redirect_browser(module_customer::link_open($_REQUEST['customer_id']));
}
}
if ($user_id == 1 && module_security::get_loggedin_id() != 1) {
set_error('Sorry, only the Administrator can access this page.');
redirect_browser(_UCM_HOST . _BASE_HREF);
}
// permission check.
if (!$user_id) {
// check if can create.
module_security::check_page(array('category' => 'Config', 'page_name' => 'Users', 'module' => 'user', 'feature' => 'Create'));
// are we creating a new user?
$user['roles'] = array(array('security_role_id' => module_config::c('user_default_role', 0)));
} else {
// check if can view/edit.
module_security::check_page(array('category' => 'Config', 'page_name' => 'Users', 'module' => 'user', 'feature' => 'Edit'));
}
// work out the user type and invluce that particular file
/*$user_type_id = (int)$user['user_type_id'];
if(!$user_type_id){
if(in_array('config',$load_modules)){
$user_type_id = 1;
}else{
$user_type_id = 2;
}
}*/
//include('user_admin_edit'.$user_type_id.'.php');
//include('user_admin_edit1.php');
if (isset($user['customer_id']) && $user['customer_id'] || isset($user['vendor_id']) && $user['vendor_id']) {
// we have a contact!
$staff_members = module_user::get_staff_members();
$staff_member_rel = array();
foreach ($staff_members as $staff_member) {
$staff_member_rel[$staff_member['user_id']] = $staff_member['name'];
}
$c = array();
$customers = module_customer::get_customers();
foreach ($customers as $customer) {
$c[$customer['customer_id']] = $customer['customer_name'];
}
if (count($c) == 1) {
$job['customer_id'] = key($c);
}
// check permissions.
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Job', 'page_name' => 'Jobs', 'module' => 'job', 'feature' => 'create'));
}
$job_tasks = module_job::get_tasks($job_id);
?>
<script type="text/javascript">
var completed_tasks_hidden = false; // set with session variable / cookie
var editing_task_id = false;
function show_completed_tasks(){
}
function hide_completed_tasks(){
}
function setamount(a,task_id){
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!$module->can_i('view', 'Products') || !$module->can_i('edit', 'Products')) {
redirect_browser(_BASE_HREF);
}
// check permissions.
if (class_exists('module_security', false)) {
if ($product_category_id > 0 && $product_category['product_category_id'] == $product_category_id) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Product', 'page_name' => 'Products', 'module' => 'product', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Product', 'page_name' => 'Products', 'module' => 'product', 'feature' => 'Create'));
}
module_security::sanatise_data('product', $product_category);
}
?>
<form action="" method="post" id="product_category_form">
<input type="hidden" name="_process" value="save_product_category" />
<input type="hidden" name="product_category_id" value="<?php
echo (int) $product_category_id;
?>
" />
<?php
module_form::set_required(array('fields' => array('name' => 'Name')));
module_form::prevent_exit(array('valid_exits' => array('.submit_button')));
<?php
/**
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
$group_id = (int) $_REQUEST['group_id'];
$group = array();
if ($group_id > 0) {
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Group', 'page_name' => 'Groups', 'module' => 'group', 'feature' => 'edit'));
}
$group = module_group::get_group($group_id);
} else {
}
if (!$group) {
die('Creating groups this way is disabled');
$group_id = 'new';
$group = array('group_id' => 'new', 'name' => '', 'default_text' => '');
module_security::sanatise_data('group', $group);
}
?>
<form action="" method="post">
<?php
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!module_config::can_i('edit', 'Settings')) {
redirect_browser(_BASE_HREF);
}
$company_id = (int) $_REQUEST['company_id'];
$company = array();
if ($company_id > 0) {
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Company', 'page_name' => 'Company', 'module' => 'company', 'feature' => 'edit'));
}
$company = module_company::get_company($company_id);
} else {
}
if (!$company) {
$company_id = 'new';
