);
             $this->db->where('name', $update['name']);
             if (!empty($update['extension_id'])) {
                 $this->db->where('extension_id', $update['extension_id']);
                 $query = $this->db->update('extensions');
                 log_activity($this->user->getStaffId(), 'updated', 'extensions', get_activity_message('activity_custom_no_link', array('{staff}', '{action}', '{context}', '{item}'), array($this->user->getStaffName(), 'updated', 'extension ' . $update['type'], $update['title'])));
             }
         }
     }
     return $query;
 }
Beispiel #17
0
 /**
  * Allows editing of Samples data.
  *
  * @return void
  */
 public function edit()
 {
     $id = $this->uri->segment(5);
     if (empty($id)) {
         Template::set_message(lang('samples_invalid_id'), 'error');
         redirect(SITE_AREA . '/content/samples');
     }
     if (isset($_POST['save'])) {
         $this->auth->restrict('Samples.Content.Edit');
         if ($this->save_samples('update', $id)) {
             // Log the activity
             log_activity($this->current_user->id, lang('samples_act_edit_record') . ': ' . $id . ' : ' . $this->input->ip_address(), 'samples');
             Template::set_message(lang('samples_edit_success'), 'success');
         } else {
             Template::set_message(lang('samples_edit_failure') . $this->samples_model->error, 'error');
         }
     } else {
         if (isset($_POST['delete'])) {
             $this->auth->restrict('Samples.Content.Delete');
             if ($this->samples_model->delete($id)) {
                 // Log the activity
                 log_activity($this->current_user->id, lang('samples_act_delete_record') . ': ' . $id . ' : ' . $this->input->ip_address(), 'samples');
                 Template::set_message(lang('samples_delete_success'), 'success');
                 redirect(SITE_AREA . '/content/samples');
             } else {
                 Template::set_message(lang('samples_delete_failure') . $this->samples_model->error, 'error');
             }
         }
     }
     Template::set('samples', $this->samples_model->find($id));
     Template::set('toolbar_title', lang('samples_edit') . ' Samples');
     Template::render();
 }
Beispiel #18
0
$basic = $_GET['basic'];
$reimbursed = $_GET['reimbursed'];
$idc_id = $_SESSION['idc_id'];
if ($_GET['amendment'] == "on") {
    $amendment = 1;
} else {
    $amendment = 0;
}
switch ($factory) {
    case "insert":
        // code to insert the DO into the database
        $query = "INSERT INTO tbl_dos (idc_id, order_date, do_id, pro_name, basic,reimbursed, amendment) VALUES ('{$idc_id}', '{$date}', '{$do_id}', '{$pro_name}', '{$basic}', '{$reimbursed}', '{$amendment}')";
        mysql_query($query) or die(mysql_error());
        $_SESSION['extra'] = "idc id=" . $idc_id . ", do id=" . $do_id . ", project:" . $pro_name . ", amount:" . $basic;
        log_activity('do');
        echo "Inserted!";
        break;
    case "update":
        //code tp update the DO
        $query = "UPDATE  tbl_dos set order_date='{$date}' , do_id='{$do_id}', pro_name='{$pro_name}', basic='{$basic}', reimbursed='{$reimbursed}' WHERE id='{$row_id}'";
        mysql_query($query) or die(mysql_error());
        $_SESSION['extra'] = "idc id=" . $idc_id . ", do id=" . $do_id . ", project:" . $pro_name . ", amount:" . $basic;
        log_activity('updated do');
        echo "Updated row:" . $row_id;
        break;
    case "delete":
        $query = "DELETE FROM tbl_dos where id='{$do_id}'";
        mysql_query($query) or die(mysql_error());
        echo "Entry " . $do_id . " deleted";
        break;
}
Beispiel #19
0
 /**
  * Display the registration form for the user and manage the registration process
  *
  * @access public
  *
  * @return void
  */
 public function register()
 {
     // Are users even allowed to register?
