function populate() { $employee = DataObjectFactory::Factory('Employee'); $user = getCurrentUser(); if (!is_null($user->person_id)) { $employee->loadBy('person_id', $user->person_id); } if ($employee->isLoaded()) { $authorisor_model = $employee->holiday_model(); $employee->authorisationPolicy($authorisor_model); $authorisees = $employee->getAuthorisees($authorisor_model); } else { $authorisees = array(); } $holiday = DataObjectFactory::Factory('HolidayRequest'); $holidays = new HolidayrequestCollection($holiday); if (count($authorisees) > 0) { $holidays->setParams(); $sh = new SearchHandler($holidays, false); $sh->setFields(array('id', 'employee', 'employee_id', 'start_date', 'end_date', 'num_days')); $sh->addConstraint(new Constraint('status', '=', $holiday->newRequest())); $sh->addConstraint(new Constraint('employee_id', 'in', '(' . implode(',', $authorisees) . ')')); $this->setSearchLimit($sh); $sh->setOrderby(array('employee', 'start_date')); $holidays->load($sh); $holidays->clickcontroller = 'holidayrequests'; $holidays->editclickaction = 'view'; } $this->contents = $holidays; }
public function Execute() { $viewData = array(); $errors = array(); if (Helper::IsLoggedInAdmin() && isset($_GET["loginAsUser"])) { // login as a certain user and redirect to his page if (Helper::LoginUserByUsername($_GET["loginAsUser"])) { Helper::Redirect("index.php?" . Helper::CreateQuerystring(getCurrentUser())); } } $viewData["Users"] = DataAccess::GetAllUsers(!Helper::IsLoggedInAdmin()); $viewData["LastMapForEachUser"] = DataAccess::GetLastMapsForUsers("date"); // last x maps $numberOfMaps = isset($_GET["lastMaps"]) && is_numeric($_GET["lastMaps"]) ? (int) $_GET["lastMaps"] : (isset($_GET["lastMaps"]) && $_GET["lastMaps"] == "all" ? 999999 : 10); $viewData["LastMaps"] = DataAccess::GetMaps(0, 0, 0, 0, null, $numberOfMaps, "createdTime", Helper::GetLoggedInUserID()); // last x comments $numberOfComments = isset($_GET["lastComments"]) && is_numeric($_GET["lastComments"]) ? (int) $_GET["lastComments"] : (isset($_GET["lastComments"]) && $_GET["lastComments"] == "all" ? 999999 : 10); $viewData["LastComments"] = DataAccess::GetLastComments($numberOfComments, Helper::GetLoggedInUserID()); $viewData["OverviewMapData"] = null; $categories = DataAccess::GetCategoriesByUserID(); foreach ($viewData["LastMaps"] as $map) { $data = Helper::GetOverviewMapData($map, false, true, true, $categories); if ($data != null) { $viewData["OverviewMapData"][] = $data; } } if (isset($_GET["error"]) && $_GET["error"] == "email") { $errors[] = sprintf(__("ADMIN_EMAIL_ERROR"), ADMIN_EMAIL); } $viewData["Errors"] = $errors; return $viewData; }
public static function makeHeader($data, $do, &$errors) { if (strtotime(fix_date($data['order_date'])) > strtotime(fix_date(date(DATE_FORMAT)))) { $errors[] = 'Order Date cannot be in the future'; return false; } if (!isset($data['id']) || $data['id'] == '') { // $generator = new OrderNumberHandler(); $generator = new UniqueNumberHandler(false, $data['type'] != 'T'); $data['order_number'] = $generator->handle(DataObjectFactory::Factory($do)); $data['status'] = 'N'; $user = getCurrentUser(); $data['raised_by'] = $user->username; } //determine the base currency $currency = DataObjectFactory::Factory('Currency'); $currency->load($data['currency_id']); $data['rate'] = $currency->rate; //determine the twin currency $glparams = DataObjectFactory::Factory('GLParams'); $twin_currency = DataObjectFactory::Factory('Currency'); $twin_currency->load($glparams->base_currency()); $data['twin_rate'] = $twin_currency->rate; $data['twin_currency_id'] = $twin_currency->id; return DataObject::Factory($data, $errors, $do); }
public function Execute() { $viewData = array(); $errors = array(); // no user specified - redirect to user list page if (!getCurrentUser()) { Helper::Redirect("users.php"); } // user is hidden - redirect to user list page if (!getCurrentUser()->Visible) { Helper::Redirect("users.php"); } if (isset($_POST["cancel"])) { Helper::Redirect("index.php?" . Helper::CreateQuerystring(getCurrentUser())); } if (isset($_GET["action"]) && $_GET["action"] == "logout") { $location = "index.php?" . Helper::CreateQuerystring(getCurrentUser()); Helper::LogoutUser(); Helper::Redirect($location); } if (isset($_POST["login"])) { $currentUserID = getCurrentUser()->ID; if (Helper::LoginUser(stripslashes($_POST["username"]), stripslashes($_POST["password"]))) { if (getCurrentUser()->ID == $currentUserID) { Helper::Redirect("index.php?" . Helper::CreateQuerystring(getCurrentUser())); } } $errors[] = __("INVALID_USERNAME_OR_PASSWORD"); } if (isset($_POST["forgotPassword"])) { Helper::Redirect("send_new_password.php?" . Helper::CreateQuerystring(getCurrentUser())); } $viewData["Errors"] = $errors; return $viewData; }
public function systemCompany(&$do, &$errors) { $user = getCurrentUser(); $person = new Person(); $person->load($user->person_id); $format = new xmlrpcmsg('elgg.user.newCommunity', array(new xmlrpcval($person->firstname . ' ' . $person->surname, "string"), new xmlrpcval($person->email, "string"), new xmlrpcval($do->company, "string"))); $client = new xmlrpc_client("_rpc/RPC2.php", "tech2.severndelta.co.uk", 8091); $request = $client->send($format); if (!$request->faultCode()) { $response = $request->value(); if ($response->structmemexists('owner') && $response->structmemexists('community')) { $person->published_username = $response->structmem('owner')->scalarval(); $person->save(); $do->published = true; $do->published_username = $response->structmem('community')->scalarval(); $do->published_owner_id = $person->id; $do->save(); } else { $errors[] = 'Failed to publish company'; } } else { $errors[] = "Code: " . $request->faultCode() . " Reason '" . $request->faultString(); return false; } return true; }
