public static function logout()
{
setNotification("You've been successfully logged out.'");
$_SESSION["username"] = null;
$_SESSION["name"] = null;
redirect("../index.php");
}
function getNotification()
{
if (isset($_GET["notification"])) {
setNotification($_GET["notification"]);
}
if (notificationIsSet()) {
echo "<div id='response'>" . $_SESSION["response"] . "</div>";
}
echo "<script>\$('#response').slideDown();</script>";
$_SESSION["response"] = null;
}
public function forgot()
{
$this->load->library('email');
$this->email->from('info@my_property.com', 'My Property');
$this->email->to('admin@my_property.com');
// $this->email->cc('*****@*****.**');
// $this->email->bcc('*****@*****.**');
$this->email->subject('Password Recovery');
$this->email->message('Your new password is "123456". Kindly change your password from tools to more secure password.');
// $this->email->send();
setNotification('success', 'Check your inbox.');
redirect(base_url('admin/login'));
}
public function index()
{
if ($this->input->post('submit')) {
$result = $this->login_model->validate();
if (!$result) {
setNotification('danger', 'Invalid User name or Password.');
redirect(base_url('login'));
} else {
redirect(base_url('admin/dashboard'));
}
}
$data = array();
$this->render('login', $data);
}
public function index()
{
if ($this->input->post('submit')) {
try {
$result = $this->misc_model->register();
if ($result) {
$this->uploadImage('user/' . $result, 'profile_pic');
setNotification('success', 'Your account created sucessfully.');
redirect(base_url('welcome'));
}
} catch (Exception $e) {
setNotification('danger', 'Error. Coudn\'t register. Try later.');
}
}
$data = array();
$data['cities'] = $this->misc_model->getCities(1);
// country_id
$this->render('register', $data);
}
protected function uploadImage($Path, $FileName)
{
$config['upload_path'] = $_SERVER['DOCUMENT_ROOT'] . '/property/public/uploads/' . $Path;
$config['allowed_types'] = 'gif|jpg|jpeg|png';
// $config['max_size'] = 100;
// $config['max_width'] = 1024;
// $config['max_height'] = 768;
$config['overwrite'] = TRUE;
if (!file_exists($config['upload_path']) && !is_dir($config['upload_path'])) {
mkdir($config['upload_path'], 0777, TRUE);
}
$this->load->library('upload', $config);
$this->upload->initialize($config);
if (!$this->upload->do_upload($FileName)) {
$error = $this->upload->display_errors();
setNotification('danger', 'Error. File not uploaded.');
return false;
}
return true;
}
public static function send($message)
{
$usernames = array();
if (User::isNotAlone()) {
//get a random username
$receiver = User::getRandomUser();
global $link;
//send message
$sql = "INSERT INTO messages(message, sender, receiver) " . "VALUES(:message, :username, :receiver);";
$statement = $link->prepare($sql);
$statement->bindParam(":message", $message, PDO::PARAM_STR);
$statement->bindParam(":username", $_SESSION["username"], PDO::PARAM_STR);
$statement->bindParam(":receiver", $receiver, PDO::PARAM_STR);
$statement->execute();
$statement->closeCursor();
//remove bottle
if (!User::isInfinite()) {
User::removeBottle();
}
} else {
setNotification("There are no other accounts :(<br/>You are alone..");
}
}
$result->execute($data);
} catch (PDOException $e) {
}
if ($result->rowCount() == 1) {
$row = $result->fetch();
$notificationText = sprintf(_('Someone has added a note ("%1$s") about your tutee, %2$s.'), $title, $name);
if ($row["tutor1gibbonPersonID"] != "") {
if ($row["tutor1gibbonPersonID"] != $_SESSION[$guid]["gibbonPersonID"]) {
setNotification($connection2, $guid, $row["tutor1gibbonPersonID"], $notificationText, "Students", "/index.php?q=/modules/Students/student_view_details.php&gibbonPersonID={$gibbonPersonID}&search=" . $_GET["search"] . "&subpage={$subpage}&category=" . $_GET["category"]);
}
}
if ($row["tutor2gibbonPersonID"] != "") {
if ($row["tutor2gibbonPersonID"] != $_SESSION[$guid]["gibbonPersonID"]) {
setNotification($connection2, $guid, $row["tutor2gibbonPersonID"], $notificationText, "Students", "/index.php?q=/modules/Students/student_view_details.php&gibbonPersonID={$gibbonPersonID}&search=" . $_GET["search"] . "&subpage={$subpage}&category=" . $_GET["category"]);
}
}
if ($row["tutor3gibbonPersonID"] != "") {
if ($row["tutor3gibbonPersonID"] != $_SESSION[$guid]["gibbonPersonID"]) {
setNotification($connection2, $guid, $row["tutor3gibbonPersonID"], $notificationText, "Students", "/index.php?q=/modules/Students/student_view_details.php&gibbonPersonID={$gibbonPersonID}&search=" . $_GET["search"] . "&subpage={$subpage}&category=" . $_GET["category"]);
}
}
}
}
//Success 0
$URL .= "&addReturn=success0";
header("Location: {$URL}");
}
}
}
}
}
$URL .= "?loginReturn=fail1";
header("Location: {$URL}");
} else {
$row = $result->fetch();
//Check fail count, reject & alert if 3rd time
if ($row["failCount"] >= 3) {
try {
$dataSecure = array("lastFailIPAddress" => $_SERVER["REMOTE_ADDR"], "lastFailTimestamp" => date("Y-m-d H:i:s"), "failCount" => $row["failCount"] + 1, "username" => $username);
$sqlSecure = "UPDATE gibbonPerson SET lastFailIPAddress=:lastFailIPAddress, lastFailTimestamp=:lastFailTimestamp, failCount=:failCount WHERE (username=:username)";
$resultSecure = $connection2->prepare($sqlSecure);
$resultSecure->execute($dataSecure);
} catch (PDOException $e) {
}
if ($row["failCount"] == 3) {
$notificationText = sprintf(_('Someone failed to login to account "%1$s" 3 times in a row.'), $username);
