public static function MIME()
{
$link = AdminUtility::getDefaultDBConnection();
$query = "select value from settings where name='MIME_ebooks'";
$result = mysqli_query($link, $query);
$row = mysqli_fetch_array($result);
$value = $row['value'];
return explode(',', $value);
}
public static function MIME()
{
$array = array();
$query = "select value from settings where name='MIME_ebooks' or name='MIME_videos'";
$link = AdminUtility::getDefaultDBConnection();
$result = mysqli_query($link, $query);
while ($row = mysqli_fetch_array($result)) {
$value = $row['value'];
$array = array_merge($array, explode(',', $value));
}
return $array;
}
function totalSmsSent($user_id)
{
$query = "select sum(num_delivered) as num from messenger_log where user_id = '" . $user_id . "' and is_sent=1";
$link = AdminUtility::getDefaultDBConnection();
$result = mysqli_query($link, $query);
if ($result) {
$row = mysqli_fetch_array($result);
return $row['num'];
}
//Log error
AdminUtility::logMySQLError($link);
return false;
}
$sort_type = AdminUtility::SORT_USER_TYPE_LASTNAME;
$order = AdminUtility::ORDER_ASC;
$searchQuery = "";
if (isset($array['search_button'])) {
//$array from index.php
//process POST requests
$searchQuery = html_entity_decode(filter_input(INPUT_POST, "search"));
$sort_type = html_entity_decode(filter_input(INPUT_POST, "sort_type"));
$order = html_entity_decode(filter_input(INPUT_POST, "sort_order"));
$users = AdminUtility::searchUsers($searchQuery, false, false, $sort_type, $order);
//Get back url
$url = urldecode(filter_input(INPUT_POST, "url"));
} else {
//Get back url
$url = urldecode(filter_input(INPUT_GET, "url"));
$users = AdminUtility::getActiveUsers();
}
?>
<!--
Copyright 2015 NACOSS UNN Developers Group (NDG).
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
$id = filter_input(INPUT_GET, "id");
//URL for back link
$url = filter_input(INPUT_GET, "url");
$array = AdminUtility::getUserInfo($id);
if (empty($array)) {
?>
<p>User information is not available</p>
<a href="<?php
echo $url;
?>
">
<i class="icon-arrow-left-2"></i> Back
</a>
<?php
} else {
?>
<div>
<h2><?php
echo $array['last_name'] . " " . $array['first_name'];
public function download()
{
$link = AdminUtility::getDefaultDBConnection();
///
}
$success = false;
$error_message = $exc->getMessage();
}
$users = AdminUtility::searchUsers($searchQuery, false, true, $sort_type, $order);
} else {
//Process GET requests or no requests
$page = filter_input(INPUT_GET, "pg");
if (isset($page)) {
//if switching page, repeat search
$searchQuery = filter_input(INPUT_GET, "q");
$sort_type = filter_input(INPUT_GET, "s");
$order = filter_input(INPUT_GET, "o");
$users = AdminUtility::searchUsers($searchQuery, false, true, $sort_type, $order);
} else {
$page = 1;
$users = AdminUtility::getSuspendedUsers();
}
}
?>
<!--
Copyright 2015 NACOSS UNN Developers Group (NDG).
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
$success = false;
$error_message = $exc->getMessage();
}
$users = AdminUtility::searchUsers($searchQuery, true, false, $sort_type, $order);
} else {
//Process GET requests or no requests
$page = filter_input(INPUT_GET, "pg");
if (isset($page)) {
//if switching page, repeat search
$searchQuery = filter_input(INPUT_GET, "q");
$sort_type = filter_input(INPUT_GET, "s");
$order = filter_input(INPUT_GET, "o");
$users = AdminUtility::searchUsers($searchQuery, true, false, $sort_type, $order);
} else {
$page = 1;
$users = AdminUtility::getDeletedUsers();
}
}
?>
<!--
Copyright 2015 NACOSS UNN Developers Group (NDG).
