/**
* Redirect to url specified by U() function
* with param edit_url_back
*
* @return void
*/
function goBack($urlCode, $name = NULL, $extra = NULL)
{
$extra['edit_url_back'] = 1;
goU($urlCode, $name, $extra);
}
<?php
if (!MC('User')->canEditReceipts(me())) {
goU('receipts.list_real');
}
foreach ($_POST['data'] as $d) {
if (!isNull($obReceipt = M('Purchase')->receipt()->loadRealById($d['id']))) {
try {
if (isset($d['delete'])) {
$obReceipt->delete();
continue;
}
$d['btime'] = (@$d['h'] ? $d['h'] : '') . ':' . (@$d['i'] ? $d['i'] : '') . ':00';
$obReceipt->checked(@$d['bit_mask'] ? TRUE : FALSE);
$map = qw2('h i bit_mask');
foreach ($d as $name => $val) {
if ((!empty($val) || empty($val) && $name == 'discount_real') && !in_array($name, $map)) {
$obReceipt->{$name} = $val;
}
}
$obReceipt->save();
} catch (RM_Validator_Exception $e) {
$err = iterFirst($e->getResult()->getErrors());
error(L('receipt.receipt') . ' ' . $obReceipt->number . ': ' . L('receipt.' . $err['code']) . ' ' . L('receipt.' . $err['place']));
}
}
}
<?php
/*
Main authorization form.
@param int id sudo user id
*/
$INIT_NO_SUDO = 1;
require_once $_SERVER["ROOT_DIR"] . "/init.php";
$user_id = p('id');
$obRealUser = me();
if (!$user_id || isNull($obSudoUser = M('User')->loadUserById($user_id)) || !$obRealUser->id()) {
goU('main.http');
}
if (!$obRealUser->canSudoUnderUser($obSudoUser)) {
error(L('common.access_denied'));
goU('main.http');
}
$_SESSION['real_user'] = $obRealUser->id();
$_SESSION['sudo_user'] = $obSudoUser->id();
require_once "sudo.php";
if (isset($wentBack) && $wentBack) {
goU('main.https');
} else {
goU('main.http');
}
public static function onPermissionPassword()
{
error(L('common.password_required'));
goU('login', NULL, array('backurl' => url()));
}
<?php
/*
Delete barcode by id.
@param int id barcode id
*/
require_once $_SERVER["ROOT_DIR"] . "/init.php";
if (!MC('User')->checkAccessToCoding(me())) {
goU('main');
}
if (MC('User')->canDeleteBarcode(me())) {
if (isNull($obBarcode = M('Barcode')->loadBarcodeById(@$_GET['id']))) {
error('barcode.no_such_barcode');
} else {
if ($obBarcode->delete()) {
goU('report.barcode');
} else {
error(L('barcode.cannot_delete_barcode'));
}
}
}
goU('barcode', NULL, array('id' => @$_GET['id']));
error(L('common.access_denied'));
goU('main');
}
$obTicket = M('Ticket')->loadById(p('id'));
if (isNull($obTicket)) {
error(L('ticket.no_ticket', array('id' => p('id') ? ' (' . p('id') . ')' : '')));
goU('tickets');
}
// если региональный админ, то проверить, имеет ли он доступ к указанному сообщению
if (!MC('Ticket')->checkRegionAdminAccess(me(), $obTicket)) {
error(L('common.access_denied'));
goU('main');
}
if ($obTicket->isState('opened')) {
if (!isNull($obChanger = $obTicket->state()->getChanger())) {
$error = L('ticket.already_opened_by_user', array('user' => show('/user/inc/nick_light', array('obUser' => $obChanger), NULL, TRUE)));
} else {
$error = L('ticket.already_opened');
}
} else {
if (!$obTicket->state()->can('open')) {
$error = L('ticket.cannot_open');
}
}
if (!@$error) {
$obTicket->open(me());
} else {
error($error);
}
goU('tickets.branch', array('id' => $obTicket->id()));
<?php
/**
* Add new user by admin
*
*/
require_once $_SERVER["ROOT_DIR"] . "/init.php";
if (!me()->id()) {
goU('main');
}
if (!MC('User')->canAccessToAddProfile()) {
