function loginform_exec($Frm, $Err) { if ($Err) { $Frm->_gui->Vars["login_message"] = "Ошибки при заполнении формы"; return; } // clr db::delete(TABLE_LOGIN_HOST, "time < " . (time() - 900)); $last_login_time = db::get_arrays("SELECT time FROM " . TABLE_LOGIN_HOST . " WHERE ip = '" . db::input($_SERVER["REMOTE_ADDR"]) . "' ORDER BY time"); $cnt = count($last_login_time); $rowx["time"] = 0; if ($cnt) { $rowx = $last_login_time[0]; } $user = Employee::findOneBy(array('email' => strtolower($Frm->GetValue(0)), 'hpwd' => md5($Frm->GetValue(1) . $Frm->GetValue(0)))); if (!$user || $cnt > 2) { if ($cnt > 1) { $t = 900 - time() + $rowx["time"]; if ($t > 60) { $w = floor($t / 60) . " мин."; } else { $w = " минуту"; } $Frm->_gui->Vars["login_message"] = "Попытки исчерпаны. Подождите " . $w; } else { $Frm->_gui->Vars["login_message"] = "Ошибка. Осталось попыток: " . (2 - $cnt); db::insert(TABLE_LOGIN_HOST, array('ip' => $_SERVER['REMOTE_ADDR'], 'time' => time())); } return; } else { // ok if ($user["blocked"] || $user["black_list"]) { $Frm->_gui->Vars["login_message"] = "Доступ запрещен"; return; } $ll = array(); if ($user["last_login"]) { $ll = unserialize($user["last_login"]); while (count($ll) > 99) { array_shift($ll); } } $ll[] = array("ip" => $_SERVER['REMOTE_ADDR'], "time" => time()); Employee::update($user['id'], array('last_act' => time(), 'last_login' => serialize($ll))); unset($user["last_act"]); unset($user["last_login"]); $_SESSION["user"]["auth"] = true; $_SESSION["user"]["data"] = $user; page_reload(); } }
/** * Finds entities by a set of criteria. * * @param array $criteria * @param array|null $orderBy * @param int|null $limit * @param int|null $offset * * @throws InvalidArgumentException * @return array The objects. */ public static function findBy(array $criteria, array $orderBy = null, $limit = null, $offset = null) { if (is_array($criteria)) { $where = ''; foreach ($criteria as $key => $value) { if (is_null($value)) { continue; } if (!empty($where)) { $where .= " AND "; } $where .= $key . " = '" . db::input($value) . "'"; } if (!empty($where)) { $where = "WHERE " . $where; } else { $where = "WHERE 1"; } $order = ''; if (is_array($orderBy) && count($orderBy)) { $order = 'ORDER BY '; foreach ($orderBy as $key => $value) { $order .= $key . ' ' . $value; } } $sLimit = ''; if (!is_null($offset) || !is_null($limit)) { $sLimit = 'LIMIT '; if (!is_null($offset)) { $sLimit .= $offset . ', '; } if (!is_null($limit)) { $sLimit .= $limit; } } return db::get_arrays("\n SELECT *\n FROM " . static::TABLE . "\n " . $where . "\n " . $order . "\n " . $sLimit . "\n "); } else { throw new InvalidArgumentException(self::getEntity()); } }
function MakeHTML() { $this->_check_sort_links(); if ($this->isort) { $this->_inlinesort(); } $where = ""; if ($this->mysql_filter != "") { $where = " WHERE " . $this->mysql_filter; } if ($this->mysql_source) { $this->Rows = array(); $limit = ""; if ($this->pager) { $this->pager->allcount = intval(db::get_single_value("SELECT COUNT(" . $this->mysql_source_alias . "id) AS cnt FROM " . TBL_PREF . $this->mysql_source . $where)); $limit = $this->pager->GetLimitStr(); } $ord_str = "ORDER BY "; if (!is_null($this->order_rules)) { $ord_str .