Ejemplos de access_control en PHP

Ejemplo n.º 1

Archivo: contracts.php Proyecto: newwavetechug/gpp

 function Contracts()
 {
     parent::__construct();
     $this->load->model('users_m', 'user1');
     $this->load->model('currency_m');
     access_control($this);
 }

Ejemplo n.º 2

Archivo: pdetypes.php Proyecto: newwavetechug/gpp

 function index()
 {
     $data['active'] = $this->pde_m->fetch_pdes('in');
     $data['archived'] = $this->pde_m->fetch_pdes('out');
     $this->load->view('pde/manage_pda_v', $data);
     access_control($this);
 }

Ejemplo n.º 3

Archivo: receipts.php Proyecto: newwavetechug/gpp

 function Receipts()
 {
     //**********  Back button will not work, after logout  **********//
     header("cache-Control: no-store, no-cache, must-revalidate");
     header("cache-Control: post-check=0, pre-check=0", false);
     // HTTP/1.0
     header("Pragma: no-cache");
     // Date in the past
     header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
     // always modified
     header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
     //**********  Back button will not work, after logout  **********//
     parent::__construct();
     $this->load->library('form_validation');
     $this->load->model('users_m', 'user1');
     $this->load->model('sys_email', 'sysemail');
     $this->session->set_userdata('page_title', 'Login');
     #MOVER LOADED MODELS
     $this->load->model('Receipts_m');
     $this->load->model('Proc_m');
     $this->load->model('Evaluation_methods_m');
     $this->load->model('Remoteapi_m');
     ##END
     date_default_timezone_set(SYS_TIMEZONE);
     $data = array();
     access_control($this);
 }

Ejemplo n.º 4

Archivo: user.php Proyecto: newwavetechug/gpp

 function User()
 {
     parent::__construct();
     $this->load->library('form_validation');
     $this->load->model('users_m', 'user1');
     $this->load->model('sys_email', 'sysemail');
     $this->load->model('file_upload', 'libfileobj');
     $this->load->model('sys_file', 'sysfile');
     date_default_timezone_set(SYS_TIMEZONE);
     access_control($this);
 }

Ejemplo n.º 5

Archivo: procurement.php Proyecto: newwavetechug/gpp

 public function __construct()
 {
     parent::__construct();
     $this->load->model('procurement_plan_m');
     $this->load->model('procurement_plan_entry_m');
     $this->load->model('notification_m');
     $this->load->model('procurement_plan_status_m');
     $this->load->model('notification_m');
     $this->load->model('sys_file', 'sysfile');
     access_control($this);
 }

Ejemplo n.º 6

Archivo: schoolinfo.php Proyecto: nwtug/academia

 function update_school_info()
 {
     access_control($this);
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     $data = restore_bad_chars($data);
     if ($data['save']) {
         $data['schooldetails'] = $data;
         $required_fields = array('schoolname', 'emailaddress', 'telephone');
         $_POST = clean_form_data($data);
         $validation_results = validate_form('', $_POST, $required_fields);
         $classname_error = '';
         $rank_error = '';
         #set status as editing on destination if updating
         if ($this->input->post('editid')) {
             $data['editid'] = $_POST['editid'];
         }
         #Only proceed if the validation for required fields passes
         if ($validation_results['bool'] && !(empty($data['editid']) && !empty($user_details))) {
             #Update school info
             $result = $this->db->query($this->Query_reader->get_query_by_code('user_update_school_data', array_merge($_POST, array('editid' => $this->myschool['id']))));
             $data['schooldetails'] = $this->Query_reader->get_row_as_array('search_schools_list', array('limittext' => '', 'searchstring' => ' AND id = ' . $this->myschool['id']));
             #Format and send the errors
             if (!empty($result) && $result) {
                 $data['msg'] = "The school data has been successfully saved.";
                 #Copy school badge to designated folder
                 if (!empty($_POST['photo'])) {
                     $copy_image_result = copy(UPLOAD_DIRECTORY . "temp/" . $_POST['photo'], UPLOAD_DIRECTORY . "schools/" . $_POST['photo']);
                     #copy the thumb_nail as well
                     $thumb_nail_ext = end(explode('.', $_POST['photo']));
                     $copy_image_thumb_result = copy(UPLOAD_DIRECTORY . "temp/" . str_replace('.' . $thumb_nail_ext, '_thumb.' . $thumb_nail_ext, $_POST['photo']), UPLOAD_DIRECTORY . "schools/" . str_replace('.' . $thumb_nail_ext, '_thumb.' . $thumb_nail_ext, $_POST['photo']));
                     if (!$copy_image_result && !$copy_image_thumb_result) {
                         $data['msg'] = 'WARNING: ' & $data['msg'] . '<br />' . 'An error occured while saving the school badge';
                     } else {
                         @unlink(UPLOAD_DIRECTORY . "temp/" . $_POST['photo']);
                         @unlink(UPLOAD_DIRECTORY . "temp/" . str_replace('.' . $thumb_nail_ext, '_thumb.' . $thumb_nail_ext, $_POST['photo']));
                     }
                 }
             } else {
                 if (empty($data['msg'])) {
                     $data['msg'] = "ERROR: The school data could not be saved or was not saved correctly." . $classname_error . $rank_error;
                 }
             }
         }
         if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) {
             $data['msg'] = "WARNING: The highlighted fields are required.";
         }
         $data['requiredfields'] = $validation_results['requiredfields'];
     }
     $this->load->view('schoolinfo/school_info_view', $data);
 }

