function reindexAction() { if (!Pandamp_Controller_Action_Helper_IsAllowed::isAllowed('indexing', 'all')) { die("You are not authorized to access this page."); } $indexing = Pandamp_Application::getResource('indexing'); $indexing->reIndexCatalog(); }
function preDispatch() { $this->_helper->layout->setLayout('store'); $auth = Zend_Auth::getInstance(); $identity = Pandamp_Application::getResource('identity'); $loginUrl = $identity->loginUrl; /* $multidb = Pandamp_Application::getResource('multidb'); $multidb->init(); $db = $multidb->getDb('db2'); */ $sReturn = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; $sReturn = base64_encode($sReturn); //$sso = new Pandamp_Session_Remote(); //$user = $sso->getInfo(); if (!$auth->hasIdentity()) { //$this->_forward('login','account','admin'); $this->_redirect($loginUrl . '?returnUrl=' . $sReturn); } else { $this->_user = $auth->getIdentity(); $zl = Zend_Registry::get("Zend_Locale"); $acl = Pandamp_Acl::manager(); //if (!$acl->checkAcl("site",'all','user', $this->_user->username, false,false)) if (!Pandamp_Controller_Action_Helper_IsAllowed::isAllowed('store', 'all')) { //$this->_redirect(ROOT_URL.'/'.$zl->getLanguage().'/error/restricted'); $this->_forward('restricted', 'error', 'admin', array('lang' => $zl->getLanguage())); } // [TODO] else: check if user has access to admin page and status website is online $tblSetting = new App_Model_Db_Table_Setting(); $rowset = $tblSetting->find(1)->current(); if ($rowset) { if ($rowset->status == 1 && $zl->getLanguage() == 'id' || $rowset->status == 2 && $zl->getLanguage() == 'en' || $rowset->status == 3) { // it means that user offline other than admin $aReturn = App_Model_Show_AroGroup::show()->getUserGroup($this->_user->packageId); if (isset($aReturn['name'])) { //if (($aReturn[1] !== "admin")) if ($aReturn['name'] !== "Master" && $aReturn['name'] !== "Super Admin") { $this->_forward('temporary', 'error', 'admin'); } } } } // check session expire /* $timeLeftTillSessionExpires = $_SESSION['__ZF']['Zend_Auth']['ENT'] - time(); if (Pandamp_Lib_Formater::diff('now', $this->_user->dtime) > $timeLeftTillSessionExpires) { $db->update('KutuUser',array('ses'=>'*'),"ses='".Zend_Session::getId()."'"); $flashMessenger = Zend_Controller_Action_HelperBroker::getStaticHelper('FlashMessenger'); $flashMessenger->addMessage('Session Expired'); $auth->clearIdentity(); $this->_redirect($loginUrl.'?returnUrl='.$sReturn); } $dat = Pandamp_Lib_Formater::now(); $db->update('KutuUser',array('dtime'=>$dat),"ses='".Zend_Session::getId()."'"); */ } }
/** * Kick all user * */ function kickallAction() { $this->_helper->getHelper('layout')->disableLayout(); $this->_helper->getHelper('viewRenderer')->setNoRender(); $request = $this->getRequest(); $result = 'RESULT_ERROR'; if (Pandamp_Controller_Action_Helper_IsAllowed::isAllowed('membership', 'all')) { if ($request->isPost()) { $id = $request->getPost('id'); $ids = array(); $ids = Zend_Json::decode($id); foreach ($ids as $id) { $modelUser = new App_Model_Db_Table_User(); $modelUser->update(array('ses' => '*'), array('kopel = ?' => $id)); $modelSession = new App_Model_Db_Table_Session(); $rowSession = $modelSession->fetchRow("sessionData LIKE '%{$id}%'"); if ($rowSession) { /** * Destroy any active session identified by sessionId */ try { session_id($rowSession->sessionId); session_destroy(); } catch (Exception $e) { } } } } $result = 'RESULT_OK'; } $this->getResponse()->setBody($result); }
