public function index($tName = '')
{
if (($tableName = Request::get('tblName', $tName)) == '') {
return '';
}
$crud = CRUD::factory($tableName, ['topPager' => false])->copyVarsFromRequest('tblName');
if (preg_match('/^tblMod([A-Z]+[a-z]+)/', $tableName, $matches)) {
foreach (Cfg::get('modules', []) as $moduleClass) {
eval($moduleClass . '::' . Module::CRUD_MOD . '($crud);');
}
} else {
switch ($tableName) {
case 'tblNextNumber':
$crud->setColDisplay('fldTable', [CRUD::SELECT, DBMaintenance::getTableList(), true]);
break;
case 'tblSecPrivUserMap':
$userSql = DB::driver() == DB::MYSQL ? Admin::USER_SQL_MYSQL : Admin::USER_SQL_MYSQL;
$crud->setColDisplay('fldUserID', [CRUD::SELECT, $userSql, true]);
$crud->setColDisplay('fldGroupID', [CRUD::SELECT, Admin::GROUP_SQL, true]);
$crud->setColDisplay('fldPrivilegeID', [CRUD::SELECT, Admin::PRIV_SQL, true]);
$crud->setColDisplay('fldLevelID', [CRUD::SELECT, Admin::LEVEL_SQL]);
break;
case 'tblUserGroupMap':
$userSql = DB::driver() == DB::MYSQL ? Admin::USER_SQL_MYSQL : Admin::USER_SQL_SQLITE;
$crud->setColDisplay('fldUserID', [CRUD::SELECT, $userSql, true]);
$crud->setColDisplay('fldGroupID', [CRUD::SELECT, Admin::GROUP_SQL, true]);
break;
case 'tblUser':
$crud->setColDisplay('fldLevel', [CRUD::SELECT, Admin::LEVEL_SQL]);
$crud->setColDisplay('fldTimeZone', [CRUD::SELECT, Admin::TZ_SQL]);
break;
}
}
$resp = Response::factory()->set('tblName', $tableName);
return Tag::hTag('b') . 'Editing Table: ' . $tableName . Tag::_hTag('b') . ' ' . Tag::hRef('ajax.php?' . $resp->action(__CLASS__ . '->csv()'), 'CSV') . ' ' . Tag::hRef('ajax.php?' . $resp->action(__CLASS__ . '->xls()'), 'XLS') . $crud->index();
}
public function sendPW()
{
$sql = 'SELECT fldUserID FROM tblUser WHERE fldUser=?';
if (($id = DB::oneValue(DB::DEF, $sql, Request::get('fldEmail'))) === false) {
$msg = 'This email does not exist on this system.<br>' . 'Either choose a new email address or register as new customer.' . $this->forgotPassword();
} else {
$pw = Password::passGen(10, Password::MEDIUM);
if (DB::driver() == DB::MYSQL) {
$sql = 'UPDATE tblUser SET fldPassword=PASSWORD(?) WHERE fldUserID=?';
DB::exec(DB::DEF, $sql, [$pw, $id]);
} else {
$sql = 'UPDATE tblUser SET fldPassword=? WHERE fldUserID=?';
DB::exec(DB::DEF, $sql, [hash('md5', $pw), $id]);
}
// Update the Database with the new Password combo
$boss = Cfg::get('boss');
$desc = Cfg::get('desc');
// create the email message to notify about a password request
$body = '<h3>User requested password<br>Email: <b>%s</b></h3><br>From %s';
Mailer::envelope()->format(Mailer::HTML_TEXT)->from(Request::get('fldEmail'))->to($boss)->subject('User requested password')->body(sprintf($body, Request::get('fldEmail'), $desc))->send();
$body = <<<TXT
Message from %s
Here are your login details
Password: %s
Regards
%s
TXT;
// create the email message to notify the user of his/her login details
Mailer::envelope()->from($boss)->to(Request::get('fldEmail'))->subject('Login Request ' . $desc)->body(sprintf($body, $desc, $pw, $desc))->send();
$msg = 'Soon you will receive an email that will contain your login details.';
}
return Widget::popupWrapper($msg, -1);
}
/**
* Create the CRUD Object.
* @param string $tableName The name of the table
* @param array $extraArgs This is the properties that the CRUD will use to display/populate the database.
