public function newAction()
{
$this->_form = new Mybase_Form_Project();
$session = new Zend_Session_Namespace('Zend_Auth');
$this->_form->populate(array('iduser' => $session->storage->iduser));
$this->view->form = $this->_form;
$formData = $this->getRequest()->getPost();
if ($this->_request->isPost()) {
if ($this->_form->isValid($formData)) {
$lastInsertId = $this->_model->save($formData);
$acl = new Model_Acl();
if (isset($formData['img'])) {
$account = new Model_Account();
if (!is_dir(ROOT_PATH . '/public/files/' . $account->getId())) {
mkdir(ROOT_PATH . '/public/files/' . $account->getId());
}
mkdir(ROOT_PATH . '/public/files/' . $account->getId() . '/' . $lastInsertId . '/');
rename(ROOT_PATH . '/public/files/tmp/' . $formData['img'], ROOT_PATH . '/public/files/' . $account->getId() . '/' . $lastInsertId . '/' . $formData['img']);
}
$acl->createDefault($lastInsertId, $formData['iduser']);
$this->_flash('New project has been successfully created', 'done');
return $this->_redirect('/' . $lastInsertId . '/team');
} else {
$this->_flash('Formulář není vyplněn správně', 'error', false);
$this->_form->populate($formData);
}
}
}
/**
* Vraci pole ve tvaru "id => jmeno uzivatele"
*
* @param int $idaccount ID uctu
* @param bool|array $companyData Seznam spolecnosti. Prebira bud pole s daty
* (napr vystup metody {@link Model_Company::getFormSelect()}),
* anebo hodnotu true, kdy v tomto pripade provede dotaz do DB.
* @return array
*/
public function getFormSelect($idaccount = null, $companyData = null)
{
$return = array();
if (is_null($idaccount)) {
$account = new Model_Account();
$idaccount = $account->getId();
}
$users = $this->_dbTable->fetchAllEntry('idaccount = ' . $idaccount . '', array('iduser', 'name', 'surname', 'idcompany'));
if (is_null($companyData)) {
foreach ($users as $row) {
$return[$row->iduser] = $row->surname . ' ' . $row->name;
}
} else {
if (is_bool($companyData) and $companyData == true) {
$companies = new Model_Company();
$companyData = $companies->getFormSelect($idaccount);
}
foreach ($companyData as $idcompany => $company) {
foreach ($users as $row) {
if ($idcompany == $row->idcompany) {
$return[$company][$row->iduser] = $row->surname . ' ' . $row->name;
}
}
}
}
return $return;
}
public function loginAction()
{
$this->_form = new Mybase_Form_Login();
if (!$this->getRequest()->isPost()) {
$this->view->form = $this->_form;
} else {
$form = $this->_form;
if (!$form->isValid($_POST)) {
$this->view->form = $form;
$this->_flash('Všechna pole musí být vyplněna', 'error', false);
} else {
$values = $form->getValues();
$auth = Zend_Auth::getInstance();
$authAdapter = new Zend_Auth_Adapter_DbTable(Zend_Db_Table_Abstract::getDefaultAdapter(), 'user_login', 'username', 'password', 'MD5(?)');
$modelAccount = new Model_Account();
$idaccount = $modelAccount->getId($this->_request->account);
$select = $authAdapter->getDbSelect();
$select->where('idaccount = ' . $idaccount);
$authAdapter->setIdentity($values['username']);
$authAdapter->setCredential($values['password']);
$result = $auth->authenticate($authAdapter);
switch ($result->getCode()) {
case Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND:
$this->view->form = $form;
$this->_flash('Špatné uživatelské jméno', 'error', false);
break;
case Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID:
$this->view->form = $form;
$this->_flash('Špatné heslo', 'error', false);
break;
case Zend_Auth_Result::SUCCESS:
$storage = $auth->getStorage();
