protected function allow_group_access($groups_allowed = array())
{
$allow_access = false;
$match_group_allowed = array_intersect($this->current_groups(), $groups_allowed);
$allow_access = !empty($match_group_allowed);
if ($allow_access == false) {
$this->session->set_flashdata('message', message_box('You are not allowed to access this page!', 'danger'));
redirect('signin', 'refresh');
}
}
public function delete($id = null)
{
if (!empty($id)) {
$this->Page->delete($id);
$this->session->set_flashdata('message', message_box('Page has been deleted', 'success'));
redirect('admin/pages/index');
} else {
$this->session->set_flashdata('message', message_box('Invalid id', 'danger'));
redirect('admin/pages/index');
}
}
public function index()
{
if (!empty($_POST['settings'])) {
foreach ($_POST['settings'] as $key => $setting) {
$this->Setting->update_by_key($key, $setting);
}
$this->session->set_flashdata('message', message_box('Setting has been saved', 'success'));
redirect('admin/settings/index');
}
$this->data['settings'] = $this->Setting->findAll();
$this->load_admin('settings/index');
}
public function edit($id = null)
{
if ($id == null) {
$id = $this->input->post('id');
}
$this->form_validation->set_rules('name', 'name', 'required');
if ($this->form_validation->run() == true) {
$group = array('name' => $this->input->post('name'), 'description' => $this->input->post('description'));
$this->Group->update($group, $id);
$this->session->set_flashdata('message', message_box('Group has been saved', 'success'));
redirect('admin/groups/index');
}
$this->data['group'] = $this->Group->find_by_id($id);
$this->load_admin('groups/edit');
}
public function __construct()
{
global $soap_url, $soap_head, $soap_param;
// 连接到soap服务器
try {
$this->client = new SoapClient($soap_url);
// 发送验证信息
$headers = new SoapHeader($soap_head['0'], $soap_head['1'], $soap_param);
$this->client->__setSoapHeaders(array($headers));
} catch (SoapFault $sf) {
message_box('连接远程服务器失败,请与管理员联系', FRONT, go_to(array('/contact.php' => '联系我们')));
exit;
} catch (Exception $e) {
echo $e->getMessage();
}
}
<div class="container-fluid">
<div class="m-center-content clearfix">
<div class="clearfix">
<div class="col-md-9">
<div class="panel panel-default">
<div class="panel-heading">Add New Client</div>
<div class="panel-body">
<div class="message-container">
<?php
if (validation_errors()) {
echo message_box(validation_errors(), 'error');
}
?>
</div>
<form id="form-client-add" action="" method="post">
<div class="form-group clearfix">
<?php
echo form_label('Username', 'username');
?>
<?php
echo form_input(array('name' => 'username', 'value' => displayContent($data, 'username', set_value('username')), 'class' => 'form-control', 'id' => 'username'));
?>
</div>
<div class="form-group clearfix">
<?php
echo form_label('Email', 'email');
?>
<?php
echo form_input(array('name' => 'email', 'value' => displayContent($data, 'email', set_value('email')), 'class' => 'form-control', 'id' => 'email'));
?>
</div>
<div class="container-fluid">
<div class="row">
<div id="container" class="space-top">
<div class="clearfix">
<div class="col-xs-12">
<div class="message-box-container clearfix">
<div class="message-container">
<?php
if (validation_errors()) {
echo message_box(validation_errors(), 'error');
} elseif ($this->session->flashdata('success')) {
echo message_box($this->session->flashdata('success'), 'success');
}
?>
</div>
</div>
<div class="clearfix text-right mb20">
<a href="<?php
echo base_url('agent/clients/add');
?>
" class="btn btn-primary">Add Client</a>
</div>
<div class="loader-parent clearfix">
<table id="table-client" class="table table-bordered table-striped" width="100%">
<thead>
<tr>
<th class="hide">Id</th>
<th>Username</th>
<th>Email</th>
<th>Status</th>
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
<![endif]-->
</head>
<body class="bg-black">
<div class="form-box" id="login-box">
<div class="header">Sign In</div>
<?php
echo form_open("users/signin");
?>
<div class="body bg-gray">
<?php
echo message_box(validation_errors(), 'danger');
