public function login()
{
Hooks::addHook('js', 'Controllers\\auth@js');
Hooks::addHook('css', 'Controllers\\auth@css');
$error = 'hi';
$success = 'hi';
if (Session::get('loggedin')) {
Url::redirect();
}
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
//validation
if (Password::verify($password, $this->_model->getHash($username)) == false) {
$error[] = 'Wrong username or password';
}
//if validation has passed carry on
if (!$error) {
Session::set('loggedin', true);
Session::set('username', $username);
Session::set('memberID', $this->_model->getID($username));
$data = array('lastLogin' => date('Y-m-d G:i:s'));
$where = array('memberID' => $this->_model->getID($username));
$this->_model->update($data, $where);
$error = 'hi';
Url::redirect();
}
}
$data['title'] = 'Login';
View::rendertemplate('header', $data);
View::render('auth/login', $data, $error, $success);
View::rendertemplate('footer', $data);
}
public function index()
{
if (!Session::get('loggedin')) {
Url::redirect('login');
}
if (isset($_POST['submit']) && $_FILES['fileToUpload']['size'] > 0) {
$name = !isset($_POST['productName']) || trim($_POST['productName']) == '' ? '' : $_POST['productName'];
$price = !isset($_POST['productPrice']) || trim($_POST['productPrice']) == '' ? 0 : floatval($_POST['productPrice']);
$description = !isset($_POST['productDescription']) || trim($_POST['productDescription']) == '' ? '' : $_POST['productDescription'];
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file, PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if (isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if ($check !== false) {
//echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
//echo "File is not an image.";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
$error = "Sorry, file already exists." . $error;
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
$error = "Sorry, your file is too large." . $error;
$uploadOk = 0;
}
// Allow certain file formats
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") {
$error = "Sorry, only JPG, JPEG, PNG & GIF files are allowed." . $error;
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
$error = "Sorry, your file was not uploaded." . $error;
// if everything is ok, try to upload file
} else {
//if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], str_replace(' ','-',strtolower($target_file)))) {
//echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
$product['product'] = array('name' => $name, 'price' => $price, 'description' => $description, 'lastUpdate' => date('Y-m-d G:i:s'));
$product['image'] = array('image' => file_get_contents($_FILES['fileToUpload']['tmp_name']), 'size' => $_FILES["fileToUpload"]["size"], 'type' => $imageFileType);
$this->_model->insertProduct($product);
//unlink(str_replace(' ','-',strtolower($target_file)));
}
}
Hooks::addHook('js', 'Controllers\\menu@indexJS');
Hooks::addHook('css', 'Controllers\\menu@indexCss');
$data['title'] = 'index';
$data['username'] = Session::get('username');
View::rendertemplate('header', $data);
View::render('menu/index', $data, $error);
View::rendertemplate('footer', $data);
}
/**
* define page title and load template files
*/
public function index()
{
$this->data['title'] = 'Admin Dashboard';
View::rendertemplate('header', $this->data);
View::rendertemplate('sidebar', $this->data);
View::render('dashboard/dashboard.index', $this->data);
View::rendertemplate('footer', $this->data);
}
/**
* define page title and load template files
*/
public function index()
{
$data['title'] = 'Welcome';
$data['welcome_message'] = $this->language->get('welcome_message');
View::rendertemplate('home_header', $this->data);
View::rendertemplate('sidebar', $this->data);
View::render('home/home.index', $this->data);
}
/**
* load a 404 page with the error message
*/
public function index()
{
header("HTTP/1.0 404 Not Found");
$data['title'] = '404';
$data['error'] = $this->_error;
View::rendertemplate('header', $data);
View::render('error/404', $data);
View::rendertemplate('footer', $data);
}
public function login()
{
Hooks::addHook('js', 'Controllers\\auth@js');
Hooks::addHook('css', 'Controllers\\auth@css');
// if(Session::get('loggedin')){
// Url::redirect();
// }
$currentUser = ParseUser::getCurrentUser();
if ($currentUser) {
// do stuff with the user
Url::redirect();
} else {
// show the signup or login page
}
//==============Sign Up Manually==========================
// $user = new ParseUser();
// $user->set("username", "yoak");
// $user->set("password", "yoakyoak");
// $user->set("email", "*****@*****.**");
// // other fields can be set just like with ParseObject
// $user->set("phone", "0909814465");
// try {
// $user->signUp();
// // Hooray! Let them use the app now.
// $error = 'Hooray! Let them use the app now.';
// } catch (ParseException $ex) {
// // Show the error message somewhere and let the user try again.
// echo "Error: " . $ex->getCode() . " " . $ex->getMessage();
// }
//==============Sign Up Manually==========================
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
try {
$user = ParseUser::logIn($username, $password);
Url::redirect();
// Do stuff after successful login.
} catch (ParseException $ex) {
// The login failed. Check error to see why.
