public function login() { Hooks::addHook('js', 'Controllers\\auth@js'); Hooks::addHook('css', 'Controllers\\auth@css'); $error = 'hi'; $success = 'hi'; if (Session::get('loggedin')) { Url::redirect(); } if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; //validation if (Password::verify($password, $this->_model->getHash($username)) == false) { $error[] = 'Wrong username or password'; } //if validation has passed carry on if (!$error) { Session::set('loggedin', true); Session::set('username', $username); Session::set('memberID', $this->_model->getID($username)); $data = array('lastLogin' => date('Y-m-d G:i:s')); $where = array('memberID' => $this->_model->getID($username)); $this->_model->update($data, $where); $error = 'hi'; Url::redirect(); } } $data['title'] = 'Login'; View::rendertemplate('header', $data); View::render('auth/login', $data, $error, $success); View::rendertemplate('footer', $data); }
public function index() { if (!Session::get('loggedin')) { Url::redirect('login'); } if (isset($_POST['submit']) && $_FILES['fileToUpload']['size'] > 0) { $name = !isset($_POST['productName']) || trim($_POST['productName']) == '' ? '' : $_POST['productName']; $price = !isset($_POST['productPrice']) || trim($_POST['productPrice']) == '' ? 0 : floatval($_POST['productPrice']); $description = !isset($_POST['productDescription']) || trim($_POST['productDescription']) == '' ? '' : $_POST['productDescription']; $target_dir = "uploads/"; $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = pathinfo($target_file, PATHINFO_EXTENSION); // Check if image file is a actual image or fake image if (isset($_POST["submit"])) { $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if ($check !== false) { //echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { //echo "File is not an image."; $uploadOk = 0; } } // Check if file already exists if (file_exists($target_file)) { $error = "Sorry, file already exists." . $error; $uploadOk = 0; } // Check file size if ($_FILES["fileToUpload"]["size"] > 500000) { $error = "Sorry, your file is too large." . $error; $uploadOk = 0; } // Allow certain file formats if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") { $error = "Sorry, only JPG, JPEG, PNG & GIF files are allowed." . $error; $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { $error = "Sorry, your file was not uploaded." . $error; // if everything is ok, try to upload file } else { //if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], str_replace(' ','-',strtolower($target_file)))) { //echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded."; $product['product'] = array('name' => $name, 'price' => $price, 'description' => $description, 'lastUpdate' => date('Y-m-d G:i:s')); $product['image'] = array('image' => file_get_contents($_FILES['fileToUpload']['tmp_name']), 'size' => $_FILES["fileToUpload"]["size"], 'type' => $imageFileType); $this->_model->insertProduct($product); //unlink(str_replace(' ','-',strtolower($target_file))); } } Hooks::addHook('js', 'Controllers\\menu@indexJS'); Hooks::addHook('css', 'Controllers\\menu@indexCss'); $data['title'] = 'index'; $data['username'] = Session::get('username'); View::rendertemplate('header', $data); View::render('menu/index', $data, $error); View::rendertemplate('footer', $data); }
/** * define page title and load template files */ public function index() { $this->data['title'] = 'Admin Dashboard'; View::rendertemplate('header', $this->data); View::rendertemplate('sidebar', $this->data); View::render('dashboard/dashboard.index', $this->data); View::rendertemplate('footer', $this->data); }
/** * define page title and load template files */ public function index() { $data['title'] = 'Welcome'; $data['welcome_message'] = $this->language->get('welcome_message'); View::rendertemplate('home_header', $this->data); View::rendertemplate('sidebar', $this->data); View::render('home/home.index', $this->data); }
/** * load a 404 page with the error message */ public function index() { header("HTTP/1.0 404 Not Found"); $data['title'] = '404'; $data['error'] = $this->_error; View::rendertemplate('header', $data); View::render('error/404', $data); View::rendertemplate('footer', $data); }
public function login() { Hooks::addHook('js', 'Controllers\\auth@js'); Hooks::addHook('css', 'Controllers\\auth@css'); // if(Session::get('loggedin')){ // Url::redirect(); // } $currentUser = ParseUser::getCurrentUser(); if ($currentUser) { // do stuff with the user Url::redirect(); } else { // show the signup or login page } //==============Sign Up Manually========================== // $user = new ParseUser(); // $user->set("username", "yoak"); // $user->set("password", "yoakyoak"); // $user->set("email", "*****@*****.**"); // // other fields can be set just like with ParseObject // $user->set("phone", "0909814465"); // try { // $user->signUp(); // // Hooray! Let them use the app now. // $error = 'Hooray! Let them use the app now.'; // } catch (ParseException $ex) { // // Show the error message somewhere and let the user try again. // echo "Error: " . $ex->getCode() . " " . $ex->getMessage(); // } //==============Sign Up Manually========================== if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; try { $user = ParseUser::logIn($username, $password); Url::redirect(); // Do stuff after successful login. } catch (ParseException $ex) { // The login failed. Check error to see why. $error = "ParseException: " . $ex->getCode() . " " . $ex->getMessage(); } } $data['title'] = 'Login'; View::rendertemplate('header', $data); View::render('auth/login', $data, $error); View::rendertemplate('footer', $data); }
