public function ajax_gets($params, $hiddenColms = array())
{
$aColumns = array('s.code', 'com.name', 's.address', 's.street', 's.town', 's.postcode', 's.upload_date', 'created_by_name', 's.created_on');
if (_has_company_group_access($this->current_user->group_id)) {
unset($aColumns[1]);
$aColumns = array_values($aColumns);
}
$data = $this->_build_filters();
$cc_ct = sprintf("(SELECT cc.*,ct.first_name,ct.last_name,ct.address,ct.email,ct.phone,ct.mobile,ct.fax,ct.created_by,ct.created_on FROM site_contacts AS cc INNER JOIN contacts AS ct ON cc.contact_id=ct.id AND cc.is_default=1 AND ct.is_deleted=0) cc_ct");
$this->db->select('SQL_CALC_FOUND_ROWS s.id as site_id', FALSE)->select('com.name as company_name ')->select("CONCAT(u.first_name,' ',u.last_name) AS created_by_name", FALSE)->select('s.address,s.street,s.town, s.postcode,s.upload_date,s.code AS site_code, s.created_on')->select("CONCAT(`cc_ct`.`first_name`,' ',`cc_ct`.`last_name`) AS contact_name", FALSE)->select('cc_ct.email AS contact_email')->from('sites s')->join('companies com', 's.company_id = com.id', 'INNER')->join($cc_ct, 's.id = cc_ct.site_id', 'LEFT')->join('users u', 's.created_by = u.id', 'LEFT')->where("s.is_deleted", 0)->where("com.is_deleted", 0);
//$this->_apply_filters($data);
if (array_key_exists('company_id', $params) && $params['company_id']) {
$this->db->where("s.company_id", to_int($params['company_id']));
}
$this->db->group_by('s.id');
if (isset($params['iDisplayStart']) && $params['iDisplayLength'] != '-1') {
$this->db->limit($this->db->escape_str($params['iDisplayLength']), $this->db->escape_str($params['iDisplayStart']));
}
if (isset($params['iSortCol_0'])) {
for ($i = 0; $i < intval($params['iSortingCols']); $i++) {
$iSortCol = $this->input->get_post('iSortCol_' . $i, true);
$bSortable = $this->input->get_post('bSortable_' . intval($iSortCol), true);
$sSortDir = $this->input->get_post('sSortDir_' . $i, true);
if ($bSortable == 'true') {
if ($aColumns[intval($this->db->escape_str($iSortCol))] == 'created_by_name') {
$this->db->order_by(sprintf("CONCAT(`u`.`first_name`,' ',`u`.`last_name`)"), $this->db->escape_str($sSortDir), FALSE);
} else {
$this->db->order_by($aColumns[intval($this->db->escape_str($iSortCol))], $this->db->escape_str($sSortDir));
}
}
}
}
if (isset($params['sSearch']) && !empty($params['sSearch'])) {
$sSearch = '%' . $this->db->escape_like_str($params['sSearch']) . '%';
$where = array();
for ($i = 0; $i < count($aColumns); $i++) {
$bSearchable = $this->input->get_post('bSearchable_' . $i, true);
if (isset($bSearchable) && $bSearchable == 'true') {
if ($aColumns[$i] == 'created_by_name') {
$where[] = sprintf("CONCAT(u.first_name,' ',u.last_name) LIKE '%s' ", $sSearch);
} else {
$where[] = sprintf($aColumns[$i] . " LIKE '%s' ", $sSearch);
}
}
}
if (count($where) > 1) {
$this->db->where('(' . implode(' OR ', $where) . ')');
}
}
$rResult = $this->db->get();
// Data set length after filtering
$this->db->select('FOUND_ROWS() AS found_rows');
$iFilteredTotal = $this->db->get()->row()->found_rows;
// Total data set length
$iTotal = $this->ajax_gets_count($params, $data);
//needs to change to the specific query.
