public function run()
{
$tpl = new template();
if (isset($_POST['save'])) {
if (isset($_POST['title']) && isset($_POST['submoduleAlias'])) {
$this->addWidget($_POST['submoduleAlias'], $_POST['title']);
$tpl->setNotification('SAVE_SUCCESS', 'success');
} else {
$tpl->setNotification('MISSING_FIELDS', 'error');
}
}
$setting = new setting();
$tpl->assign('submodules', $setting->getAllSubmodules());
$tpl->display('dashboard.addWidget');
}
public static function getInstance()
{
if (is_null(self::$instance)) {
self::$instance = new setting();
}
return self::$instance;
}
function editform_action() {
chkpw('defined_form_edit');
$this->view->table=front::get('table');
if(front::post('submit') &&$this->check_mytable()) {
$post=front::$post;
if(!preg_match('/^(myform)\/(\w)+\.html$/i', $post['template'])){
exit('非法参数');
}
unset($post['submit']);
setting::$_var[front::post('name')]['myform']=$post;
setting::save();
front::flash('修改成功!');
front::redirect(url::modify('act/listform',true));
}
}
function Sidebar_Show($parameters)
{
global $configVal;
requireComponent('Textcube.Function.Setting');
$datas = setting::fetchConfigVal($configVal);
$cityname = $datas['city1'];
$weather = 'http://www.google.co.kr/ig/api?&weather=' . $cityname . '&hl=ko&oe=utf-8';
$img = "http://www.google.co.kr";
$xml = simplexml_load_file($weather)->weather->forecast_information;
$xml1 = simplexml_load_file($weather)->weather->current_conditions;
$xml2 = simplexml_load_file($weather)->weather->forecast_conditions;
$city = $xml->city;
$date = $xml->forecast_date;
$condition = $xml1->condition;
$temp_min = $xml2->low;
$temp_max = $xml2->high;
$humidity = $xml1->humidity;
$imgdata = $xml1->icon;
$wind = $xml1->wind_condition;
//인터페이스 부분//
$code = "<br>";
$code .= "<b>지역명 : </b>";
$code .= $cityname;
$code .= "<br>";
$code .= "<b>날짜</b> : ";
$code .= $date[data];
$code .= "<br><br><center>";
$code .= "<b>기상상태</b>";
$code .= "<br>";
$code .= "<img src=" . $img . $imgdata[data] . ">";
$code .= "<br>";
$code .= $condition[data];
$code .= "</center><br>";
$code .= "<b>최저 ~ 최고온도</b> : ";
$code .= $temp_min[data] . "℃ ~ ";
$code .= $temp_max[data] . "℃";
$code .= "<br>";
$code .= $humidity[data];
$code .= "<br>";
$code .= $wind[data];
return $code;
}
<?php
require_once '../config/dbc.php';
require_once '../class/systemSetting.php';
$system = new setting();
if (array_key_exists("logSystem", $_POST)) {
if (isset($_POST['userName']) && !empty($_POST['userName']) && isset($_POST['password']) && !empty($_POST['password'])) {
$user = $_POST['userName'];
$pass = $_POST['password'];
$userQuery = "SELECT\nin_usr.usrID,\nin_usr.usrName,\nin_usr.usrPwd,\nin_usr.usrStatus,\nin_usr.usrLevel,\nin_usr.userBranchID\nFROM\nin_usr\nWHERE\n(in_usr.usrStatus = '1') AND\nin_usr.usrName = '{$user}' LIMIT 1";
$userAvailability = $system->getCountByQuery($userQuery);
if ($userAvailability > 0) {
$userDetails = $system->prepareSelectQuery($userQuery);
$encriptedPass = sha1('MDCC' . $pass . 'badboyes');
foreach ($userDetails as $ud) {
if ($ud['usrPwd'] == $encriptedPass) {
//Set Cookie if select remember btn
session_start();
$_SESSION['user_id'] = $ud['usrID'];
$_SESSION['user_name'] = $ud['usrName'];
$_SESSION['user_level'] = $ud['usrLevel'];
$_SESSION['usrStatus'] = $ud['usrStatus'];
$_SESSION['branch'] = $ud['userBranchID'];
$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
if (isset($_POST['remember']) && $_POST['remember'] == 'r') {
setcookie("user_id", $_SESSION['user_id'], time() + 60 * 60 * 24 * COOKIE_TIME_OUT, "/");
setcookie("user_name", $_SESSION['user_name'], time() + 60 * 60 * 24 * COOKIE_TIME_OUT, "/");
}
echo json_encode(array(array("msgType" => 0, "msg" => "Successfully Logged to the System")));
} else {
echo json_encode(array(array("msgType" => 1, "msg" => "Password was incorrect.Please Check your Password")));
<?php
require_once '../config/dbc.php';
require_once '../class/database.php';
require_once '../class/systemSetting.php';
$dbClass = new database();
