static function countAll($company = null) { global $mysqli; $query = "SELECT COUNT(*) as 'count' FROM client AS c"; if ($company) { $query .= " INNER JOIN site_user AS su ON c.user_id=su.id WHERE su.company_id=" . MySiteUser::getCurrentUser()->getCompanyId(); } if ($result = $mysqli->query($query)) { return $result->fetch_object()->count; } }
static function truncate() { global $mysqli; $user = MySiteUser::getCurrentUser(); $query = "TRUNCATE TABLE user_" . $user->getId() . "_category"; return $mysqli->query($query); }
<?php /** access control **/ require_login(); require_permission('管理本公司用户'); /** prepare vars **/ $myuser = MySiteUser::getCurrentUser(); $uid = isset($vars[1]) ? $vars[1] : null; $user_to_edit = MySiteUser::findById($uid); if (!$user_to_edit) { dispatch('site/404'); exit; } /** handle submission **/ if (isset($_POST['submit'])) { // we uncomment the following fields coz we don't want user to change $no_change = array('company_id'); foreach ($no_change as $field) { if (isset($_POST[$field])) { unset($_POST[$field]); } } // then we call the general process $uid = $uid; require_once MODULESROOT . '/siteuser/controllers/backend/user/add_edit_submission.php'; } /** presentation **/ $html = new HTML(); $html->renderOut('site/components/html_header', array('title' => '编辑用户信息', 'body_class' => 'siteuser_edit')); $html->renderOut('site/components/mainnav', array('user' => $myuser)); $html->output('<div id="page-wrapper" class="gray-bg">');
<?php /** access control **/ require_login(); require_permission('管理自己的客户'); /** get vars **/ $cid = isset($vars[1]) ? strip_tags($vars[1]) : null; /** delete client **/ $response = new stdClass(); $client = Client::findById($cid); // permisison check if you want to delete client that is not yours if ($client->getUserId() != MySiteUser::getCurrentUser()->getId()) { if (!has_permission('管理所有客户')) { $response->status = 'error'; $response->message = '你没有权限进行此操作'; header('Content-Type: application/json'); echo json_encode($response); exit; } } if (!$client) { $response->status = 'error'; $response->message = '此客户不存在'; } else { if ($client->delete()) { $response->status = 'success'; } else { $response->status = 'error'; $response->message = '删除用户失败'; } }
static function renderCreateFormFrontend(MySiteUser $user = null, $action = '') { // set default action value if ($action != '') { $action = uri($action); } // get vars from form submission $username = isset($_POST['username']) ? strip_tags($_POST['username']) : (isset($user) ? $user->getUsername() : ''); $email = isset($_POST['email']) ? strip_tags($_POST['email']) : (isset($user) ? $user->getEmail() : ''); $password = ''; $password_confirm = ''; if ($user && $user->getId() == MySiteUser::getCurrentUser()->getId()) { // when updating self profile, we don't include 'active' $active_field = ''; } else { $active = isset($_POST['active']) ? strip_tags($_POST['active']) : (isset($user) ? $user->getActive() . "" : false); $active_field = ' <div class="form-group" id="form-field-active"> <label class="col-sm-2 control-label" for="active">' . i18n(array('en' => 'Active', 'zh' => '是否在职')) . '</label> <div class="col-sm-10"> <select class="form-control" name="active" id="active"> <option value="1" ' . ($active && $active == "1" ? 'selected=selected' : '') . '>在职</option> <option value="0" ' . ($active && $active == "0" ? 'selected=selected' : '') . '>离职</option> </select> </div> </div> <div class="hr-line-dashed"></div>'; } $mandatory_label = ' <span style="color: rgb(185,2,0); font-weight: bold;">*</span>'; $roles_form_markup = '<div id="form-field-roles"><label class="col-sm-2 control-label">Roles</label><div class="col-sm-10"><ul class="checkbox">'; foreach (SiteRole::findAll() as $role) { $roles_form_markup .= '<li><label><input type="checkbox" name="roles[' . $role->getid() . ']" value=1 ' . (isset($_POST['roles']) ? isset($_POST['roles'][$role->getId()]) ? 'checked="checked"' : '' : ($user && $user->hasRole($role->getName()) ? 'checked="checked"' : '')) . ' />' . $role->getName() . '</label></li>'; } $roles_form_markup .= '</ul></div></div>'; $rtn = ' <form class="form-horizontal" action="' . $action . '" method="POST" enctype="multipart/form-data"> <div class="form-group" id="form-field-email" > <label class="col-sm-2 control-label" for="email">' . i18n(array('en' => 'Email', 'zh' => '电子邮箱')) . $mandatory_label . '</label> <div class="col-sm-10"> <input type="email" class="form-control" id="email" name="email" value="' . $email . '" required /> </div> </div> <div class="hr-line-dashed"></div> <div class="form-group" id="form-field-password"> <label class="col-sm-2 control-label" for="password">' . i18n(array('en' => 'Password', 'zh' => '密码')) . $mandatory_label . ' </label> <div class="col-sm-10"> <input type="password" class="form-control" id="password" name="password" value="' . $password . '" required /> <span class="help-block m-b-none"><small>(' . i18n(array('en' => 'at least 6 letters', 'zh' => '至少6位')) . ')</small></span> </div> </div> <div class="form-group" id="form-field-password_confirm"> <label class="col-sm-2 control-label" for="password_confirm">' . i18n(array('en' => 'Password again', 'zh' => '再次确认密码')) . $mandatory_label . '</label> <div class="col-sm-10"> <input type="password" class="form-control" id="password_confirm" name="password_confirm" value="' . $password_confirm . '" required /> </div> </div> <div class="hr-line-dashed"></div> ' . (class_exists('SiteProfile') ? SiteProfile::renderUpdateForm($user) : '') . ' <div class="hr-line-dashed"></div> ' . $active_field . ' <input type="hidden" value=1 name="noemailnotification" /> ' . (is_backend() ? $roles_form_markup : '') . ' <div class="form-group" id="form-field-notice"> <div class="col-sm-10 col-sm-push-2"> <small><i> ' . $mandatory_label . i18n(array('en' => ' indicates mandatory fields', 'zh' => ' 标记为必填项')) . ' </i></small> </div> </div> <div class="col-sm-10 col-sm-push-2"> <button type="submit" name="submit" class="btn btn-primary">' . (is_null($user) ? i18n(array('en' => 'Add new user', 'zh' => '添加新用户')) : i18n(array('en' => 'Update user', 'zh' => '更新用户'))) . '</button> </div> </form> '; return $rtn; }
public function delete() { $rtn = parent::delete(); // delete extra relationship for wechat_account_user if existed if ($rtn) { $user = MySiteUser::getCurrentUser(); $wechat_account_user = WechatAccountUser::findbyCombo($this->getAccountId(), $user->getId()); if ($wechat_account_user) { $wechat_account_user->delete(); } } // check if there is any other users subscribing this wechat_account, if no, we delete it if ($rtn) { $wechat_account_users = WechatAccountUser::findByAccountId($this->getAccountId()); if (sizeof($wechat_account_users) == 0) { $wechat_account = WechatAccount::findById($this->getAccountId()); $wechat_account->delete(); } } return $rtn; }