function populate() { $employee = DataObjectFactory::Factory('Employee'); $user = getCurrentUser(); if (!is_null($user->person_id)) { $employee->loadBy('person_id', $user->person_id); } if ($employee->isLoaded()) { $authorisor_model = $employee->expense_model(); $employee->authorisationPolicy($authorisor_model); $authorisees = $employee->getAuthorisees($authorisor_model); } else { $authorisees = array(); } $expense = DataObjectFactory::Factory('Expense'); $expenses = new ExpenseCollection($expense); if (count($authorisees) > 0) { $expenses->setParams(); $sh = new SearchHandler($expenses, false); $sh->setFields(array('id', 'expense_number', 'employee', 'employee_id', 'description', 'gross_value')); $sh->addConstraint(new Constraint('status', '=', $expense->statusAwaitingAuthorisation())); $sh->addConstraint(new Constraint('employee_id', 'in', '(' . implode(',', $authorisees) . ')')); $this->setSearchLimit($sh); $sh->setOrderby(array('expense_number')); $expenses->load($sh); $expenses->clickcontroller = 'expenses'; $expenses->editclickaction = 'view'; } $this->contents = $expenses; $this->vars['module'] = 'hr'; $this->vars['controller'] = 'expenses'; }
public function Execute() { $viewData = array(); // no user specified - redirect to user list page if (!getCurrentUser()) { Helper::Redirect("users.php"); } // user is hidden - redirect to user list page if (!getCurrentUser()->Visible) { Helper::Redirect("users.php"); } // the requested map $map = new Map(); $map->Load($_GET["map"]); if (!$map->ID) { die("The map has been removed."); } DataAccess::UnprotectMapIfNeeded($map); if (Helper::MapIsProtected($map)) { die("The map is protected until " . date("Y-m-d H:i:s", Helper::StringToTime($map->ProtectedUntil, true)) . "."); } if ($map->UserID != getCurrentUser()->ID) { die; } $viewData["Comments"] = DataAccess::GetCommentsByMapId($map->ID); $viewData["Name"] = $map->Name . ' (' . date(__("DATE_FORMAT"), Helper::StringToTime($map->Date, true)) . ')'; // previous map in archive $previous = DataAccess::GetPreviousMap(getCurrentUser()->ID, $map->ID, Helper::GetLoggedInUserID()); $viewData["PreviousName"] = $previous == null ? null : $previous->Name . ' (' . date(__("DATE_FORMAT"), Helper::StringToTime($previous->Date, true)) . ')'; // next map in archive $next = DataAccess::GetNextMap(getCurrentUser()->ID, $map->ID, Helper::GetLoggedInUserID()); $viewData["NextName"] = $next == null ? null : $next->Name . ' (' . date(__("DATE_FORMAT"), Helper::StringToTime($next->Date, true)) . ')'; $size = $map->GetMapImageSize(); $viewData["ImageWidth"] = $size["Width"]; $viewData["ImageHeight"] = $size["Height"]; DataAccess::IncreaseMapViews($map); $viewData["Map"] = $map; $viewData["BackUrl"] = isset($_SERVER["HTTP_REFERER"]) && basename($_SERVER["HTTP_REFERER"]) == "users.php" ? "users.php" : "index.php?" . Helper::CreateQuerystring(getCurrentUser()); $viewData["Previous"] = $previous; $viewData["Next"] = $next; $viewData["ShowComments"] = isset($_GET["showComments"]) && ($_GET["showComments"] = true) || !__("COLLAPSE_VISITOR_COMMENTS"); $viewData["FirstMapImageName"] = Helper::GetMapImage($map); if ($map->BlankMapImage) { $viewData["SecondMapImageName"] = Helper::GetBlankMapImage($map); } $viewData["QuickRouteJpegExtensionData"] = $map->GetQuickRouteJpegExtensionData(); if (isset($viewData["QuickRouteJpegExtensionData"]) && $viewData["QuickRouteJpegExtensionData"]->IsValid) { $categories = DataAccess::GetCategoriesByUserID(getCurrentUser()->ID); $viewData["OverviewMapData"][] = Helper::GetOverviewMapData($map, true, false, false, $categories); $viewData["GoogleMapsUrl"] = "http://maps.google.com/maps" . "?q=" . urlencode(Helper::GlobalPath("export_kml.php?id=" . $map->ID . "&format=kml")) . "&language=" . Session::GetLanguageCode(); } if (USE_3DRERUN == '1' && DataAccess::GetSetting("LAST_WORLDOFO_CHECK_DOMA_TIME", "0") + RERUN_FREQUENCY * 3600 < time()) { $viewData["RerunMaps"] = Helper::GetMapsForRerunRequest(); $viewData["TotalRerunMaps"] = count(explode(",", $viewData["RerunMaps"])); $viewData["ProcessRerun"] = true; } return $viewData; }
function refreshConfig($auto_redirect = true) { global $_SITE_CONFIG; $db_prefix = getDbPrefix(); $_SITE_CONFIG['uid'] = getCurrentUser(); $_SITE_CONFIG['charset'] = 'utf-8'; $_SITE_CONFIG['lang'] = 'zh_CN'; $_SITE_CONFIG['timeoffset'] = 8; // 系统信息 $sql = "SELECT `key`,`value` FROM {$db_prefix}system_data WHERE `list` = 'myop' OR `list` = 'siteopt'"; $res = doQuery($sql); foreach ($res as $v) { $_SITE_CONFIG[$v['key']] = unserialize($v['value']); } // 用户信息 $sql = "SELECT * FROM {$db_prefix}user WHERE `uid` = {$_SITE_CONFIG['uid']}"; $res = doQuery($sql); $_SITE_CONFIG['userInfo'] = $res[0]; // 消息统计 $sql = "SELECT COUNT(*) AS count FROM {$db_prefix}message WHERE `to_uid` = {$_SITE_CONFIG['uid']} AND `is_read` = 0 AND `deleted_by` <> {$_SITE_CONFIG['uid']}"; $res = doQuery($sql); $_SITE_CONFIG['userCount']['message'] = $res[0]['count']; $sql = "SELECT COUNT(*) AS count FROM {$db_prefix}notify WHERE `receive` = {$_SITE_CONFIG['uid']} AND `is_read` = 0"; $res = doQuery($sql); $_SITE_CONFIG['userCount']['notify'] = $res[0]['count']; $sql = "SELECT COUNT(*) AS count FROM {$db_prefix}myop_myinvite WHERE `touid` = {$_SITE_CONFIG['uid']} AND `is_read` = 0"; $res = doQuery($sql); $_SITE_CONFIG['userCount']['appmessage'] = $res[0]['count']; $sql = "SELECT * FROM {$db_prefix}user_count WHERE `uid` = {$_SITE_CONFIG['uid']}"; $res = doQuery($sql); $res = $res[0]; $_SITE_CONFIG['userCount']['comment'] = $res['comment']; $_SITE_CONFIG['userCount']['atme'] = $res['atme']; $_SITE_CONFIG['userCount']['total'] = array_sum($_SITE_CONFIG['userCount']); // 广告 $place_array = array('middle', 'header', 'left', 'right', 'footer'); $sql = 'SELECT `content`,`place` FROM ' . $db_prefix . 