= $this->order_rules . ","; } $ord_str .= !$this->GetCurSortKey() ? $this->mysql_source_alias . "id" : $this->mysql_source_alias . $this->GetCurSortKey(); foreach (db::get_arrays("SELECT " . $this->mysql_flds . " FROM " . TBL_PREF . $this->mysql_source . $where . " " . $ord_str . $limit) as $r) { $this->AddRow($r, $this->mysql_source_alias . "id"); } } else { if ($this->pager) { $this->pager->allcount = count($this->Rows); if ($this->pager->GetLimitStr() != '') { $tmp = $this->Rows; $this->Rows = array(); for ($i = 0; $i < $this->pager->onPage; $i++) { if (isset($tmp[$this->pager->curPage * $this->pager->onPage + $i])) { $this->Rows[$i] = $tmp[$this->pager->curPage * $this->pager->onPage + $i]; } } } } } $this->StartTable(); $this->HtmlB = ""; foreach ($this->Rows as $kr => $r) { $rdata = $r["data"]; $r["style"]["cursor"] = "arrow"; $r["style"]["background-color"] = ""; if ($this->OnRowStart) { eval("\$" . "s = " . $this->OnRowStart . "(\$" . "r);"); } if (is_array($this->Highlite)) { if ($rdata[$this->Highlite[0]] == $this->Highlite[1]) { $r["style"]["background-color"] = "yellow"; } } if (!empty($_SESSION['user']['data']['conf_ord_colors']) && $this->useColors) { $currentColors = unserialize($_SESSION['user']['data']['conf_ord_colors']); $r["style"]["background-color"] = isset($currentColors[$rdata['id']]) ? $currentColors[$rdata['id']] : '#FFFFFF'; } else { $currentColors = array(); } $st = $this->makeRowStyle($r); $this->HtmlB .= "<tr style='" . $st . "' data-color='" . (isset($currentColors[$rdata['id']]) ? $currentColors[$rdata['id']] : '#FFFFFF') . "' data-row-id='" . $rdata['id'] . "'"; if ($this->RowSelect) { $this->HtmlB .= " onmouseover='jQuery(this).css(\"background-color\", \"" . $this->RowSelectCol . "\");' onmouseout='jQuery(this).css(\"background-color\", \"" . $r["style"]["background-color"] . "\");'"; if ($this->RowEvent != "") { $this->HtmlB .= " onclick='" . $this->RowEvent . "(" . $r["data"][$r["ek"]] . ");'"; } else { if ($this->RowEvent2 != "") { if (strpos($this->RowEvent2, "%var%") != false) { $s = str_replace("%var%", $r["data"][$r["ek"]], $this->RowEvent2); } else { $attr_index = strpos($this->RowEvent2, "%var."); $s = str_replace("%var.", '', $this->RowEvent2); $attr_ends = strpos($s, '%', $attr_index); $attr_name = substr($s, $attr_index, $attr_ends - $attr_index); $s = str_replace($attr_name . '%', $r["data"][$attr_name], $s); } $this->HtmlB .= " onclick='" . $s . "'"; } } } $this->HtmlB .= ">" . "\n"; foreach ($this->Columns as $k => $v) { $s = ""; if (count($v->Custom)) { $v = $v->Custom[$this->Settings["cust"][$k]]; } if ($v->Key != "" && isset($rdata[$v->Key])) { if (is_array($v->ExtData)) { $s = $v->ExtData[$rdata[$v->Key]]; } else { $s = $rdata[$v->Key]; } } if ($v->Process != "") { $this->Rows[$kr]['info'][$k] = ''; eval("\$" . "s=" . $v->Process . "(\$" . "s, \$" . "rdata, \$" . "this, \$" . "this->Rows[\$" . "kr]['info'][\$" . "k]);"); } elseif ($v->Format) { switch ($v->Format) { case CGUI_TABLE_FMT_SIZE: $s = _tbl_fmt_size($s); break; case CGUI_TABLE_FMT_DATE: $s = _tbl_fmt_date($s); break; case CGUI_TABLE_FMT_DATETIME: $s = _tbl_fmt_datetime($s); break; } } if (!empty($this->Rows[$kr]["info"][$k])) { $s = $this->Rows[$kr]["info"][$k]->GetHTML($s); } $this->HtmlB .