?>
<?php
echo $this->session->flashdata('message');
?>
<div class="form-group">
<input type="text" name="identity" class="form-control" placeholder="Email"/>
</div>
<div class="form-group">
<input type="password" name="password" class="form-control" placeholder="Password"/>
</div>
<div class="form-group">
<input type="checkbox" name="remember" value="1" /> Remember me
</div>
</div>
<div class="footer">
<?php
echo message_box('success');
?>
<div class="wrap-fpanel">
<div class="panel panel-default" data-collapsed="0">
<div class="panel-heading">
<div class="panel-title">
<strong>Set <?php
echo $language;
?>
Phrase For Form Body</strong>
</div>
</div>
<div class="panel-body">
<form id="form" action="<?php
echo base_url();
?>
admin/settings/add_formbody_language/<?php
echo $language;
?>
" method="post" class="form-groups-bordered">
<?php
foreach ($all_formbody_language as $key => $v_formbody_language) {
?>
<div class="<?php
if ($v_formbody_language->English == 'Total Unread Message') {
echo 'col-sm-3';
} elseif ($v_formbody_language->English == 'Total Unread Application') {
if (!$bussCode || !$bussSort) {
message_box('参数出错,请重试', XJT, go_to(array('/xjt/payonline.php' => '返回')));
exit;
} else {
$soap = new Soap_xjt();
//创建接口对象
$soapData = array();
$result = $soap->getAccBusInfo($userData['m_account'], $soapData);
foreach ($soapData['data'] as $v) {
if ($v['bussCode'] == $bussCode && $v['bussSort'] == $bussSort) {
$bussInfo = $v;
}
}
}
if (!$bussInfo) {
message_box('参数出错,请重试', XJT, go_to(array('/xjt/payonline.php' => '返回')));
}
$smarty->assign('msg', $msg);
$smarty->assign('bussInfo', $bussInfo);
$smarty->assign('userData', $_SESSION['userData']);
$smarty->display('xjt/dopayonline.tpl');
} else {
$soap = new Soap_xjt();
//创建接口对象
$soapData = array();
$result = $soap->getAccBusInfo($userData['m_account'], $soapData);
$smarty->assign('soapData', $soapData['data']);
$smarty->assign('userData', $_SESSION['userData']);
$smarty->assign('account', $userData['m_account']);
$smarty->display('xjt/payonline.tpl');
}
exit;
}
$C2bossRecid = request_var('C2bossRecid', '');
$bussInfo = array();
$soap = new Soap_xjt();
//创建接口对象
$soapData = array();
$result = $soap->getAccPendBook($userData['m_account'], $soapData);
foreach ($soapData['data'] as $v) {
if ($v['id'] == $C2bossRecid) {
$bussInfo = $v;
}
}
$bussInfo['money'] = abs($bussInfo['money']);
if (!$bussInfo) {
message_box('参数出错,请重试', XJT, go_to(array('/xjt/affirm.php' => '返回')));
exit;
}
$smarty->assign('bussInfo', $bussInfo);
$smarty->assign('userData', $_SESSION['userData']);
$smarty->display('xjt/doaffirm.tpl');
} else {
$soap = new Soap_xjt();
//创建接口对象
$soapData = array();
$result = $soap->getAccPendBook($userData['m_account'], $soapData);
$smarty->assign('soapData', $soapData['data']);
$smarty->assign('userData', $_SESSION['userData']);
$smarty->assign('account', $userData['m_account']);
$smarty->display('xjt/affirm.tpl');
}
public function profile()
{
$this->allow_group_access(array('admin', 'members'));
//validate form input
$this->form_validation->set_rules('first_name', $this->lang->line('edit_user_validation_fname_label'), 'required|xss_clean');
$this->form_validation->set_rules('last_name', $this->lang->line('edit_user_validation_lname_label'), 'required|xss_clean');
$this->form_validation->set_rules('phone', $this->lang->line('edit_user_validation_phone_label'), 'required|xss_clean');
$this->form_validation->set_rules('company', $this->lang->line('edit_user_validation_company_label'), 'required|xss_clean');
$this->form_validation->set_rules('groups', $this->lang->line('edit_user_validation_groups_label'), 'xss_clean');
if (isset($_POST) && !empty($_POST)) {
$data = array('first_name' => $this->input->post('first_name'), 'last_name' => $this->input->post('last_name'), 'company' => $this->input->post('company'), 'phone' => $this->input->post('phone'));
//update the password if it was posted
if ($this->input->post('password')) {