goU('main');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$data = $_POST;
if (($obUser = MC('User_Profile')->add($data)) && !isNull($obUser)) {
goU('user.profile', $obUser);
}
} else {
$data = MC('User_Profile')->getDefault();
}
show('user/profile/edit/admin', array('data' => $data, 'admin' => 1, 'action' => 'add'));
/**
* Add node
*/
require_once $_SERVER["ROOT_DIR"] . "/init.php";
if (!me()->id()) {
goU('main');
}
$data = $_POST;
if (isset($data['posted'])) {
if (@$data['name']) {
$tempMask = 0;
if ($data['parent_id'] == 0) {
$data['parent_id'] = NULL;
}
if (@$data['usage_mask']) {
foreach ($data['usage_mask'] as $item) {
$tempMask |= $item;
}
$data['usage_mask'] = $tempMask;
}
$obCatalogue = M('Purchase')->createCatalogue($data);
if ($obCatalogue->save()) {
goU('report.diary_control');
} else {
error(L('diary.cannot_add_node'));
}
} else {
error(L('diary.node_name_not_specified'));
}
}
show('reports/diary_control/add', array('data' => $data));
}
}
if (@$_POST['posted']) {
if (@$_GET['action'] == 'add') {
$obPresent = M('Presents')->createPresent(array());
}
try {
foreach ($data as $prop => $value) {
$obPresent->{$prop} = $value;
}
$obPresent->is_visible = @$data['is_visible'] ? 1 : 0;
$obPresent->is_exists = @$data['is_exists'] ? 1 : 0;
if ($obPresent->save()) {
if (!empty($_FILES['up_file']['name']) && empty($_FILES['up_file']['error'])) {
$obPresent->addFile('up_file', $_FILES['up_file']['name']);
}
if (count($obPresent->getFileList()) == 0) {
$res = M('Base')->result();
$res->error('no_picture');
throw new RM_Validator_Exception($res);
}
goU('presents.catalogue_presents');
}
} catch (RM_Validator_Exception $e) {
$err = iterFirst($e->getResult()->getErrors());
error(L('presents.' . $err['code'], array('place' => L('presents.' . $err['place']), 'value' => @$err['value'])));
} catch (RM_Permission_Exception_Denied $e) {
error(L('presents.access_denied'));
}
}
show('/presents/present/edit', array('action' => @$_GET['action'], 'obPresent' => @$_GET['action'] == 'edit' ? @$obPresent : NULL, 'data' => @$data));
public function finish(RM_Wizard_Result_Object $obResult)
{
$data = $this->getData($obResult);
$obBrick = $this->getSelectedBrick($obResult);
$added = 0;
$to_delete = array();
$to_add = array();
foreach (M('Gpc')->flavour_types() as $type) {
$flavours_exists = $this->getFlavoursForSelectedBrick($obResult, $type);
$flavours_needs = $this->strToLowerArray($data[$type]);
$to_delete[$type] = array_diff($flavours_exists, $flavours_needs);
$to_add[$type] = array_diff($flavours_needs, $flavours_exists);
// add
foreach ($flavours_needs as $flavour_name) {
if (isNull($obFlavour = M('Gpc')->loadFlavourByName($flavour_name))) {
$obFlavour = M('Gpc')->createFlavour(array('rus_name' => $flavour_name, 'eng_name' => $flavour_name, 'user_id' => me()->id()));
$obFlavour->save();
$added++;
}
$obBrick->addFlavour($obFlavour, $type);
}
// remove
foreach ($flavours_exists as $flavour_name) {
if (!in_array($flavour_name, $flavours_needs)) {
$obBrick->removeFlavour(M('Gpc')->loadFlavourByName($flavour_name), $type);
}
}
}
$message = '';
foreach (M('Gpc')->flavour_types() as $type) {
if ($to_delete[$type]) {
$message .= L('wizard.gpc_flavour_to_delete', array('flavour_type' => L('gpc.flavour_' . $type), 'list' => implode(', ', $to_delete[$type]))) . '<br>';
}
if ($to_add[$type]) {
