$contactsNew = new Contacts();
$contactsNew->setFname($_POST['fname']);
$contactsNew->setSname($_POST['sname']);
$contactsNew->setCo_name($_POST['co_name']);
$contactsNew->setRole($_POST['role']);
$contactsNew->setCustid($_POST['custid']);
$contactsNew->setSuppid($_POST['suppid']);
$contactsNew->setAddsid($addsid);
$contactsNew->setNotes($_POST['notes']);
$contactId = $contactsNew->insertIntoDB();
// Insert into DB
$pwdNew = new Pwd();
$pwdNew->setUsr($logon);
$pwdNew->setContactsid($contactId);
$pwdNew->setSeclev(100);
$pwdNew->setPw(mkPwd($pw));
file_put_contents('/etc/athenace/pwd', "{$_POST['custid']}\t{$_POST['suppid']}\t{$logon}\t{$pw}\n", FILE_APPEND);
// Dont add to the Password table unless they have a custid or a suppid
if (isset($_POST['custid']) && $_POST['custid'] > 0 || isset($_POST['suppid']) && $_POST['suppid'] > 0) {
$pwdNew->insertIntoDB();
} else {
// Not adding to passwd table
// i.e contacts not associated with a customer or supplier cant log in
}
$logresult = logEvent(6, $logContent);
header("Location: /contacts/?Added=" . $result['id']);
exit;
}
include "../tmpl/header.php";
if (isset($_GET['FromAddCustomer'])) {
?>
public function register()
{
$request = $this->getHeaderBody();
$userModel = new User();
//验证手机 模拟通过
if (!$request->key) {
sendMsg('KEY NOT FIND', 1);
}
$phone = $this->mCache->get($request->key);
if (!$phone) {
sendMsg('KEY ERROR', 1);
}
if ($userModel->issetPhone($phone['phone'])) {
sendMsg('PHONE USED', 1);
}
//清理key
$this->mCache->delete($request->key);
$userModel = new User();
$createData = ['phone' => $phone['phone'], 'registerTime' => new MongoDate(), 'registerIP' => $this->request->getClientAddress()];
foreach ($request as $key => $val) {
if (in_array($key, ['phone', 'password', 'userName', 'sex'])) {
$createData[$key] = $val;
}
if ($key == 'password') {
$createData[$key] = mkPwd($val);
}
//头像
if ($key == 'headerimg' && file_exists(TEMP_PATH . '/' . $val)) {
if (copy(TEMP_PATH . '/' . $val, HEADERIMG_PATH . '/' . $val)) {
$createData['headImg'] = $val;
}
}
}
$res = $userModel->createUser($createData);
if ($res) {
//注册EM账户密码
EM::onConstruct($this->config->em_conf);
$imUser = EM::createUser();
if ($imUser) {
$imUser['userId'] = $res;
$userModel->create_imuser($imUser);
}
sendMsg("OK");
} else {
sendMsg('NOT CREATE', 1);
}
}
}
}
if (isset($_GET['go']) && $_GET['go'] == "y") {
$logContent = "";
$pw = generatePassword();
// Add to Address table
$addsid = db_addAddress($_POST);
# Insert into DB
$staffNew = new Staff();
$staffNew->setFname($_POST['fname']);
$staffNew->setSname($_POST['sname']);
$staffNew->setAddsid($addsid);
$staffNew->setJobtitle($_POST['jobtitle']);
$stfid = $staffNew->insertIntoDB();
$usr = generateStafflogon($_POST['fname'], $_POST['sname']);
$staffPwd = mkPwd($pw);
# Insert Pwd into DB
$pwdNew = new Pwd();
$pwdNew->setUsr($usr);
$pwdNew->setStaffid($stfid);
$pwdNew->setPw($staffPwd);
$pwdNew->insertIntoDB();
file_put_contents('/etc/athenace/pwd', "Staff\t{$stfid}\t{$usr}\t{$pw}\n", FILE_APPEND);
$logresult = logEvent(15, $logContent);
$done = 1;
}
include "../tmpl/header.php";
if ($done) {
?>
<h1>New staff member has been added</h1>
<h2>Write down the password now. It cannot be found anywhere else.</h2>
$errors[] = 'npw1';
} elseif (!chkLowercase($_POST['npw1'])) {
$pwhelp = 'No lower case letters in password';
$errors[] = 'npw1';
} elseif (!chkUppercase($_POST['npw1'])) {
$pwhelp = 'No upper case letters in password';
$errors[] = 'npw1';
} elseif (!chkDigit($_POST['npw1'])) {
$pwhelp = 'No numbers in password';
$errors[] = 'npw1';
} elseif ($_POST['npw1'] != $_POST['npw2']) {
$pwhelp = 'New passwords are not the same';
$errors[] = 'npw1';
}
if (empty($errors)) {
$newPwd = mkPwd($_POST['npw1']);
$pwdid = getContactPwdID($contactsID);
// Update DB
$pwdUpdate = new Pwd();
$pwdUpdate->setPwdid($pwdid);
$pwdUpdate->setPw($newPwd);
$pwdUpdate->updateDB();
$logresult = logEvent(33, $logContent);
$token = base64_encode(encrypt($rrt->usr . "|" . $_POST['npw1']));
header("Location: /pass.php?t={$token}");
}
}
include "tmpl/header.php";
?>
<ol>
} elseif (!chkLowercase($_POST['npw1'])) {
$pwhelp = 'No lower case letters in password';
$pw_errors[] = 'npw1';
} elseif (!chkUppercase($_POST['npw1'])) {
$pwhelp = 'No upper case letters in password';
$pw_errors[] = 'npw1';
} elseif (!chkDigit($_POST['npw1'])) {
$pwhelp = 'No numbers in password';
$pw_errors[] = 'npw1';
} elseif ($_POST['npw1'] != $_POST['npw2']) {
$pwhelp = 'New passwords are not the same';
$pw_errors[] = 'npw1';
}
$stfid = $_POST['stfid'];
if (empty($pw_errors)) {
$cryptPwd = mkPwd($_POST['npw1']);
# Update DB
$pwdUpdate = new Pwd();
$pwdUpdate->setUsr($rrt->usr);
$pwdUpdate->setPw($cryptPwd);
$result = $pwdUpdate->updateDB();
$logresult = logEvent(33, $logContent);
$done = 1;
}
}
$pagetitle = "staff";
include "../tmpl/header.php";
?>
<h1>Staff Log In</h1>
<?php
$r = $q[0];
if (!empty($q)) {
$dbPwd = mkPwd($_POST['pw']);
$pwdid = getStaffEmailPwdID($email);
// Update DB
$pwdUpdate = new Pwd();
$pwdUpdate->setPwdid($pwdid);
$pwdUpdate->setPw($dbPwd);
$pwdUpdate->updateDB();
$pw_changed++;
} else {
$sqltext = "SELECT contactsid FROM contacts,address WHERE email=? AND contacts.addsid=address.addsid";
$q = $db->select($sqltext, array($email, 's'));
$r = $q[0];
if (!empty($q)) {
$dbPwd = mkPwd($_POST['pw']);
$pwdid = getContactsEmailPwdID($email);
// Update DB
$pwdUpdate = new Pwd();
$pwdUpdate->setPwdid($pwdid);
$pwdUpdate->setPw($dbPwd);
$pwdUpdate->updateDB();
$pw_changed++;
}
}
}
if ($pw_changed) {
header("Location: /login.php?pwch=y");
exit;
}
}
