public function ajax_gets($params, $hiddenColms = array()) { $aColumns = array('s.code', 'com.name', 's.address', 's.street', 's.town', 's.postcode', 's.upload_date', 'created_by_name', 's.created_on'); if (_has_company_group_access($this->current_user->group_id)) { unset($aColumns[1]); $aColumns = array_values($aColumns); } $data = $this->_build_filters(); $cc_ct = sprintf("(SELECT cc.*,ct.first_name,ct.last_name,ct.address,ct.email,ct.phone,ct.mobile,ct.fax,ct.created_by,ct.created_on FROM site_contacts AS cc INNER JOIN contacts AS ct ON cc.contact_id=ct.id AND cc.is_default=1 AND ct.is_deleted=0) cc_ct"); $this->db->select('SQL_CALC_FOUND_ROWS s.id as site_id', FALSE)->select('com.name as company_name ')->select("CONCAT(u.first_name,' ',u.last_name) AS created_by_name", FALSE)->select('s.address,s.street,s.town, s.postcode,s.upload_date,s.code AS site_code, s.created_on')->select("CONCAT(`cc_ct`.`first_name`,' ',`cc_ct`.`last_name`) AS contact_name", FALSE)->select('cc_ct.email AS contact_email')->from('sites s')->join('companies com', 's.company_id = com.id', 'INNER')->join($cc_ct, 's.id = cc_ct.site_id', 'LEFT')->join('users u', 's.created_by = u.id', 'LEFT')->where("s.is_deleted", 0)->where("com.is_deleted", 0); //$this->_apply_filters($data); if (array_key_exists('company_id', $params) && $params['company_id']) { $this->db->where("s.company_id", to_int($params['company_id'])); } $this->db->group_by('s.id'); if (isset($params['iDisplayStart']) && $params['iDisplayLength'] != '-1') { $this->db->limit($this->db->escape_str($params['iDisplayLength']), $this->db->escape_str($params['iDisplayStart'])); } if (isset($params['iSortCol_0'])) { for ($i = 0; $i < intval($params['iSortingCols']); $i++) { $iSortCol = $this->input->get_post('iSortCol_' . $i, true); $bSortable = $this->input->get_post('bSortable_' . intval($iSortCol), true); $sSortDir = $this->input->get_post('sSortDir_' . $i, true); if ($bSortable == 'true') { if ($aColumns[intval($this->db->escape_str($iSortCol))] == 'created_by_name') { $this->db->order_by(sprintf("CONCAT(`u`.`first_name`,' ',`u`.`last_name`)"), $this->db->escape_str($sSortDir), FALSE); } else { $this->db->order_by($aColumns[intval($this->db->escape_str($iSortCol))], $this->db->escape_str($sSortDir)); } } } } if (isset($params['sSearch']) && !empty($params['sSearch'])) { $sSearch = '%' . $this->db->escape_like_str($params['sSearch']) . '%'; $where = array(); for ($i = 0; $i < count($aColumns); $i++) { $bSearchable = $this->input->get_post('bSearchable_' . $i, true); if (isset($bSearchable) && $bSearchable == 'true') { if ($aColumns[$i] == 'created_by_name') { $where[] = sprintf("CONCAT(u.first_name,' ',u.last_name) LIKE '%s' ", $sSearch); } else { $where[] = sprintf($aColumns[$i] . " LIKE '%s' ", $sSearch); } } } if (count($where) > 1) { $this->db->where('(' . implode(' OR ', $where) . ')'); } } $rResult = $this->db->get(); // Data set length after filtering $this->db->select('FOUND_ROWS() AS found_rows'); $iFilteredTotal = $this->db->get()->row()->found_rows; // Total data set length $iTotal = $this->ajax_gets_count($params, $data); //needs to change to the specific query. // Output $output = array('sEcho' => intval($params['sEcho']), 'iTotalRecords' => $iTotal, 'iTotalDisplayRecords' => $iFilteredTotal, 'aaData' => $rResult->result()); return $output; }