setNotification($connection2, $guid, $_SESSION[$guid]["organisationAdministrator"], $notificationText, "System", "/index.php?q=/modules/User Admin/user_manage.php&search={$username}");
}
setLog($connection2, $_SESSION[$guid]["gibbonSchoolYearIDCurrent"], NULL, $row["gibbonPersonID"], "Login - Failed", array("username" => $username, "reason" => "Too many failed logins"), $_SERVER["REMOTE_ADDR"]);
$URL .= "?loginReturn=fail6";
header("Location: {$URL}");
} else {
$passwordTest = false;
//If strong password exists
$salt = $row["passwordStrongSalt"];
$passwordStrong = $row["passwordStrong"];
if ($passwordStrong != "" and $salt != "") {
if (hash("sha256", $row["passwordStrongSalt"] . $password) == $row["passwordStrong"]) {
$passwordTest = true;
}
} else {
if ($row["password"] != "") {
public function index()
{
if ($this->input->post('submit') && $this->input->post('submit') == 'submit_profile') {
$result = $this->user_model->updateProfile(getLoginUserId());
if ($result) {
setNotification('success', 'Record updated successfully');
redirect(base_url('admin/profile'));
} else {
setNotification('error', 'Error in updating record');
redirect(base_url('admin/profile'));
}
}
// Change Profile image
if ($this->input->post('submit') && $this->input->post('submit') == 'submit_profile_pic') {
try {
$config['upload_path'] = $_SERVER['DOCUMENT_ROOT'] . '/property/public/uploads/user/' . getLoginUserId();
$config['allowed_types'] = 'gif|jpg|jpeg|png';
$config['overwrite'] = TRUE;
if (!file_exists($config['upload_path']) && !is_dir($config['upload_path'])) {
mkdir($config['upload_path'], 0777, TRUE);
}
$this->load->library('upload', $config);
$this->upload->initialize($config);
if (!$this->upload->do_upload('profile_pic')) {
$error = $this->upload->display_errors();
setNotification('danger', 'Error. File not uploaded. ' . $error);
} else {
$result = $this->user_model->updateProfileImage(getLoginUserId());
if ($result) {
setNotification('success', 'Profile image updated successfully');
$data = array('upload_data' => $this->upload->data());
}
}
redirect(base_url('user/profile'));
} catch (Exception $e) {
setNotification('danger', 'Error. Coudn\'t register. Try later.');
}
}
// Change Password
if ($this->input->post('submit') && $this->input->post('submit') == 'submit_change_password') {
try {
$Verify_Result = $this->misc_model->verify_password(getLoginUserId());
if (is_object($Verify_Result)) {
$result = $this->misc_model->update_password(getLoginUserId());
if ($result) {
setNotification('success', 'Password updated successfully');
redirect(base_url('user/profile'));
}
} else {
setNotification('danger', 'New & Confirm password does not match.');
redirect(base_url('user/profile'));
}
} catch (Exception $e) {
setNotification('danger', 'Error in updating record');
}
}
// Save Roles
if ($this->input->post('submit') && $this->input->post('submit') == 'submit_user_roles') {
try {
$result = $this->user_model->updateUserRoles(getLoginUserId());
if ($result) {
setNotification('success', 'Your user roles sent for approval sucessfully.');
redirect(base_url('user/profile'));
}
} catch (Exception $e) {
setNotification('danger', 'Error. Coudn\'t save data. Try later.');
}
}
$data = array();
$data['user'] = $this->user_model->fetch(getLoginUserId());
// var_dump($data['user']->location_id); exit;
$data['image_path'] = "http://" . $_SERVER['SERVER_NAME'] . '/property/public/uploads/user/' . $data['user']->user_id . '/' . $data['user']->profile_pic;
$data['cities'] = $this->misc_model->getCities(1);
// country_id
// Follwoing code will fetch all possible user roles
$UserRoles = $this->user_model->getUserRoles();
$data['role_list'] = sortedUserRoles($UserRoles);
// Current User's already saved roles
$AgentUserRoles = $this->user_model->getAgentUserRoles(getLoginUserId());
foreach ($AgentUserRoles as $value) {
$data['agent_role_list'][] = $value->role_id;
}
// var_dump($data['agent_role_list']); exit;
$data['title'] = "My Profile";
$this->render('user/profile/index', $data);
}
//mark message as responded to
$sql = "UPDATE messages SET responded = 1 WHERE id = :id;";
$statement = $link->prepare($sql);
$statement->bindParam(":id", $a = $messageData["id"], PDO::PARAM_INT);
$statement->execute();
$statement->closeCursor();
setNotification("Your response has been successfully sent");
} else {
setNotification("There is no open message at this moment");
}
}
//response end
//settings start
if ($_POST['settings_submit']) {
if (!isset($_POST["blacklist_word"]) || empty($POST["backlist_word"])) {
setNotification("You first have to type in a word to put on your blacklist.");
}
$blacklist->add($_POST["blacklist_word"]);
}
//settings end
//application end
?>
<!DOCTYPE html>
<!--
Application Index
-->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>BlueBabble - Connect with strangers like yourself</title>
$rowClassGroup = $resultClassGroup->fetch();
$replyToID = $rowClassGroup["gibbonPersonID"];
}
//Get lesson plan name
$dataLesson = array("gibbonPlannerEntryID" => $gibbonPlannerEntryID);
$sqlLesson = "SELECT * FROM gibbonPlannerEntry WHERE gibbonPlannerEntryID=:gibbonPlannerEntryID";
$resultLesson = $connection2->prepare($sqlLesson);
$resultLesson->execute($dataLesson);
if ($resultLesson->rowCount() == 1) {
$rowLesson = $resultLesson->fetch();
$name = $rowLesson["name"];
}
//Create notification for homework owner, as long as it is not me.