/** * Post : Display post by ID and URL */ public function post($id, $url) { /* Get Post Informations */ $data['post'] = $this->blog->get_post($id, $url); /* Meta Tags */ if (!empty($data['post'][0]->post_title)) { $data['title'] = $data['post'][0]->post_title; } else { $data['title'] = $data['post'][0]->post_name; } $data['meta_description'] = $data['post'][0]->post_meta_description; /* Display View */ if ($url = $data['post'][0]->post_url) { View::renderTemplate('header', $data); View::render('blog/post', $data); View::renderTemplate('footer', $data); } else { View::rendertemplate('header', $data); View::render('error/404', $data); View::rendertemplate('footer', $data); } }
public function signup($slug = null) { $this->data['title'] = 'Join Us'; // $module_slug = $slug[0]; $role = new \models\userrole(); $user = new User(); $this->data['user_role'] = $role->all(); //PULL DATA FROM SITESETTINGS $document = new \Helpers\Document(); $details = $document->siteSettings(); //GET NEW USER STATUS ID $this->model->table('user_status'); $user_status = $this->model->get_row(array("title" => "inactive")); $this->data['reg_form'] = $details['reg_form']; if (isset($_POST) && !empty($_POST)) { if ($_POST['password'] == $_POST['password2']) { $encrypted = md5($_POST['password']); $row_count = $user->get(array("email" => $_POST['email'])); if (count($row_count) >= 1) { $this->data['error'] = 'Email exists in our records, please use a different email'; } else { $insert_array = array('firstname' => $_POST['fname'], 'lastname' => $_POST['lname'], 'email' => $_POST['email'], 'password' => $encrypted, 'role' => $_POST['role'], 'status' => $user_status->id); $hash = $user->register($insert_array); if ($hash != '') { //SEND ACCOUNT DETAILS TO USER $fullname = $_POST['fname'] . ' ' . $_POST['lname']; $subject = 'New Account'; $mail = new \helpers\phpmailer\mail(); $mail->template('welcome'); $mail->generalEmail($_POST['email'], $subject, $fullname, $hash); $this->data['success'] = 'A link has been sent to your email, please click to activate your account'; } else { $this->data['error'] = 'Operation Fails, Please contact admin'; } } } else { $this->data['error'] = 'Password does not match!'; } } View::rendertemplate('header', $this->data); View::render('account/signup', $this->data); View::rendertemplate('footer', $this->data); }
public function edit($parameter) { $item_id = $parameter[0]; $this->data['title'] = 'Add Item'; $this->data['page_section'] = 'edit'; $category_model = new \Models\Category(); $this->data['category'] = $category_model->find($item_id); if (isset($_POST) && !empty($_POST)) { $category_title = $_POST['category_title']; $category_slug = $_POST['category_slug']; $category_modified = time(); $update_array = array('category_title' => $category_title, 'category_modified' => $category_created); $update_array = Gump::xss_clean($update_array); $update_array = Gump::sanitize($update_array); $update_id = $category_model->updateId($update_array, $item_id); if ($update_id > 0) { Session::set('success', 'category edited'); Url::redirect('category'); } } View::rendertemplate('header', $this->data); View::rendertemplate('sidebar', $this->data); View::render('category/category.add', $this->data); View::rendertemplate('footer', $this->data); }
public function edit($param) { $edit_id = $param[0]; $user_model = new User(); if (isset($_POST) && !empty($_POST)) { $artistArray = array('user_firstname' => $_POST['firstname'], 'user_stagename' => $_POST['stagename'], 'user_bio' => $_POST['bio'], 'twitter_handle' => $_POST['twitter_handle'], 'user_modified' => time()); $artistArray = Gump::xss_clean($artistArray); $artistArray = Gump::sanitize($artistArray); $update_id = $user_model->updateId($artistArray, $edit_id); //UPLOAD ATTACHMENT if ($_FILES["image"]["tmp_name"] != '') { //upload image into uploads folder Upload::setName($slug . time()); Upload::resizeUpload($_FILES["image"], UPLOAD_PATH, '450px'); $update_data = array('user_image' => Upload::getFileName('images')); if ($this->user_model->updateId($update_data, $edit_id)) { Session::set('success', 'Artist record edited'); } else { Session::set('error', 'operation fails'); } } if ($update_id > 0) { Session::set('success', 'Artist record edited'); Url::redirect('artist'); } else { Session::set('error', 'operation fails'); } } $this->data['user_data'] = $user_model->find($edit_id); View::rendertemplate('header', $this->data); View::rendertemplate('sidebar', $this->data); View::render('artist/artist.add', $this->data); View::rendertemplate('footer', $this->data); }
