public function delete($pkey, $method = "echo") { _has_user_access_permission(TRUE, array('admin', 'management_company', 'user_company')); $params = ($params = unserialize_object($pkey)) && is_array($params) ? $params : array(); $company_id = $this->current_user->group_id == 1 ? $this->_post_args('company_id', ARGS_TYPE_INT, array_key_exists(SYS_COMPANY_ID, $params) && gtzero_integer($params[SYS_COMPANY_ID]) ? to_int($params[SYS_COMPANY_ID]) : 0) : $this->current_user->company_id; $client_id = isset($params[SYS_CLIENT_ID]) && gtzero_integer($params[SYS_CLIENT_ID]) ? (int) $params[SYS_CLIENT_ID] : 0; $redirect_url = $this->_post_args('redirect_url', ARGS_TYPE_STRING, $this->agent->referrer()); $client_info = $this->client_m->details($client_id, $company_id); if (!$client_info || _has_company_group_access($this->current_user->group_id) && $client_info->company_id != $this->current_user->company_id) { $this->show_permission_denied_error($method); } $company_id = $this->current_user->group_id == 1 ? $this->_post_args('company_id', ARGS_TYPE_INT, $client_info->company_id) : $this->current_user->company_id; $this->form_validation->set_rules('confirm', 'confirm', 'trim|required'); $output = array('message' => "", 'status' => ""); if ($this->form_validation->run() == TRUE) { $is_record_updated = $this->client_m->delete($client_id); if ($is_record_updated) { $output['message'] = sprintf('The client "%s" has been deleted.', $client_info->full_name); $output['status'] = SUCCESS_MESSAGE; $output['client_id'] = $client_id; /*trigger_trip("client_deleted", $details->company_id, array('client_id' => $client_id, 'deleted_by' => $this->current_user->user_id));*/ } else { $output['message'] = sprintf('Unable to delete client "%s". Please report the issue to %s', $client_info->full_name, $this->cfg->contact_email); $output['status'] = ERROR_MESSAGE; } $this->_output_request($output, $redirect_url); } else { if (validation_errors()) { $output['message'] = validation_errors(); $output['status'] = ERROR_MESSAGE; } } $csrf = _get_csrf_nonce(); $data = array('form_action' => site_url('clients/delete/' . $pkey), 'cancel_url' => $redirect_url, 'page' => 'clients/delete', 'title' => 'Delete Client', "display_message" => sprintf('Are you sure you want to delete client "%s"?', $client_info->full_name), "display_heading" => sprintf('Delete Client', $client_info->full_name), "submit_btn_text" => "Save Changes", 'hiddenvars' => array_merge($csrf, array('redirect_url' => $redirect_url, 'confirm' => 1))); if ($this->input->is_ajax_request()) { $html = $this->template->raw_view('pages/clients/delete_modal', $data, TRUE); if ($method == "ajax") { $output['html'] = $html; $this->_output_request($output, $redirect_url); } else { echo $html; } } else { if (!empty($output['status'])) { set_flash_data($output['status'], $output['message'], FALSE); } $this->template->load('default', $data); } }
public function delete($pkey, $method = "echo") { _has_user_access_permission(TRUE, array('admin', 'location_manager', 'user_company')); $params = ($params = unserialize_object($pkey)) && is_array($params) ? $params : array(); $type_id = isset($params[SYS_CONTACT_TYPE_ID]) && gtzero_integer($params[SYS_CONTACT_TYPE_ID]) ? to_int($params[SYS_CONTACT_TYPE_ID]) : 0; $ref_id = isset($params[SYS_REF_ID]) && gtzero_integer($params[SYS_REF_ID]) ? to_int($params[SYS_REF_ID]) : 0; $contact_id = isset($params[SYS_CONTACT_ID]) && gtzero_integer($params[SYS_CONTACT_ID]) ? to_int($params[SYS_CONTACT_ID]) : 0; $redirect_url = $this->_post_args('redirect_url', ARGS_TYPE_STRING, $this->agent->referrer()); $contact_info = $this->contact_m->details($contact_id, $ref_id, $type_id); if (!$contact_info) { $this->show_permission_denied_error($method); } $this->form_validation->set_rules('confirm', 'confirm', 'trim|required'); $output = array('message' => "", 'status' => ""); if ($this->form_validation->run() == TRUE) { $is_record_updated = $this->contact_m->delete($contact_id); if ($is_record_updated) { $output['message'] = sprintf('The contact "%s" has been deleted.', $contact_info->contact_name); $output['status'] = SUCCESS_MESSAGE; $output['contact_id'] = $contact_id; } else { $output['message'] = sprintf('Error occurred while trying to delete contact "%s".', $contact_info->contact_name); $output['status'] = ERROR_MESSAGE; } $this->_output_request($output, $redirect_url); } else { if (validation_errors()) { $output['message'] = validation_errors(); $output['status'] = ERROR_MESSAGE; } } $doc_key = $this->_post_args('doc_key', ARGS_TYPE_STRING) ? $this->_post_args('doc_key', ARGS_TYPE_STRING) : keygen(); $csrf = _get_csrf_nonce(); $data = array('form_action' => site_url('contacts/delete/' . $pkey), 