if ($gibbonPersonID != $_SESSION[$guid]["gibbonPersonID"] and $gibbonPersonID != $replyToID) {
$notificationText = sprintf(_('Someone has commented on your homework for lesson plan "%1$s".'), $name);
setNotification($connection2, $guid, $gibbonPersonID, $notificationText, "Crowd Assessment", "/index.php?q=/modules/Crowd Assessment/crowdAssess_view_discuss.php&gibbonPlannerEntryID={$gibbonPlannerEntryID}&gibbonPlannerEntryHomeworkID={$gibbonPlannerEntryHomeworkID}&gibbonPersonID={$gibbonPersonID}");
}
//Create notification to person I am replying to
if (is_null($replyToID) == FALSE) {
$notificationText = sprintf(_('Someone has replied to a comment on homework for lesson plan "%1$s".'), $name);
setNotification($connection2, $guid, $replyToID, $notificationText, "Crowd Assessment", "/index.php?q=/modules/Crowd Assessment/crowdAssess_view_discuss.php&gibbonPlannerEntryID={$gibbonPlannerEntryID}&gibbonPlannerEntryHomeworkID={$gibbonPlannerEntryHomeworkID}&gibbonPersonID={$gibbonPersonID}");
}
//Success 0
$URL .= "&updateReturn=success0{$hash}";
header("Location: {$URL}");
}
}
}
}
}
}
print "Here" . "<br/>";
$emailFailCount++;
}
}
}
if ($recipientList != "") {
$recipientList = substr($recipientList, 0, -2);
//Record email recipients in letter record
try {
$dataUpdate = array("recipientList" => $recipientList, "gibbonBehaviourLetterID" => $gibbonBehaviourLetterID);
$sqlUpdate = "UPDATE gibbonBehaviourLetter set recipientList=:recipientList WHERE gibbonBehaviourLetterID=:gibbonBehaviourLetterID";
$resultUpdate = $connection2->prepare($sqlUpdate);
$resultUpdate->execute($dataUpdate);
} catch (PDOException $e) {
}
}
}
}
}
}
}
}
//Notify admin
if ($email == FALSE) {
$notificationText = _('The Behaviour Letter CLI script has run: no emails were sent.');
setNotification($connection2, $guid, $_SESSION[$guid]["organisationAdministrator"], $notificationText, "Behaviour", "/index.php?q=/modules/Behaviour/behaviour_letters.php");
} else {
$notificationText = sprintf(_('The Behaviour Letter CLI script has run: %1$s emails were sent, of which %2$s failed.'), $emailSendCount, $emailFailCount);
setNotification($connection2, $guid, $_SESSION[$guid]["organisationAdministrator"], $notificationText, "User Admin", "/index.php?q=/modules/Behaviour/behaviour_letters.php");
}
}
$resultCheck2 = $connection2->prepare($sqlCheck2);
$resultCheck2->execute($dataCheck2);
} catch (PDOException $e) {
}
while ($rowCheck2 = $resultCheck2->fetch()) {
//Check to see if parent has any non-staff roles. If not, mark as 'Left'
$nonParentRole = FALSE;
$roles = explode(",", $rowCheck2["gibbonRoleIDAll"]);
foreach ($roles as $role) {
if (getRoleCategory($role, $connection2) != "Parent") {
$nonParentRole = TRUE;
}
}
if ($nonParentRole == FALSE) {
//Update status to 'Left'
try {
$dataUpdate = array("gibbonPersonID" => $rowCheck2["gibbonPersonID"]);
$sqlUpdate = "UPDATE gibbonPerson SET status='Left' WHERE gibbonPersonID=:gibbonPersonID";
$resultUpdate = $connection2->prepare($sqlUpdate);
$resultUpdate->execute($dataUpdate);
} catch (PDOException $e) {
}
$count++;
}
}
}
}
//Notify admin
$notificationText = sprintf(_('A User Admin CLI script has run, updating %1$s users.'), $count);
setNotification($connection2, $guid, $_SESSION[$guid]["organisationAdministrator"], $notificationText, "User Admin", "/index.php?q=/modules/User Admin/user_manage.php");
}
<?php
require 'load.php';
$entry = Entries::get($_GET['id']);
if (!$entry->success) {
setNotification('error', $entry->msg);
redirect('index.php');
}
$tpl = new Layout();
echo $tpl->entriesLayout($tpl->loadTemplate('post', array('post' => $entry->data)));
//Write to database
try {
$data = array('badgesBadgeID' => $badgesBadgeID, 'gibbonSchoolYearID' => $gibbonSchoolYearID, 'date' => dateConvert($guid, $date), 'gibbonPersonID' => $gibbonPersonID, 'comment' => $comment, 'gibbonPersonIDCreator' => $_SESSION[$guid]['gibbonPersonID']);
$sql = 'INSERT INTO badgesBadgeStudent SET badgesBadgeID=:badgesBadgeID, gibbonSchoolYearID=:gibbonSchoolYearID, date=:date, gibbonPersonID=:gibbonPersonID, comment=:comment, gibbonPersonIDCreator=:gibbonPersonIDCreator';
$result = $connection2->prepare($sql);
$result->execute($data);
} catch (PDOException $e) {
$partialFail = true;
}
$badgesBadgeStudentID = $connection2->lastInsertID();
//Attempt to add like
$likeComment = '';
if ($comment != '') {