'ad WHERE `is_active` = "1" AND `content` <> "" ORDER BY `display_order` ASC,`ad_id` ASC'; $ads = doQuery($sql); foreach ($ads as $v) { $v['content'] = htmlspecialchars_decode($v['content']); $_SITE_CONFIG['ad'][$place_array[$v['place']]][] = $v; } // 底部文章 $sql = 'SELECT `document_id`,`title`,`content` FROM ' . $db_prefix . 'document WHERE `is_active` = "1" AND `is_on_footer` = "1" ORDER BY `display_order` ASC,`document_id` ASC'; $docs = doQuery($sql); foreach ($docs as $k => $v) { if (mb_substr($v['content'], 0, 6, 'UTF8') == 'ftp://' || mb_substr($v['content'], 0, 7, 'UTF8') == 'http://' || mb_substr($v['content'], 0, 8, 'UTF8') == 'https://' || mb_substr($v['content'], 0, 9, 'UTF8') == 'mailto://') { $docs[$k]['url'] = $v['content']; } unset($docs[$k]['content']); } $_SITE_CONFIG['footer_document'] = $docs; }
public static function useMySearch($search_data = null, &$errors, $defaults = null, $params) { $search = new HoursSearch($defaults); $search->addSearchField('start_time', 'start_date', 'between'); $user = getCurrentUser(); $search->addSearchField('person_id', 'name', 'hidden', $user->person_id, 'hidden'); foreach ($params as $option) { $option = 'add' . $option; $search->{$option}($search); } $search->setSearchData($search_data, $errors); return $search; }
protected function get_employee_id() { $user = getCurrentUser(); if ($user && !is_null($user->person_id)) { $employee = DataObjectFactory::Factory('Employee'); $employee->loadBy('person_id', $user->person_id); if ($employee->isLoaded()) { return $employee->id; } } // User is not an employee return ''; }
function __construct($tablename = 'tickets') { parent::__construct($tablename); $this->idField = 'id'; $this->orderby = 'lastupdated'; $this->orderdir = 'desc'; $this->identifier = 'summary'; $this->identifierField = 'summary'; $this->setAdditional('number'); $this->hasMany('TicketResponse', 'ticket_id'); $cc = new ConstraintChain(); $cc->add(new Constraint('type', '=', 'site')); $this->setAlias('response', 'TicketResponse', $cc, 'body'); $this->belongsTo('TicketQueue', 'ticket_queue_id', 'ticket_queue'); $this->belongsTo('TicketPriority', 'client_ticket_priority_id', 'client_ticket_priority'); $this->belongsTo('TicketSeverity', 'client_ticket_severity_id', 'client_ticket_severity'); $this->belongsTo('TicketStatus', 'client_ticket_status_id', 'client_ticket_status'); $this->belongsTo('TicketPriority', 'internal_ticket_priority_id', 'internal_ticket_priority'); $this->belongsTo('TicketSeverity', 'internal_ticket_severity_id', 'internal_ticket_severity'); $this->belongsTo('TicketStatus', 'internal_ticket_status_id', 'internal_ticket_status'); $this->belongsTo('TicketCategory', 'ticket_category_id', 'ticket_category'); $this->belongsTo('TicketReleaseVersion', 'ticket_release_version_id', 'release_version'); $this->belongsTo('Person', 'originator_person_id', 'originator_person'); $this->belongsTo('Company', 'originator_company_id', 'originator_company'); $this->hasOne('Company', 'originator_company_id', 'company'); $this->belongsTo('User', 'assigned_to', 'person_assigned_to'); $this->_fields['originator_company_id']->has_default = true; $company = new SystemCompany(); $company->load(EGS_COMPANY_ID); $this->_fields['originator_company_id']->default_value = $company->company_id; $user = getCurrentUser(); if ($user) { if (isset($user->email)) { $this->_fields['originator_email_address']->has_default = true; $this->_fields['originator_email_address']->default_value = $user->email; } if (!is_null($user->person_id)) { $this->_fields['originator_person_id']->has_default = true; $this->_fields['originator_person_id']->default_value = $user->person_id; if (!is_null($user->persondetail->email->contactmethod)) { $this->_fields['originator_email_address']->has_default = true; $this->_fields['originator_email_address']->default_value = $user->persondetail->email->contactmethod; } } } $this->_fields['raised_by']->has_default = true; $this->_fields['raised_by']->default_value = EGS_USERNAME; }
/** * @param void * @return ConstraintChain * * Returns a constraintchain containing OR'd constraints for each status checked on the form */ public function toConstraint() { $cc = false; if (!is_array($this->value)) { $this->value = array($this->value); } $cc = new ConstraintChain(); $codes = $this->value_set ? $this->value : array_flip($this->default); $db = DB::Instance(); $date = fix_date(date(DATE_FORMAT)); foreach ($codes as $code => $on) { if ($code != '') { switch ($code) { case 'Raised by me': $cc->add(new Constraint('raised_by', '=', getCurrentUser()->username)); break; case 'Other Orders': $cc->add(new Constraint('raised_by', '!=', getCurrentUser()->username), 'OR'); break; case 'Authorised by me': $c = new ConstraintChain(); $c->add(new Constraint('authorised_by', '=', getCurrentUser()->username)); $c->add(new Constraint('date_authorised', 'is not', 'NULL')); $cc->add($c, 'OR'); break; case 'Awaiting Authorisation': $awaitingauth = new POAwaitingAuthCollection(new POAwaitingAuth()); $authlist = $awaitingauth->getOrderList(getCurrentUser()->username); if (empty($authlist)) { $authlist = '-1'; } $c = new ConstraintChain(); $c->add(new Constraint('type', '=', 'R')); $c->add(new Constraint('authorised_by', 'is', 'NULL')); $c->add(new Constraint('raised_by', '!=', getCurrentUser()->username)); $c->add(new Constraint('id', 'in', '(' . $authlist . ')')); $cc->add($c, 'OR'); break; } } } return $cc; }