$this->form_validation->set_rules('password', $this->lang->line('edit_user_validation_password_label'), 'required|min_length[' . $this->config->item('min_password_length', 'ion_auth') . ']|max_length[' . $this->config->item('max_password_length', 'ion_auth') . ']|matches[password_confirm]');
$this->form_validation->set_rules('password_confirm', $this->lang->line('edit_user_validation_password_confirm_label'), 'required');
$data['password'] = $this->input->post('password');
}
if ($this->form_validation->run() === TRUE) {
$this->ion_auth->update($user->id, $data);
//check to see if we are creating the user
//redirect them back to the admin page
$this->session->set_flashdata('message', message_box('Profile saved', 'success'));
redirect('admin/users/profile');
}
}
$this->data['user'] = $this->current_user;
$this->render('admin/users/profile');
}
function get_file_name(&$soap, $schoolData, $filename)
{
$cur_buss = request_var('buss', '');
$fromdate = request_var('from', '');
$todate = request_var('to', '');
$unite = request_var('unite', '2');
if ($unite == '1') {
//统一费用
$money = request_var('unitemoney', '');
} else {
$money = '-1';
}
if (!checktime($fromdate) || !checktime($todate)) {
message_box("请选择正格的时间!", XJT_ADMIN, go_to(array('/xjt_admin/replacement.php' => '返回')));
}
$id = 0;
$soap->getFileID($schoolData['SchNum'], $schoolData['SchAreaNum'], $cur_buss, gettimeStr($fromdate), gettimeStr($todate), $unite, $money, $id);
$name_tmp = explode('.', $filename);
$ext = array_pop($name_tmp);
return iconv("UTF-8", "gb2312", implode('.', $name_tmp) . '_' . $id . '.' . $ext);
}
function signup()
{
$this->data['page_title'] = "Create New Account";
// if (!$this->ion_auth->logged_in() || !$this->ion_auth->is_admin())
// {
// redirect('auth', 'refresh');
// }
$tables = $this->config->item('tables', 'ion_auth');
//validate form input
$this->form_validation->set_rules('first_name', $this->lang->line('create_user_validation_fname_label'), 'required');
$this->form_validation->set_rules('last_name', $this->lang->line('create_user_validation_lname_label'), 'required');
$this->form_validation->set_rules('username', $this->lang->line('create_user_username_label'), 'trim|required|min_length[4]|xss_clean|alpha_numeric|is_unique[users.username]');
$this->form_validation->set_rules('email', $this->lang->line('create_user_validation_email_label'), 'required|valid_email|is_unique[' . $tables['users'] . '.email]');
// $this->form_validation->set_rules('phone', $this->lang->line('create_user_validation_phone_label'), 'required|xss_clean');
// $this->form_validation->set_rules('company', $this->lang->line('create_user_validation_company_label'), 'required|xss_clean');
$this->form_validation->set_rules('password', $this->lang->line('create_user_validation_password_label'), 'required|min_length[' . $this->config->item('min_password_length', 'ion_auth') . ']|max_length[' . $this->config->item('max_password_length', 'ion_auth') . ']|matches[password_confirm]');
$this->form_validation->set_rules('password_confirm', $this->lang->line('create_user_validation_password_confirm_label'), 'required');
$this->form_validation->set_error_delimiters('', '<br/>');
if ($this->form_validation->run() == true) {
// $username = strtolower($this->input->post('first_name')) . ' ' . strtolower($this->input->post('last_name'));
$username = strtolower($this->input->post('username'));
$email = strtolower($this->input->post('email'));
$password = $this->input->post('password');
$additional_data = array('first_name' => $this->input->post('first_name'), 'last_name' => $this->input->post('last_name'), 'company' => $this->input->post('company'), 'phone' => $this->input->post('phone'));
}
if ($this->form_validation->run() == true && $this->ion_auth->register($username, $password, $email, $additional_data)) {
//check to see if we are creating the user
//redirect them back to the admin page
// $this->session->set_flashdata('message', $this->ion_auth->messages());
$this->session->set_flashdata('message', message_box('Signed up successfully, activation email sent', 'success'));
redirect("signin", 'refresh');
} else {
