/**
  * Display a listing of the resource.
  *
  * @return Response
  */
 public function index()
 {
     if ($this->user->employee->canApproveSpecialLeave()) {
         if ($this->user->isAdmin()) {
             $employee_leaves = EmployeeSpecialLeave::approved()->get();
         } else {
             $employee_leaves = $this->user->employee->special_leave_recommending_approvals->merge($this->user->employee->special_leave_approved_by);
         }
         return view('leaves.special.employee_leaves')->with(compact('employee_leaves'));
     }
     abort(403);
 }
Example #2
0
 public static function getModule($module)
 {
     $auth = new Auth();
     $mod = new Module();
     $url = new URL();
     $config = new Config();
     $pm = new PageManager();
     if ($url->getRequestedFunction() == 'angular') {
         if (!isset($mod->moduleRegister[$module]) && !is_file(realpath(root . DS . "views" . DS) . "/" . $module . ".php") && !$pm->isPage($module)) {
             return 'error';
         } else {
             if (!$auth->isAdmin() && (isset($mod->moduleRegister[$module][1]) && $mod->moduleRegister[$module][1] == 'admin')) {
                 return 'login';
             } else {
                 if (is_file(realpath(root . DS . "views" . DS) . "/" . $module . ".php")) {
                     return $module;
                 } else {
                     if ($pm->isPage($module)) {
                         return $pm->deaultPage;
                     }
                 }
             }
         }
     } else {
         if (!isset($mod->moduleRegister[$module]) && !is_file(realpath(root . DS . "views" . DS) . "/" . $module . ".php")) {
             return 'index';
         } else {
             if (isset($mod->moduleRegister[$module]) && !isset($mod->moduleRegister[$module][1])) {
                 return 'index';
             } else {
                 if (!$auth->isAdmin() && isset($mod->moduleRegister[$module][1]) && $mod->moduleRegister[$module][1] == 'admin') {
                     if ($auth->isItAuthUser()) {
                         return 'error';
                     } else {
                         header("Location:" . $config->site_address . "login");
                         return 'login';
                     }
                 } else {
                     if ($auth->isItAuthUser() && (isset($mod->moduleRegister[$module][1]) && ($mod->moduleRegister[$module][1] == 'auth' || $mod->moduleRegister[$module][1] == 'admin'))) {
                         return 'dashboard';
                     } else {
                         if (is_file(realpath(root . DS . "views" . DS) . "/" . $module . ".php")) {
                             return $module;
                         }
                     }
                 }
             }
         }
     }
     return $mod->moduleRegister[$module][0];
 }
Example #3
0
 /**
  * Affiche la liste des instances de la class du modèle associé $model
  * @see BaseController::index()
  */
 public function index($message = null)
 {
     global $config;
     $baseHref = get_class($this);
     if (isset($message)) {
         if (is_string($message)) {
             $message = new DisplayedMessage($message);
         }
         $message->setTimerInterval($this->messageTimerInterval);
         $this->_showDisplayedMessage($message);
     }
     $objects = DAO::getAll($this->model);
     echo "<table class='table table-striped'>";
     echo "<thead><tr> " . $this->model . "</thead>";
     echo "<div id='searchbar'>\n\t\t\n                <form method='get' action='127.0.0.1/helpdesk/views/faqs/search.php'>\n               <input class='champ' type='text' value=''/>\n                    <input class='bouton' type='button' value='search ' />\n           \n                </form>\n                </div><br>";
     echo "<tbody>";
     foreach ($objects as $object) {
         echo "<tr>";
         echo "<td><a href= '" . $baseHref . "/view/" . $object->getId() . "'>{$object}</a> </td>";
         if (Auth::isAdmin() == 1) {
             echo "<td class='td-center'><a class='btn btn-primary btn-xs' href='" . $baseHref . "/frmUpdate/" . $object->getId() . "'><span class='glyphicon glyphicon-edit' aria-hidden='true'></span></a></td>" . "<td class='td-center'><a class='btn btn-warning btn-xs' href='" . $baseHref . "/delete/" . $object->getId() . "'><span class='glyphicon glyphicon-remove' aria-hidden='true'></span></a></td>";