public function edit($param) { $song_id = $param[0]; $songModel = new \Models\Song(); $this->data['title'] = 'Edit Song'; $this->data['albums'] = $this->albumModel->all(); $this->data['artist'] = User::artist(); $this->data['genre'] = $this->categoryModel->get(array('category_slug' => 'genre')); $this->data['tags'] = $this->categoryModel->get(array('category_slug' => 'tag')); $this->data['status'] = $this->status_model->get(array('status_slug' => 'album')); if (isset($_POST) && !empty($_POST)) { $songArray = array('song_album_id' => $_POST['album_id'], 'song_user_id' => Session::get('user_id'), 'song_artist_id' => $_POST['artist_id'], 'song_genre_id' => $_POST['genre_id'], 'song_status_id' => $_POST['status_id'], 'song_title' => $_POST['title'], 'song_description' => $_POST['description'], 'song_modified' => time(), 'song_slug' => Url::generateSafeSlug($_POST['title'])); $songArray = Gump::xss_clean($songArray); $songArray = Gump::sanitize($songArray); $update = $songModel->updateId($songArray, $song_id); if ($update > 0) { $message = 'ok'; } else { $message = 'no'; } if ($_FILES["mp3"]["tmp_name"] != '') { //resize youtube image into uploads folder Upload::setName(time()); Upload::upload_file($_FILES["mp3"], UPLOAD_PATH); $filepath = UPLOAD_PATH . Upload::getName(); $outputMp3 = UPLOAD_PATH . 'encoded_' . Upload::getName(); //check bitrate $bitRate = Audio::bitRateSampleRate($filepath, 'bitrate'); $duration = Audio::duration($filepath); if ($bitRate > 128) { $convertMp3 = Audio::convertMp3($filepath, 128, $outputMp3); } if (is_file($outputMp3)) { $updateArray = array('song_file' => 'images/encoded_' . Upload::getName(), 'song_duration' => $duration); unlink($filepath); } else { $updateArray = array('song_file' => Upload::getFileName('images'), 'song_duration' => $duration); } $saveMp3 = $songModel->updateId($updateArray, $song_id); } //UPLOAD SONG COVER if ($_FILES["image"]["tmp_name"] != '') { //upload file into uploads folder Upload::setName(time()); Upload::resizeUpload($_FILES["image"], UPLOAD_PATH, '450px'); $update_data = array('song_image' => Upload::getFileName('images')); $songModel->updateId($update_data, $song_id); } } if ($message == 'ok') { Session::set('success', 'record edited'); Url::redirect('song/item/' . $_POST['album_id']); } else { if ($message == 'no') { $this->data['error'] = 'Operation Fails!'; } } $this->data['song'] = \Models\Song::item($song_id); View::rendertemplate('header', $this->data); View::rendertemplate('sidebar', $this->data); View::render('song/song.edit', $this->data); View::rendertemplate('footer', $this->data); }
public function order() { $currentUser = ParseUser::getCurrentUser(); if ($currentUser) { // do stuff with the user } else { // show the signup or login page Url::redirect('login'); } if (isset($_POST['table'])) { View::render('inventory/order-table', $data, $error); } elseif (isset($_POST['del']) && isset($_POST['objectId'])) { $objectId = $_POST['objectId']; $query = new ParseQuery('Order'); try { $data = 1; } catch (ParseException $ex) { $data = $ex; } $query->equalTo('objectId', $objectId); $order = $query->first(); $order->destroy(); header('Content-type: application/json; charset=utf-8'); echo json_encode(array('result' => $data)); } elseif (isset($_POST['update'])) { $objectId = !isset($_POST['objectId']) || trim($_POST['objectId']) == '' ? '' : $_POST['objectId']; $productId = !isset($_POST['productId']) || trim($_POST['productId']) == '' ? '' : $_POST['productId']; $productName = !isset($_POST['productName']) || trim($_POST['productName']) == '' ? '' : $_POST['productName']; $customerId = !isset($_POST['customerId']) || trim($_POST['customerId']) == '' ? '' : $_POST['customerId']; $customerName = !isset($_POST['customerName']) || trim($_POST['customerName']) == '' ? '' : $_POST['customerName']; $lineId = !isset($_POST['lineId']) || trim($_POST['lineId']) == '' ? '' : $_POST['lineId']; $facebook = !isset($_POST['facebook']) || trim($_POST['facebook']) == '' ? '' : $_POST['facebook']; $telephone = !isset($_POST['telephone']) || trim($_POST['telephone']) == '' ? '' : $_POST['telephone']; $transportDate = !isset($_POST['transportDate']) || trim($_POST['transportDate']) == '' ? null : DateTime::createFromFormat('d/m/Y', $_POST['transportDate']); $address = !isset($_POST['address']) || trim($_POST['address']) == '' ? '' : $_POST['address']; $transportStatus = !isset($_POST['transportStatus']) || trim($_POST['transportStatus']) == '' ? '' : $_POST['transportStatus']; $transferStatus = !isset($_POST['transferStatus']) || trim($_POST['transferStatus']) == '' ? '' : $_POST['transferStatus']; $trackingNumber = !isset($_POST['trackingNumber']) || trim($_POST['trackingNumber']) == '' ? '' : $_POST['trackingNumber']; $contact = ['telephone' => $telephone, 'lineId' => $lineId, 'facebook' => $facebook]; if ($_FILES['fileToUpload']['size'] > 0) { $target_file = basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION)); $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if ($check !