//display the create user form
//set the flash data error message if there is one
$this->data['message'] = message_box(validation_errors() ? validation_errors() : ($this->ion_auth->errors() ? $this->ion_auth->errors() : $this->session->flashdata('message')), 'danger');
$this->data['first_name'] = array('name' => 'first_name', 'id' => 'first_name', 'type' => 'text', 'value' => $this->form_validation->set_value('first_name'));
$this->data['last_name'] = array('name' => 'last_name', 'id' => 'last_name', 'type' => 'text', 'value' => $this->form_validation->set_value('last_name'));
$this->data['username'] = array('name' => 'username', 'id' => 'username', 'type' => 'text', 'value' => $this->form_validation->set_value('username'));
$this->data['email'] = array('name' => 'email', 'id' => 'email', 'type' => 'text', 'value' => $this->form_validation->set_value('email'));
$this->data['company'] = array('name' => 'company', 'id' => 'company', 'type' => 'text', 'value' => $this->form_validation->set_value('company'));
$this->data['phone'] = array('name' => 'phone', 'id' => 'phone', 'type' => 'text', 'value' => $this->form_validation->set_value('phone'));
$this->data['password'] = array('name' => 'password', 'id' => 'password', 'type' => 'password', 'value' => $this->form_validation->set_value('password'));
$this->data['password_confirm'] = array('name' => 'password_confirm', 'id' => 'password_confirm', 'type' => 'password', 'value' => $this->form_validation->set_value('password_confirm'));
$this->render(null, 'admin/users/signup');
}
}
$newpwd2 = request_var('newpwd2', '');
$soapData = array();
//$result = $soap->admLogIn($userData['m_account'], $oldpwd);
$result = true;
if ($result) {
if ($newpwd == $newpwd2) {
$result = $soap->admModifyPwd($userData['m_account'], $oldpwd, $newpwd);
if ($result) {
if (isset($_SESSION['userData'])) {
unset($_SESSION['userData']);
}
//删除session
$db->delete(TABLE_CZECH_SESSION, 'session_id = "' . $_COOKIE['session_id'] . '"');
setcookie('m_account', '', time() - $system_data['cookie_time'], '/');
setcookie('session_id', '', time() - $system_data['cookie_time'], '/');
message_box('您的密码已经修改,请用新密码登录系统', XJT_ADMIN, go_to(array('/xjt_admin/login.php' => '重新登录')));
exit;
} else {
$msg = '修改密码出错,可能是因为网络原因,请重试!';
}
} else {
$msg = '您输入的两次新密码不一致!请重新输入';
}
} else {
$msg = '您输入的原密码不正确!请重新输入';
}
}
$smarty->assign('msg', $msg);
$smarty->display('xjt_admin/modifyPassword.tpl');
} else {
$smarty->assign('adminInfo', $_SESSION['userData']);
}
themeheader();
global $cpgtpl, $ownpagetitle, $home;
$adminmenuitems = $admincssmenuitems = false;
if (!$home) {
if (defined('ADMIN_PAGES') && is_admin() && !(isset($_GET['op']) && $_GET['op'] == 'logout')) {
require_once 'includes/classes/cpg_adminmenu.php';
$adminmenuitems = $CLASS['adminmenu']->display('all', 'jsmenu');
$admincssmenuitems = $MAIN_CFG['global']['admingraphic'] & 4;
}
}
$cpgtpl->assign_vars(array('BASEHREF' => $BASEHREF, 'I18N' => 'enctype="multipart/form-data" accept-charset="utf-8"', 'IMPORTANT_MESSAGE' => $message, 'PAGE_TITLE' => $home || isset($ownpagetitle[$module_name]) ? '' : $pagetitle, 'S_TEXTDIR' => _TEXT_DIR, 'S_LANGCODE' => _BROWSER_LANGCODE, 'S_HEADER_TAGS' => $header, 'S_LEFTBLOCKS' => $Blocks->showblocks & 1, 'S_RIGHTBLOCKS' => $Blocks->showblocks & 2, 'S_SITENAME' => $sitename, 'S_PAGETITLE' => !empty($pagetitle) ? strip_tags($pagetitle) : '', 'S_DELIM' => _BC_DELIM, 'S_FILESERVER' => '', 'S_ADMIN_MENU' => $adminmenuitems, 'S_ADMIN_CSSMENU' => $admincssmenuitems, 'B_PAGETITLE' => 1 < strlen(strip_tags($pagetitle)), 'B_NEWSRSS' => is_active('News')));
unset($modheader);
}
if (empty($_SESSION['SECURITY']['banned'])) {
online();
}
global $home, $cpgtpl, $Blocks;
$Blocks->init();
head();
if (!defined('ADMIN_PAGES')) {
require_once 'includes/counter.php';
# 2-3 queries
if ($home) {
require_once 'includes/functions/messagebox.php';
message_box();
}
}
$Blocks->display('c');
$cpgtpl->set_filenames(array('cpgheader' => 'header.html'));
$cpgtpl->display('cpgheader');
}
if ($doMod == 'index.php') {
$doMod = 'index';