         }
         echo "</tr>";
     }
     echo "</tbody>";
     echo "</table>";
     if (Auth::isAdmin() == 1) {
         echo "<a class='btn btn-primary' href='" . $config["siteUrl"] . $baseHref . "/frm'>Ajouter...</a>";
     }
 }
Example #4
0
 /**
  * Affiche la liste des instances de la class du modèle associé $model
  * @see BaseController::index()
  */
 public function index($message = null)
 {
     global $config;
     $baseHref = get_class($this);
     if (isset($message)) {
         if (is_string($message)) {
             $message = new DisplayedMessage($message);
         }
         $message->setTimerInterval($this->messageTimerInterval);
         $this->_showDisplayedMessage($message);
     }
     $objects = DAO::getAll($this->model);
     if ($this->title == "Tickets") {
         echo "<table class='table table-condensed'>";
         echo "<thead><tr><th>Mes tickets</th><th>Nombres</th></tr></thead>" . "<tbody><tr class='info'><td>Nouveau</td><td>" . $this->NombreTicketNouveau() . "</td></tr>\n\t\t\t\t<tr class='warning'><td>En attente</td><td>" . $this->NombreTicketAttente() . "</td></tr>\n\t\t\t\t<tr class='active'><td>Attribué</td><td>" . $this->NombreTicketAttribuer() . "</td></tr>\n\t\t\t\t<tr class='success'><td>Résolu</td><td>" . $this->NombreTicketResolu() . "</td></tr></tbody></table>";
     }
     echo "<table class='table table-striped'>";
     echo "<thead><tr> " . $this->model . "</thead>";
     echo "<tbody>";
     foreach ($objects as $object) {
         echo "<tr>";
         echo "<td><a href= '" . $baseHref . "/view/" . $object->getId() . "'>{$object}</a> </td>";
         echo "<td class='td-center'><a class='btn btn-primary btn-xs' href='" . $baseHref . "/frmUpdate/" . $object->getId() . "'><span class='glyphicon glyphicon-edit' aria-hidden='true'></span></a></td>";
         if (Auth::isAdmin() == 1) {
             echo "<td class='td-center'><a class='btn btn-default btn-xs' title='Modifier le statut' href='" . $baseHref . "/frmUstat/" . $object->getId() . "'><span class='glyphicon glyphicon-pencil' aria-hidden='true'></span></a></td>" . "<td class='td-center'><a class='btn btn-warning btn-xs' href='" . $baseHref . "/delete/" . $object->getId() . "'><span class='glyphicon glyphicon-remove' aria-hidden='true'></span></a></td>";
         }
         echo "</tr>";
     }
     echo "</tbody>";
     echo "</table>";
     echo "<a class='btn btn-primary' href='" . $config["siteUrl"] . $baseHref . "/frm'>Ajouter...</a>";
 }
 /**
  * Get vote(s)
  * 
  * Call examples :
  *  /vote?filterOp[surver_id][equals]=azerty : get all survey votes
  *  /vote/<id> : get vote from its id
  * 
  * @param int $id vote id
  * 
  * @return mixed
  * 
  * @throws RestBadParameterException
  * @throws RestOwnershipRequiredException
  * @throws RestVoteNotFoundException
  * @throws RestSurveyNotFoundException
  * @throws RestNotAllowedException
  */
 public static function get($id = null)
 {
     if ($id) {
         // Trying to get a single vote
         try {
             $vote = Vote::fromId($id);
         } catch (NotFoundException $e) {
             throw new RestVoteNotFoundException($id);
         }
         // Check permission
         if (!$vote->author->is(Auth::user()) && !$vote->survey->owner->is(Auth::user()) && !Auth::isAdmin()) {
             throw new RestOwnershipRequiredException(Auth::user()->id, 'vote = ' . $vote->id);
         }
         return self::cast($vote);
     }
     // Not a single vote ? Must be survey votes then
     $request = RestServer::getRequest();
     if (!$request->filterOp || !array_key_exists('survey_id', $request->filterOp) || !array_key_exists('equals', $request->filterOp['survey_id'])) {
         throw new RestBadParameterException('filterOp[survey_id][equals]');
     }
     $survey = Survey::fromId($request->filterOp['survey_id']['equals']);
     // Check permissions
     if (!$survey->can->view || !$survey->can->view_votes) {
         throw new RestNotAllowedException('view votes of survey ' . $survey->id);
     }
     return array_map(function ($vote) {