Ejemplo n.º 7

Archivo: schoolsettings.php Proyecto: nwtug/academia

 function manage_settings()
 {
     access_control($this);
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'i'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     $data = add_msg_if_any($this, $data);
     #default to curriculum settings
     $data = paginate_list($this, $data, 'search_subjects', array('isactive' => 'Y', 'searchstring' => ' AND school = ' . $this->myschool['id']));
     $this->load->view('settings/manage_settings_view', $data);
 }

Ejemplo n.º 8

Archivo: bids.php Proyecto: newwavetechug/gpp

 function Bids()
 {
     parent::__construct();
     $this->load->model('users_m', 'users');
     $this->load->model('sys_email', 'sysemail');
     #date_default_timezone_set(SYS_TIMEZONE);
     #MOVER LOADED MODELS
     $this->load->model('Receipts_m');
     $this->load->model('Proc_m');
     $this->load->model('Evaluation_methods_m');
     $this->load->model('sys_file', 'sysfile');
     $this->load->model('Disposal_m', 'disposal');
     access_control($this);
 }

Ejemplo n.º 9

Archivo: notifications.php Proyecto: newwavetechug/gpp

 function Notifications()
 {
     parent::__construct();
     $this->load->library('form_validation');
     $this->load->model('users_m', 'user1');
     $this->load->model('Notification_m', 'notification');
     $this->session->set_userdata('page_title', 'Login');
     #MOVER LOADED MODELS
     $this->load->model('Receipts_m');
     $this->load->model('Proc_m');
     $this->load->model('Evaluation_methods_m');
     access_control($this);
     ##END
     date_default_timezone_set(SYS_TIMEZONE);
     $data = array();
 }

Ejemplo n.º 10

Archivo: reports.php Proyecto: newwavetechug/gpp

 function Reports()
 {
     parent::__construct();
     $this->load->model('users_m', 'users');
     $this->load->model('sys_email', 'sysemail');
     #date_default_timezone_set(SYS_TIMEZONE);
     $this->load->model('contracts_m');
     $this->load->model('bid_invitation_m');
     $this->load->model('receipts_m');
     $this->load->model('disposal_m');
     $this->load->model('disposal_record_m');
     $this->load->model('remoteapi_m');
     $this->load->model('procurement_plan_m');
     $this->load->model('contracts_m');
     $this->load->model('contract_price_m');
     access_control($this);
 }

Ejemplo n.º 11

Archivo: providers.php Proyecto: newwavetechug/gpp

 function Providers()
 {
     parent::__construct();
     $this->load->library('form_validation');
     $this->load->model('users_m', 'user1');
     $this->load->model('sys_email', 'sysemail');
     $this->session->set_userdata('page_title', 'Login');
     #MOVER LOADED MODELS
     #	$this->load->model('Currencies_m');
     $this->load->model('Proc_m');
     $this->load->model('Evaluation_methods_m');
     $this->load->model('Remoteapi_m');
     #MOVER LOADED MODELS
     $this->load->model('Currency_m', 'currency');
     $this->load->model('Disposal_m', 'disposal');
     ##END
     date_default_timezone_set(SYS_TIMEZONE);
     $data = array();
     access_control($this);
 }

Ejemplo n.º 12

Archivo: sponsors.php Proyecto: nwtug/academia

 function delete_sponsor()
 {
     access_control($this);
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 't'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     if (!empty($data['i'])) {
         $result = deactivate_row($this, 'exams', decryptValue($data['i']));
     }
     if (!empty($result) && $result) {
         $this->session->set_userdata('dexam', "The exam data has been successfully deleted.");
     } else {
         if (empty($data['msg'])) {
             $this->session->set_userdata('dexam', "ERROR: The exam could not be deleted or was not deleted correctly.");
         }
     }
     if (!empty($data['t']) && $data['t'] == 'super') {
         $tstr = "/t/super";
     } else {
         $tstr = "";
     }
     redirect("sponsors/manage_exams/m/dexam" . $tstr);
 }