$system = new setting();
if (array_key_exists("comboBox", $_POST)) {
if ($_POST['comboBox'] == 'makers') {
$system->prepareSelectQueryForJSON("SELECT\n maker.maker_id,\n maker.maker_name\n FROM maker\n WHERE maker.maker_status = '1'");
} else {
if ($_POST['comboBox'] == 'coordinator_category') {
$system->prepareSelectQueryForJSON("SELECT\n syscode.`code`,\n syscode.description\n FROM\n syscode\n WHERE\n syscode.type = '11'");
} else {
if ($_POST['comboBox'] == 'transmission_types') {
$system->prepareSelectQueryForJSON("SELECT\n syscode.`code`,\n syscode.description\n FROM\n syscode\n WHERE\n syscode.type = '10'");
} else {
if ($_POST['comboBox'] == 'fuel_types') {
$system->prepareSelectQueryForJSON("SELECT\n syscode.`code`,\n syscode.description\n FROM\n syscode\n WHERE\n syscode.type = '9'");
} else {
if ($_POST['comboBox'] == 'currency_types') {
$system->prepareSelectQueryForJSON("SELECT\n syscode.`code`,\n syscode.description\n FROM\n syscode\n WHERE\n syscode.type = '6'");
} else {
if ($_POST['comboBox'] == 'drive_types') {
$system->prepareSelectQueryForJSON("SELECT\n syscode.`code`,\n syscode.description\n FROM\n syscode\n WHERE\n syscode.type = '8'");
} else {
if ($_POST['comboBox'] == 'syscode_types') {
$system->prepareSelectQueryForJSON("SELECT\n syscode.`code`,\n syscode.description,\n syscode.remarks\n FROM\n syscode\n WHERE\n syscode.type = '{$_POST['sys_type']}'");
} else {
if ($_POST['comboBox'] == 'vahicle_code_combo') {
$system->prepareSelectQueryForJSON("SELECT\nvehicle.vh_id,\nvehicle.vh_code\nFROM\nvehicle\nWHERE\nvehicle.record_status = '1' AND\nvehicle.stock_status = '1'");
<?php
require_once '../config/defineVaribles.php';
require_once '../config/dbc.php';
require_once '../class/database.php';
require_once '../class/systemSetting.php';
$dbClass = new database();
$system = new setting();
if (array_key_exists("proccess", $_POST)) {
if ($_POST['proccess'] == 'logout') {
session_start();
echo $dbClass->logout();
}
}
if (array_key_exists("logSystem", $_POST)) {
//3 = no user exist,2 = no username password,1 = sucesss and redirec
if (isset($_POST['userName']) && !empty($_POST['userName']) && isset($_POST['password']) && !empty($_POST['password'])) {
$user = $dbClass->filterData($_POST['userName']);
$pass = $dbClass->filterData($_POST['password']);
$userQuery = "SELECT\nat_system_users.id,\nat_system_users.user_name,\nat_system_users.pwd,\nat_system_users.approved,\nat_system_users.user_level\nFROM\nat_system_users\nWHERE\nat_system_users.approved = '1' AND\nat_system_users.user_name = '{$user}' LIMIT 1";
$userAvailability = $system->getCountByQuery($userQuery);
if ($userAvailability > 0) {
$userDetails = $system->prepareSelectQuery($userQuery);
foreach ($userDetails as $ud) {
if ($ud['pwd'] == $dbClass->PasswordHash($pass, substr($ud['pwd'], 0, 9))) {
//Set Cookie if select remember btn
session_start();
$_SESSION['user_id'] = $ud['id'];
$_SESSION['user_name'] = $ud['user_name'];
$_SESSION['user_level'] = $ud['user_level'];
$_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);
public static function getInstance() {
if (self::$instance === null) {
self::$instance=new setting();
}
return self::instance;
}
/**
* executeAction - includes the class in includes/modules by the Request
*
* @access private
* @param $completeName
* @return string|object
*/
private function executeAction($completeName)
{
//actionname.filename
//actionName is foldername
$actionName = self::getActionName($completeName);
//moduleName is filename
$moduleName = self::getModuleName($completeName);
$defaultModules = array('general/class.main.php', 'general/class.loginInfo.php', 'general/class.header.php', 'general/class.footer.php', 'general/class.ajaxRequest.php', 'general/class.logout.php' . 'general/class.headMenu.php');
$setting = new setting();
if (isset($_SESSION['userdata']['role']) !== false) {
$availableUserModules = $setting->getAvailableModules($_SESSION['userdata']['role']);
