function get_sale_list($uri_segment = '')
{
$sales = $this->sale_model->get_sale_list($uri_segment);
log_message('error', __METHOD__);
log_array('error', $sales);
echo '{ "data":' . json_encode($sales) . '}';
}
function login()
{
$this->data['title'] = "Login";
//validate form input
$this->form_validation->set_rules('identity', 'Identity', 'required');
$this->form_validation->set_rules('password', 'Password', 'required');
if ($this->form_validation->run() == true) {
//check to see if the user is logging in
//check for "remember me"
$remember = (bool) $this->input->post('remember');
if ($this->ion_auth->login($this->input->post('identity'), $this->input->post('password'), $remember, $this->input->post('user_time_zone'))) {
if ($this->ion_auth->is_admin()) {
redirect('/auth', 'refresh');
} else {
//if the login is successful
log_message('debug', 'LOGIN SUCCESSFUL');
//format posted timezone for inclusion in session
$tz = array('user_time_zone' => $this->input->post('user_time_zone'));
//add timezome to session
$this->session->set_userdata($tz);
//log timezone
log_message('debug', 'POSTED TIMEZONE: ' . log_array($this->input->post('user_time_zone')));
$this->session->set_flashdata('message', $this->ion_auth->messages());
//redirect them back to the home page
log_message('debug', 'REDIRECTING TO ROSTER');
redirect('/manage', 'refresh');
}
} else {
//if the login was un-successful
//redirect them back to the login page
$this->session->set_flashdata('message', $this->ion_auth->errors());
redirect('auth/login', 'refresh');
//use redirects instead of loading views for compatibility with MY_Controller libraries
}
} else {
//the user is not logging in so display the login page
//set the flash data error message if there is one
$this->data['message'] = validation_errors() ? validation_errors() : $this->session->flashdata('message');
$this->data['identity'] = array('name' => 'identity', 'id' => 'identity', 'type' => 'text', 'value' => $this->form_validation->set_value('identity'));
$this->data['password'] = array('name' => 'password', 'id' => 'password', 'type' => 'password');
$this->_render_page('auth/login', $this->data);
}
}
/**
* Processes a direct verification request. This is used in the OpenID specification
* to verify signatures generated using stateless mode.
*
* @param array $request the OpenID request
* @see http://openid.net/specs/openid-authentication-1_1.html#mode_check_authentication, http://openid.net/specs/openid-authentication-2_0.html#verifying_signatures
*/
function simpleid_check_authentication($request)
{
global $version;
log_info('OpenID direct verification: ' . log_array($request));
$is_valid = simpleid_verify_signatures($request);
if ($is_valid) {
$response = array('is_valid' => 'true');
} else {
$response = array('is_valid' => 'false');
}
// RP wants to check whether a handle is invalid
if (isset($request['openid.invalidate_handle'])) {
$invalid_assoc = cache_get('association', $request['openid.invalidate_handle']);
if (!$invalid_assoc || $invalid_assoc['created'] + SIMPLEID_ASSOC_EXPIRES_IN < time()) {
// Yes, it's invalid
$response['invalidate_handle'] = $request['openid.invalidate_handle'];
}
}
log_info('OpenID direct verification response: ' . log_array($response));
openid_direct_response(openid_direct_message($response, $version));
}
/**
* Perform the file upload
*
* @return bool
*/
public function do_upload($field = 'userfile')
{
log_message('error', __METHOD__ . $field);
log_array('error', $_FILES);
// Is $_FILES[$field] set? If not, no reason to continue.
if (!isset($_FILES[$field])) {
$this->set_error('upload_no_file_selected');
return FALSE;
}
// Is the upload path valid?
if (!$this->validate_upload_path()) {
// errors will already be set by validate_upload_path() so just return FALSE
return FALSE;
}
// Was the file able to be uploaded? If not, determine the reason why.
if (!is_uploaded_file($_FILES[$field]['tmp_name'])) {
$error = !isset($_FILES[$field]['error']) ? 4 : $_FILES[$field]['error'];
switch ($error) {
case 1:
// UPLOAD_ERR_INI_SIZE
$this->set_error('upload_file_exceeds_limit');
break;
case 2:
// UPLOAD_ERR_FORM_SIZE
$this->set_error('upload_file_exceeds_form_limit');
break;
case 3:
// UPLOAD_ERR_PARTIAL
$this->set_error('upload_file_partial');
break;
case 4:
// UPLOAD_ERR_NO_FILE
$this->set_error('upload_no_file_selected');
break;
case 6:
// UPLOAD_ERR_NO_TMP_DIR
$this->set_error('upload_no_temp_directory');
break;
case 7:
// UPLOAD_ERR_CANT_WRITE
$this->set_error('upload_unable_to_write_file');
break;
case 8:
// UPLOAD_ERR_EXTENSION
$this->set_error('upload_stopped_by_extension');
break;
default:
$this->set_error('upload_no_file_selected');
break;
}
return FALSE;
}
// Set the uploaded data as class variables
$this->file_temp = $_FILES[$field]['tmp_name'];
$this->file_size = $_FILES[$field]['size'];
$this->_file_mime_type($_FILES[$field]);
$this->file_type = preg_replace("/^(.+?);.*\$/", "\\1", $this->file_type);
$this->file_type = strtolower(trim(stripslashes($this->file_type), '"'));
$this->file_name = $this->_prep_filename($_FILES[$field]['name']);
$this->file_ext = $this->get_extension($this->file_name);
$this->client_name = $this->file_name;
// Is the file type allowed to be uploaded?