Ejemplo n.º 13

Archivo: admin.php Proyecto: rmuyinda/dms-1

 function load_pdetype_form()
 {
     access_control($this, array('admin'));
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     #Get access groups
     $accessGroupsResult = $this->db->query($this->Query_reader->get_query_by_code('get_user_group_list', array()));
     //  $data['pdetypes'] = $this-> Pdetypes_m -> fetchpdetypes($status='Y');
     $data['usergroups'] = $this->Usergroups_m->fetchusergroups();
     $data['users'] = $this->users_m->fetchusers();
     //	users_m
     #form type
     $data['formtype'] = 'insert';
     $data['page_title'] = 'New PDE ';
     $data['current_menu'] = 'add_pdetype';
     $data['view_data']['form_title'] = $data['page_title'];
     $data['view_to_load'] = 'pde/pdetype_form_v';
     $this->load->view('dashboard_v', $data);
 }

Ejemplo n.º 14

Archivo: classes.php Proyecto: nwtug/academia

 function save_stream()
 {
     access_control($this);
 }

Ejemplo n.º 15

Archivo: account.php Proyecto: nwtug/academia

 function settings()
 {
     access_control($this);
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('i'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     #Get user settings
     $editid = $this->session->userdata('userid');
     if ($this->session->userdata('usertype') == 'SCHOOL') {
         $data['formdata'] = $this->Query_reader->get_row_as_array('get_school_user_by_id', array('id' => $editid));
     } elseif ($this->session->userdata('usertype') == 'MSR') {
         $data['formdata'] = $this->Query_reader->get_row_as_array('get_user_by_id', array('id' => $editid));
     }
     $data['isview'] = !empty($data['a']) && decryptValue($data['a']) == 'view' ? "Y" : "";
     if ($this->input->post('savesettings')) {
         $required_fields = array('firstname', 'lastname', 'address', 'emailaddress*EMAILFORMAT', 'telephone');
         $_POST = clean_form_data($_POST);
         $validation_results = validate_form('', $_POST, $required_fields);
         $update_string = '';
         #Only proceed if the validation for required fields passes
         if ($validation_results['bool']) {
             #Check if the password has been changed, is strong enough and the repeated value is the same
             if (!empty($_POST['password']) || !empty($_POST['repeatpassword'])) {
                 $passwordmsg = $this->user1->check_password_strength($_POST['password']);
                 if (!$passwordmsg['bool']) {
                     $data['msg'] = "WARNING: " . $passwordmsg['msg'];
                 } elseif ($_POST['password'] == $_POST['repeatpassword']) {
                     $update_string = ", password = '******'password']) . "'";
                 } else {
                     $data['msg'] = "WARNING: The passwords provided do not match.";
                 }
             }
             #Check if a new photo has been uploaded
             if (!empty($_FILES['imageurl']['tmp_name'])) {
                 $new_file_url = 'ac_' . strtotime('now') . generate_random_letter() . "." . end(explode('.', $_FILES['imageurl']['name']));
                 if (copy($_FILES['imageurl']['tmp_name'], UPLOAD_DIRECTORY . "users/" . $new_file_url)) {
                     #Create a thumb nail as well
                     $config['image_library'] = 'gd2';
                     $config['source_image'] = UPLOAD_DIRECTORY . "users/" . $new_file_url;
                     $config['create_thumb'] = TRUE;
                     $config['maintain_ratio'] = TRUE;
                     $config['width'] = 100;
                     $config['height'] = 80;
                     $this->load->library('image_lib', $config);
                     $this->image_lib->resize();
                     #Delete the previous image from the server if it exists
                     if (!empty($data['formdata']['photo'])) {
                         @unlink(UPLOAD_DIRECTORY . "users/" . $data['formdata']['photo']);
                     }
                     $update_string .= ',photo ="' . $new_file_url . '"';
                 }
             }
             #Update or Save the new form data
             if (empty($data['msg'])) {
                 if ($this->session->userdata('usertype') == 'SCHOOL') {
                     $save_result = $this->db->query($this->Query_reader->get_query_by_code('update_school_user_data', array_merge(array('editid' => $editid, 'usertype' => $this->session->userdata('usertype'), 'usergroup' => $this->session->userdata('usergroup'), 'isschooladmin' => $this->session->userdata('isschooladmin'), 'updatecond' => $update_string), $_POST)));
                 } elseif ($this->session->userdata('usertype') == 'MSR') {
                     $save_result = $this->db->query($this->Query_reader->get_query_by_code('update_user_data', array('editid' => $editid, 'firstname' => $_POST['firstname'], 'lastname' => $_POST['lastname'], 'middlename' => $_POST['middlename'], 'addressline1' => $_POST['addressline1'], 'emailaddress' => $_POST['emailaddress'], 'telephone' => $_POST['telephone'], 'usertype' => $this->session->userdata('usertype'), 'isadmin' => $_POST['isadmin'], 'updatecond' => $update_string)));
                 }
                 $msg = !empty($save_result) && $save_result ? "Your settings have been saved." : "ERROR: Your settings were not saved.";
                 $this->session->set_userdata('sres', $msg);
                 redirect($this->user1->get_dashboard() . "/m/sres");
             }
         }
         #VALIDATION end
         if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) {
             $data['msg'] = "WARNING: The highlighted fields are required.";
         }
         $data['requiredfields'] = $validation_results['requiredfields'];
         $data['formdata'] = $_POST;
     }
     if (empty($data['formdata'])) {
         $this->session->set_userdata('suser', "ERROR: Your settings could not be resolved.");
         redirect($this->user1->get_dashboard() . "/m/suser");
     }
     $data = add_msg_if_any($this, $data);
     $this->load->view('admin/settings_view', $data);
 }

