public function index()
{
if ($_POST) {
$opmode = $_POST["opmode"];
$model = D("UserTag");
if (false === $model->create()) {
$this->error($model->getError());
}
if ($opmode == "add") {
$model->module = MODULE_NAME;
$model->user_id = get_user_id();
$list = $model->add();
}
if ($opmode == "edit") {
$model->user_id = get_user_id();
$list = $model->save();
}
if ($opmode == "del") {
$model->user_id = get_user_id();
$tag_id = $model->id;
$model->del_tag($tag_id);
}
}
$model = D("UserTag");
$tag_list = $model->get_tag_list("id,pid,name");
$tree = list_to_tree($tag_list);
$this->assign('menu', sub_tree_menu($tree));
$tag_list = $model->get_tag_list();
$this->assign("tag_list", $tag_list);
$this->assign('js_file', "UserTag:js/index");
$this->display('UserTag:index');
}
private function _upload()
{
import("@.ORG.Util.UploadFile");
$module = strtolower($_REQUEST["module"]);
$upload = new UploadFile();
$upload->subFolder = $module;
$upload->savePath = C("SAVE_PATH");
$upload->saveRule = uniqid;
$upload->autoSub = true;
$upload->subType = "date";
if (!$upload->upload()) {
$this->error($upload->getErrorMsg());
} else {
//取得成功上传的文件信息
$uploadList = $upload->getUploadFileInfo();
$File = M("File");
$File->create($uploadList[0]);
$File->create_time = time();
$user_id = get_user_id();
$File->user_id = $user_id;
$fileId = $File->add();
$fileInfo = $uploadList[0];
$fileInfo['id'] = $fileId;
$fileInfo['error'] = 0;
$fileInfo['url'] = $fileInfo['savepath'] . $fileInfo['savename'];
//header("Content-Type:text/html; charset=utf-8");
exit(json_encode($fileInfo));
//$this->success ('上传成功!');
}
}
function do_wysiwygs()
{
$editor_name = html_editor_name($this->site_info->id());
$params = html_editor_params($this->site_info->id());
if (strpos($editor_name, 'loki') === 0) {
if (!empty($this->username) && ($user_id = get_user_id($this->username))) {
if ($editor_name == 'loki') {
$params['widgets'] = array('strong', 'em', 'link');
} else {
$params['widgets'] = array('strong', 'em', 'link', 'blockquote');
}
if (function_exists('reason_user_has_privs')) {
$params['user_is_admin'] = reason_user_has_privs($user_id, 'edit_html');
}
} else {
if ($editor_name == 'loki') {
$params['widgets'] = array('strong', 'em');
} else {
$params['widgets'] = array('strong', 'em', 'blockquote');
}
if (isset($params['paths'])) {
unset($params['paths']['site_feed']);
unset($params['paths']['finder_feed']);
unset($params['paths']['default_site_regexp']);
unset($params['paths']['default_type_regexp']);
}
}
}
$this->change_element_type('comment_content', $editor_name, $params);
}
public function index()
{
header("Content-Type:text/html; charset=utf-8");
$widget['jquery-ui'] = true;
$this->assign("widget", $widget);
$config = D("UserConfig")->get_config();
$this->assign("home_sort", $config['home_sort']);
$flow_type = M("flow_type");
$data['tag'] = 88;
$flowlist = $flow_type->where($data)->select();
$this->assign("flowlist", $flowlist);
$flow = M("flow");
//追踪流程
$this->show = $flow->where('user_id ="' . (int) get_user_id() . '" AND (type=69 or type=70 or type=71 or type=72 or type=73)')->limit(50)->select();
//已审批
$this->show1 = $flow->where('user_id ="' . (int) get_user_id() . '" AND (type=69 or type=70 or type=71 or type=72 or type=73) AND step=40')->limit(50)->select();
//待审批的列表
$user_id = get_user_id();
$emp_no = get_emp_no();
$FlowLog = M("FlowLog");
$model = D('Flow');
$where['emp_no'] = $emp_no;
$where['result'] = 3;
$log_list = $FlowLog->where($where)->getField('flow_id id,flow_id');
// dump($where);
$map['id'] = array('in', $log_list);
