public function LoginParticulier()
{
$this->mLayout = "empty";
$this->mTheme = 'login-page';
$this->mViewFile = 'loginparticulier';
if (validate_form()) {
$username = $this->input->post('username');
$password = $this->input->post('password');
$this->load->model('User_model', 'user_model');
$user = $this->user_model->get_by('email', $username);
// only admin and staff can login
/*if ( verify_role(['admin', 'staff'], $user) )
{*/
// password correct
if (verify_pw($password, $user['password'])) {
// limited fields to store in session
$fields = array('id', 'role', 'email', 'first_name', 'last_name', 'created_at');
$user_data = elements($fields, $user);
login_user($user);
// success
set_alert('success', 'Connexion réussie');
redirect('home');
exit;
}
//}
// failed
set_alert('danger', 'Nom d\'utilisateur ou Mot de passe incorrect');
redirect('/login/Loginparticulier');
}
}
public function index()
{
$this->mLayout = "empty";
$this->mTheme = 'login-page';
$this->mViewFile = 'login';
if (validate_form()) {
$username = $this->input->post('username');
$password = $this->input->post('password');
$this->load->model('Backend_user_model', 'backend_users');
$user = $this->backend_users->get_by('username', $username);
// only admin and staff can login
if (verify_role(['admin', 'staff-1', 'staff-2', 'staff-3'], $user)) {
// password correct
if (verify_pw($password, $user['password'])) {
// limited fields to store in session
$fields = array('id', 'role', 'username', 'full_name', 'created_at');
$user_data = elements($fields, $user);
login_user($user);
// success
set_alert('success', 'Login success');
redirect('home');
exit;
}
}
// failed
set_alert('danger', 'Invalid Login');
redirect('login');
}
}
function add_report()
{
access_control($this);
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('m', 'i'));
# Pick all assigned data
$data = assign_to_data($urldata);
#Get the report details if the user is editing
if (!empty($data['i'])) {
$editid = decryptValue($data['i']);
$data['formdata'] = $this->Query_reader->get_row_as_array('get_report_by_id', array('id' => $editid));
}
#Save the report details
if ($this->input->post('savereport')) {
$required_fields = array('reportname');
$_POST = clean_form_data($_POST);
$validation_results = validate_form('', $_POST, $required_fields);
#Only proceed if the validation for required fields passes
if ($validation_results['bool']) {
$save_result = false;
#Save/Update an existing report's details
if (!empty($data['formdata']) && !empty($data['i'])) {
$updateStr = '';
#check if report has changed
if (!empty($_FILES['fileurl']['tmp_name'])) {
$new_file_url = 'ny_' . strtotime('now') . generate_random_letter() . "." . end(explode('.', $_FILES['fileurl']['name']));
if (copy(str_replace("/kunden/", "/", $_FILES['fileurl']['tmp_name']), UPLOAD_DIRECTORY . "reports/" . $new_file_url)) {
#Delete the previous report from the server if it exists
if (!empty($data['formdata']['fileurl'])) {
@unlink(UPLOAD_DIRECTORY . "reports/" . $data['formdata']['fileurl']);
}
$save_result = $this->db->query($this->Query_reader->get_query_by_code('update_report', array('updatestring' => ', fileurl = \'' . $new_file_url . '\' , uploadip = \'' . get_ip_address() . '\'', 'reportname' => $_POST['reportname'], 'id' => $editid)));
}
} else {
$save_result = $this->db->query($this->Query_reader->get_query_by_code('update_report', array_merge($_POST, array('id' => $editid, 'updatestring' => ''))));
}
} else {
$new_file_url = 'ny_' . strtotime('now') . generate_random_letter() . "." . end(explode('.', $_FILES['fileurl']['name']));
#First move the report to the correct folder and then add the report
if (copy(str_replace("/kunden/", "/", $_FILES['fileurl']['tmp_name']), UPLOAD_DIRECTORY . "reports/" . $new_file_url)) {
$save_result = $this->db->query($this->Query_reader->get_query_by_code('add_report', array('fileurl' => $new_file_url, 'reportname' => $_POST['reportname'], 'uploadip' => get_ip_address())));
}
}
if ($save_result) {
$data['msg'] = "The report has been saved.";
$this->session->set_userdata('sres', $data['msg']);
redirect(base_url() . "reports/manage_reports/m/sres");
} else {
$data['msg'] = "ERROR: The report was not saved. Please contact your administrator.";
}
}
#VALIDATION end
if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) {
$data['msg'] = "WARNING: The highlighted fields are required.";
}
$data['requiredfields'] = $validation_results['requiredfields'];
$data['formdata'] = $_POST;
}
$this->load->view('reports/add_report_view', $data);
}
function add_document()
{
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('m', 'i'));
# Pick all assigned data
$data = assign_to_data($urldata);
$this->session->set_userdata('local_allowed_extensions', array('.doc', '.docx', '.pdf', '.ppt', '.pptx'));
if (!empty($data['i'])) {
$_POST['editid'] = decryptValue($data['i']);
}
if ($this->input->post('editid')) {