public function editAction() { if (!Pandamp_Controller_Action_Helper_IsAllowed::isAllowed('membership', 'all')) { $this->_redirect(ROOT_URL . '/' . $this->_zl->getLanguage() . '/error/restricted'); } $this->_helper->layout->setLayout('layout-customer-credential'); $id = $this->_getParam("id"); $tblInvoice = new App_Model_Db_Table_Invoice(); $rowset = $tblInvoice->find($id)->current(); $this->view->row = $rowset; if ($this->getRequest()->isPost()) { $rowset->price = $this->getRequest()->getPost('price'); $rowset->discount = $this->getRequest()->getPost('disc'); $rowset->invoiceOutDate = $this->getRequest()->getPost('invoiceOutDate'); $rowset->invoiceConfirmDate = $this->getRequest()->getPost('invoiceConfirmDate'); $rowset->clientBankAccount = $this->getRequest()->getPost('clientBankAccount'); $rowset->isPaid = $this->getRequest()->getPost('isPaid'); $rowset->expirationDate = $this->getRequest()->getPost('expirationDate'); $rowset->save(); $notes = date("Y-m-d h:i:s") . ' ' . $this->_user->username . " - Modify invoice:" . $id; $data = array('notes' => new Zend_Db_Expr("CONCAT(ifnull(notes,''),' \n{$notes}')")); $modelUser = new App_Model_Db_Table_User(); $modelUser->update($data, "kopel='" . $this->getRequest()->getPost('uid') . "'"); $this->_redirect(ROOT_URL . '/' . $this->_zl->getLanguage() . '/customer/user/invoicelist/id/' . $this->getRequest()->getPost('uid')); } }
public function getalluserAction() { $this->_helper->layout()->disableLayout(); //params: $folderGuid,$start,$limit,orderBy $r = $this->getRequest(); //$q = ($r->getParam('q'))? base64_decode($r->getParam('q')) : "1=1"; $pColumns = array('ku.kopel', 'ku.username', 'ku.company', 'ku.email', 'gag.value', 'kus.status'); $sWhere = ""; if ($r->getParam('q')) { $q = base64_decode($r->getParam('q')); for ($i = 0; $i < count($pColumns); $i++) { $sWhere .= $pColumns[$i] . " LIKE '%" . mysql_real_escape_string($q) . "%' OR "; } $sWhere = substr_replace($sWhere, "", -3); } else { $sWhere = "1=1"; } $start = $r->getParam('start') ? $r->getParam('start') : 0; $limit = $r->getParam('limit') ? $r->getParam('limit') : 0; $orderBy = $r->getParam('orderBy') ? $r->getParam('sortBy') : 'firstname'; $sortOrder = $r->getParam('sortOrder') ? $r->getParam('sortOrder') : ' asc'; $a = array(); $obj = new Pandamp_Crypt_Password(); $tblUser = new App_Model_Db_Table_User(); //echo $q;die(); //$rowset = $tblUser->fetchAll($sWhere, 'kopel ASC', $limit, $start); $rowset = App_Model_Show_User::show()->fetchUser($sWhere, $start, $limit); if (count($rowset) == 0) { $a['users'][0]['kopel'] = 'XXX'; $a['users'][0]['username'] = "******"; $a['users'][0]['company'] = ""; $a['users'][0]['group'] = ''; $a['users'][0]['status'] = ''; } else { $ii = 0; foreach ($rowset as $row) { $a['users'][$ii]['checkbox'] = "<input type='checkbox' name='kopel[]' id='kopel' value='{$row->kopel}' class='check_me'>"; $a['users'][$ii]['kopel'] = $row->kopel; $a['users'][$ii]['username'] = $row->username; $a['users'][$ii]['company'] = $row->company; //$a['users'][$ii]['group']= Pandamp_Controller_Action_Helper_UserGroup::userGroup($row->packageId); $a['users'][$ii]['group'] = $row->value; //$a['users'][$ii]['status']= Pandamp_Controller_Action_Helper_UserStatus::userStatus($row->periodeId); $a['users'][$ii]['status'] = $row->status; $btn = ""; $passwd = ""; $gEx = Pandamp_Controller_Action_Helper_GroupException::groupException(11); if (in_array($row->username, $gEx) && Pandamp_Controller_Action_Helper_UserGroup::userGroup($this->_user->packageId) !