public static function search_query($keyword = '', $category = '')
{
if (isset($_GET)) {
$keyword_clean = mysqli_real_escape_string(db_connect(), $keyword);
$category_clean = mysqli_real_escape_string(db_connect(), $category);
if ($category_clean === 'post') {
$search_results = db_select("SELECT * FROM post WHERE title LIKE '%" . $keyword_clean . "%' OR body LIKE '%" . $keyword_clean . "%'");
} elseif ($category_clean === 'category') {
$search_results = db_select("SELECT * FROM category WHERE title LIKE '%" . $keyword_clean . "%' OR description LIKE '%" . $keyword_clean . "%'");
} elseif ($category_clean === 'page') {
$search_results = db_select("SELECT * FROM page WHERE title LIKE '%" . $keyword_clean . "%' OR body LIKE '%" . $keyword_clean . "%'");
} elseif ($category_clean === 'upload') {
$search_results = db_select("SELECT * FROM upload WHERE filename LIKE '%" . $keyword_clean . "%' OR filetype LIKE '%" . $keyword_clean . "%' OR filepath LIKE '%" . $keyword_clean . "%'");
} elseif ($category_clean === 'user') {
$search_results = db_select("SELECT * FROM user WHERE username LIKE '%" . $keyword_clean . "%'");
} else {
// ALL
$search = new Search();
$search_results = $search->searchAllDB($keyword_clean);
//print_r($search_results);
}
} else {
$search_results = '';
$flash = new Flash();
$flash->flash('flash_message', 'No keyword entered!', 'danger');
}
return $search_results;
}
public static function contact($email_subject = '', $email_name = '', $email_address = '', $email_message = '')
{
if (isset($_POST['g-recaptcha-response'])) {
$captcha = $_POST['g-recaptcha-response'];
}
$response = json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=" . CAPTCHA_SECRET . "&response=" . $captcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']), true);
if ($response['success'] == false) {
$flash = new Flash();
$flash->flash('flash_message', 'Captcha field not filled out!', 'warning');
header("Location: " . BASE_URL . '/contact/');
} else {
$to = CONTACT_EMAIL;
$from = $email_address;
//$to = "".$email_address.", somebodyelse@example.com";
$message = "<html>\n <head>\n <title>" . $email_subject . "</title>\n </head>\n <body style='background:#000; font-family: 'Arial', sans-serif;'>\n<div style='width: 800px; margin: 0 auto; border: 2px solid #CCC; border-radius: 5px; background: #FFF;'>\n From: " . $email_name . "<br />\n Email: " . $email_address . "<br />\n Message: " . htmlspecialchars($email_message) . "\n </div>\n </body>\n </html>\n ";
// Always set content-type when sending HTML email
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
// More headers
$headers .= 'From: ' . $from . '' . "\r\n";
//$headers .= 'Cc: myboss@example.com' . "\r\n";
mail($to, $email_subject, $message, $headers);
$flash = new Flash();
$flash->flash('flash_message', 'Form submitted! Someone will get back to you shortly.');
header("Location: " . BASE_URL . '/contact/');
}
}
public static function page_delete($id)
{
if (empty($id)) {
header("Location: " . BASE_URL . '/admin/pages');
} else {
db_query("DELETE FROM page WHERE id = " . $id);
$flash = new Flash();
$flash->flash('flash_message', 'Page deleted!');
header("Location: " . BASE_URL . '/admin/pages/');
}
}
public static function navigation_delete($id)
{
if (empty($id)) {
$flash = new Flash();
$flash->flash('flash_message', 'Navigation item does not exist!', 'warning');
header("Location: " . BASE_URL . '/admin/navigation/');
} else {
db_query("DELETE FROM navigation WHERE id = " . $id);
$flash = new Flash();
$flash->flash('flash_message', 'Navigation item deleted!');
header("Location: " . BASE_URL . '/admin/navigation/');
}
}