$data['formdata'] = $this->Query_reader->get_row_as_array('get_document_by_id', array('id' => $_POST['editid']));
}
#Get the document details
if ($this->input->post('adddocument')) {
$_POST['documenturl'] = !empty($_FILES['documenturlupload']['name']) ? $this->sysfile->local_file_upload($_FILES['documenturlupload'], 'Upload_' . strtotime('now'), 'documents', 'filename') : '';
$required_fields = array('documentname', 'description', 'section');
if (!$this->input->post('editid')) {
array_push($required_fields, 'documenturl');
}
$_POST = clean_form_data($_POST);
$validation_results = validate_form('', $_POST, $required_fields);
#Only proceed if the validation for required fields passes
if ($validation_results['bool']) {
#First remove the document record and file from the system
if (!empty($data['formdata']) && $this->input->post('editid')) {
if (!empty($data['formdata']['documenturl']) && !empty($_POST['documenturl'])) {
@unlink(UPLOAD_DIRECTORY . "documents/" . $data['formdata']['documenturl']);
}
#Only update the document if the user uploaded a new document
if (!empty($_POST['documenturl'])) {
$_POST['urlscript'] = ", documenturl='" . $_POST['documenturl'] . "'";
} else {
$_POST['urlscript'] = "";
}
$save_result = $this->db->query($this->Query_reader->get_query_by_code('update_document', $_POST));
} else {
$save_result = $this->db->query($this->Query_reader->get_query_by_code('save_new_document', $_POST));
}
if ($save_result) {
$data['msg'] = "The document has been saved.";
$this->session->set_userdata('sres', $data['msg']);
redirect(base_url() . "documents/manage_documents/m/sres");
} else {
$data['msg'] = "ERROR: The document was not saved. Please contact your administrator.";
}
}
#VALIDATION end
if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) {
$data['msg'] = "WARNING: The highlighted fields are required.";
}
$data['requiredfields'] = $validation_results['requiredfields'];
$data['formdata'] = $_POST;
}
#Get tabs and active links if given
$data = get_tab_data_if_any($data);
$this->load->view('documents/add_document_view', $data);
}
function save_grading_scale()
{
access_control($this);
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't'));
# Pick all assigned data
$data = assign_to_data($urldata);
if ($data['save'] || $data['saveandnew']) {
$data['formdata'] = $data;
$required_fields = array('gradingname', 'classes');
foreach ($data as $key => $data_value) {
$data[$key] = restore_bad_chars($data_value);
}
$_POST = clean_form_data($data);
$validation_results = validate_form('', $_POST, $required_fields);
$feename_error = '';
#Only proceed if the validation for required fields passes
if ($validation_results['bool']) {
#Convert classes into strings
if (is_array($_POST['classes'])) {
$_POST['classes'] = stringify_array($_POST['classes'], '|');
} else {
$_POST['classes'] = '|' . $_POST['classes'] . '|';
}
if (!empty($data['editid'])) {
$result = $this->db->query($this->Query_reader->get_query_by_code('update_grading_scale', array_merge($_POST, array('id' => $data['editid']))));
} else {
#Add the school id and author to the data array
$_POST = array_merge($_POST, array('school' => $this->myschool['id'], 'author' => $this->session->userdata('userid')));
$result = $this->db->query($this->Query_reader->get_query_by_code('add_grading_scale', $_POST));
#Check if grades have been added
if (!empty($_POST['gradingdetails'])) {
$grades = explode('|', trim($_POST['gradingdetails']));
#Format the data for the query
$query_data = '';
foreach ($grades as $grade) {
$grade_details = explode('^', $grade);
$query_data .= $query_data == '' ? '(' . $this->db->insert_id() . ', "' . $grade_details[0] . '", "' . $grade_details[1] . '"' . ', "' . $grade_details[2] . '", "' . $grade_details[3] . '")' : ',(' . $this->db->insert_id() . ', "' . $grade_details[0] . '", "' . $grade_details[1] . '"' . ', "' . $grade_details[2] . '", "' . $grade_details[3] . '")';
}
$papers_result = $this->db->query($this->Query_reader->get_query_by_code('add_grading_details', array('rows' => $query_data)));
}
}
#Format and send the errors
if (!empty($result) && $result) {
$data['msg'] = empty($data['editid']) ? $data['gradingname'] . ' has been added.' : 'Details for ' . $data['gradename'] . ' have been updated.';
$data['formdata'] = array();
} else {
if (empty($data['msg'])) {
$data['msg'] = "ERROR: The grading scale could not be saved or was not saved correctly.";
}
}
}
$data['requiredfields'] = $validation_results['requiredfields'];
}
$data['classes'] = $this->classobj->get_classes();
$data['terms'] = $this->terms->get_terms();
$this->load->view('incl/grading_form', $data);
}
function save_incident()
{
access_control($this);
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 's', 't'));
# Pick all assigned data
$data = assign_to_data($urldata);
$data = restore_bad_chars($data);
if ($_POST['save_incident']) {
$data['formdata'] = $_POST;
$required_fields = array('incidentdate', 'student', 'reportedby', 'response', 'incidentdetails', 'actiontaken');