Ejemplo n.º 16

Archivo: inventory.php Proyecto: nwtug/academia

 function generate_report()
 {
     access_control($this);
     $schooldetails = $this->session->userdata('schoolinfo');
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'i'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     if ($this->input->post('generatepdf') || $this->input->post('generateexcel')) {
         $required_fields = array('type');
         $_POST = clean_form_data($_POST);
         $validation_results = validate_form('', $_POST, $required_fields);
         if ($validation_results['bool']) {
             $_POST = clean_form_data($_POST);
             $searchstring = '1';
             if ($_POST['type'] == 1) {
                 if (isset($_POST['datefrom']) && isset($_POST['dateto']) && $_POST['datefrom'] != "" && $_POST['dateto'] != "") {
                     $searchstring .= " AND  UNIX_TIMESTAMP(i.datecreated) <= '" . strtotime($_POST['dateto'] . ' 23:59:59') . "' AND UNIX_TIMESTAMP(i.datecreated) >= '" . strtotime($_POST['datefrom']) . "'";
                 }
                 if (isset($_POST['item']) && $_POST['item'] != "") {
                     $searchstring .= " AND i.itemid=" . $_POST['item'];
                 }
                 $querycode = 'get_inventory_list';
                 $data['dateto'] = $_POST['dateto'];
                 $data['datefrom'] = $_POST['datefrom'];
                 #Get the paginated list of the purchases
                 $data = paginate_list($this, $data, $querycode, array('isactive' => 'Y', 'searchstring' => ' i.school = ' . $schooldetails['id'] . ' AND (' . $searchstring . ')'));
                 $report_type = 'purchases_report';
                 $report_name = "PURCHASES REPORT";
                 if ($this->input->post('generateexcel')) {
                     $size = sizeof($data['page_list']);
                     $maxdate = date("j M, Y", GetTimeStamp($data['page_list'][$size - 1]['datecreated']));
                     $mindate = date("j M, Y", GetTimeStamp($data['page_list'][0]['datecreated']));
                     if (!empty($data['datefrom'])) {
                         $from = date("j M, Y", GetTimeStamp($data['datefrom']));
                     } else {
                         $from = $maxdate;
                     }
                     if (!empty($data['dateto'])) {
                         $to = date("j M, Y", GetTimeStamp($data['dateto']));
                     } else {
                         $to = $mindate;
                     }
                     $mydata = array($schooldetails['schoolname']);
                     $this->excelexport->addRow($mydata);
                     $mydata = array($report_name, "", "", "From :", $from, "", "", "To :", $to);
                     $this->excelexport->addRow($mydata);
                     $mydata = array("Date", "Item Name", "Supplier", "Invoice Number", "Quanity", "Price");
                     $this->excelexport->addRow($mydata);
                     $sum = 0;
                     foreach ($data['page_list'] as $row) {
                         $price = $row['price'] * $row['quantity'];
                         $sum += $price;
                         $mydata = array(date("j M, Y", GetTimeStamp($row['datecreated'])), $row['itemname'], $row['supplier'], $row['invoicenumber'], $row['quantity'], number_format($price, 0, '.', ','));
                         $this->excelexport->addRow($mydata);
                     }
                     $mydata = array("Total", "", "", "", "", number_format($sum, 0, '.', ','));
                     $this->excelexport->addRow($mydata);
                 }
             } elseif ($_POST['type'] == 3) {
                 if (isset($_POST['datefrom']) && isset($_POST['dateto']) && $_POST['datefrom'] != "" && $_POST['dateto'] != "") {
                     $searchstring .= " AND  UNIX_TIMESTAMP(i.datecreated) <= '" . strtotime($_POST['dateto'] . ' 23:59:59') . "' AND UNIX_TIMESTAMP(i.datecreated) >= '" . strtotime($_POST['datefrom']) . "'";
                 }
                 if (isset($_POST['item']) && $_POST['item'] != "") {
                     $searchstring .= " AND i.itemid=" . $_POST['item'];
                 }
                 $querycode = 'get_inventory_list';
                 $data['dateto'] = $_POST['dateto'];
                 $data['datefrom'] = $_POST['datefrom'];
                 #Get the paginated list of the deals
                 $data = paginate_list($this, $data, 'get_transaction_list', array('isactive' => 'Y', 'searchstring' => ' t.school = ' . $schooldetails['id'] . ' AND (' . $searchstring . ')'));
                 $report_type = 'issuing_report';
                 $report_name = "ISSUING REPORT";
                 if ($this->input->post('generateexcel')) {
                     $size = sizeof($data['page_list']);