$map['type'] = array('in', '69,70,71,72,73');
$todo_flow_list = $model->where($map)->limit(50)->order("create_time desc")->select();
$this->assign("todo_flow_list", $todo_flow_list);
$this->display();
}
public function save()
{
$data['create_time'] = time();
$data['create_user'] = get_user_id();
$data['name'] = $_POST['name'];
$data['num'] = $_POST['num'];
$data['touying'] = $_POST['touying'];
$data['place'] = $_POST['place'];
$data['mai'] = $_POST['mai'];
$id = $_POST['id'];
if ($id) {
$result = D('Room')->where('id=' . $id)->save($data);
} else {
$result = D('Room')->add($data);
}
if ($result === false) {
$da['info'] = "操作失败!";
$da['status'] = 0;
$da['data'] = $_POST;
$this->ajaxReturn($da);
} else {
$da['info'] = "操作成功!";
$da['status'] = 1;
$this->ajaxReturn($da);
}
}
function _before_update(&$data, $options)
{
$old_data = M("Crm")->find($data['id']);
$diff = array_diff_assoc($data, $old_data);
$diff = array_keys($diff);
$desc = array('name' => '姓名', 'mobile_tel' => '手机', 'district' => '小区', 'need' => '客户需求', 'source' => '客户来源', 'age' => '年龄', 'work' => '职业');
if (!empty($diff)) {
foreach ($diff as $val) {
$model->need = implode(",", $model->need);
if (is_array($data[$val])) {
$new = implode(",", $data[$val]);
} else {
$new = $data[$val];
}
$comment .= $desc[$val] . ":" . $old_data[$val] . "->" . $new . " ; ";
}
$model = D("CrmLog");
$log['user_id'] = get_user_id();
$log['user_name'] = get_user_name();
$log['create_time'] = time();
$log['crm_id'] = $data['id'];
$log['emp_no'] = get_emp_no();
$log['comment'] = $comment;
$model->add($log);
}
}
function json_latest_event()
{
$sql = new DBAccess();
$user_id = (int) get_user_id();
$events = $sql->FetchAll("select event_id, message as event, date, send_to, send_from, unread, uname as sender from events join players on player_id = send_from where send_to = '" . sql($user_id) . "' order by date desc limit 1");
return '{"event":' . json_encode(reset($events)) . '}';
}
function generate()
{
$url = site_url() . 'home/preview' . '?' . http_build_query($this->users->get_user_by_id(get_user_id()));
$name = md5(date('ymdHis'));
if ($_SERVER['REMOTE_ADDR'] == '127.0.0.1') {
$dir = $this->config->item('static_path');
if (shell_exec('xvfb-run -a wkhtmltopdf "' . $url . '" "' . $dir . 'uploads/business-cards/' . $name . '.pdf"')) {
header('Location: ' . site_url() . 'uploads/business-cards/' . $name . '.pdf');
}
exit;
}
require 'application/libraries/pdfcrowd.php';
try {
// create an API client instance
$client = new Pdfcrowd("elshafey", "1386e8072e4b1bc2b82e6f3a8a166205");
// convert a web page and store the generated PDF into a $pdf variable
$pdf = $client->convertURI($url);
// set HTTP response headers
header("Content-Type: application/pdf");
header("Cache-Control: max-age=0");
header("Accept-Ranges: none");
header("Content-Disposition: attachment; filename=\"{$name}.pdf\"");
// send the generated PDF
echo $pdf;
} catch (PdfcrowdException $why) {
echo "Pdfcrowd Error: " . $why;
}
}
public function share($user_id, $post_id)
{
$post_mapper = new Application_Model_PostMapper();
$user_mapper = new Application_Model_UserMapper();
$shared_post = $post_mapper->find($post_id);
$user = $user_mapper->find($shared_post['user_id']);
$share_elm = $this->findByTwoColumns('user_id', $user_id, 'post_id', $post_id);
$db = Zend_Registry::get('db');
if (empty($share_elm)) {
$sql = "insert into post_share VALUES(" . $user_id . "," . $post_id . ");";
$db->query($sql);
$post_model = new Application_Model_Post();
$username = $user['username'];
$post_model->_fields['user_id'] = get_user_id();
