public function postProcess() { global $cookie, $currentIndex; if (Tools::isSubmit('submitDatePicker')) { if (!Validate::isDate($from = Tools::getValue('datepickerFrom')) or !Validate::isDate($to = Tools::getValue('datepickerTo'))) { $this->_errors[] = Tools::displayError('Date specified is invalid'); } } if (Tools::isSubmit('submitDateDay')) { $from = date('Y-m-d'); $to = date('Y-m-d'); } if (Tools::isSubmit('submitDateDayPrev')) { $yesterday = time() - 60 * 60 * 24; $from = date('Y-m-d', $yesterday); $to = date('Y-m-d', $yesterday); } if (Tools::isSubmit('submitDateMonth')) { $from = date('Y-m-01'); $to = date('Y-m-t'); } if (Tools::isSubmit('submitDateMonthPrev')) { $m = date('m') == 1 ? 12 : date('m') - 1; $y = $m == 12 ? date('Y') - 1 : date('Y'); $from = $y . '-' . $m . '-01'; $to = $y . '-' . $m . date('-t', mktime(12, 0, 0, $m, 15, $y)); } if (Tools::isSubmit('submitDateYear')) { $from = date('Y-01-01'); $to = date('Y-12-31'); } if (Tools::isSubmit('submitDateYearPrev')) { $from = date('Y') - 1 . date('-01-01'); $to = date('Y') - 1 . date('-12-31'); } if (isset($from) and isset($to) and !sizeof($this->_errors)) { $employee = new Employee($cookie->id_employee); $employee->stats_date_from = $from; $employee->stats_date_to = $to; $employee->update(); Tools::redirectAdmin($_SERVER['REQUEST_URI']); } if (Tools::getValue('submitSettings')) { if ($this->tabAccess['edit'] === '1') { $currentIndex .= '&module=' . Tools::getValue('module'); $this->_postConfig($this->_fieldsSettings); } else { $this->_errors[] = Tools::displayError('You do not have permission to edit here.'); } } if (sizeof($this->_errors)) { AdminTab::displayErrors(); } }
public function update($id) { $params = $_POST; $services = Service::all(); $attributes = array('id' => $id, 'name' => $params['name'], 'special' => $params['special'], 'introduction' => $params['introduction']); $employee = new Employee($attributes); $errors = $employee->errors(); foreach ($services as $serv) { if (isset($_POST[$serv->id])) { OfferedServicesController::create($id, $serv->id); } else { OfferedServicesController::destroy($id, $serv->id); } } $serviceList = OfferedServicesController::getServices($id, $services); if (count($errors) > 0) { View::make('employee/edit.html', array('errors' => $errors, 'attributes' => $attributes, 'services' => $services, 'serviceList' => $serviceList)); } else { $employee->update(); Redirect::to('/tyontekijat/' . $employee->id, array('message' => "Työntekijään tehdyt muutokset tallennettu!")); } }
public function postProcess() { global $cookie, $currentIndex; if (Tools::isSubmit('submitDatePicker')) { if (!Validate::isDate($from = Tools::getValue('datepickerFrom')) or !Validate::isDate($to = Tools::getValue('datepickerTo'))) { $this->_errors[] = Tools::displayError('date specified not valid'); } } if (Tools::isSubmit('submitDateToday')) { $from = date('Y-m-d'); $to = date('Y-m-d'); } if (Tools::isSubmit('submitDateMonth')) { $from = date('Y-m-01'); $to = date('Y-m-t'); } if (Tools::isSubmit('submitDateYear')) { $from = date('Y-01-01'); $to = date('Y-12-31'); } if (isset($from) and isset($to) and !sizeof($this->_errors)) { $employee = new Employee($cookie->id_employee); $employee->stats_date_from = $from; $employee->stats_date_to = $to; $employee->update(); Tools::redirectAdmin($_SERVER['REQUEST_URI']); } if (Tools::getValue('submitSettings')) { if ($this->tabAccess['edit'] === '1') { $currentIndex .= '&module=' . Tools::getValue('module'); $this->_postConfig($this->_fieldsSettings); } else { $this->_errors[] = Tools::displayError('You do not have permission to edit something here.'); } } if (sizeof($this->_errors)) { AdminTab::displayErrors(); } }