$_POST = clean_form_data($_POST);
$validation_results = validate_form('', $_POST, $required_fields);
#set status as editing on destination if updating
if ($this->input->post('editid')) {
$data['editid'] = $_POST['editid'];
}
#Only proceed if the validation for required fields passes
if ($validation_results['bool'] && !(empty($data['editid']) && !empty($user_details))) {
if (!empty($_POST['editid'])) {
#Add the school id and author to the data array
$_POST = array_merge($_POST, array('author' => $this->session->userdata('userid')));
$result = $this->disciplineobj->update_incident(array_merge($_POST, array('id' => $data['editid'])));
} else {
#Add the school id and author to the data array
$_POST = array_merge($_POST, array('author' => $this->session->userdata('userid')));
#decrypt student and reported by values
$_POST['student'] = decryptValue($_POST['student']);
$_POST['reportedby'] = decryptValue($_POST['reportedby']);
$result = $this->disciplineobj->add_incident($_POST);
}
#Format and send the errors
if (!empty($result) && $result) {
$data['msg'] = "The incident data has been successfully saved.";
$data['formdata'] = array();
} else {
if (empty($data['msg'])) {
$data['msg'] = "ERROR: The incident could not be saved or was not saved correctly." . $classname_error . $rank_error;
}
}
} else {
if (empty($data['editid']) && !empty($class_details)) {
#$addn_msg = (!empty($user_details['isactive']) && $user_details['isactive'] == 'N')? "<a href='".base_url()."admin/load_user_form/i/".encryptValue($user_details['id'])."/a/".encryptValue("reactivate")."' style='text-decoration:underline;font-size:17px;'>Click here to activate and edit</a>": "<a href='".base_url()."admin/load_user_form/i/".encryptValue($user_details['id'])."' style='text-decoration:underline;font-size:17px;'>Click here to edit</a>";
$data['msg'] = "WARNING: A class with the same name already exists.<br />";
}
}
if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) {
$data['msg'] = "WARNING: The highlighted fields are required.";
}
$data['requiredfields'] = $validation_results['requiredfields'];
}
#get the student info
if (!empty($data['s'])) {
$data['student_details'] = $this->Query_reader->get_row_as_array('get_students_list', array('isactive' => 'Y', 'searchstring' => ' AND id=\'' . decryptValue($data['s']) . '\'', 'limittext' => ''));
}
$this->load->view('discipline/incident_form_view', $data);
}
function module_try_buy(&$data)
{
list($data['page']) = explode('/', $data['__key']);
$data['fields'] = form_fields();
if ($data['view'] == 'process') {
$valid = validate_form($data['user']);
if ($valid) {
$sql = "INSERT INTO `try_buy_user` ";
$sql .= "(";
foreach ($data['fields'] as $k => $v) {
$sql .= $k . ",";
}
// Lop off the last ','
$sql = substr($sql, 0, -1);
$sql .= ") VALUES (";
// (val1,val2,val3,)
foreach ($data['fields'] as $k => $v) {
if ($k == 'timestamp') {
$sql .= time() . ",";
continue;
} elseif ($k == 'status') {
$sql .= STATUS_LIVE . ",";
continue;
} else {
$sql .= "'" . addslashes($data['user'][$k]) . "',";
}
}
// Lop off the last ','
$sql = substr($sql, 0, -1);
$sql .= ");";
$result = db_exec($sql);
// $db_result = go_db ( $data );
// go_db ( $data );
}
$json_send = array();
$json_send['user'] = $data['user'];
header('Content-Type: application/json');
echo json_encode($json_send, true);
exit;
// }
}
// elseif ( $data['view'] == 'process' )
// {
// $json_send = array () ;
// $json_send['user'] = $data['user'];
// header ( 'Content-Type: application/json' );
// echo json_encode ( $json_send, true );
// exit;
// }
if ($data['__key'] == 'terms') {
$data['terms'] = file_get_contents(SITE_ROOT . 'data/' . $data['__this'] . '/terms.html');
}
core_set_template('try_buy');
core_head_add('jquery');
core_set_title('ODA Try Buy Promotion');
}
function save_sponsor()
{
access_control($this);
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't'));
# Pick all assigned data
$data = assign_to_data($urldata);
if ($data['save']) {
$data['formdata'] = $data;
$required_fields = array('firstname', 'lastname');
foreach ($data as $key => $data_value) {
$data[$key] = restore_bad_chars($data_value);
}
$_POST = clean_form_data($data);
$validation_results = validate_form('', $_POST, $required_fields);
$feename_error = '';
#Only proceed if the validation for required fields passes
if ($validation_results['bool']) {
#check if sponsor photo has changed
if (!empty($_POST['photo'])) {
#move photo to designated folder and add value to query string
if (copy(UPLOAD_DIRECTORY . "temp/" . $_POST['photo'], UPLOAD_DIRECTORY . "sponsors/" . $_POST['photo'])) {
#move the thumb nail as well
$temp_photo_arr = explode('.', $_POST['photo']);
if (copy(UPLOAD_DIRECTORY . "temp/" . $temp_photo_arr[0] . '_thumb.' . $temp_photo_arr[1], UPLOAD_DIRECTORY . "sponsors/" . $temp_photo_arr[0] . '_thumb.' . $temp_photo_arr[1])) {
if (!empty($data['editid'])) {
$_POST['UPDATESTRING'] = ',photo ="' . $_POST['photo'] . '"';