public static function post_delete($id)
{
if (empty($id)) {
$flash = new Flash();
$flash->flash('flash_message', 'Post does not exist!', 'warning');
header("Location: " . BASE_URL . '/admin/posts/');
} else {
db_query("DELETE FROM post WHERE id = " . $id);
$flash = new Flash();
$flash->flash('flash_message', 'Post deleted!');
header("Location: " . BASE_URL . '/admin/posts/');
}
}
public static function category_delete($id)
{
if (empty($id)) {
$flash = new Flash();
$flash->flash('flash_message', 'Category does not exist!', 'warning');
header("Location: " . BASE_URL . '/admin/categories/');
} else {
db_query("DELETE FROM category WHERE id = " . $id);
$flash = new Flash();
$flash->flash('flash_message', 'Category deleted!');
header("Location: " . BASE_URL . '/admin/categories/');
}
}
public static function getInstance()
{
if (!self::$instance) {
self::$instance = new Flash();
}
return self::$instance;
}
public function view_allocations()
{
$flash = Flash::Instance();
$collection = new SLTransactionCollection($this->_templateobject);
$this->_templateobject->setAdditional('payment_value', 'numeric');
$allocation = DataObjectFactory::Factory('SLAllocation');
$allocationcollection = new SLAllocationCollection($allocation);
$collection->_tablename = $allocationcollection->_tablename;
$sh = $this->setSearchHandler($collection);
$fields = array("our_reference||'-'||transaction_type as id", 'customer', 'slmaster_id', 'transaction_date', 'transaction_type', 'our_reference', 'ext_reference', 'currency', 'gross_value', 'allocation_date');
$sh->setGroupBy($fields);
$fields[] = 'sum(payment_value) as payment_value';
$sh->setFields($fields);
if (isset($this->_data['trans_id'])) {
$allocation->identifierField = 'allocation_id';
$cc = new ConstraintChain();
$cc->add(new Constraint('transaction_id', '=', $this->_data['trans_id']));
$alloc_ids = $allocation->getAll($cc);
if (count($alloc_ids) > 0) {
$sh->addConstraint(new Constraint('allocation_id', 'in', '(' . implode(',', $alloc_ids) . ')'));
} else {
$flash->addError('Error loading allocation');
sendBack();
}
}
parent::index($collection, $sh);
$this->view->set('collection', $collection);
$this->view->set('invoice_module', 'sales_invoicing');
$this->view->set('invoice_controller', 'sinvoices');
$this->view->set('clickaction', 'view');
$this->view->set('clickcontroller', 'slcustomers');
$this->view->set('linkvaluefield', 'slmaster_id');
}
public static function getFlashes()
{
self::$init();
$copy = self::$flashes;
self::$flashes = array();
return $copy;
}
public function removeMember(Request $request)
{
$classroom = Classroom::findOrFail($request->classroom_id);
$classroom->students()->detach($request->user_id);
\Flash::success('User berhasil dihapus dari kelas.');
return redirect()->back();
}
public function settings()
{
$errors = false;
if (get_request_method() == 'POST') {
$data = $_POST['settings'];
$settings = array();
$settings['filemanager_base'] = preg_replace('/\\s+/', '', $data['filemanager_base']);
$settings['filemanager_base'] = trim($settings['filemanager_base'], '/');
$settings['filemanager_view'] = isset($data['filemanager_view']) ? $data['filemanager_view'] : 'grid';
// image extensions
if (isset($data['filemanager_images'])) {
$settings['filemanager_images'] = serialize($data['filemanager_images']);
} else {
$errors[] = __("You need to select at least one image extension!");
}
$settings['filemanager_upload_size'] = !empty($data['filemanager_upload_size']) && is_numeric($data['filemanager_upload_size']) ? $data['filemanager_upload_size'] : '0';
$settings['filemanager_dateformat'] = !empty($data['filemanager_dateformat']) ? trim($data['filemanager_dateformat']) : 'd M Y H:i';
