public static function addToNapravList($disc_id, $naprav_ids) { if (!is_array($naprav_ids) || empty($naprav_ids)) { return false; } self::deleteAllFromNaprav($disc_id); foreach ($naprav_ids as $naprav_id) { db::insert(TABLE_DISCIPLINE_TO_NAPRAVL, array('napravl_id' => $naprav_id, 'discipline_id' => $disc_id)); } return true; }
public static function addDisciplines($author_id, $disciplines_ids) { self::deleteDisciplines($author_id); foreach ($disciplines_ids as $discipline_id) { if (empty($discipline_id)) { continue; } db::insert(TABLE_AUTHOR_TO_DISCIPLINE, array('author_id' => $author_id, 'discipline_id' => $discipline_id)); $napravls_ids = Disciplines::getNapravListAsArray($discipline_id); foreach ($napravls_ids as $napravl_id) { db::replace(TABLE_AUTHOR_TO_NAPRAVL, array('author_id' => $author_id, 'napravl_id' => $napravl_id)); } } }
function editclient_exec($Frm, $Err) { if (!$Err) { $client_info = Client::find($Frm->GetNmValueI("id")); if (!$client_info) { $Frm->_gui->ERR("Клиент не найден"); page_reloadToSec(2); } $filial_id = $Frm->GetNmValueI("filial_id"); if (empty($filial_id)) { $Frm->_gui->ERR("Не указан филиал"); return; } $new_password = $client_info['hpwd']; $pwd = $client_info['password']; if ($Frm->GetNmValueH("newpwd") != "") { if ($Frm->GetNmValueI("genpwd")) { $pwd = generate_pasw(5); } else { $pwd = $Frm->GetNmValueI("newpwd"); } if (strlen($pwd) < 5) { $Frm->_gui->ERR("Длина пароля должна быть не менее 5 символов"); return; } if (strlen($pwd) > 20) { $Frm->_gui->ERR("Длина пароля должна быть не более 20 символов"); return; } $eml = strtolower($Frm->GetNmValueH("email")); $new_password = md5($pwd . $eml); } db::insert(TABLE_CLIENTS_HISTORY, array('change_date' => time(), 'change_user_id' => $_SESSION['user']['data']['id'], 'client_id' => $client_info["id"], 'filial_id_new' => $filial_id, 'fio_new' => $Frm->GetNmValueH("fio"), 'hpwd_new' => $new_password, 'email_new' => $Frm->GetNmValueH("email"), 'telnum_new' => $Frm->GetNmValueH("telnum"), 'city_new' => $Frm->GetNmValueH("city"), 'icq_new' => $Frm->GetNmValueH("icq"), 'skype_new' => $Frm->GetNmValueH("skype"), 'contacts_new' => $Frm->GetNmValueH("contacts"), 'about_new' => $Frm->GetNmValueH("about"), 'filial_id_old' => $client_info['filial_id'], 'fio_old' => $client_info['fio'], 'hpwd_old' => $client_info['hpwd'], 'email_old' => $client_info['email'], 'telnum_old' => $client_info['telnum'], 'city_old' => $client_info['city'], 'icq_old' => $client_info['icq'], 'skype_old' => $client_info['skype'], 'contacts_old' => $client_info['contacts'], 'about_old' => $client_info['about'])); Client::update($client_info['id'], array('filial_id' => $filial_id, 'fio' => $Frm->GetNmValueH("fio"), 'email' => $Frm->GetNmValueH("email"), 'telnum' => $Frm->GetNmValueH("telnum"), 'city' => $Frm->GetNmValueH("city"), 'hpwd' => $new_password, 'password' => $pwd, 'icq' => $Frm->GetNmValueH("icq"), 'skype' => $Frm->GetNmValueH("skype"), 'contacts' => $Frm->GetNmValueH("contacts"), 'about' => $Frm->GetNmValueH("about"), 'ref_id' => $Frm->GetNmValueI('ref'), 'from_id' => $Frm->GetNmValueI('client_from'))); db::update(TABLE_ORDERS, array('filial_id' => $filial_id), 'klient_id = ' . $client_info["id"]); $Frm->_gui->OK("Сохранено"); page_reloadAll(); } }