$message .= L('wizard.gpc_flavour_to_add', array('flavour_type' => L('gpc.flavour_' . $type), 'list' => implode(', ', $to_add[$type]))) . '<br>';
}
}
if ($message) {
message($message);
}
goU('gpc.flavour.wizard');
}
<?php
/**
* Add user group
*/
require_once $_SERVER["ROOT_DIR"] . "/init.php";
if (!MC('User')->checkAccessGroupInterface(me())) {
goU('main');
}
$data = $_POST;
if (isset($data['posted'])) {
try {
$obGroup = M('User')->createGroup($data);
if ($obGroup->save()) {
goU('group.list');
}
} catch (RM_Validator_Exception $e) {
$error_map = array('name' => array('not_empty' => L('user.group_name_not_specified')), 'alias' => array('not_empty' => L('user.group_alias_not_specified'), 'group_alias' => L('user.group_alias_invalid'), 'group_alias_exists' => L('user.group_alias_exists')));
showErrors($e, $error_map);
}
}
show('/group/add', array('data' => $data));
<?php
/**
* Add shop type
*/
require_once $_SERVER["ROOT_DIR"] . "/init.php";
if (!me()->id()) {
goU('main');
}
$data = $_POST;
if (isset($data['posted'])) {
try {
$obShopType = M('Shop')->createShopType($data);
if ($obShopType->save()) {
goU('shop.type');
}
} catch (RM_Validator_Exception $e) {
foreach ($e->getResult()->getErrors() as $error) {
error(L('shop.' . $error['code']));
}
}
}
show('reports/shop/type_add', array('data' => $data));
<?php
require_once $_SERVER['ROOT_DIR'] . '/init.php';
if (!me()->isSuperAdmin()) {
goU('main');
}
$data = @split(',', @C('ticket.admin-notify'));
if (!is_array($data)) {
$data = array();
}
foreach ($data as $val) {
$val = trim($val);
if (!empty($val)) {
$arr['u'][] = $val;
}
}
goU('ticket.add', NULL, $arr);
$obResultAnswer->save();
}
}
}
// check result and redirect
if (!$obResult->isQuestionAnswered($obQuestion)) {
error(L('anketa.please_answer'));
goU('anketa.question', array($obQuestion, $obRespondent));
}
}
/*else
error('A wasn\'t changed!');*/
if (!isNull($obNextQuestion = $obResult->getNext($obQuestion)) || !isNull($obNextQuestion = $obResult->getNext())) {
goU('anketa.question', array($obNextQuestion, $obRespondent));
} else {
if (!$obResult->isComplete()) {
$obResult->setComplete();
MC('Anketa')->clearAlertCache(MC('Anketa')->getRealUser($obRespondent));
// баллы за прохождение анкеты
$params = array('anketa_id' => $obResult->getAnketa()->id(), 'anketa_name' => $obResult->getAnketa()->name, $obRespondent->getRespondentType() . '_id' => $obRespondent->getRespondentId(), $obRespondent->getRespondentType() . '_name' => $obRespondent->getRespondentName(), 'end_time' => $obResult->end_time);
$params['user_id'] = MC('Anketa')->getRealUser($obRespondent)->id();
M('Points')->anketaComplete($params);
// бонус за прохождение всех анкет
if (!MC('Anketa')->hasIncompleteAnketa(me())) {
M('Points')->allAnketaComplete(array('user_id' => MC('Anketa')->getRealUser($obRespondent)->id(), 'end_time' => $obResult->end_time));
}
message(L('anketa.thanks_for_complete'));
goU('anketa');
}
goU('anketa.view', array($obResult->getAnketa(), $obRespondent));
}
goU('presents.cart');
}
break;
case 'refresh':
if (@$data['quantity']) {
try {
if (!$obCart->setItemsQuantity($data['quantity'])) {
// can generate validator exception
error(L('presents.nopoints'));
}
$obCart->save();
} catch (RM_Validator_Exception $e) {
$err = iterFirst($e->getResult()->getErrors());
error(L('presents.' . $err['place']) . ' ' . L('presents.' . $err['code']));
}
}
break;
case 'remove_all':