public function filter(&$res) { foreach ($this->_unsetFields as $key) { unset($res[$key]); } $res['about'] = $res['profile']['about']; $currentUser = getCurrentUser(); $returnRes = array(); if ($currentUser->isAdmin() || $currentUser['id'] == $res['id']) { foreach ($this->_privateFields as $key) { $returnRes[$key] = $res[$key]; } foreach ($this->_profileFields as $key) { $returnRes[$key] = $res['profile'][$key]; } } else { foreach ($this->_publicFields as $key) { $returnRes[$key] = $res[$key]; } if (in_array('ROLE_TEACHER', $returnRes['roles'])) { $returnRes['roles'] = array('ROLE_TEACHER'); } else { $returnRes['roles'] = array('ROLE_USER'); } } $res = $returnRes; foreach (array('smallAvatar', 'mediumAvatar', 'largeAvatar') as $key) { $res[$key] = $this->getFileUrl($res[$key]); } foreach (array('promotedTime', 'loginTime', 'approvalTime', 'createdTime') as $key) { if (!isset($res[$key])) { continue; } $res[$key] = date('c', $res[$key]); } $res['updatedTime'] = date('c', $res['updatedTime']); return $res; }
public function Execute() { $viewData = array(); $errors = array(); // no user specified - redirect to user list page if (!getCurrentUser()) { Helper::Redirect("users.php"); } // user is hidden - redirect to user list page if (!getCurrentUser()->Visible) { Helper::Redirect("users.php"); } // no email address for user is not specified if (!getCurrentUser()->Email) { Helper::Redirect("users.php"); } if ($_POST["cancel"]) { Helper::Redirect("login.php?" . Helper::CreateQuerystring(getCurrentUser())); } if ($_POST["send"]) { $password = Helper::CreatePassword(6); $user = getCurrentUser(); $user->Password = md5($password); $user->Save(); $fromName = __("DOMA_ADMIN_EMAIL_NAME"); $subject = __("NEW_PASSWORD_EMAIL_SUBJECT"); $baseAddress = Helper::GlobalPath(""); $userAddress = Helper::GlobalPath("index.php?user="******"NEW_PASSWORD_EMAIL_BODY"), $user->FirstName, $baseAddress, $userAddress, $user->Username, $password); $emailSentSuccessfully = Helper::SendEmail($fromName, $user->Email, $subject, $body); if ($emailSentSuccessfully) { Helper::Redirect("login.php?" . Helper::CreateQuerystring(getCurrentUser()) . "&action=newPasswordSent"); } $errors[] = __("EMAIL_ERROR"); } $viewData["Errors"] = $errors; return $viewData; }
<?php require_once '../includes/header.php'; if (!getCurrentUser()) { header('Location: ../user/login.php'); } ?> <?php $id = $_GET['id']; $sql = "SELECT * FROM kids WHERE id = '{$id}'"; $result = mysqli_query($mysql_connection, $sql); $row = mysqli_fetch_array($result); ?> <?php if ($row) { ?> <div class="row"> <div class="card col s6 push-s3"> <div class="card-content"> <span class="card-title">Edit <?php echo $row['first_name']; ?> </span> <form method="post" action="update.php"> <div class="input-field"> First name: <input type="text" name="first_name" value="<?php echo $row['first_name']; ?>
echo getCurrentUser('username'); ?> </a></li><?php } ?> </ul> </div> <div class="row visible-xs visible-sm" style="text-align: center"> <ul class="mobile_nav"> <li id="first_menu"><a class="btn btn-default" href="/"><i class="mdi mdi-home"></i> Home</a></li> <li id="first_menu"><a class="btn btn-default" href="#info"><i class="mdi mdi-file"></i> Docs</a></li> <li><a class="btn btn-default" href="#new_user"><i class="mdi mdi-puzzle"></i> Contents</a></li> <?php if (getCurrentUser() != '') { ?> <li><a rel="nofollow" class="btn btn-warning" href="c_admin"><i class="mdi mdi-account"></i> <?php echo getCurrentUser('username'); ?> </a></li><?php } ?> </ul> </div> <!-- TOP RIGHT RIBBON: START COPYING HERE --> <div class="github-fork-ribbon-wrapper left"> <div class="github-fork-ribbon"> <a href="https://github.com/vsg24/ccms" target="_blank">Fork me on GitHub</a> </div> </div> <!-- TOP RIGHT RIBBON: END COPYING HERE --> <br>
function _errorlog_logErrorRecord($logType, $logData) { // limit errors logged per session (to prevent infinite loops from logging infinite errors) $maxErrorsPerPage = 25; $maxErrorsReached = false; static $totalErrorsLogged = 0; $totalErrorsLogged++; if ($totalErrorsLogged > $maxErrorsPerPage + 1) { return; } // ignore any errors after max error limit if ($totalErrorsLogged > $maxErrorsPerPage) { $maxErrorsReached = true; } // get summary of CMS user data $CMS_USER = getCurrentUserFromCMS(); $subsetFields = array(); foreach (array('num', 'username') as $field) { if (isset($CMS_USER[$field])) { $subsetFields[$field] = $CMS_USER[$field]; } } $subsetFields['_tableName'] = 'accounts'; $cms_user_summary = print_r($subsetFields, true); // get summary of WEB user data $WEB_USER = getCurrentUser(); $subsetFields = array(); foreach (array('num', 'username') as $field) { if (isset($WEB_USER[$field])) { $subsetFields[$field] = $WEB_USER[$field]; } } $subsetFields['_tableName'] = accountsTable(); $web_user_summary = print_r($subsetFields, true); // create error message if ($maxErrorsReached) { $errorMessage = t(sprintf("Max error limit reached! Only the first %s errors per page will be logged.", $maxErrorsPerPage)); } else { if (isset($logData['errno'])) { $errorName = _errorLog_erronoToConstantName($logData['errno']); } else { $errorName = 'UNKNOWN_ERROR'; } $errorMessage = "{$errorName}: " . (isset($logData['errstr']) ? $logData['errstr'] : ''); } // create $logDataSummary without $logDataSummary = $logData; if (array_key_exists('errcontext', $logData)) { $logDataSummary['errcontext'] = "*** in symbol table field above ***"; } // create log record data $colsToValues = array('dateLogged=' => 'NOW()', 'updatedDate=' => 'NOW()', 'updatedByuserNum' => '0', 'error' => $errorMessage, 'url' => thisPageUrl(), 'filepath' => isset($logData['errfile']) ? $logData['errfile'] : '', 'line_num' => isset($logData['errline']) ? $logData['errline'] : '', 'user_cms' => isset($CMS_USER['num']) ? $cms_user_summary : '', 'user_web' => isset($WEB_USER['num']) ? $web_user_summary : '', 'http_user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '', 'remote_addr' => isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '', 