function import_city_exec($Frm, $Err) { if (!$Err) { $v = $Frm->GetValue(0); if (!strpos($v["type"], "ms-excel")) { $Frm->_gui->informer->ERR("Неправильный тип файла"); page_reloadSubSec(); } else { $s = ""; if ($Frm->GetValue(1)) { db::truncate(TABLE_CITIES); $s = "Таблица очищена. "; } include_once "ext/Excel/reader.php"; $data = new Spreadsheet_Excel_Reader($v["tmp_name"]); if ($data->sheets[0]['numCols'] != 1) { $Frm->_gui->informer->ERR("В таблице должна быть 1 колонка"); page_reloadSubSec(); return; } for ($i = 1; $i <= $data->sheets[0]['numRows']; $i++) { db::insert(TABLE_CITIES, array('name' => htmlspecialchars($data->sheets[0]['cells'][$i][1]))); } $Frm->_gui->informer->OK($s . "Добавлено " . $data->sheets[0]['numRows'] . " строк"); page_reloadSubSec(); } } }
function loginform_exec($Frm, $Err) { if ($Err) { $Frm->_gui->Vars["login_message"] = "Ошибки при заполнении формы"; return; } // clr db::delete(TABLE_LOGIN_HOST, "time < " . (time() - 900)); $last_login_time = db::get_arrays("SELECT time FROM " . TABLE_LOGIN_HOST . " WHERE ip = '" . db::input($_SERVER["REMOTE_ADDR"]) . "' ORDER BY time"); $cnt = count($last_login_time); $rowx["time"] = 0; if ($cnt) { $rowx = $last_login_time[0]; } $user = Employee::findOneBy(array('email' => strtolower($Frm->GetValue(0)), 'hpwd' => md5($Frm->GetValue(1) . $Frm->GetValue(0)))); if (!$user || $cnt > 2) { if ($cnt > 1) { $t = 900 - time() + $rowx["time"]; if ($t > 60) { $w = floor($t / 60) . " мин."; } else { $w = " минуту"; } $Frm->_gui->Vars["login_message"] = "Попытки исчерпаны. Подождите " . $w; } else { $Frm->_gui->Vars["login_message"] = "Ошибка. Осталось попыток: " . (2 - $cnt); db::insert(TABLE_LOGIN_HOST, array('ip' => $_SERVER['REMOTE_ADDR'], 'time' => time())); } return; } else { // ok if ($user["blocked"] || $user["black_list"]) { $Frm->_gui->Vars["login_message"] = "Доступ запрещен"; return; } $ll = array(); if ($user["last_login"]) { $ll = unserialize($user["last_login"]); while (count($ll) > 99) { array_shift($ll); } } $ll[] = array("ip" => $_SERVER['REMOTE_ADDR'], "time" => time()); Employee::update($user['id'], array('last_act' => time(), 'last_login' => serialize($ll))); unset($user["last_act"]); unset($user["last_login"]); $_SESSION["user"]["auth"] = true; $_SESSION["user"]["data"] = $user; page_reload(); } }
/** * @param array $data * * @return int * @throws InvalidArgumentException */ public static function create(array $data) { if (empty($data) || !is_array($data)) { throw new InvalidArgumentException(self::getEntity()); } db::insert(static::TABLE, $data); return db::insert_id(); }
