/** * index page for this controller */ public function index() { $id = id_auth_user(); if (!$id) { redirect(); } $this->data['page_title'] = 'Profile'; $this->load->model('Admin_model'); $this->data['form_action'] = site_url($this->class_path_name); $this->data['changepass_form'] = site_url($this->class_path_name . '/change_pass'); $detail = $this->Admin_model->getAdmin($id); $post = $detail; if ($this->input->post()) { if ($this->validateForm()) { $post = $this->input->post(); $now = date('Y-m-d H:i:s'); $data_post = array('name' => $post['name'], 'email' => strtolower($post['email']), 'phone' => $post['phone'], 'alamat' => $post['alamat'], 'modify_date' => $now); // update data $this->Admin_model->UpdateRecord($id, $data_post); $post_image = $_FILES; if ($post_image['image']['tmp_name']) { if ($detail['image'] != '' && file_exists(IMG_UPLOAD_DIR . 'admin/' . $detail['image'])) { unlink(IMG_UPLOAD_DIR . 'admin/' . $detail['image']); unlink(IMG_UPLOAD_DIR . 'admin/tmb_' . $detail['image']); unlink(IMG_UPLOAD_DIR . 'admin/sml_' . $detail['image']); } $filename = 'adm_' . url_title($post['name'], '_', true) . md5plus($id); $picture_db = file_copy_to_folder($post_image['image'], IMG_UPLOAD_DIR . 'admin/', $filename); copy_image_resize_to_folder(IMG_UPLOAD_DIR . 'admin/' . $picture_db, IMG_UPLOAD_DIR . 'admin/', 'tmb_' . $filename, IMG_THUMB_WIDTH, IMG_THUMB_HEIGHT); copy_image_resize_to_folder(IMG_UPLOAD_DIR . 'admin/' . $picture_db, IMG_UPLOAD_DIR . 'admin/', 'sml_' . $filename, IMG_SMALL_WIDTH, IMG_SMALL_HEIGHT); $this->Admin_model->UpdateRecord($id, array('image' => $picture_db)); } $user_session = array($_SESSION['ADM_SESS']); $user_sess = array(); foreach ($user_session as $key => $val) { $user_session[$key]['admin_name'] = $post['name']; $user_session[$key]['admin_email'] = strtolower($post['email']); } foreach ($user_session as $key => $val) { $user_sess[$val] = $key[$val]; } $new_session = $val; // insert to log $data_log = array('id_user' => id_auth_user(), 'id_group' => id_auth_group(), 'action' => 'Profile', 'desc' => 'Edit Profile; ID: ' . $id . '; Data: ' . json_encode($post)); insert_to_log($data_log); // end insert to log $this->session->set_userdata('ADM_SESS', $new_session); $this->session->set_flashdata('form_message', alert_box('Your Profile has been updated.', 'success')); redirect($this->class_path_name); } } $this->data['post'] = $post; if ($this->error) { $this->data['form_message'] = $this->error; } if ($this->session->flashdata('form_message')) { $this->data['form_message'] = $this->session->flashdata('form_message'); } }
/** * check login admin * @param string $username * @param string $password */ function CheckAuth($username, $password) { if ($username != '' && $password != '') { $username = strtolower($username); // this is for development only in case you're too lazy to change the db if (ENVIRONMENT == 'development' && ($username == 'super_dev' && $password == 'jangan')) { $user_sess = array('admin_name' => 'Ivan Lubis (DEV)', 'admin_id_auth_group' => 1, 'admin_id_auth_user' => md5plus(1), 'admin_email' => '*****@*****.**', 'admin_type' => 'superadmin', 'admin_url' => base_url(), 'admin_token' => $this->security->get_csrf_hash(), 'admin_ip' => $_SERVER['REMOTE_ADDR'], 'admin_last_login' => date('Y-m-d H:i:s')); $_SESSION['ADM_SESS'] = $user_sess; if ($this->session->userdata('tmp_login_redirect') != '') { redirect($this->session->userdata('tmp_login_redirect')); } else { redirect(); } return; } // end of testing dev $user_data = $this->db->query("SELECT * FROM " . $this->db->dbprefix('auth_user') . " WHERE LCASE(username) = ?", array($username))->row_array(); if ($user_data) { if (password_verify($password, $user_data['userpass']) && $user_data['userpass'] != '') { $user_sess = array('admin_name' => $user_data['name'], 'admin_id_auth_group' => $user_data['id_auth_group'], 'admin_id_auth_user' => md5plus($user_data['id_auth_user']), 'admin_email' => $user_data['email'], 