$error = "ParseException: " . $ex->getCode() . " " . $ex->getMessage();
}
}
$data['title'] = 'Login';
View::rendertemplate('header', $data);
View::render('auth/login', $data, $error);
View::rendertemplate('footer', $data);
}
/**
* Post : Display post by ID and URL
*/
public function post($id, $url)
{
/* Get Post Informations */
$data['post'] = $this->blog->get_post($id, $url);
/* Meta Tags */
if (!empty($data['post'][0]->post_title)) {
$data['title'] = $data['post'][0]->post_title;
} else {
$data['title'] = $data['post'][0]->post_name;
}
$data['meta_description'] = $data['post'][0]->post_meta_description;
/* Display View */
if ($url = $data['post'][0]->post_url) {
View::renderTemplate('header', $data);
View::render('blog/post', $data);
View::renderTemplate('footer', $data);
} else {
View::rendertemplate('header', $data);
View::render('error/404', $data);
View::rendertemplate('footer', $data);
}
}
public function signup($slug = null)
{
$this->data['title'] = 'Join Us';
// $module_slug = $slug[0];
$role = new \models\userrole();
$user = new User();
$this->data['user_role'] = $role->all();
//PULL DATA FROM SITESETTINGS
$document = new \Helpers\Document();
$details = $document->siteSettings();
//GET NEW USER STATUS ID
$this->model->table('user_status');
$user_status = $this->model->get_row(array("title" => "inactive"));
$this->data['reg_form'] = $details['reg_form'];
if (isset($_POST) && !empty($_POST)) {
if ($_POST['password'] == $_POST['password2']) {
$encrypted = md5($_POST['password']);
$row_count = $user->get(array("email" => $_POST['email']));
if (count($row_count) >= 1) {
$this->data['error'] = 'Email exists in our records, please use a different email';
} else {
$insert_array = array('firstname' => $_POST['fname'], 'lastname' => $_POST['lname'], 'email' => $_POST['email'], 'password' => $encrypted, 'role' => $_POST['role'], 'status' => $user_status->id);
$hash = $user->register($insert_array);
if ($hash != '') {
//SEND ACCOUNT DETAILS TO USER
$fullname = $_POST['fname'] . ' ' . $_POST['lname'];
$subject = 'New Account';
$mail = new \helpers\phpmailer\mail();
$mail->template('welcome');
$mail->generalEmail($_POST['email'], $subject, $fullname, $hash);
$this->data['success'] = 'A link has been sent to your email, please click to activate your account';
} else {
$this->data['error'] = 'Operation Fails, Please contact admin';
}
}
} else {
$this->data['error'] = 'Password does not match!';
}
}
View::rendertemplate('header', $this->data);
View::render('account/signup', $this->data);
View::rendertemplate('footer', $this->data);
}
public function edit($parameter)
{
$item_id = $parameter[0];
$this->data['title'] = 'Add Item';
$this->data['page_section'] = 'edit';
$category_model = new \Models\Category();
$this->data['category'] = $category_model->find($item_id);
if (isset($_POST) && !empty($_POST)) {
$category_title = $_POST['category_title'];
$category_slug = $_POST['category_slug'];
$category_modified = time();
$update_array = array('category_title' => $category_title, 'category_modified' => $category_created);
$update_array = Gump::xss_clean($update_array);
$update_array = Gump::sanitize($update_array);
$update_id = $category_model->updateId($update_array, $item_id);
if ($update_id > 0) {
Session::set('success', 'category edited');
Url::redirect('category');
}
}
View::rendertemplate('header', $this->data);
View::rendertemplate('sidebar', $this->data);
View::render('category/category.add', $this->data);
View::rendertemplate('footer', $this->data);
}
public function edit($param)
{
$edit_id = $param[0];
$user_model = new User();
if (isset($_POST) && !empty($_POST)) {
$artistArray = array('user_firstname' => $_POST['firstname'], 'user_stagename' => $_POST['stagename'], 'user_bio' => $_POST['bio'], 'twitter_handle' => $_POST['twitter_handle'], 'user_modified' => time());
$artistArray = Gump::xss_clean($artistArray);
$artistArray = Gump::sanitize($artistArray);
$update_id = $user_model->updateId($artistArray, $edit_id);
//UPLOAD ATTACHMENT
if ($_FILES["image"]["tmp_name"] != '') {
//upload image into uploads folder
Upload::setName($slug . time());
Upload::resizeUpload($_FILES["image"], UPLOAD_PATH, '450px');
$update_data = array('user_image' => Upload::getFileName('images'));
if ($this->user_model->updateId($update_data, $edit_id)) {
Session::set('success', 'Artist record edited');
} else {
Session::set('error', 'operation fails');
}
}
if ($update_id > 0) {
Session::set('success', 'Artist record edited');
Url::redirect('artist');
} else {
Session::set('error', 'operation fails');
}
}
$this->data['user_data'] = $user_model->find($edit_id);
View::rendertemplate('header', $this->data);
View::rendertemplate('sidebar', $this->data);
View::render('artist/artist.add', $this->data);
View::rendertemplate('footer', $this->data);
}
public function edit($param)
{
$song_id = $param[0];
$songModel = new \Models\Song();
$this->data['title'] = 'Edit Song';
$this->data['albums'] = $this->albumModel->all();
$this->data['artist'] = User::artist();
$this->data['genre'] = $this->categoryModel->get(array('category_slug' => 'genre'));
$this->data['tags'] = $this->categoryModel->get(array('category_slug' => 'tag'));
$this->data['status'] = $this->status_model->get(array('status_slug' => 'album'));
if (isset($_POST) && !empty($_POST)) {
$songArray = array('song_album_id' => $_POST['album_id'], 'song_user_id' => Session::get('user_id'), 'song_artist_id' => $_POST['artist_id'], 'song_genre_id' => $_POST['genre_id'], 'song_status_id' => $_POST['status_id'], 'song_title' => $_POST['title'], 'song_description' => $_POST['description'], 'song_modified' => time(), 'song_slug' => Url::generateSafeSlug($_POST['title']));