public function processForgot() { if (_PS_MODE_DEMO_) { $this->errors[] = Tools::displayError('This functionality has been disabled.'); } elseif (!($email = trim(Tools::getValue('email_forgot')))) { $this->errors[] = Tools::displayError('Email is empty.'); } elseif (!Validate::isEmail($email)) { $this->errors[] = Tools::displayError('Invalid email address.'); } else { $employee = new Employee(); if (!$employee->getByEmail($email) || !$employee) { $this->errors[] = Tools::displayError('This account does not exist.'); } elseif (strtotime($employee->last_passwd_gen . '+' . Configuration::get('PS_PASSWD_TIME_BACK') . ' minutes') - time() > 0) { $this->errors[] = sprintf(Tools::displayError('You can regenerate your password only every %d minute(s)'), Configuration::get('PS_PASSWD_TIME_BACK')); } } if (!count($this->errors)) { $pwd = Tools::passwdGen(10, 'RANDOM'); $employee->passwd = Tools::encrypt($pwd); $employee->last_passwd_gen = date('Y-m-d H:i:s', time()); $params = array('{email}' => $employee->email, '{lastname}' => $employee->lastname, '{firstname}' => $employee->firstname, '{passwd}' => $pwd); if (Mail::Send($employee->id_lang, 'employee_password', Mail::l('Your new password', $employee->id_lang), $params, $employee->email, $employee->firstname . ' ' . $employee->lastname)) { // Update employee only if the mail can be sent Shop::setContext(Shop::CONTEXT_SHOP, (int) min($employee->getAssociatedShops())); $result = $employee->update(); if (!$result) { $this->errors[] = Tools::displayError('An error occurred while attempting to change your password.'); } else { die(Tools::jsonEncode(array('hasErrors' => false, 'confirm' => $this->l('Your password has been emailed to you.', 'AdminTab', false, false)))); } } else { die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => array(Tools::displayError('An error occurred while attempting to change your password.'))))); } } elseif (Tools::isSubmit('ajax')) { die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => $this->errors))); } }
public function processForgot() { if (_PS_MODE_DEMO_) { $this->errors[] = Tools::displayError('This functionality has been disabled.'); } elseif (!($email = trim(Tools::getValue('email_forgot')))) { $this->errors[] = Tools::displayError('E-mail is empty'); } elseif (!Validate::isEmail($email)) { $this->errors[] = Tools::displayError('Invalid e-mail address'); } else { $employee = new Employee(); if (!$employee->getByemail($email) || !$employee) { $this->errors[] = Tools::displayError('This account does not exist'); } elseif (strtotime($employee->last_passwd_gen . '+' . Configuration::get('PS_PASSWD_TIME_BACK') . ' minutes') - time() > 0) { $this->errors[] = sprintf(Tools::displayError('You can regenerate your password only every %d minute(s)'), Configuration::get('PS_PASSWD_TIME_BACK')); } } if (!count($this->errors)) { $pwd = Tools::passwdGen(); $employee->passwd = md5(pSQL(_COOKIE_KEY_ . $pwd)); $employee->last_passwd_gen = date('Y-m-d H:i:s', time()); $params = array('{email}' => $employee->email, '{lastname}' => $employee->lastname, '{firstname}' => $employee->firstname, '{passwd}' => $pwd); if (Mail::Send((int) Configuration::get('PS_LANG_DEFAULT'), 'password', Mail::l('Your new password', (int) Configuration::get('PS_LANG_DEFAULT')), $params, $employee->email, $employee->firstname . ' ' . $employee->lastname)) { // Update employee only if the mail can be sent $result = $employee->update(); if (!$result) { $this->errors[] = Tools::displayError('An error occurred during your password change.'); } else { die(Tools::jsonEncode(array('hasErrors' => false, 'confirm' => $this->l('Your password has been e-mailed to you', 'AdminTab', false, false)))); } } else { die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => array(Tools::displayError('An error occurred during your password change.'))))); } } else { if (Tools::isSubmit('ajax')) { die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => $this->errors))); } } }