}
}
}
} else {
$_POST['UPDATESTRING'] = '';
}
if (!empty($data['editid'])) {
$result = $this->sponsorobj->update_sponsor(array_merge($_POST, array('editid' => decryptValue($data['editid']))));
} else {
#Add the school id and author to the data array
$_POST = array_merge($_POST, array('school' => $this->myschool['id'], 'author' => $this->session->userdata('userid')));
$result = $this->sponsorobj->add_sponsor($_POST);
}
#Format and send the errors
if (!empty($result) && $result) {
$data['msg'] = empty($data['editid']) ? $data['firstname'] . ' ' . $data['lastname'] . ' has been added to the sponsors list' : $data['firstname'] . '\'s details have been updated.';
$data['formdata'] = array();
} else {
if (empty($data['msg'])) {
$data['msg'] = "ERROR: The sponsor could not be saved or was not saved correctly.";
}
}
}
$data['requiredfields'] = $validation_results['requiredfields'];
}
$this->load->view('sponsors/sponsor_form_view', $data);
}
function update_school_info()
{
access_control($this);
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't'));
# Pick all assigned data
$data = assign_to_data($urldata);
$data = restore_bad_chars($data);
if ($data['save']) {
$data['schooldetails'] = $data;
$required_fields = array('schoolname', 'emailaddress', 'telephone');
$_POST = clean_form_data($data);
$validation_results = validate_form('', $_POST, $required_fields);
$classname_error = '';
$rank_error = '';
#set status as editing on destination if updating
if ($this->input->post('editid')) {
$data['editid'] = $_POST['editid'];
}
#Only proceed if the validation for required fields passes
if ($validation_results['bool'] && !(empty($data['editid']) && !empty($user_details))) {
#Update school info
$result = $this->db->query($this->Query_reader->get_query_by_code('user_update_school_data', array_merge($_POST, array('editid' => $this->myschool['id']))));
$data['schooldetails'] = $this->Query_reader->get_row_as_array('search_schools_list', array('limittext' => '', 'searchstring' => ' AND id = ' . $this->myschool['id']));
#Format and send the errors
if (!empty($result) && $result) {
$data['msg'] = "The school data has been successfully saved.";
#Copy school badge to designated folder
if (!empty($_POST['photo'])) {
$copy_image_result = copy(UPLOAD_DIRECTORY . "temp/" . $_POST['photo'], UPLOAD_DIRECTORY . "schools/" . $_POST['photo']);
#copy the thumb_nail as well
$thumb_nail_ext = end(explode('.', $_POST['photo']));
$copy_image_thumb_result = copy(UPLOAD_DIRECTORY . "temp/" . str_replace('.' . $thumb_nail_ext, '_thumb.' . $thumb_nail_ext, $_POST['photo']), UPLOAD_DIRECTORY . "schools/" . str_replace('.' . $thumb_nail_ext, '_thumb.' . $thumb_nail_ext, $_POST['photo']));
if (!$copy_image_result && !$copy_image_thumb_result) {
$data['msg'] = 'WARNING: ' & $data['msg'] . '<br />' . 'An error occured while saving the school badge';
} else {
@unlink(UPLOAD_DIRECTORY . "temp/" . $_POST['photo']);
@unlink(UPLOAD_DIRECTORY . "temp/" . str_replace('.' . $thumb_nail_ext, '_thumb.' . $thumb_nail_ext, $_POST['photo']));
}
}
} else {
if (empty($data['msg'])) {
$data['msg'] = "ERROR: The school data could not be saved or was not saved correctly." . $classname_error . $rank_error;
}
}
}
if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) {
$data['msg'] = "WARNING: The highlighted fields are required.";
}
$data['requiredfields'] = $validation_results['requiredfields'];
}
$this->load->view('schoolinfo/school_info_view', $data);
}
function save_term()
{
access_control($this);
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't'));
# Pick all assigned data
$data = assign_to_data($urldata);
$data = restore_bad_chars($data);
if ($data['save']) {
$data['termdetails'] = $data;
$required_fields = array('term', 'year', 'startdate', 'enddate');
$_POST = clean_form_data($data);
$validation_results = validate_form('', $_POST, $required_fields);
#set status as editing on destination if updating
//if($this->input->post('editid') || $data['editid']) $data['editid'] = $_POST['editid'];
#Only proceed if the validation for required fields passes
if ($validation_results['bool']) {
if (!empty($data['editid'])) {
#Check if another term other than the current one exists with the same name and year
$term_details = $this->Query_reader->get_row_as_array('search_terms_list', array('limittext' => '', 'searchstring' => ' AND term = "' . $data['termdetails']['term'] . '" AND id != ' . $data['editid'] . ' AND school =' . $this->myschool->cur_school_details['id'] . ' AND year = "' . $data['termdetails']['year'] . '"'));
if (!count($term_details)) {
$result = $this->db->query($this->Query_reader->get_query_by_code('update_term', $_POST));
} else {
$termname_error = "WARNING: A term with the same name and year already exists.";
}
} else {
