<?php

require_once "libraries/head.php";
if (!isLogin()) {
    sendAjaxRedirect("login.php");
}
if (isset($_POST["groupid"]) && isset($_POST["newstatus"])) {
    if (!isValidID($_POST["groupid"]) || !isValidID($_POST["newstatus"])) {
        sendAjaxResErr("Group ID or Status invalid!");
    }
    $result = executeChange($_SESSION["userID"], $_POST["groupid"], $_POST["newstatus"]);
    if ($result === true) {
        sendAjaxResSuc("Change group status successfully!");
    } else {
        sendAjaxResErr($result);
    }
}
function executeChange($userID, $groupID, $newStatus)
{
    $newStatus = $newStatus;
    if ($newStatus !== "1" && $newStatus !== "2" && $newStatus !== "3") {
        return "Invalid status!";
    }
    $userDAO = new UserDAO();
    $user = $userDAO->getUserByID($userID);
    $groupDAO = new GroupDAO();
    $group = $groupDAO->getGroupByID($groupID);
    if ($group === null) {
        return "Could not find this group!";
    }
    if ($group->getActivateStatus() === $newStatus) {
Ejemplo n.º 2
0
<?php

require_once "libraries/head.php";
if (!isLogin()) {
    sendAjaxRedirect("login.php");
}
if (isset($_POST["profile_firstname"]) && isset($_POST["profile_lastname"]) && isset($_POST["sex"]) && isset($_POST["departmentid"])) {
    $result = execChangeProfile($_POST["profile_firstname"], $_POST["profile_lastname"], $_POST["sex"], $_POST["departmentid"]);
    if ($result === true) {
        sendAjaxResSuc("Change profile successfully!");
    } else {
        sendAjaxResErr($result);
    }
}
function execChangeProfile($firstname, $lastname, $sex, $departmentID)
{
    if (!isValidName($firstname) || !isValidName($lastname)) {
        return "Please enter valid names!";
    }
    if (!isValidID($departmentID)) {
        return "Invalid department id!";
    }
    $departDAO = new DepartmentDAO();
    $depart = $departDAO->getDepartmentByID($departmentID);
    if ($depart === null) {
        return "Could not find the depart!";
    }
    $userDAO = new UserDAO();
    $user = $userDAO->getUserByID($_SESSION["userID"]);
    $user->setDepartment($depart);
    if ($user->getFirstName() != $firstname) {
Ejemplo n.º 3
0
require_once "libraries/head.php";
if (!isLogin()) {
    sendAjaxRedirect("login.php");
}
if (isset($_POST["parentid"]) && isset($_POST["departmentname"])) {
    $result = execCreateDep($_SESSION["userID"], $_POST["parentid"], $_POST["departmentname"]);
    if ($result === true) {
        sendAjaxResSuc();
    } else {
        sendAjaxResErr($result);
    }
} elseif (isset($_POST["departmentid"]) && isset($_POST["departmentname"])) {
    $result = execEditDep($_SESSION["userID"], $_POST["departmentid"], $_POST["departmentname"]);
    if ($result === true) {
        sendAjaxResSuc();
    } else {
        sendAjaxResErr($result);
    }
}
function execCreateDep($userID, $parentID, $departmentName)
{
    if (!isValidID($parentID)) {
        return "Invalid parent ID!";
    }
    if (!isValidDepartmentName($departmentName)) {
        return "Invalid department name!";
    }
    $departDAO = new DepartmentDAO();
    $parent = $departDAO->getDepartmentByID($parentID);
    if ($parent === null) {
Ejemplo n.º 4
0
<?php

require_once "libraries/head.php";
if (!isLogin()) {
    sendAjaxRedirect("login.php");
}
if (isset($_POST["password"]) && isset($_POST["newpassword"]) && isset($_POST["confirmpw"])) {
    $result = execChangePW($_POST["password"], $_POST["newpassword"], $_POST["confirmpw"]);
    if ($result === true) {
        sendAjaxResSuc("Change password successfully!");
    } else {
        sendAjaxResErr($result);
    }
}
function execChangePW($password, $newpassword, $confirmpw)
{
    if ($password == "" || $newpassword == "" || $confirmpw == "") {
        return "Please fill all the necessary information!";
    }
    if (!isValidPassword($password) || !isValidPassword($newpassword)) {
        return "Please enter a valid password!";
    }
    if ($newpassword !== $confirmpw) {
        return "The new password and the confirmed new password must be the same!";
    }
    $userDAO = new UserDAO();
    $user = $userDAO->getUserByID($_SESSION["userID"]);
    if (!verifyPassword($password, $user->getPassword())) {
        return "The old password you entered is not correct!";
    }
    $encryptPW = encryptPassword($newpassword);
Ejemplo n.º 5
0
<?php

require_once "libraries/head.php";
if (!isLogin()) {
    sendAjaxRedirect("index.php");
}
if (isset($_POST["userid"]) && isset($_POST["newrole"])) {
    if (!isValidID($_POST["userid"]) || !isValidID($_POST["newrole"])) {
        sendAjaxResErr("User or role status invalid!");
    }
    $result = executeChange($_SESSION["userID"], $_POST["userid"], $_POST["newrole"]);
    if ($result === true) {
        sendAjaxResSuc("Change role status successfully!");
    } else {
        sendAjaxResErr($result);
    }
}
function executeChange($currUser, $userid, $newrole)
{
    if ($newrole !== "1" && $newrole !== "2" && $newrole !== "3" && $newrole !== "4") {
        return "Invalid status!";
    }
    $userDAO = new UserDAO();
    $userChan = $userDAO->getUserByID($userid);
    $userCurr = $userDAO->getUserByID($currUser);
    //get current session user
    if ($userCurr->getRole()->getRoleID() !== "1" && $userCurr->getRole()->getRoleID() !== "2") {
        return "You have no right to change user status!";
    }
    if ($userChan === null) {
        //database
<?php

require_once "libraries/head.php";
if (!isLogin()) {
    sendAjaxRedirect("login.php");
}
if (isset($_POST["recordid"]) && isset($_POST["newrecordstatus"])) {
    if (!isValidID($_POST["recordid"]) || !isValidID($_POST["newrecordstatus"])) {
        sendAjaxResErr("Record ID or Status invalid!");
    }
    $result = executeChange($_SESSION["userID"], $_POST["recordid"], $_POST["newrecordstatus"]);
    if ($result === true) {
        sendAjaxResSuc("Change record status successfully!");
    } else {
        sendAjaxResErr($result);
    }
}
function executeChange($userID, $recordID, $newRecordStatus)
{
    if ($newRecordStatus !== "1" && $newRecordStatus !== "2" && $newRecordStatus !== "3") {
        return "Invalid status!";
    }
    $userDAO = new UserDAO();
    $user = $userDAO->getUserByID($userID);
    $recordDAO = new RecordDAO();
    $record = $recordDAO->getRecordByID($recordID);
    if ($record === null) {
        return "Could not find this record!";
    }
    if ($record->getDisplayStatus() === $newRecordStatus) {
        return "Old status is equal to new status, don't need to change!";