* <pre>
* $props = array ( 'primaryKey' => 'id', // Optional, if not supplied will be calculated.
* // Need to supply if the primary key is not simple column name
* 'db' => 'mydb', // Optional, Name of the database. If not supplied defaults to DB::DEF
* // Database must be set up in the configuration
* 'where' => array ( 'pid' => 5 ),
* // Optional, List of conditions for the rows that we are looking for.
* // This would be used when looking for foreign key. These values will
* // be automatically inserted in new rows
* 'userCols' => array ( 'Mapping' => array ( $this, 'managePrivilegesCallBack' ) ),
* // This is a list of additional columns that will be added to the CRUD. These
* // will display the column using the title that you have suggested and
* // Then call the passed method.
* // call_user_func_array ( $col, array ( $idx, $row[$this->primaryKey] ) )
* // Passes back the row number and the primary key for this row
* // Then displays the html that the call back function generates
* 'canDelete' => true, // Optional default: true. If you do not want user to delete rows set to false
* 'canUpdate' => true, // Optional default: true. If you do not want user to update rows set to false
* 'canInsert' => true, // Optional default: true. If you do not want user to insert rows set to false
* 'topPager' => true, // Optional default: true. If you do not want pagination at top, set to false
* 'bottomPager' => true,// Optional default: true. If you do not want pagination at bottom, set to false
* 'suffix' => '_1', // Optional default: current CRUD invocation number.
* // Useful if you have multiple CRUDs on one page. This is the suffix that
* // is attached to the form variables
* 'formAction' => 'view.php?ID=10',
* // Optional default to ?. On submirt this will return to the current page
* 'insDefaults' => array ( 'timestamp' => time() ),
* // Optional. If there are dfefaults that you wat inserted when the CRUD
* // inserts a row then you can list them here
* 'displayRows' =>10, // Optional. Sets the number of rows that can be displayed
* 'nullsEmpty' =>false, // Optional. If this is true then it will put in nulls if the variable is empty
* 'dbType' =>'mysql',// Optional. Tels the system if this is oracle, sqlite or mysql database
*
* Sort column
* 'colSort' =>'fldStartTime',// Optional. Sets an initial sort column
* 'colSortOrder' =>'DESC',// Optional. Sets the direction of the sort column
* );
* </pre>
*/
public function __construct($tableName, $extraArgs = [])
{
parent::__construct();
$this->log = Log4PHP::logFactory(__CLASS__);
$this->tableName = $tableName;
$this->primaryKey = isset($extraArgs['primaryKey']) ? $extraArgs['primaryKey'] : null;
$this->db = isset($extraArgs['db']) ? $extraArgs['db'] : DB::DEF;
$this->where = isset($extraArgs['where']) ? $extraArgs['where'] : [];
$this->extraCols = isset($extraArgs['userCols']) ? $extraArgs['userCols'] : [];
$this->canDelete = isset($extraArgs['canDelete']) ? $extraArgs['canDelete'] : true;
$this->canUpdate = isset($extraArgs['canUpdate']) ? $extraArgs['canUpdate'] : true;
$this->canInsert = isset($extraArgs['canInsert']) ? $extraArgs['canInsert'] : true;
$this->topPage = isset($extraArgs['topPager']) ? $extraArgs['topPager'] : true;
$this->bottomPage = isset($extraArgs['bottomPager']) ? $extraArgs['bottomPager'] : true;
$this->suffix = isset($extraArgs['suffix']) ? $extraArgs['suffix'] : '_' . Invocation::next();
$this->formAction = isset($extraArgs['formAction']) ? $extraArgs['formAction'] : '?';
$this->insDefaults = isset($extraArgs['insDefaults']) ? $extraArgs['insDefaults'] : [];
$this->nullsEmpty = isset($extraArgs['nullsEmpty']) ? $extraArgs['nullsEmpty'] : false;
