function handle_hook($hook, $calling_module = false, $owner_table = false, $key_name = false, $key_value = false, $rel_data = false) { switch ($hook) { case "home_alerts": $alerts = array(); if (module_config::c('allow_note_reminders', 1)) { // find any jobs that are past the due date and dont have a finished date. $key = _l('Note Reminder'); if (class_exists('module_dashboard', false)) { module_dashboard::register_group($key, array('columns' => array('name' => _l('Reminder'), 'type' => _l('Type'), 'full_link' => _l('Link'), 'date' => _l('Date'), 'days' => _l('Date')))); } $sql = "SELECT * FROM `" . _DB_PREFIX . "note` n "; $sql .= " WHERE n.`reminder` = 1 AND n.note_time < " . (int) strtotime('+' . module_config::c('alert_days_in_future', 5) . ' days') . ""; $sql .= " AND ( n.`user_id` = 0 OR n.`user_id` = " . module_security::get_loggedin_id() . ")"; $sql .= " ORDER BY n.note_time ASC"; $tasks = qa($sql); foreach ($tasks as $task) { $alert_res = process_alert(date('Y-m-d', $task['note_time']), $key); if ($alert_res) { $alert_res['link'] = $task['rel_data']; // fix for linking when changing folder. $alert_res['type'] = _l(ucwords($task['owner_table'])); switch ($task['owner_table']) { case 'user': $user = module_user::get_user($task['owner_id']); if ($user['customer_id'] || $user['vendor_id']) { $alert_res['link'] = module_user::link_open_contact($task['owner_id'], false, $user); $alert_res['full_link'] = module_user::link_open_contact($task['owner_id'], true, $user); $alert_res['type'] = _l('Contact'); } else { $alert_res['link'] = module_user::link_open($task['owner_id'], false, $user); $alert_res['full_link'] = module_user::link_open($task['owner_id'], true, $user); } break; case 'invoice': $invoice_data = module_invoice::get_invoice($task['owner_id'], true); if (!$invoice_data || !isset($invoice_data['invoice_id']) || $invoice_data['invoice_id'] != $task['owner_id']) { continue 2; } $alert_res['link'] = module_invoice::link_open($task['owner_id'], false, $invoice_data); $alert_res['full_link'] = module_invoice::link_open($task['owner_id'], true, $invoice_data); break; case 'quote': $quote_data = module_quote::get_quote($task['owner_id'], true); if (!$quote_data || !isset($quote_data['quote_id']) || $quote_data['quote_id'] != $task['owner_id']) { continue 2; } $alert_res['link'] = module_quote::link_open($task['owner_id'], false, $quote_data); $alert_res['full_link'] = module_quote::link_open($task['owner_id'], true, $quote_data); break; case 'website': $website_data = module_website::get_website($task['owner_id']); if (!$website_data || !isset($website_data['website_id']) || $website_data['website_id'] != $task['owner_id']) { continue 2; } $alert_res['link'] = module_website::link_open($task['owner_id'], false); $alert_res['full_link'] = module_website::link_open($task['owner_id'], true); break; case 'customer': $customer_data = module_customer::get_customer($task['owner_id']); if (!$customer_data || !isset($customer_data['customer_id']) || $customer_data['customer_id'] != $task['owner_id']) { continue 2; } $alert_res['link'] = module_customer::link_open($task['owner_id'], false, $customer_data); $alert_res['full_link'] = module_customer::link_open($task['owner_id'], true, $customer_data); break; case 'vendor': $vendor_data = module_vendor::get_vendor($task['owner_id']); if (!$vendor_data || !isset($vendor_data['vendor_id']) || $vendor_data['vendor_id'] != $task['owner_id']) { continue 2; } $alert_res['link'] = module_vendor::link_open($task['owner_id'], false, $vendor_data); $alert_res['full_link'] = module_vendor::link_open($task['owner_id'], true, $vendor_data); break; case 'job': $job_data = module_job::get_job($task['owner_id']); if (!