/** Switches the role of the current user, if he has that privilege. Returns to the welcome page. */
public function switch_to($role)
{
if (user_role() === UserRole::Admin && in_array($role, array(UserRole::Admin, UserRole::Leader, UserRole::Caller))) {
$this->session->set_userdata(array('role' => $role));
redirect('welcome');
} else {
if (user_role() === UserRole::Leader && in_array($role, array(UserRole::Leader, UserRole::Caller))) {
$this->session->set_userdata(array('role' => $role));
redirect('welcome');
} else {
show_error('Sorry, you are not allowed to do this.');
}
}
}
function edit($id)
{
$data['title'] = "Edit";
$data['user'] = $this->session->userdata("isLoggedIn");
$data["variable"] = "users";
$data['row'] = $this->common_model->query("SELECT * FROM users WHERE users.id = '" . $id . "'")->row();
if (user_role() == "V0" || user_role() == "V1") {
if ($data["row"]->vendorid != $data["user"]->vendorid) {
$this->session->set_flashdata("error", "Sorry, Invalid product id...");
redirect(site_url("users"));
}
}
$data["vendors"] = $this->common_model->query("SELECT * FROM vendor ORDER BY id DESC");
$data["user_roles"] = $this->common_model->query("SELECT * FROM user_roles ORDER BY id ASC");
$this->load->view('users/edit', $data);
}
include APPPATH . "views/inc/header.php";
?>
<div class="col-xs-12">
<form role="form" id="<?php
echo $variable;
?>
" name="<?php
echo $variable;
?>
" method="post" action="<?php
echo site_url($variable . '/add_new_success');
?>
" class="form-horizontal" enctype="multipart/form-data">
<?php
if (user_role() == "G0" || user_role() == "G1") {
?>
<div class="form-group">
<?php
$element = "vendorid";
?>
<label for="<?php
echo $element;
?>
" class="col-sm-2 control-label no-padding-right"> <?php
echo string_filter("Vendor");
?>
: </label>
<div class="col-sm-2">
<select class="chosen-select" id="<?php
echo $element;
function edit_success($id)
{
$this->form_validation->set_rules('product', 'Product', 'required');
if ($this->form_validation->run() == FALSE) {
$this->edit($id);
} else {
$data = array();
foreach ($_POST as $key => $val) {
$data[$key] = $val;
}
if (isset($_POST["active"])) {
if ($_POST["active"] == "on") {
$data["active"] = 1;
} else {
$data["active"] = 0;
}
} else {
$data["active"] = 0;
}
if (user_role() == "G0" || user_role() == "G1") {
$data["vendorid"] = 3;
}
$this->common_model->editRecord('id', $id, 'products', $data);
$this->session->set_flashdata("success", "Edit Record Sucessfully Changed");
redirect(site_url("products"));
}
}
$fake_register_globals = false;
//
require 'globals.php';
require 'eRx_xml.php';
$userRole = sqlQuery("select * from users where username=?", array($_SESSION['authUser']));
$userRole['newcrop_user_role'] = preg_replace('/erx/', '', $userRole['newcrop_user_role']);
$msg = '';
$doc = new DOMDocument();
$doc->formatOutput = true;
$r = $doc->createElement("NCScript");
$r->setAttribute('xmlns', 'http://secure.newcropaccounts.com/interfaceV7');
$r->setAttribute('xmlns:NCStandard', 'http://secure.newcropaccounts.com/interfaceV7:NCStandard');
$r->setAttribute('xmlns:xsi', 'http://www.w3.org/2001/XMLSchema-instance');
$doc->appendChild($r);
credentials($doc, $r);
user_role($doc, $r);
$page = $_REQUEST['page'];
destination($doc, $r, $page, $pid);
account($doc, $r);
if ($userRole['newcrop_user_role'] != 'manager') {
location($doc, $r);
}
if ($userRole['newcrop_user_role'] == 'doctor' || $page == 'renewal') {
LicensedPrescriber($doc, $r);
}
if ($userRole['newcrop_user_role'] == 'manager' || $userRole['newcrop_user_role'] == 'admin' || $userRole['newcrop_user_role'] == 'nurse') {
Staff($doc, $r);
}
if ($userRole['newcrop_user_role'] == 'supervisingDoctor') {
SupervisingDoctor($doc, $r);
}
<?php
echo "<em>" . current_username() . " (" . strtolower(lang(current_role())) . ")" . "</em>";
echo " | ";
echo anchor('user/edit/' . current_user_id(), lang('edit_user_profile'));
echo " | ";
echo anchor('user/change_password/' . current_user_id(), lang('change_password'));
echo " | ";
if (user_role() === UserRole::Admin && !is_admin()) {
echo anchor('login/switch_to/admin', lang('login_admin'));
echo " | ";
}
if ((user_role() === UserRole::Admin || user_role() === UserRole::Leader) && !is_leader()) {
echo anchor('login/switch_to/leader', lang('login_leader'));
echo " | ";
}
if ((user_role() === UserRole::Admin || user_role() === UserRole::Leader) && !is_caller()) {
echo anchor('login/switch_to/caller', lang('login_caller'));
echo " | ";
}
echo anchor('login/logout', lang('logout'));
?>
</div>
<?php
}
?>
<?php
if (current_user_id() == 0) {
?>
<div
class="pure-menu pure-menu-open pure-menu-horizontal pure-menu-custom">
if (empty($_POST) === false) {
$username = $_POST['username'];
$password = $_POST['password'];
//$captcha = $_POST['captcha'];
if (user_exists($username) === false) {
$errors[] = 'Account doesn\'t exist.';
} else {
if (user_active($username) === false) {
$errors[] = 'Account is disabled.';
} else {
$login = login($username, $password);
if ($login === false) {
$errors[] = 'Username or password is incorrect!';
} else {
$role = user_role($username);
//set the user session
$_SESSION['Id'] = $login;
$_SESSION['key_user'] = user_id_from_username($username);
//$connect = mysql_connect("locahost","root","secret");
//mysql_select_db("iicssched");
$connect = mysql_connect("locahost", "root", "");
mysql_select_db("iicssched");
/*
mysql_query("DELETE FROM loginattempt WHERE loginattempt>0");
mysql_query("ALTER TABLE loginattempt AUTO_INCREMENT = 1");
*/
//redirect user to home
switch ($role) {
case 1:
header('Location: sup/welcome.php');