$booleans = array('filemanager_enabled', 'filemanager_browse_only', 'filemanager_upload_overwrite', 'filemanager_upload_images_only');
foreach ($booleans as $bool) {
$settings[$bool] = isset($data[$bool]) && $data[$bool] == 1 ? '1' : '0';
}
if (Plugin::setAllSettings($settings, 'ckeditor')) {
Flash::setNow('success', 'Settings were updated successfully');
} else {
$errors[] = __("There was a problem saving the settings.");
}
} else {
$settings = Plugin::getAllSettings('ckeditor');
}
if ($errors !== false) {
Flash::setNow('error', implode('<br/>', $errors));
}
$this->display('settings', array('settings' => $settings));
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return Response
*/
public function destroy($id)
{
$member = BoardMember::findOrFail($id);
$member->delete();
\Flash::success('Bestuurslid verwijderd');
return redirect('admin/board_members');
}
function populate()
{
if (!isModuleAdmin()) {
$flash = Flash::Instance();
$flash->addError('You don\'t have permission to view the Sales Team summary EGlets');
$this->should_render = false;
return false;
}
$db =& DB::Instance();
$query = 'SELECT s.id,s.name FROM opportunitystatus s WHERE usercompanyid=' . $db->qstr(EGS_COMPANY_ID) . ' ORDER BY position DESC';
$statuses = $db->GetAssoc($query);
$query = 'SELECT DISTINCT assigned FROM opportunities o WHERE o.usercompanyid=' . EGS_COMPANY_ID . ' AND extract(\'' . $this->timeframe . '\' FROM o.enddate)=extract(\'' . $this->timeframe . '\' FROM now())';
$users = $db->GetCol($query);
$options = array();
foreach ($users as $username) {
if (empty($username)) {
continue;
}
$data = array();
foreach ($statuses as $id => $status) {
$query = 'SELECT COALESCE(sum(cost),0) FROM opportunities o WHERE o.assigned=' . $db->qstr($username) . ' AND o.status_id=' . $db->qstr($id) . ' AND o.usercompanyid=' . EGS_COMPANY_ID . ' AND extract(\'' . $this->timeframe . '\' FROM o.enddate)=extract(\'' . $this->timeframe . '\' FROM now())';
$data['x'][] = $status;
$data['y'][] = (double) $db->GetOne($query);
}
$options['seriesList'][] = array('label' => $username, 'legendEntry' => TRUE, 'data' => $data);
}
if (!isset($options['seriesList']) || empty($options['seriesList'])) {
return false;
}
$options['type'] = 'bar';
$options['identifier'] = __CLASS__ . $this->timeframe;
$this->contents = json_encode($options);
}
/**
* In this function, most actions of the module are carried out and the page generation is started, distibuted and rendered.
* @return void
* @see solidbase/lib/Page#run()
*/
function run()
{
global $Templates, $USER, $CONFIG, $Controller, $DB;
if (!$this->may($USER, READ | EDIT)) {
errorPage('401');
return false;
}
/**
* User input types
*/
$_REQUEST->setType('order', 'numeric', true);
$_REQUEST->setType('expand', 'bool');
$_REQUEST->setType('del', 'numeric');
if ($_REQUEST['del']) {
if ($Controller->{$_REQUEST['del']} && $Controller->{$_REQUEST['del']}->delete()) {
Flash::create(__('Newsitem removed'), 'confirmation');
}
}
/**
* Here, the page request and permissions decide what should be shown to the user
*/
$this->setContent('header', __('News'));
$this->setContent('main', $this->mainView());
$Templates->admin->render();
}
/**
* validate email address
* @param string $val
* @param string $context
* @param bool $mx
* @return bool
*/
function email($val, $context = null, $mx = true)
{
$valid = true;
if (!$context) {
$context = 'error.validation.email';
}
if (!empty($val)) {
if (!\Audit::instance()->email($val, false)) {
$val = NULL;
if (!$this->f3->exists($context . '.invalid', $errText)) {
$errText = 'e-mail is not valid';