                     $maxdate = date("j M, Y", GetTimeStamp($data['page_list'][$size - 1]['dateadded']));
                     $mindate = date("j M, Y", GetTimeStamp($data['page_list'][0]['dateadded']));
                     if (!empty($data['datefrom'])) {
                         $from = date("j M, Y", GetTimeStamp($data['datefrom']));
                     } else {
                         $from = $maxdate;
                     }
                     if (!empty($data['dateto'])) {
                         $to = date("j M, Y", GetTimeStamp($data['dateto']));
                     } else {
                         $to = $mindate;
                     }
                     $mydata = array($schooldetails['schoolname']);
                     $this->excelexport->addRow($mydata);
                     $mydata = array($report_name, "", "", "From :", $from, "", "", "To :", $to);
                     $this->excelexport->addRow($mydata);
                     $mydata = array("Date", "Item Name", "Quantity", "Issued To");
                     $this->excelexport->addRow($mydata);
                     foreach ($data['page_list'] as $row) {
                         $mydata = array(date("j M, Y", GetTimeStamp($row['dateadded'])), $row['itemname'], $row['quantity'], $row['firstname'] . " " . $row['lastname']);
                         $this->excelexport->addRow($mydata);
                     }
                 }
             } elseif ($_POST['type'] == 2) {
                 #Get the paginated list of the inventory
                 $data = paginate_list($this, $data, 'get_item_list', array('isactive' => 'Y', 'searchstring' => ' school = ' . $schooldetails['id']));
                 $report_type = 'inventory_report';
                 $report_name = "INVENTORY REPORT";
                 if ($this->input->post('generateexcel')) {
                     $mydata = array($schooldetails['schoolname']);
                     $this->excelexport->addRow($mydata);
                     $mydata = array($report_name, "", "", "", date("j M, Y", time()));
                     $this->excelexport->addRow($mydata);
                     $mydata = array("Item Name", "In", "Out", "Stocked", "Units");
                     $this->excelexport->addRow($mydata);
                     foreach ($data['page_list'] as $row) {
                         $stocked = get_stocked($this, $row['id']);
                         $sold = get_sold($this, $row['id']);
                         $remaining = $stocked - $sold;
                         #Assign zeros to empty values
                         if (empty($stocked)) {
                             $stocked = 0;
                         }
                         if (empty($sold)) {
                             $sold = 0;
                         }
                         $mydata = array($row['itemname'], $remaining, $sold, $stocked, $row['unitspecification']);
                         $this->excelexport->addRow($mydata);
                     }
                 }
             }
             #Format the statement
             $report_html = '';
             #$financial_details = array();
             $this->load->library('parser');
             $data['schoolname'] = $schooldetails['schoolname'];
             $data['report_html'] = $report_html;
             $output = $this->parser->parse('reports/' . $report_type, $data, true);
             if ($this->input->post('generatepdf')) {
                 gen_pdf($this, $output);
             } else {
                 $this->excelexport->download($report_type . '.xls');
             }
         }
         if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) {
             $data['msg'] = "WARNING: The highlighted fields are required.";
         }
         $data['requiredfields'] = $validation_results['requiredfields'];
         $data['formdata'] = $_POST;
     }
     $this->load->view('inventory/new_report_view');
 }

Ejemplo n.º 17

Archivo: deal.php Proyecto: nwtug/academia

 function show_nav_details()
 {
     access_control($this);
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'i'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     if (!empty($data['fundedamount']) && !empty($data['commitmentamount'])) {
         $fundedamount = removeCommas(restore_bad_chars($data['fundedamount']));
         $commitmentamount = removeCommas(restore_bad_chars($data['commitmentamount']));
         $fundedamt = !empty($fundedamount) ? $fundedamount : 0;
         $commitmentamt = !empty($commitmentamount) ? $commitmentamount : 0;
     }
     if (!empty($fundedamt) && !empty($commitmentamt)) {
         $data['unfunded'] = $commitmentamt - $fundedamt;
     }
     $data['area'] = "nav_amt_details";
     $data = add_msg_if_any($this, $data);
     $this->load->view('incl/addons', $data);
 }

