public function updatepass($id, $value) { $user = DB::getInstance()->get('tbl_cust', array("cust_id", "=", $id)); $pwd = $user->result()->cust_pass; if (Input::get($value) != null && Crytion::generatehash(Input::get($value) != $pwd)) { return $pwd = Crytion::generatehash(input::get($value)); } return $pwd; }
public function login($username = null, $password = null, $user_type = null) { $user = $this->find($username, $user_type); if ($user) { if ($user_type == 'student') { if ($this->data()[0]->stud_birthcert === $password) { return true; } } else { if ($this->data()[0]->pwd === Crytion::generatehash($password)) { return true; } } } return false; }
public function generateid($usertype = null) { if ($usertype === 'employee') { do { $genid = Date('Y') . str_pad(Crytion::randnum(6), 6, '0', STR_PAD_LEFT); $user = $this->_db->query("Select user_id from tbl_employee where user_id=?", array($genid)); $count = $user->count(); } while ($count !== 0); return $genid; } else { if ($usertype === 'customer') { $user = $this->_db->query("Select cust_id from tbl_cust Order by cust_id desc limit 1"); if (!$user->error()) { if ($user->count() == 0) { return Date('Y') . "0000000001"; } else { $num = substr($user->result()->cust_id, 4) + 1; $genid = str_pad($num, 10, '0', STR_PAD_LEFT); return Date('Y') . $genid; } } } else { if ($usertype === 'supplier') { $supplier = $this->_db->query("Select supplier_id from tbl_supplier Order by supplier_id desc limit 1"); if (!$user->error()) { if ($user->count() == 0) { return "S01"; } else { $num = substr($user->result()->cust_id, 1) + 1; $genid = str_pad($num, 2, '0', STR_PAD_RIGHT); return "S" . $genid; } } } } } return false; }
public function check($source, $item = array()) { foreach ($item as $itm => $rules) { foreach ($rules as $rule => $rule_values) { $value = trim($source[$itm]); $itm = escape($itm); if ($rule === 'name') { $name = $rule_values; } if ($rule === 'required' && empty($value)) { $this->addError("{$name} is required"); } else { if (!empty($value)) { switch ($rule) { case 'min': if (strlen($value) < $rule_values) { $this->addError("{$name} must be minimum of {$rule_values} characters"); } break; case 'max': if (strlen($value) > $rule_values) { $this->addError("{$name} must be maximum of {$rule_values} characters"); } break; case 'matches': if ($value != $source[$rule_values]) { $this->addError("{$rule_values} must match {$name}"); } break; case 'unique': $check = $this->db->get($rule_values, array($itm, '=', $value)); if ($check->count()) { $this->addError("{$name} already exist"); } break; case 'samepassword': $check = $this->db->get($rule_values, array(substr($itm, 1), '=', Crytion::generatehash($value))); if (!$check->count()) { $this->addError("Wrong entered {$name}"); } break; case 'number': if (!is_numeric($value)) { $this->addError("{$name} must be numeric number"); } break; case 'email': if (!filter_var($value, FILTER_VALIDATE_EMAIL)) { $this->addError("{$name} must be valid"); } break; } } } } } if (empty($this->errors)) { $this->passed = true; } return $this; }
public function select_cust($customer) { $select = DB::getInstance()->get('tbl_cust', array('cust_id', '=', Crytion::decryt64($customer))); if ($select && $select->count() > 0) { Session::put('select_cust', $select->result()->cust_id); } }