$likeComment .= $comment;
}
$return = setLike($connection2, 'Badges', $_SESSION[$guid]['gibbonSchoolYearID'], 'badgesBadgeStudentID', $badgesBadgeStudentID, $_SESSION[$guid]['gibbonPersonID'], $gibbonPersonID, 'Badges Granted', $likeComment);
//Notify User
$notificationText = __($guid, 'Someone has granted you a badge.');
setNotification($connection2, $guid, $gibbonPersonID, $notificationText, 'Badges', "/index.php?q=/modules/Badges/badges_view.php&gibbonPersonID={$gibbonPersonID}");
}
if ($partialFail == true) {
//Fail 5
$URL .= '&return=error5';
header("Location: {$URL}");
} else {
//Success 0
$URL .= '&return=success0';
header("Location: {$URL}");
}
}
}
<?php
require '../load.php';
require '../init.php';
if (!isset($_POST['enviar'])) {
$data = array();
$error = array();
} else {
$response = Entries::create($_POST);
if ($response->success) {
setNotification('success', $response->msg);
redirect('entries.php');
} else {
$data = $response->data;
$data['msg'] = $response->msg;
}
}
$tpl = new Layout();
echo $tpl->mobiLayout($tpl->loadTemplate('new_entry', $data));
$comment = $_POST["comment"];
try {
$data = array("gibbonPersonMedicalUpdateID" => $gibbonPersonMedicalUpdateID, "gibbonPersonMedicalID" => $gibbonPersonMedicalID, "name" => $name, "gibbonAlertLevelID" => $gibbonAlertLevelID, "triggers" => $triggers, "reaction" => $reaction, "response" => $response, "medication" => $medication, "lastEpisode" => $lastEpisode, "lastEpisodeTreatment" => $lastEpisodeTreatment, "comment" => $comment, "gibbonPersonIDUpdater" => $_SESSION[$guid]["gibbonPersonID"]);
$sql = "INSERT INTO gibbonPersonMedicalConditionUpdate SET gibbonPersonMedicalUpdateID=:gibbonPersonMedicalUpdateID, gibbonPersonMedicalID=:gibbonPersonMedicalID, name=:name, gibbonAlertLevelID=:gibbonAlertLevelID, triggers=:triggers, reaction=:reaction, response=:response, medication=:medication, lastEpisode=:lastEpisode, lastEpisodeTreatment=:lastEpisodeTreatment, comment=:comment, gibbonPersonIDUpdater=:gibbonPersonIDUpdater";
$result = $connection2->prepare($sql);
$result->execute($data);
} catch (PDOException $e) {
$partialFail = TRUE;
}
}
}
}
//Attempt to notify to DBA
if ($_SESSION[$guid]["organisationDBA"] != "") {
$notificationText = sprintf(_('A medical data update request has been submitted.'));
setNotification($connection2, $guid, $_SESSION[$guid]["organisationDBA"], $notificationText, "Data Updater", "/index.php?q=/modules/User Admin/data_medical.php");
}
//Write to database
try {
if ($existing != "N") {
$data = array("gibbonSchoolYearID" => $_SESSION[$guid]["gibbonSchoolYearID"], "gibbonPersonMedicalID" => $gibbonPersonMedicalID, "gibbonPersonID" => $gibbonPersonID, "bloodType" => $bloodType, "longTermMedication" => $longTermMedication, "longTermMedicationDetails" => $longTermMedicationDetails, "tetanusWithin10Years" => $tetanusWithin10Years, "gibbonPersonIDUpdater" => $_SESSION[$guid]["gibbonPersonID"], "gibbonPersonMedicalUpdateID" => $existing);
$sql = "UPDATE gibbonPersonMedicalUpdate SET gibbonSchoolYearID=:gibbonSchoolYearID, gibbonPersonMedicalID=:gibbonPersonMedicalID, gibbonPersonID=:gibbonPersonID, bloodType=:bloodType, longTermMedication=:longTermMedication, longTermMedicationDetails=:longTermMedicationDetails, tetanusWithin10Years=:tetanusWithin10Years, gibbonPersonIDUpdater=:gibbonPersonIDUpdater WHERE gibbonPersonMedicalUpdateID=:gibbonPersonMedicalUpdateID";
} else {
$data = array("gibbonSchoolYearID" => $_SESSION[$guid]["gibbonSchoolYearID"], "gibbonPersonMedicalID" => $gibbonPersonMedicalID, "gibbonPersonID" => $gibbonPersonID, "bloodType" => $bloodType, "longTermMedication" => $longTermMedication, "longTermMedicationDetails" => $longTermMedicationDetails, "tetanusWithin10Years" => $tetanusWithin10Years, "gibbonPersonIDUpdater" => $_SESSION[$guid]["gibbonPersonID"]);
$sql = "INSERT INTO gibbonPersonMedicalUpdate SET gibbonSchoolYearID=:gibbonSchoolYearID, gibbonPersonMedicalID=:gibbonPersonMedicalID, gibbonPersonID=:gibbonPersonID, bloodType=:bloodType, longTermMedication=:longTermMedication, longTermMedicationDetails=:longTermMedicationDetails, tetanusWithin10Years=:tetanusWithin10Years, gibbonPersonIDUpdater=:gibbonPersonIDUpdater";
}
$result = $connection2->prepare($sql);
$result->execute($data);
} catch (PDOException $e) {
//Fail 2
$URL .= "&updateReturn=fail2";
$resultDetail->execute($dataDetail);