         return self::cast($vote);
     }, array_values($survey->votes));
 }
 public function dataForGraph($date, $whitchServer = 0)
 {
     if (Auth::isAdmin(App::$instance)) {
         $settings = new Settings_controller();
         $getServerData = $settings->getServerParam($whitchServer);
         $serverMaxLoad = $getServerData['capacity'];
         $timeSpot1 = date_create($date);
         //        dump($date);
         //prepare return array
         $result = [];
         //fill array with timespans
         //put time to beginning of working day
         $timeSpot1->setTime(8, 0);
         //define end of the day
         $endOfTheDay = clone $timeSpot1;
         $endOfTheDay->setTime(20, 0);
         //begin rollin
         while ($timeSpot1 != $endOfTheDay) {
             $timeSpot2 = clone $timeSpot1;
             $timeSpot1->modify("+15 minutes");
             $loadCounter = $this->getLoadAtPeriod($timeSpot1, $timeSpot2, $whitchServer);
             $resultPhp['times'][] = $timeSpot2->format("H:i");
             $resultPhp['counters'][] = $loadCounter;
             $resultPhp['percents'][] = $this->calculateLoad($loadCounter, $serverMaxLoad);
         }
         return $resultPhp;
     } else {
         return [];
     }
 }
 public function defaultAction()
 {
     if (!Auth::isAdmin()) {
         $this->accessDenied();
         return;
     }
 }
Example #8
0
 /**
  * Affiche la liste des instances de la class du modèle associé $model
  * @see BaseController::index()
  */
 public function index($message = null)
 {
     global $config;
     $baseHref = get_class($this);
     if (isset($message)) {
         if (is_string($message)) {
             $message = new DisplayedMessage($message);
         }
         $message->setTimerInterval($this->messageTimerInterval);
         $this->_showDisplayedMessage($message);
     }
     $objects = DAO::getAll($this->model);
     echo "<table class='table table-striped'>";
     echo "<thead><tr> " . $this->model . "</thead>";
     echo "<tbody>";
     foreach ($objects as $object) {
         echo "<tr>";
         echo "<td><a href= '" . $baseHref . "/view/" . $object->getId() . "'>{$object}</a> </td>";
         if (Auth::isAdmin() == 1) {
             echo "<td class='td-center'><a class='btn btn-primary btn-xs' href='" . $baseHref . "/frmUpdate/" . $object->getId() . "'><span class='glyphicon glyphicon-edit' aria-hidden='true'></span></a></td>" . "<td class='td-center'><a class='btn btn-warning btn-xs' href='" . $baseHref . "/delete/" . $object->getId() . "'><span class='glyphicon glyphicon-remove' aria-hidden='true'></span></a></td>";
         }
         echo "</tr>";
     }
     echo "</tbody>";
     echo "</table>";
     if (Auth::isAdmin() == 1) {
         echo "<a class='btn btn-primary' href='" . $config["siteUrl"] . $baseHref . "/frm'>Ajouter...</a>";
     }
 }
Example #9
0
 /**
  * The index action is the default action of this Wall Module. It prepares the widget
  * wall of the user and render the view according to its preferences.
  *
  * If the current user is not authenticated, it will be redirected to the users/index
  * action that will allows you to acces the login form of the application.
  *
  */
 public function index($continuePurchase = false, $langage = null, $forcebrowser = false)
 {
     # Try to force users to use firefox
     //		if(isset($_SESSION['forcebrowser']) && $_SESSION['forcebrowser'] == true){
     //			$forcebrowser = true;
     //		}
     //		if(!ereg("Firefox/",$_SERVER['HTTP_USER_AGENT']) && !$forcebrowser){
     //			require(DefaultFC::getView('compatibility.tpl'));
     //			die();
     //		}else{
     //			$_SESSION['forcebrowser'] = true;
     //		}
     if (Auth::isAuth()) {
         // Determine if the 'category widget' is installed.
         if (Widgets::isInstalled('categoryList')) {
             $widgetCategory = array('id' => 'categoryList', 'name' => 'Widget Categories');
         }
         // Determine if the 'tag cloud widget' is installed.
         if (Widgets::isInstalled('tagCloud')) {
             $widgetCloud = array('id' => 'tagCloud', 'name' => 'Widget Tag Cloud');
         }
         // Determine if the view must allow the user to manage widgets.