$post_model->_fields['content'] = "The Post originally shared by {$username}: \n" . $shared_post['content'];
$post_model->_fields['comment_number'] = 0;
$post_model->_fields['is_reported'] = 0;
$post_model->_fields['updated_at'] = time();
$new_id = $post_mapper->save($post_model);
$path = APPLICATION_PATH . "/../public/post_pic/" . "{$post_id}.png";
$path2 = APPLICATION_PATH . "/../public/post_pic/{$new_id}.png";
copy($path, $path2);
return true;
}
return false;
}
protected function _update()
{
$id = $_POST["id"];
$model = M("MailOrganize");
$model->where("id={$id}")->delete();
$model = D("MailOrganize");
if (false === $model->create()) {
$this->error($model->getError());
}
if (in_array('user_id', $model->getDbFields())) {
$model->user_id = get_user_id();
}
if (in_array('user_name', $model->getDbFields())) {
$model->user_name = get_user_name();
}
//保存当前数据对象
$list = $model->add();
if ($list !== false) {
//保存成功
$this->assign('jumpUrl', get_return_url());
$this->success('编辑成功!');
} else {
//失败提示
$this->error('编辑失败!');
}
}
function dept()
{
$widget['date'] = true;
$this->assign("widget", $widget);
$model = M("Dept");
$list = $model->where('is_del=0')->order('sort asc')->getField('id,name');
$this->assign('dept_list', $list);
$where = $this->_search("User");
if (method_exists($this, '_search_filter')) {
$this->_search_filter($where);
if ($where['is_del'] == "") {
$where['is_del'] = 0;
}
}
$where['id'] = array('gt', '1');
$model = D("user");
$userId = get_user_id();
$userInfo = get_user_info($userId, 'id,name,emp_no,dept_id,phone');
$where['dept_id'] = array("eq", $userInfo[$userId]['dept_id']);
// if (!empty($model)) {
// $this -> _list($model, $where,"emp_no",true);
// }
$info = $model->where($where)->order("emp_no desc")->select();
for ($i = 0; $info[$i]; $i++) {
$info[$i]['dept'] = D("dept")->where("id=" . $info[$i]['dept_id'])->getField("name");
$info[$i]['position'] = D("position")->where("id=" . $info[$i]['position_id'])->getField("name");
}
$this->assign("list", $info);
$this->display();
}
/** Upgrade database from given version to the latest. */
static function upgrade($country, $version = null)
{
if ($version === null) {
$version = Installer::getVersion();
if ($version === null) {
// Assume it's an old v4 with the old id
$version = 4;
}
}
while ($version != PT::DB_LEVEL) {
$uid = get_user_id();
$type = get_db_type($uid);
$pdo = PDOBuilder::getPDO();
// Load generic sql update for current version
$file = PT::$ABSPATH . "/install/database/" . $type . "/upgrade-" . $version . ".sql";
$fileContent = \file_get_contents($file);
if (!Installer::loadFile($pdo, $fileContent)) {
return false;
}
// Check for localized update data for current version
$file = PT::$ABSPATH . "/install/database/" . $type . "upgrade-" . $version . "_" . $country . ".sql";
if (\file_exists($file)) {
$fileContent = \file_get_contents($file);
if (!Installer::loadFile($pdo, $fileContent)) {
return false;
}
}
$version++;
}
}
public function node()
{
$node_model = M("Node");
if (!empty($_POST['eq_pid'])) {
$eq_pid = $_POST['eq_pid'];
} else {
$eq_pid = $node_model->where('pid=0')->order('sort asc')->getField('id');
}
//dump($node_model -> select());
if (get_user_id() == 1) {
$node_list = $node_model->order('sort asc')->select();
} else {
$node_list = $node_model->where('id <> 84')->order('sort asc')->select();
}
// $node_list = $node_model -> order('sort asc') -> select();
$node_list = tree_to_list(list_to_tree($node_list, $eq_pid));
$node_list = rotate($node_list);
//dump($node_list);
