/**
* get admin's avatar picture.
*
* @param integer $account_id
* @return string return element ready for display avatar.
*/
function getAdminAvatar($account_id)
{
// set default avatar
$theme = \Theme::instance();
$doc_root = str_replace('\\', '/', DOCROOT);
$default_avatar_getfile = $theme->asset->get_file('default-avatar.jpg', 'img');
$default_no_avatar = str_replace([$doc_root, \Uri::base()], '', $default_avatar_getfile);
unset($doc_root, $default_avatar_getfile, $theme);
if (!is_numeric($account_id) || intval($account_id) === intval(0)) {
return $default_no_avatar;
}
$cache_name = 'public.themes.sys2.getAdminAvatar-' . \Model_Sites::getSiteId(false) . '-' . $account_id;
$cache_data = \Extension\Cache::getSilence($cache_name);
if (false === $cache_data) {
// if never cached or cache expired.
$result = \DB::select()->as_object()->from('accounts')->where('account_id', $account_id)->execute();
if (count($result) > 0) {
$row = $result->current();
if ($row->account_avatar != null) {
$return_val = $row->account_avatar;
\Cache::set($cache_name, $return_val, 86400);
unset($cache_name);
return $return_val;
}
}
if (!isset($return_val) || isset($return_val) && $return_val == null) {
// not found account or not found avatar.
\Cache::set($cache_name, $default_no_avatar, 86400);
unset($cache_name);
return $default_no_avatar;
}
}
unset($cache_name);
return $cache_data;
}
/**
* update account levels
*
* @param integer $account_id
* @param array $data_level
* @return boolean
*/
public function updateLevels($account_id = '', $data_level = array())
{
// delete not exists level
$lvls = static::query()->where('account_id', $account_id);
if ($lvls->count() > 0) {
foreach ($lvls->get() as $lvl) {
if (!in_array($lvl->level_group_id, $data_level)) {
\DB::delete(static::$_table_name)->where('account_id', $account_id)->where('level_id', $lvl->level_id)->execute();
}
}
}
unset($lvls, $lvl);
// update or insert fields
if (is_array($data_level) && !empty($data_level)) {
foreach ($data_level as $level_group_id) {
$result = \DB::select()->from(static::$_table_name)->where('account_id', $account_id)->where('level_group_id', $level_group_id)->execute();
if (count($result) <= 0) {
// not exists, use insert.
\DB::insert(static::$_table_name)->set(['account_id' => $account_id, 'level_group_id' => $level_group_id])->execute();
}
unset($result);
}
}
// clear cache
\Extension\Cache::deleteCache('model.accountLevelPermission-checkLevelPermission-' . \Model_Sites::getSiteId(false));
return true;
}
/**
* generate whole page
*
* @param string $view path to view of current controller.
* @param array $output
* @param boolean $auto_filter
* @return view
*/
public function generatePage($view = null, $output = array(), $auto_filter = null)
{
if (!is_array($output)) {
$output = array();
}
// list sites to display links in admin page ------------------------------------------
$cache_name = 'controller.AdminController-generatePage-fs_list_sites';
$cached = \Extension\Cache::getSilence($cache_name);
if (false === $cached) {
$list_sites_option['list_for'] = 'admin';
$list_sites_option['unlimit'] = true;
$list_sites = \Model_Sites::listSites($list_sites_option);
\Cache::set($cache_name, $list_sites, 2592000);
} else {
if (isset($cached['items']) && isset($cached['total'])) {
$list_sites = $cached;
} else {
$list_sites = array('total' => 0, 'items' => array());
}
}
unset($cache_name, $cached);
if (isset($list_sites['total']) && $list_sites['total'] > 1) {
if (isset($list_sites['items']) && is_array($list_sites['items']) && !empty($list_sites['items'])) {
$output['fs_list_sites'] = $list_sites['items'];
} else {
$output['fs_list_sites'] = null;
}
}
unset($list_sites, $list_sites_option);
// end list sites ------------------------------------------------------------------------
// start theme class
$theme = \Theme::instance();
$theme->active($this->theme_system_name);
// load requested controller theme into page_content variable.
$output['page_content'] = $theme->view($view, $output, $auto_filter);
// load main template and put page_content variable in it.
return $theme->view('admin/template', $output, $auto_filter);
}
public function action_index()
{
// check permission
if (\Model_AccountLevelPermission::checkAdminPermission('cacheman_perm', 'cacheman_clearcache_perm') == false) {
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
\Response::redirect(\Uri::create('admin'));
}
// read flash message for display errors.