function groups_dropdown($method, $params = array()) { $ci =& get_instance(); $params = array_merge(array('first_row' => FALSE, 'default_text' => '', 'no_company' => FALSE), $params); $result = $ci->ion_auth->groups()->result(); if ($method == 'ajax') { $list = array(); if ($params['first_row']) { $list[] = array("value" => "", "text" => $params['default_text']); } foreach ($result as $row) { if (_has_company_group_access($ci->current_user->group_id) && $row->id == GROUP_ADMIN) { continue; } if (in_array($ci->current_user->group_id, array(GROUP_USER_COMPANY, GROUP_CLIENT_USER)) && $row->id == GROUP_MANAGEMENT_COMPANY) { continue; } $list[] = array("value" => $row->id, "text" => $row->description); } header('Content-Type: application/json'); echo json_encode($list); die; } $list = array(); if ($params['first_row']) { $list[""] = $params['default_text']; } foreach ($result as $row) { if (_has_company_group_access($ci->current_user->group_id) && $row->id == GROUP_ADMIN) { continue; } if (in_array($ci->current_user->group_id, array(GROUP_USER_COMPANY, GROUP_CLIENT_USER)) && $row->id == GROUP_MANAGEMENT_COMPANY) { continue; } $list[$row->id] = $row->description; } if ($method == 'return') { return $list; } else { echo $list; } }
<label class="col-sm-4 control-label no-padding-right" for="group_id">User Group:</label> <div class="col-sm-8"> <?php echo form_dropdown('group_id', groups_dropdown('return', array('first_row' => TRUE)), $group_id, 'id="group_id" class="form-control input-sm" data-placeholder="Select a Group"'); ?> <?php echo form_error('group_id', '<label class="error">', '</label>'); ?> </div> </div> <?php if ($current_user->group_id == GROUP_ADMIN) { ?> <div class="form-group company_option" <?php if (!_has_company_group_access($group_id)) { ?> style="display:none;"<?php } ?> > <label class="col-sm-4 control-label no-padding-right" for="company_id">Agency:</label> <div class="col-sm-8"> <div class="row"> <div class="col-sm-10"> <?php echo form_dropdown('company_id', companies_dropdown('return', array('first_row' => TRUE)), $company_id, 'id="company_id" class="form-control input-sm" data-placeholder="Select a Agency"'); ?> </div> <div class="col-sm-2">
public function delete($pkey, $method = "echo") { _has_user_access_permission(TRUE, array('admin', 'management_company', 'user_company')); $params = ($params = unserialize_object($pkey)) && is_array($params) ? $params : array(); $company_id = $this->current_user->group_id == 1 ? $this->_post_args('company_id', ARGS_TYPE_INT, array_key_exists(SYS_COMPANY_ID, $params) && gtzero_integer($params[SYS_COMPANY_ID]) ? to_int($params[SYS_COMPANY_ID]) : 0) : $this->current_user->company_id; $client_id = isset($params[SYS_CLIENT_ID]) && gtzero_integer($params[SYS_CLIENT_ID]) ? (int) $params[SYS_CLIENT_ID] : 0; $redirect_url = $this->_post_args('redirect_url', ARGS_TYPE_STRING, $this->agent->referrer()); $client_info = $this->client_m->details($client_id, $company_id); if (!$client_info || _has_company_group_access($this->current_user->group_id) && $client_info->company_id != $this->current_user->company_id) { $this->show_permission_denied_error($method); } $company_id = $this->current_user->group_id == 1 ? $this->_post_args('company_id', ARGS_TYPE_INT, $client_info->company_id) : $this->current_user->company_id; $this->form_validation->set_rules('confirm', 'confirm', 'trim|required'); $output = array('message' => "", 'status' => ""); if ($this->form_validation->run() == TRUE) { $is_record_updated = $this->client_m->delete($client_id); if ($is_record_updated) { $output['message'] = sprintf('The client "%s" has been deleted.', $client_info->full_name); $output['status'] = SUCCESS_MESSAGE; $output['client_id'] = $client_id; /*trigger_trip("client_deleted", $details->company_id, array('client_id' => $client_id, 