$term_details = $this->Query_reader->get_row_as_array('search_terms_list', array('limittext' => '', 'searchstring' => ' AND isactive ="Y" AND term = "' . $data['termdetails']['term'] . '" AND school =' . $this->myschool->cur_school_details['id'] . ' AND year = "' . $data['termdetails']['year'] . '"'));
if (empty($term_details)) {
#Add the school id
$_POST = array_merge($_POST, array('school' => $this->myschool->cur_school_details['id']));
$result = $this->terms->add_term($_POST);
}
}
#Format and send the errors
if (!empty($result) && $result) {
$data['msg'] = "The term data has been successfully saved";
$data['termdetails'] = array();
} elseif (empty($data['editid']) && !empty($term_details)) {
$data['msg'] = "WARNING: A term with the same name and year already exists.<br />";
} else {
if (empty($data['msg'])) {
$data['msg'] = "ERROR: The term could not be saved or was not saved correctly.";
}
}
}
if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) {
$data['msg'] = "WARNING: The highlighted fields are required.";
}
$data['requiredfields'] = $validation_results['requiredfields'];
}
$this->load->view('incl/term_form', $data);
}
/**
* Submission of Change Password form
*/
public function change_password()
{
$form_url = 'account';
if (validate_form($form_url)) {
// update db
$password = $this->input->post('password');
$update_data = ['password' => hash_pw($password)];
$result = $this->backend_users->update($this->mUser['id'], $update_data);
// success
set_alert('success', 'Mot de passe changé.');
}
// back to form
redirect($form_url);
}
function save_exam()
{
access_control($this);
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('m', 'i', 'a', 't'));
# Pick all assigned data
$data = assign_to_data($urldata);
if ($data['save'] || $data['saveandnew']) {
$data['formdata'] = $data;
$required_fields = array('exam', 'term', 'contribution', 'classes');
foreach ($data as $key => $data_value) {
$data[$key] = restore_bad_chars($data_value);
}
$_POST = clean_form_data($data);
$validation_results = validate_form('', $_POST, $required_fields);
$feename_error = '';
#Only proceed if the validation for required fields passes
if ($validation_results['bool']) {
#Convert classes into strings
if (is_array($_POST['classes'])) {
$_POST['classes'] = stringify_array($_POST['classes'], '|');
} else {
$_POST['classes'] = '|' . $_POST['classes'] . '|';
}
if (!empty($data['editid'])) {
$result = $this->db->query($this->Query_reader->get_query_by_code('update_exam', array_merge($_POST, array('id' => $data['editid']))));
} else {
#Add the school id and author to the data array
$_POST = array_merge($_POST, array('school' => $this->myschool['id'], 'author' => $this->session->userdata('userid')));
$result = $this->db->query($this->Query_reader->get_query_by_code('add_exam', $_POST));
}
#Format and send the errors
if (!empty($result) && $result) {
$data['msg'] = empty($data['editid']) ? $data['exam'] . ' has been added.' : 'Details for ' . $data['exam'] . ' have been updated.';
$data['formdata'] = array();
} else {
if (empty($data['msg'])) {
$data['msg'] = "ERROR: The exam could not be saved or was not saved correctly.";
}
}
}
$data['requiredfields'] = $validation_results['requiredfields'];
}
$data['classes'] = $this->classobj->get_classes();
$data['terms'] = $this->terms->get_terms();
$this->load->view('incl/exam_form', $data);
}
/**
* Reset password for backend users
*/
public function reset_password($user_id)
{
$this->mTitle = "Backend Users";
$this->mViewFile = 'admin/reset_password';
$this->mViewData['target'] = $this->backend_users->get($user_id);
if (validate_form('', 'admin/reset_password')) {
// update db
$password = $this->input->post('password');
$result = $this->backend_users->update($user_id, ['password' => hash_pw($password)]);
// success or failed
if ($result) {
set_alert('success', 'Successfully updated.');
} else {
set_alert('danger', 'Database error.');
}
// refresh page to show alert msg
redirect(current_url());
}
}
/**
* Builds a form from an array.
*/
function build_form($elements)
{
static $form_number;
$output = '';
// For multiple forms, create a counter.
$form_number = isset($form_number) ? 1 : $form_number + 1;
// Check for submitted form and validate
if (isset($_POST['action']) && $_POST['action'] == 'submit_' . $form_number) {
if (validate_form($elements)) {
submit_form($elements);
}
}
// Loop through each form element and render it.
foreach ($elements as $name => $settings) {
switch ($settings['type']) {
case 'textarea':
$input = '<textarea name="' . $name . '" ></textarea>';
break;
case 'submit':
$input = '<input type="submit" name="' . $name . '" value="' . $settings['title'] . '">';
$label = '';
default:
$input = '<input type="' . $settings['type'] . '" name="' . $name . '" />';
break;
}
$output .= '<label>' . $settings['title'] . '</label><p>' . $input . '</p>';
}
// Wrap a form around the inputs.
$output = '
<form action="' . $_SERVER['PHP_SELF'] . '" method="post">
<input type="hidden" name="action" value="submit_' . $form_number . '" />
' . $output . '
</form>';
// Return the form.