         $widgetManagement = false;
         if (Auth::isAdmin() || Auth::isGod()) {
             $widgetManagement = true;
         }
         // Determine if the view must show the list of installed widgets or
         // a link to the PALETTE Service Browser.
         $useServiceBrowser = USE_SERVICE_BROWSER;
         $serviceBrowserURI = USE_SERVICE_BROWSER ? SERVICE_BROWSER_URI . 'index.php/Services/Widgets?num=1' : null;
         require DefaultFC::getView('index.tpl');
     } else {
         DefaultFC::redirection('users/index?ref=wall');
     }
 }
Example #10
0
 public function access()
 {
     if (!Auth::isLogged()) {
         $this->redirect("/login");
     }
     if (!Auth::isAdmin()) {
         Error::httpError(403);
     }
 }
Example #11
0
/**
* Return if the user can access the update page
* @param User $user the user to evaluate
* @param string $function the requested function
* @return if the user can access the update page
*/
function validate_function(&$user, $function)
{
    if (Auth::isAdmin() || $user->get_isadmin()) {
        return true;
    }
    if ($function == 'editPerms' || $function == 'resetPass') {
        return $user->is_group_admin();
    }
    return false;
}
Example #12
0
	public function frm($id=NULL){
		if(Auth::isAdmin() || ($id == Auth::getUser()->getId())){
			$user=$this->getInstance($id);
			$groups = DAO::getAll("Groupe");
			$listGrp=Gui::select($groups,$user->getGroupe()->getId(),"Sélectionner un Groupe ...");
			$this->loadView("user/vAdd",array("user"=>$user, "groups"=>$listGrp));
		}else{
			$this->forward("users");
		}
	}
 public function defaultAction()
 {
     if (!Auth::isAdmin()) {
         $this->accessDenied();
         return;
     }
     $pages = new Pages();
     $this->view->assign('pagetree', $pages->getChildren());
     $this->view->assign('settings', Settings::getAll());
 }
 public function approve($request, $response)
 {
     if (Auth::isAdmin()) {
         $leave = Leave::findOrFail($request->id);
         $leave->active_token = true;
         $leave->save();
         return $response->redirect('/dashboard/leave/index', $code = 302);
     } else {
         return $response->redirect('/dashboard/leave/index', $code = 302);
     }
 }
 static function MenuChanger()
 {
     if (Auth::isAdmin(App::$instance)) {
         ST::deployTemplate('menus/admin.inc');
     } else {
         ST::deployTemplate('menus/user.inc');
     }
     //под меню добавить слушателя сообщений
     ExceptionHandler::messageException();
     //выдать путь для js, $init должен быть инициирован выше
     ST::setVarPhptoJS(App::$instance->opt->appHttpPath, "appHttpPath");
 }
 public function userIsAuthorized($action)
 {
     // Nur Administratoren d�rfen die Einstellungen �ndern
     $result = parent::userIsAuthorized($action);
     if ($result === true) {
         if (!Auth::isAdmin()) {
             $this->error(self::RESULT_ERROR_NOT_AUHTORIZED);
             $result = false;
         }
     }
     return $result;
 }
Example #17
0
 public function nouveauMess()
 {
     $contenu = $_POST['newMess'];
     $user = $_POST['idUser'];
     $ticket = $_POST['idTicket'];
     DAO::$db->execute("INSERT INTO message(id,contenu,idUser,idTicket) VALUES('','" . $contenu . "'," . $user . "," . $ticket . ")");
     if (Auth::isAdmin()) {
         $obj = DAO::getOne("ticket", "id=" . $ticket);
         $obj->setIdAdmin(Auth::getUser()->getId());
         DAO::update($obj);
     }
     $this->forward("Tickets", "frm2", $ticket);
 }
Example #18
0
 static function getMessage($force = false)
 {
     $msg_list = array();
     $auth = new Auth();
     if (!$auth->isAdmin() && $force == false) {
         return false;
     }
     if (isset($_SESSION['msg']) || !empty($_SESSION['msg'])) {
         $msg_list = explode("{{next}}", $_SESSION['msg']);
     }
     $_SESSION['msg'] = "";
     return $msg_list;
 }
Example #19
0
 public static function getModule($module)
 {
     $auth = new Auth();
     $mod = new Module();
     $url = new URL();
     if ($url->getRequestedFunction() == 'angular') {
         if (!isset($mod->moduleRegister[$module])) {