$availableModules = array_merge($availableUserModules, $defaultModules);
} else {
$availableModules = $defaultModules;
}
$settings = new settings();
if (is_dir('./includes/modules/' . $moduleName) === false) {
throw new Exception('No access');
} elseif (in_array('' . $moduleName . '/class.' . $actionName . '.php', $availableModules) === false && (isset($_SESSION['userdata']) === false || $_SESSION['userdata']['id'] != 'x') && $actionName != '') {
$tpl = new template();
$tpl->display('general.error');
throw new Exception('No Access');
} elseif (is_file('./includes/modules/' . $moduleName . '/actions/class.' . $actionName . '.php') === false) {
$tpl = new template();
$tpl->display('general.error');
throw new Exception('No Access');
} else {
// Else is not necessary - throw stops execution - but for the look...
require_once './includes/modules/' . $moduleName . '/actions/class.' . $actionName . '.php';
//Initialize Action
$action = new $actionName();
if (is_object($action) === false) {
throw new Exception('Coult not initialize action');
} else {
// Look at last else
try {
//Everything ok? run action
$action->run();
} catch (Exception $e) {
echo $e->getMessage();
}
}
$this->lastAction = $completeName;
}
}
<?php
require_once '../config/dbc.php';
require_once '../class/database.php';
require_once '../class/systemSetting.php';
$dbClass = new database();
$system = new setting();
if (array_key_exists("table", $_POST)) {
if ($_POST['table'] == 'maker_info') {
//@Sachith : load sub category table by main category id
$system->prepareSelectQueryForJSON("SELECT maker_id, maker_name, `desc`, maker_status \r\n FROM maker WHERE maker.maker_status = 1");
} else {
if ($_POST['table'] == 'c_customers_table') {
//kitz
$query = "SELECT\r\n customer.cus_id,\r\n customer.cus_name,\r\n customer.cus_inv_name,\r\n customer.cus_address,\r\n customer.cus_inv_address,\r\n customer.cus_phone1,\r\n customer.cus_phone2,\r\n customer.other_contact,\r\n customer.comments\r\n FROM `customer`\r\n WHERE\r\n customer.cus_status != 99";
$system->prepareSelectQueryForJSON($query);
} else {
if ($_POST['table'] == 'model_info') {
$query = "SELECT\r\n maker_model.mod_id,\r\n maker_model.mod_name,\r\n maker_model.mod_options\r\n FROM\r\n maker_model\r\n WHERE\r\n maker_model.mod_status = 1 AND\r\n maker_model.maker_id = '{$_POST['maker_id']}'";
$system->prepareSelectQueryForJSON($query);
} else {
if ($_POST['table'] == 'load_sup_reg_tbl') {
$system->prepareSelectQueryForJSON("SELECT\r\nsupplier.supp_id,\r\nsupplier.supp_code,\r\nsupplier.supp_name,\r\nsupplier.inv_name,\r\nsupplier.supp_address,\r\nsupplier.inv_address,\r\nsupplier.phone,\r\nsupplier.inv_phone,\r\nsupplier.supp_email,\r\nsupplier.web,\r\nsupplier.supp_fax\r\nFROM\r\nsupplier\r\nWHERE supplier.supp_status = '1'");
} else {
if ($_POST['table'] == 'load_clearnce_tbl') {
$rec_per_page = 15;
// enter the same value in 'view_vehicle_tbl_paging'
if (filter_var($_REQUEST["records"], FILTER_VALIDATE_INT)) {
$rec_per_page = $_REQUEST["records"];
}
if (isset($_REQUEST["page"])) {
private function parseURL()
{
$ezphp_config = setting::getInstance();
$path = "";
$route_path = empty($_GET['route']) ? '' : $_GET['route'];
$route_path = trim($route_path, '/\\');
$route_path_len = strlen($route_path);
if ($route_path_len > 1 && substr($route_path, -1) == '/') {
$route_path = substr($route_path, 0, -1);
} elseif ($route_path_len == 0) {
$route_path = '/';
}
//print $route_path;exit;
// for routed urls start
$routes = $ezphp_config->get['routes'];
if (count($routes) > 0) {
if (!in_array('/', array_keys($routes))) {
$controller = $ezphp_config->get['application']['default_controller'] ? $ezphp_config->get['application']['default_controller'] : 'home';
$routes['/'] = $controller . '/index';
}
foreach ($routes as $route => $uri) {
if (strpos($route, ':') !== false) {
$wildcard = array(':any', ':alphanum', ':num', ':alpha');
$regex = array('(.+)', '([a-z0-9]+)', '([0-9]+)', '([a-z]+)');
$route = str_replace($wildcard, $regex, $route);