// Output
$output = array('sEcho' => intval($params['sEcho']), 'iTotalRecords' => $iTotal, 'iTotalDisplayRecords' => $iFilteredTotal, 'aaData' => $rResult->result());
return $output;
}
function groups_dropdown($method, $params = array())
{
$ci =& get_instance();
$params = array_merge(array('first_row' => FALSE, 'default_text' => '', 'no_company' => FALSE), $params);
$result = $ci->ion_auth->groups()->result();
if ($method == 'ajax') {
$list = array();
if ($params['first_row']) {
$list[] = array("value" => "", "text" => $params['default_text']);
}
foreach ($result as $row) {
if (_has_company_group_access($ci->current_user->group_id) && $row->id == GROUP_ADMIN) {
continue;
}
if (in_array($ci->current_user->group_id, array(GROUP_USER_COMPANY, GROUP_CLIENT_USER)) && $row->id == GROUP_MANAGEMENT_COMPANY) {
continue;
}
$list[] = array("value" => $row->id, "text" => $row->description);
}
header('Content-Type: application/json');
echo json_encode($list);
die;
}
$list = array();
if ($params['first_row']) {
$list[""] = $params['default_text'];
}
foreach ($result as $row) {
if (_has_company_group_access($ci->current_user->group_id) && $row->id == GROUP_ADMIN) {
continue;
}
if (in_array($ci->current_user->group_id, array(GROUP_USER_COMPANY, GROUP_CLIENT_USER)) && $row->id == GROUP_MANAGEMENT_COMPANY) {
continue;
}
$list[$row->id] = $row->description;
}
if ($method == 'return') {
return $list;
} else {
echo $list;
}
}
<label class="col-sm-4 control-label no-padding-right" for="group_id">User Group:</label>
<div class="col-sm-8">
<?php
echo form_dropdown('group_id', groups_dropdown('return', array('first_row' => TRUE)), $group_id, 'id="group_id" class="form-control input-sm" data-placeholder="Select a Group"');
?>
<?php
echo form_error('group_id', '<label class="error">', '</label>');
?>
</div>
</div>
<?php
if ($current_user->group_id == GROUP_ADMIN) {
?>
<div class="form-group company_option" <?php
if (!_has_company_group_access($group_id)) {
?>
style="display:none;"<?php
}
?>
>
<label class="col-sm-4 control-label no-padding-right" for="company_id">Agency:</label>
<div class="col-sm-8">
<div class="row">
<div class="col-sm-10">
<?php
echo form_dropdown('company_id', companies_dropdown('return', array('first_row' => TRUE)), $company_id, 'id="company_id" class="form-control input-sm" data-placeholder="Select a Agency"');
?>
</div>
<div class="col-sm-2">
public function delete($pkey, $method = "echo")
{
_has_user_access_permission(TRUE, array('admin', 'management_company', 'user_company'));
$params = ($params = unserialize_object($pkey)) && is_array($params) ? $params : array();
$company_id = $this->current_user->group_id == 1 ? $this->_post_args('company_id', ARGS_TYPE_INT, array_key_exists(SYS_COMPANY_ID, $params) && gtzero_integer($params[SYS_COMPANY_ID]) ? to_int($params[SYS_COMPANY_ID]) : 0) : $this->current_user->company_id;
$client_id = isset($params[SYS_CLIENT_ID]) && gtzero_integer($params[SYS_CLIENT_ID]) ? (int) $params[SYS_CLIENT_ID] : 0;
$redirect_url = $this->_post_args('redirect_url', ARGS_TYPE_STRING, $this->agent->referrer());
$client_info = $this->client_m->details($client_id, $company_id);
if (!$client_info || _has_company_group_access($this->current_user->group_id) && $client_info->company_id != $this->current_user->company_id) {
$this->show_permission_denied_error($method);
}
$company_id = $this->current_user->group_id == 1 ? $this->_post_args('company_id', ARGS_TYPE_INT, $client_info->company_id) : $this->current_user->company_id;
$this->form_validation->set_rules('confirm', 'confirm', 'trim|required');
$output = array('message' => "", 'status' => "");
if ($this->form_validation->run() == TRUE) {
$is_record_updated = $this->client_m->delete($client_id);