'cancel_url' => $redirect_url, 'page' => 'contacts/delete', 'title' => 'Contact "' . $contact_info->contact_name . '"', "display_message" => sprintf('Are you sure you want to delete contact "%s"?', $contact_info->contact_name), "display_heading" => sprintf('Delete contact', $contact_info->contact_name), "submit_btn_text" => "Save Changes", 'hiddenvars' => array_merge($csrf, array('redirect_url' => $redirect_url)), 'doc_key' => $doc_key); if ($this->input->is_ajax_request()) { $html = $this->template->raw_view('pages/contacts/delete_modal', $data, TRUE); if ($method == "ajax") { $output['html'] = $html; $this->_output_request($output, $redirect_url); } else { echo $html; } } else { if (!empty($output['status'])) { set_flash_data($output['status'], $output['message'], FALSE); } $this->template->load('default', $data); } }
public function deactivate($pkey, $method = "echo") { _has_user_access_permission(TRUE, array('admin', 'management_company')); $params = ($params = unserialize_object($pkey)) && is_array($params) ? $params : array(); $company_id = $this->current_user->group_id == GROUP_ADMIN ? 0 : $this->current_user->company_id; $user_id = isset($params[SYS_USER_ID]) && gtzero_integer($params[SYS_USER_ID]) ? to_int($params[SYS_USER_ID]) : 0; $code = isset($params['code']) && !empty($params['code']) ? $params['code'] : FALSE; $redirect_url = $this->_post_args('redirect_url', ARGS_TYPE_STRING, $this->agent->referrer()); $user_info = $this->user_m->details($user_id); if (!$user_info || _has_company_group_access($this->current_user->group_id) && $user_info->company_id != $this->current_user->company_id || $this->current_user->user_id == $user_id) { $this->show_permission_denied_error($method); } $company_id = $user_info->company_id; $this->form_validation->set_rules('confirm', 'confirm', 'trim|required'); $output = array('message' => "", 'status' => ""); if ($this->form_validation->run() == TRUE) { /*if ($this->_valid_csrf_nonce() === FALSE || $user_id != $this->input->post('id')) { show_error('This form post did not pass our security checks.'); }*/ $is_record_updated = $this->ion_auth->deactivate($user_id); if ($is_record_updated) { $output['message'] = sprintf('The user "%s" has been deactivated.', $user_info->full_name); $output['status'] = SUCCESS_MESSAGE; $output['user_id'] = $user_id; /*trigger_trip("user_activated", $user_info->company_id, array('user_id' => $user_id, 'updated_by' => $this->current_user->user_id));*/ } else { $output['message'] = sprintf('Error occurred while trying to deactivated user "%s".', $user_info->full_name); $output['status'] = ERROR_MESSAGE; } $this->_output_request($output, $redirect_url); } else { if (validation_errors()) { $output['message'] = validation_errors(); $output['status'] = ERROR_MESSAGE; } } $csrf = _get_csrf_nonce(); $data = array('form_action' => site_url('users/deactivate/' . $pkey), 'cancel_url' => $redirect_url, 'page' => 'user/confirm', 'title' => 'Deactivate User', 'display_message' => sprintf('Are you sure you want to deactivate user "%s"?', $user_info->full_name), 'display_heading' => sprintf('Deactivate User', $user_info->full_name), 'submit_btn_text' => "Save Changes", 'hiddenvars' => array_merge($csrf, array('redirect_url' => $redirect_url))); if ($this->input->is_ajax_request()) { $html = $this->template->raw_view('pages/user/confirm_modal', $data, TRUE); if ($method == "ajax") { $output['html'] = $html; $this->_output_request($output, $redirect_url); } else { echo $html; } } else { if (!empty($output['status'])) { set_flash_data($output['status'], $output['message'], FALSE); } $this->template->load('default', $data); } }
public function download($pkey, $method = "echo") { _has_user_access_permission(TRUE, array('admin')); $params = ($params = unserialize_object($pkey)) && is_array($params) ? $params : array(); $company_id = in_array($this->current_user->group_id, array(GROUP_ADMIN, GROUP_STAFF, GROUP_ENGINEER)) ? $this->_post_args('company_id', ARGS_TYPE_INT, array_key_exists(SYS_COMPANY_ID, $params) && gtzero_integer($params[SYS_COMPANY_ID]) ? to_int($params[SYS_COMPANY_ID]) : 0) : $this->current_user->company_id; $site_id = isset($params[SYS_SITE_ID]) && gtzero_integer($params[SYS_SITE_ID]) ? to_int($params[SYS_SITE_ID]) : 0; $redirect_url = $this->_post_args('redirect_url', ARGS_TYPE_STRING, $this->agent->referrer()); $site_statuses = array('' => '', 1 => 'OPEN', 2 => 'SUBMITTED', 3 => 'COMPLETED'); $site_info = $this->site_m->details($site_id, $company_id); if (!