public function validate()
{
# Overloading validate method: http://programmers.stackexchange.com/a/274135
list($old_field, $new_field, $confirm_field) = func_get_args();
$user = User::current();
$old_password = new PasswordValidator($this->request->post($old_field, ''), $user);
$new_password = new PasswordValidator($this->request->post($new_field, ''), $user);
$confirmation = new PasswordValidator($this->request->post($confirm_field, ''), $user);
$this->fields = array($old_field => $old_password, $new_field => $new_password, $confirm_field => $confirmation);
$old_password->validate_present();
$new_password->validate_present();
$confirmation->validate_present();
if ($old_password->is_valid() && $new_password->is_valid()) {
$old_password->authenticate_user_password();
$new_password->validate_min_length();
$new_password->validate_not_user_name();
$this->validate_confirmation_match($new_field, $confirm_field);
}
if ($new_password->is_valid() && $confirmation->is_valid()) {
$this->set_valid_field_value($new_field, $new_password->value);
$this->set_valid_field_value($confirm_field, $confirmation->value);
}
$this->flatten_validator_errors();
return $this->is_valid();
}
public static function current()
{
if (self::$current !== '') {
return self::$current;
}
return self::$current = ($id = Session::getData('user_id')) ? User::find_by_id($id) : null;
}
public function action_index()
{
$id = intval($this->request->param('id'));
$attachment = DB::select()->from('attachments')->where('id', '=', $id)->execute()->current();
if (!preg_match('/^image\\/.*$/i', $attachment['mime']) || $attachment['folder'] == 'Signatures') {
throw new HTTP_Exception_403('Forbidden');
}
$job = Database_Mongo::collection('jobs')->findOne(array('_id' => strval($attachment['job_id'])));
if (!$job) {
throw new HTTP_Exception_404('Not found');
}
if (!Group::current('show_all_jobs') && !in_array((int) User::current('company_id'), Arr::get($job, 'companies', array()), true) && !in_array((int) User::current('company_id'), Arr::get($job, 'ex', array()), true)) {
throw new HTTP_Exception_403('Forbidden');
}
if (!file_exists(DOCROOT . 'storage/' . $id)) {
throw new HTTP_Exception_404('Not found');
}
list(, $data) = explode(',', file_get_contents('php://input'), 2);
$src = imagecreatefromstring(file_get_contents(DOCROOT . 'storage/' . $id));
$image = imagecreatefromstring(base64_decode($data));
imagealphablending($src, true);
imagesavealpha($src, true);
imagecopyresampled($src, $image, 0, 0, 0, 0, imagesx($src), imagesy($src), imagesx($image), imagesy($image));
if ($attachment['mime'] == 'image/png') {
imagepng($src, DOCROOT . 'storage/' . $id, 9);
} else {
imagejpeg($src, DOCROOT . 'storage/' . $id, 90);
}
if (file_exists(DOCROOT . 'storage/' . $id . '.thumb')) {
unlink(DOCROOT . 'storage/' . $id . '.thumb');
}
imagedestroy($src);
imagedestroy($image);
die(json_encode(array('success' => true)));
}
public function before()
{
parent::before();
if (!User::current('is_admin')) {
throw new HTTP_Exception_403('Forbidden');
}
}
public static function load_current_user(){
if (!isset(self::$current) && !empty($_SESSION['userid'])) {
self::$current = new User($_SESSION['userid']);
Logger::debug('Loading current user ' . self::$current->username);
}
return true;
}
public function handle()
{
#
if ($this->is_console) {
$this->params = $this->service->params;
return $this->console();
}
# If not logged in, redirect to login page
if (!User::is_logged_in()) {
$this->t->flash('Please login to access that page.', 'warning');
return $this->redirect('auth', 'login');
}
# Change password request
if ($this->request->action_is('change-password')) {
$form = new PasswordFormValidator($this->request);
if ($form->validate('old-password', 'new-password', 'new-password-confirm')) {