$songArray = Gump::xss_clean($songArray);
$songArray = Gump::sanitize($songArray);
$update = $songModel->updateId($songArray, $song_id);
if ($update > 0) {
$message = 'ok';
} else {
$message = 'no';
}
if ($_FILES["mp3"]["tmp_name"] != '') {
//resize youtube image into uploads folder
Upload::setName(time());
Upload::upload_file($_FILES["mp3"], UPLOAD_PATH);
$filepath = UPLOAD_PATH . Upload::getName();
$outputMp3 = UPLOAD_PATH . 'encoded_' . Upload::getName();
//check bitrate
$bitRate = Audio::bitRateSampleRate($filepath, 'bitrate');
$duration = Audio::duration($filepath);
if ($bitRate > 128) {
$convertMp3 = Audio::convertMp3($filepath, 128, $outputMp3);
}
if (is_file($outputMp3)) {
$updateArray = array('song_file' => 'images/encoded_' . Upload::getName(), 'song_duration' => $duration);
unlink($filepath);
} else {
$updateArray = array('song_file' => Upload::getFileName('images'), 'song_duration' => $duration);
}
$saveMp3 = $songModel->updateId($updateArray, $song_id);
}
//UPLOAD SONG COVER
if ($_FILES["image"]["tmp_name"] != '') {
//upload file into uploads folder
Upload::setName(time());
Upload::resizeUpload($_FILES["image"], UPLOAD_PATH, '450px');
$update_data = array('song_image' => Upload::getFileName('images'));
$songModel->updateId($update_data, $song_id);
}
}
if ($message == 'ok') {
Session::set('success', 'record edited');
Url::redirect('song/item/' . $_POST['album_id']);
} else {
if ($message == 'no') {
$this->data['error'] = 'Operation Fails!';
}
}
$this->data['song'] = \Models\Song::item($song_id);
View::rendertemplate('header', $this->data);
View::rendertemplate('sidebar', $this->data);
View::render('song/song.edit', $this->data);
View::rendertemplate('footer', $this->data);
}
public function order()
{
$currentUser = ParseUser::getCurrentUser();
if ($currentUser) {
// do stuff with the user
} else {
// show the signup or login page
Url::redirect('login');
}
if (isset($_POST['table'])) {
View::render('inventory/order-table', $data, $error);
} elseif (isset($_POST['del']) && isset($_POST['objectId'])) {
$objectId = $_POST['objectId'];
$query = new ParseQuery('Order');
try {
$data = 1;
} catch (ParseException $ex) {
$data = $ex;
}
$query->equalTo('objectId', $objectId);
$order = $query->first();
$order->destroy();
header('Content-type: application/json; charset=utf-8');
echo json_encode(array('result' => $data));
} elseif (isset($_POST['update'])) {
$objectId = !isset($_POST['objectId']) || trim($_POST['objectId']) == '' ? '' : $_POST['objectId'];
$productId = !isset($_POST['productId']) || trim($_POST['productId']) == '' ? '' : $_POST['productId'];
$productName = !isset($_POST['productName']) || trim($_POST['productName']) == '' ? '' : $_POST['productName'];
$customerId = !isset($_POST['customerId']) || trim($_POST['customerId']) == '' ? '' : $_POST['customerId'];
$customerName = !isset($_POST['customerName']) || trim($_POST['customerName']) == '' ? '' : $_POST['customerName'];
$lineId = !isset($_POST['lineId']) || trim($_POST['lineId']) == '' ? '' : $_POST['lineId'];
$facebook = !isset($_POST['facebook']) || trim($_POST['facebook']) == '' ? '' : $_POST['facebook'];
$telephone = !isset($_POST['telephone']) || trim($_POST['telephone']) == '' ? '' : $_POST['telephone'];
$transportDate = !isset($_POST['transportDate']) || trim($_POST['transportDate']) == '' ? null : DateTime::createFromFormat('d/m/Y', $_POST['transportDate']);
$address = !isset($_POST['address']) || trim($_POST['address']) == '' ? '' : $_POST['address'];
$transportStatus = !isset($_POST['transportStatus']) || trim($_POST['transportStatus']) == '' ? '' : $_POST['transportStatus'];
$transferStatus = !isset($_POST['transferStatus']) || trim($_POST['transferStatus']) == '' ? '' : $_POST['transferStatus'];
$trackingNumber = !isset($_POST['trackingNumber']) || trim($_POST['trackingNumber']) == '' ? '' : $_POST['trackingNumber'];
$contact = ['telephone' => $telephone, 'lineId' => $lineId, 'facebook' => $facebook];
if ($_FILES['fileToUpload']['size'] > 0) {
$target_file = basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if ($check !== false) {
//echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
//echo "File is not an image.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
$error = "Sorry, your file is too large." . $error;
$uploadOk = 0;
}
// Allow certain file formats
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") {
$error = "Sorry, only JPG, JPEG, PNG & GIF files are allowed." . $error;
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
$error = "Sorry, your file was not uploaded." . $error;
// if everything is ok, try to upload file
} else {
$imageFile = ParseFile::createFromData(file_get_contents($_FILES['fileToUpload']['tmp_name']), $target_file);
$query = new ParseQuery('Order');
$query->equalTo('objectId', $objectId);
$order = $query->first();
$order->set('productId', $productId);
$order->set('productName', $productName);
$order->set('customerName', $customerName);
$order->set('customerId', $customerId);
$order->setAssociativeArray('contact', $contact);
$order->set('slipPayin', $imageFile);
$order->set('transportDate', $transportDate);
$order->set('address', $address);
$order->set('transportStatus', $transportStatus);
$order->set('transferStatus', $transferStatus);
$order->set('trackingNumber', $trackingNumber);
$order->save();
}