$node_list = implode(",", $node_list['id']) . ",{$eq_pid}";
$where['id'] = array('in', $node_list);
$menu = $node_model->field('id,pid,name,url')->where($where)->order('sort asc')->select();
$tree = list_to_tree($menu);
$this->assign('eq_pid', $eq_pid);
$list = tree_to_list($tree);
$this->assign('node_list', $list);
//$this->assign('menu',sub_tree_menu($list));
$role = M("Role")->select();
$this->assign('list', $role);
$list = $node_model->where('pid=0 and is_del = 0')->order('sort asc')->getField('id,name');
$this->assign('groupList', $list);
$this->display();
}
function try_add_user($login, $pass, $pass2, $realname, $session, $is_admin, $antispam)
{
$return_val = false;
// Help prevent robot registrations
if (!check_antispam($antispam)) {
display_error("Invalid security code");
} else {
if ($session != md5(session_id() . $_SERVER['REMOTE_ADDR'])) {
display_error("Invalid session.");
} else {
if ($pass != $pass2) {
display_warning("Password mismatch");
} else {
if ($realname == '' || $pass == '' || $pass2 == '' || $login == '') {
display_warning("Please fill out all fields");
} else {
if (get_user_id($login) > 0) {
display_error("The user <strong>{$login}</strong> already exists.");
} else {
add_user($login, $realname, $pass, $is_admin);
$return_val = display_success("<strong>{$login}</strong> has been successfully created");
}
}
}
}
}
return $return_val;
}
function TPSession()
{
// define the DB store.
if (!$this->store) {
$this->store = OAuthStore::instance('MySQL', get_db_options());
}
// determine who this user is (from this site's cookie alone)
$this->user_id = get_user_id(COOKIE_NAME);
debug("[TPSession::TPSesssion], user_id = " . $this->user_id);
// If there's no user_id in the cookie, then there's no session -- not logged in.
if (!$this->user_id) {
return 0;
}
// This method look up the OAuth token in one of two ways:
// 1. the _GET parameters -- if this is the last step of the OAuth dance.
// 2. the Database -- if the user already completed the OAuth dance.
$this->oauth_token = get_oauth_token(COOKIE_NAME, $_GET, $this->store);
// debug ("OAUTH TOKEN = " . $this->oauth_token);
// Somebody wanted to log out! You should let them.
if (array_key_exists('logout', $_GET)) {
$this->log_out();
} else {
if (array_key_exists('oauth_verifier', $_GET)) {
$this->verify_access_token();
}
}
// Also update the local author record if all goes well...
if (!$this->author and $this->is_logged_in()) {
$this->update_author_record();
}
}
public function approve()
{
$model = D("FlowLog");
if (false === $model->create()) {
$this->error($model->getError());
}
$model->result = 1;
if (in_array('user_id', $model->getDbFields())) {
$model->user_id = get_user_id();
}
if (in_array('user_name', $model->getDbFields())) {
$model->user_name = $this->_session("user_name");
}
$flow_id = $model->flow_id;
$step = $model->step;
//保存当前数据对象
$list = $model->add();
if ($list !== false) {
//保存成功
D("Flow")->next_step($flow_id, $step);
$this->assign('jumpUrl', $this->_get_return_url());
$this->success('新增成功!');
} else {
//失败提示
$this->error('新增失败!');
}
}
function forword($step, $task_id, $task_type, $executor_list, $limit_time)
{
$executor_list = array_filter(explode(';', $executor_list));
if (!empty($executor_list)) {
foreach ($executor_list as $key => $val) {
$tmp = explode('|', $val);
$executor_name = $tmp[0];
$executor = $tmp[1];
if (strpos($executor, "dept_") !== false) {
$type = 2;
$executor = str_replace('dept_', '', $executor);
} else {
$type = 1;
}
$log_data['executor'] = $executor;
$log_data['executor_name'] = $executor_name;