return $output;
}
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
<meta http-equiv=Content-Language content=zh-CN>
<title>富豪编辑</title>
<?php
include_once '../../frame.php';
judge_role();
css_include_tag('admin', 'autocomplete', 'jquery_ui');
use_jquery();
js_include_tag('autocomplete.jquery', 'admin/rich/main_edit', '../ckeditor/ckeditor.js', 'jquery-ui-1.7.2.custom.min.js');
validate_form("fhgl_edit");
?>
</head>
<?php
$db = get_db();
$id = $_REQUEST['id'];
$record = new table_class('fb_rich');
if ($id != '') {
$record->find($id);
}
?>
<body>
<div id=icaption>
<div id=title><span style="cursor:pointer" class=rich_btn id=-1>基本信息管理</span> <span style="cursor:pointer; color:#cccccc" class=rich_btn id=-2>富豪公司管理</span> <span style="cursor:pointer; color:#cccccc" class=rich_btn id=-3>富豪财富管理</span></div>
<a href="list.php" id=btn_back></a>
</div>
<div id="tabs-1" class=tabs>
<div id="itable">
public function change_password()
{
if (validate_form('account')) {
// check if current password match the record
$user = $this->users->get($this->mUser['id']);
$current_password = $this->input->post('current_password');
if (verify_pw($current_password, $user['password'])) {
// change user password
$new_password = $this->input->post('new_password');
$success = $this->users->update($this->mUser['id'], array('password' => hash_pw($new_password)));
// (optional) send Password Changed email
//$to_name = $user['first_name'].' '.$user['last_name'];
//$subject = 'Password Changed';
//send_email($user['email'], $to_name, $subject, 'password_changed', $user);
if ($success) {
set_alert('success', 'Password changed successfully.');
} else {
set_alert('danger', 'Database error.');
}
} else {
set_alert('danger', 'Incorrect current password.');
}
}
redirect('account');
}
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
<meta http-equiv=Content-Language content=zh-CN>
<title>富豪编辑</title>
<?php
require_once '../../frame.php';
css_include_tag('admin', 'autocomplete');
use_jquery();
validate_form("city_edit");
js_include_tag('admin/city/add', 'autocomplete.jquery');
?>
</head>
<?php
$id = $_REQUEST['id'];
$list_id = $_REQUEST['list_id'];
if ($id != '') {
$city = new table_class('fb_city');
$city->find($id);
}
?>
<body style="background:#E1F0F7">
<form id="city_edit" action="detail_edit.post.php" method="post">
<table width="795" border="0">
<tr class=tr1>
<td colspan="2" width="795"> <?php
if ($id != '') {
echo '编辑榜单';
$db_choice = $input['db_choice'];
$new_prefix = $input['new_prefix'];
$input = $_SESSION['user_inputs'];
switch ($db_choice) {
case 'replace':
// user wants to replace the existing tables with new ones
create_tables();
break;
case 'use':
// user wants to use the existing tables
// noting to do
break;
default:
// user wants to use another table prefix
$input['db_prefix'] = $new_prefix;
validate_form();
break;
}
create_config_files();
require_once 'config.inc';
add_first_user();
} else {
// display the installation form
if (file_exists("../commons/config.inc")) {
include_once '../commons/config.inc';
} else {
include_once '../commons/config-sample.inc';
}
if (!(isset($input['skip_ext']) && $input['skip_ext']) && !(isset($input['skip_srv']) && $input['skip_srv'])) {
check_php_extensions();
}
function load_miscelleneous_form()
{
access_control($this);
$schooldetails = $this->session->userdata('schoolinfo');
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('m', 'i'));
/*foreach($urldata as $key => $val)
echo "$key -> $val<br>";
die(); */
# Pick all assigned data
$data = assign_to_data($urldata);
#Get the Student details
if (!empty($data['s'])) {
#$studentid = $data['s'];
$studentid = decryptValue($data['s']);
$data['studentdetails'] = $this->Query_reader->get_row_as_array('get_student_by_id', array('id' => $studentid));
}
#Get the transaction details
if (!empty($data['i'])) {
$editid = decryptValue($data['i']);
$data['formdata'] = $this->Query_reader->get_row_as_array('get_miscelleneous_by_id', array('id' => $editid));
}
#Check if the user is simply viewing the deal
#TODO: Add the force-users-without-other-permissions-to-view condition
if (!empty($data['a']) && decryptValue($data['a']) == 'view') {
$data['isview'] = "Y";
}
if (!empty($data['u']) && decryptValue($data['u']) == 'update') {
$save_result = $this->db->query($this->Query_reader->get_query_by_code('set_read', array_merge($_POST, array('id' => $editid))));
}
if ($this->input->post('savemiscelleneous')) {
$required_fields = array('subject', 'message');
$validation_results = validate_form('', $_POST, $required_fields);
if ($validation_results['bool']) {
if (!empty($data['formdata']) && !empty($data['i'])) {
$save_result = $this->db->query($this->Query_reader->get_query_by_code('update_miscelleneous', array_merge($_POST, array('id' => $editid))));
} else {
#die($this->Query_reader->get_query_by_code('add_miscelleneous', array_merge($_POST, array('school' => $schooldetails['id'], 'student' => $_POST['student'], 'author'=>$this->session->userdata('userid'))) ));
$save_result = $this->db->query($this->Query_reader->get_query_by_code('add_miscelleneous', array_merge($_POST, array('school' => $schooldetails['id'], 'student' => $_POST['student'], 'author' => $this->session->userdata('userid')))));
}
if ($save_result) {
$data['msg'] = "The message has been saved.";
#die($data['msg']);
$this->session->set_userdata('sres', $data['msg']);
redirect(base_url() . "students/manage_miscelleneous/m/sres");