$company = array('company_id' => 'new', 'name' => '');
module_security::sanatise_data('company', $company);
}
?>
<form action="" method="post">
<input type="hidden" name="_process" value="save_company" />
<input type="hidden" name="company_id" value="<?php
$invoice = module_invoice::get_invoice($invoice_id);
if ($invoice_id > 0 && $invoice && $invoice['invoice_id'] == $invoice_id) {
$module->page_title = _l('Invoice: #%s', htmlspecialchars($invoice['name']));
if (class_exists('module_security', false)) {
// make sure current customer can access this invoice
if (!module_security::can_access_data('invoice', $invoice, $invoice_id)) {
echo 'Data access denied. Sorry.';
exit;
}
module_security::check_page(array('category' => 'Invoice', 'page_name' => 'Invoices', 'module' => 'invoice', 'feature' => 'edit'));
}
} else {
$invoice_id = 0;
$invoice = module_invoice::get_invoice($invoice_id);
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Invoice', 'page_name' => 'Invoices', 'module' => 'invoice', 'feature' => 'create'));
}
module_security::sanatise_data('invoice', $invoice);
}
$invoice_items = module_invoice::get_invoice_items($invoice_id, $invoice);
$invoice_locked = $invoice['date_sent'] && $invoice['date_sent'] != '0000-00-00' || $invoice['date_paid'] && $invoice['date_paid'] != '0000-00-00';
if (isset($_REQUEST['as_deposit']) && isset($_REQUEST['job_id'])) {
$invoice['deposit_job_id'] = (int) $_REQUEST['job_id'];
}
$discounts_allowed = !(isset($invoice['deposit_job_id']) && $invoice['deposit_job_id'] > 0);
$customer_data = array();
if ($invoice['customer_id']) {
$customer_data = module_customer::get_customer($invoice['customer_id']);
}
$show_task_dates = module_config::c('invoice_task_list_show_date', 1);
$colspan = 2;
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
$member_id = (int) $_REQUEST['member_id'];
$member = array();
$member = module_member::get_member($member_id);
// check permissions.
if (class_exists('module_security', false)) {
if ($member_id > 0 && $member['member_id'] == $member_id) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Member', 'page_name' => 'Members', 'module' => 'member', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Member', 'page_name' => 'Members', 'module' => 'member', 'feature' => 'Create'));
}
module_security::sanatise_data('member', $member);
}
$module->page_title = _l('Member: %s', htmlspecialchars($member['first_name'] . ' ' . $member['last_name']));
?>
<form action="" method="post" id="member_form">
<input type="hidden" name="_process" value="save_member" />
<input type="hidden" name="member_id" value="<?php
echo $member_id;
?>
" />
<?php
module_form::set_required(array('fields' => array('first_name' => 'Name', 'email' => 'Email')));
*/
if (!module_config::can_i('view', 'Settings')) {
redirect_browser(_BASE_HREF);
}
$subscription_id = (int) $_REQUEST['subscription_id'];
$subscription = array();
$subscription = module_subscription::get_subscription($subscription_id);
// check permissions.
if (class_exists('module_security', false)) {
if ($subscription_id > 0 && $subscription['subscription_id'] == $subscription_id) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Subscription', 'page_name' => 'Subscriptions', 'module' => 'subscription', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Subscription', 'page_name' => 'Subscriptions', 'module' => 'subscription', 'feature' => 'Create'));
}
module_security::sanatise_data('subscription', $subscription);
}
?>
<?php
hook_handle_callback('layout_column_half', 1);
?>
<form action="" method="post" id="subscription_form">
<input type="hidden" name="_process" value="save_subscription" />
<input type="hidden" name="subscription_id" value="<?php
echo $subscription_id;
$customer = array();
$customer = module_customer::get_customer($customer_id);
if ($customer_id > 0 && $customer['customer_id'] == $customer_id) {
$module->page_title = _l($page_type_single . ': %s', $customer['customer_name']);
} else {
$module->page_title = _l($page_type_single . ': %s', _l('New'));
}
// check permissions.
