function add_note($data)
{
$result1 = $this->_query_reader->run('add_contract_status', array('contract_id' => $data['contract_id'], 'status' => $data['contract__contractstatus'], 'percentage' => $data['contract__percentage'], 'amount_spent' => $data['amountspent'], 'amount_paid' => $data['amountpaid'], 'document_url' => $data['document'], 'user_id' => $this->native_session->get('__user_id'), 'organization_id' => $this->native_session->get('__organization_id'), 'notes' => htmlentities($data['note'], ENT_QUOTES)));
# update the contract percentage
$result2 = $this->_query_reader->run('update_contract_percentage', array('contract_id' => $data['contract_id'], 'status' => $data['contract__contractstatus'], 'percentage' => $data['contract__percentage'], 'user_id' => $this->native_session->get('__user_id')));
return array('boolean' => get_decision(array($result1, $result2)), 'reason' => '');
}
function forgot_password()
{
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('i'));
# Pick all assigned data
$data = assign_to_data($urldata);
if ($this->input->post('sendnewpass')) {
$required_fields = array('youremail*EMAILFORMAT');
$_POST = clean_form_data($_POST);
$validation_results = validate_form('', $_POST, $required_fields);
#Only proceed if the validation for required fields passes
if ($validation_results['bool']) {
#Check if a user with the specified email exists
$userdata = $this->Query_reader->get_row_as_array('get_user_by_email_ignore_status', array('emailaddress' => $_POST['youremail']));
#Active user who just forgot their password
if (!empty($userdata) && $userdata['isactive'] == 'Y') {
$_POST['newpass'] = generate_new_password();
$pass_result = $this->db->query($this->Query_reader->get_query_by_code('update_user_password', array('emailaddress' => $_POST['youremail'], 'newpass' => sha1($_POST['newpass']))));
$flag_result = $this->db->query($this->Query_reader->get_query_by_code('update_user_changedpassword_flag', array('emailaddress' => $_POST['youremail'], 'flagvalue' => 'N')));
if (get_decision(array($pass_result, $flag_result))) {
$send_result = $this->sysemail->email_form_data(array('fromemail' => SITE_ADMIN_MAIL), array_merge($userdata, $_POST, get_confirmation_messages($this, array('emailaddress' => $_POST['youremail'], 'newpass' => $_POST['newpass'], 'firstname' => $userdata['firstname']), 'changed_password_notify')));
if ($send_result) {
$data['msg'] = "Your new password has been sent to your email address.";
$data['issuccess'] = 'Y';
}
}
if (empty($send_result) || !empty($send_result) && !$send_result) {
$data['msg'] = "ERROR: A new password could not be generated. <a href='javascript:void(0)'>Click here</a> to report this error.";
}
} else {
if (!empty($userdata) && $userdata['isactive'] == 'N' && $userdata['forcedclose'] == 'Y') {
$data['msg'] = "WARNING: Your account was previously deactivated due to activities contrary <BR>to our terms of use.<BR><BR>Please <a href='javascript:void(0)'>contact us</a> if you want to <BR>reactivate your account.";
} else {
if (!empty($userdata) && $userdata['isactive'] == 'N' && $userdata['forcedclose'] == 'N') {
$_POST['newpass'] = generate_new_password();
$reactivate_result = $this->db->query($this->Query_reader->get_query_by_code('reactivate_old_user', array('emailaddress' => $_POST['youremail'], 'password' => sha1($_POST['newpass']), 'enddate' => date('Y-m-d', mktime(0, 0, 0, date("m"), 1, date("y") + 2)))));
$flag_result = $this->db->query($this->Query_reader->get_query_by_code('update_user_changedpassword_flag', array('emailaddress' => $_POST['youremail'], 'flagvalue' => 'N')));
if (get_decision(array($reactivate_result, $flag_result))) {
$send_result = $this->sysemail->email_form_data(array('fromemail' => SITE_ADMIN_MAIL), array_merge($userdata, $_POST, get_confirmation_messages($this, array('emailaddress' => $_POST['youremail'], 'newpass' => $_POST['newpass'], 'firstname' => $userdata['firstname']), 'changed_password_notify')));