}
if (preg_match('#^' . $route . '$#u', $route_path)) {
if (strpos($uri, '$') !== false && strpos($route, '(') !== false) {
// for regex routing
$route_path = preg_replace('#^' . $route . '$#', $uri, $route_path);
} else {
// for normal routing
$route_path = $uri;
}
// we found a valid route
$lib_uri = ezphp::ez_get('uri');
$lib_uri->ruri = $route_path;
$lib_uri->rparts = explode('/', $route_path);
break;
}
}
}
// for routed urls end
// filter bad/malacious urls
// (not sure whether we really need this...)
// $route_path = $this->filter_url($route_path);
$parts = explode('/', str_replace('../', '', $route_path));
$path = __SITE_PATH . '/content/controllers/';
// Find right controller including sub-dirs
foreach ($parts as $part) {
$fullpath = $path . $part;
// do we have dir?
if (is_dir($fullpath)) {
$path .= $part . '/';
array_shift($parts);
continue;
}
// find the file
if (is_file($fullpath . '.php')) {
$this->__controller = $part;
array_shift($parts);
break;
}
}
if (empty($this->__controller)) {
if (@$parts[0]) {
$this->__controller = $parts[0];
}
}
if (empty($this->__controller)) {
# default controller
$def_controller = $ezphp_config->get['application']['default_controller'];
$this->__controller = $def_controller ? $def_controller : 'home';
}
$method = '';
if (!empty($parts)) {
$method = array_shift($parts);
}
$this->__action = !empty($method) ? $method : 'index';
$this->__args = $parts;
# do we have the same suffix in url and config file?
if (count($this->__args)) {
if ($this->match_suffix(end($this->__args)) === false) {
# show the 404 error page
$this->error404();
return;
}
}
if ($this->match_suffix($this->__action) === false || $this->match_suffix($this->__controller) === false) {
# show the 404 error page
$this->error404();
return;
}
#########################
# strip url suffix if any
if (count($this->__args)) {
foreach ($this->__args as $key => $value) {
$this->__args[$key] = $this->clean_suffix($value);
}
}
$this->__action = $this->clean_suffix($this->__action);
$this->__controller = $this->clean_suffix($this->__controller);
#################
# is this private action/function?
$private = substr($this->__action, 0, 8);
if (strtolower($private) === "private_") {
# show the 404 error page
$this->error404();
} else {
$this->__file = $path . $this->__controller . '.php';
$this->__file = str_replace('../', '', $this->__file);
}
}
/**
* getUserByLogin - Check login data andset email vars
*
* @access public
* @param $emailname
* @param $password
* @return boolean
*/
public function getUserByLogin($username, $password)
{
$query = "SELECT username, password FROM zp_user \n\t\t WHERE username = :username LIMIT 1";
$stmn = $this->db->{'database'}->prepare($query);
$stmn->bindValue(':username', $username, PDO::PARAM_STR);
$stmn->execute();
$returnValues = $stmn->fetch();
$userCounter = count($returnValues);
$stmn->closeCursor();
//echo 'getUserByLogin count:'. $userCounter;
if ($userCounter === false || !$this->hasher->CheckPassword($password, $returnValues['password'])) {
//echo 'return false<br>';
unset($_SESSION['userdata']);
unset($_SESSION['template']);
unset($_COOKIE);
return false;
} else {
//
$query = "SELECT \n\t\t\t\t\tid,\n\t\t\t\t\tusername,\n\t\t\t\t\trole,\n\t\t\t\t\tlastname AS name\n\t\t\t\t\t\n\t\t\t\t\t\tFROM zp_user \n\t\t\t WHERE username = :username\n\t\t\t LIMIT 1";
//echo $query;
$stmn = $this->db->{'database'}->prepare($query);
$stmn->bindValue(':username', $username, PDO::PARAM_STR);
$stmn->execute();
$returnValues = $stmn->fetch();
$stmn->closeCursor();
$this->name = $returnValues['name'];
$this->mail = $returnValues['username'];
$this->userId = $returnValues['id'];
$user = new users();
$roles = $user->getRole($returnValues['role']);
$this->role = $roles['roleName'];
$setting = new setting();
$roleArray = explode(',', $this->role);
$this->sysOrgs = $setting->getSysOrgsStringByRoles($roleArray);
return true;
}
}
/**
* This escapes data and forces all newline characters to "\n".