             return 'error';
         } else {
             if (!$auth->isAdmin() && (isset($mod->moduleRegister[$module][1]) && $mod->moduleRegister[$module][1] == 'admin')) {
                 return 'login';
             }
         }
     } else {
         if (!isset($mod->moduleRegister[$module])) {
             return 'error';
         } else {
             if (!isset($mod->moduleRegister[$module][1])) {
                 return 'index';
             } else {
                 if (!$auth->isAdmin() && isset($mod->moduleRegister[$module][1]) && $mod->moduleRegister[$module][1] == 'admin') {
                     if ($auth->isItAuthUser()) {
                         return 'error';
                     } else {
                         return 'index';
                     }
                 } else {
                     if ($auth->isItAuthUser() && (isset($mod->moduleRegister[$module][1]) && ($mod->moduleRegister[$module][1] == 'auth' || $mod->moduleRegister[$module][1] == 'admin'))) {
                         return 'dashboard';
                     }
                 }
             }
         }
     }
     return $mod->moduleRegister[$module][0];
 }
Example #20
0
 function getMenu($type = 'object')
 {
     global $conf, $registry;
     require_once 'Horde/Menu.php';
     $menu =& new Menu();
     if (Auth::isAdmin('nwadmin:admin')) {
         $menu->add(Horde::applicationUrl('start.php'), _("Run"), 'reload.png', $registry->getImageDir('horde'));
         $menu->add(Horde::applicationUrl('player.php'), _("Players"), 'user.png', $registry->getImageDir('horde'));
     }
     $menu->add(Horde::applicationUrl('server.php'), _("Server Settings"), 'map_eu.png', $registry->getImageDir('horde'));
     $menu->add(Horde::applicationUrl('module.php'), _("Modules"), 'download.png', $registry->getImageDir('horde'));
     $menu->add(Horde::applicationUrl('savegame.php'), _("Saved Games"), 'data.png', $registry->getImageDir('horde'));
     if ($type == 'object') {
         return $menu;
     }
     return $menu->render();
 }
Example #21
0
/**
 * Builds the menu structure depending on application permissions.
 */
function buildMenu()
{
    global $registry, $perms;
    $children = array();
    foreach ($registry->applications as $app => $params) {
        if (isset($params['menu_parent'])) {
            /* Make sure the is a $children entry for each parent
             * group. */
            if (!isset($children[$params['menu_parent']])) {
                $children[$params['menu_parent']] = array();
            }
        }
        /* Check if the current user has permisson to see this
         * application, and if the application is
         * active. Administrators always see all applications. Anyone
         * with SHOW permissions can see an application, but READ is
         * needed to actually use the application. You can use this
         * distinction to show applications to guests that they need
         * to log in to use. If you don't want them to see apps they
         * can't use, then don't give guests SHOW permissions to
         * anything. */
        if (Auth::isAdmin() && ($params['status'] == 'active' || $params['status'] == 'admin') || ($perms->exists($app) ? $perms->hasPermission($app, Auth::getAuth(), PERMS_SHOW) : Auth::getAuth()) && $params['status'] == 'active') {
            if (isset($params['menu_parent'])) {
                $children[$params['menu_parent']][$app] = $params;
            }
        } else {
            if ($params['status'] != 'heading') {
                $registry->applications[$app]['status'] = 'inactive';
            }
        }
    }
    $tmp = array();
    foreach ($registry->applications as $app => $params) {
        /* Filter out all parents without children. */
        if (isset($children[$app])) {
            if (count($children[$app])) {
                $tmp[$app] = $params;
                $tmp[$app]['children'] = true;
            }
        } else {
            $tmp[$app] = $params;
        }
    }
    $registry->applications = $tmp;
}
Example #22
0
 public function index()
 {
     // Globals are evil !