$obCart = M('Presents')->getCartByUserOrCreate(me());
$obCart->clear();
$obCart->save();
goU('presents.cart');
break;
case 'order':
$obCart->order();
$obCart->save();
message(L('presents.order_ok'));
goU('presents.cart');
break;
}
show('/presents/cart', array('obCart' => $obCart));
}
MC('Report_Blank')->saveFiltersToSession();
}
// define and set filters from $_GET
MC('Report_Blank')->setFilters($list, $_GET, MC('List')->getDefaultFilters($report_id));
if (isset($_GET['sort']) && isset($_GET['order'])) {
$list->setSort($_GET['sort'], $_GET['order']);
}
// multiple mailing ---------------------------------------------------
if ($list->mailingAvailable() && isset($_GET['mailing'])) {
try {
$users = $list->getMailingList();
if ($users) {
$q = array();
$q['u'] = $users;
goU('ticket.add', NULL, $q);
}
} catch (RM_Base_Exception_BadUsage $e) {
error(L('mailing.too_many_users', array('c' => C('ticket.mail.max-multiple-users'))));
go(url(array('mailing' => NULL)));
}
}
// mailing ------------------------------------------------------------
if ($list->report_type == 'list') {
$tpl = 'list';
if ($list->only_filtered && !$list->getFilters()) {
$tpl = 'welcome';
}
} else {
$tpl = 'table';
}
<?php
require_once $_SERVER['ROOT_DIR'] . "/init.php";
if (!me()->isUserInGroup(array('federal-news', 'regional-news'))) {
error(L('common.access_denied'));
goU('main');
}
if ($_GET['action'] == 'add') {
$obNews = M('News')->createNews(array());
} elseif ($_GET['action'] == 'edit') {
if (isNull($obNews = M('News')->loadNewsById($_GET['id']))) {
error(L('news.no_record'));
goU('news.index');
}
}
if (isset($_POST['posted'])) {
//echo '<pre>';
//var_dump($_POST);
$_POST['data']['posted'] = $_POST['data']['posted']['d'] . '-' . $_POST['data']['posted']['m'] . '-' . $_POST['data']['posted']['y'];
$_POST['data']['is_published'] = @$_POST['data']['is_published'] ? 1 : 0;
foreach ($_POST['data'] as $k => $v) {
$obNews->{$k} = $v;
}
try {
$obNews->save();
goBack('news.index');
} catch (RM_Validator_Exception $e) {
$err = iterFirst($e->getResult()->getErrors());
//var_dump($err);
error(L('news.field', array('place' => L('news.' . $err['place']), 'code' => L('news.' . $err['code']))));
} catch (RM_Base_Exception_Result $e) {
<?php
require_once $_SERVER['ROOT_DIR'] . "/init.php";
if (!MC('User')->canAccessToEditPresents()) {
goU('main');
}
if (@$_GET['delete'] == 1) {
if (isNull($obCategory = M('Presents')->loadCategoryById($_GET['delete_id']))) {
error(L('presents.not_exists'));
goU('presents.catalogue_control');
}
try {
$obCategory->delete();
message(L('presents.deleted'));
goU('presents.catalogue_control');
} catch (RM_Validator_Exception $e) {
$err = iterFirst($e->getResult()->getErrors());
error(L('presents.' . $err['code'], array('place' => L('presents' . $err['place']))));
}
}
<?php
/*
Clear GSM terminal data
@param int del
*/
require_once $_SERVER["ROOT_DIR"] . "/init.php";
if (!MC('User')->checkAccessToGsm(me())) {
goU('main');
}
$tables = array('gsm' => 'panelie_gsm_data');
$query = M('Db')->createQuery($tables['gsm'], 'delete');
$query->execute();
goU('gsm.list');
<?php
require $_SERVER['ROOT_DIR'] . '/init.php';
if (!me()->id()) {
goU('main');
}
$user_id = p('user_id');
if (!$user_id || isNull($obUser = M('User')->loadUserById($user_id))) {
goU('main');
}
if (!MC('User')->canAccessToEditProfile($obUser)) {
goU('main');