}
$this->f3->error(400, $errText);
$valid = false;
} elseif ($mx && !\Audit::instance()->email($val, true)) {
$val = NULL;
if (!$this->f3->exists($context . '.host', $errText)) {
$errText = 'unknown mail mx.host';
}
$this->f3->error(400, $errText);
$valid = false;
}
}
if (!$valid) {
\Flash::instance()->setKey($context, 'has-error');
}
return $valid;
}
public function detachFrom(Request $request)
{
$this->validate($request, ['classroom_id' => 'required', 'assignment_id' => 'required'], ['required' => 'Kolom :attribute diperlukan']);
Assignment::findOrFail($request->assignment_id)->classrooms()->detach($request->classroom_id);
\Flash::success('Tugas berhasil batalkan.');
return redirect()->back();
}
/**
* Store a newly created resource in storage.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function store(MembershipApplicationRequest $request)
{
//dd($request->all());
MemApplicant::create($request->all());
Flash::success('Application recieved. Please wait for confirmation');
return redirect('/');
}
public function route_makeRequest()
{
$type = pluralize(strip_tags($_GET['type']));
set_time_limit(0);
$fp = fopen("../{$type}/latest.zip", 'w+');
$url = str_replace(" ", "%20", strip_tags($_GET['url']));
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_TIMEOUT, 50);
curl_setopt($ch, CURLOPT_FILE, $fp);
# write curl response to file
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_exec($ch);
curl_close($ch);
fclose($fp);
$zip = new ZipArchive();
if ($zip->open("../{$type}/latest.zip") == true) {
mkdir("../{$type}/latest", 0777);
$zip->extractTo("../{$type}/latest");
$zip->close();
$handle = opendir("../{$type}/latest");
if ($handle) {
while (($file = readdir($handle)) !== false) {
if (is_dir("../{$type}/latest/{$file}")) {
if ($file != '.' and $file != '..') {
rename("../{$type}/latest/{$file}", "../{$type}/{$file}");
}
}
}
}
$this->rrmdir("../{$type}/latest");
unlink("../{$type}/latest.zip");
$this->rrmdir("../{$type}/__MACOSX");
}
Flash::notice(__("Extension downloaded successfully.", "extension_manager"), "/admin/?action=extend_manager");
}
function add_to_gallery()
{
$gallery_peer = new GalleryPeer();
$gallery = $gallery_peer->find_by_id(Params::get("id_gallery"));
$collection_peer = new GalleryCollectionPeer();
$gallery_collection = $collection_peer->find_by_id($gallery->id_gallery_collection);
$full_folder_path = GalleryCollectionController::GALLERY_COLLECTION_ROOT_DIR . $gallery_collection->folder . "/" . $gallery->folder;
if (Upload::isUploadSuccessful("file")) {
$filename = Random::newHexString() . "_" . Upload::getRealFilename("file");
$gallery_dir = new Dir($full_folder_path);
$uploaded_img = Upload::saveTo("file", $gallery_dir, $filename);
if (isset(Config::instance()->GALLERY_RESIZE_BY_WIDTH)) {
image_w($uploaded_img->getPath(), Config::instance()->GALLERY_RESIZE_BY_WIDTH);
} else {
if (isset(Config::instance()->GALLERY_RESIZE_BY_HEIGHT)) {
image_h($uploaded_img->getPath(), Config::instance()->GALLERY_RESIZE_BY_HEIGHT);
}
}
$peer = new GalleryImagePeer();
$do = $peer->new_do();
$peer->setupByParams($do);
$do->image_name = $filename;
$peer->save($do);
return Redirect::success();
} else {
Flash::error(Upload::getUploadError("file"));
return Redirect::failure();
}
}
/**
* Unfollow a user
*
* @param $userIdToUnfollow
* @return Response
*/
public function destroy($userIdToUnfollow)
{
$input = array_add(Input::all(), 'userId', Auth::id());
$this->execute(UnfollowUserCommand::class, $input);
Flash::success("You have now unfollowed this user.");
return Redirect::back();
}
public function create_user()
{
// If there are no users then let's create one.