$form_status = \Session::get_flash('form_status');
if (isset($form_status['form_status']) && isset($form_status['form_status_message'])) {
$output['form_status'] = $form_status['form_status'];
$output['form_status_message'] = $form_status['form_status_message'];
}
unset($form_status);
// if form submitted
if (\Input::method() == 'POST') {
$act = \Input::post('act');
if ($act == 'clear') {
\Extension\Cache::deleteCache('ALL');
\Session::set_flash('form_status', array('form_status' => 'success', 'form_status_message' => \Lang::get('cacheman_all_cleared')));
}
// go back
\Response::redirect(\Uri::create('admin/cacheman'));
}
// <head> output ----------------------------------------------------------------------------------------------
$output['page_title'] = $this->generateTitle(\Lang::get('cacheman'));
// <head> output ----------------------------------------------------------------------------------------------
// breadcrumb -------------------------------------------------------------------------------------------------
$page_breadcrumb = [];
$page_breadcrumb[0] = ['name' => \Lang::get('admin_admin_home'), 'url' => \Uri::create('admin')];
$page_breadcrumb[1] = ['name' => \Lang::get('cacheman'), 'url' => \Uri::create('admin/cacheman')];
$output['page_breadcrumb'] = $page_breadcrumb;
unset($page_breadcrumb);
// breadcrumb -------------------------------------------------------------------------------------------------
return $this->generatePage('admin/templates/cacheman/index_v', $output, false);
}
/**
* member login.
*
* @param array $data
* @return mixed return true on success, return error message on failed.
*/
public static function memberLogin($data = array())
{
if (!isset($data['account_password']) || !isset($data['account_username']) && !isset($data['account_email'])) {
return false;
} else {
if (!isset($data['account_username'])) {
$data['account_username'] = null;
}
if (!isset($data['account_email'])) {
$data['account_email'] = null;
}
}
$query = static::query()->where('account_username', $data['account_username'])->or_where('account_email', $data['account_email']);
if ($query->count() > 0) {
// found
$row = $query->get_one();
// clear cache
\Extension\Cache::deleteCache('model.accounts-checkAccount-' . \Model_Sites::getSiteId() . '-' . $row->account_id);
// check enabled account.
if ($row->account_status == '1') {
// enabled
// check password
if (static::instance()->checkPassword($data['account_password'], $row->account_password, $row) === true) {
// check password passed
// generate session id for check simultaneous login
$session_id = \Session::key('session_id');
// if login set to remember, set expires.
if (\Input::post('remember') == 'yes') {
$expires = \Model_Config::getval('member_login_remember_length') * 24 * 60 * 60;
} else {
$expires = 0;
}
// set cookie
$cookie_account['account_id'] = $row->account_id;
$cookie_account['account_username'] = $row->account_username;
$cookie_account['account_email'] = $row->account_email;
$cookie_account['account_display_name'] = $row->account_display_name;
$cookie_account['account_online_code'] = $session_id;
$cookie_account = \Crypt::encode(serialize($cookie_account));
Extension\Cookie::set('member_account', $cookie_account, $expires);
unset($cookie_account, $expires);
// update last login in accounts table
$accounts = static::find($row->account_id);
$accounts->account_last_login = time();
$accounts->account_last_login_gmt = \Extension\Date::localToGmt();
$accounts->save();
unset($accounts);
// add/update last login session.
$account_session['account_id'] = $row->account_id;
$account_session['session_id'] = $session_id;
$account_site = new \Model_AccountSites();
$account_site->addLoginSession($account_session);
unset($account_session);
// record login
$account_logins = new Model_AccountLogins();
$account_logins->recordLogin($row->account_id, 1, 'account_login_success');
// @todo [fuelstart][account][plug] login success plug.
$plugin = new \Library\Plugins();
if ($plugin->hasAction('AccountLoginSuccess') !== false) {
$plugin->doAction('AccountLoginSuccess', $row->account_id, $row);
}
unset($plugin, $query, $row, $session_id);
// login success
return true;
} else {
// check password failed, wrong password
$account_logins = new Model_AccountLogins();
$account_logins->recordLogin($row->account_id, 0, 'account_wrong_username_or_password');
unset($query, $row);
return \Lang::get('account_wrong_username_or_password');
}
} else {
// account disabled
$account_logins = new Model_AccountLogins();
$account_logins->recordLogin($row->account_id, 0, 'account_was_disabled');
unset($query);
return \Lang::get('account_was_disabled') . ' : ' . $row->account_status_text;
}
}
// not found account. login failed
unset($query);
return \Lang::get('account_wrong_username_or_password');
}
public function action_multiple()
{
$ids = \Input::post('id');
$act = trim(\Input::post('act'));
$redirect = $this->getAndSetSubmitRedirection();
if (\Extension\NoCsrf::check()) {
// if action is delete.