     if (!$this->settings_lib->item('auth.allow_register')) {
         Template::set_message(lang('us_register_disabled'), 'error');
         Template::redirect('/');
     }
     $this->load->model('roles/role_model');
     $this->load->helper('date');
     $this->load->config('address');
     $this->load->helper('address');
     $this->load->config('user_meta');
     $meta_fields = config_item('user_meta_fields');
     Template::set('meta_fields', $meta_fields);
     if (isset($_POST['register'])) {
         // Validate input
         $this->form_validation->set_rules('email', 'lang:bf_email', 'required|trim|valid_email|max_length[120]|unique[users.email]');
         $username_required = '';
         if ($this->settings_lib->item('auth.login_type') == 'username' || $this->settings_lib->item('auth.use_usernames')) {
             $username_required = 'required|';
         }
         $this->form_validation->set_rules('username', 'lang:bf_username', $username_required . 'trim|max_length[30]|unique[users.username]');
         $this->form_validation->set_rules('password', 'lang:bf_password', 'required|max_length[120]|valid_password');
         $this->form_validation->set_rules('pass_confirm', 'lang:bf_password_confirm', 'required|matches[password]');
         $this->form_validation->set_rules('language', 'lang:bf_language', 'required|trim');
         $this->form_validation->set_rules('timezones', 'lang:bf_timezone', 'required|trim|max_length[4]');
         $this->form_validation->set_rules('display_name', 'lang:bf_display_name', 'trim|max_length[255]');
         $meta_data = array();
         foreach ($meta_fields as $field) {
             if ((!isset($field['admin_only']) || $field['admin_only'] === FALSE || isset($field['admin_only']) && $field['admin_only'] === TRUE && isset($this->current_user) && $this->current_user->role_id == 1) && (!isset($field['frontend']) || $field['frontend'] === TRUE)) {
                 $this->form_validation->set_rules($field['name'], $field['label'], $field['rules']);
                 $meta_data[$field['name']] = $this->input->post($field['name']);
             }
         }
         if ($this->form_validation->run() !== FALSE) {
             // Time to save the user...
             $data = array('email' => $this->input->post('email'), 'password' => $this->input->post('password'), 'language' => $this->input->post('language'), 'timezone' => $this->input->post('timezones'), 'display_name' => $this->input->post('display_name'));
             if (isset($_POST['username'])) {
                 $data['username'] = $this->input->post('username');
             }
             // User activation method
             $activation_method = $this->settings_lib->item('auth.user_activation_method');
             // No activation method
             if ($activation_method == 0) {
                 // Activate the user automatically
                 $data['active'] = 1;
             }
             if ($user_id = $this->user_model->insert($data)) {
                 // now add the meta is there is meta data
                 $this->user_model->save_meta_for($user_id, $meta_data);
                 /*
                  * USER ACTIVATIONS ENHANCEMENT
                  */
                 // Prepare user messaging vars
                 $subject = '';
                 $email_mess = '';
                 $message = lang('us_email_thank_you');
                 $type = 'success';
                 $site_title = $this->settings_lib->item('site.title');
                 $error = false;
                 switch ($activation_method) {
                     case 0:
                         // No activation required. Activate the user and send confirmation email
                         $subject = str_replace('[SITE_TITLE]', $this->settings_lib->item('site.title'), lang('us_account_reg_complete'));
                         $email_mess = $this->load->view('_emails/activated', array('title' => $site_title, 'link' => site_url()), true);
                         $message .= lang('us_account_active_login');
                         break;
                     case 1:
                         // Email Activiation.
                         // Create the link to activate membership
                         // Run the account deactivate to assure everything is set correctly
                         $activation_code = $this->user_model->deactivate($user_id);
                         $activate_link = site_url('activate/' . $user_id);
                         $subject = lang('us_email_subj_activate');
                         $email_message_data = array('title' => $site_title, 'code' => $activation_code, 'link' => $activate_link);
                         $email_mess = $this->load->view('_emails/activate', $email_message_data, true);
                         $message .= lang('us_check_activate_email');
                         break;
                     case 2:
                         // Admin Activation
                         // Clear hash but leave user inactive
                         $subject = lang('us_email_subj_pending');
                         $email_mess = $this->load->view('_emails/pending', array('title' => $site_title), true);
                         $message .= lang('us_admin_approval_pending');
                         break;
                 }
                 //end switch
                 // Now send the email
                 $this->load->library('emailer/emailer');
                 $data = array('to' => $_POST['email'], 'subject' => $subject, 'message' => $email_mess);
                 if (!$this->emailer->send($data)) {
                     $message .= lang('us_err_no_email') . $this->emailer->error;
                     $error = true;
                 }
                 if ($error) {
                     $type = 'error';
                 } else {
                     $type = 'success';
                 }
                 Template::set_message($message, $type);
                 // Log the Activity
                 log_activity($user_id, lang('us_log_register'), 'users');
                 Template::redirect(LOGIN_URL);
             } else {
                 Template::set_message(lang('us_registration_fail'), 'error');
                 redirect(REGISTER_URL);
             }
             //end if
         }
         //end if
     }
     //end if
     $settings = $this->settings_lib->find_all();
     if ($settings['auth.password_show_labels'] == 1) {
         Assets::add_module_js('users', 'password_strength.js');
         Assets::add_module_js('users', 'jquery.strength.js');
         Assets::add_js($this->load->view('users_js', array('settings' => $settings), true), 'inline');
     }
     // Generate password hint messages.