} else {
$query = new ParseQuery('Order');
$query->equalTo('objectId', $objectId);
$order = $query->first();
$order->set('productId', $productId);
$order->set('productName', $productName);
$order->set('customerName', $customerName);
$order->set('customerId', $customerId);
$order->setAssociativeArray('contact', $contact);
$order->set('transportDate', $transportDate);
$order->set('address', $address);
$order->set('transportStatus', $transportStatus);
$order->set('transferStatus', $transferStatus);
$order->set('trackingNumber', $trackingNumber);
$order->save();
}
} else {
if (isset($_POST['submit'])) {
$productId = !isset($_POST['productId']) || trim($_POST['productId']) == '' ? '' : $_POST['productId'];
$productName = !isset($_POST['productName']) || trim($_POST['productName']) == '' ? '' : $_POST['productName'];
$customerId = !isset($_POST['customerId']) || trim($_POST['customerId']) == '' ? '' : $_POST['customerId'];
$customerName = !isset($_POST['customerName']) || trim($_POST['customerName']) == '' ? '' : $_POST['customerName'];
$lineId = !isset($_POST['lineId']) || trim($_POST['lineId']) == '' ? '' : $_POST['lineId'];
$facebook = !isset($_POST['facebook']) || trim($_POST['facebook']) == '' ? '' : $_POST['facebook'];
$telephone = !isset($_POST['telephone']) || trim($_POST['telephone']) == '' ? '' : $_POST['telephone'];
$transportDate = !isset($_POST['transportDate']) || trim($_POST['transportDate']) == '' ? null : DateTime::createFromFormat('d/m/Y', $_POST['transportDate']);
$transportStatus = !isset($_POST['transportStatus']) || trim($_POST['transportStatus']) == '' ? '' : $_POST['transportStatus'];
$transferStatus = !isset($_POST['transferStatus']) || trim($_POST['transferStatus']) == '' ? '' : $_POST['transferStatus'];
$trackingNumber = !isset($_POST['trackingNumber']) || trim($_POST['trackingNumber']) == '' ? '' : $_POST['trackingNumber'];
$contact = ['telephone' => $telephone, 'lineId' => $lineId, 'facebook' => $facebook];
if ($_FILES['fileToUpload']['size'] > 0) {
$target_file = basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if ($check !== false) {
//echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
//echo "File is not an image.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
$error = "Sorry, your file is too large." . $error;
$uploadOk = 0;
}
// Allow certain file formats
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") {
$error = "Sorry, only JPG, JPEG, PNG & GIF files are allowed." . $error;
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
$error = "Sorry, your file was not uploaded." . $error;
// if everything is ok, try to upload file
} else {
$imageFile = ParseFile::createFromData(file_get_contents($_FILES['fileToUpload']['tmp_name']), $target_file);
$order = new ParseObject('Order');
$order->set('productId', $productId);
$order->set('productName', $productName);
$order->set('customerName', $customerName);
$order->set('customerId', $customerId);
$order->setAssociativeArray('contact', $contact);
$order->set('slipPayin', $imageFile);
$order->set('transportDate', $transportDate);
$order->set('address', $address);
$order->set('transportStatus', $transportStatus);
$order->set('transferStatus', $transferStatus);
$order->set('trackingNumber', $trackingNumber);
$order->save();
}
} else {
$order = new ParseObject('Order');
$order->set('productId', $productId);
$order->set('productName', $productName);
$order->set('customerName', $customerName);
$order->set('customerId', $customerId);
$order->setAssociativeArray('contact', $contact);
$order->set('transportDate', $transportDate);
$order->set('address', $address);
$order->set('transportStatus', $transportStatus);
$order->set('transferStatus', $transferStatus);
$order->set('trackingNumber', $trackingNumber);
$order->save();
}
Url::redirect('order');
}
$sidemenu = new ParseQuery('SideMenu');
$result = $sidemenu->find();
Hooks::addHook('js', 'Controllers\\inventory\\Order@JS');
Hooks::addHook('css', 'Controllers\\inventory\\Order@CSS');
$data['title'] = 'รายการสั่งซื้อสินค้า';
$data['username'] = $currentUser->get('username');
$data['sidemenu'] = $result;
View::rendertemplate('header', $data);
View::render('inventory/order', $data, $error);
View::rendertemplate('footer', $data);
}
}
public function newsletter()
{
$action = $_GET['action'];
$newsletter_model = new \models\newsletter();
$user_model = new \models\users();
$this->data['subscribers'] = $newsletter_model->byGroup();
$this->data['title'] = 'Newsletter';
if (isset($_POST) && !empty($_POST)) {
$group = $_POST['subscribers'];
$content = $_POST['content'];
$subject = $_POST['subject'];
//$slug = \helpers\url::generateSafeSlug($pagename);
$subscribers = $newsletter_model->get(array('group' => $group));
$mail_helper = new \helpers\phpmailer\mail();
foreach ($subscribers as $item) {
$mail_helper->template('newsletter');
$mail_helper->newsletter($item->email, $subject, $content);
}
$this->data['success'] = 'Mails Sent!';
}
View::rendertemplate('home_header', $this->data);
View::rendertemplate('sidebar', $this->data);
View::render('crm/newsletter', $this->data);
View::rendertemplate('footer', $this->data);
}
public function view($param)
{
$sms_model = new \models\sms();
$smsgroup_model = new \models\smsgroup();
$user = new \models\users();
if (isset($action) && !empty($action)) {
switch ($action) {
case 'delete':
$where_array = array('id' => $action_id);
$delete = $sms_model->delete($where_array);
if ($delete > 0) {
$message = 'ok';
} else {
$message = 'no';
}
break;
default:
# code...
break;
}
}
if ($message == 'ok') {
$this->data['success'] = 'Record Deleted!';
} else {
if ($message == 'no') {
$this->data['error'] = 'Operation Fails!';
}
}
$total = count($sms_model->allsms());
$pages = new \helpers\paginator('6', 'p');
$this->data['sms'] = $sms_model->allsms($pages->get_limit());
$pages->set_total($total);
$path = DIR . 'sms/view?';
$this->data['page_links'] = $pages->page_links($path, null);
$this->data['title'] = 'Users';
View::rendertemplate('home_header', $this->data);
View::rendertemplate('sidebar', $this->data);
View::render('sms/sms.all', $this->data);
View::rendertemplate('footer', $this->data);
}
public function edit($parameter)
{
$item_id = $parameter[0];
$this->data['title'] = 'Edit Post';
$category_model = new \Models\Category();
$post_model = new \Models\Post();
$album_model = new \models\album();
$this->data['post'] = $post_model->getItem($item_id);
$this->data['album_group'] = $album_model->all();
$this->data['post_category_groups'] = $category_model->groupByCol('category_slug');
if (isset($_POST) && !empty($_POST)) {
$post_category_id = $_POST['post_category_id'];
$post_album_id = $_POST['post_album_id'];
$post_title = $_POST['post_title'];
$post_body = $_POST['post_body'];
$post_link = $_POST['post_link'];
$post_excerpt = $_POST['post_excerpt'];
$post_slug = Url::generateSafeSlug($post_title);
$post_modified = time();
$update_array = array('post_category_id' => $post_category_id, 'post_album_id' => $post_album_id, 'post_title' => $post_title, 'post_body' => $post_body, 'post_link' => $post_link, 'post_excerpt' => $post_excerpt, 'post_slug' => $post_slug, 'post_modified' => $post_modified);
$update_array = Gump::xss_clean($update_array);
$update_array = Gump::sanitize($update_array);
$update_id = $post_model->updateId($update_array, $item_id);
//UPLOAD IMAGE
if ($_FILES["image"]["tmp_name"] != '') {
Upload::setName(uniqid());
Upload::upload_file($_FILES["image"], UPLOAD_PATH);
$image_name = Upload::getFileName('images');
$update_data = array('post_image' => $image_name);
$update = $post_model->updateId($update_data, $update_id);
}
if ($update_id > 0) {
Session::set('success', 'post edited');
Url::redirect('post');
}
}
View::rendertemplate('header', $this->data);
View::rendertemplate('sidebar', $this->data);
View::render('post/post.add', $this->data);
View::rendertemplate('footer', $this->data);
}
public function edit($param)
{
$edit_id = $param[0];
$this->data['title'] = 'Edit Settings';
if (isset($_POST) && !empty($_POST)) {
$title = $_POST['title'];
$value = $_POST['value'];
$slug = \helpers\url::generateSafeSlug($title);
$update_array = array('site_preference' => $title, 'site_value' => $value);
// $update_id = $settings->update($update_array,array('id'=>$edit_id));
$update_id = $this->site_model->updateId($update_array, $edit_id);
if ($update_id > 0) {
$this->data['success'] = 'Record Updated!';
} else {
${$this}->data['error'] = 'Operation Fails!';
}
if ($_FILES["image"]["tmp_name"] != '') {
//upload image into uploads folder
\helpers\upload::setName(time());
\helpers\upload::upload_file($_FILES["image"], UPLOAD_PATH);
$image_name = \helpers\upload::getFileName('images');
$update_data = array('site_file' => $image_name);
$update_id = $this->site_model->updateId($update_data, $edit_id);
if ($update_id > 0) {
$this->data['success'] = 'Record Updated!';
} else {
${$this}->data['error'] = 'Operation Fails!';
}
}
}
$this->data['site_data'] = $this->site_model->find($edit_id);
$this->data['settings'] = $this->site_model->all();
View::rendertemplate('header', $this->data);
View::rendertemplate('sidebar', $this->data);
View::render('settings/settings.index', $this->data);
View::rendertemplate('footer', $this->data);
}
public function image($param)
{
$album_id = $param[0];
$this->data['album_id'] = $album_id;
if (isset($param[1]) && !empty($param[1])) {
$user_id = $param[1];
}
$album_detail = $this->albumModel->find($album_id);
$this->data['title'] = 'Picture Album';
$total = count($this->mediaModel->media('image'));
$pages = new Paginator('6', 'p');
$this->data['albumitems'] = $this->mediaModel->media('image', $pages->getLimit());
$pages->setTotal($total);
$path = DIR . 'album/image?';
$this->data['page_links'] = $pages->pageLinks($path, null);
View::rendertemplate('header', $this->data);
View::rendertemplate('sidebar', $this->data);
View::render('album/album.video', $this->data);
View::rendertemplate('footer', $this->data);
}
public function edituser($param)
{
$edit_id = $param[0];
$user = new \models\users();
$user_roles = new \models\roles();
$this->data['groups'] = $user->userByrole('group');