'request_vars' => print_r($_REQUEST, true), 'get_vars' => print_r($_GET, true), 'post_vars' => print_r($_POST, true), 'cookie_vars' => print_r($_COOKIE, true), 'session_vars' => isset($_SESSION) ? print_r($_SESSION, true) : '', 'server_vars' => print_r($_SERVER, true), 'symbol_table' => isset($logData['errcontext']) ? print_r($logData['errcontext'], true) : '', 'raw_log_data' => print_r($logDataSummary, true), 'email_sent' => 0); // insert record $newRecordNum = mysql_insert('_error_log', utf8_force($colsToValues, true)); // remove old log records $maxRecords = 900; $buffer = 100; // only erase records when we're this many over (to avoid erasing records every time) if (mysql_count('_error_log') > $maxRecords + $buffer) { $oldestRecordToSave_query = "SELECT * FROM `{$GLOBALS['TABLE_PREFIX']}_error_log` ORDER BY `num` DESC LIMIT 1 OFFSET " . ($maxRecords - 1); $oldestRecordToSave = mysql_get_query($oldestRecordToSave_query); if (!empty($oldestRecordToSave['num'])) { mysql_delete('_error_log', null, "num < {$oldestRecordToSave['num']}"); } } // send email update if ($GLOBALS['SETTINGS']['advanced']['phpEmailErrors']) { register_shutdown_function('_errorlog_sendEmailAlert'); } }
<!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title>Kids</title> <link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/materialize/0.97.5/css/materialize.min.css"> </head> <body> <nav class="pink"> <div class="nav-wrapper"> <div class="row"> <div class="col s12"> <a href="#" class="brand-logo center">I got kids</a> <?php if ($row = getCurrentUser()) { ?> <ul id="nav-mobile" class="left hide-on-med-and-down"> <li><a href="../kids/index.php">Home</a></li> <li><a href="../kids/new.php">New</a></li> </ul> <ul class="right"> <li><i class="material-icons">perm_identity</i></li> <li><?php echo $row['email']; ?> </li> <li> <form action="../session/destroy.php" method="POST"> <button class="waves-effect waves-light btn" type="submit">Log out</button> </form>
<?php error_reporting(E_ERROR); //Сценарий для обработки запросов к БД из форм поисков require_once 'functions/database.php'; require_once 'functions/functions.php'; require_once 'functions/access.php'; // подключение к БД $link = startup(); //Определение текущего пользователя $user = getCurrentUser($link); //Определяем, может ли пользователь редактировать, добавлять, удалять записи и видеть панель администратора $canDoEdit = canDo($link, $user, 'EDIT_ENTRY'); $canDoAdd = canDo($link, $user, 'ADD_ENTRY'); $canDoDelete = canDo($link, $user, 'DELETE_ENTRY'); $canDoViewAdminPanel = canDo($link, $user, 'ADMIN_PANEL'); //вытаскиваем полное число записей из БД //$numEntriesAll = getEntriesAll($link); if (!empty($_POST['numOrder'])) { //Поиск записей по номеру договора $entries = get_entry_by_order($link, $_POST['numOrder']); $searchStringNumOrder = $_POST['numOrder']; } else { if (!empty($_POST['customer'])) { //Поиск записей по название клиента $entries = get_entries_by_customer($link, $_POST['customer']); $searchStringCustomer = $_POST['customer']; } else { if (!empty($_POST['ip_address'])) { //Поиск записей по IP-адресу $entries = get_entries_by_ip($link, $_POST['ip_address']);
function isAuthorised($authoriser) { // Identifies if the current user is authorised to act // for another employee - e.g. to input their holidays $user = getCurrentUser(); if ($user && !is_null($user->person_id)) { if ($this->person_id == $user->person_id) { // The user is the employee return true; } if ($this->person->reports_to == $user->person_id) { // The user is the employees manager return true; } $employee = DataObjectFactory::Factory('Employee'); $employee->loadBy('person_id', $user->person_id); // The user is an authoriser for the employee return $authoriser->isAuthorised($this->id, $employee->id); } return false; }
public function Execute() { $viewData = array(); // check if user is not specified or hidden if (!getCurrentUser()) { // all maps in archive $mode = "all"; $count = $_GET["count"]; if (!$count) { $count = 30; } $maps = DataAccess::GetMaps(0, 0, 0, 0, null, $count, "ID"); $categories = DataAccess::GetCategoriesByUserID(); $users = DataAccess::GetAllUsers(true); $viewData["Title"] = _SITE_TITLE; $viewData["LastCreatedTime"] = date("r", DataAccess::GetLastCreatedTime()); $viewData["Description"] = _SITE_DESCRIPTION; $viewData["WebsiteUrl"] = Helper::GlobalPath("index.php"); } else { // specified archive $mode = "user"; if (!getCurrentUser()->Visible) { die; } $users[getCurrentUser()->ID] = getCurrentUser(); $maps = DataAccess::GetMaps(getCurrentUser()->ID); $categories = DataAccess::GetCategoriesByUserID(getCurrentUser()->ID); $viewData["Title"] = __("PAGE_TITLE"); $viewData["LastCreatedTime"] = date("r", DataAccess::GetLastCreatedTime(getCurrentUser()->ID)); $viewData["Description"] = __("RSS_DESCRIPTION"); $viewData["WebsiteUrl"] = Helper::GlobalPath("index.php?" . Helper::CreateQuerystring(getCurrentUser())); } $viewData["Items"] = array(); foreach ($maps as $map) { $item = array(); $user = $users[$map->UserID]; $item["Title"] = hsc(Helper::DateToLongString(Helper::StringToTime($map->Date, true)) . ": " . $map->Name); $item["URL"] = $map->MapImage ? Helper::GlobalPath('show_map.php?user='******'&map=' . $map->ID) : ""; $atoms = array(); if (__("SHOW_MAP_AREA_NAME") && $map->MapName != "") { $atoms[] = $map->MapName; } if (__("SHOW_ORGANISER") && $map->Organiser != "") { $atoms[] = $map->Organiser; } if (__("SHOW_COUNTRY") && $map->Country != "") { $atoms[] = $map->Country; } $atoms2 = array(); if (__("SHOW_DISCIPLINE") && $map->Discipline != "") { $atoms2[] = hsc($map->Discipline); } if (__("SHOW_RELAY_LEG") && $map->RelayLeg != "") { $atoms2[] = __("RELAY_LEG_LOWERCASE") . ' ' . hsc($map->RelayLeg); } $item["Description"] = ($mode == "all" ? hsc($user->FirstName . " " . $user->LastName . '<br />') : '') . __("CATEGORY") . ": " . hsc($categories[$map->CategoryID]->Name) . hsc('<br />') . hsc(join(", ", $atoms)) . hsc('<br />') . join(", ", $atoms2); $item["PubDate"] = hsc(date("r", Helper::StringToTime($map->CreatedTime, true))); $viewData["Items"][] = $item; } return $viewData; }