} catch (PDOException $e) {
print "<div class='error'>" . $e->getMessage() . "</div>";
}
if ($resultDetail->rowCount() == 1) {
$rowDetail = $resultDetail->fetch();
$name = formatName("", $rowDetail["preferredName"], $rowDetail["surname"], "Student", false);
$notificationText = sprintf(_('Someone has created a negative behaviour record for your tutee, %1$s.'), $name);
if ($rowDetail["gibbonPersonIDTutor"] != NULL and $rowDetail["gibbonPersonIDTutor"] != $_SESSION[$guid]["gibbonPersonID"]) {
setNotification($connection2, $guid, $rowDetail["gibbonPersonIDTutor"], $notificationText, "Behaviour", "/index.php?q=/modules/Behaviour/behaviour_view_details.php&gibbonPersonID={$gibbonPersonID}&search=");
}
if ($rowDetail["gibbonPersonIDTutor2"] != NULL and $rowDetail["gibbonPersonIDTutor2"] != $_SESSION[$guid]["gibbonPersonID"]) {
setNotification($connection2, $guid, $rowDetail["gibbonPersonIDTutor2"], $notificationText, "Behaviour", "/index.php?q=/modules/Behaviour/behaviour_view_details.php&gibbonPersonID={$gibbonPersonID}&search=");
}
if ($rowDetail["gibbonPersonIDTutor3"] != NULL and $rowDetail["gibbonPersonIDTutor3"] != $_SESSION[$guid]["gibbonPersonID"]) {
setNotification($connection2, $guid, $rowDetail["gibbonPersonIDTutor3"], $notificationText, "Behaviour", "/index.php?q=/modules/Behaviour/behaviour_view_details.php&gibbonPersonID={$gibbonPersonID}&search=");
}
}
}
}
if ($partialFail == TRUE) {
//Fail 5
$URL .= "&addReturn=fail5";
header("Location: {$URL}");
} else {
//Success 0
$URL .= "&addReturn=success0";
header("Location: {$URL}");
}
}
}
function setExpenseNotification($guid, $gibbonFinanceExpenseID, $gibbonFinanceBudgetCycleID, $connection2)
{
//Lock tables
$lock = true;
try {
$sqlLock = "LOCK TABLE gibbonFinanceExpense WRITE, gibbonFinanceExpenseApprover WRITE, gibbonFinanceExpenseLog WRITE, gibbonFinanceBudget WRITE, gibbonFinanceBudgetPerson WRITE, gibbonSetting WRITE, gibbonNotification WRITE, gibbonPerson READ, gibbonModule READ";
$resultLock = $connection2->query($sqlLock);
} catch (PDOException $e) {
$lock = FALSE;
return FALSE;
}
if ($lock) {
try {
$data = array("gibbonFinanceExpenseID" => $gibbonFinanceExpenseID);
$sql = "SELECT gibbonFinanceExpense.*, gibbonFinanceBudget.name AS budget FROM gibbonFinanceExpense JOIN gibbonFinanceBudget ON (gibbonFinanceExpense.gibbonFinanceBudgetID=gibbonFinanceBudget.gibbonFinanceBudgetID) WHERE gibbonFinanceExpense.gibbonFinanceExpenseID=:gibbonFinanceExpenseID";
$result = $connection2->prepare($sql);
$result->execute($data);
} catch (PDOException $e) {
return FALSE;
}
if ($result->rowCount() != 1) {
return FALSE;
} else {
$row = $result->fetch();
//Get settings for budget-level and school-level approval
$expenseApprovalType = getSettingByScope($connection2, "Finance", "expenseApprovalType");
$budgetLevelExpenseApproval = getSettingByScope($connection2, "Finance", "budgetLevelExpenseApproval");
if ($expenseApprovalType == "" or $budgetLevelExpenseApproval == "") {
return FALSE;
} else {
if ($row["status"] != "Requested") {
//Finished? Return
return TRUE;
} else {
//Not finished
$notificationText = sprintf(_('Someone has requested expense approval for "%1$s" in budget "%2$s".'), $row["title"], $row["budget"]);
if ($row["statusApprovalBudgetCleared"] == "N") {
//Notify budget holders (e.g. access Full)
//Get Full budget people, and notify them
try {
$dataBudget = array("gibbonFinanceBudgetID" => $row["gibbonFinanceBudgetID"]);
$sqlBudget = "SELECT gibbonPersonID FROM gibbonFinanceBudget JOIN gibbonFinanceBudgetPerson ON (gibbonFinanceBudgetPerson.gibbonFinanceBudgetID=gibbonFinanceBudget.gibbonFinanceBudgetID) WHERE access='Full' AND gibbonFinanceBudget.gibbonFinanceBudgetID=:gibbonFinanceBudgetID";
$resultBudget = $connection2->prepare($sqlBudget);
$resultBudget->execute($dataBudget);
} catch (PDOException $e) {
return FALSE;
}
if ($resultBudget->rowCount() < 1) {
return FALSE;
} else {
while ($rowBudget = $resultBudget->fetch()) {
setNotification($connection2, $guid, $rowBudget["gibbonPersonID"], $notificationText, "Finance", "/index.php?q=/modules/Finance/expenses_manage_approve.php&gibbonFinanceExpenseID={$gibbonFinanceExpenseID}&gibbonFinanceBudgetCycleID={$gibbonFinanceBudgetCycleID}&status=&gibbonFinanceBudgetID=" . $row["gibbonFinanceBudgetID"]);
return TRUE;
}
}
} else {
//School-level approval, what type is it?