$db = Database::get_instance();
$db->query('SELECT * FROM `users` LIMIT 1');
if ($db->has_rows() && !Auth::get_instance()->logged_in()) {
Flash::set('<p class="flash validation">Sorry but to create new users, you must be logged in.</p>');
Core_Helpers::redirect(WEB_ROOT . 'login/');
}
$validator = Error::instance();
if (isset($_POST['email'])) {
$validator->email($_POST['email'], 'email');
$validator->blank($_POST['username'], 'username');
$validator->blank($_POST['password'], 'password');
$validator->passwords($_POST['password'], $_POST['confirm_password'], 'confirm_password');
$user = new Users();
if ($user->select(array('username' => $_POST['username']))) {
$validator->add('username', 'The username <strong>' . htmlspecialchars($_POST['username']) . '</strong> is already taken.');
}
if ($validator->ok()) {
$user = new Users();
$user->load($_POST);
$user->level = 'admin';
$user->insert();
Flash::set('<p class="flash success">User created successfully.</p>');
Core_Helpers::redirect(WEB_ROOT . 'login/');
}
}
$this->data['error'] = $validator;
$this->load_template('create_user');
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function destroy($id)
{
$notule = Notule::findOrFail($id);
$notule->delete();
\Flash::success('Notule verwijderd');
return redirect('admin/notulen');
}
public function save()
{
if (!$this->checkParams($this->modeltype)) {
sendBack();
}
$flash = Flash::Instance();
$errors = array();
$contains = array();
foreach ($this->_data[$this->modeltype] as $key => $packinglist) {
if (is_array($packinglist) && isset($packinglist['contains'])) {
if ($packinglist['contains'] > $packinglist['available']) {
$errors[] = 'Pack qty for ' . $key . ' exceeds that available for packing';
} else {
$contains[$key] = $packinglist['contains'];
}
}
}
$this->_data[$this->modeltype]['contents'] = base64_encode(serialize($contains));
if (count($errors) == 0 && parent::save($this->modeltype)) {
sendTo('sorders', 'view', $this->_modules, array('id' => $this->_data[$this->modeltype]['order_id']));
} else {
$flash->addErrors($errors);
$this->_data['order_id'] = $this->_data[$this->modeltype]['order_id'];
$this->refresh();
}
}
protected final function initialize()
{
$controller = Router::get("controller");
$action = Router::get("action");
$ruta = $controller . "/" . $action;
$tipousuario = Auth::get("tipousuario");
if (Auth::is_valid()) {
if ($tipousuario == "alumno") {
if ($ruta != "perfil/index" and $ruta != "perfil/logout" and $ruta != "asistencia/alumno") {
Flash::warning("Acceso Denegado");
Router::redirect("perfil/");
}
}
if ($tipousuario == "docente") {
$permisos = array("perfil/actualizar", "perfil/cambiarpass", "perfil/index", "perfil/programarevaluaciones", "calificar/grupo", "perfil/logout", "asistencia/index", "asistencia/agregar_asistencia");
if (!in_array($ruta, $permisos)) {
Flash::warning("Acceso Denegado");
Router::redirect("perfil/");
}
}
} else {
if ($ruta != 'index/index' and $ruta != 'perfil/logout') {
Flash::warning("Acceso Denegado");
Router::redirect("index/index");
}
}
}
public function save()
{
$flash = Flash::Instance();
$errors = array();
$data = $this->_data[$this->modeltype];
$obj = '';
if (!empty($data['task_id'])) {
$obj = new Task();
$obj->load($data['task_id']);
} elseif (!empty($data['project_id'])) {
$obj = new Project();
$obj->load($data['project_id']);
}
if ($obj instanceof DataObject && $obj->isLoaded()) {
if (fix_date($data['start_date']) < $obj->start_date) {
$errors['start_date'] = 'Start date before ' . get_class($obj) . ' start date';
}
if (fix_date($data['end_date']) > $obj->end_date) {
$errors['end_date'] = 'End date after ' . get_class($obj) . ' end date';
}
}
if (!empty($data['person_id']) && $data['quantity'] > 1) {
$errors['person_id'] = 'Quantity must be 1 for a person';
}
if (count($errors) == 0 && parent::save($this->modeltype, '', $errors)) {
sendBack();
} else {
$flash->addErrors($errors);
$this->refresh();
}
}
/**
* Function: set
* Adds or replaces a configuration setting with the given value.