== false) { //echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { //echo "File is not an image."; $uploadOk = 0; } // Check file size if ($_FILES["fileToUpload"]["size"] > 500000) { $error = "Sorry, your file is too large." . $error; $uploadOk = 0; } // Allow certain file formats if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") { $error = "Sorry, only JPG, JPEG, PNG & GIF files are allowed." . $error; $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { $error = "Sorry, your file was not uploaded." . $error; // if everything is ok, try to upload file } else { $imageFile = ParseFile::createFromData(file_get_contents($_FILES['fileToUpload']['tmp_name']), $target_file); $query = new ParseQuery('Order'); $query->equalTo('objectId', $objectId); $order = $query->first(); $order->set('productId', $productId); $order->set('productName', $productName); $order->set('customerName', $customerName); $order->set('customerId', $customerId); $order->setAssociativeArray('contact', $contact); $order->set('slipPayin', $imageFile); $order->set('transportDate', $transportDate); $order->set('address', $address); $order->set('transportStatus', $transportStatus); $order->set('transferStatus', $transferStatus); $order->set('trackingNumber', $trackingNumber); $order->save(); } } else { $query = new ParseQuery('Order'); $query->equalTo('objectId', $objectId); $order = $query->first(); $order->set('productId', $productId); $order->set('productName', $productName); $order->set('customerName', $customerName); $order->set('customerId', $customerId); $order->setAssociativeArray('contact', $contact); $order->set('transportDate', $transportDate); $order->set('address', $address); $order->set('transportStatus', $transportStatus); $order->set('transferStatus', $transferStatus); $order->set('trackingNumber', $trackingNumber); $order->save(); } } else { if (isset($_POST['submit'])) { $productId = !isset($_POST['productId']) || trim($_POST['productId']) == '' ? '' : $_POST['productId']; $productName = !isset($_POST['productName']) || trim($_POST['productName']) == '' ? '' : $_POST['productName']; $customerId = !isset($_POST['customerId']) || trim($_POST['customerId']) == '' ? '' : $_POST['customerId']; $customerName = !isset($_POST['customerName']) || trim($_POST['customerName']) == '' ? '' : $_POST['customerName']; $lineId = !isset($_POST['lineId']) || trim($_POST['lineId']) == '' ? '' : $_POST['lineId']; $facebook = !isset($_POST['facebook']) || trim($_POST['facebook']) == '' ? '' : $_POST['facebook']; $telephone = !isset($_POST['telephone']) || trim($_POST['telephone']) == '' ? '' : $_POST['telephone']; $transportDate = !isset($_POST['transportDate']) || trim($_POST['transportDate']) == '' ? null : DateTime::createFromFormat('d/m/Y', $_POST['transportDate']); $transportStatus = !isset($_POST['transportStatus']) || trim($_POST['transportStatus']) == '' ? '' : $_POST['transportStatus']; $transferStatus = !isset($_POST['transferStatus']) || trim($_POST['transferStatus']) == '' ? '' : $_POST['transferStatus']; $trackingNumber = !isset($_POST['trackingNumber']) || trim($_POST['trackingNumber']) == '' ? '' : $_POST['trackingNumber']; $contact = ['telephone' => $telephone, 'lineId' => $lineId, 'facebook' => $facebook]; if ($_FILES['fileToUpload']['size'] > 0) { $target_file = basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION)); $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if ($check !== false) { //echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { //echo "File is not an image."; $uploadOk = 0; } // Check file size if ($_FILES["fileToUpload"]["size"] > 500000) { $error = "Sorry, your file is too large." . $error; $uploadOk = 0; } // Allow certain file formats if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") { $error = "Sorry, only JPG, JPEG, PNG & GIF files are allowed." . $error; $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { $error = "Sorry, your file was not uploaded." . $error; // if everything is ok, try to upload file } else { $imageFile = ParseFile::createFromData(file_get_contents($_FILES['fileToUpload']['tmp_name']), $target_file); $order = new ParseObject('Order'); $order->set('productId', $productId); $order->set('productName', $productName); $order->set('customerName', $customerName); $order->set('customerId', $customerId); $order->setAssociativeArray('contact', $contact); $order->set('slipPayin', $imageFile); $order->set('transportDate', $transportDate); $order->set('address', $address); $order->set('transportStatus', $transportStatus); $order->set('transferStatus', $transferStatus); $order->set('trackingNumber', $trackingNumber); $order->save(); } } else { $order = new ParseObject('Order'); $order->set('productId', $productId); $order->set('productName', $productName); $order->set('customerName', $customerName); $order->set('customerId', $customerId); $order->setAssociativeArray('contact', $contact); $order->set('transportDate', $transportDate); $order->set('address', $address); $order->set('transportStatus', $transportStatus); $order->set('transferStatus', $transferStatus); $order->set('trackingNumber', $trackingNumber); $order->save(); } Url::redirect('order'); } $sidemenu = new ParseQuery('SideMenu'); $result = $sidemenu->find(); Hooks::addHook('js', 'Controllers\\inventory\\Order@JS'); Hooks::addHook('css', 'Controllers\\inventory\\Order@CSS'); $data['title'] = 'รายการสั่งซื้อสินค้า'; $data['username'] = $currentUser->get('username'); $data['sidemenu'] = $result; View::rendertemplate('header', $data); View::render('inventory/order', $data, $error); View::rendertemplate('footer', $data); } }