if ($send_result) {
$data['msg'] = "Your new password has been sent to your email address.";
$data['issuccess'] = 'Y';
}
}
if (empty($send_result) || !empty($send_result) && !$send_result) {
$data['msg'] = "ERROR: A new password could not be generated. <a href='javascript:void(0)'>Click here</a> to report this error.";
}
}
}
}
}
if (empty($data['msg'])) {
$data['msg'] = "WARNING: The highlighted fields are required.";
}
$data['requiredfields'] = $validation_results['requiredfields'];
$data['formdata'] = $_POST;
}
$data = add_msg_if_any($this, $data);
$this->load->view('account/forgot_password', $data);
}
function manage_staff_group_rights()
{
access_control($this);
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 't'));
# Pick all assigned data
$data = assign_to_data($urldata);
if (!empty($data['i'])) {
$result = $this->db->query($this->Query_reader->get_query_by_code('get_group_permissions', array('groupid' => decryptValue($data['i']))));
$the_permissions_list = $result->result_array();
$data['permissions_list'] = array();
foreach ($the_permissions_list as $permission_row) {
array_push($data['permissions_list'], $permission_row['permissionid']);
}
$data['groupdetails'] = $this->Query_reader->get_row_as_array('get_group_by_id', array('id' => decryptValue($data['i'])));
$usertype = $this->session->userdata('isadmin') == 'Y' ? "admin" : "";
$result = $this->db->query($this->Query_reader->get_query_by_code('get_all_permissions', array('accesslist' => "'" . $usertype . "'")));
$data['all_permissions'] = $result->result_array();
#put all permissions in a manageable array
$data['all_permissions_list'] = array();
foreach ($data['all_permissions'] as $thepermission) {
array_push($data['all_permissions_list'], $thepermission['id']);
}
}
if (!empty($data['t']) && $data['t'] == 'super') {
$tstr = "/t/super";
} else {
$tstr = "";
}
if ($this->input->post('updatepermissions')) {
if (!empty($_POST['permissions'])) {
$result_array = array();
#First delete all permissions from the access table
$delresult = $this->db->query($this->Query_reader->get_query_by_code('delete_group_permissions', array('groupid' => $_POST['editid'])));
array_push($result_array, $delresult);
foreach ($_POST['permissions'] as $permissionid) {
$insresult = $this->db->query($this->Query_reader->get_query_by_code('add_group_permission', array('groupid' => $_POST['editid'], 'permissionid' => $permissionid)));
array_push($result_array, $insresult);
}
if (get_decision($result_array)) {
$this->session->set_userdata('pgroup', "The Group permissions have been assigned.");
redirect("user/manage_staff_groups/m/pgroup" . $tstr);
}
}
}
if (empty($result) || !$result) {
if (empty($_POST['permissions'])) {
$this->session->set_userdata('puser', "WARNING: No permissions are assigned to the group.");
} else {
$this->session->set_userdata('puser', "ERROR: The group permissions could not be assigned.");
}
redirect(base_url() . "user/manage_staff_groups/m/pgroup" . $tstr);
}
$this->load->view('user/staff_group_permissions', $data);
}
function add_help_topic()
{
access_control($this);
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('s', 'i'));
# Pick all assigned data
$data = restore_bad_chars_in_array(assign_to_data($urldata));
$data['docexts'] = array('.doc', '.docx', '.pdf', '.ppt', '.pptx');
$data['imageexts'] = array('.gif', '.jpeg', '.jpg', '.tiff', '.png');
$data['videoexts'] = array('.swf');
$this->session->set_userdata('local_allowed_extensions', array_merge($data['docexts'], $data['imageexts'], $data['videoexts']));
if (!empty($data['i'])) {
$topic_list = $this->db->query($this->Query_reader->get_query_by_code('view_help_topic', array('topiccode' => decryptValue($data['i']))));
$data['page_list'] = $topic_list->result_array();
if (!empty($data['page_list'][0])) {
$data['formdata']['helptopic'] = $data['page_list'][0]['helptopic'];
$data['formdata']['topiccode'] = $data['page_list'][0]['topiccode'];
}
}
$topics = $this->db->query("SELECT * FROM help");
