public static function save() { if (!security::isLogged() || !USER_IS_ADMIN) { return; } $status = f::getParam("status"); $clientId = f::getParam("client_id"); $name = f::getParam("name"); if ($status != 1 && $status != 0) { f::setError(400, "Invalid Client Status"); } if (!$clientId && !$name) { f::setError(400, "Invalid Client Name"); } $clientExists = f::dbRes("select 1 from fm_clients where id = {p:client_id}") == 1; if ($clientId && !$clientExists) { f::setError(400, "Invalid Client Id"); } if (!f::hasErrors()) { if ($clientId) { f::dbQuery("update fm_clients set status = {p:status} where id = {p:client_id}"); } else { f::dbQuery("insert into fm_clients set name = {p:name}, status = {p:status}"); } f::setResponseJson(array("ok" => 1)); } }
public static function edit() { if (!security::isLogged() || !USER_IS_ADMIN) { return; } $name = f::getParam("name"); $availableFrom = f::date2sql(f::getParam("available_from")); $availableTo = f::date2sql(f::getParam("available_to")); $status = f::getParam("status"); if ($status != 1 && $status != 0 && $status != 2) { f::setError(400, "Wrong Status"); } if (!$name) { f::setError(400, "Invalid form name"); } $clientExists = f::dbRes("select 1 from fm_clients where id = {p:client_id}"); if (!$clientExists) { f::setError(400, "Client does not Exist"); } if (!f::hasErrors()) { if (f::getParam("form_id")) { f::dbQuery("insert into fm_forms_log (created_date, form_id, client_id, name, enabled_domains, detail, available_from, available_to, status, description)\n\t\t\t\t\tselect now(), id, client_id, name, enabled_domains, detail, available_from, available_to, status, description from fm_forms where id = {p:form_id}"); f::dbQuery("update fm_forms set name = {p:name}, detail = {p:detail}, available_from = {availableFrom}, available_to = {availableTo}, status = {p:status} where id = {p:form_id}", array("availableFrom" => $availableFrom, "availableTo" => $availableTo)); } else { f::dbQuery("insert into fm_forms set client_id = {p:client_id}, name = {p:name}, detail = {p:detail}, available_from = {availableFrom}, available_to = {availableTo}, status = {p:status} ", array("availableFrom" => $availableFrom, "availableTo" => $availableTo)); } f::setResponseJson(array("ok" => 1)); } }
public static function get() { if (!security::isLogged()) { return; } $clients = f::dbFullRes("select distinct c.id, c.name \n\t\t\t\t\t\t\t\t from fm_clients c\n\t\t\t\t\t\t\t\t join fm_users_clients uc on (uc.client_id = c.id)\n\t\t\t\t\t\t\t\t where c.status = 1\n\t\t\t\t\t\t\t\t and uc.user_id = {userId}\n\t\t\t\t\t\t\t\t order by c.name ", array("userId" => USER_ID)); $forms = f::dbFullRes("select c.id client_id, f.id, f.name, f.status\n\t\t\t\t\t\t\t\t from fm_forms f\n\t\t\t\t\t\t\t\t join fm_clients c on (c.id = f.client_id)\n\t\t\t\t\t\t\t\t join fm_users_clients uc on (uc.client_id = c.id)\n\t\t\t\t\t\t\t\t where c.status = 1\n\t\t\t\t\t\t\t\t and uc.user_id = {userId}\n\t\t\t\t\t\t\t\t order by c.id, f.status desc, f.id desc ", array("userId" => USER_ID)); foreach ($forms as $k => $v) { $siteTableId = "fm_userdata_" . substr("00" . $forms[$k]["client_id"], -3); $forms[$k]["data_7_days"] = f::dbRes("select count(*) from {d:siteTableId} ud where ud.form_id = {formId} and date(created_date) >= (CURDATE() - INTERVAL 7 DAY)", array("siteTableId" => $siteTableId, "formId" => $forms[$k]["id"])); $forms[$k]["data_total"] = f::dbRes("select count(*) from {d:siteTableId} ud where ud.form_id = {formId}", array("siteTableId" => $siteTableId, "formId" => $forms[$k]["id"])); } f::setResponseJson(array("clients" => $clients, "forms" => $forms)); }
public static function add() { if (!security::isLogged() || !USER_IS_ADMIN) { return; } $status = f::getParam("status"); $name = f::getParam("name"); $email = f::getParam("email"); $password1 = trim(f::getParam("password1")); $password2 = trim(f::getParam("password2")); $exists = f::dbRes("select 1 from fm_users where name = {name}", array("name" => $name)); if (!$email) { f::setError(400, "Email field is missing"); } else { if (!$name) { f::setError(400, "Name field is missing"); } else { if ($exists) { f::setError(400, "Failed, user already exists."); } } } if ($status != 1 && $status != 0) { f::setError(400, "Incorrect Status"); } if ($password1 && $password1 != $password2) { f::setError(400, "Incorrect Password"); } if (!f::hasErrors()) { $userId = f::dbInsert("insert into fm_users set email = {email}, name = {name}, status = {status} ", array("email" => $email, "name" => $name, "status" => $status)); if ($password1 && $password1 == $password2) { f::dbQuery("update fm_users set password = {pwd} where id = {userId}", array("pwd" => md5($password1), "userId" => $userId)); } $userClients = f::getParam("userClients"); f::dbQuery("delete from fm_users_clients where user_id = {userId}"); foreach ($userClients as $clientId => $value) { f::dbQuery("insert into fm_users_clients set user_id = {userId}, client_id = {clientId}", array("userId" => $userId, "clientId" => $clientId)); } f::setResponseJson(array("userId" => $userId)); } }
public static function get() { if (!security::isLogged()) { return; } $formAllowed = f::dbRes("select 1\n\t\t\t\t\t\t from fm_forms f\n\t\t\t\t\t\t join fm_clients c on (c.id = f.client_id)\n\t\t\t\t\t\t join fm_users_clients uc on (uc.client_id = c.id)\n\t\t\t\t\t\t where f.id = {p:form_id} \n\t\t\t\t\t\t and c.status = 1\n\t\t\t\t\t\t and uc.user_id = {userId}", array("userId" => USER_ID)); if (!$formAllowed) { f::setError(401, "Not authorized"); } if (f::hasErrors()) { return; } // set pagination $rowsPerPage = 50; $page = max(f::getParam("page"), 1); $start = ($page - 1) * $rowsPerPage; $previousPage = $page - 1; $nextPage = $page + 1; // END set pagination $outData = array("start" => $start + 1, "previousPage" => $previousPage, "nextPage" => $nextPage, "page" => $page); self::step2($page, $start, $rowsPerPage, $outData); }
public static function get() { if (security::isLogged()) { f::setResponseJson(array("userName" => USER_NAME, "isAdmin" => USER_IS_ADMIN)); } }