public function newsletter() { $action = $_GET['action']; $newsletter_model = new \models\newsletter(); $user_model = new \models\users(); $this->data['subscribers'] = $newsletter_model->byGroup(); $this->data['title'] = 'Newsletter'; if (isset($_POST) && !empty($_POST)) { $group = $_POST['subscribers']; $content = $_POST['content']; $subject = $_POST['subject']; //$slug = \helpers\url::generateSafeSlug($pagename); $subscribers = $newsletter_model->get(array('group' => $group)); $mail_helper = new \helpers\phpmailer\mail(); foreach ($subscribers as $item) { $mail_helper->template('newsletter'); $mail_helper->newsletter($item->email, $subject, $content); } $this->data['success'] = 'Mails Sent!'; } View::rendertemplate('home_header', $this->data); View::rendertemplate('sidebar', $this->data); View::render('crm/newsletter', $this->data); View::rendertemplate('footer', $this->data); }
public function view($param) { $sms_model = new \models\sms(); $smsgroup_model = new \models\smsgroup(); $user = new \models\users(); if (isset($action) && !empty($action)) { switch ($action) { case 'delete': $where_array = array('id' => $action_id); $delete = $sms_model->delete($where_array); if ($delete > 0) { $message = 'ok'; } else { $message = 'no'; } break; default: # code... break; } } if ($message == 'ok') { $this->data['success'] = 'Record Deleted!'; } else { if ($message == 'no') { $this->data['error'] = 'Operation Fails!'; } } $total = count($sms_model->allsms()); $pages = new \helpers\paginator('6', 'p'); $this->data['sms'] = $sms_model->allsms($pages->get_limit()); $pages->set_total($total); $path = DIR . 'sms/view?'; $this->data['page_links'] = $pages->page_links($path, null); $this->data['title'] = 'Users'; View::rendertemplate('home_header', $this->data); View::rendertemplate('sidebar', $this->data); View::render('sms/sms.all', $this->data); View::rendertemplate('footer', $this->data); }
public function edit($parameter) { $item_id = $parameter[0]; $this->data['title'] = 'Edit Post'; $category_model = new \Models\Category(); $post_model = new \Models\Post(); $album_model = new \models\album(); $this->data['post'] = $post_model->getItem($item_id); $this->data['album_group'] = $album_model->all(); $this->data['post_category_groups'] = $category_model->groupByCol('category_slug'); if (isset($_POST) && !empty($_POST)) { $post_category_id = $_POST['post_category_id']; $post_album_id = $_POST['post_album_id']; $post_title = $_POST['post_title']; $post_body = $_POST['post_body']; $post_link = $_POST['post_link']; $post_excerpt = $_POST['post_excerpt']; $post_slug = Url::generateSafeSlug($post_title); $post_modified = time(); $update_array = array('post_category_id' => $post_category_id, 'post_album_id' => $post_album_id, 'post_title' => $post_title, 'post_body' => $post_body, 'post_link' => $post_link, 'post_excerpt' => $post_excerpt, 'post_slug' => $post_slug, 'post_modified' => $post_modified); $update_array = Gump::xss_clean($update_array); $update_array = Gump::sanitize($update_array); $update_id = $post_model->updateId($update_array, $item_id); //UPLOAD IMAGE if ($_FILES["image"]["tmp_name"] != '') { Upload::setName(uniqid()); Upload::upload_file($_FILES["image"], UPLOAD_PATH); $image_name = Upload::getFileName('images'); $update_data = array('post_image' => $image_name); $update = $post_model->updateId($update_data, $update_id); } if ($update_id > 0) { Session::set('success', 'post edited'); Url::redirect('post'); } } View::rendertemplate('header', $this->data); View::rendertemplate('sidebar', $this->data); View::render('post/post.add', $this->data); View::rendertemplate('footer', $this->data); }
public function edit($param) { $edit_id = $param[0]; $this->data['title'] = 'Edit Settings'; if (isset($_POST) && !empty($_POST)) { $title = $_POST['title']; $value = $_POST['value']; $slug = \helpers\url::generateSafeSlug($title); $update_array = array('site_preference' => $title, 'site_value' => $value); // $update_id = $settings->update($update_array,array('id'=>$edit_id)); $update_id = $this->site_model->updateId($update_array, $edit_id); if ($update_id > 0) { $this->data['success'] = 'Record Updated!'; } else { ${$this}->data['error'] = 'Operation Fails!'; } if ($_FILES["image"]["tmp_name"] != '') { //upload image into uploads folder \helpers\upload::setName(time()); \helpers\upload::upload_file($_FILES["image"], UPLOAD_PATH); $image_name = \helpers\upload::getFileName('images'); $update_data = array('site_file' => $image_name); $update_id = $this->site_model->updateId($update_data, $edit_id); if ($update_id > 0) { $this->data['success'] = 'Record Updated!'; } else { ${$this}->data['error'] = 'Operation Fails!'; } } } $this->data['site_data'] = $this->site_model->find($edit_id); $this->data['settings'] = $this->site_model->all(); View::rendertemplate('header', $this->data); View::rendertemplate('sidebar', $this->data); View::render('settings/settings.index', $this->data); View::rendertemplate('footer', $this->data); }