$query->execute(array($srch)); $str = ""; if ($query->rowCount() == 0) { echo "<a style='pointer:none;' class='list-group-item list-group-item-danger'><i class='fa fa-exclamation-triangle'></i> No record</a>"; } else { while ($r = $query->fetch(PDO::FETCH_OBJ)) { $tel = Crytion::encryt64($r->cust_tel); $str .= "<a href='updatecart.php?cust_sel=" . $tel . "&return_url=" . $return_url . "' class='list-group-item list-group-item-info'>" . $r->cust_fname . "</a>"; } echo $str; } } else { $srch = "%" . $srch . "%"; $sql = "select * from tbl_cust where cust_fname Like ?"; $query = $con->prepare($sql); $query->execute(array($srch)); $str = ""; if ($query->rowCount() == 0) { echo "<a style='pointer:none;' class='list-group-item list-group-item-danger'><i class='fa fa-exclamation-triangle'></i> No record</a>"; } else { while ($r = $query->fetch(PDO::FETCH_OBJ)) { $id = Crytion::encryt64($r->cust_id); $str .= "<a href='updatecart.php?cust_sel=" . $id . "&return_url=" . $return_url . "' class='list-group-item list-group-item-info'>" . $r->cust_fname . "</a>"; } echo $str; } } } } } }
top: 50%; left: 50%; margin: -28px 0 0 -25px; } </style> </head> <body onload="scrlsts()"> <?php if (Input::get('todo') == 'out') { session_destroy(); Redirect::to('../'); } $user = new User(); $user->checkLoggedin(array('user')); if ($user->isLoggedin()) { $get = DB::getInstance()->get('tbl_cust', array('cust_id', '=', Crytion::decryt64(Session::get('user')))); $result = $get->result(); ?> <div data-role="page" data-theme='b' id="main-page"> <div data-role="header" data-position="fixed" data-tap-toggle="false" data-theme='b'> <h1>Retail Mobile System</h1> <a href="#" target='_blank'><i class='fa fa-shopping-cart'></i></a> </div> <div data-role="content"> <ul data-role="listview" data-inset="false" data-icon="false" data-divider-theme="b"> <li data-role="list-divider">Welcome <?php echo $result->cust_fname; ?> !</li>
$sql = 'SELECT sale_time,payment_amount,payment_type,SUM(goods_qty) FROM tbl_sales_item a,tbl_sales b,tbl_sales_payment c WHERE a.sales_id = b.sales_id AND b.sales_id = c.sales_id AND b.cust_id = ? Group by sale_time'; $query = $con->prepare($sql); $query->execute(array(Session::get('select_cust'))); if ($query->rowCount() > 0) { while ($r = $query->fetch(PDO::FETCH_NUM)) { echo "<tr>"; echo "<td>" . $r[0] . "</td>"; echo "<td>RM " . $r[1] . "</td>"; echo "<td>" . $r[2] . "</td>"; echo "<td>" . $r[3] . "</td>"; echo "<td><a href='/receipt?view=" . Crytion::encryt64(Session::get('select_cust')) . "&time=" . $r[0] . "'>View Receipt</a></td>"; echo "</tr>"; } } echo '</tbody>'; echo '</table>'; } } ?> </div> <div class="span3 sidepanel"> <!-- BOX 1--> <div class="panel panel-info"> <?php if (Session::exists('products') && Session::get('products') != null) { echo '<div id="togglepanel"class="panel-heading" style="text-align:center">';
echo "<script>window.setTimeout(function(){window.location = ''},10000);</script>"; } } ?> <div class="form-wrapper"> <form id="new_user_form" class="new_user_form inline-input" enctype='multipart/form-data' action="em-profile.php?id=<?php echo Input::get('id'); ?> &edit=1" method="post"> <div class="box-image" style="margin-bottom:20px;"> <div style="width:150px;height:150px;margin:0 auto;" > <img src="../getimg.php?id=<?php echo Crytion::encryt64(Crytion::encryt64($result->user_id)); ?> &jb=<?php echo Crytion::encryt64(Crytion::encryt64("employee")); ?> " class=" dis-img"> </div> <div class="dis-img" style="text-align:center;width:150px;margin:0 auto;"> <span class="btn btn-default btn-file" style="margin-top:10px"> Browse <input type="file" name="image" class="img-upload" id="img-upload"/> </span> </div> </div> <hr /> <div class="field-box span12"> <label >Name:</label> <input class="span4 " name="fname" id="fname" placeholder="first name" type="text" value="<?php echo $result->fname; ?>
<?php require 'core/init.php'; echo Crytion::generatehash('123123123');