*
* @param unknown_type string to clean
* @return string
*/
function clean_input_data($str)
{
$ezphp_config = setting::getInstance();
$xss_filter = $ezphp_config->get['security']['xss_filter'];
if (is_array($str)) {
$new_array = array();
foreach ($str as $key => $val) {
// recursion!
$new_array[$this->clean_input_keys($key)] = $this->clean_input_data($val);
}
return $new_array;
}
if (get_magic_quotes_gpc()) {
// remove annoying magic quotes
$str = stripslashes($str);
}
/*
if ($xss_filter == '1')
{
$str = $this->clean_xss($str);
}
*/
if (strpos($str, "\r") !== false) {
// standardize newlines
$str = str_replace(array("\r\n", "\r"), "\n", $str);
}
return $str;
}
<?php
session_start();
require_once '../config/dbc.php';
require_once '../class/database.php';
require_once '../class/systemSetting.php';
$system = new setting();
$database = new database();
MainConfig::connectDB();
if (array_key_exists("action", $_POST)) {
if ($_POST['action'] == 'get_selected_employee_data') {
$emp_id = $_POST['emp_id'];
$system->prepareSelectQueryForJSON("SELECT\r\n r_employee.emp_id,\r\n r_employee.empno,\r\n r_employee.title,\r\n r_employee.`name`,\r\n r_employee.designation,\r\n r_employee.nic,\r\n r_employee.tel,\r\n r_employee.gender,\r\n r_employee.epfno,\r\n r_employee.basic,\r\n r_employee.reg_date,\r\n r_employee.`status`\r\n FROM\r\n r_employee\r\n where r_employee.`status` = '1' AND\r\n r_employee.emp_id = '{$emp_id}'");
} else {
if ($_POST['action'] == 'save_employee') {
$today = date('Y-m-d');
$data = $_POST['form_data'];
if (empty($data['empno'])) {
echo json_encode(array(array("msgType" => 2, "msg" => "Enter a supplier code")));
return;
}
foreach ($data as $key => $value) {
$data[$key] = mysql_real_escape_string($data[$key]);
}
mysql_query("START TRANSACTION");
$ins = mysql_query("INSERT INTO `r_employee` (\r\n\t`emp_id`,\r\n\t`empno`,\r\n\t`name`,\r\n\t`nic`,\r\n\t`tel`,\r\n\t`gender`,\r\n\t`epfno`,\r\n\t`basic`,\r\n\t`reg_date`,\r\n\t`status`\r\n)\r\nVALUES" . "('{$data['emp_id']}', '{$data['empno']}', '{$data['name']}', '{$data['nic']}', '{$data['tel']}', '{$data['gender']}', '{$data['epfno']}', '{$data['basic']}','{$data['reg_date']}','1')") or die(mysql_error());
$trn = mysql_query("INSERT INTO `transaction` (`tr_type`, `tr_desc`, `tr_date`, `tr_user_id`) VALUES ('INSERT', 'employee-{$data['empno']}', '{$today}', '{$_SESSION['user_id']}')") or die(mysql_error());
if ($ins && $trn) {
mysql_query("COMMIT");
echo json_encode(array(array("msgType" => 1, "msg" => "Employee saved")));
} else {
}
# directory separator
define('DS', DIRECTORY_SEPARATOR);