     $this->user_model->password_hints();
     Template::set('languages', unserialize($this->settings_lib->item('site.languages')));
     Template::set_view('users/users/register');
     Template::set('page_title', 'Register');
     Template::render();
 }
Beispiel #20
0
 private function _updateOrder()
 {
     if (is_numeric($this->input->get('id')) and $this->validateForm() === TRUE) {
         if ($this->Orders_model->updateOrder($this->input->get('id'), $this->input->post())) {
             log_activity($this->user->getStaffId(), 'updated', 'orders', get_activity_message('activity_custom', array('{staff}', '{action}', '{context}', '{link}', '{item}'), array($this->user->getStaffName(), 'updated', 'order', current_url(), '#' . $this->input->get('id'))));
             if ($this->input->post('assignee_id') and $this->input->post('old_assignee_id') !== $this->input->post('assignee_id')) {
                 $staff = $this->Staffs_model->getStaff($this->input->post('assignee_id'));
                 $staff_assignee = site_url('staffs/edit?id=' . $staff['staff_id']);
                 log_activity($this->user->getStaffId(), 'assigned', 'orders', get_activity_message('activity_assigned', array('{staff}', '{action}', '{context}', '{link}', '{item}', '{assignee}'), array($this->user->getStaffName(), 'assigned', 'order', current_url(), '#' . $this->input->get('id'), "<a href=\"{$staff_assignee}\">{$staff['staff_name']}</a>")));
             }
             $this->alert->set('success', sprintf($this->lang->line('alert_success'), 'Order updated'));
         } else {
             $this->alert->set('warning', sprintf($this->lang->line('alert_error_nothing'), 'updated'));
         }
         return TRUE;
     }
 }
Beispiel #21
0
 private function _saveReview()
 {
     if ($this->validateForm() === TRUE) {
         $save_type = !is_numeric($this->input->get('id')) ? $this->lang->line('text_added') : $this->lang->line('text_updated');
         if ($review_id = $this->Reviews_model->saveReview($this->input->get('id'), $this->input->post())) {
             log_activity($this->user->getStaffId(), $save_type, 'reviews', get_activity_message('activity_custom', array('{staff}', '{action}', '{context}', '{link}', '{item}'), array($this->user->getStaffName(), $save_type, 'review', current_url(), $this->input->get('id'))));
             $this->alert->set('success', sprintf($this->lang->line('alert_success'), 'Review ' . $save_type));
         } else {
             $this->alert->set('warning', sprintf($this->lang->line('alert_error_nothing'), $save_type));
         }
         return $review_id;
     }
 }
Beispiel #22
0
log_activity('Getting the jobs where the expire_on <= now() is over and closed = \'N\'.', 'yellowel_job_closure.log');
$query = "SELECT id \n          FROM jobs \n          WHERE expire_on <= '" . $now . "' AND \n          closed = 'N'";
$jobs = $mysqli->query($query);
if ($jobs === false) {
    $errors = $mysqli->error();
    log_activity('Error on querying: ' . $errors['errno'] . ': ' . $errors['error'], 'yellowel_job_closure.log');
    log_activity('Unable to complete task!', 'yellowel_job_closure.log');
    exit;
}
if (!is_null($jobs) && !empty($jobs)) {
    // 2. For each job set closed = 'Y'
    log_activity('Entering main loop...', 'yellowel_job_closure.log');
    $jobs_string = '';
    foreach ($jobs as $i => $job) {
        $jobs_string .= $job['id'];
        if ($i < count($jobs) - 1) {
            $jobs_string .= ', ';
        }
    }
    $query = "UPDATE jobs SET closed = 'Y' WHERE id IN (" . $jobs_string . ")";
    if (!$mysqli->execute($query)) {
        $errors = $mysqli->error();
        log_activity('Error on executing: ' . $errors['errno'] . ': ' . $errors['error'], 'yellowel_job_closure.log');
        log_activity('Unable to complete task!', 'yellowel_job_closure.log');
        exit;
    }
} else {
    log_activity('No expired jobs.', 'yellowel_job_closure.log');
}
log_activity('Task completed. Goodbye!', 'yellowel_job_closure.log');
Beispiel #23
0
 private function _saveStaff($staff_email, $username)
 {
     if ($this->validateForm($staff_email, $username) === TRUE) {