$site_info || _has_company_group_access($this->current_user->group_id) && $site_info->company_id != $this->current_user->company_id) { $this->show_permission_denied_error($method); } $company_id = in_array($this->current_user->group_id, array(GROUP_ADMIN, GROUP_STAFF, GROUP_ENGINEER)) ? $this->_post_args('company_id', ARGS_TYPE_INT, $site_info->company_id) : $this->current_user->company_id; $doc_key = $this->_post_args('doc_key', ARGS_TYPE_STRING) ? $this->_post_args('doc_key', ARGS_TYPE_STRING) : keygen(); $csrf = _get_csrf_nonce(); $headings = array("SITE", "FORM", "DATE ADDED", "ADDED BY", "STATUS", "DATE SUBMITTED", "SUBMITTED BY", "DATE COMPLETED", "COMPLETED BY"); $this->load->library('PHPExcel'); $this->load->library('PHPExcel/IOFactory'); // Create a new PHPExcel object $objPHPExcel = new PHPExcel(); $objPHPExcel->getActiveSheet()->setTitle('List of Site Forms'); $rowNumber = 1; $col = 'A'; foreach ($headings as $heading) { $objPHPExcel->getActiveSheet()->setCellValue($col . $rowNumber, $heading); $col++; } // Loop through the result set $rowNumber = 2; foreach ($site_info->site_forms as $site_form) { $col = 'A'; $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_info->site_code); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->form_name); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, _validate_date($site_form->added_on, 'Y-m-d H:i:s') ? local_time($site_form->added_on, 'M d, Y @ h:ia') : ''); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->added_by_name); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_statuses[$site_form->status]); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, _validate_date($site_form->submitted_on, 'Y-m-d H:i:s') ? local_time($site_form->submitted_on, 'M d, Y @ h:ia') : ''); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->submitted_by_name); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, _validate_date($site_form->completed_on, 'Y-m-d H:i:s') ? local_time($site_form->completed_on, 'M d, Y @ h:ia') : ''); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->completed_by_name); $rowNumber++; } $objWriter = IOFactory::createWriter($objPHPExcel, 'Excel5'); // We'll be outputting an excel file header('Content-type: application/vnd.ms-excel'); // It will be called file.xls header('Content-Disposition: attachment; filename="' . date('Ymd') . '.xls"'); // Write file to the browser $objWriter->save('php://output'); }
public function qdelete($pkey, $method = "echo") { _has_user_access_permission(TRUE, array('admin')); $params = ($params = unserialize_object($pkey)) && is_array($params) ? $params : array(); $form_type_id = isset($params[SYS_FORM_TYPE_ID]) && gtzero_integer($params[SYS_FORM_TYPE_ID]) ? to_int($params[SYS_FORM_TYPE_ID]) : 0; $question_id = isset($params[SYS_QUESTION_ID]) && gtzero_integer($params[SYS_QUESTION_ID]) ? to_int($params[SYS_QUESTION_ID]) : 0; $redirect_url = $this->_post_args('redirect_url', ARGS_TYPE_STRING, $this->agent->referrer()); $form_info = $this->survey_m->form_type_details($form_type_id); $question_info = $this->survey_m->get_question_detail($question_id, $form_type_id); if (!$form_info) { $this->show_permission_denied_error($method); } $this->form_validation->set_rules('confirm', 'confirm', 'trim|required'); $output = array('message' => "", 'status' => ""); if ($this->form_validation->run() == TRUE) { $is_record_updated = $this->survey_m->delete_question($question_id); if ($is_record_updated) { $output['message'] = sprintf('The question "%s" has been deleted.', $question_info->description); $output['status'] = SUCCESS_MESSAGE; $output['question_id'] = $question_id; } else { $output['message'] = sprintf('Unable to delete question "%s". Please report the issue to %s', $question_info->description, $this->cfg->contact_email); $output['status'] = ERROR_MESSAGE; } $this->_output_request($output, $redirect_url); } else { if (validation_errors()) { $output['message'] = validation_errors(); $output['status'] = ERROR_MESSAGE; } } $csrf = _get_csrf_nonce(); $data = array('form_action' => site_url('survey/qdelete/' . $pkey), 'cancel_url' => $redirect_url, 'page' => 'survey/delete', 'title' => 'Delete Question', "display_message" => sprintf('Are you sure you want to delete question "%s"?', $question_info->description), "display_heading" => sprintf('Delete Question', $question_info->description), "submit_btn_text" => "Save Changes", 'hiddenvars' => array_merge($csrf, array('redirect_url' => $redirect_url, 'confirm' => 1))); if ($this->input->is_ajax_request()) { $html = $this->template->raw_view('pages/survey/delete_modal', $data, TRUE); if ($method == "ajax") { $output['html'] = $html; $this->_output_request($output, $redirect_url); } else { echo $html; } } else { if (!empty($output['status'])) { set_flash_data($output['status'], $output['message'], FALSE); } $this->template->load('default', $data); } }