if ($expenseApprovalType == "One Of" or $expenseApprovalType == "Two Of") {
//One Of or Two Of, so alert all approvers
try {
$dataApprovers = array("gibbonFinanceExpenseID" => $gibbonFinanceExpenseID);
$sqlApprovers = "SELECT gibbonPerson.gibbonPersonID, gibbonFinanceExpenseLog.gibbonFinanceExpenseLogID FROM gibbonFinanceExpenseApprover JOIN gibbonPerson ON (gibbonFinanceExpenseApprover.gibbonPersonID=gibbonPerson.gibbonPersonID) LEFT JOIN gibbonFinanceExpenseLog ON (gibbonFinanceExpenseLog.gibbonPersonID=gibbonPerson.gibbonPersonID AND gibbonFinanceExpenseLog.gibbonFinanceExpenseID=:gibbonFinanceExpenseID) WHERE gibbonPerson.status='Full' ORDER BY surname, preferredName";
$resultApprovers = $connection2->prepare($sqlApprovers);
$resultApprovers->execute($dataApprovers);
} catch (PDOException $e) {
return FALSE;
}
if ($resultApprovers->rowCount() < 1) {
return FALSE;
} else {
while ($rowApprovers = $resultApprovers->fetch()) {
if ($rowApprovers["gibbonFinanceExpenseLogID"] == "") {
setNotification($connection2, $guid, $rowApprovers["gibbonPersonID"], $notificationText, "Finance", "/index.php?q=/modules/Finance/expenses_manage_approve.php&gibbonFinanceExpenseID={$gibbonFinanceExpenseID}&gibbonFinanceBudgetCycleID={$gibbonFinanceBudgetCycleID}&status=&gibbonFinanceBudgetID=" . $row["gibbonFinanceBudgetID"]);
}
}
return TRUE;
}
} else {
if ($expenseApprovalType == "Chain Of All") {
//Chain of all
//Get notifiers in sequence
try {
$dataApprovers = array("gibbonFinanceExpenseID" => $gibbonFinanceExpenseID);
$sqlApprovers = "SELECT gibbonPerson.gibbonPersonID AS g1, gibbonFinanceExpenseLog.gibbonPersonID AS g2 FROM gibbonFinanceExpenseApprover JOIN gibbonPerson ON (gibbonFinanceExpenseApprover.gibbonPersonID=gibbonPerson.gibbonPersonID) LEFT JOIN gibbonFinanceExpenseLog ON (gibbonFinanceExpenseLog.gibbonPersonID=gibbonFinanceExpenseApprover.gibbonPersonID AND gibbonFinanceExpenseLog.action='Approval - Partial - School' AND gibbonFinanceExpenseLog.gibbonFinanceExpenseID=:gibbonFinanceExpenseID) WHERE gibbonPerson.status='Full' ORDER BY sequenceNumber, surname, preferredName";
$resultApprovers = $connection2->prepare($sqlApprovers);
$resultApprovers->execute($dataApprovers);
} catch (PDOException $e) {
return FALSE;
}
if ($resultApprovers->rowCount() < 1) {
return FALSE;
} else {
$approvers = $resultApprovers->fetchAll();
$gibbonPersonIDNext = NULL;
foreach ($approvers as $approver) {
if ($approver["g1"] != $approver["g2"]) {
if (is_null($gibbonPersonIDNext)) {
$gibbonPersonIDNext = $approver["g1"];
}
}
}
if (is_null($gibbonPersonIDNext)) {
return FALSE;
} else {
setNotification($connection2, $guid, $gibbonPersonIDNext, $notificationText, "Finance", "/index.php?q=/modules/Finance/expenses_manage_approve.php&gibbonFinanceExpenseID={$gibbonFinanceExpenseID}&gibbonFinanceBudgetCycleID={$gibbonFinanceBudgetCycleID}&status=&gibbonFinanceBudgetID=" . $row["gibbonFinanceBudgetID"]);
return TRUE;
}
}
} else {
return FALSE;
}
}
}
}
}
}
}
}
$sql = "INSERT INTO gibbonPerson SET surname=:surname, firstName=:firstName, preferredName=:preferredName, officialName=:officialName, gender=:gender, dob=:dob, email=:email, username=:username, password='', passwordStrong=:passwordStrong, passwordStrongSalt=:passwordStrongSalt, status=:status, gibbonRoleIDPrimary=:gibbonRoleIDPrimary, gibbonRoleIDAll=:gibbonRoleIDAll";
$result = $connection2->prepare($sql);
$result->execute($data);
} catch (PDOException $e) {
//Fail 2
print $e->getMessage();
exit;
$URL .= "&addReturn=fail2";
header("Location: {$URL}");
break;
}
$gibbonPersonID = $connection2->lastInsertId();
if ($status == "Pending Approval") {
//Attempt to notify Admissions
if ($_SESSION[$guid]["organisationAdmissions"]) {
$notificationText = sprintf(_('An new public registration, for %1$s, is pending approval.'), formatName("", $preferredName, $surname, "Student"));
setNotification($connection2, $guid, $_SESSION[$guid]["organisationAdmissions"], $notificationText, "User Admin", "/index.php?q=/modules/User Admin/user_manage_edit.php&gibbonPersonID={$gibbonPersonID}&search=");
}
//Success 1
$URL .= "&addReturn=success1";
header("Location: {$URL}");
} else {
//Success 0
$URL .= "&addReturn=success0";
header("Location: {$URL}");
}
}
}
}
}
}
$dataClassGroup = array("gibbonPlannerEntryDiscussID" => $replyTo);
$sqlClassGroup = "SELECT * FROM gibbonPlannerEntryDiscuss WHERE gibbonPlannerEntryDiscussID=:gibbonPlannerEntryDiscussID";
$resultClassGroup = $connection2->prepare($sqlClassGroup);
$resultClassGroup->execute($dataClassGroup);
if ($resultClassGroup->rowCount() == 1) {
$rowClassGroup = $resultClassGroup->fetch();
$replyToID = $rowClassGroup["gibbonPersonID"];
}
//Create notification for all people in class except me
$dataClassGroup = array("gibbonCourseClassID" => $row["gibbonCourseClassID"]);
$sqlClassGroup = "SELECT * FROM gibbonCourseClassPerson INNER JOIN gibbonPerson ON gibbonCourseClassPerson.gibbonPersonID=gibbonPerson.gibbonPersonID WHERE gibbonCourseClassID=:gibbonCourseClassID AND status='Full' AND (dateStart IS NULL OR dateStart<='" . date("Y-m-d") . "') AND (dateEnd IS NULL OR dateEnd>='" . date("Y-m-d") . "') AND (NOT role='Student - Left') AND (NOT role='Teacher - Left') ORDER BY role DESC, surname, preferredName";
$resultClassGroup = $connection2->prepare($sqlClassGroup);
