Example #1
0
function save_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk, $update = FALSE)
{
    $arrForm = createFieldForm($arrLang);
    $oForm = new paloForm($smarty, $arrForm);
    $pACL = new paloACL($pDB_2);
    $id_user = $pACL->getIdUser($_SESSION["elastix_user"]);
    $bandera = true;
    if (!$oForm->validateForm($_POST)) {
        // Falla la validación básica del formulario
        $smarty->assign("mb_title", $arrLang["Validation Error"]);
        $arrErrores = $oForm->arrErroresValidacion;
        $strErrorMsg = "<b>{$arrLang['The following fields contain errors']}:</b><br/>";
        if (is_array($arrErrores) && count($arrErrores) > 0) {
            foreach ($arrErrores as $k => $v) {
                $strErrorMsg .= "{$k}, ";
            }
        }
        $smarty->assign("mb_message", $strErrorMsg);
        $smarty->assign("REQUIRED_FIELD", $arrLang["Required field"]);
        $smarty->assign("SAVE", $arrLang["Save"]);
        $smarty->assign("CANCEL", $arrLang["Cancel"]);
        $smarty->assign("title", $arrLang["Address Book"]);
        $smarty->assign("new_contact", $arrLang["New Contact"]);
        $smarty->assign("address_from_csv", $arrLang["Address Book from CSV"]);
        $smarty->assign("private_contact", $arrLang["Private Contact"]);
        $smarty->assign("public_contact", $arrLang["Public Contact"]);
        if (isset($_POST['address_book_options']) && $_POST['address_book_options'] == 'address_from_csv') {
            $smarty->assign("check_csv", "checked");
        } else {
            $smarty->assign("check_new_contact", "checked");
        }
        if (isset($_POST['address_book_status']) && $_POST['address_book_status'] == 'isPrivate') {
            $smarty->assign("check_isPrivate", "checked");
        } else {
            $smarty->assign("check_isPublic", "checked");
        }
        $smarty->assign("SAVE", $arrLang["Save"]);
        $smarty->assign("CANCEL", $arrLang["Cancel"]);
        $smarty->assign("REQUIRED_FIELD", $arrLang["Required field"]);
        $smarty->assign("label_file", $arrLang["File"]);
        $smarty->assign("DOWNLOAD", $arrLang["Download Address Book"]);
        $smarty->assign("HeaderFile", $arrLang["Header File Address Book"]);
        $smarty->assign("AboutContacts", $arrLang["About Address Book"]);
        if ($update) {
            $_POST["edit"] = 'edit';
            return view_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
        } else {
            $smarty->assign("Show", 1);
            $smarty->assign("ShowImg", 1);
            $htmlForm = $oForm->fetchForm("{$local_templates_dir}/new_adress_book.tpl", $arrLang["Address Book"], $_POST);
            $contenidoModulo = "<form  method='POST' enctype='multipart/form-data' style='margin-bottom:0;' action='?menu={$module_name}'>" . $htmlForm . "</form>";
            return $contenidoModulo;
        }
    } else {
        $pictureUpload = $_FILES['picture']['name'];
        $file_upload = "";
        $ruta_destino = "/var/www/address_book_images";
        $idPost = $_POST['id'];
        $data = array();
        $padress_book = new paloAdressBook($pDB);
        $contactData = $padress_book->contactData($idPost, $id_user);
        $lastId = 0;
        if ($update) {
            $idImg = $contactData['id'];
        } else {
            $idImg = date("Ymdhis");
        }
        //valido el tipo de archivo
        if (isset($pictureUpload) && $pictureUpload != "") {
            // \w cualquier caracter, letra o guion bajo
            // \s cualquier espacio en blanco
            if (!preg_match("/^(\\w|-|\\.|\\(|\\)|\\s)+\\.(png|PNG|JPG|jpg|JPEG|jpeg)\$/", $pictureUpload)) {
                $smarty->assign("mb_title", $arrLang["Validation Error"]);
                $smarty->assign("mb_message", $arrLang["Invalid file extension.- It must be png or jpg or jpeg"]);
                if ($update) {
                    return view_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk, TRUE);
                } else {
                    return new_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
                }
            } else {
                if (is_uploaded_file($_FILES['picture']['tmp_name'])) {
                    $file_upload = basename($_FILES['picture']['tmp_name']);
                    // verificando que solo tenga la ruta al archivo
                    $file_name = basename("/tmp/" . $_FILES['picture']['name']);
                    $ruta_archivo = "/tmp/{$file_upload}";
                    $arrIm = explode(".", $pictureUpload);
                    $renameFile = "{$ruta_destino}/{$idImg}." . $arrIm[count($arrIm) - 1];
                    $file_upload = $idImg . "." . $arrIm[count($arrIm) - 1];
                    $filesize = $_FILES['picture']['size'];
                    $filetype = $_FILES['picture']['type'];
                    $sizeImgUp = getimagesize($ruta_archivo);
                    if (!$sizeImgUp) {
                        $smarty->assign("mb_title", $arrLang["ERROR"]);
                        $smarty->assign("mb_message", $arrLang["Possible file upload attack. Filename"] . " : " . $pictureUpload);
                        if ($update) {
                            return view_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk, TRUE);
                        } else {
                            return new_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
                        }
                    }
                    //realizar acciones
                    if (!rename($ruta_archivo, $renameFile)) {
                        $smarty->assign("mb_title", $arrLang["ERROR"]);
                        $smarty->assign("mb_message", $arrLang["Error to Upload"] . " : " . $pictureUpload);
                        if ($update) {