public function image($param) { $album_id = $param[0]; $this->data['album_id'] = $album_id; if (isset($param[1]) && !empty($param[1])) { $user_id = $param[1]; } $album_detail = $this->albumModel->find($album_id); $this->data['title'] = 'Picture Album'; $total = count($this->mediaModel->media('image')); $pages = new Paginator('6', 'p'); $this->data['albumitems'] = $this->mediaModel->media('image', $pages->getLimit()); $pages->setTotal($total); $path = DIR . 'album/image?'; $this->data['page_links'] = $pages->pageLinks($path, null); View::rendertemplate('header', $this->data); View::rendertemplate('sidebar', $this->data); View::render('album/album.video', $this->data); View::rendertemplate('footer', $this->data); }
public function edituser($param) { $edit_id = $param[0]; $user = new \models\users(); $user_roles = new \models\roles(); $this->data['groups'] = $user->userByrole('group'); $this->data['user_roles'] = $user_roles->all(); if (isset($_POST) && !empty($_POST)) { $fname = $_POST['fname']; $lname = $_POST['lname']; $gender = $_POST['gender']; $email = $_POST['email']; $phone = $_POST['phone']; $password = md5('pass'); $institution = $_POST['institution']; $role = $_POST['role']; $groupid = $_POST['groupid']; if ($groupid == '') { $groupid = 0; } $update_array = array('firstname' => $fname, 'lastname' => $lname, 'email' => $email, 'phone' => $phone, 'password' => $password, 'institution' => $institution, 'role' => $role, 'groupid' => $groupid); $where_array = array('id' => $edit_id); $update_id = $user->update($update_array, $where_array); if ($update_id > 0) { $this->data['success'] = 'User Edited!'; } else { $this->data['error'] = 'Operation Fails!'; } //UPLOAD ATTACHMENT if ($_FILES["image"]["tmp_name"] != '') { //upload image into uploads folder \helpers\upload::setName(uniqid()); \helpers\upload::upload_file($_FILES["image"], UPLOAD_PATH); $image_name = 'gallery/' . \helpers\upload::$filename; $update_data = array('image' => $image_name); $user->update($update_data, $where_array); } //GET INSERTED ID } $this->data['user_data'] = $user->find($edit_id); View::rendertemplate('home_header', $this->data); View::rendertemplate('sidebar', $this->data); View::render('dashboard/adduser', $this->data); View::rendertemplate('footer', $this->data); }
public function password() { $this->data['title'] = 'Change Password'; $userModel = new User(); $user_id = Session::get('user')->user_id; $user_details = $userModel->get(array('user_id' => $user_id, 'user_password' => md5($_POST['old_password']))); if (isset($_POST['password1']) && !empty($_POST['password1'])) { if (count($user_details) > 0) { if ($_POST['password1'] == $_POST['password2']) { //update user db $update_array = array('user_password' => md5($_POST['password1'])); $update_array = Gump::xss_clean($update_array); $update_array = Gump::sanitize($update_array); $update_id = $user_model->updateId($update_array, $user_id); if ($update_id > 0) { Session::set('success', 'Password Changed'); } else { Session::set('error', 'Operation Fails!'); } } else { Session::set('error', 'Incorrect match, password change fails!'); } } else { Session::set('error', 'Incorrect match, password change fails!'); } } View::rendertemplate('header', $this->data); View::render('workspace/workspace.password', $this->data); View::rendertemplate('footer', $this->data); }
public function signup($slug = null) { $this->data['title'] = 'Join Us'; $statusModel = new Status(); $roleModel = new Role(); $userModel = new User(); if (isset($_POST['email']) && !empty($_POST['email'])) { $firstname = $_POST['firstname']; $email = $_POST['email']; if ($_POST['password'] == $_POST['password2']) { $encrypted = md5($_POST['password']); $row_count = $userModel->getColRow('user_email', $email); if (!is_bool($row_count)) { Session::set('error', 'Email exists in our records, please use a different email'); } else { $userArray = array('user_firstname' => $firstname, 'user_email' => $email, 'user_password' => $encrypted, 'user_role_id' => Role::id('user'), 'user_status_id' => Status::id('active')); $userArray = Gump::xss_clean($userArray); $userArray = Gump::sanitize($userArray); $is_valid = Gump::is_valid($userArray, array('user_firstname' => 'required|max_len,200|min_len,1', 'user_email' => 'required|max_len,200|min_len,1', 'user_password' => 'required|max_len,200|min_len,1')); if ($is_valid === true) { $user_id = $userModel->create($userArray); if ($user_id > 0) { $slug = Url::generateSafeSlug($firstname . $user_id); //send email $subject = 'Welcome to GbeduMobile'; $content .= "You just opened a new account with us, Get login details below<br><br>"; $content .= "Username: "******"<br>"; $content .= "Password: "******"<br>"; if (ENVIRONMENT == 'production') { $mail = new Mail(); $mail->general($email, $subject, $firstname, $content); } Session::set('success', 'Login details has been sent to your email, Congrats!'); Url::redirect('home'); } else { Session::set('error', 'Operation Fails, Please contact admin'); } } else { Session::set('error', $is_valid); } } } else { Session::set('error', 'Password does not match!'); } } View::rendertemplate('header', $this->data); View::render('account/signup', $this->data); View::rendertemplate('footer', $this->data); }