function edit_order($Frm, $Err) { if (!$Err) { $order_id = $Frm->GetNmValueI('id'); $order_info = Order::find($order_id); $klient = kln_get($Frm->GetNmValueI("klient")); if (!$klient) { $Frm->_gui->ERR("Клиент не найден"); return; } // Филиал клиента соотв филиалу сотрудника, если сотрудник рук то неважно if ($_SESSION["user"]["data"]["group_id"] == 1 || $_SESSION["user"]["data"]["group_id"] == 0 || $_SESSION["user"]["data"]["filial_id"] == $klient["filial_id"]) { } else { $Frm->_gui->ERR("Филиал клиента и сотрудника не совпадают"); return; } if ($Frm->GetNmValue("work") == 0 && !strlen($Frm->GetNmValue("work_usr"))) { $Frm->_gui->ERR("Не указан вид работы"); return; } $disciplina = trim($Frm->GetNmValue("disc_usr")); if (!strlen($disciplina)) { $Frm->_gui->ERR("Не указана дисциплина"); return; } $pmin = $Frm->GetNmValueI("pgmin"); $pmax = $Frm->GetNmValueI("pgmax"); // if ($pmax && ($pmax < $pmin)) { // $Frm->_gui->ERR("Неверно указано макс. число страниц"); // return; // } $pmin = $Frm->GetNmValueI("srcmin"); $pmax = $Frm->GetNmValueI("srcmax"); // if ($pmax && ($pmax < $pmin)) { // $Frm->_gui->ERR("Неверно указано макс. число источников"); // return; // } if (!$Frm->GetNmValueI("pole_t") || !$Frm->GetNmValueI("pole_b") || !$Frm->GetNmValueI("pole_l") || !$Frm->GetNmValueI("pole_r")) { $Frm->_gui->ERR("Не указаны размеры полей в оформлении"); return; } $changes = array(); $kln_date = utils_cvt_date2i($Frm->GetNmValueH("date")); $rel_date = utils_cvt_date2i($Frm->GetNmValueH("next_rel_date")); $showOtdelKcomment = is_otdel_K($_SESSION["user"]["data"]['id']) || is_director($_SESSION["user"]["data"]['id']) || is_manager($_SESSION["user"]["data"]['id']); if ($showOtdelKcomment) { $ok_comment = $Frm->GetNmValueH("ok_comment"); } else { $ok_comment = $order_info['ok_comment']; } if ($ok_comment != $order_info['ok_comment']) { $changes[] = "'комментарий ОК' с " . $order_info['ok_comment'] . " на " . $ok_comment; $ok_comment_date = time(); } else { $ok_comment_date = $order_info['ok_comment_date']; } $oform = array(); $oform[] = $Frm->GetNmValueI("fontnm"); $oform[] = $Frm->GetNmValueI("fontsz"); $oform[] = $Frm->GetNmValueI("interval"); $oform[] = $Frm->GetNmValueI("links"); $oform[] = $Frm->GetNmValueI("pole_t"); $oform[] = $Frm->GetNmValueI("pole_b"); $oform[] = $Frm->GetNmValueI("pole_l"); $oform[] = $Frm->GetNmValueI("pole_r"); $oform[] = $Frm->GetNmValueI("pagenums"); $oform = serialize($oform); try { $discipline = Discipline::find($disciplina); } catch (Exception $e) { $discipline = Discipline::findOneBy(array('name' => $disciplina)); } if (!$discipline) { $disc_id = Discipline::create(array('name' => $disciplina, 'code' => '')); Disciplines::addToDefaultNaprav($disc_id); } else { $disc_id = $discipline['id']; } $order_status_id = $Frm->GetNmValueI("status_id"); db::insert("orders_changes_history", array('change_date' => time(), 'change_user_id' => $_SESSION['user']['data']['id'], 'order_id' => $order_id, 'filial_id_new' => $klient["filial_id"], 'klient_id_new' => $klient["id"], 'vuz_id_new' => $Frm->GetNmValueI("vuz"), 'vuz_user_new' => $Frm->GetNmValueH("vuz_usr"), 'type_id_new' => $Frm->GetNmValueI("work"), 'type_user_new' => $Frm->GetNmValueH("work_usr"), 