function validate_option()
{
//testa se existe pedido de option
if (!isset($_GET['option'])) {
return false;
}
//globalizar o objeto usuário
global $user;
include_once $GLOBALS['project_path'] . '/model/class/Connect.class.php';
include_once $GLOBALS['project_path'] . '/model/class/Manager.class.php';
switch ($_GET['option']) {
case "profile":
//testa permissão
if (!isset($user)) {
return false;
}
include_once $GLOBALS['project_path'] . '/view/profile.html';
break;
case "add_category":
if (!isset($user) || $user->profile_page != "admin") {
return false;
}
include_once $GLOBALS['project_path'] . '/view/forms/add_category.html';
break;
case "list_categories":
if (!isset($user) || $user->profile_page != "admin") {
return false;
}
$manager = new Manager();
$table_content = $manager->select_common('tb_category', null, null, " ORDER BY category_name");
//titulos da tabela
$table_titles['id_category'] = "ID";
$table_titles['category_name'] = "Nome";
$table_titles['category_desc'] = "Descrição";
//Ações
$update = true;
$delete = true;
//excluir
$filter = "id_category";
$delete_destiny = $GLOBALS['project_index'] . '/controller/delete_category.php';
$update_destiny = $GLOBALS['project_index'] . "/" . $user->profile_page . '.php?option=update_category';
include_once $GLOBALS['project_path'] . '/view/list_common.html';
echo '<a href="?option=add_category">';
echo '<span class="glyphicon glyphicon-plus"></span>';
echo ' Nova Categoria</a><br>';
break;
case "add_user":
if (!isset($user) || $user->profile_page != "admin") {
return false;
}
$manager = new Manager();
//tipos de conta
$profiles = $manager->select_common('tb_profile', null, null, " ORDER BY profile_name");
include_once $GLOBALS['project_path'] . '/view/forms/add_user.html';
break;
case "list_users":
if (!isset($user) || $user->profile_page != "admin") {
return false;
}
$manager = new Manager();
$tables['tb_user'] = array();
$tables['tb_profile'] = array('profile_name');
$rel['tb_user.profile_id'] = "tb_profile.id_profile";
$table_content = $manager->select_special($tables, $rel, null, " ORDER BY user_name");
//titulos da tabela
$table_titles['id_user'] = "******";
$table_titles['user_name'] = "Nome";
$table_titles['profile_name'] = "Perfil";
//Ações
$delete = true;
//excluir e editar
$filter = "id_user";
$delete_destiny = $GLOBALS['project_index'] . '/controller/delete_user.php';
include_once $GLOBALS['project_path'] . '/view/list_common.html';
echo '<a href="?option=add_user">';
echo '<span class="glyphicon glyphicon-plus"></span>';
echo ' Novo Usuário</a><br>';
break;
case "list_products":
if (!isset($user) || $user->profile_page != "admin") {
return false;
}
$manager = new Manager();
$tables['tb_product'] = array();
$tables['tb_category'] = array('category_name');
$rel['tb_product.category_id'] = "tb_category.id_category";
$table_content = $manager->select_special($tables, $rel, null, "");
$table_titles = array('id_product' => "ID", 'product_name' => "Nome", 'category_name' => "Categoria", 'product_details' => "Detalhes", 'product_price' => "Preço", 'product_quantity' => "Quantidade");
//Ações
$update = true;
$delete = true;
//excluir
$filter = "id_product";
$delete_destiny = $GLOBALS['project_index'] . '/controller/delete_product.php';
$update_destiny = $GLOBALS['project_index'] . "/" . $user->profile_page . '.php?option=update_product';
include_once $GLOBALS['project_path'] . '/view/list_common.html';
echo '<a href="?option=add_product">';
echo '<span class="glyphicon glyphicon-plus">';
echo '</span>';
echo " Novo Produto";
echo '</a>';
break;
case "add_product":
if (!isset($user) || $user->profile_page != "admin") {
return false;
}
//buscando categorias
$manager = new Manager();
