function get_all_accounts() { $loc = rmabs(__FILE__ . ".get_all_accounts"); $sql = "SELECT UserID from Users"; $result = SqlQuery($loc, $sql); while ($row = $result->fetch_assoc()) { $aws[] = intval($row["UserID"]); } return $aws; }
function changeactive($wid, $active) { global $username; $loc = rmabs(__FILE__ . ".changeactive"); $sql = 'UPDATE WorkOrders SET Active=' . intval($active) . ' WHERE WID=' . intval($wid); $result = SqlQuery($loc, $sql); $action = "archvied"; if ($active) { $action = "resurrected"; } return 'Work Order ' . intval($wid) . ' has been ' . $action . ' by ' . $username . '.'; }
function GetPicCaption($wid, $picid) { $loc = rmabs(__FILE__ . ".GetPicCaption"); if (empty($wid) || empty($picid)) { return ""; } $sql = 'SELECT * From AppendedData Where WID=' . intval($wid) . ' AND PicID=' . intval($picid); $result = SqlQuery($loc, $sql); if ($result->num_rows <= 0) { return ""; } $row = $result->fetch_assoc(); return $row["TextInfo"]; }
function delete_workorder($woinfo) { global $username; $loc = rmabs(__FILE__ . ".delete_workorder"); $wid = $woinfo["WID"]; $sql = "DELETE FROM Assignments WHERE WID=" . intval($wid); SqlQuery($loc, $sql); $sql = "DELETE FROM AppendedData WHERE WID=" . intval($wid); SqlQuery($loc, $sql); $sql = "DELETE FROM WorkOrders WHERE WID=" . intval($wid); SqlQuery($loc, $sql); $widstr = WIDStr($wid, $woinfo["Revision"], $woinfo["IsApproved"]); $msg = "Work Order " . $widstr . " deleted by " . $username . "."; log_msg($loc, $msg); return $msg; }
function merge_workorders($wo1, $wo2) { $loc = rmabs(__FILE__ . ".merge_workorders"); $wid1 = $wo1["WID"]; $wid2 = $wo2["WID"]; $wo1["Description"] .= "\n\n" . $wo2["Description"]; UpdateWorkOrder($wid1, $wo1); $data = GetAppendedData($wid2); $nd = 0; foreach ($data as $d) { if ($d["UserID"] == 0) { continue; } // Skip sys generated msg. if ($d["Removed"]) { continue; } // Skip deleted data. AppendWorkOrderData($wid1, $d["UserID"], $d["TextInfo"], $d["PicID"], false); $nd++; } $workers = GetAssignedWorkers($wid2); $nw = 0; foreach ($workers as $w) { MakeAssignment($wid1, $w["UserID"]); RemoveAssignment($wid2, $w["UserID"]); $nw++; } $userid = GetUserID(); $userinfo = GetUserInfo($userid); $username = MakeFullName($userinfo); if (!$wo2["Closed"]) { ChangeWOStatus($wid2, $username, "Closed", true); } $newwostr = WIDStr($wid1, $wo1["Revision"], $wo1["IsApproved"]); AttachSystemNote($wid2, "This WO Merged into " . $newwostr . " by " . $username . '.'); $oldwostr = WIDStr($wid2, $wo2["Revision"], $wo2["IsApproved"]); AttachSystemNote($wid1, "Data from " . $oldwostr . " merged into this one by " . $username . '.'); $msg = 'Workorder ' . $oldwostr . ' merged into ' . $newwostr . '. '; $msg .= 'Number Items Copied=' . $nd . '. '; $msg .= 'Number of Workers Reassigned=' . $nw . '. '; log_msg($loc, array($msg, "By " . $username)); return $msg; }
<?php // -------------------------------------------------------------------- // admin.php -- The main admin page. Come here on "admin" in nav menu. // // Created: 12/29/14 DLB // -------------------------------------------------------------------- require_once "../maindef.php"; $loc = rmabs(__FILE__); session_start(); log_page(); CheckLogin(); CheckAdmin(); /* $menubar = array( array( "caption" => "List Users", "href" => "admin_listusers.php"), array( "caption" => "Add User", "href" => "admin_adduser.php"), array( "caption" => "Upload Users", "href" => "admin_uploadusers.php"), array( "caption" => "Show Log", "href" => "admin_showlog.php"), array( "caption" => "Masquerade", "href" => "admin_masquerade.php")); */ include "forms/header.php"; include "forms/nav_form.php"; include "forms/admin_menubar.php"; echo '<div class="content_area">'; echo '<h2>Administration for This Website</h2>'; echo '<p>Use the links above for various admin tasks.</p>'; echo '</div>'; include "forms/footer.php";
function PicFileUpload($FileInfo) { $loc = rmabs(__FILE__ . ".PicFileUpload"); DenyGuest(); // Don't allow guests to do this. $missing = ""; if (!isset($FileInfo["name"])) { $missing .= '"name" '; } if (!isset($FileInfo["type"])) { $missing .= '"type" '; } if (!isset($FileInfo["tmp_name"])) { $missing .= '"tmp_name" '; } if (!isset($FileInfo["error"])) { $missing .= '"error" '; } if (!isset($FileInfo["size"])) { $missing .= '"size" '; } if (!empty($missing)) { echo 'missing'; log_error($loc, array("Error on Pic Upload.", "Input Array missing elements:", $missing)); return false; } $name = $FileInfo["name"]; $type = $FileInfo["type"]; $tmpfile = $FileInfo["tmp_name"]; $errors = $FileInfo["error"]; $size = $FileInfo["size"]; if ($errors != 0) { echo 'error not zero'; log_error($loc, array("Error on Pic Upload." . "Error Not Zero.")); return false; } if ($size <= 0) { echo 'size'; log_error($loc, "Error on Pic Upload. Size is zero."); return false; } if ($type != "image/jpeg") { echo 'type'; log_error($loc, "Error on Pic Upload. Wrong Type, should be image/jpeg. Found: " . $type); return false; } $picid = StorePicture($tmpfile, true); return $picid; }