$user = User::current();
$user->set_password($this->request->post('new-password'));
if ($user->save()) {
$this->t->flash('Your password has been changed.', 'success');
} else {
$this->t->flash('There was a problem saving your password.', 'danger');
}
} else {
$this->t->data('form-validator', $form);
}
$content = $this->render_view('content');
} else {
$content = $this->render_view('content');
}
return $content;
}
public function before()
{
if (!User::current()) {
$this->redirect('/login');
}
$url = str_replace('.', '_', URL::base() . $this->request->uri());
if (isset($_GET[$url])) {
unset($_GET[$url]);
}
if (isset($_GET[$url . '/'])) {
unset($_GET[$url . '/']);
}
if (Group::current('is_admin') || Group::current('show_all_jobs') && Group::current('allow_finance')) {
Pager::$counts[] = 2500;
}
if (Arr::get($_GET, 'limit') && in_array($_GET['limit'], Pager::$counts)) {
DB::update('users')->set(array('list_items' => intval($_GET['limit'])))->where('id', '=', User::current('id'))->execute();
die(json_encode(array('success' => 'true')));
}
if (Arr::get($_GET, 'dismiss')) {
DB::delete('notifications')->where('user_id', '=', User::current('id'))->and_where('id', '=', intval($_GET['dismiss']))->execute();
die(json_encode(array('success' => 'true')));
}
if (!Group::current('allow_assign')) {
Enums::$statuses[Enums::STATUS_UNALLOC] = 'Not active';
}
View::set_global('notifications', DB::select()->from('notifications')->where('user_id', '=', User::current('id'))->order_by('id', 'desc')->execute());
}
public function action_fda()
{
$query = array();
if (!Group::current('allow_assign')) {
$query['$or'] = array(array('companies' => intval(User::current('company_id'))), array('ex' => intval(User::current('company_id'))));
} else {
if (Arr::get($_GET, 'company')) {
$company = is_array($_GET['company']) ? $_GET['company'] : explode(',', $_GET['company']);
$company = array_map('intval', $company);
if (count($company) == 1) {
$company = array_shift($company);
}
$query['$or'] = array(array('companies' => is_array($company) ? array('$in' => $company) : $company), array('ex' => is_array($company) ? array('$in' => $company) : $company));
}
if (Arr::get($_GET, 'region')) {
$query['region'] = strval($_GET['region']);
}
}
if (Arr::get($_GET, 'fsam')) {
$fsam = is_array($_GET['fsam']) ? array_map('strval', $_GET['fsam']) : explode(',', $_GET['fsam']);
$query['data.13'] = count($fsam) == 1 ? array_shift($fsam) : array('$in' => $fsam);
}
$list = Database_Mongo::collection('jobs')->distinct('data.14', $query ?: NULL);
sort($list);
die(json_encode($list));
}
public function testShouldReturnLoggedInUser()
{
$user = User::find_by_name('NeechyUser');
$user->login();
$this->assertInstanceOf('User', User::current());
$this->assertEquals($user->field('name'), User::current('name'));
$this->assertEquals($user->field('name'), User::current()->field('name'));
}
public function login()
{
if (User::current() && User::current()->is_login()) {
return redirect_message(array('admin'), array());
} else {
$this->load_view();
}
}
function test_current()
{
$user = User::$user;
$u2 = User::current();
$this->assertEquals($user, $u2);
User::current($u2);
$u3 = User::current();
$this->assertEquals($user, $u3);
}
/**
* Tests
*/
public function testShouldRedirectUserWhenNotLoggedIn()
{
$request = new NeechyRequest();
# Mock out redirect function (note: 3.7 syntax)
$handler = $this->getMockBuilder('PasswordHandler')->setConstructorArgs(array($request))->setMethods(array('redirect'))->getMock();
$handler->expects($this->any())->method('redirect')->will($this->returnValue('redirected'));
$this->assertNull(User::current());
$redirected = $handler->handle();
$this->assertEquals('redirected', $redirected);
}
public function action_delete()
{
