public function actionList() { $limit = 20; $q = new CDbCriteria(array('select' => array('*', '(SELECT COUNT(*) FROM log WHERE qr.id = log.qr_id) AS hitCount'), 'alias' => 'qr', 'with' => array('user' => array('select' => 'username', 'alias', 'user')))); $this->addDefaultCriteria($q, array('limit' => $limit, 'order' => 'qr.created_at', 'sort' => 'DESC')); $qrs = Qr::model()->findAll($q); $count = Qr::model()->count($q); $pages = new CPagination($count); // results per page $pages->pageSize = $limit; $pages->applyLimit($q); $this->render('list', array('qrs' => $qrs, 'pages' => $pages)); }
public function qr() { // Only for registered users if (!$this->auth->isLogged()) { $this->security_log->write('Somebody tried to get QR Code'); exit; } // Request validation if (!isset($this->request->get['code']) || empty($this->request->get['code'])) { $this->security_log->write('Query is required'); exit; } // Request validation if (!ValidatorBitcoin::addressValid($this->request->get['code'])) { $this->security_log->write('Invalid bitcoin address'); exit; } $qr = new Qr($this->request->get['code']); header('Content-type: image/png'); echo $qr->image(); exit; }
protected function _associateQrsInSession($user = null) { $qrs = Qr::getInSession(); if ($qrs) { if ($user instanceof User) { $userId = $user->id; } else { $userId = Yii::app()->user->getId(); } foreach ($qrs as $id) { if ($qr = Qr::model()->findByPk($id)) { $qr->user_id = $userId; $qr->save(); } } } }
public function checkAccess($operation, $params = array()) { // if(Yii::app()->user->getState('role') === 'admin') { // return true; // } // else if($operation == 'ownQr') { // $id = Yii::app()->request->getParam('id'); // // if(Qr::isInSession($id)) { // return true; // } // else if($qr = Qr::model()->findByPk($id)) { // return Yii::app()->user->getId() == Qr::model()->findByPk($id)->user_id; // } // else { // return false; // } // } // // return false; if (empty($this->id)) { // Not identified => no rights return false; } $role = $this->getState("role"); if ($role === 'admin') { return true; // admin role has access to everything } if ($operation == 'ownQr') { $id = Yii::app()->request->getParam('id'); if (Qr::isInSession($id)) { return true; } else { if ($qr = Qr::model()->findByPk($id)) { return Yii::app()->user->getId() == Qr::model()->findByPk($id)->user_id; } else { return false; } } } // allow access if the operation request is the current user's role return $operation === $role; }
public function loadModel($id) { $model = Qr::model()->findByPk($id); if ($model === null) { throw new CHttpException(404, 'The QR Code does not exists.'); } return $model; }
public function setData(array $data) { parent::setData($data); $this->setSize(min(array($this->bgIm->getWidth(), $this->bgIm->getHeight()))); return $this; }
<?php echo $form->textField($model, 'last_name', array('class' => 'form-control')); ?> <?php echo $form->error($model, 'last_name'); ?> </div> </div> <div class="form-group"> <?php echo $form->labelEx($model, 'company', array('class' => 'col-sm-2 control-label', 'for' => 'company')); ?> <div class="col-sm-6"> <?php echo $form->dropDownList($model, 'company', CHtml::listData(Qr::model()->findAll(array('condition' => "company!=''", 'distinct' => true, 'order' => 'company ASC')), 'company', 'company'), array('empty' => 'Select Company', 'class' => 'form-control')); ?> <?php echo $form->error($model, 'company'); ?> </div> </div> <div class="form-group"> <?php echo $form->labelEx($model, 'is_companyadmin', array('class' => 'col-sm-2 control-label', 'for' => 'is_companyadmin')); ?> <div class="col-sm-6"> <label style="padding-top: 5px;"> <?php echo $form->checkBox($model, 'is_companyadmin', array('value' => '1'));
/** * Edit advertisement: Update * * All post fields are validated */ public function action_update() { //template header $this->template->title = __('Edit advertisement'); $this->template->meta_description = __('Edit advertisement'); //local files if (Theme::get('cdn_files') == FALSE) { $this->template->styles = array('css/datepicker.css' => 'screen'); $this->template->scripts['footer'] = array('js/bootstrap-datepicker.js', 'js/jquery.validate.min.js', 'js/oc-panel/edit_ad.js'); } else { $this->template->styles = array('http://cdn.jsdelivr.net/bootstrap.datepicker/0.1/css/datepicker.css' => 'screen'); $this->template->scripts['footer'] = array('http://cdn.jsdelivr.net/bootstrap.datepicker/0.1/js/bootstrap-datepicker.js', 'js/jquery.validate.min.js', 'js/oc-panel/edit_ad.js'); } Breadcrumbs::add(Breadcrumb::factory()->set_title(__('Home'))->set_url(Route::url('default'))); $form = new Model_Ad($this->request->param('id')); //find all, for populating form select fields list($categories, $order_categories) = Model_Category::get_all(); list($locations, $order_locations) = Model_Location::get_all(); if (Auth::instance()->logged_in() && Auth::instance()->get_user()->id_user == $form->id_user || Auth::instance()->logged_in() && Auth::instance()->get_user()->id_role == 10) { $extra_payment = core::config('payment'); Breadcrumbs::add(Breadcrumb::factory()->set_title("Update")); $this->template->content = View::factory('oc-panel/profile/edit_ad', array('ad' => $form, 'locations' => $locations, 'order_locations' => $order_locations, 'categories' => $categories, 'order_categories' => $order_categories, 'extra_payment' => $extra_payment, 'fields' => Model_Field::get_all())); if ($this->request->post()) { $cat = new Model_Category(); $loc = new Model_Location(); // deleting single image by path $deleted_image = core::post('img_delete'); if ($deleted_image) { $img_path = $form->gen_img_path($form->id_ad, $form->created); if (!is_dir($img_path)) { return FALSE; } else { //delete formated image unlink($img_path . $deleted_image . '.jpg'); //delete original image $orig_img = str_replace('thumb_', '', $deleted_image); unlink($img_path . $orig_img . ".jpg"); $this->request->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'update', 'id' => $form->id_ad))); } } // end of img delete $data = array('_auth' => $auth = Auth::instance(), 'title' => $title = Model_Ad::banned_words(core::post('title')), 'seotitle' => $seotitle = core::post('title'), 'loc' => $loc = core::post('location'), 'description' => $description = Model_Ad::banned_words(core::post('description')), 'price' => $price = floatval(str_replace(',', '.', core::post('price'))), 'address' => $address = core::post('address'), 'website' => $website = core::post('website'), 'phone' => $phone = core::post('phone'), 'has_images' => 0, 'user' => $user = new Model_User()); // append to $data new custom values foreach ($_POST as $name => $field) { // get by prefix if (strpos($name, 'cf_') !== false) { $data[$name] = $field; //checkbox when selected return string 'on' as a value if ($field == 'on') { $data[$name] = 1; } } } //insert data if (core::post('title') != $form->title) { if ($form->has_images == 1) { $current_path = $form->gen_img_path($form->id_ad, $form->created); // rename current image path to match new seoname rename($current_path, $form->gen_img_path($form->id_ad, $form->created)); } $seotitle = $form->gen_seo_title($data['title']); $form->seotitle = $seotitle; } else { $form->seotitle = $form->seotitle; } $form->title = $data['title']; $form->id_location = $data['loc']; //$form->id_category = $data['cat']; $form->description = $data['description']; // $form->status = $data['status']; $form->price = $data['price']; $form->address = $data['address']; $form->website = $data['website']; $form->phone = $data['phone']; // set custom values foreach ($data as $key => $value) { // get only custom values with prefix if (strpos($key, 'cf_') !== false) { $form->{$key} = $value; } } // d($data['cf_radio']); $obj_ad = new Model_Ad(); // IMAGE UPLOAD // in case something wrong happens user is redirected to edit advert. $filename = NULL; $counter = 0; for ($i = 0; $i < core::config("advertisement.num_images"); $i++) { $counter++; if (isset($_FILES['image' . $i])) { $img_files = $_FILES['image' . $i]; $filename = $obj_ad->save_image($img_files, $form->id_ad, $form->created, $form->seotitle, $counter); } if ($filename) { $form->has_images = 1; try { $form->save(); } catch (Exception $e) { throw new HTTP_Exception_500($e->getMessage()); } } if ($filename = FALSE) { $this->request->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'update', 'id' => $form->id_ad))); } } try { // if user changes category, do payment first // moderation 2 -> payment on, moderation 5 -> payment with moderation // data['cat'] -> category selected , last_known_ad->id_category -> obj of current ad (before save) $moderation = core::config('general.moderation'); $last_known_ad = $obj_ad->where('id_ad', '=', $this->request->param('id'))->limit(1)->find(); if ($moderation == Model_Ad::PAYMENT_ON || $moderation == Model_Ad::PAYMENT_MODERATION) { // PAYMENT METHOD ACTIVE $payment_order = new Model_Order(); $advert_have_order = $payment_order->where('id_ad', '=', $this->request->param('id')); if ($data['cat'] == $last_known_ad->id_category) { // check if he payed when ad was created (is successful), // if not give him alert that he didn't payed, and ad will not be published until he do $cat_check = $cat->where('id_category', '=', $last_known_ad->id_category)->limit(1)->find(); // current category $advert_have_order->and_where('description', '=', $cat_check->seoname)->limit(1)->find(); if ($advert_have_order->loaded()) { if ($advert_have_order->status != Model_Order::STATUS_PAID) { // order is not payed, $form->status = 0; Alert::set(Alert::INFO, __('Advertisement is updated, but it won\'t be published until payment is done.')); } else { if ($moderation == Model_Ad::PAYMENT_ON) { $form->status = 1; Alert::set(Alert::SUCCESS, __('Advertisement is updated!')); } else { if ($moderation == 5) { Alert::set(Alert::SUCCESS, __('Advertisement is updated!')); } } } } $form->save(); $this->request->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'update', 'id' => $form->id_ad))); } else { // user have pending order with new category(possible that he previously tried to do the same action) $cat_check = $cat->where('id_category', '=', $data['cat'])->limit(1)->find(); // newly selected category $advert_have_order->and_where('description', '=', $cat_check->seoname)->limit(1)->find(); if ($advert_have_order->loaded()) { // sanity check -> we don't want to charge him twice for same category if ($advert_have_order->status != Model_Order::STATUS_PAID) { $this->request->redirect(Route::url('default', array('controller' => 'payment_paypal', 'action' => 'form', 'id' => $advert_have_order->id_order))); } else { if ($moderation == Model_Ad::PAYMENT_ON) { $form->status = 1; Alert::set(Alert::SUCCESS, __('Advertisement is updated!')); } else { if ($moderation == Model_Ad::PAYMENT_MODERATION) { Alert::set(Alert::SUCCESS, __('Advertisement is updated!')); } } } $form->save(); } else { $order_id = $payment_order->make_new_order($data, Auth::instance()->get_user()->id_user, $form->seotitle); if ($order_id == NULL) { if ($moderation == Model_Ad::PAYMENT_ON) { // publish $form->status = 1; } } else { // redirect to payment $this->request->redirect(Route::url('default', array('controller' => 'payment_paypal', 'action' => 'form', 'id' => $order_id))); // @TODO - check route } $form->save(); } } } // save ad $form->status = $last_known_ad->status; $form->save(); Alert::set(Alert::SUCCESS, __('Advertisement is updated')); $this->request->redirect(Route::url('oc-panel', array('controller' => 'profile', 'action' => 'update', 'id' => $form->id_ad))); } catch (Exception $e) { //throw 500 throw new HTTP_Exception_500($e->getMessage()); } } } else { Alert::set(Alert::ERROR, __('You dont have permission to access this link')); $this->request->redirect(Route::url('default')); } // QR!!! $qr = new Qr($this->request->param('id')); $qr->reset(); $f = $qr->qr(); $qr->calendar(); // $qr->map(); $qr->website(); $qr->contact(); Alert::set(Alert::SUCCESS, "Wrote " . print_r($f, true)); }
/** * This is the default 'index' action that is invoked * when an action is not explicitly requested by users. */ public function actionIndex() { $gallery = Qr::model()->findAll(array('condition' => 't.show_in_gallery = 1 AND t.user_id > 0', 'limit' => Yii::app()->params['home_gallery_count'], 'order' => 't.id DESC')); $this->render('index', array('gallery' => $gallery)); }
<div class="panel panel-default" style="margin-top:20px;"> <div class="panel-heading"> <h3 class="panel-title">Reporting Kunde iklinik</h3> </div> <div class="panel-body"> <?php $this->widget('zii.widgets.grid.CGridView', array('id' => 'scans_list', 'enableSorting' => true, 'dataProvider' => $model->search(), 'filter' => $model, 'columns' => array(array('header' => 'ID', 'value' => '$data->id', 'name' => 'id', 'sortable' => true, 'filter' => false), array('header' => 'Title', 'name' => 'qrtitle', 'value' => '$data->qrtitle', 'filter' => CHtml::dropDownList('Scans[qrtitle]', $model->qrtitle, CHtml::listData(Qr::model()->findAll(array('order' => 'id desc', 'condition' => "company LIKE'%" . Yii::app()->user->getState('company') . "%'", 'distinct' => true)), 'title', 'title'), array('empty' => 'select title')), 'sortable' => false), array('header' => 'IP', 'value' => '$data->ip', 'name' => 'ip', 'sortable' => true, 'filter' => false), array('header' => 'Scan', 'value' => 'Yii::app()->dateFormatter->format("d.M.y hh:mm a",$data->scan)', 'name' => 'scan', 'sortable' => true, 'filter' => false), array('header' => 'Browser', 'value' => '$data->browser'), array('header' => 'Platform', 'value' => '$data->platform'), array('header' => 'Enjoyer', 'value' => '$data->counter', 'name' => 'counter', 'sortable' => true, 'filter' => false), array('class' => 'CButtonColumn', 'header' => 'Actions', 'template' => '{delete}')))); ?> </div> </div>