$this->data['user_roles'] = $user_roles->all();
if (isset($_POST) && !empty($_POST)) {
$fname = $_POST['fname'];
$lname = $_POST['lname'];
$gender = $_POST['gender'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$password = md5('pass');
$institution = $_POST['institution'];
$role = $_POST['role'];
$groupid = $_POST['groupid'];
if ($groupid == '') {
$groupid = 0;
}
$update_array = array('firstname' => $fname, 'lastname' => $lname, 'email' => $email, 'phone' => $phone, 'password' => $password, 'institution' => $institution, 'role' => $role, 'groupid' => $groupid);
$where_array = array('id' => $edit_id);
$update_id = $user->update($update_array, $where_array);
if ($update_id > 0) {
$this->data['success'] = 'User Edited!';
} else {
$this->data['error'] = 'Operation Fails!';
}
//UPLOAD ATTACHMENT
if ($_FILES["image"]["tmp_name"] != '') {
//upload image into uploads folder
\helpers\upload::setName(uniqid());
\helpers\upload::upload_file($_FILES["image"], UPLOAD_PATH);
$image_name = 'gallery/' . \helpers\upload::$filename;
$update_data = array('image' => $image_name);
$user->update($update_data, $where_array);
}
//GET INSERTED ID
}
$this->data['user_data'] = $user->find($edit_id);
View::rendertemplate('home_header', $this->data);
View::rendertemplate('sidebar', $this->data);
View::render('dashboard/adduser', $this->data);
View::rendertemplate('footer', $this->data);
}
public function password()
{
$this->data['title'] = 'Change Password';
$userModel = new User();
$user_id = Session::get('user')->user_id;
$user_details = $userModel->get(array('user_id' => $user_id, 'user_password' => md5($_POST['old_password'])));
if (isset($_POST['password1']) && !empty($_POST['password1'])) {
if (count($user_details) > 0) {
if ($_POST['password1'] == $_POST['password2']) {
//update user db
$update_array = array('user_password' => md5($_POST['password1']));
$update_array = Gump::xss_clean($update_array);
$update_array = Gump::sanitize($update_array);
$update_id = $user_model->updateId($update_array, $user_id);
if ($update_id > 0) {
Session::set('success', 'Password Changed');
} else {
Session::set('error', 'Operation Fails!');
}
} else {
Session::set('error', 'Incorrect match, password change fails!');
}
} else {
Session::set('error', 'Incorrect match, password change fails!');
}
}
View::rendertemplate('header', $this->data);
View::render('workspace/workspace.password', $this->data);
View::rendertemplate('footer', $this->data);
}
public function signup($slug = null)
{
$this->data['title'] = 'Join Us';
$statusModel = new Status();
$roleModel = new Role();
$userModel = new User();
if (isset($_POST['email']) && !empty($_POST['email'])) {
$firstname = $_POST['firstname'];
$email = $_POST['email'];
if ($_POST['password'] == $_POST['password2']) {
$encrypted = md5($_POST['password']);
$row_count = $userModel->getColRow('user_email', $email);
if (!is_bool($row_count)) {
Session::set('error', 'Email exists in our records, please use a different email');
} else {
$userArray = array('user_firstname' => $firstname, 'user_email' => $email, 'user_password' => $encrypted, 'user_role_id' => Role::id('user'), 'user_status_id' => Status::id('active'));
$userArray = Gump::xss_clean($userArray);
$userArray = Gump::sanitize($userArray);
$is_valid = Gump::is_valid($userArray, array('user_firstname' => 'required|max_len,200|min_len,1', 'user_email' => 'required|max_len,200|min_len,1', 'user_password' => 'required|max_len,200|min_len,1'));
if ($is_valid === true) {
$user_id = $userModel->create($userArray);
if ($user_id > 0) {
$slug = Url::generateSafeSlug($firstname . $user_id);
//send email
$subject = 'Welcome to GbeduMobile';
$content .= "You just opened a new account with us, Get login details below<br><br>";
$content .= "Username: "******"<br>";
$content .= "Password: "******"<br>";
if (ENVIRONMENT == 'production') {
$mail = new Mail();
$mail->general($email, $subject, $firstname, $content);
}
Session::set('success', 'Login details has been sent to your email, Congrats!');
Url::redirect('home');
} else {
Session::set('error', 'Operation Fails, Please contact admin');
}
} else {
Session::set('error', $is_valid);
}
}
} else {
Session::set('error', 'Password does not match!');
}
}
View::rendertemplate('header', $this->data);
View::render('account/signup', $this->data);
View::rendertemplate('footer', $this->data);
}
public function ResendActivation()
{
// Check to make sure user is NOT logged in
if ($this->auth->isLoggedIn()) {
Url::redirect();
}
// Check to make sure user is trying to login
if (isset($_POST['submit'])) {
// Check to make sure the csrf token is good
if (Csrf::isTokenValid()) {