<?php include 'db_connection.php'; include 'functions.php'; header('Content-Type: application/json'); $user = getCurrentUser($connection); if (!$user) { header("HTTP/1.0 401 Unauthorized", true, 401); echo json_encode(['error' => 'unauthorized']); exit; } $data = json_decode(file_get_contents('php://input'), true); if ($data) { $checkSql = mysqli_query($connection, ' SELECT username FROM ig_usernames WHERE username = "******" AND deleted_at IS NULL'); if (mysqli_num_rows($checkSql) != 0) { echo json_encode(['error' => 'inList']); exit; } $inserSql = mysqli_query($connection, ' INSERT INTO ig_usernames (username, user_id, change_user_id, created_at, updated_at) VALUES ("' . mysqli_real_escape_string($connection, strtolower($data['username'])) . '", "' . mysqli_real_escape_string($connection, $_SESSION['user']['id']) . '", "' . mysqli_real_escape_string($connection, $_SESSION['user']['id']) . '", CURRENT_TIMESTAMP, CURRENT_TIMESTAMP)'); if ($inserSql) { $lastId = mysqli_insert_id($connection); $lastSql = mysqli_query($connection, ' SELECT * FROM ig_usernames WHERE id = "' . $lastId . '" AND deleted_at IS NULL'); $last = mysqli_fetch_array($lastSql); echo json_encode($last);
// Delete the no-longer-occurring variants from variant_occurs print "Deleting disputed rows from variant_occurs..."; theDb()->query("DELETE v.*\nFROM variant_occurs_not n, variant_occurs v\nWHERE n.variant_id=v.variant_id\n AND n.dataset_id=v.dataset_id"); print theDb()->affectedRows(); print "\n"; // For each deleted variant+genome_id assoc, if the latest edit was // made by this program (i.e., nobody has written any comments about // this variant+genome_id association), and there is no longer any // evidence in variant_occurs supporting it, add a "delete" edit and // remove the entry from snap_latest. print "Entering \"delete\" edits for \"genome\" comment which have no supporting evidence after deleting those disputed rows and have not been edited by users..."; $q = theDb()->query("\nINSERT IGNORE INTO edits\n(variant_id, genome_id, article_pmid, previous_edit_id, is_draft, is_delete,\n edit_oid, edit_timestamp)\nSELECT old.variant_id, old.genome_id, 0, old.edit_id, 0, 1, ?, ?\nFROM variant_occurs_not del\nLEFT JOIN datasets deld\n ON deld.dataset_id=del.dataset_id\nLEFT JOIN snap_latest old\n ON old.variant_id=del.variant_id\n AND old.article_pmid=0\n AND old.genome_id=deld.genome_id\n AND old.edit_oid=?\nLEFT JOIN variant_occurs v\n ON old.variant_id=v.variant_id\nLEFT JOIN datasets d\n ON v.dataset_id=d.dataset_id\n AND d.genome_id=deld.genome_id\nWHERE old.edit_id IS NOT NULL\n AND d.dataset_id IS NULL\nGROUP BY del.variant_id, deld.genome_id\n", array(getCurrentUser("oid"), $timestamp, getCurrentUser("oid"))); if (theDb()->isError($q)) { print $q->getMessage(); } print $count_removals = theDb()->affectedRows(); print "\n"; if ($count_removals > 0) { print "Really removing them from snap_latest..."; theDb()->query("\nDELETE FROM snap_latest\nWHERE edit_id IN (SELECT previous_edit_id FROM edits WHERE edit_oid=? AND edit_timestamp=? AND is_delete=1)\n", array(getCurrentUser("oid"), $timestamp)); print theDb()->affectedRows(); print "\n"; } // Clean up if (getenv("DEBUG")) { theDb()->query("DROP TABLE IF EXISTS import_genomes_last"); theDb()->query("CREATE TABLE import_genomes_last LIKE import_genomes_tmp"); theDb()->query("INSERT INTO import_genomes_last SELECT * FROM import_genomes_tmp"); } theDb()->query("DROP TEMPORARY TABLE variant_occurs_not"); theDb()->query("DROP TEMPORARY TABLE import_genomes_tmp");
<?php $usermeta = getCurrentUser(); include 'cities.php'; global $login; if (isset($_POST['login']) and $login->isUserLoggedIn() and CUSER > 0) { updateField('users', 'user_lastlogin', date('Y-m-d H:i:s'), 'user_id', CUSER); updateField('users', 'user_lastlogin_ip', $_SERVER['REMOTE_ADDR'], 'user_id', CUSER); } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <title>pagalbadaiktais.lt</title> <link rel="stylesheet" type="text/css" href="/normalize.css" /> <link rel="stylesheet" type="text/css" href="/style.css" /> <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon"> <link rel="icon" href="/favicon.ico" type="image/x-icon"> <link href="//netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css" rel="stylesheet"> <link rel="stylesheet" type="text/css" href="/chosen.css" /> <script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script> <script src="//ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js"></script> <script src="//ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/i18n/jquery-ui-i18n.min.js"></script> <script src="/chosen.jquery.min.js"></script> <script src="/clamp.min.js"></script> <script src="/script.js"></script> <!--[if lte IE 9]><link rel="stylesheet" type="text/css" href="/styleIE.css" /><![endif]--> <!-- Google Tag Manager --> <noscript><iframe src="//www.googletagmanager.com/ns.html?id=GTM-W4BZ22"
<div class="container"> <label for="password"><?php print __("PASSWORD"); ?> </label> <input type="password" class="password" name="password" id="password" value="" /> </div> <div class="buttons"> <input type="submit" class="submit" name="login" value="<?php print __("LOGIN"); ?> " /> <?php if (getCurrentUser()->Email) { ?> <input type="submit" class="submit" name="forgotPassword" value="<?php print __("FORGOT_PASSWORD"); ?> " /> <?php } ?> <input type="submit" class="submit" name="cancel" value="<?php print __("CANCEL"); ?> " /> </div> </form> </div>