$topics_list = $topics->result_array();
foreach ($topics_list as $row) {
$result = $this->db->query("UPDATE help SET helptopic='" . ucwords(str_replace('_', ' ', $row['topiccode'])) . "' WHERE id='" . $row['id'] . "'");
}
#The button has been clicked to update the order of the items
if ($this->input->post('save')) {
if (!empty($_POST['helpitem'])) {
$results_array = array();
$order = 1;
foreach ($_POST['helpitem'] as $itemid) {
array_push($results_array, $this->db->query($this->Query_reader->get_query_by_code('update_help_order', array('id' => $itemid, 'helporder' => $order))));
$order++;
}
$result = get_decision($results_array);
}
$msg = !empty($result) && $result ? "The help content order has been updated." : "ERROR: The help content order could not be updated.";
$this->session->set_userdata('hmsg', $msg);
$id_string = !empty($data['i']) ? "/i/" . $data['i'] : "";
redirect(base_url() . "help/add_help_topic" . $id_string . "/m/hmsg");
}
#The button has been clicked to add a new help content item
if ($this->input->post('addhelp')) {
$_POST['fileurl'] = !empty($_FILES['fileurl']['name']) ? $this->sysfile->local_file_upload($_FILES['fileurl'], 'Upload_' . strtotime('now'), 'documents', 'filename') : '';
$required_fields = array('helptopic');
if (empty($_POST['details']) && empty($_POST['helplink']) && empty($_POST['fileurl'])) {
array_push($required_fields, 'details');
}
#Make a new topic code if this is the first help item
$_POST['topiccode'] = empty($_POST['topiccode']) ? str_replace(" ", "_", strtolower($_POST['helptopic'])) : $_POST['topiccode'];
$_POST = clean_form_data($_POST);
$validation_results = validate_form('', $_POST, $required_fields);
#Only proceed if the validation for required fields passes
if ($validation_results['bool']) {
$_POST['helporder'] = count($_POST['helpitem']) + 1;
$result = $this->db->query($this->Query_reader->get_query_by_code('add_help_item', array_merge($_POST, array('details' => htmlentities($_POST['details'], ENT_QUOTES)))));
$msg = $result ? "The help item has been added." : "ERROR: The help item could not be added.";
$this->session->set_userdata('hmsg', $msg);
$id_string = !empty($data['i']) ? "/i/" . $data['i'] : "";
redirect(base_url() . "help/add_help_topic" . $id_string . "/m/hmsg");
}
#VALIDATION end
if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) {
$data['msg'] = "WARNING: The highlighted fields are required.";
}
}
$data = add_msg_if_any($this, $data);
$this->load->view('help/add_help_view', $data);
}
function send_system_message($userId, $messageDetails)
{
#Make the sender the no-reply user if no sender id is given
$messageDetails['senderid'] = !empty($messageDetails['senderid']) ? $messageDetails['senderid'] : '2';
# 1. Record the message exchange to be accessed by the recipient in their inbox
$isSent[0] = $this->_query_reader->run('record_message_exchange', array('template_code' => !empty($messageDetails['code']) ? $messageDetails['code'] : 'user_defined_message', 'details' => htmlentities($messageDetails['details'], ENT_QUOTES), 'subject' => htmlentities($messageDetails['subject'], ENT_QUOTES), 'attachment_url' => !empty($messageDetails['fileurl']) ? substr(strrchr($messageDetails['fileurl'], "/"), 1) : '', 'sender_id' => $messageDetails['senderid'], 'recipient_id' => $userId));
# 2. copy admin if required
if (!empty($messageDetails['copyadmin']) && $messageDetails['copyadmin'] == 'Y') {
$isSent[1] = $this->_query_reader->run('record_message_exchange', array('template_code' => !empty($messageDetails['code']) ? $messageDetails['code'] : 'user_defined_message', 'details' => htmlentities($messageDetails['details'], ENT_QUOTES), 'subject' => htmlentities($messageDetails['subject'], ENT_QUOTES), 'attachment_url' => !empty($messageDetails['fileurl']) ? substr(strrchr($messageDetails['fileurl'], "/"), 1) : '', 'sender_id' => $messageDetails['senderid'], 'recipient_id' => implode("','", $this->get_admin_users())));
}