} else { if ($user->data()->job_id === 'SI') { Session::put("user_id", Crytion::encryt64($id)); Session::put("assign", Crytion::encryt64("ST_IN")); header("Location:detail%20staffin"); } } } } else { Session::put('msg', 'Wrong Password! Make Sure The Combination Is Valid'); } } if (Session::exists('id')) { $id = Session::get('id'); $jb = Session::get('jb'); $user = DB::getInstance()->query('Select * from tbl_employee where user_id=?', array(Crytion::decryt64(Crytion::decryt64($id)))); if (!$user->error()) { ?> <div id="carousel-example-generic" class="carousel slide carousel-fade" data-ride="carousel" style="display:none"> <div class="carousel-inner"> <div class="item active"> <img src="images/bg/supermarket.jpg" alt="" /> </div> <div class="item"> <img src="images/bg/supermarket2.jpg" alt="" /> </div> <div class="item"> <img src="images/bg/blurred.jpg" alt="" /> </div> <div class="item">
<button class="btn btn-info pull-right" disabled="disabled" id="deletebtn"> <span>-</span> DELETE </button> <a href="" class="btn btn-success pull-right"> <i class="fa fa-plus"></i> ADD SUPPLIER </a> </div> </div> <?php if (Input::get('del') == 1) { $delete = new Supplier(); if (Input::get('check') != null) { foreach (Input::get('check') as $check) { $delete->deleteSupplier(Crytion::decryt64(Crytion::decryt64($check))); } } } ?> <form action='supplier.php?del=1' method='post' id='deleteem'> <div class="row-fluid"> <table class="table table-hover table-bordered display dataTable" id="supplier-list"> <thead> <tr> <th class="span1"><input type="checkbox" name="checkall" id="checkall"/></th> <th class="span2"> Supplier ID </th> <th class="span4"> Supplier Name
<tbody> <?php require "../config/config.php"; $sql = "Select * from tbl_goods a,tbl_goods_stock b Where a.goods_id = b.goods_id"; $query = $con->query($sql); while ($items = $query->fetch(PDO::FETCH_OBJ)) { echo "<tr>"; echo '<td><input type="checkbox" name="check[]" id="check" value="' . Crytion::encryt64($items->goods_id) . '" /></td>'; echo '<td>' . $items->goods_id . '</td>'; echo '<td><div class="img"><img src="../images/avatar.png" style="margin:0"></div><a href="items.php" class="name">' . $items->goods_name . '</a></td>'; echo '<td>' . $items->goods_category . '</td>'; echo '<td>' . $items->goods_qty . '</td>'; echo '<td><a href="inventory.php?item=' . Crytion::encryt64($items->goods_id) . '&tkn=inventory&inv=' . md5('1') . '">Inventory</a></td>'; echo '<td><a href="inventory.php?item=' . Crytion::encryt64($items->goods_id) . '&tkn=edit&inv=' . md5('2') . '">Edit</a> <a href="inventory.php?item=' . Crytion::encryt64($items->goods_id) . '&tkn=delete&inv=' . md5('0') . '">Delete</a></td>'; echo "</tr>"; } ?> </tbody> </table> </form> </div> </div> <!-- end products table --> </div> </div> </div> <!-- end main container --> <!-- scripts -->
<input type="submit" class="btn-glow primary" value="Save Item"> <span>OR</span> <input type="reset" value="Cancel" class="reset"> </div> </form> </div> </div> </div> </div> <?php } else { if (Input::get('item') && Input::get('tkn') == 'delete' && Input::get('inv') == md5('0')) { $valid = $inv->deleteitem(Crytion::decryt64(Input::get('item'))); if ($valid) { echo "<script>alert('Items Deleted');</script>"; echo "<script>window.setTimeout(function(){window.location = 'items.php'},1);</script>"; } else { echo "<script>alert('Deleted Failed');</script>"; echo "<script>window.setTimeout(function(){window.location = 'items.php'},1);</script>"; } } else { Redirect::to(404); } } } } ?> </div>
Contact </th> </tr> </thead> <tbody> <?php require "../config/config.php"; $sql = "Select * from tbl_employee a,tbl_jobs b where a.job_id = b.job_id and b.job_name !='ADMIN' order by a.user_id"; $query = $con->query($sql); if ($query->rowCount()) { while ($r = $query->fetch(PDO::FETCH_OBJ)) { echo "<tr>"; echo '<td><input type="checkbox" name="check[]" id="check" value="' . Crytion::encryt64(Crytion::encryt64($r->user_id)) . '" /></td>'; echo "<td>"; echo "<img src='../getimg.php?id=" . Crytion::encryt64(Crytion::encryt64($r->user_id)) . "&jb=" . Crytion::encryt64(Crytion::encryt64("employee")) . "' class='img-circle avatar hidden-phone' />"; echo "<a href='em-profile.php?id=" . Crytion::encryt64(Crytion::encryt64($r->user_id)) . "' class='name'>" . $r->lname . "," . $r->fname . "</a>"; echo "<span class='subtext'>" . $r->job_name . "</span>"; echo "</td>"; echo "<td></td>"; echo "<td>" . $r->job_name . "</td>"; echo "<td>" . $r->salary . "</td>"; echo "<td><a href='#' class='name'>" . $r->email . "</a><span class='subtext'>" . $r->tel . "</span></td>"; echo "</tr>"; } } ?> </tbody> </table> </form> </div> </div>
