function add_note($data) { $result1 = $this->_query_reader->run('add_contract_status', array('contract_id' => $data['contract_id'], 'status' => $data['contract__contractstatus'], 'percentage' => $data['contract__percentage'], 'amount_spent' => $data['amountspent'], 'amount_paid' => $data['amountpaid'], 'document_url' => $data['document'], 'user_id' => $this->native_session->get('__user_id'), 'organization_id' => $this->native_session->get('__organization_id'), 'notes' => htmlentities($data['note'], ENT_QUOTES))); # update the contract percentage $result2 = $this->_query_reader->run('update_contract_percentage', array('contract_id' => $data['contract_id'], 'status' => $data['contract__contractstatus'], 'percentage' => $data['contract__percentage'], 'user_id' => $this->native_session->get('__user_id'))); return array('boolean' => get_decision(array($result1, $result2)), 'reason' => ''); }
function forgot_password() { # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('i')); # Pick all assigned data $data = assign_to_data($urldata); if ($this->input->post('sendnewpass')) { $required_fields = array('youremail*EMAILFORMAT'); $_POST = clean_form_data($_POST); $validation_results = validate_form('', $_POST, $required_fields); #Only proceed if the validation for required fields passes if ($validation_results['bool']) { #Check if a user with the specified email exists $userdata = $this->Query_reader->get_row_as_array('get_user_by_email_ignore_status', array('emailaddress' => $_POST['youremail'])); #Active user who just forgot their password if (!empty($userdata) && $userdata['isactive'] == 'Y') { $_POST['newpass'] = generate_new_password(); $pass_result = $this->db->query($this->Query_reader->get_query_by_code('update_user_password', array('emailaddress' => $_POST['youremail'], 'newpass' => sha1($_POST['newpass'])))); $flag_result = $this->db->query($this->Query_reader->get_query_by_code('update_user_changedpassword_flag', array('emailaddress' => $_POST['youremail'], 'flagvalue' => 'N'))); if (get_decision(array($pass_result, $flag_result))) { $send_result = $this->sysemail->email_form_data(array('fromemail' => SITE_ADMIN_MAIL), array_merge($userdata, $_POST, get_confirmation_messages($this, array('emailaddress' => $_POST['youremail'], 'newpass' => $_POST['newpass'], 'firstname' => $userdata['firstname']), 'changed_password_notify'))); if ($send_result) { $data['msg'] = "Your new password has been sent to your email address."; $data['issuccess'] = 'Y'; } } if (empty($send_result) || !empty($send_result) && !$send_result) { $data['msg'] = "ERROR: A new password could not be generated. <a href='javascript:void(0)'>Click here</a> to report this error."; } } else { if (!empty($userdata) && $userdata['isactive'] == 'N' && $userdata['forcedclose'] == 'Y') { $data['msg'] = "WARNING: Your account was previously deactivated due to activities contrary <BR>to our terms of use.<BR><BR>Please <a href='javascript:void(0)'>contact us</a> if you want to <BR>reactivate your account."; } else { if (!empty($userdata) && $userdata['isactive'] == 'N' && $userdata['forcedclose'] == 'N') { $_POST['newpass'] = generate_new_password(); $reactivate_result = $this->db->query($this->Query_reader->get_query_by_code('reactivate_old_user', array('emailaddress' => $_POST['youremail'], 'password' => sha1($_POST['newpass']), 'enddate' => date('Y-m-d', mktime(0, 0, 0, date("m"), 1, date("y") + 2))))); $flag_result = $this->db->query($this->Query_reader->get_query_by_code('update_user_changedpassword_flag', array('emailaddress' => $_POST['youremail'], 'flagvalue' => 'N'))); if (get_decision(array($reactivate_result, $flag_result))) { $send_result = $this->sysemail->email_form_data(array('fromemail' => SITE_ADMIN_MAIL), array_merge($userdata, $_POST, get_confirmation_messages($this, array('emailaddress' => $_POST['youremail'], 'newpass' => $_POST['newpass'], 'firstname' => $userdata['firstname']), 'changed_password_notify'))); if ($send_result) { $data['msg'] = "Your new password has been sent to your email address."; $data['issuccess'] = 'Y'; } } if (empty($send_result) || !empty($send_result) && !