'napr_id_new' => $Frm->GetNmValueI("napr"), 'disc_id_new' => $disc_id, 'disc_user_new' => $Frm->GetNmValueH("disc_usr"), 'time_kln_new' => $kln_date, 'cost_kln_new' => $Frm->GetNmValueI("cost"), 'payment_id_new' => $Frm->GetNmValueI("opl"), 'subject_new' => $Frm->GetNmValueH("subj"), 'about_kln_new' => $Frm->GetNmValueH("treb"), 'about_mng_new' => $Frm->GetNmValueH("rem"), 'kurs_new' => $Frm->GetNmValueI("kurs"), 'prakt_pc_new' => $Frm->GetNmValueI("prakt"), 'pages_min_new' => $Frm->GetNmValueI("pgmin"), 'pages_max_new' => $Frm->GetNmValueI("pgmax"), 'src_min_new' => $Frm->GetNmValueI("srcmin"), 'src_max_new' => $Frm->GetNmValueI("srcmax"), 'from_id_new' => $Frm->GetNmValueI("take"), 'oform_new' => $oform, 'next_rel_date_new' => $rel_date, 'status_id_new' => $order_status_id, 'ok_comment_new' => $ok_comment, 'ok_comment_date_new' => $ok_comment_date, 'payment_comment_new' => $Frm->GetNmValueH("payment_comment"), 'cost_auth_new' => $Frm->GetNmValueI("cost_auth"), 'time_auth_new' => $kln_date, 'oplata_kln_new' => $Frm->GetNmValueI("oplata_kln"), 'author_paid_new' => $Frm->GetNmValueI("author_paid"), 'company_paid_new' => $order_info['company_paid'], 'filial_id_old' => $order_info['filial_id'], 'klient_id_old' => $order_info['klient_id'], 'vuz_id_old' => $order_info['vuz_id'], 'vuz_user_old' => $order_info['vuz_user'], 'type_id_old' => $order_info['type_id'], 'type_user_old' => $order_info['type_user'], 'napr_id_old' => $order_info['napr_id'], 'disc_id_old' => $order_info['disc_id'], 'disc_user_old' => $order_info['disc_user'], 'time_kln_old' => $order_info['time_kln'], 'cost_kln_old' => $order_info['cost_kln'], 'payment_id_old' => $order_info['payment_id'], 'subject_old' => $order_info['subject'], 'about_kln_old' => $order_info['about_kln'], 'about_mng_old' => $order_info['about_mng'], 'kurs_old' => $order_info['kurs'], 'prakt_pc_old' => $order_info['prakt_pc'], 'pages_min_old' => $order_info['pages_min'], 'pages_max_old' => $order_info['pages_max'], 'src_min_old' => $order_info['src_min'], 'src_max_old' => $order_info['src_max'], 'from_id_old' => $order_info['from_id'], 'oform_old' => $order_info['oform'], 'next_rel_date_old' => $order_info['next_rel_date'], 'status_id_old' => $order_info['status_id'], 'ok_comment_old' => $order_info['ok_comment'], 'ok_comment_date_old' => $order_info['ok_comment_date'], 'payment_comment_old' => $order_info['payment_comment'], 'cost_auth_old' => $order_info['cost_auth'], 'time_auth_old' => $order_info['time_auth'], 'oplata_kln_old' => $order_info['oplata_kln'], 'author_paid_old' => $order_info['author_paid'], 'company_paid_old' => $order_info['company_paid'])); $time_kln_r = 0; if (get_status_iname($order_status_id) == 'ORDER_GIVEN') { $time_kln_r = time(); } if (get_order_status($order_id) == 'ORDER_GIVEN') { $time_kln_r = $order_info['time_kln_r']; } Order::update($order_id, array("filial_id" => $klient["filial_id"], "manager_id" => $order_info['manager_id'], "author_id" => $order_info['author_id'], "klient_id" => $klient["id"], "parent_id" => 