<?php
// vim:set ts=4 sw=4 sts=4 et:
require_once "html.php";
require_once "utils.php";
require_once "db-func.php";
require_once "config.php";
require_once "utils-pic.php";
// Redirect to the login page, if not logged in
$uid = isLoggedIn();
// Start HTML
head("edit-account");
echo "<h2>Edit Account Information</h2>";
if (isset($_POST['editAccount'])) {
$r = editAccount($uid);
if ($r === TRUE) {
echo '<div class="okmsg">Your account information has been successfully edited.</div>';
} else {
echo "<div class='errormsg'>{$r}</div>";
}
}
$data = getPerson($uid);
?>
<p>All information will be visible to all members of the team.</p>
<script type="text/javascript">
//<![CDATA[
function validate(f) {
if (f.fullname.value == "") {
alert("You must enter a first name.");
return false;
<?php
/**
* Created by PhpStorm.
* User: lenovo
* Date: 2015/11/21
* Time: 8:55
*/
include_once 'tools.php';
$userID = $_POST['userID'];
//在用户修改密码时,使用sha1加密函数加密后
//与数据库中的密码进行比对
$oldPassword = sha1($_POST['oldPassword']);
//将新的密码加密后保存到数据库中
$newPassword = sha1($_POST['newPassword']);
function editAccount($userID, $oldPassword, $newPassword)
{
$conn = tools::connectDatabase();
$result = mysqli_query($conn, "SELECT Password FROM Users WHERE EmployeeID='{$userID}'");
$row = mysqli_fetch_array($result);
if ($row['Password'] == $oldPassword) {
mysqli_query($conn, "UPDATE Users SET Password='******' WHERE EmployeeID='{$userID}' ");
echo "success";
} else {
echo "failed";
}
}
editAccount($userID, $oldPassword, $newPassword);
function writeAccount()
{
global $_GET;
// check if an account was specified
if (!isset($_GET["aid"])) {
return "No account specified.";
} else {
$account_id = $_GET["aid"];
}
// may we edit?
if (checkMayEdit($account_id) == FALSE) {
return "You may not edit this account.";
}
$OUTPUT = "";
// verify
extract($_GET);
$v =& new validate();
if (isset($account_name)) {
$v->isOK($account_name, "string", 1, 150, "Invalid account name.");
}
if (isset($server_host)) {
$v->isOK($server_host, "url", 0, 255, "Invalid host for pop3 server.");
}
if (isset($server_user)) {
$v->isOK($server_user, "string", 0, 255, "Invalid username.");
}
if (isset($server_pass)) {
$v->isOK($server_pass, "string", 0, 255, "Invalid password.");
}
if (isset($server_pass_confirm)) {
$v->pwMatch($server_pass, $server_passconfirm, "Passwords do not match");
}
if (isset($smtp_from)) {
$v->isOK($smtp_from, "email", 0, 255, "Invalid email address in SMTP from field");
}
if (isset($smtp_reply)) {
$v->isOK($smtp_reply, "email", 0, 255, "Invalid email address in SMTP reply field");
}
if (isset($signature)) {
$v->isOK($signature, "string", 0, 1024, "Invalid signature");
}
if (isset($smtp_host)) {
$v->isOK($smtp_host, "url", 0, 255, "Invalid SMTP host");
}
if (isset($smtp_user)) {
$v->isOK($smtp_user, "string", 0, 255, "Invalid SMTP user.");
}
if (isset($smtp_pass)) {
$v->isOK($smtp_pass, "string", 0, 255, "Invalid SMTP password.");
}
if (isset($smtp_passconfirm)) {
$v->pwMatch($smtp_pass, $smtp_passconfirm, "SMTP passwords do not match");
}
// was there erros
if ($v->isError()) {
$err = $v->getErrors();
foreach ($err as $ernum => $val) {
$OUTPUT .= "{$val['msg']}<br>";
}
// load the previous function
$OUTPUT .= editAccount();
return $OUTPUT;
}
// change the checkboxes to values recognized by the db
if (!isset($active)) {
$active = "0";
}
if (!isset($user_edit)) {
$user_edit = "0";
}
if (!isset($leave_msgs)) {
$leave_msgs = "0";
}
if (!isset($enable_smtp)) {
$enable_smtp = "0";
}
//if ( ! isset($smtp_auth) ) $smtp_auth = "0";
$smtp_auth = "0";
if (!isset($public)) {
$public = "0";
}
if ($active == "on") {
$active = "1";
}
if ($user_edit == "on") {