} else {
$data['msg'] = "ERROR: The message was not saved. Please contact your administrator.";
//die($data['msg']);
}
}
#Validation
if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) {
$data['msg'] = "WARNING: The highlighted fields are required.";
}
$data['requiredfields'] = $validation_results['requiredfields'];
$data['formdata'] = $_POST;
}
$this->load->view('students/miscelleneous_view', $data);
}
$cate->find($id);
$parent_id = $cate->parent_id;
$level = $cate->level;
}
$type = $_REQUEST['type'];
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd">
<html>
<head>
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
<meta http-equiv=Content-Language content=zh-CN>
<title>迅傲信息</title>
<?php
css_include_tag('admin');
validate_form("category_form");
?>
</head>
<body>
<div id=icaption>
<div id=title><?php
if ($id) {
echo "修改栏目";
} else {
echo "添加栏目";
}
?>
</div>
<a href="category_list.php?type=<?php
echo $type;
?>
function add_organization()
{
access_control($this);
# Get the passed details into the url data array if any
$urldata = $this->uri->uri_to_assoc(3, array('m', 'i'));
# Pick all assigned data
$data = assign_to_data($urldata);
$this->session->set_userdata('local_allowed_extensions', array('.jpg', '.jpeg', '.gif', '.png', '.tiff', '.bmp'));
if (!empty($data['i'])) {
$data['formdata'] = $this->Query_reader->get_row_as_array('get_organization_by_id', array('id' => decryptValue($data['i'])));
$data['isview'] = !empty($data['a']) && decryptValue($data['a']) == 'view' ? "Y" : "";
}
#Save the document details
if ($this->input->post('saveorgn')) {
$required_fields = array('organizationname', 'datestarted', 'contactperson', 'contactemail*EMAILFORMAT', 'contactphone', 'contactaddressline1', 'contactcity', 'contactzipcode', 'contactstate');
$_POST = clean_form_data($_POST);
$validation_results = validate_form('', $_POST, $required_fields);
#Only proceed if the validation for required fields passes
if ($validation_results['bool']) {
$_POST['datestarted'] = empty($_POST['datestarted']) ? "" : date('Y-m-d', strtotime($_POST['datestarted']));
$_POST['logourl'] = !empty($_FILES['logourl']['name']) ? $this->sysfile->local_file_upload($_FILES['logourl'], 'Upload_' . strtotime('now'), 'images', 'filename') : '';
$_POST['iconurl'] = !empty($_FILES['iconurl']['name']) ? $this->sysfile->local_file_upload($_FILES['iconurl'], 'iUpload_' . strtotime('now'), 'images', 'filename') : '';
#Use the old versions if no new ones are entered
$_POST['logourl'] = empty($_POST['logourl']) && !empty($data['formdata']['logourl']) ? $data['formdata']['logourl'] : $_POST['logourl'];
$_POST['iconurl'] = empty($_POST['iconurl']) && !empty($data['formdata']['iconurl']) ? $data['formdata']['iconurl'] : $_POST['iconurl'];
#First remove the document record and file from the system
if (!empty($data['formdata']) && !empty($data['i'])) {
$save_result = $this->db->query($this->Query_reader->get_query_by_code('update_organization', array_merge($_POST, array('editid' => decryptValue($data['i'])))));
} else {
$save_result = $this->db->query($this->Query_reader->get_query_by_code('save_new_organization', $_POST));
}
$data['msg'] = $save_result ? "The organization has been saved." : "ERROR: The organization was not saved. Please contact your administrator.";
$this->session->set_userdata('sres', $data['msg']);
redirect(base_url() . "user/manage_organizations/m/sres");
}
#VALIDATION end
if ((empty($validation_results['bool']) || !empty($validation_results['bool']) && !$validation_results['bool']) && empty($data['msg'])) {
$data['msg'] = "WARNING: The highlighted fields are required.";
}
$data['requiredfields'] = $validation_results['requiredfields'];
$data['formdata'] = $_POST;
}
$data = add_msg_if_any($this, $data);
$this->load->view('user/add_organization_view', $data);
}
$list_id = intval($_REQUEST['list_id']);
if (!$list_id) {
alert('invalid request');
redirect('file_list_list.php');
die;
}
$id = intval($_REQUEST['id']);
$news = new table_class('fb_file_list_items');
if ($id) {
$news = $news->find($id);
}
$news->list_id = $list_id;
judge_role();
css_include_tag('admin', 'colorbox', 'autocomplete');
use_jquery();
validate_form("news_edit");
js_include_tag('category_class.js', 'admin/news_pub', 'admin/list/file_list_item_edit.js', 'jquery.colorbox-min.js', 'jquery-ui-1.7.2.custom.min.js', '../ckeditor/ckeditor.js', 'autocomplete.jquery', 'pubfun');
?>
</head>
<body style="background:#E1F0F7">
<?php
$category = new category_class('file_list');
$category->echo_jsdata();
if ($id) {
$category_id = $news->category_id;
} else {
$category_id = -1;
}
if (empty($category_id)) {
$category_id = -1;
}
*
* Download TextFile & Annahme Task
* To Do:
* - LOcalisation
*/
/******************************************************************************
* MAIN
*****************************************************************************/
include "../application.php";
checklogin();
$session['notice'] = '';
/* form has been submitted */
if (isset($HTTP_POST_VARS) and (isset($HTTP_POST_VARS['taketask']) or isset($HTTP_POST_VARS['notake']))) {
$frm = $HTTP_POST_VARS;
//mydebug($frm);
$errormsg = validate_form($frm, $errors);
if (empty($errormsg)) {
if (isset($frm['notake'])) {
$session['notice'] = "Sie haben den Übersetzungsauftrag nicht angenommen - ok";
$goto = empty($session["wantsurl"]) ? "{$CFG->wwwroot}/main.php" : $session["wantsurl"];
header("Location: {$goto}");