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
function getExecutivePosts()
{
$posts = array();
$query = "select * from posts";
$link = AdminUtility::getDefaultDBConnection();
$result = mysqli_query($link, $query);
if ($result) {
while ($row = mysqli_fetch_array($result)) {
$posts[] = $row;
}
}
//Log error
AdminUtility::logMySQLError($link);
return $posts;
}
$num_of_recipients = count($required_contacts);
$cost = $num_of_recipients * $num_of_sms_pages;
if ($balance > $cost) {
$settings = $admin->getSettings();
$gateway = $settings['sms_api_gatewayURL']['value'];
$username = $settings['sms_api_gatewayUsername']['value'];
$password = $settings['sms_api_gatewayPassword']['value'];
$sms = new SMS($gateway, $username, $password, $sender_id, $message_body, $recipients);
if ($sms->send()) {
$units_used = $sms->get_unitsUsed();
$q2 = "update messenger_sms_biller set units_used=(units_used + " . $units_used . ") where user_id='" . $admin->getAdminID() . "'";
$q3 = "insert into messenger_log values(NULL,'" . $admin->getAdminID() . "','{$message_body}','{$recipients}'," . time() . ",1," . time() . "," . $units_used . ")";
$result2 = mysqli_query($link, $q2);
AdminUtility::logMySQLError($link);
$result3 = mysqli_query($link, $q3);
AdminUtility::logMySQLError($link);
}
$responce = $sms->get_responseText();
} else {
$responce = "You do not have enough balance at the moment.<br/>";
$responce .= "You need additional " . ($cost - $balance) . " units to complete this action.";
}
} elseif ($type == 'email') {
if (mail($recipients, 'Subject: ' . $subject, wordwrap($message, 70, '\\r\\n'), 'From: ' . $reply_to . '\\r\\n' . 'Reply-To: ' . $contact_email . '\\r\\n' . 'X-Mailer: PHP/' . phpversion())) {
$responce = "You message has been delievered.";
}
} else {
}
}
?>
<script>
public function updateSettingsTable(array $array)
{
if (count($array) > 0) {
$link = AdminUtility::getDefaultDBConnection();
mysqli_autocommit($link, false);
$ok = true;
foreach ($array as $key => $value) {
/* if (strcasecmp($key, "help_lines") === 0) {
validateNumbers($value);
}
*/
$query = "update settings set value = '{$value}' where name = '{$key}'";
//$ok remains true if all statements was sucessfully executed
$ok = $ok and mysqli_query($link, $query);
}
if ($ok) {
mysqli_commit($link);
//Log error
AdminUtility::logMySQLError($link);
return true;
} else {
throw new Exception("Error occured while updating settings table");
}
} else {
throw new Exception("No parameter was set");
}
}
function deleteLibraryItems(array $IDs)
{
$link = AdminUtility::getDefaultDBConnection();
mysqli_autocommit($link, false);
foreach ($IDs as $value) {
$query = "select * from library where id={$value}";
$res = mysqli_query($link, $query);
if ($res) {
$row = mysqli_fetch_array($res);
$query = "delete from library where id={$value}";
$ok = mysqli_query($link, $query);
if ($ok && $row['file_type'] !== "link") {
//delete file from local server
$ok = unlink(ROOT . $row['link']);
if (!$ok) {
mysqli_rollback($link);
throw new Exception("File could not be deleted");
}
} elseif (!$ok) {
//Log error
AdminUtility::logMySQLError($link);
throw new Exception("Oops! Something went wrong. Database didn't respond very well");
}
}
}
return mysqli_commit($link);
}
/**
*
* @param type $search_query
* @param type $sort_type
* @param type $sort_order
* @return array
*/
public static function searchUsers($search_query, $is_deleted = false, $is_suspended = false, $sort_type = null, $sort_order = null)
{
$users = array();
$link = AdminUtility::getDefaultDBConnection();
//process query
$fields = explode(" ", $search_query);
$query = "select * from users where (is_deleted = " . ($is_deleted ? "1" : "0") . " and " . "is_suspended = " . ($is_suspended ? "1" : "0") . ") and " . "(";
for ($count = 0; $count < count($fields); $count++) {
$query .= "regno = '{$fields[$count]}' or " . "last_name like '%{$fields[$count]}%' or " . "level = '{$fields[$count]}' or " . "first_name like '%{$fields[$count]}%'";
if ($count !== count($fields) - 1) {
$query .= " or ";