/* Server Params */ $protocol_link = Configuration::get('PS_SSL_ENABLED') ? 'https://' : 'http://'; $protocol_content = (isset($useSSL) and $useSSL and Configuration::get('PS_SSL_ENABLED')) ? 'https://' : 'http://'; define('_PS_BASE_URL_', Tools::getShopDomain(true)); define('_PS_BASE_URL_SSL_', Tools::getShopDomainSsl(true)); $employee = new Employee((int) $cookie->id_employee); $cookie->profile = $employee->id_profile; $cookie->id_lang = (int) $employee->id_lang; $iso = strtolower(Language::getIsoById($cookie->id_lang ? $cookie->id_lang : Configuration::get('PS_LANG_DEFAULT'))); include _PS_TRANSLATIONS_DIR_ . $iso . '/errors.php'; include _PS_TRANSLATIONS_DIR_ . $iso . '/fields.php'; include _PS_TRANSLATIONS_DIR_ . $iso . '/admin.php'; /* attribute id_lang is often needed, so we create a constant for performance reasons */ define('_USER_ID_LANG_', (int) $cookie->id_lang); $path = dirname(__FILE__) . '/themes/'; if (empty($employee->bo_theme) or !file_exists($path . $employee->bo_theme . '/admin.css')) { if (file_exists($path . 'oldschool/admin.css')) { $employee->bo_theme = 'oldschool'; } elseif (file_exists($path . 'origins/admin.css')) { $employee->bo_theme = 'origins'; } else { foreach (scandir($path) as $theme) { if ($theme[0] != '.' and file_exists($path . $theme . '/admin.css')) { $employee->bo_theme = $theme; break; } } } $employee->update(); } }
} elseif (!Validate::isEmail($_POST['email'])) { $errors[] = Tools::displayError('Invalid e-mail address'); } else { $employee = new Employee(); if (!$employee->getByemail($_POST['email']) or !$employee) { $errors[] = Tools::displayError('This account does not exist'); } else { if (strtotime($employee->last_passwd_gen . '+' . Configuration::get('PS_PASSWD_TIME_BACK') . ' minutes') - time() > 0) { $errors[] = Tools::displayError('You can regenerate your password only every') . ' ' . Configuration::get('PS_PASSWD_TIME_BACK') . ' ' . Tools::displayError('minute(s)'); } else { $pwd = Tools::passwdGen(); $previous_password = $employee->passwd; $previous_last_passwd_gen = $employee->last_passwd_gen; $employee->passwd = md5(pSQL(_COOKIE_KEY_ . $pwd)); $employee->last_passwd_gen = date('Y-m-d H:i:s', time()); if (!$employee->update()) { $errors[] = Tools::displayError('An error occurred during your password change.'); } elseif (!Mail::Send((int) $id_lang, 'password', Mail::l('Your new admin password', (int) $id_lang), array('{email}' => $employee->email, '{lastname}' => $employee->lastname, '{firstname}' => $employee->firstname, '{passwd}' => $pwd), $employee->email, $employee->firstname . ' ' . $employee->lastname)) { $errors[] = Tools::displayError('Impossible to send the e-mail with your new password.'); $employee->passwd = $previous_password; $employee->last_passwd_gen = $previous_last_passwd_gen; $employee->update(); } else { $confirmation = 'ok'; } } } } } } echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
protected static function getEmployee($employee = null) { if (!$employee) { global $cookie; $employee = new Employee((int) $cookie->id_employee); } if (empty($employee->stats_date_from) or empty($employee->stats_date_to) or $employee->stats_date_from == '0000-00-00' or $employee->stats_date_to == '0000-00-00') { if (empty($employee->stats_date_from) or $employee->stats_date_from == '0000-00-00') { $employee->stats_date_from = date('Y') . '-01-01'; } if (empty($employee->stats_date_to) or $employee->stats_date_to == '0000-00-00') { $employee->stats_date_to = date('Y') . '-12-31'; } $employee->update(); } return $employee; }
private static function getEmployee($employee = null) { if (!$employee) { global $cookie; $employee = new Employee(intval($cookie->id_employee)); } if (empty($employee->stats_date_from) or empty($employee->stats_date_to)) { if (empty($employee->stats_date_from)) { $employee->stats_date_from = date('Y') . '-01-01'; } if (empty($employee->stats_date_to)) { $employee->stats_date_to = date('Y') . '-12-31'; } $employee->update(); } return $employee; }
<?php require '../includes/functions.php'; require 'templates/header.php'; $header = "accounts"; $page = "edit"; require 'templates/navbar.php'; require 'templates/sidebar.php'; $alert_array = array(); if (isset($_POST['submit'])) { $employee = new Employee(); $employee->user_id = $_GET['id']; $employee->validity = $_POST['validity']; if ($employee->update('user_id')) { $alert_array['success'] = 'The account was successfully updated!'; } else { $alert_array['error'] = 'The account was not updated!'; } } if (isset($_GET['id']) && is_int(intval($_GET['id']))) { $id = intval($_GET['id']); $user = User::select(array('id' => $id)); $employee = Employee::select(array('user_id' => $id)); if (!$user || !$employee) { redirect_to('account.view.php'); } if (isset($_GET['clearBalance']) && $_GET['clearBalance'] == 'Continue') { if (isset($_GET['deleteOrders']) && $_GET['deleteOrders'] == 'on') { $orders = Order::select(array('user_id' => $user->id)); if (is_object($orders)) { $orders = array($orders);