$log_data['type'] = $type;
$log_data['step'] = $step;
$log_data['limit_time'] = $limit_time;
$log_data['task_type'] = $task_type;
$log_data['assigner'] = get_user_id();
$log_data['task_id'] = $task_id;
M("TaskLog")->add($log_data);
}
}
}
public function get_list()
{
$user_id = get_user_id();
$sql .= "select t2.*, t3.count ";
$sql .= " from " . $this->tablePrefix . "message t2, ";
$sql .= " ( select max(id) id, count(*) count ";
$sql .= " from (select id, ";
$sql .= " sender_id, ";
$sql .= " receiver_id, ";
$sql .= " create_time ";
$sql .= " from " . $this->tablePrefix . "message ";
$sql .= " where is_del = '0' ";
$sql .= " and owner_id = '{$user_id}' ";
$sql .= " and receiver_id = '{$user_id}' ";
$sql .= " union ";
$sql .= " select id, ";
$sql .= " a.receiver_id, ";
$sql .= " a.sender_id, ";
$sql .= " create_time ";
$sql .= " from " . $this->tablePrefix . "message a ";
$sql .= " where a.is_del = 0 and owner_id = '{$user_id}' and sender_id = '{$user_id}') ";
$sql .= " t1 ";
$sql .= " where t1.receiver_id = '{$user_id}' ";
$sql .= " group by t1.sender_id) t3 ";
$sql .= " where t3.id = t2.id order by t2.create_time desc";
$rs = $this->db->query($sql);
return $rs;
}
function can_upload($session)
{
if ($session['authenticator']) {
$auth = $session['authenticator'];
$reason_session =& get_reason_session();
$username = $reason_session->get("username");
if (isset($_REQUEST['user_id']) && !empty($_REQUEST['user_id'])) {
$username = $reason_session->get('username');
$param_cleanup_rules = array('user_id' => array('function' => 'turn_into_int', 'extra_args' => array('zero_to_null' => 'true')));
$cleanRequest = array_merge($_REQUEST, carl_clean_vars($_REQUEST, $param_cleanup_rules));
$nametag = $cleanRequest['user_id'];
$id = get_user_id($username);
if (reason_user_has_privs($id, 'pose_as_other_user')) {
$user = new Entity($nametag);
$username = $user->get_value("name");
}
}
if ($auth['file']) {
require_once $auth['file'];
}
$args = array_merge(array($username), $auth['arguments']);
if (!call_user_func_array($auth['callback'], $args)) {
return false;
}
}
return true;
}
public function _before_read()
{
$id = $_REQUEST['id'];
$user_id = get_user_id();
$model = M("Notice");
$folder_id = $model->where("id={$id}")->getField('folder');
$this->assign("auth", $auth = D("Folder")->_get_folder_auth($folder_id));
}
function print_login_button()
{
if (is_logged_in()) {
echo '<a href="userprofile.php?userid=' . get_user_id() . '">' . get_user_name() . '</a> | <a href="./twitteroauth/clearsessions.php">Log out</a>';
} else {
echo '<a href="./twitteroauth/redirect.php">Sign in with Twitter</a>';
}
}
/**
* Add the sender to the message_user table
* @param int $id
*/
function after_add($id = 0)
{
$message = $this->load($id);
/* Don't deal with message recipients on replies */
if (!$message->parent_id) {
$this->add_message_user($id, get_user_id());
}
}
function get_courses_by_userid($user_id = 0)
{
global $cmdb;
if (empty($user_id)) {
$user_id = get_user_id();
}
$courses = $cmdb->get_results($cmdb->prepare("SELECT {$cmdb->courses}.* from {$cmdb->courses} join {$cmdb->users_join} on {$cmdb->courses}.ID={$cmdb->users_join}.course_id where user_id=%d", $user_id));
return $courses;
}
/**
* Add the sender to the meeting_user table
* @param int $id
*/
function after_add($id = 0)
{
$meeting = $this->load($id);
/* Add the creator as a meeting participant */
$this->add_meeting_user($id, get_user_id());
/* Create the shortened url */
$short_url = google_short_url($this->config->item('webapp_url') . '#/meeting/' . $meeting->uuid);