$send_result) { $data['msg'] = "ERROR: A new password could not be generated. <a href='javascript:void(0)'>Click here</a> to report this error."; } } } } } if (empty($data['msg'])) { $data['msg'] = "WARNING: The highlighted fields are required."; } $data['requiredfields'] = $validation_results['requiredfields']; $data['formdata'] = $_POST; } $data = add_msg_if_any($this, $data); $this->load->view('account/forgot_password', $data); }
function manage_staff_group_rights() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 't')); # Pick all assigned data $data = assign_to_data($urldata); if (!empty($data['i'])) { $result = $this->db->query($this->Query_reader->get_query_by_code('get_group_permissions', array('groupid' => decryptValue($data['i'])))); $the_permissions_list = $result->result_array(); $data['permissions_list'] = array(); foreach ($the_permissions_list as $permission_row) { array_push($data['permissions_list'], $permission_row['permissionid']); } $data['groupdetails'] = $this->Query_reader->get_row_as_array('get_group_by_id', array('id' => decryptValue($data['i']))); $usertype = $this->session->userdata('isadmin') == 'Y' ? "admin" : ""; $result = $this->db->query($this->Query_reader->get_query_by_code('get_all_permissions', array('accesslist' => "'" . $usertype . "'"))); $data['all_permissions'] = $result->result_array(); #put all permissions in a manageable array $data['all_permissions_list'] = array(); foreach ($data['all_permissions'] as $thepermission) { array_push($data['all_permissions_list'], $thepermission['id']); } } if (!empty($data['t']) && $data['t'] == 'super') { $tstr = "/t/super"; } else { $tstr = ""; } if ($this->input->post('updatepermissions')) { if (!empty($_POST['permissions'])) { $result_array = array(); #First delete all permissions from the access table $delresult = $this->db->query($this->Query_reader->get_query_by_code('delete_group_permissions', array('groupid' => $_POST['editid']))); array_push($result_array, $delresult); foreach ($_POST['permissions'] as $permissionid) { $insresult = $this->db->query($this->Query_reader->get_query_by_code('add_group_permission', array('groupid' => $_POST['editid'], 'permissionid' => $permissionid))); array_push($result_array, $insresult); } if (get_decision($result_array)) { $this->session->set_userdata('pgroup', "The Group permissions have been assigned."); redirect("user/manage_staff_groups/m/pgroup" . $tstr); } } } if (empty($result) || !$result) { if (empty($_POST['permissions'])) { $this->session->set_userdata('puser', "WARNING: No permissions are assigned to the group."); } else { $this->session->set_userdata('puser', "ERROR: The group permissions could not be assigned."); } redirect(base_url() . "user/manage_staff_groups/m/pgroup" . $tstr); } $this->load->view('user/staff_group_permissions', $data); }
function add_help_topic() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('s', 'i')); # Pick all assigned data $data = restore_bad_chars_in_array(assign_to_data($urldata)); $data['docexts'] = array('.doc', '.docx', '.pdf', '.ppt', '.pptx'); $data['imageexts'] = array('.gif', '.jpeg', '.jpg', '.tiff', '.png'); $data['videoexts'] = array('.swf'); $this->session->set_userdata('local_allowed_extensions', array_merge($data['docexts'], $data['imageexts'], $data['videoexts'])); if (!empty($data['i'])) { $topic_list = $this->db->query($this->Query_reader->get_query_by_code('view_help_topic', array('topiccode' => decryptValue($data['i'])))); $data['page_list'] = $topic_list->result_array(); if (!empty($data['page_list'][0])) { $data['formdata']['helptopic'] = $data['page_list'][0]['helptopic']; $data['formdata']['topiccode'] = $data['page_list'][0]['topiccode']; } } $topics = $this->db->query("SELECT * FROM help"); $topics_list = $topics->result_array(); foreach ($topics_list as $row) { $result = $this->db->query("UPDATE help SET helptopic='" . ucwords(str_replace('_', ' ', $row['topiccode'])) . "' WHERE id='" . $row['id'] . "'"); } #The button has been clicked to update the order of the items if ($this->input->post('save')) { if (!empty($_POST['helpitem'])) { $results_array = array(); $order = 1; foreach ($_POST['helpitem'] as $itemid) { array_push($results_array, $this->db->query($this->Query_reader->get_query_by_code('update_help_order', array('id' => $itemid, 'helporder' => $order)))); $order++; } $result = get_decision($results_array); } $msg = !empty($result) && $result ? "The help content order has been updated." : "ERROR: The help content order could not be updated."; $this->session->set_userdata('hmsg', $msg); $id_string = !empty($data['i']) ? "/i/" . $data['i'] : ""; redirect(base_url() . "help/add_help_topic" . $id_string . "/m/hmsg"); } #The button has been clicked to add a new help content item if ($this->input->post('addhelp')) { $_POST['fileurl'] = !empty($_FILES['fileurl']['name']) ? $this->sysfile->local_file_upload($_FILES['fileurl'], 'Upload_' . strtotime('now'), 'documents', 'filename') : ''; $required_fields = array('helptopic'); if (empty($_POST['details']) && empty($_POST['helplink']) && empty($_POST['fileurl'])) { array_push($required_fields, 'details'); } #Make a new topic code if this is the first help item $_POST['topiccode'] = empty($_POST['topiccode']) ? str_replace(" ", "_", strtolower($_POST['helptopic'])) : $_POST['topiccode']; $_POST = clean_form_data($_POST); $validation_results = validate_form('', $_POST, $required_fields); #Only proceed if the validation for required fields passes if ($validation_results['bool']) { $_POST['helporder'] = count($_POST['helpitem']) + 1; $result = $this->db->query($this->Query_reader->get_query_by_code('add_help_item', array_merge($_POST, array('details' => htmlentities($_POST['details'], ENT_QUOTES))))); $msg = $result ? "The help item has been added." : "ERROR: The help item could not be added."; $this->session->set_userdata('hmsg', $msg); $id_string = !empty($data['i']) ? "/i/" . $data['i'] : ""; redirect(base_url() . "help/add_help_topic" . $id_string . "/m/hmsg"); } #VALIDATION end if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) { $data['msg'] = "WARNING: The highlighted fields are required."; } } $data = add_msg_if_any($this, $data); $this->load->view('help/add_help_view', $data); }
function send_system_message($userId, $messageDetails) { #Make the sender the no-reply user if no sender id is given $messageDetails['senderid'] = !empty($messageDetails['senderid']) ? $messageDetails['senderid'] : '2'; # 1. Record the message exchange to be accessed by the recipient in their inbox $isSent[0] = $this->_query_reader->run('record_message_exchange', array('template_code' => !empty($messageDetails['code']) ? $messageDetails['code'] : 'user_defined_message', 'details' => htmlentities($messageDetails['details'], ENT_QUOTES), 'subject' => htmlentities($messageDetails['subject'], ENT_QUOTES), 'attachment_url' => !empty($messageDetails['fileurl']) ? substr(strrchr($messageDetails['fileurl'], "/"), 1) : '', 'sender_id' => $messageDetails['senderid'], 'recipient_id' => $userId)); # 2. copy admin if required if (!empty($messageDetails['copyadmin']) && $messageDetails['copyadmin'] == 'Y') { $isSent[1] = $this->_query_reader->run('record_message_exchange', array('template_code' => !empty($messageDetails['code']) ? $messageDetails['code'] : 'user_defined_message', 'details' => htmlentities($messageDetails['details'], ENT_QUOTES), 'subject' => htmlentities($messageDetails['subject'], ENT_QUOTES), 'attachment_url' => !empty($messageDetails['fileurl']) ? substr(strrchr($messageDetails['fileurl'], "/"), 1) : '', 'sender_id' => $messageDetails['senderid'], 'recipient_id' => implode("','", $this->get_admin_users()))); } return get_decision($isSent); }