0, "vuz_id" => $Frm->GetNmValueI("vuz"), "vuz_user" => $Frm->GetNmValueH("vuz_usr"), "type_id" => $Frm->GetNmValueI("work"), "type_user" => $Frm->GetNmValueH("work_usr"), "napr_id" => $Frm->GetNmValueI("napr"), "disc_id" => $disc_id, "disc_user" => '', "time_kln" => $kln_date, "time_kln_r" => $time_kln_r, "cost_kln" => $Frm->GetNmValueI("cost"), "cost_auth" => $Frm->GetNmValueI("cost_auth"), "oplata_kln" => $Frm->GetNmValueI("oplata_kln"), "payment_id" => $Frm->GetNmValueI("opl"), "raspred_srok" => 0, "raspred_auth" => "", "subject" => $Frm->GetNmValueH("subj"), "about_kln" => $Frm->GetNmValueH("treb"), "about_mng" => $Frm->GetNmValueH("rem"), "kurs" => $Frm->GetNmValueI("kurs"), "prakt_pc" => $Frm->GetNmValueI("prakt"), "pages_min" => $Frm->GetNmValueI("pgmin"), "pages_max" => $Frm->GetNmValueI("pgmax"), "src_min" => $Frm->GetNmValueI("srcmin"), "src_max" => $Frm->GetNmValueI("srcmax"), "from_id" => $Frm->GetNmValueI("take"), "oform" => $oform, "next_rel_date" => $rel_date, 'status_id' => $order_status_id, 'ok_comment' => $ok_comment, 'ok_comment_date' => $ok_comment_date, 'author_paid' => $Frm->GetNmValueI("author_paid"))); $Frm->_gui->OK("Заказ обновлен"); switch ($Frm->GetNmValueI("next")) { case 1: unset($_SESSION["repeat_order"]); header("location: /index.php?section=ord&subsection=2&p=2&order=" . $order_id); die; break; case 2: $_SESSION["repeat_order"] = $Frm->GetAllNmValues(); page_reloadToSec(1); break; case 0: default: unset($_SESSION["repeat_order"]); header("location: /index.php?section=ord&subsection=2"); die; break; } } }
function add_city_to_filial($filial_id, $cities) { delete_city_to_filial($filial_id); foreach ($cities as $city_id) { if (empty($city_id)) { continue; } db::insert("filial_to_city", array('filial_id' => $filial_id, 'city_id' => $city_id)); } }
if (!$_SESSION["user"]["auth"]) { die("запрещено"); } if (isset($_POST['module']) && count($_POST['module'])) { global $GUI; $role_id = $_POST['role_id']; db::delete(TABLE_ROLES_TO_MODULES, "role_id = " . $role_id); db::delete(TABLE_ROLES_TO_SUBMODULES, "role_id = " . $role_id); db::delete(TABLE_ROLES_TO_COMMANDS, "role_id = " . $role_id); db::delete(TABLE_ROLES_TO_COLUMNS, "role_id = " . $role_id); foreach ($_POST['module'] as $module_id => $enabled) { db::insert(TABLE_ROLES_TO_MODULES, array('role_id' => $role_id, 'module_id' => $module_id)); } if (count($_POST['submodule'])) { foreach ($_POST['submodule'] as $submodule_id => $enabled) { db::insert(TABLE_ROLES_TO_SUBMODULES, array('role_id' => $role_id, 'submodule_id' => $submodule_id)); } } if (count($_POST['command'])) { foreach ($_POST['command'] as $command_id => $enabled) { db::insert(TABLE_ROLES_TO_COMMANDS, array('role_id' => $role_id, 'command_id' => $command_id)); } } if (count($_POST['column'])) { foreach ($_POST['column'] as $column_id => $enabled) { db::insert(TABLE_ROLES_TO_COLUMNS, array('role_id' => $role_id, 'column_id' => $column_id)); } } $GUI->OK("Права сохранены"); header('Location: /index.php?section=rights'); }