if (!User::current('is_admin') && !Group::current('item_remove')) {
throw new HTTP_Exception_403('Forbidden');
}
$id = $this->request->param('id');
DB::delete('items')->where('id', '=', $id)->execute();
Messages::save('Item was successfully deleted!', 'info');
$this->redirect('/items');
}
public function action_index()
{
$items = DB::select(DB::expr('COUNT(*) as cnt'), DB::expr('COALESCE(`status`, "unattached") as status'))->from('unit_items')->join('tasks', 'left')->on('task_id', '=', 'tasks.id')->group_by('status');
if (!User::current('is_admin') && !Group::current('all_projects')) {
$items->where('company_id', '=', User::current('company_id'));
}
$items = $items->execute()->as_array('status', 'cnt');
$view = View::factory('Dashboard')->bind('items', $items);
$this->response->body($view);
}
public function action_index()
{
$id = $this->request->param('id');
$location = Arr::get($_GET, 'location', '');
$type = Arr::get($_GET, 'type', 'other');
$title = Arr::get($_GET, 'title', 'other');
$job = Database_Mongo::collection('jobs')->findOne(array('_id' => strval($id)));
if (!$job) {
throw new HTTP_Exception_404('Not found');
}
if (!Group::current('show_all_jobs') && !in_array((int) User::current('company_id'), Arr::get($job, 'companies', array()), true) && !in_array((int) User::current('company_id'), Arr::get($job, 'ex', array()), true)) {
throw new HTTP_Exception_403('Forbidden');
}
switch ($type) {
case 'photo-before':
$type = 'Photos';
$filename = $id . '.' . Arr::path($job, 'data.9') . '.' . Arr::path($job, 'data.14') . '.before.%NUM%';
$title = '';
break;
case 'photo-after':
$type = 'Photos';
$filename = $id . '.' . Arr::path($job, 'data.9') . '.' . Arr::path($job, 'data.14') . '.after.%NUM%';
$title = '';
break;
case 'jsa':
$type = 'JSA-forms';
$filename = $id . '.' . Arr::path($job, 'data.9') . '.' . Arr::path($job, 'data.14') . '.JSA.%NUM%';
$title = '';
break;
case 'waiver':
$type = 'Waiver';
$filename = $id . '.' . Arr::path($job, 'data.9') . '.' . Arr::path($job, 'data.14') . '.Waiver.%NUM%';
$title = '';
break;
case 'odtr':
$title = '';
$type = 'otdr-traces';
$filename = '';
break;
default:
$type = 'Other';
$filename = '';
break;
}
$number = DB::select('numbering')->from('attachments')->where('job_id', '=', $id)->and_where('folder', '=', $type)->order_by('numbering', 'desc')->limit(1)->execute()->get('numbering');
$data = array('filename' => $filename, 'mime' => '', 'uploaded' => 0, 'user_id' => User::current('id'), 'job_id' => $id, 'folder' => $type, 'fda_id' => Arr::path($job, 'data.14'), 'address' => trim(preg_replace('/-{2,}/', '-', preg_replace('/[^0-9a-z\\-]/i', '-', Arr::path($job, 'data.8'))), '-'), 'title' => $title, 'numbering' => intval($number) + 1);
$result = Arr::get(DB::insert('attachments', array_keys($data))->values(array_values($data))->execute(), 0);
if (file_exists(DOCROOT . 'storage/' . $result)) {
unlink(DOCROOT . 'storage/' . $result);
}
die(json_encode(array('success' => true, 'id' => $result)));
}
public function action_boms()
{
$id = intval($this->request->param('id'));
if (User::current('is_admin') || Group::current('allow_assign')) {
$result = DB::select('bom_items.id', 'code', 'bom_items.name', 'estimated', array('uoms.name', 'uom'))->from('bom_items')->join('unit_boms', 'left')->on('bom_id', '=', 'bom_items.id')->on('unit_id', '=', DB::expr($id))->on('task_id', '=', DB::expr(0))->join('uoms', 'left')->on('uom', '=', 'uoms.id')->order_by('name', 'asc')->execute()->as_array();
} else {
$result = DB::select('bom_items.id', 'code', 'bom_items.name', DB::expr('0 as estimated'), array('uoms.name', 'uom'))->from('bom_items')->join('uoms', 'left')->on('uom', '=', 'uoms.id')->order_by('name', 'asc')->execute()->as_array();
}
$items = array();
foreach ($result as $item) {