$this->update($id, array('share_link' => $short_url));
}
public function preDispatch(Zend_Controller_Request_Abstract $request)
{
if (PHP_SAPI == 'cli') {
return;
}
$acl = new Zend_Acl();
// add the roles
$acl->addRole(new Zend_Acl_Role('guest'));
$acl->addRole(new Zend_Acl_Role('user'), 'guest');
$acl->addRole(new Zend_Acl_Role('admin'), 'user');
// add the resources
$acl->addResource(new Zend_Acl_Resource('index'));
$acl->addResource(new Zend_Acl_Resource('error'));
$acl->addResource(new Zend_Acl_Resource('user'));
$acl->addResource(new Zend_Acl_Resource('profile'));
$acl->addResource(new Zend_Acl_Resource('post'));
$acl->addResource(new Zend_Acl_Resource('*'));
// set up the access rules
$acl->allow(null, array('index', 'error'));
// a guest can only sign up content and login
$acl->allow('guest', 'user', array('login', 'register', 'unique', 'search'));
// user
$acl->allow('user', 'user', array('edit', 'logout'));
$acl->allow('user', 'profile', array('edit', 'profile', 'getxml', 'viewxml', 'more'));
$acl->allow('user', 'post', array('new', 'postxml', 'getposts', 'like', 'share', 'comment', 'home', 'edit', 'allcomment', 'notification', 'report'));
$acl->allow('admin', null);
// Fetch the current user
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
$id = get_user_id();
$role = "user";
if ($id == 2) {
$role = "admin";
}
} else {
$role = 'guest';
}
// Authorization
$controller = $request->controller;
$action = $request->action;
try {
if (!$acl->isAllowed($role, $controller, $action)) {
if ($role == 'guest') {
$redirector = new Zend_Controller_Action_Helper_Redirector();
$redirector->gotoSimple('login', 'user');
} else {
// User with role $role is not authorized for $controller/$action"
$request->setControllerName('error');
$request->setActionName('notauthorized');
}
}
} catch (Exception $e) {
$request->setControllerName('error');
$request->setActionName('notfound');
}
}
function login($username, $password)
{
$user_key = get_user_id($username);
$results = mysql_db_query("rowanprep", "SELECT user_key FROM users WHERE username = '******' AND password = '******'");
if (empty($results)) {
return false;
} else {
return $user_key;
}
}
function do_wysiwygs()
{
$editor_name = html_editor_name($this->site_info->id());
$params = html_editor_params($this->site_info->id());
if (function_exists('reason_user_has_privs') && strpos($editor_name, 'loki') === 0 && ($user_id = get_user_id($this->user_netID))) {
$params['user_is_admin'] = reason_user_has_privs($user_id, 'edit_html');
}
$this->change_element_type('post_content', $editor_name, $params);
$this->change_element_type('description', $editor_name, $params);
}
function add($status, $info, $data)
{
$user_id = get_user_id();
$model = M("Push");
$model->user_id = $user_id;
$model->data = $data;
$model->status = $status;
$model->info = $info;
$model->add();
}
function _search_filter(&$map)
{
$map['name'] = array('like', "%" . $_POST['name'] . "%");
$map['letter'] = array('like', "%" . $_POST['letter'] . "%");
$map['is_del'] = array('eq', '0');
if (!empty($_POST['tag'])) {
$map['group'] = $_POST['tag'];
}
$map['user_id'] = array('eq', get_user_id());
}
function send_event($from_id, $to_id, $msg)
{
global $sql;
if (!$to_id) {
$to_id = get_user_id();
}
if (!is_numeric($from_id) || !is_numeric($to_id)) {
throw new Exception('A player id wasn\'t sent in to the send_event function.');
}
$sql->Insert("INSERT INTO events (event_id, send_from, send_to, message, date) \n VALUES \n (default, '" . sql($from_id) . "','" . sql($to_id) . "','" . sql($msg) . "',now())");
}