/** * * Adds new party to the database * @param str $type - type of te party * @param str $user_login_id - login of the person who created the party * * @return arr - the new party */ function party_add($id, $type, $user_login_id, $data_source_id) { $return = false; if (!party_exists($id)) { $query = "INSERT INTO party (PARTY_ID, PARTY_TYPE_ID, CREATED_DATE, CREATED_BY_USER_LOGIN, DATA_SOURCE_ID, CREATED_STAMP, CREATED_TX_STAMP)\n\t\t\t\t VALUES ('{$id}', '" . esc($type) . "', NOW(), '" . esc($user_login_id) . "', '" . esc($data_source_id) . "', '" . now() . "', NOW())"; db_query($query); $return = $id; } else { throw new RuntimeException('A client witht his ID already exists'); } return $return; }
if (isset($_GET['VIEW']) && !empty($_GET['VIEW']) || isset($_GET['PROFILE']) && !empty($_GET['PROFILE'])) { // Login as the user if (isset($_GET['VIEW'])) { $client_id = $_GET['VIEW']; $redirect_url = '/dashboard/dashboard'; } else { $client_id = $_GET['PROFILE']; $redirect_url = '/users/profile'; } $_SESSION['FAKE_LOGIN'] = $_SESSION['user']['PARTY_ID']; $client = users_get_login($client_id); user_login($client['USER_LOGIN_ID'], $client['CURRENT_PASSWORD']); $_SESSION['user']['IS_ADMIN'] = false; $_SESSION['user']['LAST_ACTION'] = time(); header(sprintf('location: %s', $redirect_url)); exit; } if (isset($_GET['DELETE']) && !empty($_GET['DELETE'])) { if (!party_exists($_GET['DELETE'])) { $errors[] = sprintf('Customer with id %s does not exist', $_GET['DELETE']); } else { $person = person_get($_GET['DELETE']); person_status_update($_GET['DELETE'], DELETED); $success[] = sprintf('Customer: %s %s has been marked as deleted', $person['FIRST_NAME'], $person['LAST_NAME']); } } $page = forms_get_page(); $customers = users_get_clients($page, 'pe.FIRST_NAME', 'ASC'); $template = set_template('users', 'index'); $link = THEME . 'template.php'; require_once $link;