# sets folder name application resides in.
$_SERVER['PHP_SELF'] = filter_var($_SERVER['PHP_SELF'], FILTER_SANITIZE_STRING);
define('__DIRNAME', dirname($_SERVER['PHP_SELF']));
# sets site path for inclusion of files
define('__SITE_PATH', $_SERVER['DOCUMENT_ROOT'] . __DIRNAME);
# sets absolute site path
define('__SITE_PATH_ABS', realpath(__SITE_PATH));
// save paths for global access
ezphp::ez_set('ez_dir', __DIRNAME);
ezphp::ez_set('ez_site_path', __SITE_PATH);
ezphp::ez_set('ez_site_path_abs', __SITE_PATH_ABS);
# get the site settings
$ezphp_config = setting::getInstance();
// set time zone
if (function_exists('date_default_timezone_set')) {
# default time zone
$timezone = $ezphp_config->get['application']['timezone'];
if (!$timezone) {
$timezone = 'Europe/London';
}
date_default_timezone_set(empty($timezone) ? date_default_timezone_get() : $timezone);
}
$possible_values = array('0', '1');
# security settings ##################################
$error_reporting = $ezphp_config->get['security']['error_reporting'];
error_reporting(strlen(trim($error_reporting)) ? $error_reporting : E_ALL);
$display_errors = $ezphp_config->get['security']['display_errors'];
$xss_filter = $ezphp_config->get['security']['xss_filter'];
<?php /* * Copyright (C) 2014 saez0pub * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; either version 2 * of the License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ include_once dirname(__FILE__) . '/../lib/common.php'; $page = new page(); $content = "\n <div class=row>\n <div class=\"highlight col-md-3\">\n <h1>Paramètres</h1>\n </div>\n <div class=\"col-md-9\">\n"; $settings = new setting(); $settings->prepare(); $content .= $settings->getTable(); $content .= "\n </div>\n </div>\n"; $page->addcontent($content); $page->showPage();
function keywordDataSet($DATA)
{
requireComponent('Textcube.Function.Setting');
$cfg = setting::fetchConfigVal($DATA);
return true;
}
require "order/OrderOnline.php";
$obj = new OrderOnline();
$obj->getPreviousOrderDetails();
break;
case 15:
require "login/UserProfile.php";
$obj = new UserProfile();
$obj->updateProfileInfo();
break;
case 16:
require "order/OrderOnline.php";
$obj = new OrderOnline();
$obj->getUserFavouriteList();
break;
case 17:
require "order/OrderOnline.php";
$obj = new OrderOnline();
$obj->getOfferTabInformation();
break;
case 18:
require 'setting/setting.php';
$obj = new setting();
$obj->calculateLatLong();
break;
case 19:
require 'order/OrderOnline.php';
$obj = new OrderOnline();
$obj->getRestaurantIonic();
break;
}
}
function KeywordLink_setConfig($data)
{
requireComponent('Textcube.Function.Setting');
$cfg = setting::fetchConfigVal($data);
return true;
}
function batch_action(){
if(is_array(front::$post['select']) && !empty(front::$post['select'])){
foreach(front::$post['select'] as $v){
if(!preg_match('/^my_.+/',$v)) {
front::flash('字段名称不正确!');
}
$delete=$this->_table->query("ALTER TABLE `{$this->_table->name}` DROP `".$v."`");
if(!$delete) {
front::flash('字段删除失败!');
}else {
unset(setting::$var[$this->table][$v]);
setting::save();
front::flash('字段删除成功!');
front::redirect(url::modify('act/list',true));
}
}
}
}
$val[vSelf] = $res['self_color'];
$val[vOverall] = $res['overall_color'];
$file = $common->direct_replace($db_object,$file,$val);
echo $file;
}//end view
function save_color($db_object,$common,$default,$user_id,$post_var)
{
$config_table = $common->prefix_table("config");
if($user_id=='1')
{
while(list($key,$value)=each($post_var))
{
$$key = $value;
}
$insert = "update $config_table set commit_color='$fCommitment',accomplish_color='$fAccomplish',