function ProcessBulkUsers($filename, &$error_msg) { global $config; $loc = rmabs(__FILE__ . ".ProcessBulkUsers"); $file = fopen($filename, "r"); if ($file === false) { $error_msg = "Unable to open file."; return 0; } $n_okay = 0; $n_fail = 0; $ln = 1; // The first line is the column headers. $header = fgetcsv($file); $ln++; if ($header === false) { return $n; } // Now, do some sanity checks to make sure we have // an appropriate file. if (!in_array("UserName", $header) || !in_array("LastName", $header) || !in_array("FirstName", $header)) { $error_msg = "Input file does not required columns."; } if (!in_array("Password", $header) && !in_array("PasswordHash", $header)) { $error_msg = "Input file does not a password column."; } $tstart = microtime(true); // Time the entire operation... Don't go over 4 minutes. $btimeout = false; while (true) { $result = set_time_limit(60); if ($result == false) { log_error($loc, "Unable to set/reset time limit to 20 seconds."); } $data = fgetcsv($file); $ln++; if ($data === false) { break; } // Don't process blank lines. if (count($data) <= 0) { continue; } if (is_null($data[0])) { continue; } // Organize the data into an associtive array $fields = JoinKeyValues($header, $data); // Make sure none of the required fields are empty. if (empty($fields["UserName"]) || empty($fields["LastName"]) || empty($fields["FirstName"]) || empty($fields["Password"]) && empty($fields["PasswordHash"])) { log_msg($loc, 'User not added. Some requried fields are empty. Line ' . $ln); $n_fail++; continue; } if (empty($fields["NickName"])) { $fields["NickName"] = ""; } if (empty($fields["Title"])) { $fields["Title"] = ""; } if (empty($fields["Email"])) { $fields["Email"] = ""; } if (empty($fields["Active"])) { $fields["Active"] = 0; } if (empty($fields["Tags"])) { $fields["Tags"] = ""; } if (empty($fields["Picture"])) { $fields["Picture"] = ""; } if (empty($fields["BadgeID"])) { $fields["BadgeID"] = ""; } if (empty($fields["IPT"])) { $fields["IPT"] = ""; } $error_msg = CreateNewUser($fields); if ($error_msg === true) { $n_okay++; } else { log_msg($loc, array('User not added. Line ' . $ln, $error_msg)); $n_fail++; } $telp = microtime(true) - $tstart; if ($telp > 240.0) { $btimeout = true; break; } } $error_msg = $n_okay . ' users added. ' . $n_fail . ' failures. ' . $ln . ' lines processed.'; if ($btimeout) { $error_msg .= ' ** TimeOut Occured, Process aborted. **'; } log_msg($loc, $error_msg); }
function GetAllWorkers() { $loc = rmabs(__FILE__ . "GetAllWorkers"); $sql = 'SELECT * FROM AllActiveUsersView ORDER BY LastName, FirstName'; $result = SqlQuery($loc, $sql); $d = array(); while ($row = $result->fetch_assoc()) { $tags = ArrayFromSlashStr($row["Tags"]); if (CheckArrayForEasyMatch($tags, "worker")) { $row["AbbrivatedName"] = MakeAbbrivatedName($row); $d[] = $row; } } return $d; }
function FindUser($fieldname, $info) { $loc = rmabs(__FILE__ . ".FindUser"); if ($fieldname == "UserID") { $userinfo = GetUserInfo(intval($info)); if (!$userinfo) { return false; } return $userinfo["UserID"]; } if ($fieldname == "FullName") { // Very inefficent but can work. // Must do it this way cause some people have three parts to their name. $sql = 'SELECT * FROM Users'; $result = SqlQuery($loc, $sql); while ($row = $result->fetch_assoc()) { $fullname = $row["FirstName"] . ' ' . $row["LastName"]; if (trim($info) == trim($fullname)) { return $row["UserID"]; } } return false; } if ($fieldname == "UserName") { $sql = 'SELECT * FROM Users WHERE UserName="******"'; $result = SqlQuery($loc, $sql); if ($result->num_rows != 1) { return false; } $row = $result->fetch_assoc(); return $row["UserID"]; } if ($fieldname == "LastNameFirst") { $words = explode(",", $info); if (count($words) != 2) { return false; } $lastname = trim($words[0]); $firstname = trim($words[1]); $sql = 'SELECT * FROM Users WHERE LastName="' . $lastname . '" AND FirstName="' . $firstname . '"'; $result = SqlQuery($loc, $sql); if ($result->num_rows != 1) { return false; } $row = $result->fetch_assoc(); return $row["UserID"]; } log_error($loc, "Should be unreachable code. "); return false; }