$categories = $manager->select_common('tb_category', null, null, "");
include_once $GLOBALS['project_path'] . '/view/forms/add_product.html';
break;
case "update_product":
if (!isset($user) || $user->profile_page != "admin") {
return false;
}
//teste se existe filtro
if (!isset($_GET['filter'])) {
return false;
}
//buscando categorias
$manager = new Manager();
//buscando dados do produto
$tables['tb_product'] = array();
$tables['tb_category'] = array();
$rel['tb_product.category_id'] = "tb_category.id_category";
$filters['id_product'] = $_GET['filter'];
$product = $manager->select_special($tables, $rel, $filters, " LIMIT 1");
$product = $product[0];
$categories = $manager->select_common('tb_category', null, null, "");
include_once $GLOBALS['project_path'] . '/view/forms/update_product.html';
break;
case "update_category":
if (!isset($user) || $user->profile_page != "admin") {
return false;
}
//teste se existe filtro
if (!isset($_GET['filter'])) {
return false;
}
//buscando categorias
$manager = new Manager();
//buscando dados do produto
$category = $manager->select_common('tb_category', null, array('id_category' => $_GET['filter']), "");
$category = $category[0];
include_once $GLOBALS['project_path'] . '/view/forms/update_category.html';
break;
//caso não haja opções
//caso não haja opções
default:
return false;
}
return true;
}
include_once $project_path . '/model/class/Connect.class.php';
include_once $project_path . '/model/class/Manager.class.php';
include_once $project_path . '/model/class/User.class.php';
//receber os dados
$email = $_POST['email'];
$password = sha1($_POST['password']);
//cria o objeto gerenciador do banco
$manager = new Manager();
//prepara a busca
$tables['tb_user'] = array();
//todas as colunas
$tables['tb_profile'] = array();
$rel['tb_user.profile_id'] = "tb_profile.id_profile";
$filters['user_email'] = $email;
//realiza a consulta
$log = $manager->select_special($tables, $rel, $filters, " LIMIT 1");
//testando
if ($log === false) {
header("location: {$project_index}/?error=user_not_found");
} elseif ($log[0]['user_status'] == "0") {
//status
header("location: {$project_index}/?error=user_inative");
} elseif ($log[0]['user_password'] != $password) {
//senha
header("location: {$project_index}/?error=password_incorrect");
} else {
//deu certo.
//atualizando ultimo acesso
$last_d['user_last_access'] = date('Y-m-d H:i:s');
$last_f['id_user'] = $log[0]['id_user'];
$manager->update_common('tb_user', $last_d, $last_f, "");
include_once $project_path . '/model/class/Manager.class.php';
include_once $project_path . '/model/class/User.class.php';
//Recebendo dados do formulario de login
$email = $_POST['email'];
$password = md5($_POST['pass']);
//criar o objeto Manager
$manager = new Manager();
//Tabelas e campos da busca
$tables['tb_user'] = array();
$tables['tb_profile'] = array();
//Relações
$relationships['tb_user.profile_id'] = "tb_profile.id_profile";
//filtros da busca
$filters['user_email'] = $email;
//realiza a busca
$user_result = $manager->select_special($tables, $relationships, $filters, "");
//testando se existe usuario com o email
if ($user_result === false) {
header("location: {$project_index}/index.php?error=user_not_found ");
} else {
if ($user_result[0]['user_password'] != $password) {
header("location: {$project_index}/index.php?error=password_incorrect");
} else {
//novo objeto usuário
$user = new User();
$user->id_user = $user_result[0]['id_user'];
$user->user_name = $user_result[0]['user_name'];
$user->user_email = $user_result[0]['user_email'];
$user->profile_id = $user_result[0]['profile_id'];
$user->profile_name = $user_result[0]['profile_name'];
$user->profile_page = $user_result[0]['profile_page'];