/** * Get html or txt template. If no data is specified, return content (to eval later). * Otherwise replace variables with data and return eval'ed content * * Always available variables are: * $user from globals and $name, $surename, $nickname of $user * $sitename * $modulename * They will be overwritten by variables of $data. * * @param string $template, may include an folder like email/filename * @param string $module * @param array $data; default: false * @param string $type; default: html, txt or any other file extension */ function getTemplateContent($template, $module, $data = false, $type = 'html', $language = null) { if (!$language) { $language = getConf("language"); } if (!$type) { $type = 'html'; } $lang = '_' . $language; $defaultLang = '_en'; $template = constant(strtoupper($module)) . TEMPLATES . "/{$template}"; $filename = "{$template}{$lang}.{$type}"; // try to find template file for current or default lang or lang independently or as plain text with or without lang if (file_exists("{$template}{$lang}.{$type}")) { $filename = "{$template}{$lang}.{$type}"; } elseif (file_exists("{$template}{$defaultLang}.{$type}")) { $filename = "{$template}{$defaultLang}.{$type}"; } elseif (file_exists("{$template}.{$type}")) { $filename = "{$template}.{$type}"; } elseif (file_exists("{$template}{$lang}.{$type}")) { $filename = "{$template}{$lang}.txt"; } elseif (file_exists("{$template}{$defaultLang}.{$type}")) { $filename = "{$template}{$defaultLang}.txt"; } elseif (file_exists("{$template}.{$type}")) { $filename = "{$template}.txt"; } if (!file_exists($filename)) { throw new CTFail(t('template.x.not.found', "{$template}.{$type}")); } //get template prefixed with closing php tag to prevent eval take content as php code $content = '?>' . file_get_contents($filename); // if no data specified return content if (empty($data)) { return $content; } // else extract data into current symbole table and eval content to populate variables $user = getCurrentUser(); // Get $user not through globals, otherwise it could overloaded through extract()!! $nickname = isset($user->spitzname) ? $user->spitzname : $user->vorname; $surname = $user->vorname; $name = $user->name; $sitename = getConf('site_name'); $modulename = getConf($module . '_name', $module); if (count($data)) { extract($data); } ob_start(); eval($content); $content = ob_get_contents(); ob_end_clean(); if (!$content) { throw new CTFail(t('error.occured')); } //TODO: refine error message return $content; }
function render_row(&$row) { global $gDisableEditing; $html = ""; $this->row_transition($row); $id_prefix = "v_{$row['variant_id']}__a_{$row['article_pmid']}__g_{$row['genome_id']}__d_{$row['disease_id']}__p_{$row['edit_id']}__"; $title = ""; foreach (array("article_pmid", "genome_id", "disease_id") as $keyfield) { if (strlen($row[$keyfield]) == 0) { $row[$keyfield] = 0; } } if ($row["disease_id"] != "0") { $tr = editable("{$id_prefix}f_summary_short__8x1__oddsratio", $row["summary_short"], $row["disease_name"] . "<BR />", array("rownumber" => $this->rownumber, "tip" => "Indicate the contribution of this article to OR statistics for " . htmlspecialchars($row["disease_name"]) . ".")); if ($tr != "") { if ($this->rownumber == 0) { $html .= $this->starttable; } $html .= $tr; ++$this->rownumber; } } else { if ($row["article_pmid"] != "0") { $html .= "<A name=\"a" . htmlentities($row["article_pmid"]) . "\"></A>\n"; $summary = article_get_summary($row["article_pmid"]); $html .= editable("{$id_prefix}f_summary_short__70x8__textile", $row[summary_short], $summary . "<BR />", array("tip" => "Explain this article's contribution to the conclusions drawn in the variant summary above.")); } else { if ($row["genome_id"] != "0") { $html .= "<A name=\"g" . $row["genome_id"] . "\"></A>\n"; // Pick the most human-readable name for this genome/person if (!($name = $row["name"])) { if (!($name = $row["global_human_id"])) { $name = "[" . $row["genome_id"] . "]"; } } $name = htmlspecialchars($name); // Link to the full genome(s) if ($row["dataset_count"] > 0) { $name = "<A href=\"{$row['dataset_url']}\">{$name}</A>"; } if ($row["dataset_count"] > 1) { $more = $row["dataset_count"] - 1; $name .= " ("; if ($row["dataset_url_2"]) { $name .= "<A href=\"{$row['dataset_url_2']}\">alternate</A>, "; --$more; } if ($more > 1) { $name .= "plus {$more} other data sets"; } else { if ($more == 1) { $name .= "plus 1 other data set"; } else { $name = ereg_replace(", \$", "", $name); } } $name .= ")"; } // Indicate the SNP that causes the variant if ($row["chr"]) { $name .= htmlspecialchars("\n" . substr($row["zygosity"], 0, 3) . " " . $row["allele"] . " @ " . $row["chr"] . ":" . $row["chr_pos"]); $name = nl2br($name); } $html .= editable("{$id_prefix}f_summary_short__70x8__textile", $row[summary_short], $name); } else { if ($row["disease_id"] != "0") { // Disease summary not attached to any particular publication } else { $html .= editable("{$id_prefix}f_summary_short__70x8__textile", $row[summary_short], "Short summary", array("tip" => "Provide a one line summary of clinical action to be undertaken given this variant (possibly modified by known phenotypes).")); $html .= editable("{$id_prefix}f_variant_quality", $row, "Variant quality"); global $gImpactOptions; $opts =& $gImpactOptions; $qualified_impact = evidence_qualify_impact($row["variant_quality"], $row["variant_impact"]); $html .= editable("{$id_prefix}f_variant_impact__", $row["variant_impact"], "Impact", array("select_options" => $opts, "previewtextile" => $qualified_impact, "tip" => "Categorize the expected impact of this variant.")); if (strtolower($qualified_impact) != strtolower($row["variant_impact"])) { $html .