public function ResendActivation() { // Check to make sure user is NOT logged in if ($this->auth->isLoggedIn()) { Url::redirect(); } // Check to make sure user is trying to login if (isset($_POST['submit'])) { // Check to make sure the csrf token is good if (Csrf::isTokenValid()) { // Catch email input using the Request helper $email = Request::post('email'); // Run the Activation script if ($this->auth->resendActivation($email)) { // Success $success[] = Language::show('success_msg_resend_activation', 'Auth'); } else { // Fail $error[] = Language::show('error_msg_resend_activation', 'Auth'); } } } else { // No GET information - Send User to index //Url::redirect(); } $data['title'] = Language::show('title_resend_activation', 'Auth'); $data['csrf_token'] = Csrf::makeToken(); // Setup Breadcrumbs $data['breadcrumbs'] = "\n\t\t\t<li><a href='" . DIR . "'>Home</a></li>\n\t\t\t<li class='active'>" . $data['title'] . "</li>\n\t\t"; View::rendertemplate('header', $data); View::render('auth/ResendActivation', $data, $error, $success); View::rendertemplate('footer', $data); }
public function allpagesedit($param) { $page_rowid = $param[0]; $this->data['title'] = 'Edit Content'; if (isset($_POST) && !empty($_POST)) { $subto = $_POST['subto']; $plugin = $_POST['plugin']; $content = $_POST['content']; $homepage = $_POST['homepage']; $header_menu = $_POST['header_menu']; $footer_menu = $_POST['footer_menu']; $redirecturl = $_POST['redirecturl']; $album = $_POST['album']; $meta_keywords = $_POST['meta_keywords']; $meta_title = $_POST['meta_title']; $meta_description = $_POST['meta_description']; $sort_order = $_POST['sort_order']; //$slug = Url::generateSafeSlug($pagename); $update_array = array('content_plugin' => $plugin, 'content_subto' => $subto, 'content_excerpt' => $_POST['excerpt'], 'content_body' => $_POST['content'], 'content_homepage' => $homepage, 'content_header_menu' => $header_menu, 'content_footer_menu' => $footer_menu, 'content_redirecturl' => $redirecturl, 'content_album' => $album, 'content_meta_keywords' => $meta_keywords, 'content_meta_title' => $meta_title, 'content_meta_description' => $meta_description, 'content_sort_order' => $sort_order); $where_array = array('content_id' => $page_rowid); // $update_array = Gump::xss_clean($update_array); // $update_array = Gump::sanitize($update_array); $update = $this->contentModel->update($update_array, $where_array); if ($_FILES["image1_extra"]["tmp_name"] != '') { //upload image into uploads folder Upload::setName($slug . uniqid()); Upload::upload_file($_FILES["image1_extra"], UPLOAD_PATH); $image_name = Upload::getFileName('images'); $update_data = array('content_banner' => $image_name); $update = $this->contentModel->update($update_data, $where_array); } if ($_FILES["image2_extra"]["tmp_name"] != '') { //upload image into uploads folder Upload::setName($slug . uniqid()); Upload::upload_file($_FILES["image2_extra"], UPLOAD_PATH); $image_name = Upload::getFileName('images'); $update_data = array('content_thumbnail' => $image_name); $update = $this->contentModel->update($update_data, $where_array); } if ($update > 0) { $message = 'ok'; } else { $message = 'no'; } } if ($message == 'ok') { Session::set('success', ' Content Saved!'); } else { if ($message == 'no') { Session::set('error', 'Operation Fails!'); } } $this->data['pages'] = $this->pageModel->all(); $this->data['page_data'] = $this->contentModel->detail($page_rowid); // $this->data['pagecontent_data'] = $this->contentModel->find($insert_id); View::rendertemplate('header', $this->data); View::rendertemplate('sidebar', $this->data); View::render('pages/editcontent', $this->data); View::rendertemplate('footer', $this->data); }
public function register() { //Sanitize Data using Gump helper $_POST = Gump::sanitize($_POST); if (isset($_POST['login'])) { //Validate data using Gump $is_valid = Gump::is_valid($_POST, array('login' => 'required|alpha_numeric', 'email' => 'required|valid_email', 'password' => 'required', 'password-again' => 'required')); if ($is_valid === true) { //Test for duplicate username` $user = $this->userSQL->prepareFindByLogin($_POST['login']); if ($_POST['password'] != $_POST['password-again']) { $error[] = "Les deux mots de passes doivent être identiques"; } if ($user != false) { $error[] = 'Ce compte existe déjà'; } $user = $this->userSQL->prepareFindByEmail($_POST['email'])->execute(); //Test for dupicate email address if (count($user) > 0) { $error[] = 'Ce compte email existe déjà.'; } } else { $error = $is_valid; } if (!$error) { //Register and return the data as an array $data[] $user = new Utilisateur($_POST['login'], $_POST['email'], Password::make($_POST['password']), ""); $this->entityManager->save($user); Session::set('id', $user->getId()); Session::set('login', $user->login); Session::set('loggedin', true); Url::redirect(); } } $data['title'] = 'Inscription'; View::rendertemplate('header', $data); View::render('user/register', $data, $error); View::rendertemplate('footer', $data); }