// Catch email input using the Request helper
$email = Request::post('email');
// Run the Activation script
if ($this->auth->resendActivation($email)) {
// Success
$success[] = Language::show('success_msg_resend_activation', 'Auth');
} else {
// Fail
$error[] = Language::show('error_msg_resend_activation', 'Auth');
}
}
} else {
// No GET information - Send User to index
//Url::redirect();
}
$data['title'] = Language::show('title_resend_activation', 'Auth');
$data['csrf_token'] = Csrf::makeToken();
// Setup Breadcrumbs
$data['breadcrumbs'] = "\n\t\t\t<li><a href='" . DIR . "'>Home</a></li>\n\t\t\t<li class='active'>" . $data['title'] . "</li>\n\t\t";
View::rendertemplate('header', $data);
View::render('auth/ResendActivation', $data, $error, $success);
View::rendertemplate('footer', $data);
}
public function allpagesedit($param)
{
$page_rowid = $param[0];
$this->data['title'] = 'Edit Content';
if (isset($_POST) && !empty($_POST)) {
$subto = $_POST['subto'];
$plugin = $_POST['plugin'];
$content = $_POST['content'];
$homepage = $_POST['homepage'];
$header_menu = $_POST['header_menu'];
$footer_menu = $_POST['footer_menu'];
$redirecturl = $_POST['redirecturl'];
$album = $_POST['album'];
$meta_keywords = $_POST['meta_keywords'];
$meta_title = $_POST['meta_title'];
$meta_description = $_POST['meta_description'];
$sort_order = $_POST['sort_order'];
//$slug = Url::generateSafeSlug($pagename);
$update_array = array('content_plugin' => $plugin, 'content_subto' => $subto, 'content_excerpt' => $_POST['excerpt'], 'content_body' => $_POST['content'], 'content_homepage' => $homepage, 'content_header_menu' => $header_menu, 'content_footer_menu' => $footer_menu, 'content_redirecturl' => $redirecturl, 'content_album' => $album, 'content_meta_keywords' => $meta_keywords, 'content_meta_title' => $meta_title, 'content_meta_description' => $meta_description, 'content_sort_order' => $sort_order);
$where_array = array('content_id' => $page_rowid);
// $update_array = Gump::xss_clean($update_array);
// $update_array = Gump::sanitize($update_array);
$update = $this->contentModel->update($update_array, $where_array);
if ($_FILES["image1_extra"]["tmp_name"] != '') {
//upload image into uploads folder
Upload::setName($slug . uniqid());
Upload::upload_file($_FILES["image1_extra"], UPLOAD_PATH);
$image_name = Upload::getFileName('images');
$update_data = array('content_banner' => $image_name);
$update = $this->contentModel->update($update_data, $where_array);
}
if ($_FILES["image2_extra"]["tmp_name"] != '') {
//upload image into uploads folder
Upload::setName($slug . uniqid());
Upload::upload_file($_FILES["image2_extra"], UPLOAD_PATH);
$image_name = Upload::getFileName('images');
$update_data = array('content_thumbnail' => $image_name);
$update = $this->contentModel->update($update_data, $where_array);
}
if ($update > 0) {
$message = 'ok';
} else {
$message = 'no';
}
}
if ($message == 'ok') {
Session::set('success', ' Content Saved!');
} else {
if ($message == 'no') {
Session::set('error', 'Operation Fails!');
}
}
$this->data['pages'] = $this->pageModel->all();
$this->data['page_data'] = $this->contentModel->detail($page_rowid);
// $this->data['pagecontent_data'] = $this->contentModel->find($insert_id);
View::rendertemplate('header', $this->data);
View::rendertemplate('sidebar', $this->data);
View::render('pages/editcontent', $this->data);
View::rendertemplate('footer', $this->data);
}
public function register()
{
//Sanitize Data using Gump helper
$_POST = Gump::sanitize($_POST);
if (isset($_POST['login'])) {
//Validate data using Gump
$is_valid = Gump::is_valid($_POST, array('login' => 'required|alpha_numeric', 'email' => 'required|valid_email', 'password' => 'required', 'password-again' => 'required'));
if ($is_valid === true) {
//Test for duplicate username`
$user = $this->userSQL->prepareFindByLogin($_POST['login']);
if ($_POST['password'] != $_POST['password-again']) {
$error[] = "Les deux mots de passes doivent être identiques";
}
if ($user != false) {
$error[] = 'Ce compte existe déjà';
}
$user = $this->userSQL->prepareFindByEmail($_POST['email'])->execute();
//Test for dupicate email address
if (count($user) > 0) {
$error[] = 'Ce compte email existe déjà.';
}
} else {
$error = $is_valid;
}
if (!$error) {
//Register and return the data as an array $data[]
$user = new Utilisateur($_POST['login'], $_POST['email'], Password::make($_POST['password']), "");
$this->entityManager->save($user);
Session::set('id', $user->getId());
Session::set('login', $user->login);
Session::set('loggedin', true);
Url::redirect();
}
}
$data['title'] = 'Inscription';
View::rendertemplate('header', $data);