$this->dbType = isset($extraArgs['dbType']) ? $extraArgs['dbType'] : DB::driver($this->db);
$this->action = self::ACTION . $this->suffix;
$this->delTag = 'D' . $this->suffix;
$this->updTag = 'U' . $this->suffix;
$this->gridTag = 'G' . $this->suffix;
$this->submitId = 'S' . $this->suffix;
$pageProps = ['suffix' => self::SUFFIX];
$this->paginator = new Paginator($pageProps);
$colProps = ['suffix' => self::SUFFIX];
if (isset($extraArgs['colSort'])) {
$colProps['init_column'] = $extraArgs['colSort'];
}
if (isset($extraArgs['colSortOrder'])) {
$colProps['init_order'] = $extraArgs['colSortOrder'];
}
$this->columnator = new Columnator($colProps);
$this->resp = new Response();
if (isset($extraArgs['displayRows'])) {
$this->paginator->setPageSize($extraArgs['displayRows']);
}
if (!$this->getTableMetaData()) {
return;
}
$this->setupDefaultStyle();
if ($this->paginator->getRows() <= 0) {
$this->paginator->setRows($this->getRowCount());
}
$this->copyVarsFromRequest(Columnator::navVar(self::SUFFIX));
$this->copyVarsFromRequest(Paginator::navVar(self::SUFFIX));
$this->copyVarsFromRequest(WebPage::ACTION);
$this->ok = true;
}
public function editAccountSave()
{
$uid = Request::get('fldUserID', G::get('fldUserID'));
$messages = [];
$sqls = [];
$params = [];
$pw = Request::get('fldPassword');
$pwCheck = Request::get('fldPassword_CHK');
$pwOld = Request::get('fldPassword_OLD');
if ($pw != '' && $pwCheck != '') {
if (!$this->checkOldPassword($uid, $pwOld)) {
$messages[] = '<font color=red>Old Password is not correct<font>';
} else {
if ($pw != $pwCheck) {
$messages[] = '<font color=red>Passwords are not the same<font>';
} else {
if ($pwOld == $pw) {
$messages[] = '<font color=red>No Change, old and new passwords same<font>';
} else {
if (DB::driver() == DB::MYSQL) {
$sqls[] = 'UPDATE tblUser SET fldPassword=PASSWORD(?),fldModified=UNIX_TIMESTAMP() WHERE fldUserID=?';
$params[] = [$pw, $uid];
} else {
$sqls[] = 'UPDATE tblUser SET fldPassword=?,fldModified=strftime(\'%s\',\'now\') WHERE fldUserID=?';
$params[] = [hash('md5', $pw), $uid];
}
}
}
}
}
$sqls[] = 'UPDATE tblUser SET fldSalutation=?,fldModified=' . time() . ' WHERE fldUserID=?';
$params[] = [Request::get('fldSalutation'), $uid];
if (Request::get('fldFirstName') == '') {
$messages[] = '<font color=red>First name cannot be empty<font>';
} else {
$sqls[] = 'UPDATE tblUser SET fldFirstName=?,fldModified=' . time() . ' WHERE fldUserID=?';
$params[] = [Request::get('fldFirstName'), $uid];
}
if (Request::get('fldLastName') == '') {
$messages[] = '<font color=red>Last name cannot be empty<font>';
} else {
$sqls[] = 'UPDATE tblUser SET fldLastName=?,fldModified=' . time() . ' WHERE fldUserID=?';
$params[] = [Request::get('fldLastName'), $uid];
}
if (Request::get('fldTimeZone') != '') {
$sqls[] = 'UPDATE tblUser SET fldTimeZone=?,fldModified=' . time() . ' WHERE fldUserID=?';
$params[] = [Request::get('fldTimeZone'), $uid];
}
if (Request::get('fldUser') != '') {
$sqls[] = 'UPDATE tblUser SET fldUser=?,fldModified=' . time() . ' WHERE fldUserID=?';
$params[] = [Request::get('fldUser'), $uid];
}
if (Request::get('fldLevel') != '') {
$sqls[] = 'UPDATE tblUser SET fldLevel=?,fldModified=' . time() . ' WHERE fldUserID=?';
$params[] = [Request::get('fldLevel'), $uid];
}
if (count($messages) != 0) {
return join('<br>', $messages) . $this->editAccount();
} else {
foreach ($sqls as $idx => $sql) {
DB::exec(DB::DEF, $sql, $params[$idx]);
}
if ($uid == G::get('fldUserID')) {
foreach (DB::oneRow(DB::DEF, 'SELECT * FROM tblUser WHERE fldUserID=?', $uid) as $key => $val) {
G::set($key, $val);
}
}
return 'Sucessfully updated user account details' . $this->editAccount();
}
}