} else { echo '<li style="text-align:center;display:none" data-role="fieldcontain" id="message" class="message warning">'; echo '<i class="fa fa-warning"></i>'; echo '<p id="error-msg"></p>'; echo '</li>'; } } ?> <li data-role="fieldcontain"> <div class="box-image" style="margin-bottom:20px;"> <div style="border:1px solid #000;width:150px;height:150px;margin:0 auto;" > <img src="getimg.php?id=<?php echo Crytion::encryt64(Crytion::encryt64($result->cust_id)); ?> &jb=<?php echo Crytion::encryt64(Crytion::encryt64("cust")); ?> " class="dis-img" style="width:150px;height:150px"> </div> <div class="dis-img" style="text-align:center;width:135px;margin:0 auto;"> <div class="btn btn-default btn-file" style="margin-top:10px;"> <input type="file" name="image" class="img-upload" id="img-upload" style="margin:0 auto;" /> </div> </div> </div> </li> <li data-role="fieldcontain"> <label>First name</label> <input type="text" value="<?php echo $sql->result()->cust_fname; ?>
<?php require 'core/init.php'; echo "<div class='print-div'>"; if (isset($_POST['check'])) { foreach ($_POST['check'] as $value) { $value = Crytion::decryt64($value); echo '<div>'; echo '<img src="barcode_img.php?num=' . $value . '&type=code128&imgtype=png">'; echo '</div>'; } } if (isset($_GET['text'])) { $value = Crytion::decryt64($_GET['text']); echo '<div><img src="barcode_img.php?num=' . $value . '&type=code128&imgtype=png"></div>'; } echo "</div>"; ?> <script src="js/jquery-2.1.0.js"></script> <script src="js/html2canvas.js"></script> <script> var domElement = document.getElementById(''); var domElement2 = document.getElementById(''); html2canvas(domElement, { onrendered: function(canvas) { domElement2.appendChild(canvas); } }); </script>
$sql = 'SELECT sale_time,payment_amount,payment_type,SUM(goods_qty),b.sales_id FROM tbl_sales_item a,tbl_sales b,tbl_sales_payment c WHERE a.sales_id = b.sales_id AND b.sales_id = c.sales_id AND b.cust_id = ? Group by sale_time'; $query = $con->prepare($sql); $query->execute(array($id)); if ($query->rowCount() > 0) { while ($r = $query->fetch(PDO::FETCH_NUM)) { echo "<tr>"; echo "<td>" . $r[0] . "</td>"; echo "<td>RM " . $r[1] . "</td>"; echo "<td>" . $r[2] . "</td>"; echo "<td>" . $r[3] . "</td>"; echo "<td><a href='view-receipt.php?view=" . Crytion::encryt64($id) . "&time=" . $r[0] . "&sale=" . $r[4] . "'>View Receipt</a></td>"; echo "</tr>"; } } echo '</tbody>'; echo '</table>'; } ?> <div class="span12 section comment"> <h6>Add a quick note</h6> <p>Add a note about this user to keep a history of your interactions.</p> <textarea></textarea> <a href="user-profile.html#">Attach files</a> <div class="span12 submit-box pull-right"> <input type="submit" class="btn-glow primary" value="Add Note">
$x = 1; $set = ''; foreach (Session::get('form-error') as $error) { $set .= $error; if ($x < count(Session::get('form-error'))) { $set .= " | "; } $x = $x + 1; } echo $set; echo '</div></div>'; Session::delete('form-error'); } else { if (Session::exists('form-success')) { if (Input::get('return_url')) { $return_url = Crytion::decryt64(Input::get('return_url')); Session::put('select_cust', $id); echo "<script>window.setTimeout(function(){window.location = '" . $return_url . "'},1);</script>"; } else { echo '<div style="width:auto;margin-right:50px;overflow: auto;">'; echo '<div id="form_success" class="alert alert-success"><a class="close" data-dismiss="alert" href="#">×</a> '; echo '<i class="fa fa-check"></i><span>' . Session::get('form-success') . '</span><br/> Redirect in 3 seconds'; echo '</div></div>'; echo "<script>window.setTimeout(function(){window.location = 'user-list.php'},3000);</script>"; } Session::delete('form-success'); } } ?> <div class="container">