'deleted_by' => $this->current_user->user_id));*/ } else { $output['message'] = sprintf('Unable to delete client "%s". Please report the issue to %s', $client_info->full_name, $this->cfg->contact_email); $output['status'] = ERROR_MESSAGE; } $this->_output_request($output, $redirect_url); } else { if (validation_errors()) { $output['message'] = validation_errors(); $output['status'] = ERROR_MESSAGE; } } $csrf = _get_csrf_nonce(); $data = array('form_action' => site_url('clients/delete/' . $pkey), 'cancel_url' => $redirect_url, 'page' => 'clients/delete', 'title' => 'Delete Client', "display_message" => sprintf('Are you sure you want to delete client "%s"?', $client_info->full_name), "display_heading" => sprintf('Delete Client', $client_info->full_name), "submit_btn_text" => "Save Changes", 'hiddenvars' => array_merge($csrf, array('redirect_url' => $redirect_url, 'confirm' => 1))); if ($this->input->is_ajax_request()) { $html = $this->template->raw_view('pages/clients/delete_modal', $data, TRUE); if ($method == "ajax") { $output['html'] = $html; $this->_output_request($output, $redirect_url); } else { echo $html; } } else { if (!empty($output['status'])) { set_flash_data($output['status'], $output['message'], FALSE); } $this->template->load('default', $data); } }
public function download($pkey, $method = "echo") { _has_user_access_permission(TRUE, array('admin')); $params = ($params = unserialize_object($pkey)) && is_array($params) ? $params : array(); $company_id = in_array($this->current_user->group_id, array(GROUP_ADMIN, GROUP_STAFF, GROUP_ENGINEER)) ? $this->_post_args('company_id', ARGS_TYPE_INT, array_key_exists(SYS_COMPANY_ID, $params) && gtzero_integer($params[SYS_COMPANY_ID]) ? to_int($params[SYS_COMPANY_ID]) : 0) : $this->current_user->company_id; $site_id = isset($params[SYS_SITE_ID]) && gtzero_integer($params[SYS_SITE_ID]) ? to_int($params[SYS_SITE_ID]) : 0; $redirect_url = $this->_post_args('redirect_url', ARGS_TYPE_STRING, $this->agent->referrer()); $site_statuses = array('' => '', 1 => 'OPEN', 2 => 'SUBMITTED', 3 => 'COMPLETED'); $site_info = $this->site_m->details($site_id, $company_id); if (!$site_info || _has_company_group_access($this->current_user->group_id) && $site_info->company_id != $this->current_user->company_id) { $this->show_permission_denied_error($method); } $company_id = in_array($this->current_user->group_id, array(GROUP_ADMIN, GROUP_STAFF, GROUP_ENGINEER)) ? $this->_post_args('company_id', ARGS_TYPE_INT, $site_info->company_id) : $this->current_user->company_id; $doc_key = $this->_post_args('doc_key', ARGS_TYPE_STRING) ? $this->_post_args('doc_key', ARGS_TYPE_STRING) : keygen(); $csrf = _get_csrf_nonce(); $headings = array("SITE", "FORM", "DATE ADDED", "ADDED BY", "STATUS", "DATE SUBMITTED", "SUBMITTED BY", "DATE COMPLETED", "COMPLETED BY"); $this->load->library('PHPExcel'); $this->load->library('PHPExcel/IOFactory'); // Create a new PHPExcel object $objPHPExcel = new PHPExcel(); $objPHPExcel->getActiveSheet()->setTitle('List of Site Forms'); $rowNumber = 1; $col = 'A'; foreach ($headings as $heading) { $objPHPExcel->getActiveSheet()->setCellValue($col . $rowNumber, $heading); $col++; } // Loop through the result set $rowNumber = 2; foreach ($site_info->site_forms as $site_form) { $col = 'A'; $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_info->site_code); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->form_name); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, _validate_date($site_form->added_on, 