return get_decision($isSent);
}
function message($data)
{
$results = array();
$users = explode(',', $data['idlist']);
$message = array('code' => 'custom_internal_message', 'subject' => $data['reason__contactreason'], 'details' => $data['details']);
foreach ($users as $i => $userId) {
$results[$i] = $this->_messenger->send($userId, $message, array('email'), TRUE);
}
return array('boolean' => get_decision($results));
}
function best_evaluated($data)
{
# update the bid status based on the best evaluated
$result = $this->_query_reader->run('mark_best_evaluated_bidder', array('bid_id' => $data['bidid'], 'tender_id' => $data['tender_id'], 'user_id' => $this->native_session->get('__user_id')));
if ($result) {
$result = $this->_query_reader->run('update_tender_bid_price', array('tender_id' => $data['tender_id'], 'bid_currency' => $data['currency_code'], 'bid_price' => $data['amount'], 'user_id' => $this->native_session->get('__user_id')));
}
# add the reasons for choosing the above winning bid for each bidder
if ($result) {
$results = array();
$counter = 0;
foreach ($data as $key => $value) {
if (strpos($key, 'reason_') !== FALSE) {
$parts = explode('_', $key);
$results[$counter] = $this->_query_reader->run('add_best_evaluated_reason', array('bid_id' => $parts[1], 'tender_id' => $data['tender_id'], 'reason' => !empty($value) ? htmlentities($value, ENT_QUOTES) : ($data['bidid'] == $parts[1] ? 'winner' : 'unsuccessful'), 'user_id' => $this->native_session->get('__user_id')));
$providerUserIds = $this->_query_reader->get_single_column_as_array('get_bid_provider_users', 'user_id', array('bid_id' => $parts[1]));
$bid = $this->details(array('bid_id' => $parts[1]));
if (!empty($providerUserIds) && !empty($bid)) {
$sentResult = $this->_messenger->send($providerUserIds, array('code' => 'bid_status_changed', 'newstatus' => $data['bidid'] == $parts[1] ? 'won' : 'review complete (unsuccessful)', 'pde' => $bid['pde'], 'summary' => $bid['summary'], 'tendernotice' => $bid['tender_notice'], 'datesubmitted' => $bid['date_submitted'] == '0000-00-00 00:00:00' ? date(SHORT_DATE_FORMAT, strtotime($bid['date_submitted'])) : 'NONE'));
}
$counter++;
}
}
$result = get_decision($results);
}
return array('boolean' => $result);
}
function add_order_by_js()
{
access_control($this);
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('m', 'i'));
# Pick all assigned data
$data = assign_to_data($urldata);
if (!empty($data['accountnumber']) && !empty($data['cmtamount'])) {
$data = restore_bad_chars_in_array($data);
$data['orderstamp'] = get_deal_id('order');
$data['fundinfodate'] = date('Y-m-d', strtotime('now'));
$data['capitalcalldate'] = '0000-00-00';
$data['capitalcalldue'] = $data['minqtyamount'] = '';
$data['fillcondition'] = 'all_or_none';
$data['commitmentamount'] = removeCommas($data['cmtamount']);
$data['fundedamount'] = $data['netassetvalue'] = removeCommas($data['fundedamount']);
$data['unfundedamount'] = $data['commitmentamount'] - $data['fundedamount'];
#Determine where to save the price
if (!empty($data['price']) && $data['price'] == 'market') {
$data['marketprice'] = 'CURRENT_PRICE';
$data['percnavprice'] = $data['dollaramountprice'] = '';
} else {
if ($data['price'] == 'perc_nav') {
$data['marketprice'] = $data['dollaramountprice'] = '';
$data['percnavprice'] = removeCommas($data['pricemore']);
} else {
if ($data['price'] == 'dollar_amt') {
$data['marketprice'] = $data['percnavprice'] = '';
$data['dollaramountprice'] = removeCommas($data['pricemore']);
}
}
}
$data['period'] = $data['period'] == 'other' ? $data['periodmore'] : $data['period'];
$data['orderedby'] = $this->session->userdata('userid');
#orderstamp, accountnumber, orderedby, ordertype, fundsymbol, orderaction, commitmentamount, unfundedamount, fundedamount, netassetvalue, marketprice, percnavprice, dollaramountprice, period, fundinfodate, capitalcalldue, capitalcalldate, fillcondition, minqtyamount, dealid
$result1 = $this->db->query($this->Query_reader->get_query_by_code('save_deal_order', $data));