View::render('user/register', $data, $error);
View::rendertemplate('footer', $data);
}
public function product()
{
// if(!Session::get('loggedin')){
// Url::redirect('login');
// }
$currentUser = ParseUser::getCurrentUser();
if ($currentUser) {
// do stuff with the user
} else {
// show the signup or login page
Url::redirect('login');
}
if (isset($_POST['table'])) {
View::render('inventory/product-table', $data, $error);
} elseif (isset($_POST['del']) && isset($_POST['objectId'])) {
$objectId = $_POST['objectId'];
$query = new ParseQuery('Product');
try {
$data = 1;
} catch (ParseException $ex) {
$data = $ex;
}
$query->equalTo('objectId', $objectId);
$product = $query->first();
$product->destroy();
header('Content-type: application/json; charset=utf-8');
echo json_encode(array('result' => $data));
} elseif (isset($_POST['update'])) {
$objectId = !isset($_POST['objectId']) || trim($_POST['objectId']) == '' ? '' : $_POST['objectId'];
$name = !isset($_POST['productName']) || trim($_POST['productName']) == '' ? '' : $_POST['productName'];
$price = !isset($_POST['productPrice']) || trim($_POST['productPrice']) == '' ? 0 : floatval($_POST['productPrice']);
$description = !isset($_POST['productDescription']) || trim($_POST['productDescription']) == '' ? '' : $_POST['productDescription'];
if ($_FILES['fileToUpload']['size'] > 0) {
$target_file = basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if ($check !== false) {
//echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
//echo "File is not an image.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
$error = "Sorry, your file is too large." . $error;
$uploadOk = 0;
}
// Allow certain file formats
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") {
$error = "Sorry, only JPG, JPEG, PNG & GIF files are allowed." . $error;
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
$error = "Sorry, your file was not uploaded." . $error;
// if everything is ok, try to upload file
} else {
$imageFile = ParseFile::createFromData(file_get_contents($_FILES['fileToUpload']['tmp_name']), $target_file);
$query = new ParseQuery('Product');
$query->equalTo('objectId', $objectId);
$product = $query->first();
$product->set('name', $_POST['productName']);
$product->set('price', $price);
$product->set('description', $description);
$product->set('picture', $imageFile);
$product->save();
}
} else {
$query = new ParseQuery('Product');
$query->equalTo('objectId', $objectId);
$product = $query->first();
$product->set('name', $name);
$product->set('price', $price);
$product->set('description', $description);
$product->save();
}
} else {
if (isset($_POST['submit'])) {
$name = !isset($_POST['productName']) || trim($_POST['productName']) == '' ? '' : $_POST['productName'];
$price = !isset($_POST['productPrice']) || trim($_POST['productPrice']) == '' ? 0 : floatval($_POST['productPrice']);
$description = !isset($_POST['productDescription']) || trim($_POST['productDescription']) == '' ? '' : $_POST['productDescription'];
if ($_FILES['fileToUpload']['size'] > 0) {
$target_file = basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if ($check !== false) {
//echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
//echo "File is not an image.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
$error = "Sorry, your file is too large." . $error;
$uploadOk = 0;
}
// Allow certain file formats
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") {
$error = "Sorry, only JPG, JPEG, PNG & GIF files are allowed." . $error;
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
$error = "Sorry, your file was not uploaded." . $error;
// if everything is ok, try to upload file
} else {
$imageFile = ParseFile::createFromData(file_get_contents($_FILES['fileToUpload']['tmp_name']), $target_file);
$product = new ParseObject('Product');
$product->set('name', $name);
$product->set('price', $price);
$product->set('description', $description);
$product->set('picture', $imageFile);
$product->save();
}
} else {
$product = new ParseObject('Product');
$product->set('name', $name);
$product->set('price', $price);
$product->set('description', $description);
$product->save();
}
Url::redirect('product');
}
$sidemenu = new ParseQuery('SideMenu');
$result = $sidemenu->find();
Hooks::addHook('js', 'Controllers\\inventory\\Product@JS');
Hooks::addHook('css', 'Controllers\\inventory\\Product@CSS');
$data['title'] = 'สินค้า';
$data['username'] = $currentUser->get('username');
$data['sidemenu'] = $result;
View::rendertemplate('header', $data);
View::render('inventory/product', $data, $error);
View::rendertemplate('footer', $data);
}
}