Redirect::to($return_url); } //cancel sales if (Input::get('detachall') == 1) { $return_url = Crytion::decryt64(Input::get("return_url")); $inv->cancel_sale(); Redirect::to($return_url); } //remove item from shopping cart if (Input::get('removep') && Input::get('return_url') && Session::exists('products')) { $code = Input::get('removep'); $return_url = Crytion::decryt64(Input::get("return_url")); $inv->remove_item(Input::get('bac'), $code); Redirect::to($return_url); } //complete sales if (Input::exists() && Input::get('complete') == md5("complete") && Session::exists('products') && Session::exists('add-pay')) { $return_url = Crytion::decryt64(Input::get("return_url")); echo $emp_id = Crytion::decryt64(Session::get('user_id')); $email = Input::get('bool-email'); if (Session::exists('select_cust')) { echo $cust_id = Session::get('select_cust'); echo "Send Email :" . $email; } else { $cust_id = "null"; $email = "null"; } $inv->completesales($cust_id, $emp_id, $email); Redirect::to("receipt.php"); } //Redirect::to('sales.php');
echo $user->pwd; ?> " /> </div> <div class="span6 actions"> <input type="submit" class="btn-glow primary" value="Save Changes"> <span>OR</span> <input type="reset" value="Cancel" class="reset"> </div> </form> <?php } else { echo '<a class="btn-flat icon pull-right delete-user" data-toggle="modal" data-toggle="tooltip" title="Delete user" data-placement="top" href="#deleteuser"> <i class="icon-trash"></i> </a>'; echo '<a class="btn btn-flat icon large pull-right edit" href="personal-info.php?id=' . Crytion::encryt64(Crytion::encryt64($user->user_id)) . '&edit=1"> Edit this person </a>'; ?> <div class="span7 section"> <h6>Recent Activity</h6> <br> <!-- recent orders table --> <table class="table table-hover"> <thead> <tr> <th class="span2"> Transaction </th> <th class="span3"> <span class="line"></span>
<!-- Users table --> <div class="row-fluid table"> <style type="text/css"> .dataTables_filter{ display: none; } </style> <?php if (Input::get('del') == 1) { $delete = new Customer(); if (Input::get('check') != null) { foreach (Input::get('check') as $check) { $delete->deletecustomer(Crytion::decryt64(Crytion::decryt64($check))); } } } ?> <form action='user-list.php?del=1' method='post' id='deletecust'> <table class="table table-bordered display dataTable" id="user-list"> <thead> <tr> <th class="span1"><input type="checkbox" name="checkall" id="checkall"/></th> <th class="span2">Person Id</th> <th class="span4">Name</th> <th class="span2">Registered</th> <th class="span3">Contact</th> </tr> </thead>
if ($query->rowCount() > 0) { while ($r = $query->fetch(PDO::FETCH_OBJ)) { echo '<tr>'; echo '<td style="text-align:center;line-height:20px;vertical-align:middle"><a href="../history/?view_sales=' . Crytion::encryt64($r->sales_id) . '"><span class="fa fa-eye"/></a></td>'; echo '<td>' . $r->sales_id . '</td>'; echo '<td>RM ' . $r->payment_amount . '</td>'; echo '<td>' . date('d F Y (h:m A)', strtotime($r->sale_time)) . '</td>'; echo '</tr>'; } } ?> </tbody> </table> <?php } else { $sales_id = Crytion::decryt64(Input::get('view_sales')); ?> <li><label>Sales ID # <?php echo $sales_id; ?> </label></li> <table data-role='table' id='table-column-toggle' data-mode='columntoggle' class='ui-responsive table-stroke' data-ajax='false'> <thead> <tr> <th></th> <th data-priority="2">Goods ID</th> <th data-priority="1">Item Name</th> <th data-priority="2">Category</th> <th data-priority="3">Item purchased</th> <th data-priority="3">Price</th> <th data-priority="2">Discount</th>