$job_data || !isset($job_data['job_id']) || $job_data['job_id'] != $task['owner_id']) { continue 2; } $alert_res['link'] = module_job::link_open($task['owner_id'], false, $job_data); $alert_res['full_link'] = module_job::link_open($task['owner_id'], true, $job_data); break; // todo - add others. } $alert_res['name'] = $task['note']; $alert_res['date'] = print_date($alert_res['date']); $alert_res['time'] = $task['note_time']; $alerts[] = $alert_res; } } } return $alerts; break; /*case "note_list": if($owner_id && $owner_id != 'new'){ $note_items = $this->get_notes(array("owner_table"=>$owner_table,"owner_id"=>$owner_id)); foreach($note_items as &$note_item){ // do it in loop here because of $this issues in static method below. // instead of include file below. $note_item['html'] = $this->print_note($note_item['note_id']); } include("pages/note_list.php"); }else{ echo 'Please save first before creating notes.'; } break;*/ /*case "note_list": if($owner_id && $owner_id != 'new'){ $note_items = $this->get_notes(array("owner_table"=>$owner_table,"owner_id"=>$owner_id)); foreach($note_items as &$note_item){ // do it in loop here because of $this issues in static method below. // instead of include file below. $note_item['html'] = $this->print_note($note_item['note_id']); } include("pages/note_list.php"); }else{ echo 'Please save first before creating notes.'; } break;*/ case "note_delete": // find the key we are saving this address against. $owner_id = (int) $key_value; if (!$owner_id || $owner_id == 'new') { // find one in the post data. if (isset($_REQUEST[$key_name])) { $owner_id = $_REQUEST[$key_name]; } } $note_hash = md5($owner_id . '|' . $owner_table); // just for posting unique arrays. if ($owner_table && $owner_id) { $this->note_delete($owner_table, $owner_id); } break; } }
/*if($customer['primary_user_id']){ $fieldset_data['heading']['button'] = array( 'title' => 'More', 'url' => module_user::link_open_contact($customer['primary_user_id'],false) ); }*/ if (isset($use_master_key) && ($use_master_key == 'customer_id' || $use_master_key == 'vendor_id') && isset($user[$use_master_key])) { $primary = false; if ($use_master_key == 'customer_id') { $customer_data = module_customer::get_customer($user[$use_master_key]); if ($customer_data['primary_user_id'] == $user_id) { $primary = true; } } else { if ($use_master_key == 'vendor_id') { $vendor_data = module_vendor::get_vendor($user[$use_master_key]); if ($vendor_data['primary_user_id'] == $user_id) { $primary = true; } } } if ($primary && !isset($hide_more_button)) { $fieldset_data['heading']['button'] = array('title' => 'More', 'url' => module_user::link_open_contact($user_id, false)); } $fieldset_data['elements']['primary'] = array('title' => 'Primary', 'fields' => array(array('type' => 'check', 'name' => 'customer_primary', 'value' => '1', 'checked' => $primary), _hr('This users details will be used as a primary point of contact for this customer. These details will display in the main customer listing for this customer. Also if you send an invoice or a newsletter to this "customer" then this email address will be used.'))); } else { if (isset($show_more_button) && $show_more_button) { $fieldset_data['heading']['button'] = array('title' => 'More', 'url' => module_user::link_open_contact($user_id, false)); } } $fieldset_data['elements']['fname'] = array('title' => 'First Name', 'fields' => array(array('type' => 'text', 'name' => 'name', 'value' => $user['name'])));
* Copyright: dtbaker 2012 * Licence: Please check CodeCanyon.net for licence details. * More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/ * Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4 * Envato: 4ffca17e-861e-4921-86c3-8931978c40ca * Package Date: 2015-11-25 02:55:20 * IP Address: 67.79.165.254 */ $page_type = 'Companies'; $page_type_single = 'Company'; if (!module_vendor::can_i('view', $page_type)) { redirect_browser(_BASE_HREF); } $vendor_id = (int) $_REQUEST['vendor_id']; $vendor = array(); $vendor = module_vendor::get_vendor($vendor_id); if ($vendor_id > 0 && $vendor['vendor_id'] == $vendor_id) { $module->page_title = _l($page_type_single . ': %s', $vendor['vendor_name']); } else { $module->page_title = _l($page_type_single . ': %s', _l('New')); } // check permissions. if (class_exists('module_security', false)) { if ($vendor_id > 0 && $vendor['vendor_id'] == $vendor_id) { // if they are not allowed to "edit" a page, but the "view" permission exists // then we automatically grab the page and regex all the crap out of it that they are not allowed to change // eg: form elements, submit buttons, etc.. module_security::check_page(array('category' => 'Vendor', 'page_name' => $page_type, 'module' => 'vendor', 'feature' => 'Edit')); } else { module_security::check_page(array('category' => 'Vendor', 'page_name' => $page_type, 'module' => 'vendor', 'feature' => 'Create')); }
if (isset($vendor['group_sort_vendor'])) { echo htmlspecialchars($vendor['group_sort_vendor']); } else { // find the groups for this vendor. $groups = module_group::get_groups_search(array('owner_table' => 'vendor', 'owner_id' => $vendor['vendor_id'])); $g = array(); foreach ($groups as $group) { $g[] = $group['name']; } echo htmlspecialchars(implode(', ', $g)); } }); } $table_manager->set_columns($columns); $table_manager->row_callback = function ($row_data) { // load the full vendor data before displaying each row so we have access to more details return module_vendor::get_vendor($row_data['vendor_id']); }; $table_manager->set_rows($vendors); if (class_exists('module_extra', false)) { $table_manager->display_extra('vendor', function ($vendor) { module_extra::print_table_data('vendor', $vendor['vendor_id']); }); $table_manager->display_extra('user', function ($vendor) { module_extra::print_table_data('user', $vendor['primary_user_id']); }); } $table_manager->pagination = true; $table_manager->print_table(); ?> </form>
public function save_user($user_id, $data, $from_public = false) { $use_master_key = $this->get_contact_master_key(); if ($from_public) { $user_id = 0; } else { if ($use_master_key && isset($data[$use_master_key]) && $data[$use_master_key]) { if (!module_user::can_i('edit', 'Contacts', 'Customer')) { set_error('Unable to edit contacts.'); return false; } } else { if (!self::can_i('edit', 'Users', 'Config')) { set_error('Unable to edit users.'); return false; } } $user_id = (int) $user_id; } $temp_user = array(); if ($user_id > 0) { // check permissions $temp_user = $this->get_user($user_id, true, false); if (!$temp_user || $temp_user['user_id'] != $user_id || isset($temp_user['_perms'])) { $user_id = false; } } if (!$user_id && !$from_public) { if ($use_master_key && isset($data[$use_master_key]) && $data[$use_master_key]) { if (!module_user::can_i('create', 'Contacts', 'Customer')) { set_error('Unable to create new contacts.'); return false; } } else { if (!self::can_i('create', 'Users', 'Config')) { set_error('Unable to create new users.'); return false; } } } else { if ($user_id == 1 && module_security::get_loggedin_id() != 1) { set_error('Sorry only the administrator can modify this account'); } } // check the customer id is valid assignment to someone who has these perms. if (!$from_public) { if (isset($data['customer_id']) && (int) $data['customer_id'] > 0) { $temp_customer = module_customer::get_customer($data['customer_id']); if (!$temp_customer || $temp_customer['customer_id'] != $data['customer_id']) { unset($data['customer_id']); } } if (isset($data['vendor_id']) && (int) $data['vendor_id'] > 0) { $temp_vendor = module_vendor::get_vendor($data['vendor_id']); if (!$temp_vendor || $temp_vendor['vendor_id'] != $data['vendor_id']) { unset($data['vendor_id']); } } } if (isset($data['password'])) { unset($data['password']); } // we do the password hash thing here. if (isset($data['password_new']) && strlen($data['password_new'])) { // an admin is trying to set the password for this account. // same permissions checks as on the user_admin_edit_login.php page if (!