Ejemplo n.º 18

Archivo: admin.php Proyecto: nwtug/academia

 function update_permissions()
 {
     access_control($this, array('admin'));
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 't'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     if (!empty($data['i'])) {
         $result = $this->db->query($this->Query_reader->get_query_by_code('get_group_permissions', array('groupid' => decryptValue($data['i']))));
         $the_permissions_list = $result->result_array();
         $data['permissions_list'] = array();
         foreach ($the_permissions_list as $permission_row) {
             array_push($data['permissions_list'], $permission_row['permissionid']);
         }
         $data['groupdetails'] = $this->Query_reader->get_row_as_array('get_group_by_id', array('groupid' => decryptValue($data['i'])));
         $usertype = $this->session->userdata('isadmin') == 'Y' ? "admin" : "";
         $result = $this->db->query($this->Query_reader->get_query_by_code('get_all_permissions', array('accesslist' => "'" . $usertype . "'")));
         $data['all_permissions'] = $result->result_array();
         #put all permissions in a manageable array
         $data['all_permissions_list'] = array();
         foreach ($data['all_permissions'] as $thepermission) {
             array_push($data['all_permissions_list'], $thepermission['id']);
         }
     }
     if (!empty($data['t']) && $data['t'] == 'super') {
         $tstr = "/t/super";
     } else {
         $tstr = "";
     }
     if ($this->input->post('updatepermissions')) {
         if (!empty($_POST['permissions'])) {
             $result_array = array();
             #First delete all permissions from the access table
             $delresult = $this->db->query($this->Query_reader->get_query_by_code('delete_group_permissions', array('groupid' => $_POST['editid'])));
             array_push($result_array, $delresult);
             foreach ($_POST['permissions'] as $permissionid) {
                 $insresult = $this->db->query($this->Query_reader->get_query_by_code('add_group_permission', array('groupid' => $_POST['editid'], 'permissionid' => $permissionid)));
                 array_push($result_array, $insresult);
             }
             if (get_decision($result_array)) {
                 $this->session->set_userdata('pgroup', "The Group permissions have been assigned.");
                 redirect("admin/manage_access_groups/m/pgroup" . $tstr);
             }
         }
     }
     if (empty($result) || !$result) {
         if (empty($_POST['permissions'])) {
             $this->session->set_userdata('puser', "WARNING: No permissions are assigned to the group.");
         } else {
             $this->session->set_userdata('puser', "ERROR: The group permissions could not be assigned.");
         }
         redirect(base_url() . "admin/manage_access_groups/m/pgroup" . $tstr);
     }
     $this->load->view('admin/group_permissions', $data);
 }

Ejemplo n.º 19

Archivo: reports.php Proyecto: nwtug/academia

 function report_list()
 {
     access_control($this);
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'up'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     $isactive = !empty($data['t']) && decryptValue($data['t']) == 'archive' ? 'N' : 'Y';
     #Get the paginated list of the reports
     $data = paginate_list($this, $data, 'get_user_report_list', array('userid' => $this->session->userdata('userid'), 'isactive' => $isactive, 'searchstring' => ''));
     $data = add_msg_if_any($this, $data);
     $this->load->view('reports/user_report_list_view', $data);
 }

Ejemplo n.º 20

Archivo: photo.php Proyecto: nwtug/academia

 function upload_photo()
 {
     access_control($this);
     #check if recover image has been specified
     if (!empty($_FILES['insert-image']['tmp_name'])) {
         $_POST = clean_form_data($_POST);
         $new_file_url = 'ac_' . strtotime('now') . generate_random_letter() . "." . end(explode('.', $_FILES['insert-image']['name']));
         if (copy($_FILES['insert-image']['tmp_name'], UPLOAD_DIRECTORY . "temp/" . $new_file_url)) {
             #Create a thumb nail as well
             $config['image_library'] = 'gd2';
             $config['source_image'] = UPLOAD_DIRECTORY . "temp/" . $new_file_url;
             $config['create_thumb'] = TRUE;
             $config['maintain_ratio'] = TRUE;
             $config['width'] = 180;
             $config['height'] = 160;
             $this->load->library('image_lib', $config);
             $this->image_lib->resize();
             $temp_array = explode('.', $new_file_url);
             $data['msg'] = base_url() . "downloads/temp/" . $temp_array[0] . '_thumb.' . $temp_array[1];
         }
     }
     if (empty($data['msg'])) {
         $data['msg'] = "ERROR";
     }
     $data['area'] = 'upload_student_img';
     $this->load->view('incl/addons', $data);
 }