                            return view_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk, TRUE);
                        } else {
                            return new_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
                        }
                    } else {
                        //redimensiono la imagen
                        $ancho_thumbnail = 48;
                        $alto_thumbnail = 48;
                        $thumbnail_path = $ruta_destino . "/{$idImg}" . "_Thumbnail." . $arrIm[count($arrIm) - 1];
                        if (is_file($renameFile)) {
                            if (!redimensionarImagen($renameFile, $thumbnail_path, $ancho_thumbnail, $alto_thumbnail)) {
                                $smarty->assign("mb_title", $arrLang["ERROR"]);
                                $smarty->assign("mb_message", $arrLang["Possible file upload attack. Filename"] . " : " . $pictureUpload);
                                if ($update) {
                                    return view_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk, TRUE);
                                } else {
                                    return new_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
                                }
                            }
                        }
                        $ancho = 280;
                        $alto = 200;
                        if (is_file($renameFile)) {
                            if (!redimensionarImagen($renameFile, $renameFile, $ancho, $alto)) {
                                $smarty->assign("mb_title", $arrLang["ERROR"]);
                                $smarty->assign("mb_message", $arrLang["Possible file upload attack. Filename"] . " : " . $pictureUpload);
                                if ($update) {
                                    return view_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk, TRUE);
                                } else {
                                    return new_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
                                }
                            }
                        }
                    }
                } else {
                    $smarty->assign("mb_title", $arrLang["ERROR"]);
                    $smarty->assign("mb_message", $arrLang["Possible file upload attack. Filename"] . " : " . $pictureUpload);
                    if ($update) {
                        return view_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk, TRUE);
                    } else {
                        return new_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
                    }
                }
            }
        }
        $namedb = isset($_POST['name']) ? $_POST['name'] : "";
        $last_namedb = isset($_POST['last_name']) ? $_POST['last_name'] : "";
        $telefonodb = isset($_POST['telefono']) ? $_POST['telefono'] : "";
        //$extensiondb  = isset($_POST['extension'])?$_POST['extension']:"";
        $emaildb = isset($_POST['email']) ? $_POST['email'] : "";
        $iduserdb = isset($id_user) ? "{$id_user}" : "";
        $picturedb = isset($file_upload) ? "{$file_upload}" : "";
        $addressdb = isset($_POST['address']) ? $_POST['address'] : "";
        $companydb = isset($_POST['company']) ? $_POST['company'] : "";
        $notesdb = isset($_POST['notes']) ? $_POST['notes'] : "";
        $statusdb = isset($_POST['address_book_status']) ? $_POST['address_book_status'] : "";
        $data = array($namedb, $last_namedb, $telefonodb, $emaildb, $iduserdb, $picturedb, $addressdb, $companydb, $notesdb, $statusdb);
        if ($update) {
            // actualizacion del contacto
            if ($contactData) {
                if ($file_upload == "") {
                    $data[5] = $contactData['picture'];
                }
                $result = $padress_book->updateContact($data, $_POST['id']);
                if (!$result) {
                    $smarty->assign("mb_title", $arrLang["Validation Error"]);
                    $smarty->assign("mb_message", $arrLang["Internal Error"]);
                    return report_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
                }
            } else {
                $smarty->assign("mb_title", $arrLang["Validation Error"]);
                $smarty->assign("mb_message", $arrLang["Internal Error"]);
                return report_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
            }
        } else {
            //// creacion de contacto
            $result = $padress_book->addContact($data);
            if (!$result) {
                $smarty->assign("mb_title", $arrLang["Validation Error"]);
                $smarty->assign("mb_message", $arrLang["Internal Error"]);
                return new_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
            }
            $lastId = $pDB->getLastInsertId();
            $contactData2 = $padress_book->contactData($lastId, $id_user);
            if ($contactData2['picture'] != "" && isset($contactData2['picture'])) {
                $arrIm = explode(".", $contactData2['picture']);
                $renameFile = "{$ruta_destino}/" . $lastId . "." . $arrIm[count($arrIm) - 1];
                $file_upload = $lastId . "." . $arrIm[count($arrIm) - 1];
                rename($ruta_destino . "/" . $contactData2['picture'], $renameFile);
                rename($ruta_destino . "/" . $idImg . "_Thumbnail." . $arrIm[count($arrIm) - 1], $ruta_destino . "/" . $lastId . "_Thumbnail." . $arrIm[count($arrIm) - 1]);
                $data[5] = $file_upload;
                $padress_book->updateContact($data, $lastId);
            }
        }
        if (!$result) {
            return $pDB->errMsg;
        }
        //'?menu=$module_name&action=show&id=".$adress_book['id']."'