$user_id || isset($temp_user['password']) && !$temp_user['password'] || module_user::can_i('create', 'Users Passwords', 'Config') || isset($_REQUEST['reset_password']) && $_REQUEST['reset_password'] == module_security::get_auto_login_string($user_id)) { // we allow the admin to set a new password without typing in previous password. $data['password'] = $data['password_new']; } else { set_error('Sorry, no permissions to set a new password.'); } } else { if ($user_id && isset($data['password_new1']) && isset($data['password_new2']) && strlen($data['password_new1'])) { // the user is trying to change their password. // only do this if the user has edit password permissions and their password matches. if (module_user::can_i('edit', 'Users Passwords', 'Config') || $user_id == module_security::get_loggedin_id()) { if (isset($data['password_old']) && (md5($data['password_old']) == $temp_user['password'] || $data['password_old'] == $temp_user['password'])) { // correct old password // verify new password. if ($data['password_new1'] == $data['password_new2']) { $data['password'] = $data['password_new1']; } else { set_error('Verified password mismatch. Password unchanged.'); } } else { set_error('Old password does not match. Password unchanged.'); } } else { set_error('No permissions to change passwords'); } } } // and we finally hash our password if (isset($data['password']) && strlen($data['password']) > 0) { $data['password'] = md5($data['password']); // if you change md5 also change it in customer import. // todo - salt? meh. } $user_id = update_insert("user_id", $user_id, "user", $data); $use_master_key = $this->get_contact_master_key(); // this will be customer_id or supplier_id if ($use_master_key && (isset($data[$use_master_key]) && $data[$use_master_key])) { if ($user_id) { if (isset($data['customer_primary']) && $data['customer_primary']) { // update the customer/supplier to mark them as primary or not.. switch ($use_master_key) { case 'customer_id': module_customer::set_primary_user_id($data['customer_id'], $user_id); break; case 'vendor_id': module_vendor::set_primary_user_id($data['vendor_id'], $user_id); break; } } else { // check if this contact was the old customer/supplier primary and switch ($use_master_key) { case 'customer_id': $customer_data = module_customer::get_customer($data['customer_id']); if ($customer_data['primary_user_id'] == $user_id) { module_customer::set_primary_user_id($data['customer_id'], 0); } break; case 'vendor_id': $vendor_data = module_vendor::get_vendor($data['vendor_id']); if ($vendor_data['primary_user_id'] == $user_id) { module_vendor::set_primary_user_id($data['vendor_id'], 0); } break; } } } } if (!$from_public) { // hack for linked user accounts. if ($user_id && isset($data['link_customers']) && $data['link_customers'] == 'yes' && isset($data['link_user_ids']) && is_array($data['link_user_ids']) && isset($data['email']) && $data['email']) { $others = module_user::get_contacts(array('email' => $data['email'])); foreach ($data['link_user_ids'] as $link_user_id) { if (!(int) $link_user_id) { continue; } if ($link_user_id == $user_id) { continue; } // shouldnt happen foreach ($others as $other) { if ($other['user_id'] == $link_user_id) { // success! they'renot trying to hack us. $sql = "REPLACE INTO `" . _DB_PREFIX . "user_customer_rel` SET user_id = '" . (int) $link_user_id . "', customer_id = '" . (int) $other['customer_id'] . "', `primary` = " . (int) $user_id; query($sql); update_insert('user_id', $link_user_id, 'user', array('linked_parent_user_id' => $user_id)); } } } update_insert('user_id', $user_id, 'user', array('linked_parent_user_id' => $user_id)); } if ($user_id && isset($data['unlink']) && $data['unlink'] == 'yes') { $sql = "DELETE FROM `" . _DB_PREFIX . "user_customer_rel` WHERE user_id = '" . (int) $user_id . "'"; query($sql); update_insert('user_id', $user_id, 'user', array('linked_parent_user_id' => 0)); } handle_hook("address_block_save", $this, "physical", "user", "user_id", $user_id); handle_hook("address_block_save", $this, "postal", "user", "user_id", $user_id); if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) { module_extra::save_extras('user', 'user_id', $user_id); } // find current role / permissions $user_data = $this->get_user($user_id); $previous_user_roles = $user_data['roles']; $re_save_role_perms = false; // hack to support only 1 role (we may support multi-role in the future) // TODO: check we have permissions to set this role id, otherwise anyone can set their own role. if (isset($_REQUEST['role_id'])) { $sql = "DELETE FROM `" . _DB_PREFIX . "user_role` WHERE user_id = '" . (int) $user_id . "'"; query($sql); if ((int) $_REQUEST['role_id'] > 0) { if (!isset($previous_user_roles[$_REQUEST['role_id']])) { $re_save_role_perms = (int) $_REQUEST['role_id']; } $_REQUEST['role'] = array($_REQUEST['role_id'] => 1); } } // save users roles (support for multi roles in future - but probably will never happen) if (isset($_REQUEST['role']) && is_array($_REQUEST['role'])) { foreach ($_REQUEST['role'] as $role_id => $tf) { $this->add_user_to_role($user_id, $role_id); } } if ($re_save_role_perms) { // copy role permissiosn to user permissions $sql = "DELETE FROM `" . _DB_PREFIX . "user_perm` WHERE user_id = " . (int) $user_id; query($sql); // update - we are not relying on these permissions any more. // if the user has a role assigned, we use those permissions period // we ignore all permissions in the user_perm table if the user has a role. // if the user doesn't have a role, then we use these user_perm permissions. /*$security_role = module_security::get_security_role($re_save_role_perms); foreach($security_role['permissions'] as $security_permission_id => $d){ $sql = "INSERT INTO `"._DB_PREFIX."user_perm` SET user_id = ".(int)$user_id.", security_permission_id = '".(int)$security_permission_id."'"; foreach(module_security::$available_permissions as $perm){ $sql .= ", `".$perm."` = ".(int)$d[$perm]; } query($sql); }*/ } else { if (isset($_REQUEST['permission']) && is_array($_REQUEST['permission'])) { $sql = "DELETE FROM `" . _DB_PREFIX . "user_perm` WHERE user_id = '" . (int) $user_id . "'"; query($sql); // update permissions for this user. foreach ($_REQUEST['permission'] as $security_permission_id => $permissions) { $actions = array(); foreach (module_security::$available_permissions as $permission) { if (isset($permissions[$permission]) && $permissions[$permission]) { $actions[$permission] = 1; } } $sql = "REPLACE INTO `" . _DB_PREFIX . "user_perm` SET user_id = '" . (int) $user_id . "', security_permission_id = '" . (int) $security_permission_id . "' "; foreach ($actions as $permission => $tf) { $sql .= ", `" . mysql_real_escape_string($permission) . "` = 1"; } query($sql); } } } /*global $plugins; if($user_id && isset($data['user_type_id']) && $data['user_type_id'] == 1 && $data['site_id']){ // update the site. $plugins['site']->set_primary_user_id($data['site_id'],$user_id); }else{ //this use isn't (or isnt any more) the sites primary user. // unset this if he was the primary user before $site_data = $plugins['site']->get_site($data['site_id']); if(isset($site_data['primary_user_id']) && $site_data['primary_user_id'] == $user_id){ $plugins['site']->set_primary_user_id($data['site_id'],0); } }*/ // save the company information if it's available if (class_exists('module_company', false) && module_company::can_i('edit', 'Company') && module_company::is_enabled() && module_user::can_i('edit', 'User')) { if (isset($_REQUEST['available_user_company']) && is_array($_REQUEST['available_user_company'])) { $selected_companies = isset($_POST['user_company']) && is_array($_POST['user_company']) ? $_POST['user_company'] : array(); foreach ($_REQUEST['available_user_company'] as $company_id => $tf) { if (!isset($selected_companies[$company_id]) || !$selected_companies[$company_id]) { // remove user from this company module_company::delete_user($company_id, $user_id); } else { // add user to this company (if they are not already existing) module_company::add_user_to_company($company_id, $user_id); } } } } } module_cache::clear('user'); return $user_id; }