         $save_type = !is_numeric($this->input->get('id')) ? $this->lang->line('text_added') : $this->lang->line('text_updated');
         if ($staff_id = $this->Staffs_model->saveStaff($this->input->get('id'), $this->input->post())) {
             $action = $this->input->get('id') === $this->user->getStaffId() ? $save_type . ' their' : $save_type;
             $message_lang = $this->input->get('id') === $this->user->getStaffId() ? 'activity_custom_no_link' : 'activity_custom';
             $item = $this->input->get('id') === $this->user->getStaffId() ? 'details' : ucwords($username);
             log_activity($this->user->getStaffId(), $action, 'staffs', get_activity_message($message_lang, array('{staff}', '{action}', '{context}', '{link}', '{item}'), array($this->user->getStaffName(), $action, 'staff', current_url(), $item)));
             $this->alert->set('success', sprintf($this->lang->line('alert_success'), 'Staff ' . $save_type));
         } else {
             $this->alert->set('warning', sprintf($this->lang->line('alert_error_nothing'), $save_type));
         }
         return $staff_id;
     }
 }
Beispiel #24
0
 private function _uploadExtension()
 {
     $this->user->restrict('Admin.Modules.Add', site_url('extensions/add'));
     if (isset($_FILES['extension_zip'])) {
         if ($this->validateUpload() === TRUE) {
             if ($this->Extensions_model->upload('module', $_FILES['extension_zip'])) {
                 $extension_name = basename($_FILES['extension_zip']['name'], '.zip');
                 log_activity($this->user->getStaffId(), 'uploaded', 'extensions', get_activity_message('activity_custom_no_link', array('{staff}', '{action}', '{context}', '{item}'), array($this->user->getStaffName(), 'uploaded', 'extension', $extension_name)));
                 $alert = sprintf($this->lang->line('alert_success'), "Extension {$extension_name} uploaded ");
                 $alert .= sprintf($this->lang->line('alert_install'), site_url('extensions/install?name=') . $extension_name);
                 $this->alert->set('success', $alert);
                 return TRUE;
             }
             $this->alert->danger_now($this->lang->line('alert_error_try_again'));
         }
     }
     return FALSE;
 }
Beispiel #25
0
 private function _savePermission()
 {
     if ($this->validateForm() === TRUE) {
         $save_type = !is_numeric($this->input->get('id')) ? $this->lang->line('text_added') : $this->lang->line('text_updated');
         if ($permission_id = $this->Permissions_model->savePermission($this->input->get('id'), $this->input->post())) {
             log_activity($this->user->getStaffId(), $save_type, 'permissions', get_activity_message('activity_custom_no_link', array('{staff}', '{action}', '{context}', '{item}'), array($this->user->getStaffName(), $save_type, 'permission', $this->input->post('name'))));
             $this->alert->set('success', sprintf($this->lang->line('alert_success'), 'Permission ' . $save_type));
         } else {
             $this->alert->set('warning', sprintf($this->lang->line('alert_error_nothing'), $save_type));
         }
         return $permission_id;
     }
 }
 private function _saveCustomer($customer_email)
 {
     if ($this->validateForm($customer_email) === TRUE) {
         $save_type = !is_numeric($this->input->get('id')) ? $this->lang->line('text_added') : $this->lang->line('text_updated');
         if ($customer_id = $this->Customers_model->saveCustomer($this->input->get('id'), $this->input->post())) {
             $customer_name = $this->input->post('first_name') . ' ' . $this->input->post('last_name');
             log_activity($this->user->getStaffId(), $save_type, 'customers', get_activity_message('activity_custom', array('{staff}', '{action}', '{context}', '{link}', '{item}'), array($this->user->getStaffName(), $save_type, 'customer', site_url('customers/edit?id=' . $customer_id), $customer_name)));
             $this->alert->set('success', sprintf($this->lang->line('alert_success'), 'Customer ' . $save_type));
         } else {
             $this->alert->set('warning', sprintf($this->lang->line('alert_error_nothing'), $save_type));
         }
         return $customer_id;
     }
 }
Beispiel #27
0
 /**
  * Allows editing of Event data.