$storage->write($authAdapter->getResultRowObject(array('email', 'name', 'surname', 'username', 'iduser', 'owner', 'administrator')));
if ($form->getValue('remember') == 1) {
Zend_Session::rememberMe(60 * 60 * 24 * 14);
}
//$this->_redirect('http://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']);
$this->_redirect('/');
break;
case Zend_Auth_Result::FAILURE:
$this->view->form = $form;
$this->_flash('Neznámá chyba (FAILURE)', 'error', false);
break;
case Zend_Auth_Result::FAILURE_IDENTITY_AMBIGUOUS:
$this->view->form = $form;
$this->_flash('"Nejednoznačné"', 'error', false);
break;
case Zend_Auth_Result::FAILURE_UNCATEGORIZED:
$this->view->form = $form;
$this->_flash('Neznámá chyba(FAILURE_UNCATEGORIZED)', 'error', false);
break;
default:
$this->view->form = $form;
$this->_flash('Neznámá chyba (default)', 'error', false);
break;
}
}
}
$this->_helper->layout->disableLayout();
}
public function registerAction()
{
if ($this->oAuth->isLoggedIn()) {
$this->redirect('/');
return;
}
$this->mTemplate->title = $this->getLang('title_registration');
$this->mTemplate->sSectionTitle = $this->getLang('title_registration');
$sUser = $this->post('user_name');
$sPass = $this->post('user_pass');
$sEmail = $this->post('user_email');
$sAccount_name = $this->post('account_name');
$oValidator = new Module_Validator();
$oValidator->field('nick', $sUser, $this->getLang('user.nick'))->rules('required');
$oValidator->field('password', $sPass, $this->getLang('user.password'))->rules('required|md5');
$oValidator->field('email', $sEmail, $this->getLang('user.email'))->rules('required|email');
$oValidator->field('account_name', $sAccount_name, $this->getLang('user.account_name'))->rules('required');
if (isset($_POST['submit'])) {
if ($oValidator->validate()) {
// sprawdzamy czy nie ma juz takiego konta lub usera
$oUser = new Model_User();
$aRes = $oUser->where('email', $sEmail)->getRow();
if (empty($aRes)) {
$oUser->reset();
$oAccount = new Model_Account();
$oAccount->name = $sAccount_name;
if ($iAccountId = $oAccount->save()) {
$oUser->name = $sUser;
$oUser->email = $sEmail;
$oUser->password = $sPass;
$oUser->role_id = 1;
$oUser->account_id = $iAccountId;
if ($oUser->save()) {
$this->redirect('/user/login/');
} else {
$error = $this->getLang('failed_creating_user');
}
} else {
$error = $this->getLang('failed_creating_account');
}
} else {
$error = $this->getLang('user_already_exists');
}
} else {
$error = 'Blad danych wejsciowych.';
$aErrors = $oValidator->getError();
foreach ($aErrors as $sField => $aError) {
$error .= '<br />' . $this->getLang($aError['msg'], $aError['field_name']);
}
}
}
// generate form
$aData = array('label_user' => $this->getLang('user.nick'), 'label_pass' => $this->getLang('user.password'), 'label_email' => $this->getLang('user.email'), 'label_accountname' => $this->getLang('user.account_name'), 'user_name' => $sUser, 'user_pass' => '', 'user_email' => $sEmail, 'account_name' => $sAccount_name, 'submit' => $this->getLang('user.register'), 'error' => isset($error) ? $error : null);
$this->mTemplate->content = View::factory('user/registration_form', $aData)->render();
}
public function getMain()
{
$account = new Model_Account();
$idaccount = $account->getId();
$data = $this->_dbTable->getMainStream($idaccount, null);
$return = array();
foreach ($data as $item) {
$return[$item->idproject]['data'][] = $item;
$return[$item->idproject]['project'] = $item->project;
}
return $return;
}
/**