= "<P><I>(The \"" . strtolower(eregi_replace(",? " . $row["variant_impact"], "", $qualified_impact)) . "\" qualifier is assigned automatically based on the above evidence and importance scores.)</I></P>"; } global $gInheritanceOptions; $html .= editable("{$id_prefix}f_variant_dominance__", $row[variant_dominance], "Inheritance pattern", array("select_options" => $gInheritanceOptions)); $html .= editable("{$id_prefix}f_summary_long__70x8__textile", $row[summary_long], "Summary of published research, and additional commentary", array("tip" => "Provide a comprehensive review of the variant including youngest age of onset, oldest age of onset and oldest asymptomatic individual.")); } } } } if ($html == "") { return; } if (ereg('^<(TABLE|TR)', $html)) { // TODO: handle is_delete and flag_edited_id for table rows // somehow; for now just don't indicate them at all if ($row["is_delete"]) { return; } if ($row["flag_edited_id"]) { $this->html .= $html; return; } } else { if (!$gDisableEditing && getCurrentUser() || 0 < strlen($row["talk_text"])) { $show_label = 0 < strlen($row["talk_text"]) ? "<B>show discussion</B>" : "start discussion"; $html .= "<DIV class=\"rectangle-speech-border-hidden\"><DIV>{$show_label}</DIV>"; $html .= editable("{$id_prefix}f_talk_text__70x8__textile", $row[talk_text], "Discussion<BR />", array("tip" => "Comments about this section")); $html .= "</DIV>"; } } if ($row["is_delete"]) { $html .= "<DIV style=\"outline: 1px dashed #300; background-color: #fdd; color: #300; padding: 20px 20px 0 20px; margin: 0 0 10px 0;\"><P>Deleted in this revision:</P>{$html}</DIV>"; } else { if ($row["flag_edited_id"]) { if ($row["previous_edit_id"]) { $edited = "Edited"; } else { $edited = "Added"; } $html = "<DIV style=\"outline: 1px dashed #300; background-color: #dfd; color: #300; padding: 20px 20px 0 20px; margin: 0 0 10px 0;\"><P>{$edited} in this revision:</P>\n{$html}</DIV>"; } } $this->html .= $html; }
| 名称 | 类型 | 必需 | 说明 | | ---- | ----- | ----- | ---- | | nickname | string | 是 | 接收者昵称 | | content | string | 是 | 私信内容 | | type | string | 否 | 私信类型,默认为text | `type`的值有: 'text','image','video','audio' ** 响应 ** ``` { 'success':true } ``` */ $api->post('/', function (Request $request) { $nickname = $request->request->get('nickname'); $content = $request->request->get('content'); $type = $request->request->get('type', 'text'); $sender = getCurrentUser(); $receiver = ServiceKernel::instance()->createService('User.UserService')->getUserByNickname($nickname); if (empty($receiver)) { throw $this->createNotFoundException("抱歉,该收信人尚未注册!"); } $message = ServiceKernel::instance()->createService('User.MessageService')->sendMessage($sender['id'], $receiver['id'], $content, $type); return array('success' => empty($message) ? 'flase' : 'true', 'id' => empty($message) ? 0 : $message['id']); }); return $api;
$params = array('site_url' => FConfig::getUrl(), 'logo_url' => FConfig::getUrl('images/logo_footer.png'), 'username' => $rs_proj->name . ' ' . $rs_proj->lastname, 'oferta_username' => $user['name'] . ' ' . $user['lastname'], 'project_title' => $rs_proj->pro_tit, 'project_url' => $rs_proj->pro_tit); $body = FMailer::replaceParameters($params, file_get_contents('../views/emails/modificadaOfertaEnProyectoEmail.html')); $mailer = new FMailer(); $receivers = array(array('email' => $to)); $mailer->setReceivers($receivers); $mailer->sendEmail($asunto, $body); } } $arreglo[] = array('resp' => "Se ha enviado la información"); echo json_encode($arreglo); } //comentario en bid if ($act == "comentarioOferta") { //TODO Warning posible sql inyection $offerId = intval($_REQUEST['o_id']); $currentUser = getCurrentUser(); insertTable("oferta_comments", "'',{$offerId}, {$currentUser->id},'" . $_REQUEST['comment'] . "',NOW()"); $commentId = mysql_insert_id(); //usuario que oferto $user_of = listAll("ofertas", "WHERE id = {$_REQUEST['o_id']}"); $rs_user_of = mysql_fetch_object($user_of); $us_of = getUserInfo($rs_user_of->user_id); //usuario que posteo el proyecto $user_pro = listAll("proyectos", "WHERE pro_id = {$rs_user_of->pro_id}"); $rs_user_pro = mysql_fetch_object($user_pro); $us_pro = getUserInfo($rs_user_pro->user_id); //cliente //TODO use Notification model to abstract this logic //Begin notification //Json data to know what to do with this notification $notificationData = new stdClass();
public function getHours($_start_date = '', $_end_date = '', $_user = '') { // Used by Ajax to get a list of hours for a user between two dates if (isset($this->_data['ajax'])) { if (!empty($this->_data['start_date'])) { $_start_date = fix_date($this->_data['start_date']); } if (!empty($this->_data['end_date'])) { $_end_date = $this->_data['end_date']; } if (!empty($this->_data['person_id'])) { $_user = $this->_data['person_id']; } } if (empty($_start_date)) { $_start_date = fix_date(date(DATE_FORMAT)); } if (empty($_end_date)) { $_end_date = fix_date(date(DATE_FORMAT, strtotime("+1 day", strtotime($_start_date)))); } if (empty($_user)) { $user = getCurrentUser(); if (!is_null($user->person_id)) { $_user = $user->person_id; } } $hours = new HourCollection(); if (!empty($_user)) { $sh = new SearchHandler($hours, false); $sh->addConstraint(new Constraint('person_id', '=', $_user)); $sh->addConstraint(new Constraint('start_time', 'between', "'" . $_start_date . "' and '" . $_end_date . "'")); $sh->setFields(array('id', 'start_time', 'type', 'duration')); $sh->setOrderBy('start_time', 'ASC'); $hours->load($sh); } if (isset($this->_data['ajax'])) { $this->view->set('no_ordering', true); $this->view->set('collection', $hours); $this->view->set('showheading', true); $this->setTemplateName('datatable_inline'); } else { return $hours; } }