$resultClassGroup->execute($dataClassGroup);
while ($rowClassGroup = $resultClassGroup->fetch()) {
if ($rowClassGroup["gibbonPersonID"] != $_SESSION[$guid]["gibbonPersonID"] and $rowClassGroup["gibbonPersonID"] != $replyToID) {
$notificationText = sprintf(_('Someone has commented on your lesson plan "%1$s".'), $row["name"]);
setNotification($connection2, $guid, $rowClassGroup["gibbonPersonID"], $notificationText, "Planner", "/index.php?q=/modules/Planner/planner_view_full.php&gibbonPlannerEntryID={$gibbonPlannerEntryID}&viewBy=date&date=" . $row["date"] . "&gibbonCourseClassID=&search=#chat");
}
}
//Create notification to person I am replying to
if (is_null($replyToID) == FALSE) {
$notificationText = sprintf(_('Someone has replied to a comment you made on lesson plan "%1$s".'), $row["name"]);
setNotification($connection2, $guid, $replyToID, $notificationText, "Planner", "/index.php?q=/modules/Planner/planner_view_full.php&gibbonPlannerEntryID={$gibbonPlannerEntryID}&viewBy=date&date=" . $row["date"] . "&gibbonCourseClassID=&search=#chat");
}
//Success 0
$URL .= "&postReturn=success0";
header("Location: {$URL}");
}
}
}
}
<?php
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
session_start();
date_default_timezone_set('Asia/Tokyo');
function setNotification($message, $user_id)
{
try {
$dbh = new PDO('mysql:host=mysql488.db.sakura.ne.jp;dbname=meganeshibu_db;charset=utf8', 'meganeshibu', 'DBmaster777', array(PDO::ATTR_EMULATE_PREPARES => false));
} catch (PDOException $e) {
exit('データベース接続失敗。' . $e->getMessage());
}
$registTime = new DateTime();
$sql = "insert into NotificationTable(UserID, NotificationInfo, RegistTime) values('" . $user_id . "',' " . $message . "',' " . $registTime->format('Y-m-d H:i:s') . "')";
$stmt = $dbh->query($sql);
$dbh = null;
}
if (filter_input(INPUT_POST, "message") != NULL) {
$message = filter_input(INPUT_POST, "message");
$id = $_SESSION["user_id"];
setNotification($message, $id);
}
if ($mail->Send()) {
$sendSucceedCount++;
} else {
error_log(sprintf(_('Planner Wekly Summary Email: an error (%1$s) occured sending an email to %2$s.'), "5", $rowMember["preferredName"] . " " . $rowMember["surname"]));
$sendFailCount++;
}
}
}
}
}
}
}
}
}
}
//Unlock module table
try {
$sql = "UNLOCK TABLES";
$result = $connection2->query($sql);
} catch (PDOException $e) {
}
//Notify administrator
$body = _("Week") . ": " . date("W") . "<br/>";
$body .= _("Student Count") . ": " . $studentCount . "<br/>";
$body .= _("Send Succeed Count") . ": " . $sendSucceedCount . "<br/>";
$body .= _("Send Fail Count") . ": " . $sendFailCount . "<br/><br/>";
$notificationText = _('A Planner CLI script has run.') . "<br/>" . $body;
setNotification($connection2, $guid, $_SESSION[$guid]["organisationAdministrator"], $notificationText, "Planner", "/index.php?q=/modules/Planner/report_parentWeeklyEmailSummaryConfirmation.php");
}
}
//}
public function delete($PropertyID)
{
try {
$result = $this->property_model->delete($PropertyID);
if ($result) {
setNotification('success', 'Record deleted successfully');
redirect(base_url('admin/dashboard'));
// Pending: Get last state and redirect there...
}
} catch (Exception $e) {
setNotification('error', 'Error in deleting record');
redirect(base_url('admin/dashboard'));
// Pending: Get last state and redirect there...
}
}
try {
$data = array("gibbonFinanceExpenseID" => $gibbonFinanceExpenseID, "status" => 'Paid', "paymentDate" => $paymentDate, "paymentAmount" => $paymentAmount, "gibbonPersonIDPayment" => $gibbonPersonIDPayment, "paymentMethod" => $paymentMethod, "paymentReimbursementReceipt" => $attachment, "paymentReimbursementStatus" => "Requested");
$sql = "UPDATE gibbonFinanceExpense SET status=:status, paymentDate=:paymentDate, paymentAmount=:paymentAmount, gibbonPersonIDPayment=:gibbonPersonIDPayment, paymentMethod=:paymentMethod, paymentReimbursementReceipt=:paymentReimbursementReceipt, paymentReimbursementStatus=:paymentReimbursementStatus WHERE gibbonFinanceExpenseID=:gibbonFinanceExpenseID";
$result = $connection2->prepare($sql);
$result->execute($data);
} catch (PDOException $e) {
//Fail2
$URL .= "&editReturn=fail2";
header("Location: {$URL}");
break;
}
//Notify reimbursement officer that action is required
$reimbursementOfficer = getSettingByScope($connection2, "Finance", "reimbursementOfficer");
if ($reimbursementOfficer != FALSE and $reimbursementOfficer != "") {
$notificationText = sprintf(_('Someone has requested reimbursement for "%1$s" in budget "%2$s".'), $row["title"], $row["budget"]);
setNotification($connection2, $guid, $reimbursementOfficer, $notificationText, "Finance", "/index.php?q=/modules/Finance/expenses_manage_edit.php&gibbonFinanceExpenseID={$gibbonFinanceExpenseID}&gibbonFinanceBudgetCycleID={$gibbonFinanceBudgetCycleID}&status=&gibbonFinanceBudgetID=" . $row["gibbonFinanceBudgetID"]);
}
//Write paid change to log
try {
$data = array("gibbonFinanceExpenseID" => $gibbonFinanceExpenseID, "gibbonPersonID" => $_SESSION[$guid]["gibbonPersonID"], "action" => "Payment");
$sql = "INSERT INTO gibbonFinanceExpenseLog SET gibbonFinanceExpenseID=:gibbonFinanceExpenseID, gibbonPersonID=:gibbonPersonID, timestamp='" . date("Y-m-d H:i:s") . "', action=:action";
$result = $connection2->prepare($sql);
$result->execute($data);
} catch (PDOException $e) {
//Fail2
$URL .= "&editReturn=fail2";