  *
  * @return void
  */
 public function edit()
 {
     $id = $this->uri->segment(5);
     if (empty($id)) {
         Template::set_message(lang('event_invalid_id'), 'error');
         redirect(SITE_AREA . '/content/event');
     }
     if (isset($_POST['save'])) {
         $this->auth->restrict($this->permissionEdit);
         if ($this->save_event('update', $id)) {
             log_activity($this->auth->user_id(), lang('event_act_edit_record') . ': ' . $id . ' : ' . $this->input->ip_address(), 'event');
             Template::set_message(lang('event_edit_success'), 'success');
             redirect(SITE_AREA . '/content/event');
         }
         // Not validation error
         if (!empty($this->event_model->error)) {
             Template::set_message(lang('event_edit_failure') . $this->event_model->error, 'error');
         }
     } elseif (isset($_POST['delete'])) {
         $this->auth->restrict($this->permissionDelete);
         if ($this->event_model->delete($id)) {
             log_activity($this->auth->user_id(), lang('event_act_delete_record') . ': ' . $id . ' : ' . $this->input->ip_address(), 'event');
             Template::set_message(lang('event_delete_success'), 'success');
             redirect(SITE_AREA . '/content/event');
         }
         Template::set_message(lang('event_delete_failure') . $this->event_model->error, 'error');
     }
     Template::set('event', $this->event_model->find($id));
     Template::set('toolbar_title', lang('event_edit_heading'));
     Template::render();
 }
 public function updateExtension($type = 'module', $name = NULL, $data = array(), $log_activity = TRUE)
 {
     if ($name === NULL) {
         return FALSE;
     }
     $name = url_title(strtolower($name), '-');
     !isset($data['data']) or $data = $data['data'];
     unset($data['save_close']);
     $query = FALSE;
     if ($this->extensionExists($name)) {
         $config = $this->extension->loadConfig($name, FALSE, TRUE);
         $meta = $this->extension->getMeta($name, $config);
         if (isset($meta['type'], $meta['title']) and $type === $meta['type']) {
             $this->db->set('data', is_array($data) ? serialize($data) : $data);
             $this->db->set('serialized', '1');
             $this->db->where('type', $meta['type']);
             $this->db->where('name', $name);
             $query = $this->db->update('extensions');
             if ($log_activity) {
                 log_activity($this->user->getStaffId(), 'updated', 'extensions', get_activity_message('activity_custom_no_link', array('{staff}', '{action}', '{context}', '{item}'), array($this->user->getStaffName(), 'updated', 'extension ' . $meta['type'], $meta['title'])));
             }
         }
     }
     return $query;
 }
Beispiel #29
0
 /**
  * Migrate a module to a particular version
  *
  * @return void
  */
 public function migrate_module($module = '')
 {
     if (isset($_POST['migrate'])) {
         $file = $this->input->post('version');
         if (empty($file)) {
             Template::set_message(lang('migrations_module_none'), 'info');
             redirect(SITE_AREA . '/developer/migrations');
         }
         $version = $file !== 'uninstall' ? (int) substr($file, 0, 3) : 0;
         // Do the migration
         $this->migrate_to($version, "{$module}_");
         log_activity($this->auth->user_id(), sprintf(lang('migrations_act_module'), $module, $version, $this->input->ip_address()), 'migrations');
     }
     redirect(SITE_AREA . '/developer/migrations');
 }
 public function addReservation($add = array())
 {
     if (empty($add)) {
         return FALSE;
     }
     if (isset($add['location_id'])) {
         $this->db->set('location_id', $add['location_id']);
     }
     if (isset($add['table_id'])) {
         $this->db->set('table_id', $add['table_id']);
     }
     if (isset($add['customer_id'])) {
         $this->db->set('customer_id', $add['customer_id']);
     }
     if (isset($add['guest_num'])) {
         $this->db->set('guest_num', $add['guest_num']);