= "<td"; if ($v->NoWrap) { $this->HtmlB .= " nowrap"; } if ($v->Align) { $this->HtmlB .= " style='text-align: " . $v->Align . "'"; } if ($v->hidden) { $this->HtmlB .= ' class="hide"'; } if ($v->id) { $this->HtmlB .= ' id="' . $v->id . '"'; } $this->HtmlB .= ">"; if ($v->instantEdit) { $this->HtmlB .= '<span class="instantEditOldValue">' . $s . '</span><span class="instantEdit" data-title="' . $v->Caption . '" data-field="' . $v->Key . '" data-value="' . $rdata[$v->Key] . '"></span>' . "\n"; } else { $this->HtmlB .= $s . "\n"; } $this->HtmlB .= "</td>" . "\n"; } $this->HtmlB .= "</tr>" . "\n"; } $this->EndTable(); }
print "<div style='overflow:auto; background:white; border: 1px solid gray; height: 78px'>" . "<table cellpadding=0 cellspacing=0 style='font-size:8pt; margin-left:2px;'>" . "<tr style='color:gray'><td>Сотрудник</td><td style='width:10px' nowrap></td><td>Занятость</td></tr>"; // Филиал сотрудника. Если нет филиала, то используем 8 часов раб день $worklong = 0; if ($_SESSION["user"]["data"]["filial_id"]) { $fil = fils_get($_SESSION["user"]["data"]["filial_id"]); $dweek = date("w", $date) - 1; if ($dweek == -1) { $dweek = 6; } fils_getworktime($fil, $dweek, $st, $en); $worklong = $en - $st; } if (!$worklong) { $worklong = 480; } foreach ($users as $u) { print "<tr><td>" . $u["fio"] . "</td><td></td><td>" . round(100 * $u["visits_sum"] / $worklong) . "%</td></tr>"; } print "</table></div>"; } else { $meetings = db::get_arrays("SELECT tm_start, tm_finish, station_id FROM " . TABLE_VISITS . " WHERE user_id = " . $uid . " AND date = " . $date); if ($meetings) { print "<div style='font-size:10pt'>"; foreach ($meetings as $r) { print utils_cvt_i2times($r["tm_start"]) . "-" . utils_cvt_i2times($r["tm_finish"]) . ' - ' . get_station_name($r['station_id']) . "<br>"; } print "</div>"; } else { print "на выбранную дату у сотрудника нет встреч"; } }
$column->Caption = "Доход фирмы"; $column->Key = "company_profit"; $column = $stat_tbl->NewColumn(); $column->Caption = "Оплачено фирме"; $column->Key = "company_paid"; $column = $stat_tbl->NewColumn(); $column->Caption = "Долг перед фирмой"; $column->Key = "debt_to_company"; if ($isDirector) { $column->instantEdit = true; } $column = $stat_tbl->NewColumn(); $column->Caption = "Заказы"; $column->Key = "orders"; $column->hidden = true; $column->id = 'orders_list'; } $result = array('id' => 'Стоимость, руб.', 'client_price' => 0, 'client_payed' => 0, 'client_debt' => 0, 'author_price' => 0, 'author_payed' => 0, 'debt_to_author' => 0, 'company_profit' => 0, 'company_paid' => 0, 'debt_to_company' => 0, 'orders' => ''); foreach (db::get_arrays("SELECT cost_kln, cost_auth, oplata_kln, author_paid, filial_id, id, company_paid FROM " . TBL_PREF . $Filter->DstTable . " WHERE " . (!empty($result_filter) ? $result_filter : "1")) as $row) { $result['client_price'] += $row['cost_kln']; $result['client_payed'] += $row['oplata_kln']; $result['client_debt'] += $row['cost_kln'] - $row['oplata_kln']; $result['author_price'] += $row['cost_auth']; $result['author_payed'] += $row['author_paid'] ? $row['author_paid'] : 0; $result['company_profit'] += calculate_debt_to_company($row['cost_kln'], $row['cost_auth'], $row['filial_id']); $result['company_paid'] += $row['company_paid']; $result['orders'] .= empty($result['orders']) ? $row['id'] : ',' . $row['id']; } $result['debt_to_author'] = $result['author_price'] - $result['author_payed']; $result['debt_to_company'] = $result['company_profit'] - $result['company_paid']; $stat_tbl->AddRow($result, "id");