public static function get_replace_fields($vendor_id, $primary_user_id = false) { $vendor_data = module_vendor::get_vendor($vendor_id); $address_combined = array(); if (isset($vendor_data['vendor_address'])) { foreach ($vendor_data['vendor_address'] as $key => $val) { if (strlen(trim($val))) { $address_combined[$key] = $val; } } } // do we use the primary contact or $contact_data = module_user::get_user($primary_user_id ? $primary_user_id : $vendor_data['primary_user_id']); //print_r($contact_data);exit; if ($contact_data && $contact_data['vendor_id'] != $vendor_id && !$contact_data['linked_parent_user_id']) { $contact_data = array('user_id' => 0, 'vendor_id' => 0, 'name' => '', 'last_name' => '', 'email' => '', 'password' => '', 'phone' => '', 'mobile' => '', 'fax' => ''); } $data = array('vendor_details' => ' - todo - ', 'vendor_name' => isset($vendor_data['vendor_name']) ? htmlspecialchars($vendor_data['vendor_name']) : _l('N/A'), 'vendor_address' => htmlspecialchars(implode(', ', $address_combined)), 'contact_name' => $contact_data['name'] != $contact_data['email'] ? htmlspecialchars($contact_data['name'] . ' ' . $contact_data['last_name']) : '', 'contact_first_name' => $contact_data['name'], 'contact_last_name' => $contact_data['last_name'], 'first_name' => $contact_data['name'], 'last_name' => $contact_data['last_name'], 'contact_email' => htmlspecialchars($contact_data['email']), 'contact_phone' => htmlspecialchars($contact_data['phone']), 'contact_mobile' => htmlspecialchars($contact_data['mobile']), 'vendor_invoice_prefix' => isset($vendor_data['default_invoice_prefix']) ? $vendor_data['default_invoice_prefix'] : ''); $data = array_merge($vendor_data, $data); foreach ($vendor_data['vendor_address'] as $key => $val) { $data['address_' . $key] = $val; } if (class_exists('module_group', false) && module_group::is_plugin_enabled()) { // get the vendor groups $g = array(); if ((int) $vendor_data['vendor_id'] > 0) { foreach (module_group::get_groups_search(array('owner_table' => 'vendor', 'owner_id' => $vendor_data['vendor_id'])) as $group) { $g[] = $group['name']; } } $data['vendor_group'] = implode(', ', $g); // get the vendor groups $g = array(); if ($vendor_id > 0) { $vendor_data = module_vendor::get_vendor($vendor_id); foreach (module_group::get_groups_search(array('owner_table' => 'vendor', 'owner_id' => $vendor_id)) as $group) { $g[$group['group_id']] = $group['name']; } } $data['vendor_group'] = implode(', ', $g); } // addition. find all extra keys for this vendor and add them in. // we also have to find any EMPTY extra fields, and add those in as well. if (class_exists('module_extra', false) && module_extra::is_plugin_enabled()) { $all_extra_fields = module_extra::get_defaults('vendor'); foreach ($all_extra_fields as $e) { $data[$e['key']] = _l('N/A'); } // and find the ones with values: $extras = module_extra::get_extras(array('owner_table' => 'vendor', 'owner_id' => $vendor_id)); foreach ($extras as $e) { $data[$e['extra_key']] = $e['extra']; } // and the primary contact $all_extra_fields = module_extra::get_defaults('user'); foreach ($all_extra_fields as $e) { $data[$e['key']] = _l('N/A'); } if ($contact_data && $contact_data['user_id']) { // and find the ones with values: $extras = module_extra::get_extras(array('owner_table' => 'user', 'owner_id' => $contact_data['user_id'])); foreach ($extras as $e) { $data[$e['extra_key']] = $e['extra']; } } } return $data; }