     $lg = $GLOBALS['lang'];
     if (!file_exists(dirname(__FILE__) . "/../views/common/onlinehelp/{$lg}.tpl")) {
         $lg = 'en';
     }
     // Determine if the view must allow the user to manage widgets.
     $widgetManagement = false;
     if (Auth::isAdmin() || Auth::isGod()) {
         $widgetManagement = true;
     }
     // Help file to include in the view.
     $helpInclusion = dirname(__FILE__) . "/../views/common/onlinehelp/{$lg}.tpl";
     # Get Avaliable Langue
     $availableLanguages = Util::getAvailableLanguages();
     $userLanguage = Auth::getLanguage();
     require_once DefaultFC::getView("help.tpl");
 }
 function deleteVehicle($id)
 {
     require_once '../../public/config.php';
     require_once 'Auth.class.php';
     require_once 'Db.class.php';
     if (Auth::isModo() == false && Auth::isAdmin() == false) {
         header('HTTP/1.0 401 Unauthorized');
         exit('Grant access required !');
     }
     $db = new Db();
     $db = $db->getConnected();
     if (is_numeric($id) == false) {
         header('HTTP/1.0 401 Unauthorized');
         exit('Not a number !');
     }
     $query = $db->prepare("DELETE FROM vehicles WHERE id = :id");
     $query->bindValue(':id', $id, PDO::PARAM_INT);
     $query->execute();
     $query = null;
     echo json_encode(array("id" => $id, "status" => "ok"));
 }
Example #24
0
    static function getMessage($isPrint = false, $force = false)
    {
        $msg_list = array();
        $auth = new Auth();
        if (!$auth->isAdmin() && $force == false) {
            return false;
        }
        if (isset($_SESSION['msg']) || !empty($_SESSION['msg'])) {
            $msg_list = explode("{{next}}", $_SESSION['msg']);
        }
        if ($isPrint == false) {
            ?>
			<script>
			$(document).ready(function (){
			<?php 
            if (count($msg_list) > 0) {
                foreach ($msg_list as $msg) {
                    ?>
				$("body").append("<?php 
                    echo str_replace('"', '\\"', $msg);
                    ?>
");
			<?php 
                }
            }
            ?>
			}());
			</script>
			<?php 
        } else {
            if (count($msg_list) > 0) {
                foreach ($msg_list as $msg) {
                    echo $msg;
                }
            }
        }
        $_SESSION['msg'] = "";
    }
Example #25
0
	public function index($message=null){
		global $config;
		$baseHref=get_class($this);
		if(isset($message)){
			if(is_string($message)){
				$message=new DisplayedMessage($message);
			}
			$message->setTimerInterval($this->messageTimerInterval);
			$this->_showDisplayedMessage($message);
		}

		$categories=DAO::getAll("Categorie");
		$auteurs=DAO::getAll("User");
		
		if (Auth::isAdmin()) {
			$faqs = DAO::getAll($this->model, "idUser="******"Sélectionner l'auteur...");
		}else{
			$faqs=DAO::getAll($this->model, "published = 1");
			$listUser=Gui::select($auteurs,null,"Sélectionner l'auteur...");
		}
		
		
		$listCategorie=Gui::select($categories,null,"Sélectionner une catégorie ...");
		
		$this->loadView("faq/vFilter",array("listCategorie"=>$listCategorie,"listUser"=>$listUser));
		echo "<div class='list'>";
		$this->loadView("faq/vList", array("faqs"=>$faqs));
		echo "</div>";

		echo JQuery::execute("$('[data-toggle=\"tooltip\"]').tooltip()");
		echo Jquery::postFormOn('change', '.search', "Faqs/filter", "searchForm", ".list");
		echo Jquery::postFormOn('keyup', '.search', "Faqs/filter", "searchForm", ".list");
		echo Jquery::getOn('click', '.suspend', 'Faqs/suspend', '.list');

	}
Example #26
0
 public function run()
 {
     $authenticated = Auth::isLoggedIn();
     $controller = ucfirst(strtolower(static::$request['controller'])) . 'Controller';
     // some router logic / protection
     if ($authenticated) {
         if (isset(static::$request['params']['logout']) && Auth::logout()) {
             $this->redirect('/');
         }
         if (isset(static::$request['params']['switchuser'])) {
             $url = Auth::switchUser((int) static::$request['params']['switchuser']);
             $this->redirect($url);