$i = 1; foreach ($new_columns as $column) { if (isset($column['internal_name']) && in_array($column['internal_name'], $column_group_name)) { continue; } $r = $tbl->NewColumn(); $r->Caption = str_replace(" ", " <br>", $column['name']); $r->DoSort = $column['do_sort']; $r->Key = $column['internal_name']; $r->Align = $column['align']; $r->Process = $column['on_execute']; $r->instantEdit = $column['instant_edit']; $i++; } $tbl->FilterMYSQL($result_filter); $totals = db::get_arrays("\n SELECT filial_id, SUM(`value`) as total_expenses\n FROM " . TBL_PREF . $Filter->DstTable . "\n WHERE " . $result_filter . "\n GROUP BY filial_id\n"); if ($totals) { $stat_tbl = $GUI->Table("expenses_stat" . $n); $stat_tbl->Width = "50%"; $column = $stat_tbl->NewColumn(); $column->Caption = "Филиал"; $column->Key = "id"; $column = $stat_tbl->NewColumn(); $column->Caption = "Общий расход"; $column->Key = "total_expenses"; if (is_director($_SESSION['user']['data']['id'])) { $column = $stat_tbl->NewColumn(); $column->Caption = "Итого расход руководителя"; $column->Key = "director_expenses"; } foreach ($totals as $row) {
$column = $stat_tbl->NewColumn(); $column->Caption = "Долг"; $column->Key = "client_debt"; $column = $stat_tbl->NewColumn(); $column->Caption = "Расход"; $column->Key = "consumption"; $column = $stat_tbl->NewColumn(); $column->Caption = "Статус выплат"; $column->Key = "referrer_payment_status_all"; if (is_director($_SESSION['user']['data']['id'])) { $column->instantEdit = true; } $column = $stat_tbl->NewColumn(); $column->Caption = "Заказы"; $column->Key = "orders"; $column->hidden = true; $column->id = 'orders_list'; $result = array('id' => '', 'client_price' => 0, 'client_paid' => 0, 'client_debt' => 0, 'consumption' => 0, 'referrer_payment_status_all' => 0, 'orders' => ''); $result['referrer_payment_status_all'] = 'Не оплачено'; foreach (db::get_arrays("SELECT id, cost_kln, oplata_kln, referrer_payment_status FROM " . TBL_PREF . $Filter->DstTable) as $row) { $info = null; $result['client_price'] += $row['cost_kln']; $result['client_paid'] += $row['oplata_kln']; $result['client_debt'] += $row['cost_kln'] - $row['oplata_kln']; $result['consumption'] += get_consumption(0, $row, null, $info); if ($row['referrer_payment_status'] == 1) { $result['referrer_payment_status_all'] = 'Оплачено'; } $result['orders'] .= empty($result['orders']) ? $row['id'] : ',' . $row['id']; } $stat_tbl->AddRow($result);
function get_order_files($order_id, $creator = null) { return db::get_arrays("\n SELECT *\n FROM " . TBL_PREF . "order_files\n WHERE order_id = " . db::input($order_id) . (is_null($creator) ? '' : ' AND creator_id = ' . db::input($creator))); }