* Vraci pole ve tvaru "id => nazev spolecnosti"
*
* @param int $idaccount ID uctu
* @param string $nullVal Prvni prvek selectu
* @return array
*/
public function getFormSelect($idaccount = null, $nullVal = null)
{
$return = array();
if (is_null($idaccount)) {
$account = new Model_Account();
$idaccount = $account->getId();
}
$company = $this->_dbTable->fetchAllEntry('idaccount = ' . $idaccount . '', array('idcompany', 'name'));
foreach ($company as $row) {
if (!is_null($nullVal)) {
$return[null] = $nullVal;
}
$return[$row->idcompany] = $row->name;
}
return $return;
}
/**
* Validate password
*
* @access public
* @author Dao Anh Minh
*/
public static function _validation_change_pass($old_pass, $account_id)
{
Validation::active()->set_message('change_pass', 'Mật khẩu cũ không đúng');
$account = Model_Account::query()->where('id', $account_id)->where('password', Auth\Auth::instance()->hash_password($old_pass))->count();
if ($account > 0) {
return true;
} else {
return false;
}
}
public function routeShutdown(Zend_Controller_Request_Abstract $request)
{
$auth = Zend_Auth::getInstance();
$controller = $request->getControllerName();
$action = $request->getActionName();
$module = $request->getModuleName();
$account = new Model_Account();
if ($account->isValidUrl($request->getParam('account'))) {
if ($controller != 'account' and $action != 'activation') {
if (!$auth->hasIdentity()) {
$module = $this->_noauth['module'];
$controller = $this->_noauth['controller'];
$action = $this->_noauth['action'];
}
}
} else {
//throw new Zend_Controller_Dispatcher_Exception('Tohle musím ještě doladit (neni nastaven zadny account, nebo neexistuje)');
}
$request->setModuleName($module);
$request->setControllerName($controller);
$request->setActionName($action);
}
protected function saveAccount()
{
$this->mTemplate->sSectionTitle = $this->getLang('section_title_settings_saving');
$sName = $this->post('name');
$sTime = $this->post('day_end');
$fMaxPrice = $this->post('max_price');
$iEmployeePercent = $this->post('employee_percent');
$sCss = $this->post('css');
$oValidator = new Module_Validator();
$oValidator->field('company_name', $sName)->rules('required|hsc');
$oValidator->field('order_end_time', $sTime)->rules('required');
$oValidator->field('max_price_of_meal', $fMaxPrice)->rules('required|tofloat');
$oValidator->field('employee_cost', $iEmployeePercent)->rules('required|toint');
if ($oValidator->validate()) {
// zapisujemy ustawienia
$oAccaount = new Model_Account($this->oCurrentUser->account_id);
$oAccaount->getRow();
$oAccaount->name = $sName;
$oAccaount->day_end = $sTime;
$oAccaount->max_price = $fMaxPrice;
$oAccaount->employee_percent = $iEmployeePercent;
$oAccaount->css = $sCss;
if ($oAccaount->save()) {
$aMeta = $this->mTemplate->aMeta;
$aMeta[] = '<meta http-equiv="refresh" content="1;url=' . $this->mTemplate->anchor() . '" />';
$this->mTemplate->aMeta = $aMeta;
$this->mTemplate->content = $this->getLang('save_settings_successfull');
return true;
} else {
return $this->getLang('save_settings_failed');
}
} else {
$aErrors = $oValidator->getError();
foreach ($aErrors as $sField => $aError) {
$sMsg .= '<br />' . $this->getLang($aError['msg'], $this->getLang($sField));
}
return $sMsg;
}
}
/**
* Returns an object of the properties for the given Model_Account (ORM)
* @param Model_Account $account Model_Account ORM Object
* @return stdClass stdClass of properties for given Model_Account.
* @throws Exception If Model_Account object is not valid.