Ejemplo n.º 21

Archivo: curriculum.php Proyecto: nwtug/academia

 function get_subjects_by_class()
 {
     access_control($this);
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'sc'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     $data['class'] = get_class_title($this, $data['sc']);
     $data['class'] = $data['class'] == '' ? '[UNDEFINED CLASS]' : $data['class'];
     #Get the paginated list of the students
     $data['page_list'] = $this->db->query($this->Query_reader->get_query_by_code('search_subjects', array('limittext' => '', 'isactive' => 'Y', 'searchstring' => ' AND classes like "%|' . $data['sc'] . '|%" AND school = ' . $this->myschool['id'])))->result_array();
     $data['area'] = 'class_subjects';
     $this->load->view('incl/addons', $data);
 }

Ejemplo n.º 22

Archivo: help.php Proyecto: nwtug/academia

 function manage_help()
 {
     access_control($this);
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('s', 'i'));
     # Pick all assigned data
     $data = restore_bad_chars_in_array(assign_to_data($urldata));
     #Get the paginated list of the help items
     $data = paginate_list($this, $data, 'get_help_list', array('searchstring' => ''));
     $data = add_msg_if_any($this, $data);
     $this->load->view('help/manage_help_view', $data);
 }

Ejemplo n.º 23

Archivo: index2.php Proyecto: kyleiwaniec/DBA

<?php

require_once 'config.php';
// ACCESS TO THIS PAGE IS CONTROLLED
$uid = access_control();
$pagetitle = "Downtown Bordentown Association CMS";
require_once 'cms-header2.php';
// shorthand for saying $authorized == true
//if ($authorized){
//
//
//
?>
<div class="wrapper">
    <div class="container">
      <p>&nbsp;</p>
    </div>
</div>


<?php 
//}
require_once 'cms-footer.php';

Ejemplo n.º 24

Archivo: search.php Proyecto: nwtug/academia

 function delete_word()
 {
     access_control($this, array('admin'));
     # Get the passed details into the form data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('d'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     if (!empty($data['i'])) {
         $result = $this->db->query($this->Query_reader->get_query_by_code('delete_word_by_id', array('id' => decryptValue($data['i']))));
     }
     if (!empty($result) && $result) {
         $msg = "The word has been removed.";
     } else {
         $msg = "ERROR: There were problems removing the word.";
     }
     $this->session->set_userdata('dmsg', $msg);
     redirect(base_url() . "search/manage_words/m/dmsg");
 }

Ejemplo n.º 25

Archivo: gradebook.php Proyecto: nwtug/academia

 function delete_mark()
 {
     access_control($this);
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 't'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     $paper_details = get_db_object_details($this, 'subjectpapers', decryptValue($data['i']));
     if (!empty($data['i'])) {
         $result = deactivate_row($this, 'subjectpapers', decryptValue($data['i']));
     }
     if (!empty($result) && $result) {
         $data['msg'] = $paper_details['paper'] . " has has been removed.";
     } else {
         if (empty($data['msg'])) {
             $data['msg'] = "ERROR: The paper could not be deleted or was not deleted correctly.";
         }
     }
     $data['papers'] = $this->db->query($this->Query_reader->get_query_by_code('search_papers', array('isactive' => 'Y', 'limittext' => '', 'searchstring' => ' AND subject = ' . $paper_details['subject'])))->result_array();
     $data['area'] = 'subject_papers';
     $this->load->view('incl/addons', $data);
 }

Ejemplo n.º 26

Archivo: students_bak.php Proyecto: nwtug/academia

 function delete_miscelleneous()
 {
     access_control($this);
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'i'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     $save_result = $this->db->query($this->Query_reader->get_query_by_code('delete_row', array('tname' => "miscelleneous", 'id' => decryptValue($data['i']))));
     if ($save_result) {
         $data['msg'] = "The item has been deleted.";
         //die($data['msg']);
         $this->session->set_userdata('sres', $data['msg']);
         redirect(base_url() . "students/manage_miscelleneous/m/sres");
     } else {
         $data['msg'] = "ERROR: The item was not deleted. Please contact your administrator.";
         die($data['msg']);
     }
 }