== "Master") { $btn .= '-'; $passwd .= ''; } else { if (Pandamp_Controller_Action_Helper_IsAllowed::isAllowed('membership', 'all')) { $btn .= "<a href='" . ROOT_URL . '/' . $this->_zl->getLanguage() . '/customer/user/edit/id/' . $row->kopel . "'>edit</a> "; $btn .= "<a class=\"deleteAction\" rel=\"{$row->kopel}\" href=\"javascript: void(0);\">delete</a> "; $btn .= "<a class=\"resetAction\" rel=\"{$row->kopel}\" href=\"javascript: void(0);\">reset</a>"; // $btn .= "<input type=\"button\" name=\"edit\" value=\"Edit\" onclick=\"javascript: window.location.href='".ROOT_URL.'/'.$this->_zl->getLanguage().'/customer/user/edit/id/'.$row->kopel."'\" class=\"form-button\"> "; // $btn .= "<input type=\"button\" name=\"delete\" value=\"Delete\" id=\"$row->kopel\" class=\"form-button\" /> "; // $btn .= "<input type=\"button\" name=\"reset\" value=\"Reset\" id=\"$row->kopel\" class=\"form-button\" />"; if (Pandamp_Controller_Action_Helper_UserGroup::userGroup($this->_user->packageId) == "Master") { if ($this->is_sha1($row->password)) { $password = $row->password; } else { $password = $obj->decryptPassword($row->password); } $passwd .= "<tr><td> </td><td colspan='6' style='color:green;'>password:<a href='" . ROOT_URL . '/' . $this->_zl->getLanguage() . '/customer/user/edit/id/' . $row->kopel . "'>" . $password . "</a> - " . $row->email . "</td></tr>"; } else { $passwd .= ""; } } else { $btn .= "Edit "; $btn .= "Delete "; $btn .= "Reset"; $passwd .= ""; } } $a['users'][$ii]['action'] = $btn . "<br><div id='kopel_{$row->kopel}'></div>"; $a['users'][$ii]['passwd'] = $passwd; $ii++; } } echo Zend_Json::encode($a); die; }
function editpostingAction() { $zl = Zend_Registry::get("Zend_Locale"); if (!Pandamp_Controller_Action_Helper_IsAllowed::isAllowed('eventcalendar', 'all')) { $this->_redirect(ROOT_URL . '/' . $zl->getLanguage() . '/error/restricted'); } $r = $this->getRequest(); $pid = $r->getParam('pid'); $tblcalendar = new App_Model_Db_Table_Calendar(); $rowedit = $tblcalendar->find($pid)->current(); $day = $rowedit->d; if ($day < 10) { $day = 0 . $day; } $month = $rowedit->m; if ($month < 10) { $month = 0 . $month; } $year = $rowedit->y; $this->view->dateOfEvent = $day . '-' . $month . '-' . $year; $this->view->title = $rowedit->title; $this->view->text = $rowedit->text; $this->view->starttime = $rowedit->start_time; $this->view->endtime = $rowedit->end_time; $this->view->pid = $pid; if ($r->isPost()) { $aData = $r->getParams(); $aData['guid'] = $this->_user->kopel; try { $hol = new Pandamp_Core_Hol_Calendar(); $hol->save($aData); $this->_redirect(ROOT_URL . "/" . $zl->getLanguage() . "/calendar/event/openposting/pid/" . $pid); } catch (Exception $e) { throw new Zend_Exception($e->getMessage()); } } $this->_helper->layout()->headerTitle = "Event Calendar"; }