}
MC('User_Family')->deletePerson(@$_GET['id']);
goU('user.family', array('user_id' => $obUser->id()));
<?php
require $_SERVER['ROOT_DIR'] . '/init.php';
if (!me()->id()) {
goU('main');
}
$user_id = p('user_id');
if (!$user_id || isNull($obUser = M('User')->loadUserById($user_id))) {
goU('main');
}
if (!MC('User')->canAccessToEditProfile($obUser)) {
goU('main');
}
MC('User_Family')->deletePet(@$_GET['id']);
goU('user.pets', array('user_id' => $obUser->id()));
<?php
require_once $_SERVER['ROOT_DIR'] . '/init.php';
if (!me()->id()) {
goU('main');
}
$user_id = $_GET['user_id'];
if (!$user_id || isNull($obUser = M('User')->loadUserById($user_id))) {
goU('main');
}
if (!MC('User')->canAccessToEditPoints($obUser)) {
error(L('common.access_denied'));
goU('main');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$obAccount = M('Points')->loadAccountByUserOrCreate($obUser);
$data['amount'] = @$_POST['data']['amount'];
$data['descr'] = @$_POST['data']['descr'];
$data['account_id'] = $obAccount->id();
$obPayment = M('Points')->createPayment($data);
try {
if ($obPayment->save()) {
message(L('points.saved'));
goU('user.points', array('user_id' => $obUser));
}
} catch (RM_Validator_Exception $e) {
$err = iterFirst($e->getResult()->getErrors());
error(L('points.' . $err['place'] . '_' . $err['code'], array('points' => C('point.group-limit'))));
}
}
show('user/points/edit', array('obUser' => $obUser, 'data' => @$_POST['data']));
<?php
if (!MC('User')->canEditReceipts(me())) {
goU('report.purchase');
}
foreach ($_POST['data'] as $d) {
if (!isNull($obPurchase = M('Purchase')->loadPurchaseById($d['id']))) {
if ($obPurchase->is_deleted) {
continue;
}
try {
if (isset($d['barcode_change']) && $d['barcode_change']) {
if (MC('Report_Purchase')->canChangeBarcode(me())) {
if ($d['barcode_change'] == 1) {
$d['barcode_value'] = M('Barcode')->getFakeBarcode()->value;
}
if ($d['barcode_change'] == 2 && ($obBarcode = $obPurchase->getBarcode(TRUE))) {
$obBarcodeSplited = M('Barcode')->splitBarcode($obBarcode, $d['corrected_name'], array($d['id']));
$d['barcode_value'] = $obBarcodeSplited->value;
list($purchaseQuery, $priceQuery) = M('Purchase')->move()->getQueriesForMovement($current['barcode_value'], $obBarcodeSplited, array($current['purchase_id']));
$purchaseQuery->execute();
$priceQuery->addToAsyncQueue();
}
}
unset($d['barcode_change']);
}
foreach ($d as $name => $val) {
if (!empty($val)) {
$obPurchase->{$name} = $val;
}
}
<?php
/**
* Edit own profile
*
* id int user identifier
*
*/
require_once $_SERVER["ROOT_DIR"] . "/init.php";
if (!me()->id()) {
goU('main');
}
$obUser = me();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$data = $_POST;
if (MC('User_Profile')->update($obUser, $data, FALSE)) {
goU('profile');
}
} else {
$data = MC('User_Profile')->prepareBeforeFillForm($obUser);
}
show('user/profile/edit/index', array('obUser' => $obUser, 'data' => $data, 'admin' => 0, 'action' => 'edit'));
<?php
/*
View own anketa result
*/
require_once $_SERVER["ROOT_DIR"] . "/init.php";
if (!me()->id()) {
goU('main');
}
if (isNull($obAnketa = M('Anketa')->loadAnketaById(p('aid')))) {
error(L('anketa.no_such_anketa'));
goU('anketa');
}
$obRespondent = $obAnketa->loadRespondentById(p('rid'));
// check access to anketa
if (!MC('Anketa')->checkAccess($obRespondent)) {
error(L('anketa.not_your_family'));
goU('anketa');
}