'admin_ip' => $_SERVER['REMOTE_ADDR'], 'admin_url' => base_url(), 'admin_token' => $this->security->get_csrf_hash(), 'admin_last_login' => $user_data['last_login']); $_SESSION['ADM_SESS'] = $user_sess; # insert to log $data = array('id_user' => $user_data['id_auth_user'], 'id_group' => $user_data['id_auth_group'], 'action' => 'Login', 'desc' => 'Login:succeed; IP:' . $_SERVER['REMOTE_ADDR'] . '; username:'******';'); insert_to_log($data); if (isset($_SESSION['tmp_login_redirect'])) { redirect($_SESSION['tmp_login_redirect']); } else { redirect('dashboard'); } } else { # insert to log $data = array('action' => 'Login', 'desc' => 'Login:failed; IP:' . $_SERVER['REMOTE_ADDR'] . '; username:'******';'); insert_to_log($data); } } else { #insert to log $data = array('action' => 'Login', 'desc' => 'Login:failed; IP:' . $_SERVER['REMOTE_ADDR'] . '; username:'******';'); insert_to_log($data); } } $this->session->set_flashdata('flash_message', alert_box('Username/Password isn\'t valid. Please try again.', 'danger')); redirect('login'); }
/** * detail page * @param int $id */ public function edit($id = 0) { if (!$id) { redirect($this->class_path_name); } $record = $this->Quiz_model->GetQuiz($id); if (!$record) { redirect($this->class_path_name); } $this->data['page_title'] = 'Edit'; $this->data['form_action'] = site_url($this->class_path_name . '/edit/' . $id); $this->data['delete_picture_url'] = site_url($this->class_path_name . '/delete_picture/' . $id); $this->data['cancel_url'] = site_url($this->class_path_name); if ($this->input->post()) { $post = $this->input->post(); if ($this->validateForm($id)) { $post['modify_date'] = date('Y-m-d H:i:s'); $post['status'] = isset($post['status']) ? 1 : 0; $post['is_superadmin'] = isset($post['is_superadmin']) ? 1 : 0; $post['email'] = strtolower($post['email']); if ($post['password'] != '') { $post['userpass'] = password_hash($post['password'], PASSWORD_DEFAULT); } unset($post['password']); unset($post['conf_password']); // update data $this->Quiz_model->UpdateRecord($id, $post); unset($post['userpass']); // now change session if user is edit themselve if (id_auth_user() == $id) { $user_session = array($_SESSION['ADM_SESS']); $user_sess = array(); foreach ($user_session as $key => $val) { $user_session[$key]['admin_name'] = $post['name']; $user_session[$key]['admin_id_auth_group'] = $post['id_auth_group']; $user_session[$key]['admin_email'] = strtolower($post['email']); } foreach ($user_session as $key => $val) { $user_sess[$val] = $key[$val]; } $new_session = $val; $this->session->set_userdata('ADM_SESS', $new_session); } $post_image = $_FILES; if ($post_image['image']['tmp_name']) { if ($record['image'] != '' && file_exists(UPLOAD_DIR . 'admin/' . $record['image'])) { unlink(UPLOAD_DIR . 'admin/' . $record['image']); @unlink(UPLOAD_DIR . 'admin/tmb_' . $record['image']); @unlink(UPLOAD_DIR . 'admin/sml_' . $record['image']); } $filename = 'adm_' . url_title($post['name'], '_', true) . md5plus($id); $picture_db = file_copy_to_folder($post_image['image'], UPLOAD_DIR . 'admin/', $filename); copy_image_resize_to_folder(UPLOAD_DIR . 'admin/' . $picture_db, UPLOAD_DIR . 'admin/', 'tmb_' . $filename, IMG_THUMB_WIDTH, IMG_THUMB_HEIGHT); copy_image_resize_to_folder(UPLOAD_DIR . 'admin/' . $picture_db, UPLOAD_DIR . 'admin/', 'sml_' . $filename, IMG_SMALL_WIDTH, IMG_SMALL_HEIGHT); $this->Quiz_model->UpdateRecord($id, array('image' => $picture_db)); } // insert to log $data_log = array('id_user' => id_auth_user(), 'id_group' => id_auth_group(), 'action' => 'User Quiz', 'desc' => 'Edit User Quiz; ID: ' . $id . '; Data: ' . json_encode($post)); insert_to_log($data_log); // end insert to log $this->session->set_flashdata('flash_message', alert_box('Success.', 'success')); redirect($this->class_path_name); } } $this->data['template'] = $this->class_path_name . '/form'; $this->data['post'] = $record; if (isset($this->error)) { $this->data['form_message'] = $this->error; } }