admin_color='$fAdmin',rater1_color='$fRater1',rater2_color='$fRater2',
rater3_color='$fRater3',self_color='$fSelf',overall_color='$fOverall' where id = '1'";
$db_object->insert($insert);
}//check admin
}
}//end class
$ob = new setting;
if($submit!="")
{
$ob->save_color($db_object,$common,$default,$user_id,$post_var);
}
$ob->view_form($db_object,$common,$default,$user_id);
include_once("footer.php");
?>
/**
* displayLink
*/
public function displayLink($module, $name, $params = NULL, $attribute = NULL)
{
$mod = explode('.', $module);
if (is_array($mod) === true && count($mod) == 2) {
$action = $mod[1];
$module = $mod[0];
$mod = $module . '/class.' . $action . '.php';
$setting = new setting();
$available = $setting->getAvailableModules($_SESSION['userdata']['role']);
} else {
$mod = array();
}
$returnLink = false;
if (!empty($available) && in_array($mod, $available) !== false) {
$url = "/" . $module . "/" . $action . "/";
if (!empty($params)) {
foreach ($params as $key => $value) {
$url .= $value . "/";
}
}
$attr = '';
if ($attribute != NULL) {
foreach ($attribute as $key => $value) {
$attr .= $key . " = '" . $value . "' ";
}
}
$returnLink = "<a href='" . $url . "' " . $attr . ">" . $name . "</a>";
}
return $returnLink;
}
<?php
session_start();
require_once '../config/dbc.php';
require_once '../class/database.php';
require_once '../class/systemSetting.php';
$system = new setting();
$database = new database();
MainConfig::connectDB();
if (array_key_exists("action", $_POST)) {
if ($_POST['action'] == 'maker_save') {
$today = date('Y-m-d');
if (empty($_POST['maker_name'])) {
echo json_encode(array(array("msgType" => 2, "msg" => "Enter a Maker Name")));
return;
}
mysql_query("START TRANSACTION");
$ins = mysql_query("INSERT INTO `maker`(`maker_name`, `desc`, `maker_status`) VALUES ('{$_POST['maker_name']}', '{$_POST['maker_desc']}', '1')");
$trn = mysql_query("INSERT INTO `transaction` (`tr_type`, `tr_desc`, `tr_date`, `tr_user_id`) VALUES ('INSERT', 'Maker', '{$today}', '{$_SESSION['user_id']}')");
if ($ins && $trn) {
mysql_query("COMMIT");
echo json_encode(array(array("msgType" => 1, "msg" => "Maker saved")));
} else {
mysql_query("ROLLBACK");
echo json_encode(array(array("msgType" => 2, "msg" => "Could not save")));
}
MainConfig::closeDB();
} else {
if ($_POST['action'] == 'maker_update') {
$today = date('Y-m-d');
$form = $_POST['form_data'];
<?php
//require_once '../class/ap_funtions.php';
require_once '../config/dbc.php';
require_once '../class/database.php';
require_once '../class/systemSetting.php';
//require_once '../class/functionsByKIT.php';
$system = new setting();
$database = new database();
//$pasdManage = new MainConfig();
if (array_key_exists("action", $_POST)) {
if ($_POST['action'] == 'saveAdminLevels') {
MainConfig::connectDB();
$getSeqno = mysql_query("SELECT\nin_usrlevel.usrLvlPrvSeq,\nin_usrlevel.lvID\nFROM\nin_usrlevel\nWHERE in_usrlevel.usrLvlPrvSeq != '20'");
$count = mysql_num_rows($getSeqno);
$seqNo = $count + 1;
$system->prepareCommandQueryForAlertify("INSERT INTO `in_usrlevel` (`lvName`, `usrLvlPrvSeq`) VALUES ('{$_POST['userLevel']}', '{$seqNo}');", "Successfully Saved", "Sorry ..! Counld Not Be Saved");
} else {
if ($_POST['action'] == 'userLevelTbl') {
$system->prepareSelectQueryForJSON("SELECT\nin_usrlevel.lvID,\nin_usrlevel.lvName,\nin_usrlevel.usrLvlPrvSeq\nFROM\nin_usrlevel\nORDER BY in_usrlevel.lvID DESC");
} else {
if ($_POST['action'] == 'deleteUserLevel') {
$system->prepareCommandQueryForAlertify("DELETE FROM `in_usrlevel` WHERE (`lvID`='{$_POST['userLevelId']}')", "Successfully Deleted", "Sorry ..! Counld Not Be Deleted");