if ($act == 'del') {
// check permission.
if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_delete_perm') == false) {
\Response::redirect($redirect);
}
if (is_array($ids)) {
foreach ($ids as $id) {
// get target level group id
$lvls = \DB::select()->as_object()->from(\Model_AccountLevel::getTableName())->where('account_id', $id)->execute();
// not found
if (count($lvls) <= 0) {
continue;
} else {
// format level group for check can i add, edit
$level_group = array();
foreach ($lvls as $lvl) {
$level_group[] = $lvl->level_group_id;
}
}
if (\Model_Accounts::forge()->canIAddEditAccount($level_group) == true) {
// delete account.
\Model_Accounts::deleteAccount($id);
// clear cache
\Extension\Cache::deleteCache('model.accounts-checkAccount-' . \Model_Sites::getSiteId() . '-' . $id);
}
}
}
} elseif ($act == 'enable') {
// check permission.
if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_delete_perm') == false) {
\Response::redirect($redirect);
}
if (is_array($ids)) {
foreach ($ids as $id) {
if ($id == '0') {
continue;
}
// get target level group id
$lvls = \DB::select()->as_object()->from(\Model_AccountLevel::getTableName())->where('account_id', $id)->execute();
// not found
if (count($lvls) <= 0) {
continue;
} else {
// format level group for check can i add, edit
$level_group = array();
foreach ($lvls as $lvl) {
$level_group[] = $lvl->level_group_id;
}
}
if (\Model_Accounts::forge()->canIAddEditAccount($level_group) == true) {
\DB::update(\Model_Accounts::getTableName())->where('account_id', $id)->set(['account_status' => '1', 'account_status_text' => null])->execute();
unset($entry);
}
// clear cache
\Extension\Cache::deleteCache('model.accounts-checkAccount-' . \Model_Sites::getSiteId() . '-' . $id);
}
}
} elseif ($act == 'disable') {
// check permission.
if (\Model_AccountLevelPermission::checkAdminPermission('account_perm', 'account_delete_perm') == false) {
\Response::redirect($redirect);
}
if (is_array($ids)) {
foreach ($ids as $id) {
if ($id == '0') {
continue;
}
// get target level group id
$lvls = \DB::select()->as_object()->from(\Model_AccountLevel::getTableName())->where('account_id', $id)->execute();
// not found
if (count($lvls) <= 0) {
continue;
} else {
// format level group for check can i add, edit
$level_group = array();
foreach ($lvls as $lvl) {
$level_group[] = $lvl->level_group_id;
}
}
if (\Model_Accounts::forge()->canIAddEditAccount($level_group) == true) {
\DB::update(\Model_Accounts::getTableName())->where('account_id', $id)->set(['account_status' => '0', 'account_status_text' => null])->execute();
}
// clear cache
\Extension\Cache::deleteCache('model.accounts-checkAccount-' . \Model_Sites::getSiteId() . '-' . $id);
}
}
}
}
// go back
\Response::redirect($redirect);
}
/**
* save
*
* @param array $data
* @return boolean
*/
public static function saveData(array $data = array())
{
if (empty($data)) {
return false;
}
foreach ($data as $key => $value) {
\DB::update(static::$_table_name)->value('config_value', $value)->where('config_name', $key)->execute();
}
// clear cache
\Extension\Cache::deleteCache('model.config-getval-' . \Model_Sites::getSiteId(false));
\Extension\Cache::deleteCache('model.config-getvalues-' . \Model_Sites::getSiteId(false));
return true;
}
/**
* check if current site is enabled
*
* @return boolean
*/
public static function isSiteEnabled()
{
// always return true if it is main site. (site id 1).
$site_id = static::getSiteId(false);
if (1 == $site_id) {
return true;
}
// get domain
if (isset($_SERVER['HTTP_HOST'])) {
$site_domain = $_SERVER['HTTP_HOST'];
} elseif (isset($_SERVER['SERVER_NAME'])) {
$site_domain = $_SERVER['SERVER_NAME'];
} else {
$site_domain = 'localhost';
}
$cache_name = 'model.sites-isSiteEnabled-' . \Extension\Security::formatString($site_domain, 'alphanum_dash_underscore');
$cached = \Extension\Cache::getSilence($cache_name);
if (false === $cached) {
$result = \DB::select()->from(static::$_table_name)->where('site_domain', $site_domain)->where('site_status', 1)->execute();
$total = count($result);
unset($result, $site_domain);
if ($total > 0) {
\Cache::set($cache_name, true, 2592000);
return true;
}
\Cache::set($cache_name, 'false', 2592000);
return false;
}
if ('false' === $cached) {
return false;
} else {
return $cached;
}
}
public function action_multiple()
{
$ids = \Input::post('id');
$act = trim(\Input::post('act'));
// set redirect url
$redirect = $this->getAndSetSubmitRedirection();
if (\Extension\NoCsrf::check()) {
if ($act == 'del') {
// check permission.
