public function index($tName = '') { if (($tableName = Request::get('tblName', $tName)) == '') { return ''; } $crud = CRUD::factory($tableName, ['topPager' => false])->copyVarsFromRequest('tblName'); if (preg_match('/^tblMod([A-Z]+[a-z]+)/', $tableName, $matches)) { foreach (Cfg::get('modules', []) as $moduleClass) { eval($moduleClass . '::' . Module::CRUD_MOD . '($crud);'); } } else { switch ($tableName) { case 'tblNextNumber': $crud->setColDisplay('fldTable', [CRUD::SELECT, DBMaintenance::getTableList(), true]); break; case 'tblSecPrivUserMap': $userSql = DB::driver() == DB::MYSQL ? Admin::USER_SQL_MYSQL : Admin::USER_SQL_MYSQL; $crud->setColDisplay('fldUserID', [CRUD::SELECT, $userSql, true]); $crud->setColDisplay('fldGroupID', [CRUD::SELECT, Admin::GROUP_SQL, true]); $crud->setColDisplay('fldPrivilegeID', [CRUD::SELECT, Admin::PRIV_SQL, true]); $crud->setColDisplay('fldLevelID', [CRUD::SELECT, Admin::LEVEL_SQL]); break; case 'tblUserGroupMap': $userSql = DB::driver() == DB::MYSQL ? Admin::USER_SQL_MYSQL : Admin::USER_SQL_SQLITE; $crud->setColDisplay('fldUserID', [CRUD::SELECT, $userSql, true]); $crud->setColDisplay('fldGroupID', [CRUD::SELECT, Admin::GROUP_SQL, true]); break; case 'tblUser': $crud->setColDisplay('fldLevel', [CRUD::SELECT, Admin::LEVEL_SQL]); $crud->setColDisplay('fldTimeZone', [CRUD::SELECT, Admin::TZ_SQL]); break; } } $resp = Response::factory()->set('tblName', $tableName); return Tag::hTag('b') . 'Editing Table: ' . $tableName . Tag::_hTag('b') . ' ' . Tag::hRef('ajax.php?' . $resp->action(__CLASS__ . '->csv()'), 'CSV') . ' ' . Tag::hRef('ajax.php?' . $resp->action(__CLASS__ . '->xls()'), 'XLS') . $crud->index(); }
public function sendPW() { $sql = 'SELECT fldUserID FROM tblUser WHERE fldUser=?'; if (($id = DB::oneValue(DB::DEF, $sql, Request::get('fldEmail'))) === false) { $msg = 'This email does not exist on this system.<br>' . 'Either choose a new email address or register as new customer.' . $this->forgotPassword(); } else { $pw = Password::passGen(10, Password::MEDIUM); if (DB::driver() == DB::MYSQL) { $sql = 'UPDATE tblUser SET fldPassword=PASSWORD(?) WHERE fldUserID=?'; DB::exec(DB::DEF, $sql, [$pw, $id]); } else { $sql = 'UPDATE tblUser SET fldPassword=? WHERE fldUserID=?'; DB::exec(DB::DEF, $sql, [hash('md5', $pw), $id]); } // Update the Database with the new Password combo $boss = Cfg::get('boss'); $desc = Cfg::get('desc'); // create the email message to notify about a password request $body = '<h3>User requested password<br>Email: <b>%s</b></h3><br>From %s'; Mailer::envelope()->format(Mailer::HTML_TEXT)->from(Request::get('fldEmail'))->to($boss)->subject('User requested password')->body(sprintf($body, Request::get('fldEmail'), $desc))->send(); $body = <<<TXT Message from %s Here are your login details Password: %s Regards %s TXT; // create the email message to notify the user of his/her login details Mailer::envelope()->from($boss)->to(Request::get('fldEmail'))->subject('Login Request ' . $desc)->body(sprintf($body, $desc, $pw, $desc))->send(); $msg = 'Soon you will receive an email that will contain your login details.'; } return Widget::popupWrapper($msg, -1); }