} else {
$query .= ")";
}
}
//Search
$result = mysqli_query($link, $query);
if ($result) {
while ($row = mysqli_fetch_array($result)) {
array_push($users, $row);
}
}
AdminUtility::sortUser($users, $sort_type, $sort_order);
//Log error
AdminUtility::logMySQLError($link);
return $users;
}
function activateUsers(array $regno)
{
$link = AdminUtility::getDefaultDBConnection();
mysqli_autocommit($link, false);
foreach ($regno as $value) {
$query = "update users set is_suspended = 0, is_deleted = 0 where regno = '{$value}'";
$ok = mysqli_query($link, $query);
if (!$ok) {
//Log error
AdminUtility::logMySQLError($link);
return FALSE;
}
}
return mysqli_commit($link);
}
function removeExecutive($executiveID, $link = null)
{
$query = "delete from executives where id = '{$executiveID}'";
if (empty($link)) {
$link = AdminUtility::getDefaultDBConnection();
}
mysqli_query($link, $query);
//Log error
AdminUtility::logMySQLError($link);
}
function getClassReps()
{
$class_reps = array();
$query = "select u.first_name, u.last_name, u.regno, u.level, m.user_id, m.units_used, m.units_assigned from admins a " . "join (users u, messenger_sms_biller m) on (u.regno = a.username and u.regno = m.user_id) " . "where a.type = '" . Admin::CLASS_REP . "' ";
$link = AdminUtility::getDefaultDBConnection();
$result = mysqli_query($link, $query);
if ($result) {
while ($row = mysqli_fetch_array($result)) {
array_push($class_reps, $row);
}
}
//Log error
AdminUtility::logMySQLError($link);
return $class_reps;
}
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once 'class_lib.php';
require_once '../functions.php';
$id = filter_input(INPUT_GET, "id");
$code = filter_input(INPUT_GET, "c");
$link = AdminUtility::getDefaultDBConnection();
if (empty($code)) {
//generate code, mail code to admin then redirect to cpanel/index.php to notify admin of "mail"
//Get email
$query = "select email from admins where username = '******'";
$result = mysqli_query($link, $query);
if ($result) {
//Generate code
$row = mysqli_fetch_array($result);
$code = uniqid();
$email = $row["email"];
$query = "insert into password_reset set " . "username = '******', " . "code='{$code}' " . "on duplicate key update " . "code='{$code}', " . "time_of_request=now()";
$result = mysqli_query($link, $query);
if ($result) {
//Mail
$link = $_SERVER["HTTP_HOST"] . "/" . $_SERVER["PHP_SELF"] . "?c={$code}&id={$id}";
public function changeEmail($email)
{
if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
$link = AdminUtility::getDefaultDBConnection();
$query = "update admins set email='" . $email . "' where username='******'";
mysqli_query($link, $query);
//Log error
AdminUtility::logMySQLError($link);
//Reload data
$this->adminInfo = $this->getAdminData();
} else {
throw new Exception("Invalid mail");
}
}
if (isset($addPerformed)) {
if (!$success) {
?>
<p class="fg-red"><?php
echo $error_message;
?>
</p>
<?php
} else {
?>
<p class="fg-NACOSS-UNN">Executive was successfully added</p>
<?php
}
}
if (!empty($user_id)) {
$user = AdminUtility::getUserInfo($user_id);
if (!empty($user)) {
$name = $user["last_name"] . " " . $user["first_name"];
$regno = $user["regno"];
}
}
?>
<form action="<?php
echo $defaultPage;
?>
" method="post">
<a class="button" href="index.php?p=6&url=<?php
echo urlencode($defaultPage);
?>
">
/**
* Resets admin password, requires AdminUtility to be included
* @param type $id
* @param type $newPassword
*/
function resetAdminPassword($id, $newPassword)
{
//Check password
$link = AdminUtility::getDefaultDBConnection();
$pwd = crypt($newPassword);
$query = "update admins set password='******' where username='******'";
mysqli_query($link, $query);
//Log error
AdminUtility::logMySQLError($link);
}
public function changeSenderID($new_id)
{
$link = AdminUtility::getDefaultDBConnection();
$query = "update messenger_sms_biller set default_sender_id='" . $new_id . "' where user_id='" . $this->getAdminID() . "'";
if (mysqli_query($link, $query)) {
return true;
}
//Log error
AdminUtility::logMySQLError($link);
return false;
}