if (empty($_POST['email'])) { $errors[] = Tools::displayError('e-mail is empty'); } elseif (!Validate::isEmail($_POST['email'])) { $errors[] = Tools::displayError('invalid e-mail address'); } else { $employee = new Employee(); if (!$employee->getByemail($_POST['email']) or !$employee) { $errors[] = Tools::displayError('this account doesn\'t exist'); } else { if (strtotime($employee->last_passwd_gen . '+' . Configuration::get('PS_PASSWD_TIME_BACK') . ' minutes') - time() > 0) { $errors[] = Tools::displayError('You can regenerate your password only each') . ' ' . Configuration::get('PS_PASSWD_TIME_BACK') . ' ' . Tools::displayError('minute(s)'); } else { $pwd = Tools::passwdGen(); $employee->passwd = md5(pSQL(_COOKIE_KEY_ . $pwd)); $employee->last_passwd_gen = date('Y-m-d H:i:s', time()); $result = $employee->update(); if (!$result) { $errors[] = Tools::displayError('an error occurred during your password change'); } else { Mail::Send($id_lang, 'password', 'Your new admin password', array('{email}' => $employee->email, '{lastname}' => $employee->lastname, '{firstname}' => $employee->firstname, '{passwd}' => $pwd), $employee->email, $employee->firstname . ' ' . $employee->lastname); $confirmation = 'ok'; } } } } } echo ' <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" />
} ?> </p><p style="font-weight: bold;">Update my details... </p><p><?php $old_data = $employee->get(); echo "Before...<br><br>"; echo "<pre>"; print_r($old_data); echo "</pre><br><br>"; $data = array(); $data['password'] = md5('new_passwd'); $data['phone_num'] = '+618-8463-2238'; $data['address'] = 'Lala Land'; $data['zip'] = '1100'; $data['state'] = 'Penang'; $new_employee = array(); if ($employee->update($data)) { $new_employee = $employee->get(); echo "<pre>"; print_r($new_employee); echo "</pre><br><br>"; $hash = sha1($id . $new_employee[0]['password'] . $seed); } else { echo "failed"; exit; } ?> </p><p style="font-weight: bold;">Still logged in after a password change?</p><p><?php if (!$employee->isLoggedIn($hash)) { echo "failed"; exit; } else {
public static function edit_employee($email, $password = NULL, $profile = NULL, $firstname = NULL, $lastname = NULL) { if (!Validate::isEmail($email)) { echo "{$email} is not a valid email address\n"; return false; } $employee = new Employee(); if (!$employee->getByEmail($email)) { echo "Could not find an employee with email {$email}\n"; return false; } if ($password != NULL) { $employee->passwd = md5(_COOKIE_KEY_ . $password); } if ($profile != NULL) { if (!Validate::isInt($profile)) { echo "{$profile} is not a valid profile ID\n"; return false; } $employee->id_profile = $profile; } if ($firstname != NULL) { $employee->firstname = $firstname; } if ($lastname != NULL) { $employee->lastname = $lastname; } $res = $employee->update(); if ($res) { echo "Successfully updated user {$email}\n"; return true; } else { echo "Error, could not update user {$email}\n"; return false; } }
public function processReset() { if (_PS_MODE_DEMO_) { $this->errors[] = $this->trans('This functionality has been disabled.', array(), 'Admin.Notifications.Error'); } elseif (!($reset_token_value = trim(Tools::getValue('reset_token')))) { // hidden fields $this->errors[] = $this->trans('Some identification information is missing.', array(), 'Admin.Login.Notification'); } elseif (!($id_employee = trim(Tools::getValue('id_employee')))) { $this->errors[] = $this->trans('Some identification information is missing.', array(), 'Admin.Login.Notification'); } elseif (!