         }
         if (empty($controller) || $controller === 'FrontController' || $controller === 'JoinController' && Auth::$profile->profileSet()) {
             $this->redirect('/central');
         }
         if ($controller !== 'JoinController' && !Auth::$profile->profileSet()) {
             $this->redirect('/join');
         }
         if ($controller === 'AdminController' && !Auth::isAdmin()) {
             $this->redirect('/errors/view/401');
         }
     } else {
         if (!static::$request['public']) {
             $this->redirect('/');
         }
     }
     if (class_exists($controller, true)) {
         $props = !empty(Auth::$profile) ? ['profile' => Auth::$profile] : [];
         $invoke = new $controller();
         return $invoke(static::$request, $props);
         // invoke controller
     } else {
         $this->redirect('/errors/view/404');
     }
 }
<p style="width:80%; background-color:#f2f2f2">Email &nbsp;&nbsp;

<input name="email" type="text" id="email"  value="<?php 
echo isset($_POST['email']) ? htmlentities($_POST['email']) : "";
?>
"/>
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
Phone Number<span class="style1">*</span>&nbsp;&nbsp;
<input name="phone" type="text" id="phone"  value="<?php 
echo isset($_POST['phone']) ? htmlentities($_POST['phone']) : "";
?>
"/></p>
</div>

<?php 
if ($Auth->isAdmin()) {
    if (!isset($_POST['customFineAmount'])) {
        $_POST['customFineAmount'] = str_replace(',', '', $citationInfo['FineTotal']);
    }
    echo <<<ADM
<div style="padding-left: 140px; padding-top: 10px; padding-bottom: 15px; background-color: #f2f2f2;">
<h3>Admin Only</h3>
<p style="width:80%;">
\t<label for="customFineAmount">Custom Fine Amount</label>
\t<input name="customFineAmount" type="text" id="customFineAmount"  value="{$_POST['customFineAmount']}" onkeydown="javascript:updateTotal();" onpaste="javascript:updateTotal();" oninput="javascript:updateTotal();" onchange="javascript:updateTotal();" />
</p>
</div>
<p>&nbsp;</p>
ADM;
}
?>
Example #28
0
 public function upgrade($version)
 {
     $auth = new Auth();
     if (!$auth->isLoggedIn() || !$auth->isAdmin()) {
         return "Must be logged in as admin";
     }
     $path = $_SERVER['DOCUMENT_ROOT'] . $_SERVER['APP_ROOT'] . "library/installer/schemas/update" . $version . ".sql";
     if (!file_exists($path)) {
         return "Schema does not exist";
     }
     $settings = WposAdminSettings::getSettingsObject('general');
     if (floatval($settings->version) >= floatval($version)) {
         return "Db already at the latest version";
     }
     $sql = file_get_contents($path);
     try {
         $result = $this->db->_db->exec($sql);
         if ($result !== false) {
             switch ($version) {
                 case "1.0":
                     // set sales type & channel
                     $sql = "UPDATE `sales` SET `type`='sale', `channel`='pos';";
                     if ($this->db->_db->exec($sql) === false) {
                         return $this->db->_db->errorInfo()[0];
                     }
                     // set payment dt to process dt and update sales json with extra params
                     $sql = "SELECT * FROM `sales`;";
                     $sales = $this->db->select($sql, []);
                     foreach ($sales as $sale) {
                         $data = json_decode($sale['data']);
                         $data->id = $sale['id'];
                         $data->balance = 0.0;
                         $data->dt = $sale['dt'];
                         $data->status = $sale['status'];
                         if ($data == false) {
                             die("Prevented null data entry");
                         }
                         $sql = "UPDATE `sales` SET `data`=:data WHERE `id`=:saleid";
                         $this->db->update($sql, [":data" => json_encode($data), ":saleid" => $sale['id']]);
                         $sql = "UPDATE `sale_payments` SET `processdt=:processdt WHERE `saleid`=:saleid";
                         $this->db->update($sql, [":processdt" => $sale['processdt'], ":saleid" => $sale['id']]);