public function product() { // if(!Session::get('loggedin')){ // Url::redirect('login'); // } $currentUser = ParseUser::getCurrentUser(); if ($currentUser) { // do stuff with the user } else { // show the signup or login page Url::redirect('login'); } if (isset($_POST['table'])) { View::render('inventory/product-table', $data, $error); } elseif (isset($_POST['del']) && isset($_POST['objectId'])) { $objectId = $_POST['objectId']; $query = new ParseQuery('Product'); try { $data = 1; } catch (ParseException $ex) { $data = $ex; } $query->equalTo('objectId', $objectId); $product = $query->first(); $product->destroy(); header('Content-type: application/json; charset=utf-8'); echo json_encode(array('result' => $data)); } elseif (isset($_POST['update'])) { $objectId = !isset($_POST['objectId']) || trim($_POST['objectId']) == '' ? '' : $_POST['objectId']; $name = !isset($_POST['productName']) || trim($_POST['productName']) == '' ? '' : $_POST['productName']; $price = !isset($_POST['productPrice']) || trim($_POST['productPrice']) == '' ? 0 : floatval($_POST['productPrice']); $description = !isset($_POST['productDescription']) || trim($_POST['productDescription']) == '' ? '' : $_POST['productDescription']; if ($_FILES['fileToUpload']['size'] > 0) { $target_file = basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION)); $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if ($check !== false) { //echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { //echo "File is not an image."; $uploadOk = 0; } // Check file size if ($_FILES["fileToUpload"]["size"] > 500000) { $error = "Sorry, your file is too large." . $error; $uploadOk = 0; } // Allow certain file formats if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") { $error = "Sorry, only JPG, JPEG, PNG & GIF files are allowed." . $error; $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { $error = "Sorry, your file was not uploaded." . $error; // if everything is ok, try to upload file } else { $imageFile = ParseFile::createFromData(file_get_contents($_FILES['fileToUpload']['tmp_name']), $target_file); $query = new ParseQuery('Product'); $query->equalTo('objectId', $objectId); $product = $query->first(); $product->set('name', $_POST['productName']); $product->set('price', $price); $product->set('description', $description); $product->set('picture', $imageFile); $product->save(); } } else { $query = new ParseQuery('Product'); $query->equalTo('objectId', $objectId); $product = $query->first(); $product->set('name', $name); $product->set('price', $price); $product->set('description', $description); $product->save(); } } else { if (isset($_POST['submit'])) { $name = !isset($_POST['productName']) || trim($_POST['productName']) == '' ? '' : $_POST['productName']; $price = !isset($_POST['productPrice']) || trim($_POST['productPrice']) == '' ? 0 : floatval($_POST['productPrice']); $description = !isset($_POST['productDescription']) || trim($_POST['productDescription']) == '' ? '' : $_POST['productDescription']; if ($_FILES['fileToUpload']['size'] > 0) { $target_file = basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION)); $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if ($check !== false) { //echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { //echo "File is not an image."; $uploadOk = 0; } // Check file size if ($_FILES["fileToUpload"]["size"] > 500000) { $error = "Sorry, your file is too large." . $error; $uploadOk = 0; } // Allow certain file formats if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") { $error = "Sorry, only JPG, JPEG, PNG & GIF files are allowed." . $error; $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { $error = "Sorry, your file was not uploaded." . $error; // if everything is ok, try to upload file } else { $imageFile = ParseFile::createFromData(file_get_contents($_FILES['fileToUpload']['tmp_name']), $target_file); $product = new ParseObject('Product'); $product->set('name', $name); $product->set('price', $price); $product->set('description', $description); $product->set('picture', $imageFile); $product->save(); } } else { $product = new ParseObject('Product'); $product->set('name', $name); $product->set('price', $price); $product->set('description', $description); $product->save(); } Url::redirect('product'); } $sidemenu = new ParseQuery('SideMenu'); $result = $sidemenu->find(); Hooks::addHook('js', 'Controllers\\inventory\\Product@JS'); Hooks::addHook('css', 'Controllers\\inventory\\Product@CSS'); $data['title'] = 'สินค้า'; $data['username'] = $currentUser->get('username'); $data['sidemenu'] = $result; View::rendertemplate('header', $data); View::render('inventory/product', $data, $error); View::rendertemplate('footer', $data); } }