header("Location: {$URL}");
break;
}
//Write reimbursement request change to log
try {
if ($statusOld != $status) {
$action = "";
if ($status == "Requested") {
$action = "Request";
} else {
if ($status == "Approved") {
$action = "Approval - Exempt";
//Notify original creator that it is approved
$notificationText = sprintf(_('Your expense request for "%1$s" in budget "%2$s" has been fully approved.'), $row["title"], $row["budget"]);
setNotification($connection2, $guid, $row["gibbonPersonIDCreator"], $notificationText, "Finance", "/index.php?q=/modules/Finance/expenses_manage_view.php&gibbonFinanceExpenseID={$gibbonFinanceExpenseID}&gibbonFinanceBudgetCycleID={$gibbonFinanceBudgetCycleID}&status=&gibbonFinanceBudgetID=" . $row["gibbonFinanceBudgetID"]);
} else {
if ($status == "Rejected") {
$action = "Rejection";
//Notify original creator that it is rejected
$notificationText = sprintf(_('Your expense request for "%1$s" in budget "%2$s" has been rejected.'), $row["title"], $row["budget"]);
setNotification($connection2, $guid, $row["gibbonPersonIDCreator"], $notificationText, "Finance", "/index.php?q=/modules/Finance/expenses_manage_view.php&gibbonFinanceExpenseID={$gibbonFinanceExpenseID}&gibbonFinanceBudgetCycleID={$gibbonFinanceBudgetCycleID}&status=&gibbonFinanceBudgetID=" . $row["gibbonFinanceBudgetID"]);
} else {
if ($status == "Ordered") {
$action = "Order";
} else {
if ($status == "Paid") {
$action = "Payment";
} else {
if ($status == "Cancelled") {
$action = "Cancellation";
}
}
}
}
}
}
if ($row["gibbonPersonIDTutor2"] != "") {
$ids[$countInner][0] = $row["gibbonRollGroupID"];
$ids[$countInner][1] = $row["gibbonPersonIDTutor2"];
$countInner++;
}
if ($row["gibbonPersonIDTutor3"] != "") {
$ids[$countInner][0] = $row["gibbonRollGroupID"];
$ids[$countInner][1] = $row["gibbonPersonIDTutor3"];
$countInner++;
}
}
}
}
if (isset($count)) {
if ($count == 0) {
$report = sprintf(_('All form groups have been registered today (%1$s).'), dateConvertBack($guid, $currentDate));
} else {
$report = sprintf(_('%1$s form groups have not been registered today (%2$s).'), $count, dateConvertBack($guid, $currentDate)) . "<br/><br/>" . $reportInner;
}
}
print $report;
//Notify non-completing tutors
foreach ($ids as $id) {
$notificationText = _('You have not taken attendance yet today. Please do so as soon as possible.');
setNotification($connection2, $guid, $id[1], $notificationText, "Attendance", "/index.php?q=/modules/Attendance/attendance_take_byRollGroup.php&gibbonRollGroupID=" . $id[0] . "¤tDate=" . dateConvertBack($guid, date('Y-m-d')));
}
//Notify admin {
$notificationText = _('An Attendance CLI script has run.') . " " . $report;
setNotification($connection2, $guid, $_SESSION[$guid]["organisationAdministrator"], $notificationText, "Attendance", "/index.php?q=/modules/Attendance/report_rollGroupsNotRegistered_byDate.php");
}
}
if ($_SESSION[$guid]["i18n"]["code"] != NULL) {
putenv("LC_ALL=" . $_SESSION[$guid]["i18n"]["code"]);
setlocale(LC_ALL, $_SESSION[$guid]["i18n"]["code"]);
bindtextdomain("gibbon", getcwd() . "/../i18n");
textdomain("gibbon");
}
}
//Set timezone from session variable
date_default_timezone_set($_SESSION[$guid]["timezone"]);
//Check for CLI, so this cannot be run through browser
//if (php_sapi_name()!="cli") {
// print _("This script cannot be run from a browser, only via CLI.") . "\n\n" ;
//}
//else {
//SCAN THROUGH ALL OVERDUE LOANS
$today = date("Y-m-d");
try {
$data = array("today" => $today);
$sql = "SELECT gibbonLibraryItem.*, surname, preferredName, email FROM gibbonLibraryItem JOIN gibbonPerson ON (gibbonLibraryItem.gibbonPersonIDStatusResponsible=gibbonPerson.gibbonPersonID) WHERE gibbonLibraryItem.status='On Loan' AND borrowable='Y' AND returnExpected<:today AND gibbonPerson.status='Full' ORDER BY surname, preferredName";
$result = $connection2->prepare($sql);
$result->execute($data);
} catch (PDOException $e) {
}
if ($result->rowCount() > 0) {
while ($row = $result->fetch()) {
//For every student
$notificationText = sprintf(_('You have an overdue loan item that needs to be returned (%1$s).'), $row["name"]);
setNotification($connection2, $guid, $row["gibbonPersonIDStatusResponsible"], $notificationText, "Library", "/index.php?q=/modules/Library/library_browse.php&gibbonLibraryItemID=" . $row["gibbonLibraryItemID"]);
}
}
//}
print "\nError has occurred";
}
}
function setNotification($message, $user_id)
{
try {
$dbh = new PDO('mysql:host=mysql488.db.sakura.ne.jp;dbname=meganeshibu_db;charset=utf8', 'meganeshibu', 'DBmaster777', array(PDO::ATTR_EMULATE_PREPARES => false));
} catch (PDOException $e) {
exit('データベース接続失敗。' . $e->getMessage());
}
$registTime = new DateTime();
$sql = "insert into NotificationTable(UserID, NotificationInfo, RegistTime) values('" . $user_id . "',' " . $message . "',' " . $registTime->format('Y-m-d H:i:s') . "')";
$stmt = $dbh->query($sql);
$dbh = null;
}
$notificationList = checkNotification('', '+1 hour');
foreach ($notificationList as $notification) {
$regId = $notification['notificationID'];
if ($notification['type'] == 'スケジュール') {
$ref = '開始';
} else {
if ($notification['type'] == 'タスク') {
$ref = '終了';
}
}
$message = $notification['type'] . '「' . $notification['name'] . '」の' . $ref . '1時間前です';
if ($regId) {
sendNotification($message, $regId);
}
setNotification($message, $notification['user_id']);
}