$items[] = array('id' => intval($item['id']), 'code' => $item['code'], 'name' => $item['name'], 'avail' => floatval($item['estimated']), 'uom' => $item['uom'] ?: 'Unknown');
}
header('Content-type: application/json');
die(json_encode($items));
}
public function action_approve()
{
if (!Group::current('allow_assign')) {
throw new HTTP_Exception_403('Forbidden');
}
$id = Arr::get($_GET, 'id');
$submission = Database_Mongo::collection('submissions')->findOne(array('_id' => new MongoId($id)));
if (!$submission || Arr::get($submission, 'active')) {
throw new HTTP_Exception_404('Not found');
}
$job = Database_Mongo::collection('jobs')->findOne(array('_id' => $submission['job_key']));
$value = Arr::get($job, $submission['key'], '');
$update_time = time();
if ($value != $submission['value']) {
$archive = array('data' => array(substr($submission['key'], 5) => array('old_value' => $value, 'new_value' => $submission['value'])), 'fields' => substr($submission['key'], 5), 'job_key' => $job['_id'], 'user_id' => User::current('id'), 'update_time' => $update_time, 'update_type' => 2, 'filename' => 'MANUAL');
$update = array('$set' => array('last_update' => $update_time));
if ($submission['value']) {
$update['$set'][$submission['key']] = $submission['value'];
} else {
$update['$unset'][$submission['key']] = 1;
}
if ($submission['key'] == 'data.44') {
$status = preg_replace('/[^a-z]/', '', strtolower($submission['value']));
if ($status == 'built' && !Arr::path($job, 'data.264')) {
$update['$set']['data.264'] = $update_time;
}
if ($status == 'tested' && !Arr::path($job, 'data.265')) {
$update['$set']['data.265'] = $update_time;
if (!Arr::path($job, 'data.264')) {
$update['$set']['data.264'] = $update_time;
}
}
}
$company = intval(User::get($submission['user_id'], 'company_id'));
$sub = array('$set' => array('admin_id' => User::current('id'), 'process_time' => $update_time, 'active' => -1));
$financial = floatval(DB::select('financial')->from('job_columns')->where('id', '=', substr($submission['key'], 5))->execute()->get('financial'));
if ($financial && !in_array($company, Arr::get($job, 'companies', array()), true)) {
$sub['$set']['financial_time'] = 0;
}
Database_Mongo::collection('archive')->insert($archive);
Database_Mongo::collection('jobs')->update(array('_id' => $job['_id']), $update);
Database_Mongo::collection('submissions')->update(array('_id' => new MongoId($id)), $sub);
}
die(json_encode(array('success' => true)));
}
private function _set_current_user()
{
if (User::$current !== null) {
return;
}
// already set
if (false === ($uid = Session::read('_user_id'))) {
// no user
User::$current = false;
return;
}
// TODO auth by token
$user = User()->find_by_id($uid, array('limit' => 1));
User::$current = empty($user) ? false : $user[0];
// if we've got a user, touch timestamps
if (User::$current) {
User::$current->touch_last_request();
}
}
/**
* Devuelve true si el usuario actual tiene acceso a la URL $url
*
* @param string $url
* @return boolean
*/
public static function open_url($url)
{
list($controller, $action, $type) = controller_action($url);
switch ($controller) {
case 'admin':
$result = acl('p:Admin');
break;
case 'profile':
$result = User::current() instanceof User;
break;
case 'special':
$result = acl('p:Special');
break;
default:
$result = true;
break;
}
return $result;
}
public function before()
{
if (!User::current()) {
$this->redirect('/login');
}
$url = str_replace('.', '_', URL::base() . $this->request->uri());
if (isset($_GET[$url])) {
unset($_GET[$url]);
}
if (isset($_GET[$url . '/'])) {
unset($_GET[$url . '/']);
}
if (Arr::get($_GET, 'limit') && in_array($_GET['limit'], Pager::$counts)) {
DB::update('users')->set(array('list_items' => intval($_GET['limit'])))->where('id', '=', User::current('id'))->execute();