$user_edit = "1";
}
if ($leave_msgs == "on") {
$leave_msgs = "1";
}
if ($enable_smtp == "on") {
$enable_smtp = "1";
}
//if ( $smtp_auth == "on" ) $smtp_auth = "1";
if ($public == "on") {
$public = "1";
}
// only change the passwords if a new one was specified
if (!empty($smtp_pass)) {
$smtp_pass_change = "smtp_pass = '******',";
} else {
$smtp_pass_change = "";
}
if (!empty($server_pass)) {
$server_pass_change = "server_pass = '******',";
} else {
$server_pass_change = "";
}
// ok now update
$sql = "UPDATE mail_accounts\n\t\tSET \tactive = '{$active}',\n\t\t\tusername = '******',\n\t\t\tuser_edit = '{$user_edit}',\n\t\t\taccount_name = '{$account_name}',\n\t\t\tserver_host = '{$server_host}',\n\t\t\tserver_user = '******',\n\t\t\t{$server_pass_change}\n\t\t\tleave_msgs = '{$leave_msgs}',\n\t\t\tenable_smtp = '{$enable_smtp}',\n\t\t\tsmtp_from = '{$smtp_from}',\n\t\t\tsmtp_reply = '{$smtp_reply}',\n\t\t\tsmtp_host = '{$smtp_host}',\n\t\t\tsmtp_auth = '{$smtp_auth}',\n\t\t\tsmtp_user = '******',\n\t\t\t{$smtp_pass_change}\n\t\t\tsignature = '{$signature}',\n\t\t\t\"public\" = '{$public}'\n\t\tWHERE account_id = {$account_id}";
$rslt = db_exec($sql);
if (pg_cmdtuples($rslt) <= 0) {
return "Error updating account. Please contact Cubit.<br>";
}
header("Location: messages.php?key=frameset&fid=0");
$OUTPUT .= "Succesfully updated account.<br>";
return $OUTPUT;
}
$nombreDestinatario = $app->request->headers->get('nombreDestinatario');
$numeroUnidades = $app->request->headers->get('numeroUnidades');
$numeroDocumento = $app->request->headers->get('numeroDocumento');
$nombreDestinatario2 = $app->request->headers->get('nombreDestinatario2');
$destino2 = $app->request->headers->get('destino2');
$motivo = $app->request->headers->get('motivo');
$cupoDisponible = $app->request->headers->get('cupoDisponible');
$cupoCr = $app->request->headers->get('cupoCr');
$totalCartera = $app->request->headers->get('totalCartera');
$condicionPago = $app->request->headers->get('condicionPago');
$plazoPago = $app->request->headers->get('plazoPago');
$promedioPago = $app->request->headers->get('promedioPago');
$carteraVencida = $app->request->headers->get('carteraVencida');
$carteraVencer = $app->request->headers->get('carteraVencer');
//LLama el método que lee de la base de datos y obtiene la respuesta
$respuesta = editAccount($id, $name, $nit, $codigoAlterno, $canal, $sector, $telefono1, $ext1, $telefono2, $ext2, $celular, $fax, $direccion, $municipio, $departamento, $zona, $uen, $email, $web, $grupo, $segmento, $estado, $descuento, $presupuesto, $descripcion, $correoTransporte, $usuarioAsignado, $usuarioCreador, $fechaConstitucion, $ventasActual, $ventasAnterior, $numeroAlianzas, $alianzas, $origenCuenta, $fechaFacturacion, $facturacionDiaria, $facturacionAcumuladaMes, $porcentajeCumplimiento, $facturacionAutorizada, $facturacionNoAutorizada, $fechaDespacho, $remesa, $destino, $nombreDestinatario, $numeroUnidades, $numeroDocumento, $nombreDestinatario2, $destino2, $motivo, $cupoDisponible, $cupoCr, $totalCartera, $condicionPago, $plazoPago, $promedioPago, $carteraVencida, $carteraVencer);
//Muestra la respuesta al cliente
echo $respuesta;
});
//--------------------------------------------------------------------------------------------------
$app->get('/getAccountContacts', function () {
//Importa el archivo que contiene el método
require_once 'Servicios/getAccountContacts.php';
$app = new \Slim\Slim();
require_once 'Servicios/Auth.php';
$deviceId = $app->request->headers->get('deviceID');
$hash = $app->request->headers->get('hash');
$respuesta = auth($deviceId, $hash);
if ($respuesta != "Auth_OK") {
echo $respuesta;
return;