                     }
                     // update config, add google keys
                     WposAdminSettings::putValue('general', 'version', '1.0');
                     WposAdminSettings::putValue('general', 'gcontact', 0);
                     WposAdminSettings::putValue('general', 'gcontacttoken', '');
                     WposAdminSettings::putValue('pos', 'priceedit', 'blank');
                     // copy new templates
                     copy($_SERVER['DOCUMENT_ROOT'] . $_SERVER['APP_ROOT'] . 'docs-template/templates', $_SERVER['DOCUMENT_ROOT'] . $_SERVER['APP_ROOT'] . 'docs/');
                     break;
                 case "1.1":
                     WposAdminSettings::putValue('general', 'version', '1.1');
             }
             return true;
         } else {
             return $this->db->_db->errorInfo()[0];
         }
     } catch (Exception $e) {
         return $e->getMessage();
     }
 }
Example #29
0
    Auth::print_login_msg();
}
$t = new Template1(translate('Online Scheduler'));
$s = new Schedule(isset($_GET['scheduleid']) ? $_GET['scheduleid'] : null);
// Print HTML headers
$t->printHTMLHeader();
// Print welcome box
$t->printWelcome();
// Begin main table
$t->startMain();
ob_start();
// The schedule may take a long time to print out, so buffer all of that HTML data
if ($s->isValid) {
    // Print Calendar Navigation on the left side
    $t->startNavLinkTable();
    $t->showNavLinksTable(Auth::isAdmin());
    $t->endNavLinkTable();
    //	$s->print_calendars();
    //$s->print_color_key();
    $t->splitTable();
    // Print out links to jump to new date
    //	$s->print_jump_links();
    $s->print_schedule();
} else {
    $s->print_error();
}
ob_end_flush();
// Write all of the HTML out
// End main table
$t->endMain();
list($e_sec, $e_msec) = explode(' ', microtime());
Example #30
0
 public function mesArticles($param = NULL)
 {
     global $config;
     $this->orderBy = "order by idCategorie";
     $baseHref = get_class($this);
     $objects = DAO::getAll($this->model, $this->where . " " . $this->orderBy);
     echo "<a class='btn btn-primary'  style='margin-right:10px;' href='" . $config["siteUrl"] . $baseHref . "/mesArticles'>Mes articles</a>";
     echo "<a class='btn btn-info' href='" . $config["siteUrl"] . $baseHref . "'>Tous les articles</a>";
     echo "<br><br><table class='table table-striped'><tbody>";
     foreach ($objects as $object) {
         if (Auth::getUser() == $object->getUser()) {
             echo "<tr>";
             echo "<td class='titre-faq' style='width:80%'><a href='" . $baseHref . "/frm2/" . $object->getId() . "' style='color:#253939'><b>" . $object->getTitre() . "</b></a></td>";
             echo "<td class='td-center'><a class='btn btn-success btn-xs' href='" . $baseHref . "/frm2/" . $object->getId() . "'><span class='glyphicon glyphicon-eye-open' aria-hidden='true'></span></a></td>";
             echo "<td class='td-center'><a class='btn btn-primary btn-xs' href='" . $baseHref . "/frm/" . $object->getId() . "'><span class='glyphicon glyphicon-edit' aria-hidden='true'></span></a></td>";
             if ($object->getDisable() == "0") {
                 echo "<td class='td-center'><a class='btn btn-warning btn-xs' href='" . $baseHref . "/disable/" . $object->getId() . "'><span class='glyphicon glyphicon-pause' aria-hidden='true'></span></a></td>";
             } else {
                 echo "<td class='td-center'><a class='btn btn-info btn-xs' href='" . $baseHref . "/activate/" . $object->getId() . "'><span class='glyphicon glyphicon-play' aria-hidden='true'></span></a></td>";
             }
             echo "<td class='td-center'><a class='btn btn-danger btn-xs' href='" . $baseHref . "/delete/" . $object->getId() . "'><span class='glyphicon glyphicon-remove' aria-hidden='true'></span></a></td>";
         }
     }
     echo "</tr>";
     echo "</tbody>";
     echo "</table>";
     if (Auth::isAdmin()) {
         echo "<a class='btn btn-primary' href='" . $config["siteUrl"] . $baseHref . "/frm'>Ajouter...</a>";
     }
 }