die(json_encode(array('success' => 'true')));
}
if (Arr::get($_GET, 'dismiss')) {
DB::delete('notifications')->where('user_id', '=', User::current('id'))->and_where('id', '=', intval($_GET['dismiss']))->execute();
die(json_encode(array('success' => 'true')));
}
View::set_global('notifications', DB::select()->from('notifications')->where('user_id', '=', User::current('id'))->order_by('id', 'desc')->execute());
}
public function pages($do = '', $id = '')
{
$data = ['heading' => 'Administrasi: Halaman'];
switch ($do) {
case 'form':
if (post('submit')) {
$data = ['id_pengguna' => User::current('id'), 'tgl_input' => date('Y-m-d'), 'judul' => post('judul'), 'alias' => post('alias'), 'konten' => post('konten', false)];
$data['konten'] = str_replace(['<br>', '<br/>'], '', $data['konten']);
if (Page::save($data, $id)) {
if ($id) {
set_alert('success', 'Halaman <b>' . $data['judul'] . '</b> berhasil diperbarui');
} else {
set_alert('success', 'Halaman <b>' . $data['judul'] . '</b> berhasil dibuat');
}
return redirect('admin/pages');
}
set_alert('error', 'Terjadi kesalahan dalam penyimpanan halaman <b>' . $data['judul'] . '</b>');
return redirect($this->uri->path());
}
if ($id) {
$data['data'] = Page::show([Page::primary() => $id])->fetchOne();
}
return $this->render('page-form', $data);
break;
case 'delete':
if (Page::del([Page::primary() => $id])) {
set_alert('success', 'Halaman berhasil terhapus');
} else {
set_alert('error', 'Terjadi kesalahan dalam penghapusan halaman');
}
return redirect('admin/pages');
break;
default:
$data['data'] = Page::show();
return $this->render('page-table', $data);
break;
}
}
public function __construct()
{
parent::__construct();
if (!(User::current() && User::current()->is_login())) {
Session::setData('_flash_message', '', true);
return redirect_message(array('login'), array('_flash_message' => '請先登入,或者您沒有後台權限!'));
}
$class = $this->get_class();
$method = $this->get_method();
$menus_list = array_map(function ($menus) use($class, $method, &$has_active) {
return array_map(function ($item) use($class, $method, &$has_active) {
$has_active |= $a = isset($item['class']) && $item['class'] && $class == $item['class'] && (isset($item['method']) && $item['method']) && $method == $item['method'] || isset($item['class']) && $item['class'] && $class == $item['class'] && !(isset($item['method']) && $item['method']) || !(isset($item['class']) && $item['class']) && (isset($item['method']) && $item['method']) && $method == $item['method'];
return array_merge($item, array('active' => $a));
}, $menus);
}, array_filter(array_map(function ($group) {
return array_filter($group, function ($item) {
return User::current()->in_roles($item['roles']);
});
}, Cfg::setting('menu', 'admin'))));
if (!$has_active) {
return redirect_message(array('admin'), array('_flash_message' => '您沒有此頁面的管理權限。'));
}
$this->set_componemt_path('component', 'admin')->set_frame_path('frame', 'admin')->set_content_path('content', 'admin')->set_public_path('public')->set_title(Cfg::setting('site', 'admin', 'title'))->_add_meta()->_add_css()->_add_js()->add_param('_menus_list', $menus_list);
}
public function controller_init($args)
{
$vars["user"] = User::current();
return $this->GetComponentResponse("./init.tpl", $vars);
}
?>
</tr>
<tr class="pk_cevent_<?php
echo $cevent->id;
?>
<?php
echo $cevent->visible ? '' : 'b_event_hidden';
?>
">
<th class="js_locale_dates"><?php
echo $cevent->date;
?>
</th>
<th>
<?php
if (User::current() && User::current()->is_admin) {
?>
<a class="btn btn-default btn-sm" data-toggle="modal" data-target="#w_event_setting"
data-pk="<?php
echo $cevent->id;
?>
"
data-label="<?php
echo $cevent->team_home;
?>
- <?php
echo $cevent->team_away;
?>
"
data-event_date="<?php
echo $cevent->date;
<?