die;
}
/* apply use for task */
if (applyTask($frm['textID'], $session['userid'])) {
$session['notice'] = "Sie sind nun als Übersetzer für diesen Text eingetragen";
$id = $frm['otextID'];
$DOC_TITLE = "Download";
include "{$CFG->templatedir}/header.php";
include "templates/download.inc";
include "{$CFG->templatedir}/footer.php";
* $Id: changepassword.php,v 1.3 2002/01/11 13:14:45 alexgn Exp $
*
* To Do:
* -
* -
*/
/******************************************************************************
* MAIN
*****************************************************************************/
include "../application.php";
/* $session['wantsurl']=me(); // Rücksprung (ggf) */
checklogin();
/* form has been submitted, changing user data */
if (match_referer() && isset($HTTP_POST_VARS)) {
$frm = $HTTP_POST_VARS;
$errormsg = validate_form($frm, $errors, $session);
if (empty($errormsg)) {
$status = change_userPassword($session['username'], $frm);
/* Obsolete Code */
/* $DOC_TITLE = "Password Change Successfull"; */
/* include("$CFG->templatedir/header.php"); */
/* include("templates/change_password_success.inc"); */
/* include("$CFG->templatedir/footer.php"); */
$session['notice'] = "Passwort erfolgreich geändert!";
$goto = empty($session["wantsurl"]) ? "{$CFG->wwwroot}/user/user_data.php" : $session["wantsurl"];
header("Location: {$goto}");
die;
} else {
$session['notice'] = $errormsg;
}
}
session_start();
include_once '../../frame.php';
judge_role();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
<meta http-equiv=Content-Language content=zh-CN>
<title></title>
<?php
css_include_tag('admin');
use_jquery();
validate_form("industry");
?>
</head>
<?php
$db = get_db();
$id = $_REQUEST['id'];
$record = new table_class('zzh_comment');
if ($id != '') {
$record->find($id);
}
?>
<body>
<div id=icaption>
<div id=title><?php
<?php
session_start();
include_once '../../frame.php';
judge_role();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
<meta http-equiv=Content-Language content=zh-CN>
<title></title>
<?php
css_include_tag('admin');
use_jquery();
validate_form("data_upload");
?>
</head>
<body>
<div id=icaption>
<div id=title>公司数据导入</div>
<a href="list.php" id=btn_back></a>
</div>
<div id=itable>
<form id="data_upload" enctype="multipart/form-data" action="upload.post.php" method="post">
<table cellspacing="1" align="center">
<tr class="tr4 add">
<td class=td1 width="15%">上传CSV</td>
<td width="85%">
<input type="file" name="xls">
<?php
require 'formhelpers.php';
if ($_POST['_submit_check']) {
if ($form_errors = validate_form()) {
show_form($form_errors);
} else {
process_form();
}
} else {
show_form();
}
function show_form($errors = '')
{
if ($errors) {
print 'You need to correct the following errors: <ul><li>';
print implode('</li><li>', $errors);
print '</li></ul>';
}
// the beginning of the form
print '<form method="POST" action="' . $_SERVER['PHP_SELF'] . '">';
print '<table>';
// the search term
print '<tr><td>Search Term:</td><td>';
input_text('term', $_POST);
print '</td></tr>';
// form end
print '<tr><td colspan="2"><input type="submit" value="Search News Feed"></td></tr>';
print '</table>';
print '<input type="hidden" name="_submit_check" value="1"/>';
print '</form>';
if ($form->duration == 1) {
$form->timeduration = make_timestamp($form->endyr, $form->endmon, $form->endday, $form->endhr, $form->endmin) - $form->timestart;
if ($form->timeduration < 0) {
$form->timeduration = 0;
}
} else {
if ($form->duration == 2) {
$form->timeduration = $form->minutes * MINSECS;
} else {
$form->timeduration = 0;
}
}
if (!calendar_add_event_allowed($form)) {
error('You are not authorized to do this');
}
validate_form($form, $err);
if (count($err) == 0) {
$form->timemodified = time();
/// Get the event id for the log record.
$eventid = insert_record('event', $form, true);
/// Use the event id as the repeatid to link repeat entries together
if ($form->repeat) {
$form->repeatid = $form->id = $eventid;
update_record('event', $form);
// update the row, to set its repeatid
}
/// Log the event entry.
add_to_log($form->courseid, 'calendar', 'add', 'event.php?action=edit&id=' . $eventid, stripslashes($form->name));
if ($form->repeat) {
for ($i = 1; $i < $form->repeats; $i++) {
// What's the DST offset for the previous repeat?
}
$db = get_db();
$roles = $db->query('select * from eb_role');
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv=Content-Type content="text/html; charset=utf-8">
<meta http-equiv=Content-Language content=zh-CN>
<title>福布斯中文网</title>
<?php
css_include_tag('admin');
?>
</head>
<?php
validate_form("menu_form");
if ($menu->id) {
$title = "修改";
} else {
$title = "添加";
}
?>
<body>
<div id=icaption>
<div id=title><?php
echo $title;
?>
菜单</div>
<a href="menu_list.php" id=btn_back></a>
</div>
<div id=itable>
<?php
// Logic to do the right thing based on
// the hidden _submit_check parameter
if (array_key_exists('_submit_check', $_POST)) {
//入力値の検証
if (validate_form()) {
//入力値が正しければ処理に進む
process_form();
} else {
//入力値に誤りがあればフォームを表示
show_form();
}
} else {
show_form();
}
// Do something when the form is submitted
function process_form()
{
print "Hello, " . $_POST['my_name'];
}
// Display the form
function show_form()
{
print <<<_HTML_
<form method="POST" action="{$_SERVER['SCRIPT_NAME']}">
Your name: <input type="text" name="my_name">
<br/>
<input type="submit" value="Say Hello">
<input type="hidden" name="_submit_check" value="1">
</form>