'Y-m-d H:i:s') ? local_time($site_form->added_on, 'M d, Y @ h:ia') : ''); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->added_by_name); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_statuses[$site_form->status]); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, _validate_date($site_form->submitted_on, 'Y-m-d H:i:s') ? local_time($site_form->submitted_on, 'M d, Y @ h:ia') : ''); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->submitted_by_name); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, _validate_date($site_form->completed_on, 'Y-m-d H:i:s') ? local_time($site_form->completed_on, 'M d, Y @ h:ia') : ''); $objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->completed_by_name); $rowNumber++; } $objWriter = IOFactory::createWriter($objPHPExcel, 'Excel5'); // We'll be outputting an excel file header('Content-type: application/vnd.ms-excel'); // It will be called file.xls header('Content-Disposition: attachment; filename="' . date('Ymd') . '.xls"'); // Write file to the browser $objWriter->save('php://output'); }
public function _check_user_company($company_id) { if (_has_company_group_access($this->current_user->group_id)) { return TRUE; } $group_id = $this->_post_args("group_id", ARGS_TYPE_INT); $company_id = $this->_post_args("company_id", ARGS_TYPE_INT); if (_has_company_group_access($group_id) && $company_id <= 0) { $this->form_validation->set_message('_check_user_company', 'The %s field is required.'); return false; } }
public function details($user_id) { $uc = "(SELECT user_id,company_id FROM user_company UNION SELECT clu.user_id,cu.company_id FROM user_clients clu INNER JOIN clients cu ON clu.client_id = cu.id) uc"; $this->db->select('u.id, u.username, u.email, u.first_name, u.last_name, u.avatar, u.phone, g.id as group_id, u.postcode, u.gmt_offset, u.active, u.avatar, u.workhours, u.gps_device_id, u.hourly_rate, u.latitude, u.longitude, u.is_deleted')->select("CONCAT(u.first_name,' ', u.last_name) AS full_name", FALSE)->select('g.name as group_name, g.description as group_description, g.id as group_id')->select('com.id AS company_id, com.name AS company_name')->from('users u')->join('users_groups ug', 'u.id = ug.user_id', 'LEFT')->join('groups g', 'ug.group_id = g.id', 'LEFT')->join($uc, 'u.id=uc.user_id', 'LEFT')->join('companies com', 'uc.company_id=com.id', 'LEFT')->where('u.id', to_int($user_id))->group_by('u.id'); $user_info = $this->db->get()->row(); $user_info->id = to_int($user_info->id); $user_info->group_id = to_int($user_info->group_id); $user_info->hourly_rate = to_float($user_info->hourly_rate); $user_info->latitude = !is_null($user_info->latitude) ? $user_info->latitude : ''; $user_info->longitude = !is_null($user_info->longitude) ? $user_info->longitude : ''; //$user_info->region_name = !is_null($user_info->region_name) ? $user_info->region_name : ''; $user_info->avatar = !is_null($user_info->avatar) ? $user_info->avatar : ''; $user_info->active = to_int($user_info->active); $user_info->hourly_rate = to_float($user_info->hourly_rate); $user_info->is_deleted = to_float($user_info->is_deleted); $user_info->{'company_id'} = 0; $user_info->{'client_ids'} = array(); if (_has_company_group_access($user_info->group_id)) { $user_info->{'company_id'} = $this->user_company_by_user_id($user_info->id); } if ($user_info->group_id == GROUP_CLIENT_USER) { $clients = array(); if (($clients = $this->get_client_by_user_id($user_info->id)) != FALSE) { $user_info->{'client_ids'} = $clients; } unset($clients); } return $user_info; }