$column = $stat_tbl->NewColumn(); $column->Caption = "Итого"; $column = $stat_tbl->NewColumn(); $column->Caption = "Стоимость"; $column->Key = "client_price"; $column = $stat_tbl->NewColumn(); $column->Caption = "Оплачено"; $column->Key = "client_paid"; $column = $stat_tbl->NewColumn(); $column->Caption = "Долг"; $column->Key = "client_debt"; $column = $stat_tbl->NewColumn(); $column->Caption = "Мой доход"; $column->Key = "consumption"; $result = array('client_price' => 0, 'client_paid' => 0, 'client_debt' => 0, 'consumption' => 0, 'id' => 0); foreach (db::get_arrays("SELECT id, cost_kln, oplata_kln FROM " . TBL_PREF . $Filter->DstTable) as $row) { $info = ''; $result['client_price'] += $row['cost_kln']; $result['client_paid'] += $row['oplata_kln']; $result['client_debt'] += $row['cost_kln'] - $row['oplata_kln']; $result['consumption'] += get_consumption(0, $row, null, $info); } $stat_tbl->AddRow($result); echo '<div style="margin: 10px auto 0;width: 50%;" class="gui_style">'; echo $GUI->tables[1]->PrintTable(); echo '</div>'; } else { echo 'text'; } } function tp_users_cmds_frame($value, $row, $table, &$info)
public static function get_client($params) { $fields = '*'; if (array_key_exists('fields', $params)) { $fields = join(', ', $params['fields']); unset($params['fields']); } $where = self::generate_where_clause($params); $query = "SELECT {$fields} FROM " . TBL_PREF . "clients WHERE " . self::generate_where_clause($params); $db_result = db::get_arrays($query); if (0 == ($errno = mysql_errno())) { if (count($db_result)) { return self::generate_response(true, "OK", $db_result[0]); } else { return self::generate_response(false, "Клиента с параметрами: " . $where . " не существует"); } } else { return self::generate_response(false, db::error($query, $errno, mysql_error())); } }
$stat_tbl = $GUI->Table("cabinet_orders_stats" . $_SESSION["frame"]["client"]["id"]); $stat_tbl->Width = "50%"; $column = $stat_tbl->NewColumn(); $column->Caption = "Итого"; $column->Key = "id"; $column = $stat_tbl->NewColumn(); $column->Caption = "Стоимость"; $column->Key = "client_price"; $column = $stat_tbl->NewColumn(); $column->Caption = "Оплачено"; $column->Key = "client_payed"; $column = $stat_tbl->NewColumn(); $column->Caption = "Долг"; $column->Key = "client_debt"; $result = array('id' => '', 'client_price' => 0, 'client_payed' => 0, 'client_debt' => 0); foreach (db::get_arrays("SELECT cost_kln, oplata_kln FROM " . TABLE_ORDERS . " WHERE klient_id = " . db::input($_SESSION["frame"]["client"]["id"])) as $row) { $result['client_price'] += $row['cost_kln']; $result['client_payed'] += $row['oplata_kln']; $result['client_debt'] += $row['cost_kln'] - $row['oplata_kln']; } $stat_tbl->AddRow($result, "id"); echo '<center>'; echo $GUI->tables[1]->PrintTable(); echo '</center>'; } else { echo "У Вас нет заказов"; } } } function get_client_debt($value, $row, $table, &$info) {
<?php use Components\Classes\db; $query = 'SELECT *, FROM_UNIXTIME(created) as _date FROM `ofc_order_files` where created <=1401580800 ORDER BY `ofc_order_files`.`creator_id`, _date '; $db_result = db::get_arrays($query); $hasFiles = 0; foreach ($db_result as $file) { if (is_file(DIR_WS_ORDER_FILES . $file['order_id'] . '/' . $file['name'])) { $filename = $file['name']; $hasFiles++; echo "<p>{$filename}</p>"; } } echo "<p>Всего файлов: {$hasFiles}</p>"; $printr = print_r($db_result, true); echo nl2br($printr); die;