User::$current = new User();
class User
{
var $groups = array(), $privilege = array(), $data = array('id' => '0', 'email' => '', 'user_name' => 'guest');
static $current = false, $permits = '', $permit_cats = '', $user_lock = 0;
const TBL_NAME = 'account';
function User()
{
if (!isset($_SESSION['user_id'])) {
$_SESSION['user_id'] = 0;
}
if ($_SESSION['user_id']) {
$user = User::getUser((int)$_SESSION['user_id']);
if ($user && (!USER_ACTIVE_ON || (USER_ACTIVE_ON && $user['is_active'] == 0))) {
$this->groups = User::get_groups($user['gids']);
if (!self::checkLock4Ever(true)) {
if (!isset($this->groups[1]) && !isset($this->groups[2]) && $_SESSION['user_id'] != 4 && (trim($user['user_name']) == '' || $user['block_time'] > TIME_NOW || $user['block_time'] == -1)) {
self::$user_lock = 1;
if ($user['block_time'] == -1) { //Khoá vĩnh viễn
$acc_lock = DB::select('acc_lock', 'user_id=' . $user['id'] . ' AND type IN(1,3) ORDER BY id DESC', __LINE__ . __FILE__);
if ($acc_lock) {
if ($acc_lock['type'] == 3) { //Khoá cookie
self::lock4Ever(true, $user['id']);
}
}
function set_current_user()
{
$AnonymousUser = array('id' => null, 'level' => 0, 'name' => "Anonymous", 'pretty_name' => "Anonymous", 'is_anonymous' => true, 'show_samples' => true, 'has_avatar' => false, 'language' => '', 'secondary_languages' => '', 'secondary_language_array' => array(), 'ip_addr' => $_SERVER['REMOTE_ADDR'], 'pool_browse_mode' => 1);
// if(!empty(User::$current)) {
if (!empty($_SESSION[CONFIG::app_name]['user_id'])) {
User::$current = User::find($_SESSION[CONFIG::app_name]['user_id']);
} elseif (isset($_COOKIE['login']) && isset($_COOKIE['pass_hash'])) {
User::$current = User::authenticate_hash($_COOKIE['login'], $_COOKIE['pass_hash']);
} elseif (isset(Request::$params->login) && isset(Request::$params->password_hash)) {
User::$current = User::authenticate(Request::$params->login, Request::$params->password_hash);
} elseif (isset(Request::$params->user['name']) && isset(Request::$params->user['password'])) {
User::$current = User::authenticate(Request::$params->user['name'], Request::$params->user['password']);
}
// vde(User::$current);
if (User::$current) {
# TODO:
// if(User::$current->is_blocked && User::$current->ban && User::$current->ban->expires_at < gmd()) {
// User::$current->update_attribute(array('level'->CONFIG["starting_level"]));
// Ban::destroy_all("user_id = #{@current_user.id}")
// }
} else {
User::$current = User::create_from_array($AnonymousUser);
}
// User::$current = new User('from_array', $AnonymousUser);
// vde(User::$current);
}
public static function limit()
{
return intval(User::current('list_items')) ?: self::$limit;
}
public function action_index()
{
$id = intval($this->request->param('id'));
$attachment = DB::select()->from('attachments')->where('id', '=', $id)->execute()->current();
if (!$attachment) {
throw new HTTP_Exception_404('Not found');
}
if (Arr::get($attachment, 'uploaded')) {
throw new HTTP_Exception_403('Forbidden');
}
$job_id = Arr::get($attachment, 'job_id');
$job = Database_Mongo::collection('jobs')->findOne(array('_id' => strval($job_id)));
if (!$job) {
throw new HTTP_Exception_404('Not found');
}
if (!Group::current('show_all_jobs') && !in_array((int) User::current('company_id'), Arr::get($job, 'companies', array()), true) && !in_array((int) User::current('company_id'), Arr::get($job, 'ex', array()), true)) {
throw new HTTP_Exception_403('Forbidden');
}
if ($_FILES) {
try {
$file = Arr::get($_FILES, 'attachment', array());
$file['name'] = trim(preg_replace('/-{2,}/', '-', preg_replace('/[^0-9a-z\\-\\.]/i', '-', Arr::get($file, 'name', ''))), '-');
preg_match_all("/([0-9]+)/", Arr::get($_SERVER, 'HTTP_CONTENT_RANGE', ''), $matches);
$range = Arr::get($matches, 0);
$size = Arr::get($range, 2, filesize($file['tmp_name']));
if (!is_uploaded_file($file['tmp_name'])) {
die(json_encode(array('attachment' => array('name' => $file['name'], 'size' => $size, 'error' => 'Error!'))));
}
$src = fopen($file['tmp_name'], 'r');
$dest = fopen(DOCROOT . 'storage/' . $id, 'c');
fseek($dest, Arr::get($range, 0, 0));
$buf = fread($src, $size);
fwrite($dest, $buf);
fclose($dest);
fclose($src);
unlink($file['tmp_name']);
