// Ordering
$columns = $db->getCustomerColumnsToBeShownInCustomerList($customer_type);
$sorting = array();
if (isset($_GET[CRM_CUSTOMER_DATATABLE_SORT_COLUMN . "0"])) {
for ($i = 0; $i < intval($_GET[CRM_CUSTOMER_DATATABLE_SORT_COLUMNS]); $i++) {
if ($_GET[CRM_CUSTOMER_DATATABLE_IS_SORTABLE . intval($_GET[CRM_CUSTOMER_DATATABLE_SORT_COLUMN . $i])] == "true") {
$columnToSort = $columns[intval($_GET[CRM_CUSTOMER_DATATABLE_SORT_COLUMN . $i])];
$sortType = $_GET[CRM_CUSTOMER_DATATABLE_SORT_DIRECTION . $i] === 'asc' ? 'asc' : 'Desc';
$sorting[$columnToSort] = $sortType;
}
}
}
// filtering
$filtering = array();
if (isset($_GET[CRM_CUSTOMER_DATATABLE_SEARCH]) && $_GET[CRM_CUSTOMER_DATATABLE_SEARCH] != "") {
$wordToSearch = $db->escape_string($_GET[CRM_CUSTOMER_DATATABLE_SEARCH]);
for ($i = 0; $i < count($columns); $i++) {
if (isset($_GET[CRM_CUSTOMER_DATATABLE_SEARCHABLE . $i]) && $_GET[CRM_CUSTOMER_DATATABLE_SEARCHABLE . $i] == "true") {
$columnToSearch = $columns[$i];
$filtering[$columnToSearch] = $wordToSearch;
}
}
}
// get data
$result = $db->getAllCustomersOfType($customer_type, $numRows, $sorting, $filtering);
if (!isset($result)) {
fatal_error("Error retrieving data from the database.");
}
// data set length after filtering:
$filteredRows = $db->unlimitedRowCount();
// total data set length
}
}
} else {
$reason = $lh->translationFor("image_file_is_not_image");
$validated = 0;
}
}
if ($validated == 1) {
$db = new \creamy\DbHandler();
// collect new user data.
$modifyid = $_POST["modifyid"];
$name = NULL;
if (isset($_POST["name"])) {
$name = $_POST["name"];
$name = stripslashes($name);
$name = $db->escape_string($name);
}
$phone = NULL;
if (isset($_POST["phone"])) {
$phone = $_POST["phone"];
$phone = stripslashes($phone);
$phone = $db->escape_string($phone);
}
$avatar = NULL;
if (!empty($avatarOrigin)) {
$imageHandler = new \creamy\ImageHandler();
$avatar = $imageHandler->generateAvatarFileAndReturnURL($avatarOrigin, $imageFileType);
if (empty($avatar)) {
$lh->translateText("unable_generate_user_image");
return;
}
$validated = 1;
if (!isset($_POST["name"])) {
$validated = 0;
}
if (!isset($_POST["customer_type"])) {
$validated = 0;
}
if (!isset($_POST["customerid"])) {
$validated = 0;
}
if ($validated == 1) {
$db = new \creamy\DbHandler();
// get name (mandatory), customer id and customer type
$name = $_POST["name"];
$name = stripslashes($name);
$name = $db->escape_string($name);
$customerid = $_POST["customerid"];
$customerid = stripslashes($customerid);
$customerid = $db->escape_string($customerid);
$customerType = $_POST["customer_type"];
$customerType = stripslashes($customerType);
$customerType = $db->escape_string($customerType);
$createdByUser = $user->getUserId();
// email
$email = NULL;
if (isset($_POST["email"])) {
$email = $_POST["email"];
$email = stripslashes($email);
$email = $db->escape_string($email);
}
// phone
// Starting Session
$lh = \creamy\LanguageHandler::getInstance();
$error = '';
// Variable To Store Error Message
if (isset($_POST['submit'])) {
if (empty($_POST['username']) || empty($_POST['password'])) {
$error = $lh->translationFor("insert_valid_login_password");
} else {
$db = new \creamy\DbHandler();
// Define $username and $password
$username = $_POST['username'];
$password = $_POST['password'];
// To protect MySQL injection for Security purpose
$username = stripslashes($username);
$password = stripslashes($password);
$username = $db->escape_string($username);
$password = $db->escape_string($password);
// Check password and redirect accordingly
$result = null;
if (filter_var($username, FILTER_VALIDATE_EMAIL)) {
// valid email address
$result = $db->checkLoginByEmail($username, $password);
} else {
// not an email. User name?
$result = $db->checkLoginByName($username, $password);
}
if ($result == NULL) {
// login failed
$error = $lh->translationFor("invalid_login_password");
} else {
$_SESSION["userid"] = $result["id"];
$validated = 0;
} else {
$avatarOrigin = $_FILES["avatar"]["tmp_name"];
}
}
} else {
$reason = $lh->translationFor("image_file_is_not_image");
$validated = 0;
}
}
if ($validated == 1) {
$db = new \creamy\DbHandler();
// check password
$name = $_POST["name"];
$name = stripslashes($name);
$name = $db->escape_string($name);
$password1 = $_POST["password1"];
$password2 = $_POST["password2"];
if ($password1 !== $password2) {
$lh->translateText("passwords_dont_match");
exit;
}
$email = NULL;
if (isset($_POST["email"])) {
$email = $_POST["email"];
$email = stripslashes($email);
$email = $db->escape_string($email);
}
$phone = NULL;
if (isset($_POST["phone"])) {
$phone = $_POST["phone"];
$lh = \creamy\LanguageHandler::getInstance();
// check required fields
$validated = 1;
if (!isset($_POST["taskDescription"])) {
$validated = 0;
}
if (!isset($_POST["userid"]) && !isset($_POST["touserid"])) {
$validated = 0;
}
if ($validated == 1) {
$db = new \creamy\DbHandler();
// check password
$userid = isset($_POST["touserid"]) ? $_POST["touserid"] : $_POST["userid"];
$taskDescription = $_POST["taskDescription"];
$taskDescription = stripslashes($taskDescription);
$taskDescription = $db->escape_string($taskDescription);
$taskInitialProgress = 0;
$result = $db->createTask($userid, $taskDescription, $taskInitialProgress);
if ($result === true) {
// if the task was assigned to the user by another user, send the receiver a message.
$user = \creamy\CreamyUser::currentUser();
if (isset($user)) {
$myId = $user->getUserId();
if ($myId != $userid) {
// I'm creating a task for another user. Mail that user.
require_once 'MailHandler.php';
$mh = \creamy\MailHandler::getInstance();
$mh->sendNewTaskMailToUser($myId, $userid, $taskDescription);
}
}
// return result