show("/anketa/view", array('obAnketa' => $obAnketa, 'obRespondent' => $obRespondent, 'obUser' => MC('Anketa')->getRealUser($obRespondent), 'admin' => 0));
<?php
require $_SERVER['ROOT_DIR'] . '/init.php';
$obUser = me();
if (!me()->id()) {
goU('main');
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$data = $_POST['data'];
if (!is_object($obPerson = MC('User_Family')->editPerson($obUser, $data))) {
goU('family');
}
}
if (@(!$obPerson)) {
$obPerson = isset($_GET['id']) ? M('User')->loadPersonById($_GET['id']) : M('User')->createPerson(array());
}
$add_title = array(0 => array('title' => L('user.' . p('action') . '_person') . ' ' . L('user.family_person'), 'link' => U('family.add', $obUser)));
show('/top', array('add_title' => $add_title, 'no_alert' => 1));
show('user/person/person', array('action' => p('action'), 'obUser' => $obUser, 'obPerson' => $obPerson, 'admin' => 0));
show('/bottom');
<?php
require_once "inc/init.php";
if (!empty($_GET['id'])) {
$obEntity = M('Forum')->loadById($_GET['id']);
if (isNull($obEntity)) {
error(L('forum.no_record'));
goU('forum.index');
}
$obEntityList = $obEntity->getBranch();
} else {
$obEntityList = M('Forum')->getThemeList();
}
# if only one theme available -> go into
if (!$admin && count($obEntityList) == 1 && iterFirst($obEntityList)->parent_id == 0) {
$obEntityList = iterFirst($obEntityList)->getChildren();
}
show("/forum/index", array('page_size' => 20, 'page' => p('page'), 'obEntityList' => $obEntityList, 'admin' => $admin));
}
// если был сделан телефонный звонок, то добавим эту запись в заметки администраторов
if ($obReply->phone_call) {
MC('Ticket')->addPhoneCallNote($obReply);
}
if (C('project.target') == 'production') {
M('Event')->notify('ticket.new', array("id" => $obReply->id()));
}
/* if ($admin)
message(L('ticket.successfully_posted'));
else
message(L('ticket.user_successfully_posted'));*/
if ($admin) {
goU('tickets.branch', array('id' => $obReply->id()));
} else {
goU('tickets');
}
//goU('messages');
} else {
error(L('ticket.cannot_create'));
}
} catch (RM_Validator_Exception $e) {
$error_map = array('body' => array('not_empty' => L('common.required_fields')));
showErrors($e, $error_map);
}
} else {
if ($admin && !$phone_call && !isNull($obRecipient)) {
$data['body'] = L('ticket.good_afternoon', array('name' => $obRecipient->getAddressTo()));
}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && @(!$result)) {
<?php
/*
List of all reports.
*/
require_once $_SERVER["ROOT_DIR"] . "/init.php";
if (!me()->id()) {
qoU('main');
}
if (!MC('User')->checkAccessReportList(me())) {
goU('main');
}
show("/reports/all", array('page_size' => 20, 'page' => p('page')));
<?php
/*
Add barcode.
*/
require_once $_SERVER["ROOT_DIR"] . "/init.php";
if (!MC('User')->checkAccessToCoding(me())) {
goU('main');
}
$data = array();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$data = $_REQUEST;
if (!@$data['barcode']) {
$error = 'barcode.please_specify_barcode';
} else {
if (!is_numeric($data['barcode'])) {
$error = 'barcode.wrong_barcode';
}
}
if (!@$error) {
if (isNull($obBarcode = M('Barcode')->loadBarcodeByValue($data['barcode']))) {
$obBarcode = MC('Barcode')->create(array('value' => $data['barcode']));
}
goU('barcode', NULL, array('value' => $obBarcode->value));
}
}
if (@$error) {
error(L($error));
}
show("/barcode/add", array('data' => $data));