if (\Model_AccountLevelPermission::checkAdminPermission('siteman_perm', 'siteman_delete_perm') == false) {
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
\Response::redirect($redirect);
}
if (is_array($ids)) {
foreach ($ids as $id) {
\Model_Sites::deleteSite($id);
}
// clear cache
\Extension\Cache::deleteCache('model.sites-getSiteId');
\Extension\Cache::deleteCache('model.sites-isSiteEnabled');
\Extension\Cache::deleteCache('controller.AdminController-generatePage-fs_list_sites');
}
} elseif ($act == 'enable') {
// check permission.
if (\Model_AccountLevelPermission::checkAdminPermission('siteman_perm', 'siteman_edit_perm') == false) {
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
\Response::redirect($redirect);
}
if (is_array($ids)) {
foreach ($ids as $id) {
if ($id == '1') {
continue;
}
\DB::update(\Model_Sites::getTableName())->where('site_id', $id)->set(['site_status' => 1])->execute();
}
// clear cache
\Extension\Cache::deleteCache('model.sites-getSiteId');
\Extension\Cache::deleteCache('model.sites-isSiteEnabled');
\Extension\Cache::deleteCache('controller.AdminController-generatePage-fs_list_sites');
unset($entry);
}
} elseif ($act == 'disable') {
// check permission.
if (\Model_AccountLevelPermission::checkAdminPermission('siteman_perm', 'siteman_edit_perm') == false) {
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('admin_permission_denied', array('page' => \Uri::string()))));
\Response::redirect($redirect);
}
if (is_array($ids)) {
foreach ($ids as $id) {
if ($id == '1') {
continue;
}
\DB::update(\Model_Sites::getTableName())->where('site_id', $id)->set(['site_status' => 0])->execute();
}
// clear cache
\Extension\Cache::deleteCache('model.sites-getSiteId');
\Extension\Cache::deleteCache('model.sites-isSiteEnabled');
\Extension\Cache::deleteCache('controller.AdminController-generatePage-fs_list_sites');
unset($entry);
}
}
}
// go back
\Response::redirect($redirect);
}
/**
* save permissions
*
* @param array $data
* @return boolean
*/
public static function savePermissions(array $data = array())
{
// loop check permission is not in db, insert it.
foreach ($data['level_group_id'] as $key => $lv_groups) {
foreach ($lv_groups as $level_group_id) {
// check if permission is in db or not.
$result = \DB::select()->from(static::$_table_name)->where('level_group_id', $level_group_id)->where('permission_page', $data['permission_page'][$key])->where('permission_action', $data['permission_action'][$key])->execute();
if (count($result) <= 0) {
// not in db. insert it.
\DB::insert(static::$_table_name)->set(['level_group_id' => $level_group_id, 'permission_core' => $data['permission_core'], 'module_system_name' => $data['module_system_name'], 'permission_page' => $data['permission_page'][$key], 'permission_action' => $data['permission_action'][$key]])->execute();
}
}
}
// clear unused variables
unset($key, $level_group_id, $lv_groups, $result);
// now remove permission in db that was not checked.
foreach ($data['permission_action'] as $key => $permission_action) {
if (isset($data['permission_page'][$key])) {
$result = \DB::select()->as_object()->from(static::$_table_name)->where('permission_core', $data['permission_core'])->where('module_system_name', $data['module_system_name'])->where('permission_page', $data['permission_page'][$key])->where('permission_action', $permission_action)->execute();
if (count($result) > 0) {
foreach ($result as $row) {
if (isset($data['level_group_id'][$key])) {
if (!in_array($row->level_group_id, $data['level_group_id'][$key])) {
\DB::delete(static::$_table_name)->where('permission_id', $row->permission_id)->execute();
}
} else {
\DB::delete(static::$_table_name)->where('permission_id', $row->permission_id)->execute();
}
}
}
}
}
// clear unused variables
unset($key, $permission_action, $result, $row);
$data = array();
// clear cache
\Extension\Cache::deleteCache('model.accountLevelPermission-checkLevelPermission-' . \Model_Sites::getSiteId(false));
return true;
}