function execChangeProfile($firstname, $lastname, $sex, $departmentID) { if (!isValidName($firstname) || !isValidName($lastname)) { return "Please enter valid names!"; } if (!isValidID($departmentID)) { return "Invalid department id!"; } $departDAO = new DepartmentDAO(); $depart = $departDAO->getDepartmentByID($departmentID); if ($depart === null) { return "Could not find the depart!"; } $userDAO = new UserDAO(); $user = $userDAO->getUserByID($_SESSION["userID"]); $user->setDepartment($depart); if ($user->getFirstName() != $firstname) { $user->setFirstName($firstname); } if ($user->getLastName() != $lastname) { $user->setLastName($lastname); } if ($user->getGender() != $sex) { $user->setGender($sex); } if (isset($_FILES["uploadphoto"])) { $ans = uploadPhoto($user, $_FILES["uploadphoto"]); if ($ans !== true) { return $ans; } } $userDAO->updateUser($user); return true; }
function displayDepartUser($departID, $userID) { $tpl = new FastTemplate("templates/"); $tpl->define(array("user" => "index/user.html", "department" => "index/department.html", "depart_user" => "index/depart_user.html", "header" => "index/header.html")); $departDAO = new DepartmentDAO(); $depart = $departDAO->getDepartmentByID($departID); if ($departID == "1" || $depart === null) { $tpl->assign("INDEX_DEPART_USER_HEADER", ""); } else { $tpl->assign("INDEX_HEADER_NAME", $depart->getDepartmentName()); $tpl->parse("INDEX_DEPART_USER_HEADER", "header"); } $result = findDepartAndUser($departID, $userID); if ($result === false || count($result) === 0) { $tpl->assign("INDEX_DEPART_USER", ""); } else { foreach ($result as $node) { if ($node["type"] == 1) { $tpl->assign("INDEX_DEPARTID", $node["id"]); $tpl->assign("INDEX_DEPART_NAME", $node["name"]); $tpl->parse("INDEX_DEPART_USER", ".department"); } elseif ($node["type"] == 2) { $tpl->assign("INDEX_USERID", $node["id"]); $tpl->assign("INDEX_USER_NAME", $node["name"]); $tpl->parse("INDEX_DEPART_USER", ".user"); } } } $tpl->parse("MAIN", "depart_user"); $tpl->FastPrint(); }
function execSignup($username, $password, $confirmpw, $firstname, $lastname, $gender) { if ($username == "" || !isValidUsername($username)) { return "Username is empty or invalid!"; } if ($password == "" || !isValidPassword($password)) { return "Password is empty or invalid!"; } if ($confirmpw == "" || !isValidPassword($confirmpw)) { return "Confirm Password is empty or invalid!"; } if ($firstname == "" || !isValidName($firstname)) { return "First Name is empty or invalid!"; } if ($lastname == "" || !isValidName($lastname)) { return "Last Name is empty or invalid!"; } if ($gender == "" || !isValidGender($gender)) { return "Gender is empty or invalid!"; } $userDAO = new UserDAO(); //verify username exist $result = $userDAO->getUserByUsername($username); if ($result !== null) { return "Username exists, please change to another one!"; } //verify $password == $confirmpw if ($password != $confirmpw) { return "Password and Confirm Password must be same!"; } $roleDAO = new RoleDAO(); $role = $roleDAO->getRoleByID(3); //normal user $departmentDAO = new DepartmentDAO(); $depart = $departmentDAO->getDepartmentByID(1); //root department $encryptPW = encryptPassword($password); $photoURL = "photo/default.png"; $user = new User($role, $depart, $username, $encryptPW, $firstname, $lastname, $gender, $photoURL); if ($userDAO->insertUser($user) === true) { return true; } else { return "Insert user into table error, please contact administrator!"; } }
function execEditDep($userID, $departmentID, $departmentName) { if (!isValidID($departmentID)) { return "Invalid parent ID!"; } if (!isValidDepartmentName($departmentName)) { return "Invalid department name!"; } $departDAO = new DepartmentDAO(); $depart = $departDAO->getDepartmentByID($departmentID); if ($depart === null) { return "Could not find this department!"; } $userDAO = new UserDAO(); $user = $userDAO->getUserByID($userID); $role = $user->getRole(); if ($role->getRoleID() == "4" || $role->getRoleID() == "3") { return "You have no right to do this!"; } $depart->setDepartmentName($departmentName); $departDAO->updateDepartment($depart); return true; }
function maintainDepartment($adminID, $departmentID, $newDepartmentName) { $userDAO = new UserDAO(); $admin = $userDAO->getUserByID($adminID); if ($admin->getRole()->getRoleID !== 1 || $admin->getRole()->getRoleID !== 2) { return "You do not have the right to add department!"; } $departmentDAO = new DepartmentDAO(); $department = $departmentDAO->getDepartmentByID($departmentID); $department->setDepartmentName($newDepartmentName); $departmentDAO->updateDepartment($department); //need function }