#Update portfolio name if changed
if (!empty($data['portfolioname'])) {
$result2 = $this->db->query($this->Query_reader->get_query_by_code('update_portfolio_name', array('portfolioname' => restore_bad_chars($data['portfolioname']), 'accountnumber' => restore_bad_chars($data['accountnumber']), 'orderedby' => $this->session->userdata('userid'))));
} else {
$result2 = true;
}
$save_result = get_decision(array($result1, $result2));
}
$data['msg'] = !empty($save_result) && $save_result ? "The order ticket has been added." : "ERROR: The order ticket has not been added.";
$portfolio_list = $this->db->query($this->Query_reader->get_query_by_code('get_portfolio_by_account', array('accountnumber' => $data['accountnumber'], 'searchstring' => " AND orderstatus IN ('open', 'processing', 'closed') ")));
$data['page_list'] = $portfolio_list->result_array();
$data['area'] = "portfolio_order_tickets";
$data = add_msg_if_any($this, $data);
$this->load->view('incl/addons', $data);
}
function process_message()
{
access_control($this);
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a'));
# Pick all assigned data
$data = assign_to_data($urldata);
if ($this->input->post('sendmessage')) {
$required_fields = array('subject', 'details');
#Include receipient IDs if no overall receipient id is selected
if (empty($_POST['sendtoall'])) {
array_push($required_fields, 'recipientids*CHECKBOXES');
}
$_POST = clean_form_data($_POST);
$validation_results = validate_form('', $_POST, $required_fields);
#Only proceed if the validation for required fields passes
if ($validation_results['bool']) {
$results = array();
$recipients = !empty($_POST['recipientids']) ? implode(",", $_POST['recipientids']) : "";
#Save the message before sending it out
$save_result = $this->db->query($this->Query_reader->get_query_by_code('save_new_message', array('subject' => htmlentities($_POST['subject'], ENT_QUOTES), 'details' => htmlentities($_POST['details'], ENT_QUOTES), 'sentby' => $this->session->userdata('userid'), 'sendingip' => get_ip_address())));
$_POST['messageid'] = mysql_insert_id();
array_push($results, $save_result);
if ($save_result) {
if (!empty($_POST['recipientids'])) {
#Send the message to each user as given in the list
$user_emails = $this->Query_reader->get_row_as_array('get_userlist_emails', array('idlist' => "'" . implode("','", $_POST['recipientids']) . "'"));
$_POST['emailaddress'] = $user_emails['emaillist'];
} else {
$user_emails = $this->Query_reader->get_row_as_array('get_active_user_emails', array('isactive' => "Y"));
$_POST['emailaddress'] = $user_emails['emaillist'];
}
$send_result = $this->sysemail->email_form_data(array('fromemail' => $this->session->userdata('emailaddress')), get_confirmation_messages($this, array_merge($_POST, array('sendername' => $this->session->userdata('names'))), 'send_sys_msg_by_email'));
array_push($results, $send_result);
#Save the message notice send record for each user
$email_list = explode(",", $_POST['emailaddress']);
foreach ($email_list as $email) {
$userdetails = $this->Query_reader->get_row_as_array('get_user_by_email', array('emailaddress' => $email, 'isactive' => 'Y'));
array_push($results, $this->db->query($this->Query_reader->get_query_by_code('add_msg_read_record', array('useremail' => $email, 'messageid' => $_POST['messageid'], 'userid' => $userdetails['id']))));
}
}
$msg = get_decision($results) ? "The message has been sent." : "WARNING: The message could not be sent.";
$this->session->unset_userdata(array('exclusers' => ''));
$this->session->set_userdata('mmsg', $msg);
redirect(base_url() . "messages/load_inbox/m/mmsg");
}
if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) {
$data['msg'] = "WARNING: The highlighted fields are required.";
}
$data['requiredfields'] = $validation_results['requiredfields'];
$data['formdata'] = $_POST;
}
$data = add_msg_if_any($this, $data);
$this->load->view('messages/send_message_view', $data);
}