if ($is_record_updated) {
$output['message'] = sprintf('The client "%s" has been deleted.', $client_info->full_name);
$output['status'] = SUCCESS_MESSAGE;
$output['client_id'] = $client_id;
/*trigger_trip("client_deleted", $details->company_id, array('client_id' => $client_id, 'deleted_by' => $this->current_user->user_id));*/
} else {
$output['message'] = sprintf('Unable to delete client "%s". Please report the issue to %s', $client_info->full_name, $this->cfg->contact_email);
$output['status'] = ERROR_MESSAGE;
}
$this->_output_request($output, $redirect_url);
} else {
if (validation_errors()) {
$output['message'] = validation_errors();
$output['status'] = ERROR_MESSAGE;
}
}
$csrf = _get_csrf_nonce();
$data = array('form_action' => site_url('clients/delete/' . $pkey), 'cancel_url' => $redirect_url, 'page' => 'clients/delete', 'title' => 'Delete Client', "display_message" => sprintf('Are you sure you want to delete client "%s"?', $client_info->full_name), "display_heading" => sprintf('Delete Client', $client_info->full_name), "submit_btn_text" => "Save Changes", 'hiddenvars' => array_merge($csrf, array('redirect_url' => $redirect_url, 'confirm' => 1)));
if ($this->input->is_ajax_request()) {
$html = $this->template->raw_view('pages/clients/delete_modal', $data, TRUE);
if ($method == "ajax") {
$output['html'] = $html;
$this->_output_request($output, $redirect_url);
} else {
echo $html;
}
} else {
if (!empty($output['status'])) {
set_flash_data($output['status'], $output['message'], FALSE);
}
$this->template->load('default', $data);
}
}
public function download($pkey, $method = "echo")
{
_has_user_access_permission(TRUE, array('admin'));
$params = ($params = unserialize_object($pkey)) && is_array($params) ? $params : array();
$company_id = in_array($this->current_user->group_id, array(GROUP_ADMIN, GROUP_STAFF, GROUP_ENGINEER)) ? $this->_post_args('company_id', ARGS_TYPE_INT, array_key_exists(SYS_COMPANY_ID, $params) && gtzero_integer($params[SYS_COMPANY_ID]) ? to_int($params[SYS_COMPANY_ID]) : 0) : $this->current_user->company_id;
$site_id = isset($params[SYS_SITE_ID]) && gtzero_integer($params[SYS_SITE_ID]) ? to_int($params[SYS_SITE_ID]) : 0;
$redirect_url = $this->_post_args('redirect_url', ARGS_TYPE_STRING, $this->agent->referrer());
$site_statuses = array('' => '', 1 => 'OPEN', 2 => 'SUBMITTED', 3 => 'COMPLETED');
$site_info = $this->site_m->details($site_id, $company_id);
if (!$site_info || _has_company_group_access($this->current_user->group_id) && $site_info->company_id != $this->current_user->company_id) {
$this->show_permission_denied_error($method);
}
$company_id = in_array($this->current_user->group_id, array(GROUP_ADMIN, GROUP_STAFF, GROUP_ENGINEER)) ? $this->_post_args('company_id', ARGS_TYPE_INT, $site_info->company_id) : $this->current_user->company_id;
$doc_key = $this->_post_args('doc_key', ARGS_TYPE_STRING) ? $this->_post_args('doc_key', ARGS_TYPE_STRING) : keygen();
$csrf = _get_csrf_nonce();
$headings = array("SITE", "FORM", "DATE ADDED", "ADDED BY", "STATUS", "DATE SUBMITTED", "SUBMITTED BY", "DATE COMPLETED", "COMPLETED BY");
$this->load->library('PHPExcel');
$this->load->library('PHPExcel/IOFactory');
// Create a new PHPExcel object
$objPHPExcel = new PHPExcel();
$objPHPExcel->getActiveSheet()->setTitle('List of Site Forms');
$rowNumber = 1;
$col = 'A';
foreach ($headings as $heading) {
$objPHPExcel->getActiveSheet()->setCellValue($col . $rowNumber, $heading);
$col++;
}
// Loop through the result set
$rowNumber = 2;
foreach ($site_info->site_forms as $site_form) {
$col = 'A';
$objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_info->site_code);
$objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->form_name);
$objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, _validate_date($site_form->added_on, 'Y-m-d H:i:s') ? local_time($site_form->added_on, 'M d, Y @ h:ia') : '');
$objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->added_by_name);
$objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_statuses[$site_form->status]);
$objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, _validate_date($site_form->submitted_on, 'Y-m-d H:i:s') ? local_time($site_form->submitted_on, 'M d, Y @ h:ia') : '');
$objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->submitted_by_name);
$objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, _validate_date($site_form->completed_on, 'Y-m-d H:i:s') ? local_time($site_form->completed_on, 'M d, Y @ h:ia') : '');
$objPHPExcel->getActiveSheet()->setCellValue($col++ . $rowNumber, $site_form->completed_by_name);
$rowNumber++;
}
$objWriter = IOFactory::createWriter($objPHPExcel, 'Excel5');
// We'll be outputting an excel file
header('Content-type: application/vnd.ms-excel');
// It will be called file.xls
header('Content-Disposition: attachment; filename="' . date('Ymd') . '.xls"');
// Write file to the browser
$objWriter->save('php://output');
}
public function _check_user_company($company_id)
{
if (_has_company_group_access($this->current_user->group_id)) {
return TRUE;
}
$group_id = $this->_post_args("group_id", ARGS_TYPE_INT);
$company_id = $this->_post_args("company_id", ARGS_TYPE_INT);
if (_has_company_group_access($group_id) && $company_id <= 0) {
$this->form_validation->set_message('_check_user_company', 'The %s field is required.');
return false;
}
}
public function details($user_id)
{
$uc = "(SELECT user_id,company_id FROM user_company UNION SELECT clu.user_id,cu.company_id FROM user_clients clu INNER JOIN clients cu ON clu.client_id = cu.id) uc";
$this->db->select('u.id, u.username, u.email, u.first_name, u.last_name, u.avatar, u.phone, g.id as group_id, u.postcode, u.gmt_offset, u.active, u.avatar, u.workhours, u.gps_device_id, u.hourly_rate, u.latitude, u.longitude, u.is_deleted')->select("CONCAT(u.first_name,' ', u.last_name) AS full_name", FALSE)->select('g.name as group_name, g.description as group_description, g.id as group_id')->select('com.id AS company_id, com.name AS company_name')->from('users u')->join('users_groups ug', 'u.id = ug.user_id', 'LEFT')->join('groups g', 'ug.group_id = g.id', 'LEFT')->join($uc, 'u.id=uc.user_id', 'LEFT')->join('companies com', 'uc.company_id=com.id', 'LEFT')->where('u.id', to_int($user_id))->group_by('u.id');
$user_info = $this->db->get()->row();
$user_info->id = to_int($user_info->id);
$user_info->group_id = to_int($user_info->group_id);
$user_info->hourly_rate = to_float($user_info->hourly_rate);
$user_info->latitude = !is_null($user_info->latitude) ? $user_info->latitude : '';
$user_info->longitude = !is_null($user_info->longitude) ? $user_info->longitude : '';
//$user_info->region_name = !is_null($user_info->region_name) ? $user_info->region_name : '';
$user_info->avatar = !is_null($user_info->avatar) ? $user_info->avatar : '';
$user_info->active = to_int($user_info->active);
$user_info->hourly_rate = to_float($user_info->hourly_rate);
$user_info->is_deleted = to_float($user_info->is_deleted);
$user_info->{'company_id'} = 0;
$user_info->{'client_ids'} = array();
if (_has_company_group_access($user_info->group_id)) {
$user_info->{'company_id'} = $this->user_company_by_user_id($user_info->id);
}
if ($user_info->group_id == GROUP_CLIENT_USER) {
$clients = array();
if (($clients = $this->get_client_by_user_id($user_info->id)) != FALSE) {
$user_info->{'client_ids'} = $clients;
}
unset($clients);
}
return $user_info;
}