     }
     if (isset($add['reserve_date'])) {
         $this->db->set('reserve_date', mdate('%Y-%m-%d', strtotime($add['reserve_date'])));
     }
     if (isset($add['reserve_time'])) {
         $this->db->set('reserve_time', $add['reserve_time']);
         $this->db->set('date_added', mdate('%Y-%m-%d %H:%i:%s', time()));
         $this->db->set('date_modified', mdate('%Y-%m-%d', time()));
     }
     if (isset($add['occasion_id'])) {
         $this->db->set('occasion_id', $add['occasion_id']);
     }
     if (isset($add['customer_id'])) {
         $this->db->set('customer_id', $add['customer_id']);
     }
     if (isset($add['first_name'])) {
         $this->db->set('first_name', $add['first_name']);
     }
     if (isset($add['last_name'])) {
         $this->db->set('last_name', $add['last_name']);
     }
     if (isset($add['email'])) {
         $this->db->set('email', $add['email']);
     }
     if (isset($add['telephone'])) {
         $this->db->set('telephone', $add['telephone']);
     }
     if (isset($add['comment'])) {
         $this->db->set('comment', $add['comment']);
     }
     if (isset($add['user_agent'])) {
         $this->db->set('user_agent', $add['user_agent']);
     }
     if (isset($add['ip_address'])) {
         $this->db->set('ip_address', $add['ip_address']);
     }
     if (!empty($add)) {
         if ($this->db->insert('reservations')) {
             $reservation_id = $this->db->insert_id();
             if (APPDIR === MAINDIR) {
                 log_activity($add['customer_id'], 'reserved', 'reservations', get_activity_message('activity_reserved_table', array('{customer}', '{link}', '{reservation_id}'), array($add['first_name'] . ' ' . $add['last_name'], admin_url('reservations/edit?id=' . $reservation_id), $reservation_id)));
             }
             $this->load->model('Mail_templates_model');
             $mail_data = $this->getMailData($reservation_id);
             $config_reservation_email = is_array($this->config->item('reservation_email')) ? $this->config->item('reservation_email') : array();
             $notify = '0';
             if ($this->config->item('customer_reserve_email') === '1' or in_array('customer', $config_reservation_email)) {
                 $mail_template = $this->Mail_templates_model->getTemplateData($this->config->item('mail_template_id'), 'reservation');
                 $notify = $this->sendMail($mail_data['email'], $mail_template, $mail_data);
             }
             if ($this->location->getEmail() and ($this->config->item('location_reserve_email') === '1' or in_array('location', $config_reservation_email))) {
                 $mail_template = $this->Mail_templates_model->getTemplateData($this->config->item('mail_template_id'), 'reservation_alert');
                 $this->sendMail($this->location->getEmail(), $mail_template, $mail_data);
             }
             if (in_array('admin', $config_reservation_email)) {
                 $mail_template = $this->Mail_templates_model->getTemplateData($this->config->item('mail_template_id'), 'reservation_alert');
                 $this->sendMail($this->config->item('site_email'), $mail_template, $mail_data);
             }
             $this->db->set('notify', $notify);
             $this->db->set('status', $this->config->item('default_reservation_status'));
             $this->db->where('reservation_id', $reservation_id);
             if ($this->db->update('reservations')) {
                 $this->load->model('Statuses_model');
                 $status = $this->Statuses_model->getStatus($this->config->item('default_reservation_status'));
                 $reserve_history = array('object_id' => $reservation_id, 'status_id' => $status['status_id'], 'notify' => $notify, 'comment' => $status['status_comment'], 'date_added' => mdate('%Y-%m-%d %H:%i:%s', time()));
                 $this->Statuses_model->addStatusHistory('reserve', $reserve_history);
             }
             $query = $reservation_id;
         }
     }
     return $query;
 }