if (!$this->is_allowed_filetype()) {
$this->set_error('upload_invalid_filetype');
return FALSE;
}
// if we're overriding, let's now make sure the new name and type is allowed
if ($this->_file_name_override != '') {
$this->file_name = $this->_prep_filename($this->_file_name_override);
// If no extension was provided in the file_name config item, use the uploaded one
if (strpos($this->_file_name_override, '.') === FALSE) {
$this->file_name .= $this->file_ext;
} else {
$this->file_ext = $this->get_extension($this->_file_name_override);
}
if (!$this->is_allowed_filetype(TRUE)) {
$this->set_error('upload_invalid_filetype');
return FALSE;
}
}
// Convert the file size to kilobytes
if ($this->file_size > 0) {
$this->file_size = round($this->file_size / 1024, 2);
}
// Is the file size within the allowed maximum?
if (!$this->is_allowed_filesize()) {
$this->set_error('upload_invalid_filesize');
return FALSE;
}
// Are the image dimensions within the allowed size?
// Note: This can fail if the server has an open_basdir restriction.
if (!$this->is_allowed_dimensions()) {
$this->set_error('upload_invalid_dimensions');
return FALSE;
}
// Sanitize the file name for security
$this->file_name = $this->clean_file_name($this->file_name);
// Truncate the file name if it's too long
if ($this->max_filename > 0) {
$this->file_name = $this->limit_filename_length($this->file_name, $this->max_filename);
}
// Remove white spaces in the name
if ($this->remove_spaces == TRUE) {
$this->file_name = preg_replace("/\\s+/", "_", $this->file_name);
}
/*
* Validate the file name
* This function appends an number onto the end of
* the file if one with the same name already exists.
* If it returns false there was a problem.
*/
$this->orig_name = $this->file_name;
if ($this->overwrite == FALSE) {
$this->file_name = $this->set_filename($this->upload_path, $this->file_name);
if ($this->file_name === FALSE) {
return FALSE;
}
}
/*
* Run the file through the XSS hacking filter
* This helps prevent malicious code from being
* embedded within a file. Scripts can easily
* be disguised as images or other file types.
*/
if ($this->xss_clean) {
if ($this->do_xss_clean() === FALSE) {
$this->set_error('upload_unable_to_write_file');
return FALSE;
}
}
/*
* Move the file to the final destination
* To deal with different server configurations
* we'll attempt to use copy() first. If that fails
* we'll use move_uploaded_file(). One of the two should
* reliably work in most environments
*/
if (!@copy($this->file_temp, $this->upload_path . $this->file_name)) {
if (!@move_uploaded_file($this->file_temp, $this->upload_path . $this->file_name)) {
$this->set_error('upload_destination_error');
return FALSE;
}
}
/*
* Set the finalized image dimensions
* This sets the image width/height (assuming the
* file was an image). We use this information
* in the "data" function.
*/
$this->set_image_properties($this->upload_path . $this->file_name);
return TRUE;
}
function get_user_name($created_by = '')
{
$result = '';
$CI =& get_instance();
$query = $CI->db->select('concat(first_name, " ", last_name) as username', false)->from('js_users')->where('id', $created_by)->get();
log_array('error', __METHOD__ . $CI->db->last_query());
if ($query->num_rows() > 0) {
$row = $query->row_array();
$result = $row['username'];
}
return $result == 'admin admin' ? 'Admin' : $result;
}
function insert_update_user()
{
$user_data = array();
$postData = array_map('trim', $this->input->post());
log_array('error', $postData);
$user_id = $postData['user_id'] != "" ? $postData['user_id'] : "";
$uri_segment = $this->input->post('uri_segment');
$user_data = array('first_name' => $postData['first_name'], 'last_name' => $postData['last_name'], 'username' => $postData['username'], 'email' => $postData['email'], 'role_id' => $postData['user_type'], 'created_by' => $this->session->userdata('user_id'), 'created_datetime' => current_timestamp_database(), 'status' => 'y');
if ($user_id == "") {
$user_data['password'] = encrypt_password(strtoupper($postData['password']));
}
$user_status = $this->user_model->insert_update_user($user_id, $user_data, $uri_segment);
if ($user_status != "" && $user_id == "") {
log_message('error', __METHOD__ . '======user email called=====' . $user_status);
$email_template_user = "******";
$to = $postData['email'];
$from = EMAIL_SEND_FROM;
$new_client_link = base_url() . 'user/' . strtoupper($postData['password']);
$email_required_data = array('{REGISTRATION_FIRST_LAST_NAME}' => $postData['first_name'] . " " . $postData['last_name'], '{CLIENT_LINK}' => $new_client_link, '{USERNAME}' => $postData['username'], '{PASSWORD}' => strtoupper($postData['password']));
$mail_status = send_mail($to, $from, $email_template_user, $email_required_data);
}
echo "success";
}