*
* Parameters:
* $setting - The setting name.
* $value - The value.
* $overwrite - If the setting exists and is the same value, should it be overwritten?
*/
public function set($setting, $value, $overwrite = true)
{
if (isset($this->{$setting}) and $this->{$setting} == $value and !$overwrite) {
return false;
}
if (isset($this->file) and file_exists($this->file)) {
$contents = str_replace("<?php header(\"Status: 403\"); exit(\"Access denied.\"); ?>\n", "", file_get_contents($this->file));
$this->yaml = YAML::load($contents);
}
# Add the setting
$this->yaml[$setting] = $this->{$setting} = $value;
if (class_exists("Trigger")) {
Trigger::current()->call("change_setting", $setting, $value, $overwrite);
}
# Add the PHP protection!
$contents = "<?php header(\"Status: 403\"); exit(\"Access denied.\"); ?>\n";
# Generate the new YAML settings
$contents .= YAML::dump($this->yaml);
if (!@file_put_contents(INCLUDES_DIR . "/config.yaml.php", $contents)) {
Flash::warning(_f("Could not set \"<code>%s</code>\" configuration setting because <code>%s</code> is not writable.", array($setting, "/includes/config.yaml.php")));
return false;
} else {
return true;
}
}
public static function instance()
{
if (Flash::$instance === NULL) {
Flash::$instance = new Flash();
}
return Flash::$instance;
}
/**
* Remove the specified resource from storage.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function destroy($id)
{
$example = Example::findOrFail($id);
$example->delete();
\Flash::success('Voorbeeld verwijderd');
return redirect('admin/examples');
}
public function actionSend($name = null)
{
if (defined('DISABLE_MESSAGING') && DISABLE_MESSAGING) {
throw new Lvc_Exception('Messaging disabled', 404);
}
$active_user = User::require_active_user();
$this->setLayoutVar('active_user', $active_user);
if (is_null($name)) {
throw new Lvc_Exception('Null username on send action');
}
if ($user = User::find(array('name' => $name))) {
if (!empty($this->post['submit'])) {
$subject = $this->post['subject'];
$body = $this->post['body'];
$result = Message::send($user, $subject, $body, $active_user);
if ($result['status']) {
Flash::set('success', $result['message']);
$this->redirect('/message/inbox');
die;
} else {
Flash::set('failure', $result['message']);
}
$this->setVar('subject', $subject);
$this->setVar('body', $body);
}
$this->setVar('to_user', $user);
} else {
throw new Lvc_Exception('User Not Found: ' . $name);
}
}
public function subir($contrato_id)
{
$this->contrato = $contrato_id;
if (Input::hasPost('oculto')) {
//para saber si se envió el form
$_FILES['archivo']['name'] = date("Y_m_d_H_i_s_") . $_FILES['archivo']['name'];
$archivo = Upload::factory('archivo');
//llamamos a la libreria y le pasamos el nombre del campo file del formulario
$archivo->setExtensions(array('pdf'));
//le asignamos las extensiones a permitir
$url = '/files/upload/';
$archivo->setPath(getcwd() . $url);
if ($archivo->isUploaded()) {
if ($archivo->save()) {
Flash::valid('Archivo subido correctamente!!!');
$nuevo_documento = new Documentos(Input::post("documentos"));
// $nuevo_documento->contratos_id = $contrato_id;
// $nuevo_documento->subido_por = Auth::get("id");
// $nuevo_documento->tipo_documento = ;
$nuevo_documento->url = $url . $_FILES['archivo']['name'];
if ($nuevo_documento->save()) {
Flash::valid("Documento Guardado");
} else {
Flash::error("No se pudo guardar el documento");
}
}
} else {
Flash::warning('No se ha Podido Subir el Archivo...!!!');
}
}
}