        if ($_POST['id']) {
            header("Location: ?menu={$module_name}&action=show&id=" . $_POST['id']);
        } else {
            header("Location: ?menu={$module_name}");
        }
    }
}
Example #2
0
function save_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk, $update = FALSE)
{
    $arrForm = createFieldForm($pDB_2);
    $oForm = new paloForm($smarty, $arrForm);
    if (isset($_GET['id']) && !ctype_digit($_GET['id'])) {
        unset($_GET['id']);
    }
    if (isset($_POST['id']) && !ctype_digit($_POST['id'])) {
        unset($_POST['id']);
    }
    if (false) {
        //(!$oForm->validateForm($_POST)) {
        // Falla la validación básica del formulario
        $smarty->assign("mb_title", "Kiểm tra:");
        $arrErrores = $oForm->arrErroresValidacion;
        $strErrorMsg = "<b>Các trường sau có lỗi:</b> ";
        if (is_array($arrErrores) && count($arrErrores) > 0) {
            foreach ($arrErrores as $k => $v) {
                $strErrorMsg .= "{$k}, ";
            }
        }
        $smarty->assign("mb_message", $strErrorMsg);
        $smarty->assign("REQUIRED_FIELD", "Bắt buộc");
        $smarty->assign("SAVE", "Lưu");
        $smarty->assign("CANCEL", "Hủy bỏ");
        $smarty->assign("title", "Thông tin khách hàng");
        if (isset($_POST['customer_type'])) {
            switch ($_POST['customer_type']) {
                case '0':
                    $smarty->assign("check_0", "checked");
                    break;
                case '1':
                    $smarty->assign("check_1", "checked");
                    break;
                case '2':
                    $smarty->assign("check_2", "checked");
                    break;
                case '3':
                    $smarty->assign("check_3", "checked");
                    break;
                default:
                    break;
            }
        }
        if ($update) {
            $_POST["edit"] = 'edit';
            return view_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
        } else {
            $smarty->assign("Show", 1);
            $htmlForm = $oForm->fetchForm("{$local_templates_dir}/new_adress_book.tpl", "Thông tin khách hàng", $_POST);
            $contenidoModulo = "<form  method='POST' enctype='multipart/form-data' style='margin-bottom:0;' action='?menu={$module_name}'>" . $htmlForm . "</form>";
            return $contenidoModulo;
        }
    } else {
        //NO HAY ERRORES
        $idPost = getParameter('id');
        $padress_book = new paloAdressBook($pDB);
        $contactData = $padress_book->contactData($idPost);
        $type = getParameter('customer_type');
        if ($type == '0' || $type == '1') {
            $phone = getParameter('phone');
            $data = array('customer_code' => getParameter('customer_code'), 'firstname' => getParameter('firstname'), 'lastname' => getParameter('lastname'), 'birthday' => date('Y-m-d', strtotime(getParameter('birthday'))), 'birthplace' => getParameter('birthplace'), 'cmnd' => getParameter('cmnd'), 'passport' => getParameter('passport'), 'address' => getParameter('address'), 'company' => getParameter('company'), 'email' => getParameter('email'), 'agent_id' => getParameter('booker'), 'sale' => getParameter('sale'), 'payment_type' => getParameter('payment_type'), 'accountant' => getParameter('accountant'), 'membership' => getParameter('membership'), 'customer_phone' => explode("\n", trim($phone)));
        } else {
            $data = array('customer_code' => getParameter('company_code'), 'firstname' => getParameter('company_name'), 'agent_id' => getParameter('company_booker'), 'sale' => getParameter('company_sale'), 'accountant' => getParameter('company_accountant'), 'address' => getParameter('company_address'), 'membership' => getParameter('company_membership'), 'payment_type' => getParameter('company_pay_type'), 'contact_name' => getParameter('contact_name'), 'contact_phone' => getParameter('contact_phone'), 'contact_email' => getParameter('contact_email'));
        }
        if ($update && isset($contactData['id'])) {
            // actualizacion del contacto
            if ($contactData) {
                $idt = $contactData['id'];
                $result = $padress_book->updateContact($data, $type, $idt);
                if (!$result) {
                    $smarty->assign("mb_title", "Lỗi database");
                    $smarty->assign("mb_message", $padress_book->errMsg);
                    return report_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
                }
            } else {