<?php require 'init/core.php'; if (Input::get('set') == 'cat') { $return_url = Crytion::decryt64(Input::get("return_url")); Session::put('no-cat'); Redirect::to($return_url); } if (Input::get('complete') == md5('true')) { $return_url = Crytion::decryt64(Input::get("return_url")); Session::put('complete'); Redirect::to($return_url); }
margin-top: -10%; margin-left: -150px; } </style> </head> <body> <?php if (Input::exists()) { $user_id = Input::get('scan-id-check'); $user = DB::getInstance()->get("tbl_employee", array("user_id", "=", $user_id)); if ($user->error()) { Session::put('error', 'System error occur.Please Refresh or Contact the Administrator'); } else { if ($user->count() == 1) { $id = Crytion::encryt64(Crytion::encryt64($user->result()->user_id)); $jb = Crytion::encryt64(Crytion::encryt64("employee")); Session::put('id', $id); Session::put('jb', $jb); header("Location:login.php"); } else { Session::put('error', 'ID Not Recognize. Please Make Sure You Have the Right ID'); } } } ?> <div class="loader"> <div id="scan-text"> <div class="vertical-centered"> <?php if (Session::exists('error')) {
?> <div class="list"> <table class="item-list table"> <thead> <tr> <th class="span4">Item Name</th> <th class="span3">Price Unit (discount)</th> <th class="span2">Quantity</th> <th class="span3">Total RM</th> </tr> </thead> <tbody> <?php $sql2 = "Select a.goods_name,b.unit_price,b.goods_qty,b.goods_discount\n from tbl_goods a,tbl_sales_item b,tbl_sales c\n Where a.goods_id = b.goods_id\n AND c.sales_id = b.sales_id\n AND c.sale_time = ?\n AND c.cust_id = ?\n AND c.sales_id = ?"; $query2 = $con->prepare($sql2); $query2->execute(array(Input::get('time'), Crytion::decryt64(Input::get('view')), Input::get('sale'))); if ($query2->rowCount() > 0) { while ($row = $query2->fetch(PDO::FETCH_NUM)) { echo "<tr>"; echo "<td>" . $row[0] . "</td>"; echo "<td>" . $row[1] . " (" . $row[3] . "%)</td>"; echo "<td>" . $row[2] . "</td>"; echo "<td>" . ($row[1] - $row[1] * $row[3] / 100) . "</td>"; echo "</tr>"; $discountprice = $row[1] - $row[1] * $row[3] / 100; $subtotal = $discountprice * $row[2]; $total = $total + $subtotal; } } ?> </tbody>
public function generateid($length = 16) { return Crytion::generateRandomNumber($length); }
$getid = DB::getInstance()->get('tbl_cust', array($field, '=', Input::get('username'))); Session::put('user', Crytion::encryt64($getid->result()->cust_id)); Redirect::to('main/'); } else { Session::put('error', 'Wrong Password Or Username'); } } } else { $validate = new Validate(); $validation = $validate->check($_POST, array('fname' => array('name' => 'First Name', 'required' => true, 'min' => 2), 'lname' => array('name' => 'Last Name', 'required' => true, 'min' => 2), 'password' => array('name' => 'Password', 'required' => true, 'min' => 8), 'cpassword' => array('name' => 'Retype Password', 'required' => true, 'matches' => 'password'), 'cust_tel' => array('name' => 'Tel Number', 'required' => true, 'unique' => 'tbl_cust'))); if ($validation->passed()) { $user = new User(); $id = $user->generateid('customer'); $fname = Input::get('fname'); $lname = Input::get('lname'); $pass = Crytion::generatehash(Input::get('password')); $tel = Input::get('cust_tel'); $create = $user->create('tbl_cust', array('cust_id' => $id, 'cust_tel' => $tel, 'cust_fname' => $fname, 'cust_lname' => $lname, 'cust_pass' => $pass)); if ($create) { Session::put('success', 'You Can Log In Now!'); Session::put('count', '1'); Redirect::to('#'); } else { Session::put('error', 'Failed To Create Your Account. Try Again!'); } } else { Session::put('validate-error', $validation->errors()); } } } ?>