function message($data) { $results = array(); $users = explode(',', $data['idlist']); $message = array('code' => 'custom_internal_message', 'subject' => $data['reason__contactreason'], 'details' => $data['details']); foreach ($users as $i => $userId) { $results[$i] = $this->_messenger->send($userId, $message, array('email'), TRUE); } return array('boolean' => get_decision($results)); }
function best_evaluated($data) { # update the bid status based on the best evaluated $result = $this->_query_reader->run('mark_best_evaluated_bidder', array('bid_id' => $data['bidid'], 'tender_id' => $data['tender_id'], 'user_id' => $this->native_session->get('__user_id'))); if ($result) { $result = $this->_query_reader->run('update_tender_bid_price', array('tender_id' => $data['tender_id'], 'bid_currency' => $data['currency_code'], 'bid_price' => $data['amount'], 'user_id' => $this->native_session->get('__user_id'))); } # add the reasons for choosing the above winning bid for each bidder if ($result) { $results = array(); $counter = 0; foreach ($data as $key => $value) { if (strpos($key, 'reason_') !== FALSE) { $parts = explode('_', $key); $results[$counter] = $this->_query_reader->run('add_best_evaluated_reason', array('bid_id' => $parts[1], 'tender_id' => $data['tender_id'], 'reason' => !empty($value) ? htmlentities($value, ENT_QUOTES) : ($data['bidid'] == $parts[1] ? 'winner' : 'unsuccessful'), 'user_id' => $this->native_session->get('__user_id'))); $providerUserIds = $this->_query_reader->get_single_column_as_array('get_bid_provider_users', 'user_id', array('bid_id' => $parts[1])); $bid = $this->details(array('bid_id' => $parts[1])); if (!empty($providerUserIds) && !empty($bid)) { $sentResult = $this->_messenger->send($providerUserIds, array('code' => 'bid_status_changed', 'newstatus' => $data['bidid'] == $parts[1] ? 'won' : 'review complete (unsuccessful)', 'pde' => $bid['pde'], 'summary' => $bid['summary'], 'tendernotice' => $bid['tender_notice'], 'datesubmitted' => $bid['date_submitted'] == '0000-00-00 00:00:00' ? date(SHORT_DATE_FORMAT, strtotime($bid['date_submitted'])) : 'NONE')); } $counter++; } } $result = get_decision($results); } return array('boolean' => $result); }
function add_order_by_js() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i')); # Pick all assigned data $data = assign_to_data($urldata); if (!empty($data['accountnumber']) && !empty($data['cmtamount'])) { $data = restore_bad_chars_in_array($data); $data['orderstamp'] = get_deal_id('order'); $data['fundinfodate'] = date('Y-m-d', strtotime('now')); $data['capitalcalldate'] = '0000-00-00'; $data['capitalcalldue'] = $data['minqtyamount'] = ''; $data['fillcondition'] = 'all_or_none'; $data['commitmentamount'] = removeCommas($data['cmtamount']); $data['fundedamount'] = $data['netassetvalue'] = removeCommas($data['fundedamount']); $data['unfundedamount'] = $data['commitmentamount'] - $data['fundedamount']; #Determine where to save the price if (!empty($data['price']) && $data['price'] == 'market') { $data['marketprice'] = 'CURRENT_PRICE'; $data['percnavprice'] = $data['dollaramountprice'] = ''; } else { if ($data['price'] == 'perc_nav') { $data['marketprice'] = $data['dollaramountprice'] = ''; $data['percnavprice'] = removeCommas($data['pricemore']); } else { if ($data['price'] == 'dollar_amt') { $data['marketprice'] = $data['percnavprice'] = ''; $data['dollaramountprice'] = removeCommas($data['pricemore']); } } } $data['period'] = $data['period'] == 'other' ? $data['periodmore'] : $data['period']; $data['orderedby'] = $this->session->userdata('userid'); #orderstamp, accountnumber, orderedby, ordertype, fundsymbol, orderaction, commitmentamount, unfundedamount, fundedamount, netassetvalue, marketprice, percnavprice, dollaramountprice, period, fundinfodate, capitalcalldue, capitalcalldate, fillcondition, minqtyamount, dealid $result1 = $this->db->query($this->Query_reader->get_query_by_code('save_deal_order', $data)); #Update portfolio name if