($reset_email = trim(Tools::getValue('reset_email')))) { $this->errors[] = $this->trans('Some identification information is missing.', array(), 'Admin.Login.Notification'); } elseif (!($reset_password = trim(Tools::getValue('reset_passwd')))) { // password (twice) $this->errors[] = $this->trans('The password is missing: please enter your new password.', array(), 'Admin.Login.Notification'); } elseif (!Validate::isPasswd($reset_password)) { $this->errors[] = $this->trans('The password is not in a valid format.', array(), 'Admin.Login.Notification'); } elseif (!($reset_confirm = trim(Tools::getValue('reset_confirm')))) { $this->errors[] = $this->trans('The confirmation is empty: please fill in the password confirmation as well.', array(), 'Admin.Login.Notification'); } elseif ($reset_password !== $reset_confirm) { $this->errors[] = $this->trans('The password and its confirmation do not match. Please double check both passwords.', array(), 'Admin.Login.Notification'); } else { $employee = new Employee(); if (!$employee->getByEmail($reset_email) || !$employee || $employee->id != $id_employee) { // check matching employee id with its email $this->errors[] = $this->trans('This account does not exist.', array(), 'Admin.Login.Notification'); } elseif (strtotime($employee->last_passwd_gen . '+' . Configuration::get('PS_PASSWD_TIME_BACK') . ' minutes') - time() > 0) { $this->errors[] = sprintf($this->trans('You can reset your password every %d minute(s) only. Please try again later.', array(), 'Admin.Login.Notification'), Configuration::get('PS_PASSWD_TIME_BACK')); } elseif ($employee->getValidResetPasswordToken() !== $reset_token_value) { // To update password, we must have the temporary reset token that matches. $this->errors[] = $this->trans('Your password reset request expired. Please start again.', array(), 'Admin.Login.Notification'); } } if (!count($this->errors)) { $employee->passwd = Tools::encrypt($reset_password); $employee->last_passwd_gen = date('Y-m-d H:i:s', time()); $params = array('{email}' => $employee->email, '{lastname}' => $employee->lastname, '{firstname}' => $employee->firstname); if (Mail::Send($employee->id_lang, 'password', Mail::l('Your new password', $employee->id_lang), $params, $employee->email, $employee->firstname . ' ' . $employee->lastname)) { // Update employee only if the mail can be sent Shop::setContext(Shop::CONTEXT_SHOP, (int) min($employee->getAssociatedShops())); $result = $employee->update(); if (!$result) { $this->errors[] = $this->trans('An error occurred while attempting to change your password.', array(), 'Admin.Login.Notification'); } else { $employee->removeResetPasswordToken(); // Delete temporary reset token $employee->update(); die(Tools::jsonEncode(array('hasErrors' => false, 'confirm' => $this->l('The password has been changed successfully.', 'AdminTab', false, false)))); } } else { die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => array($this->trans('An error occurred while attempting to change your password.', array(), 'Admin.Login.Notification'))))); } } elseif (Tools::isSubmit('ajax')) { die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => $this->errors))); } }
<?php require_once dirname(__FILE__) . "/../private/lib/utilities.php"; session_start(); if (!isset($_POST['id']) || !isset($_POST['firstname']) || !isset($_POST['phone_num']) || !isset($_POST['alternate_email']) || !isset($_POST['lastname']) || !isset($_POST['zip']) || !isset($_POST['country'])) { echo "ko"; exit; //redirect_to('login.php'); } $employee = new Employee($_POST['id'], $_SESSION['yel']['employee']['sid']); $data = array(); $data['firstname'] = $_POST['firstname']; $data['lastname'] = $_POST['lastname']; $data['phone_num'] = $_POST['phone_num']; $data['alternate_email'] = $_POST['alternate_email']; $data['mobile'] = $_POST['mobile']; $data['zip'] = $_POST['zip']; $data['country'] = $_POST['country']; $data['state'] = $_POST['state']; $data['address'] = $_POST['address']; if (isset($_POST['password'])) { $data['password'] = $_POST['password']; } if (!$employee->update($data)) { echo 'ko'; exit; } echo 'ok';