}
if ($doMod == 'product') {
if ($Str = strstr($_SERVER['PHP_SELF'], 'product_sort')) {
$doMod = 'product_sort';
}
}
$smarty->assign('leftCss', $doMod);
//获取URL地址
$url_ext = '';
if (is_array($_GET) && sizeof($_GET) > 0) {
foreach ($_GET as $k => $v) {
$url_ext .= '&' . $k . '=' . $v;
}
}
if (!empty($url_ext)) {
$url_ext = '?' . substr($url_ext, 1);
}
$url_current = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . $url_ext;
if (strstr($_SERVER['PHP_SELF'], 'global.php')) {
message_box('访问受限', FRONT, go_to(array('/' => '返回首页')));
exit;
}
if (strstr($_SERVER['PHP_SELF'], '/system/')) {
if (!isset($_COOKIE['session_id']) || !isset($_COOKIE['m_account']) || !$userData || $userData['m_group'] != MEMBER_TYPE_ADMIN) {
message_box('访问受限', FRONT, go_to(array('/' => '返回首页')));
exit;
}
}
</span>
Input <?php
echo $this->module_title;
?>
</a>
</li>
</ul>
</div>
</div>
</div>
<?php
echo message_box();
?>
<div class="row-fluid">
<ul class="nav nav-tabs" id="news-tab">
<li class="active"><a href="#tab-edit" class="a_view"><i class="icon-edit"></i> Add</a></li>
<!--<li><a href="#tab-view" class="a_view"><i class="icon-eye-open"></i> View</a></li>
<li><a href="#tab-comments" class="a_view"><i class="icon-comments-alt"></i> Comments</a></li>-->
</ul>
<!--tab content-->
<form id="frm" action="<?php
echo $this->module;
?>
add/" method="post" enctype="multipart/form-data" >
<input type="hidden" name="act" id="act" value="create"/>
public function delete($id = null)
{
$this->allow_group_access(array('admin'));
$user = $this->User->find_by_id($id);
$user_groups = explode(',', $user['groups']);
if (in_array('admin', $user_groups)) {
$this->session->set_flashdata('message', message_box('Failed, could not delete admin user', 'danger'));
redirect('admin/users/index');
}
if ($current_user['user_id'] == $id) {
$this->session->set_flashdata('message', message_box('Failed, you could not delete yourself', 'danger'));
redirect('admin/users/index');
}
if (!empty($id)) {
$this->User->delete($id);
$this->session->set_flashdata('message', message_box('User has been deleted', 'success'));
redirect('admin/users/index');
} else {
$this->session->set_flashdata('message', message_box('Invalid id', 'danger'));
redirect('admin/users/index');
}
}
<?php
include_once 'asset/admin-ajax.php';
echo message_box('success');
echo message_box('error');
?>
<div class="row">
<div class="col-sm-12">
<div class="wrap-fpanel">
<div class="panel panel-default"><!-- ********* Employee Search Panel ***************** -->
<div class="panel-heading">
<div class="panel-title">
<strong><?php
echo $this->language->form_heading()[19];
?>
</strong>
</div>
</div>
<form id="form" role="form" enctype="multipart/form-data" action="<?php
echo base_url();
?>
admin/payroll/make_payment" method="post" class="form-horizontal form-groups-bordered">
<div class="panel-body">
<div class="row"><br />
<div class="col-sm-12 form-groups-bordered">
<div class="form-group" id="border-none">
<label for="field-1" class="col-sm-3 control-label"><?php
echo $this->language->from_body()[20][0];
?>
<span class="required">*</span></label>
<div class="col-sm-5">
$result = $soap->login($userData['m_account'], $oldpwd, $soapData);
if ($result) {
if (!preg_match('/\\d{6}/', $newpwd) || !preg_match('/\\d{6}/', $newpwd2)) {
$msg = '您正确输入的新密码(6位数字)!';
} else {
if ($newpwd == $newpwd2) {
$result = $soap->modifyPassword($userData['m_account'], $oldpwd, $newpwd);
if ($result) {
if (isset($_SESSION['userData'])) {
unset($_SESSION['userData']);
}
//删除session
$db->delete(TABLE_CZECH_SESSION, 'session_id = "' . $_COOKIE['session_id'] . '"');
setcookie('m_account', '', time() - $system_data['cookie_time'], '/');
setcookie('session_id', '', time() - $system_data['cookie_time'], '/');
message_box('您的密码已经修改,请用新密码登录系统', XJT, go_to(array('/xjt/login.php' => '重新登录')));
exit;
} else {
$msg = '修改密码出错,可能是因为网络原因,请重试!';
}
} else {
$msg = '您输入的两次新密码不一致!请重新输入';
}
}
} else {
$msg = '您输入的原密码不正确!请重新输入';
}
}
$smarty->assign('msg', $msg);
$smarty->display('xjt/modifyPassword.tpl');
} else {