changed if (!empty($data['portfolioname'])) { $result2 = $this->db->query($this->Query_reader->get_query_by_code('update_portfolio_name', array('portfolioname' => restore_bad_chars($data['portfolioname']), 'accountnumber' => restore_bad_chars($data['accountnumber']), 'orderedby' => $this->session->userdata('userid')))); } else { $result2 = true; } $save_result = get_decision(array($result1, $result2)); } $data['msg'] = !empty($save_result) && $save_result ? "The order ticket has been added." : "ERROR: The order ticket has not been added."; $portfolio_list = $this->db->query($this->Query_reader->get_query_by_code('get_portfolio_by_account', array('accountnumber' => $data['accountnumber'], 'searchstring' => " AND orderstatus IN ('open', 'processing', 'closed') "))); $data['page_list'] = $portfolio_list->result_array(); $data['area'] = "portfolio_order_tickets"; $data = add_msg_if_any($this, $data); $this->load->view('incl/addons', $data); }
function process_message() { access_control($this); # Get the passed details into the url data array if any $urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a')); # Pick all assigned data $data = assign_to_data($urldata); if ($this->input->post('sendmessage')) { $required_fields = array('subject', 'details'); #Include receipient IDs if no overall receipient id is selected if (empty($_POST['sendtoall'])) { array_push($required_fields, 'recipientids*CHECKBOXES'); } $_POST = clean_form_data($_POST); $validation_results = validate_form('', $_POST, $required_fields); #Only proceed if the validation for required fields passes if ($validation_results['bool']) { $results = array(); $recipients = !empty($_POST['recipientids']) ? implode(",", $_POST['recipientids']) : ""; #Save the message before sending it out $save_result = $this->db->query($this->Query_reader->get_query_by_code('save_new_message', array('subject' => htmlentities($_POST['subject'], ENT_QUOTES), 'details' => htmlentities($_POST['details'], ENT_QUOTES), 'sentby' => $this->session->userdata('userid'), 'sendingip' => get_ip_address()))); $_POST['messageid'] = mysql_insert_id(); array_push($results, $save_result); if ($save_result) { if (!empty($_POST['recipientids'])) { #Send the message to each user as given in the list $user_emails = $this->Query_reader->get_row_as_array('get_userlist_emails', array('idlist' => "'" . implode("','", $_POST['recipientids']) . "'")); $_POST['emailaddress'] = $user_emails['emaillist']; } else { $user_emails = $this->Query_reader->get_row_as_array('get_active_user_emails', array('isactive' => "Y")); $_POST['emailaddress'] = $user_emails['emaillist']; } $send_result = $this->sysemail->email_form_data(array('fromemail' => $this->session->userdata('emailaddress')), get_confirmation_messages($this, array_merge($_POST, array('sendername' => $this->session->userdata('names'))), 'send_sys_msg_by_email')); array_push($results, $send_result); #Save the message notice send record for each user $email_list = explode(",", $_POST['emailaddress']); foreach ($email_list as $email) { $userdetails = $this->Query_reader->get_row_as_array('get_user_by_email', array('emailaddress' => $email, 'isactive' => 'Y')); array_push($results, $this->db->query($this->Query_reader->get_query_by_code('add_msg_read_record', array('useremail' => $email, 'messageid' => $_POST['messageid'], 'userid' => $userdetails['id'])))); } } $msg = get_decision($results) ? "The message has been sent." : "WARNING: The message could not be sent."; $this->session->unset_userdata(array('exclusers' => '')); $this->session->set_userdata('mmsg', $msg); redirect(base_url() . "messages/load_inbox/m/mmsg"); } if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) { $data['msg'] = "WARNING: The highlighted fields are required."; } $data['requiredfields'] = $validation_results['requiredfields']; $data['formdata'] = $_POST; } $data = add_msg_if_any($this, $data); $this->load->view('messages/send_message_view', $data); }