} else {
if ($_POST['action'] == 'loadUserLevelCombo') {
$system->prepareSelectQueryForJSON("SELECT\nin_usrlevel.lvName,\nin_usrlevel.lvID,\nin_usrlevel.usrLvlPrvSeq\nFROM\nin_usrlevel\nWHERE in_usrlevel.usrLvlPrvSeq != '20'");
} else {
if ($_POST['action'] == 'loadPrivillegeCombo') {
$system->prepareSelectQueryForJSON("SELECT\nin_sysprvlg.prvCode,\nin_sysprvlg.usrPrvMnuName\nFROM `in_sysprvlg`\n");
} else {
if ($_POST['action'] == 'selectUlevel') {
<?php
session_start();
require_once '../config/dbc.php';
require_once '../class/database.php';
require_once '../class/systemSetting.php';
$system = new setting();
$database = new database();
MainConfig::connectDB();
if (array_key_exists("action", $_POST)) {
if ($_POST['action'] == 'update_emp_data') {
$emp_name = mysql_real_escape_string($_POST['emp_name']);
$system->prepareCommandQueryForAlertify("UPDATE `r_employee` SET `emp_id`='{$_POST['emp_id']}', `name`='{$_POST['emp_name']}", "Successfully Updated Employee Data", "Sorry ! Could not be Update");
} else {
if ($_POST['action'] == 'del_emp') {
$system->prepareCommandQueryForAlertify("DELETE FROM `r_employee` WHERE (`emp_id`='{$_POST['emp_id']}')", "Successfully Deleted Employee", "Sorry ! Could not be Delete");
} else {
if ($_POST['action'] == 'check_emp_no') {
$data = $system->prepareSelectQuery("SELECT\r\n COUNT(r_employee.emp_id) AS tot\r\n FROM `employee`\r\n WHERE\r\n lms_emp_data.lms_emp_NO = '{$_POST['id']}'");
if (!empty($data)) {
echo $current_tot = $data[0]['tot'];
}
} else {
if ($_POST['action'] == 'select_emp') {
$system->prepareSelectQueryForJSON("SELECT\r\n r_employee.emp_id,\r\n r_employee.name,\r\n r_employee.gender\r\n r_employee.nic,\r\n FROM r_employee\r\n WHERE\r\n r_employee.emp_id = {$_POST['emp_id']}");
} else {
if ($_POST['action'] == 'save_paysheet') {
// $query = "INSERT INTO `paysheet` (`paysheet_id`,`emp_id`,`emp_name`,`nicno`,`nopay`,`late`,`meal`,`hours`,`hourlyrate`,`advance`,`basic`,`epfno`,`sallary`,`date`) VALUES ('{$_POST['paysheet_id']}','{$_POST['emp_id']}','{$_POST['name']}','{$_POST['nic']}','{$_POST['nopay']}','{$_POST['late']}','{$_POST['meal']}','{$_POST['othours']}','{$_POST['otrate']}','{$_POST['advance']}','{$_POST['basic']}','{$_POST['epfno']}',{$_POST['sallary']}','{$_POST['date']}')" ;
$query = "INSERT INTO `r_paysheet` (`paysheet_id`,`emp_id`,`emp_name`,`nicno`,`nopay`,`late`,`meal`,`hours`,`hourlyrate`,`advance`,`basic`,`epfno`,`sallary`,`epfval`,`date`) VALUES ('{$_POST['paysheet_id']}','{$_POST['emp_id']}','{$_POST['name']}','{$_POST['nic']}','{$_POST['nopay']}','{$_POST['late']}','{$_POST['meal']}','{$_POST['othours']}','{$_POST['otrate']}','{$_POST['advance']}','{$_POST['basic']}','{$_POST['epfno']}','{$_POST['salary']}','{$_POST['epfval']}','{$_POST['date']}')";
$errMsg = "paysheet not added to the database";
$succMsg = "employee paysheet was sucessfully added to the database";
$obj = new setting();
$obj->updateRestaurantLogo();
break;
case 21:
require "setting/setting.php";
$obj = new setting();
$obj->updateRestaurantSliderImage();
break;
case 22:
require "setting/setting.php";
$obj = new setting();
$obj->updateRestaurantReservationInfo();
break;
case 23:
require "setting/setting.php";
$obj = new setting();
$obj->updasteDeliveryPostcodeList();
break;
/***********Update From Backoffice ENDS***************/
/***********Update From Backoffice ENDS***************/
case 24:
//incomplete
require 'order/OrderOnline.php';
$obj = new OrderOnline();
$obj->getRestaurantBusinessHour();
break;
case 25:
require 'order/OrderOnline.php';
$obj = new OrderOnline();
$obj->getRestaurantDeliveryArea();
break;