*/
protected function _return_account_element($account)
{
$return_object = new stdClass();
// Verify this model.
if (!$account->loaded() or get_class($account) != "Model_Account") {
throw new Exception("Invalid Account.");
}
// Account Details
$return_object->id = $account->id;
$return_object->name = $account->name;
$return_object->code = $account->code;
$return_object->reconcilable = $account->reconcilable ? TRUE : FALSE;
$return_object->terms = (int) $account->terms;
$return_object->balance = (double) $account->balance;
// Account Type
$return_object->type = $this->_return_account_type_element($account->account_type);
return $return_object;
}
function action_editAccount($id = NULL)
{
/* If no ID or bad ID defined, kill it with fire. */
if ($id == NULL || !is_numeric($id)) {
die('No direct access allowed. Go away D:');
}
$acct = ORM::factory('Account', $id);
$fields = $acct->default_fields;
$fields['status']['values'] = Model_Account::getVerifySelectList();
/* If pass is not loaded, we have a problem */
if (!$acct->loaded()) {
$errorMsg = 'That pass does not exist! Maybe someone deleted it while you were busy?<br />';
$this->request->redirect('admin/manageAccounts');
}
// Set headers
$this->template->title = __('Admin: Editing account, ') . $acct->email;
$this->template->heading = __('Admin: Editing account, ') . $acct->email;
$this->template->subheading = __('Edit the details of an account');
if ($post = $this->request->post()) {
//Why not just add to ruleset of account...? Unset password fields for editing an account so validation rules don't trigger?
$extra_validation = Validation::Factory($post);
if ($this->hasValue($post, 'password') || $this->hasValue($post, 'confirm_password')) {
$extra_validation->rule('password', 'matches', array(':validation', 'password', 'confirm_password'));
} else {
unset($post['password']);
unset($post['confirm_password']);
}
$acct->values($post);
try {
$acct->save($extra_validation);
$this->addMessage('Successfully edited ' . $acct->email);
$this->requireVerification($acct);
// Require verification if status UNVERIFIED.
$this->request->redirect('admin/manageAccounts');
} catch (ORM_Validation_Exception $e) {
$this->parseErrorMessages($e);
} catch (Exception $e) {
$this->addError("Oops. Something went wrong and it's not your fault. Contact the system maintainer please!");
}
} else {
$post = $acct->as_array();
}
//Parse UNIX timestamp back to something we can use.
$this->template->content = new View('admin/Account', array('row' => $acct->as_array(), 'fields' => $fields, 'callback' => "editAccount/{$id}"));
}
/**
* Complete the login for a account by incrementing the logins and setting
* session data: account_id, accountname, groups
*
* @param object account model object
* @return void
*/
public function complete_login(Model_Account $account)
{
// Update the number of logins
$account->incrNumLogins();
$this->groups = array();
$this->permissions = array();
$groups = array();
array_push($groups, 1);
// registered
foreach ($account->Usergroups->find_all() as $group) {
array_push($groups, intval($group->id));
}
array_unique($groups);
$query = DB::select(array('g.name', 'groupName'), array('p.pkey', 'pkey'))->from(array('usergroups', 'g'))->join(array('usergroups_permissions', 'up'))->on('g.id', '=', 'up.usergroup_id')->join(array('permissions', 'p'))->on('p.id', '=', 'up.permission_id')->where('g.id', 'IN', $groups);
foreach ($query->execute() as $result) {
$this->groups[$result['groupName']] = 1;
$this->permissions[$result['pkey']] = 1;
}
// extra safety to prevent session fixation - http://en.wikipedia.org/wiki/Session_fixation
$this->session->regenerate();
$this->account = serialize($account);
$this->storeAccount($account);
}
/**
* Xóa tài khoản
*
* @param integer $account_id account id
*
* @access public
* @author Dao Anh Minh
*/
public function action_delete($account_id)
{
$account = Model_Account::query()->where('id', $account_id)->get_one();
if (empty($account) or $account->username == 'admin') {
Session::set_flash('error', __('account.account_not_exist'));
Response::redirect('admin/account');
}
if ($account->delete()) {
Session::set_flash('success', __('account.success_delete'));
Response::redirect('admin/account/index');
} else {
Session::set_flash('error', __('common.system_error'));
Response::redirect('admin/account/register');
}
}