                $smarty->assign("mb_title", $arrLang["Validation Error"]);
                $smarty->assign("mb_message", $arrLang["Internal Error"]);
                return report_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
            }
        } else {
            //// creacion de contacto
            $result = $padress_book->addContact($data, $type);
            if (!$result) {
                $smarty->assign("mb_title", "Lỗi");
                $smarty->assign("mb_message", $padress_book->errMsg);
                return new_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
            }
        }
        if (!$result) {
            return $pDB->errMsg;
        }
        if ($_POST['id']) {
            header("Location: ?menu={$module_name}&action=show&id=" . $_POST['id']);
        } else {
            header("Location: ?menu={$module_name}");
        }
    }
}
Example #3
0
function save_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk, $update = FALSE)
{
    $arrForm = createFieldForm();
    $oForm = new paloForm($smarty, $arrForm);
    if (isset($_GET['id']) && !ctype_digit($_GET['id'])) {
        unset($_GET['id']);
    }
    if (isset($_POST['id']) && !ctype_digit($_POST['id'])) {
        unset($_POST['id']);
    }
    if (!$oForm->validateForm($_POST)) {
        // Falla la validación básica del formulario
        $smarty->assign("mb_title", "Lỗi");
        $arrErrores = $oForm->arrErroresValidacion;
        $strErrorMsg = "<b>Các trường sau có lỗi:</b><br/>";
        if (is_array($arrErrores) && count($arrErrores) > 0) {
            foreach ($arrErrores as $k => $v) {
                $strErrorMsg .= "{$k}, ";
            }
        }
        $smarty->assign("mb_message", $strErrorMsg);
        $smarty->assign("REQUIRED_FIELD", "Bắt buộc nhập");
        $smarty->assign("SAVE", "Lưu");
        $smarty->assign("CANCEL", "Hủy bỏ");
        $smarty->assign("title", "Danh bạ điện thoại");
        if ($update) {
            $_POST["edit"] = 'edit';
            return view_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
        } else {
            $smarty->assign("Show", 1);
            $smarty->assign("ShowImg", 1);
            $htmlForm = $oForm->fetchForm("{$local_templates_dir}/new.tpl", "Danh bạ điện thoại", $_POST);
            $contenidoModulo = "<form  method='POST' enctype='multipart/form-data' style='margin-bottom:0;' action='?menu={$module_name}'>" . $htmlForm . "</form>";
            return $contenidoModulo;
        }
    } else {
        //NO HAY ERRORES
        $idPost = getParameter('id');
        $padress_book = new paloPhoneBook($pDB);
        $contactData = $padress_book->contactData($idPost);
        $firstname = getParameter('firstname');
        $lastname = getParameter('lastname');
        $department = getParameter('department');
        $company_mobile = getParameter('company_mobile');
        $mobile = getParameter('mobile');
        $extension = getParameter('extension');
        $email = getParameter('email');
        $note = getParameter('note');
        $data = array($firstname, $lastname, $department, $company_mobile, $mobile, $extension, $email, $note);
        if ($update && isset($contactData['id'])) {
            // actualizacion del contacto
            if ($contactData) {
                $idt = $contactData['id'];
                $result = $padress_book->updateContact($data, $idt);
                if (!$result) {
                    $smarty->assign("mb_title", "Lỗi database");
                    $smarty->assign("mb_message", $padress_book->errMsg);
                    return report_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
                }
            } else {
                $smarty->assign("mb_title", $arrLang["Validation Error"]);
                $smarty->assign("mb_message", $arrLang["Internal Error"]);
                return report_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
            }
        } else {
            //// creacion de contacto
            $result = $padress_book->addContact($data);
            if (!$result) {
                $smarty->assign("mb_title", "Lỗi");
                $smarty->assign("mb_message", $padress_book->errMsg);
                return new_adress_book($smarty, $module_name, $local_templates_dir, $pDB, $pDB_2, $arrLang, $arrConf, $dsn_agi_manager, $dsnAsterisk);
            }
        }
        if (!$result) {
            return $pDB->errMsg;
        }
        //if($_POST['id'])
        //    header("Location: ?menu=$module_name&action=show&type=$directory&id=".$_POST['id']);
        //else
        header("Location: ?menu={$module_name}");
    }
}