/** Switches the role of the current user, if he has that privilege. Returns to the welcome page. */ public function switch_to($role) { if (user_role() === UserRole::Admin && in_array($role, array(UserRole::Admin, UserRole::Leader, UserRole::Caller))) { $this->session->set_userdata(array('role' => $role)); redirect('welcome'); } else { if (user_role() === UserRole::Leader && in_array($role, array(UserRole::Leader, UserRole::Caller))) { $this->session->set_userdata(array('role' => $role)); redirect('welcome'); } else { show_error('Sorry, you are not allowed to do this.'); } } }
function edit($id) { $data['title'] = "Edit"; $data['user'] = $this->session->userdata("isLoggedIn"); $data["variable"] = "users"; $data['row'] = $this->common_model->query("SELECT * FROM users WHERE users.id = '" . $id . "'")->row(); if (user_role() == "V0" || user_role() == "V1") { if ($data["row"]->vendorid != $data["user"]->vendorid) { $this->session->set_flashdata("error", "Sorry, Invalid product id..."); redirect(site_url("users")); } } $data["vendors"] = $this->common_model->query("SELECT * FROM vendor ORDER BY id DESC"); $data["user_roles"] = $this->common_model->query("SELECT * FROM user_roles ORDER BY id ASC"); $this->load->view('users/edit', $data); }
include APPPATH . "views/inc/header.php"; ?> <div class="col-xs-12"> <form role="form" id="<?php echo $variable; ?> " name="<?php echo $variable; ?> " method="post" action="<?php echo site_url($variable . '/add_new_success'); ?> " class="form-horizontal" enctype="multipart/form-data"> <?php if (user_role() == "G0" || user_role() == "G1") { ?> <div class="form-group"> <?php $element = "vendorid"; ?> <label for="<?php echo $element; ?> " class="col-sm-2 control-label no-padding-right"> <?php echo string_filter("Vendor"); ?> : </label> <div class="col-sm-2"> <select class="chosen-select" id="<?php echo $element;
function edit_success($id) { $this->form_validation->set_rules('product', 'Product', 'required'); if ($this->form_validation->run() == FALSE) { $this->edit($id); } else { $data = array(); foreach ($_POST as $key => $val) { $data[$key] = $val; } if (isset($_POST["active"])) { if ($_POST["active"] == "on") { $data["active"] = 1; } else { $data["active"] = 0; } } else { $data["active"] = 0; } if (user_role() == "G0" || user_role() == "G1") { $data["vendorid"] = 3; } $this->common_model->editRecord('id', $id, 'products', $data); $this->session->set_flashdata("success", "Edit Record Sucessfully Changed"); redirect(site_url("products")); } }
$fake_register_globals = false; // require 'globals.php'; require 'eRx_xml.php'; $userRole = sqlQuery("select * from users where username=?", array($_SESSION['authUser'])); $userRole['newcrop_user_role'] = preg_replace('/erx/', '', $userRole['newcrop_user_role']); $msg = ''; $doc = new DOMDocument(); $doc->formatOutput = true; $r = $doc->createElement("NCScript"); $r->setAttribute('xmlns', 'http://secure.newcropaccounts.com/interfaceV7'); $r->setAttribute('xmlns:NCStandard', 'http://secure.newcropaccounts.com/interfaceV7:NCStandard'); $r->setAttribute('xmlns:xsi', 'http://www.w3.org/2001/XMLSchema-instance'); $doc->appendChild($r); credentials($doc, $r); user_role($doc, $r); $page = $_REQUEST['page']; destination($doc, $r, $page, $pid); account($doc, $r); if ($userRole['newcrop_user_role'] != 'manager') { location($doc, $r); } if ($userRole['newcrop_user_role'] == 'doctor' || $page == 'renewal') { LicensedPrescriber($doc, $r); } if ($userRole['newcrop_user_role'] == 'manager' || $userRole['newcrop_user_role'] == 'admin' || $userRole['newcrop_user_role'] == 'nurse') { Staff($doc, $r); } if ($userRole['newcrop_user_role'] == 'supervisingDoctor') { SupervisingDoctor($doc, $r); }
<?php echo "<em>" . current_username() . " (" . strtolower(lang(current_role())) . ")" . "</em>"; echo " | "; echo anchor('user/edit/' . current_user_id(), lang('edit_user_profile')); echo " | "; echo anchor('user/change_password/' . current_user_id(), lang('change_password')); echo " | "; if (user_role() === UserRole::Admin && !is_admin()) { echo anchor('login/switch_to/admin', lang('login_admin')); echo " | "; } if ((user_role() === UserRole::Admin || user_role() === UserRole::Leader) && !is_leader()) { echo anchor('login/switch_to/leader', lang('login_leader')); echo " | "; } if ((user_role() === UserRole::Admin || user_role() === UserRole::Leader) && !is_caller()) { echo anchor('login/switch_to/caller', lang('login_caller')); echo " | "; } echo anchor('login/logout', lang('logout')); ?> </div> <?php } ?> <?php if (current_user_id() == 0) { ?> <div class="pure-menu pure-menu-open pure-menu-horizontal pure-menu-custom">
if (empty($_POST) === false) { $username = $_POST['username']; $password = $_POST['password']; //$captcha = $_POST['captcha']; if (user_exists($username) === false) { $errors[] = 'Account doesn\'t exist.'; } else { if (user_active($username) === false) { $errors[] = 'Account is disabled.'; } else { $login = login($username, $password); if ($login === false) { $errors[] = 'Username or password is incorrect!'; } else { $role = user_role($username); //set the user session $_SESSION['Id'] = $login; $_SESSION['key_user'] = user_id_from_username($username); //$connect = mysql_connect("locahost","root","secret"); //mysql_select_db("iicssched"); $connect = mysql_connect("locahost", "root", ""); mysql_select_db("iicssched"); /* mysql_query("DELETE FROM loginattempt WHERE loginattempt>0"); mysql_query("ALTER TABLE loginattempt AUTO_INCREMENT = 1"); */ //redirect user to home switch ($role) { case 1: header('Location: sup/welcome.php');