if (!$range || Arr::get($range, 1) + 1 == Arr::get($range, 2)) {
$data = array('filename' => $file['name'], 'mime' => $file['type'], 'uploaded' => time());
if ($attachment['filename']) {
$data['filename'] = $attachment['filename'];
$pos = strrpos($file['name'], '.');
if ($pos !== false) {
$data['filename'] .= substr($file['name'], $pos);
}
} else {
$data['filename'] = ($attachment['folder'] == 'Other' ? $attachment['title'] : '') . $file['name'];
}
$data['filename'] = str_replace('%NUM%', $attachment['numbering'], $data['filename']);
Database::instance()->begin();
DB::update('attachments')->set($data)->where('id', '=', $id)->execute();
$filename = $data['filename'];
$data = array('user_id' => User::current('id'), 'job_id' => $attachment['job_id'], 'uploaded' => $data['uploaded'], 'location' => $attachment['location'], 'filename' => $attachment['folder'] . ' / ' . $attachment['fda_id'] . ' / ' . $attachment['address'] . ' / ' . $data['filename'], 'action' => 1);
DB::insert('upload_log', array_keys($data))->values(array_values($data))->execute();
Database::instance()->commit();
Database_Mongo::collection('jobs')->update(array('_id' => $attachment['job_id']), array('$unset' => array('downloaded' => 1), '$set' => array('last_update' => time())));
Messages::save("File " . $file['name'] . ' was successfully uploaded!', 'success');
$is_image = preg_match('/^image\\/.*$/i', $file['type']);
die(json_encode(array('attachment' => array('name' => $file['name'], 'size' => $size, 'content' => '<table><tr>' . (Group::current('allow_assign') ? '<td><a href="' . URL::base() . 'search/view/' . $id . '?delete=' . $id . '"
confirm="Do you really want to delete this attachment? This action can\'t be undone!!!"
class="text-danger glyphicon glyphicon-remove remove-link"></a></td>' : '') . '<td><div class="td-image-center">' . ($is_image ? '<img src="' . URL::base() . 'download/thumb/' . $id . '" alt="Thumbnail" />' : '<img src="http://stdicon.com/' . $file['type'] . '?size=96&default=http://stdicon.com/text" />') . '</div></td><td><a data-id="' . $id . '" class="' . ($is_image && $attachment['folder'] != 'Signatures' ? 'image-attachments' : '') . '" href="' . URL::base() . 'download/attachment/' . $id . '">' . HTML::chars($attachment['folder']) . '<br/>' . HTML::chars($attachment['fda_id']) . '<br/>' . HTML::chars($attachment['address']) . '<br/>' . HTML::chars($filename) . '</a><br/>
- Uploaded ' . date('d-m-Y H:i', $data['uploaded']) . ' by ' . User::current('login') . '</td></tr></table>', 'message' => Messages::render()))));
}
} catch (Exception $e) {
die($e->getMessage());
}
die(json_encode(array('attachment' => array('name' => $file['name'], 'size' => $size))));
}
$view = View::factory("Jobs/UploadFile");
$this->response->body($view);
}
/**
* Returns the current user
*
* @param string $username Optional way to search for a single user
* @return User
*/
public function user($username = null)
{
if (is_null($username)) {
return User::current();
}
try {
return new User($username);
} catch (Exception $e) {
return null;
}
}
</li>
<li><a class="tools" href="<?= URL::base() ?>tools/underbore">Fix underbore</a></li>
<?php endif; ?>
<li><a class="tools" href="<?= URL::base() ?>tools/financial">Fix financial values</a></li>
</ul>
</li>
<?php endif; ?>
<?php if (Group::current('allow_assign')): ?>
<li class="<?= Request::current()->directory() == '' && Request::current()->controller() == 'Attachments' ? 'active' : '' ?>">
<a href="<?= URL::base() ?>attachments">Attachments</a></li>
<?php endif; ?>
<li class="divider"></li>
</ul>
<ul class="nav navbar-nav navbar-right">
<li>
<a href="javascript:;"><?= User::current('login') . (User::current('company_id') ? ' (' . Company::current('name') . ')' : '') ?></a>
</li>
<li><a href="<?= URL::base() ?>login/deauth">Log out</a></li>
</ul>
</div>
</div>
</nav>
<div class="container col-xs-12">
<div class="content">
<?php foreach ($notifications as $notification): ?>
<div class="alert alert-<?= $notification['type'] ?>">
<a href="javascript:;" class="pull-right text-danger notification" data-id="<?= $notification['id'] ?>"><span
class="glyphicon glyphicon-remove"></span></a>
<div><?= $notification['message'] ?></div>
</div>
<?php endforeach; ?>