/** * Create the CRUD Object. * @param string $tableName The name of the table * @param array $extraArgs This is the properties that the CRUD will use to display/populate the database. * <pre> * $props = array ( 'primaryKey' => 'id', // Optional, if not supplied will be calculated. * // Need to supply if the primary key is not simple column name * 'db' => 'mydb', // Optional, Name of the database. If not supplied defaults to DB::DEF * // Database must be set up in the configuration * 'where' => array ( 'pid' => 5 ), * // Optional, List of conditions for the rows that we are looking for. * // This would be used when looking for foreign key. These values will * // be automatically inserted in new rows * 'userCols' => array ( 'Mapping' => array ( $this, 'managePrivilegesCallBack' ) ), * // This is a list of additional columns that will be added to the CRUD. These * // will display the column using the title that you have suggested and * // Then call the passed method. * // call_user_func_array ( $col, array ( $idx, $row[$this->primaryKey] ) ) * // Passes back the row number and the primary key for this row * // Then displays the html that the call back function generates * 'canDelete' => true, // Optional default: true. If you do not want user to delete rows set to false * 'canUpdate' => true, // Optional default: true. If you do not want user to update rows set to false * 'canInsert' => true, // Optional default: true. If you do not want user to insert rows set to false * 'topPager' => true, // Optional default: true. If you do not want pagination at top, set to false * 'bottomPager' => true,// Optional default: true. If you do not want pagination at bottom, set to false * 'suffix' => '_1', // Optional default: current CRUD invocation number. * // Useful if you have multiple CRUDs on one page. This is the suffix that * // is attached to the form variables * 'formAction' => 'view.php?ID=10', * // Optional default to ?. On submirt this will return to the current page * 'insDefaults' => array ( 'timestamp' => time() ), * // Optional. If there are dfefaults that you wat inserted when the CRUD * // inserts a row then you can list them here * 'displayRows' =>10, // Optional. Sets the number of rows that can be displayed * 'nullsEmpty' =>false, // Optional. If this is true then it will put in nulls if the variable is empty * 'dbType' =>'mysql',// Optional. Tels the system if this is oracle, sqlite or mysql database * * Sort column * 'colSort' =>'fldStartTime',// Optional. Sets an initial sort column * 'colSortOrder' =>'DESC',// Optional. Sets the direction of the sort column * ); * </pre> */ public function __construct($tableName, $extraArgs = []) { parent::__construct(); $this->log = Log4PHP::logFactory(__CLASS__); $this->tableName = $tableName; $this->primaryKey = isset($extraArgs['primaryKey']) ? $extraArgs['primaryKey'] : null; $this->db = isset($extraArgs['db']) ? $extraArgs['db'] : DB::DEF; $this->where = isset($extraArgs['where']) ? $extraArgs['where'] : []; $this->extraCols = isset($extraArgs['userCols']) ? $extraArgs['userCols'] : []; $this->canDelete = isset($extraArgs['canDelete']) ? $extraArgs['canDelete'] : true; $this->canUpdate = isset($extraArgs['canUpdate']) ? $extraArgs['canUpdate'] : true; $this->canInsert = isset($extraArgs['canInsert']) ? $extraArgs['canInsert'] : true; $this->topPage = isset($extraArgs['topPager']) ? $extraArgs['topPager'] : true; $this->bottomPage = isset($extraArgs['bottomPager']) ? $extraArgs['bottomPager'] : true; $this->suffix = isset($extraArgs['suffix']) ? $extraArgs['suffix'] : '_' . Invocation::next(); $this->formAction = isset($extraArgs['formAction']) ? $extraArgs['formAction'] : '?'; $this->insDefaults = isset($extraArgs['insDefaults']) ? $extraArgs['insDefaults'] : []; $this->nullsEmpty = isset($extraArgs['nullsEmpty']) ? $extraArgs['nullsEmpty'] : false; $this->dbType = isset($extraArgs['dbType']) ? $extraArgs['dbType'] : DB::driver($this->db); $this->action = self::ACTION . $this->suffix; $this->delTag = 'D' . $this->suffix; $this->updTag = 'U' . $this->suffix; $this->gridTag = 'G' . $this->suffix; $this->submitId = 'S' . $this->suffix; $pageProps = ['suffix' => self::SUFFIX]; $this->paginator = new Paginator($pageProps); $colProps = ['suffix' => self::SUFFIX]; if (isset($extraArgs['colSort'])) { $colProps['init_column'] = $extraArgs['colSort']; } if (isset($extraArgs['colSortOrder'])) { $colProps['init_order'] = $extraArgs['colSortOrder']; } $this->columnator = new Columnator($colProps); $this->resp = new Response(); if (isset($extraArgs['displayRows'])) { $this->paginator->setPageSize($extraArgs['displayRows']); } if (!$this->getTableMetaData()) { return; } $this->setupDefaultStyle(); if ($this->paginator->getRows() <= 0) { $this->paginator->setRows($this->getRowCount()); } $this->copyVarsFromRequest(Columnator::navVar(self::SUFFIX)); $this->copyVarsFromRequest(Paginator::navVar(self::SUFFIX)); $this->copyVarsFromRequest(WebPage::ACTION); $this->ok = true; }
public function editAccountSave() { $uid = Request::get('fldUserID', G::get('fldUserID')); $messages = []; $sqls = []; $params = []; $pw = Request::get('fldPassword'); $pwCheck = Request::get('fldPassword_CHK'); $pwOld = Request::get('fldPassword_OLD'); if ($pw != '' && $pwCheck != '') { if (!$this->checkOldPassword($uid, $pwOld)) { $messages[] = '<font color=red>Old Password is not correct<font>'; } else { if ($pw != $pwCheck) { $messages[] = '<font color=red>Passwords are not the same<font>'; } else { if ($pwOld == $pw) { $messages[] = '<font color=red>No Change, old and new passwords same<font>'; } else { if (DB::driver() == DB::MYSQL) { $sqls[] = 'UPDATE tblUser SET fldPassword=PASSWORD(?),fldModified=UNIX_TIMESTAMP() WHERE fldUserID=?'; $params[] = [$pw, $uid]; } else { $sqls[] = 'UPDATE tblUser SET fldPassword=?,fldModified=strftime(\'%s\',\'now\') WHERE fldUserID=?'; $params[] = [hash('md5', $pw), $uid]; } } } } } $sqls[] = 'UPDATE tblUser SET fldSalutation=?,fldModified=' . time() . ' WHERE fldUserID=?'; $params[] = [Request::get('fldSalutation'), $uid]; if (Request::get('fldFirstName') == '') { $messages[] = '<font color=red>First name cannot be empty<font>'; } else { $sqls[] = 'UPDATE tblUser SET fldFirstName=?,fldModified=' . time() . ' WHERE fldUserID=?'; $params[] = [Request::get('fldFirstName'), $uid]; } if (Request::get('fldLastName') == '') { $messages[] = '<font color=red>Last name cannot be empty<font>'; } else { $sqls[] = 'UPDATE tblUser SET fldLastName=?,fldModified=' . time() . ' WHERE fldUserID=?'; $params[] = [Request::get('fldLastName'), $uid]; } if (Request::get('fldTimeZone') != '') { $sqls[] = 'UPDATE tblUser SET fldTimeZone=?,fldModified=' . time() . ' WHERE fldUserID=?'; $params[] = [Request::get('fldTimeZone'), $uid]; } if (Request::get('fldUser') != '') { $sqls[] = 'UPDATE tblUser SET fldUser=?,fldModified=' . time() . ' WHERE fldUserID=?'; $params[] = [Request::get('fldUser'), $uid]; } if (Request::get('fldLevel') != '') { $sqls[] = 'UPDATE tblUser SET fldLevel=?,fldModified=' . time() . ' WHERE fldUserID=?'; $params[] = [Request::get('fldLevel'), $uid]; } if (count($messages) != 0) { return join('<br>', $messages) . $this->editAccount(); } else { foreach ($sqls as $idx => $sql) { DB::exec(DB::DEF, $sql, $params[$idx]); } if ($uid == G::get('fldUserID')) { foreach (DB::oneRow(DB::DEF, 'SELECT * FROM tblUser WHERE fldUserID=?', $uid) as $key => $val) { G::set($key, $val); } } return 'Sucessfully updated user account details' . $this->editAccount(); } }