Ejemplo n.º 27

Archivo: library.php Proyecto: nwtug/academia

 function save_borrower_form()
 {
     access_control($this);
     $schooldetails = $this->session->userdata('schoolinfo');
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'i'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     if (!empty($data['i'])) {
         $editid = decryptValue($data['i']);
         $data['formdata'] = $this->Query_reader->get_row_as_array('get_borrower_by_id', array('id' => $editid));
         $data['formdata']['search'] = $data['formdata']['firstname'] . " " . $data['formdata']['middlename'] . " " . $data['formdata']['lastname'];
     }
     // var_dump($data);
     #####comment out.. use model values
     #Get the Item details
     $stockid = decryptValue($data['s']);
     #$stockid = $data['s'];
     $data['stockdata'] = $this->Query_reader->get_row_as_array('get_stock_by_id', array('id' => $stockid));
     #Get the Item details
     #Check if the user is simply viewing the deal
     #TODO: Add the force-users-without-other-permissions-to-view condition
     if (!empty($data['a']) && decryptValue($data['a']) == 'view') {
         $data['isview'] = "Y";
     }
     if ($this->input->post('saveborrower')) {
         $required_fields = array('name', 'type', 'dateborrowed', 'taken', 'libraryid');
         $_POST = clean_form_data($_POST);
         $validation_results = validate_form('', $_POST, $required_fields);
         $borrowerperiod = validate_borrower_period($_POST['dateborrowed'], $_POST['datereturned']);
         if ($validation_results['bool'] && $borrowerperiod == "") {
             $_POST['copiestaken'] = sizeof($_POST['items']);
             if (!empty($data['formdata']) && !empty($data['i'])) {
                 $save_result = $this->db->query($this->Query_reader->get_query_by_code('update_borrower', array_merge($_POST, array('id' => $editid))));
             } else {
                 // echo($this->Query_reader->get_query_by_code('add_borrower', array_merge($_POST, array('school' => $schooldetails['id'], 'createdby'=>$this->session->userdata('userid'))) ));
                 // exit();
                 $save_result = $this->db->query($this->Query_reader->get_query_by_code('add_borrower', array_merge($_POST, array('school' => $schooldetails['id'], 'createdby' => $this->session->userdata('userid')))));
             }
             if ($save_result) {
                 $borrowerid = $this->db->insert_id();
                 for ($i = 0; $i < sizeof($_POST['items']); $i++) {
                     $save_result2 = $this->db->query($this->Query_reader->get_query_by_code('add_borroweditems', array('borrower' => $borrowerid, 'item' => $_POST['items'][$i])));
                     $updateitem = $this->db->query($this->Query_reader->get_query_by_code('update_item_borrowed', array('id' => $_POST['items'][$i], 'isavailable' => 0)));
                 }
                 if ($save_result2 && $updateitem) {
                     $data['msg'] = "The borrower has been saved.";
                     #die($data['msg']);
                     $this->session->set_userdata('sres', $data['msg']);
                     redirect(base_url() . "library/manage_borrowers/m/sres");
                 } else {
                     $data['msg'] = "ERROR: The borrower was not saved. Please contact your administrator.";
                 }
             } else {
                 $data['msg'] = "ERROR: The borrower was not saved. Please contact your administrator.";
                 #die($data['msg']);
             }
         }
         #Validation
         if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) {
             $data['msg'] = "WARNING: The highlighted fields are required.";
         }
         if ($borrowerperiod != "") {
             $data['msg'] = "WARNING: " . $borrowerperiod;
         }
         $data['requiredfields'] = $validation_results['requiredfields'];
         $data['formdata'] = $_POST;
     }
     if (!empty($data['a']) && decryptValue($data['a']) == 'view') {
         $data = paginate_list($this, $data, 'get_borrowed_items', array('isactive' => 'Y', 'searchstring' => ' AND b.borrower = ' . $data['formdata']['id']));
         $data['isviewing'] = TRUE;
         $data['area'] = 'borrower_details';
         $this->load->view('incl/addons', $data);
     } else {
         $this->load->view('library/new_borrower', $data);
     }
     $data['students'] = $this->librarymodel->get_students();
 }

Ejemplo n.º 28

Archivo: user.php Proyecto: nwtug/academia

 function delete_staff()
 {
     access_control($this);
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 't'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     if (!empty($data['i'])) {
         $result = deactivate_row($this, 'schoolusers', decryptValue($data['i']));
     }
     if (!empty($result) && $result) {
         $data['msg'] = "The user data has been successfully deleted.";
     } else {
         if (empty($data['msg'])) {
             $data['msg'] = "ERROR: The user could not be deleted or was not deleted correctly.";
         }
     }
     if (!empty($data['t']) && $data['t'] == 'super') {
         $tstr = "/t/super";
     } else {
         $tstr = "";
     }
 }

Ejemplo n.º 29

Archivo: messages.php Proyecto: nwtug/academia

 function remove_read_message()
 {
     access_control($this);
     # Get the passed details into the url data array if any
     $urldata = $this->uri->uri_to_assoc(3, array('m', 'p'));
     # Pick all assigned data
     $data = assign_to_data($urldata);
     if (!empty($data['i'])) {
         $result = $this->db->query($this->Query_reader->get_query_by_code('set_read_message_status', array('canshow' => 'N', 'messageid' => decryptValue($data['i']), 'readby' => decryptValue($data['u']))));
     }
     #Send the appropriate message
     if (!empty($result) && $result) {
         $msg = "The message has been removed.";
     } else {
         $msg = "ERROR: The message could not be removed.";
     }
     $this->session->set_userdata('rmsg', $msg);
     redirect(base_url() . "messages/load_archive/m/rmsg");
 }