if (class_exists('module_security', false)) {
if ($customer_id > 0 && $customer['customer_id'] == $customer_id) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Customer', 'page_name' => $page_type, 'module' => 'customer', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Customer', 'page_name' => $page_type, 'module' => 'customer', 'feature' => 'Create'));
}
module_security::sanatise_data('customer', $customer);
}
if (isset($_REQUEST['preview_email'])) {
module_template::init_template('customer_statement_email', 'Dear {CUSTOMER_NAME},<br>
<br>
Please find below a copy of your details.<br><br>
{EMAIL_DETAILS}<br><br>
Thank you,<br><br>
{FROM_NAME}
', 'Customer Statement: {CUSTOMER_NAME}', array('CUSTOMER_NAME' => 'Customers Name'));
$template_name = isset($_REQUEST['template_name']) ? $_REQUEST['template_name'] : 'customer_statement_email';
$template = module_template::get_template_by_key($template_name);
$to = module_user::get_contacts(array('customer_id' => $customer['customer_id']));
$to_select = false;
<?php
/**
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
$module->page_title = _l('Send');
// check permissions.
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Newsletter', 'page_name' => 'Send Newsletter', 'module' => 'newsletter', 'feature' => 'view'));
}
$newsletter_id = isset($_REQUEST['newsletter_id']) ? (int) $_REQUEST['newsletter_id'] : false;
$newsletter = module_newsletter::get_newsletter($newsletter_id);
$past_sends = $newsletter['sends'];
$send_id = isset($_REQUEST['send_id']) ? (int) $_REQUEST['send_id'] : false;
if ($send_id > 0) {
$send = module_newsletter::get_send($send_id);
if ($send['status'] == _NEWSLETTER_STATUS_PENDING || $send['status'] == _NEWSLETTER_STATUS_PAUSED) {
redirect_browser(module_newsletter::link_queue_watch($newsletter_id, $send_id));
}
$send_members = module_newsletter::get_send_members($send_id);
$recipient_count = mysql_num_rows($send_members);
mysql_free_result($send_members);
print_heading(_l('Add More Recipients (currently %s recipients): %s', $recipient_count, $newsletter['subject']));
} else {
print_heading(_l('Send Newsletter: %s', $newsletter['subject']));
}
}
if ($user_id && !module_user::can_i('edit', 'All ' . $contact_type_permission . ' Contacts', $contact_type, $contact_module_name)) {
if ($user_id != module_security::get_loggedin_id()) {
// dont let them edit this page
ob_start();
module_security::disallow_page_editing();
}
}
// permission check.
if (!$user_id) {
// check if can create.
module_security::check_page(array('category' => $contact_type, 'page_name' => 'Contacts', 'module' => 'user', 'feature' => 'create'));
} else {
// check if can view/edit.
module_security::check_page(array('category' => $contact_type, 'page_name' => 'Contacts', 'module' => 'user', 'feature' => 'edit'));
}
if ($user_id > 0 && $user['user_id'] == $user_id) {
$module->page_title = _l('Contact: %s', $user['name']);
} else {
$module->page_title = _l('Contact: %s', _l('New'));
}
if (isset($user[$use_master_key]) && $user[$use_master_key]) {
// we have a contact!
// are we creating a new user?
if (!$user_id || $user_id == 'new') {
$user['roles'] = array(array('security_role_id' => module_config::c('contact_default_role', 0)));
}
} else {
die('Wrong file');
}
if (!$use_master_key) {
throw new Exception('Sorry no Customer or Supplier selected');
} else {
if (isset($_REQUEST[$use_master_key])) {
$search[$use_master_key] = $_REQUEST[$use_master_key];
}
}
if (!isset($search[$use_master_key]) || !$search[$use_master_key]) {
// we are just showing a list of all customer contacts.
$show_customer_details = true;
// check they have permissions to view all customer contacts.
if (class_exists('module_security', false)) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Customer', 'page_name' => 'All Customer Contacts', 'module' => 'customer', 'feature' => 'view'));
}
//throw new Exception('Please create a user correctly');
} else {
$show_customer_details = false;
}
$users = module_user::get_contacts($search, true);
?>
<h2>
<?php
if (isset($search[$use_master_key]) && $search[$use_master_key] && module_user::can_i('create', 'Contacts', 'Customer')) {
?>
<span class="button">
" />
<?php
hook_handle_callback('layout_column_half', 1, '35');
// check permissions.
$do_perm_finish_check = false;
// this is a hack to allow Quote Task edit without Quote edit permissions.
if (class_exists('module_security', false)) {
if ($quote_id > 0 && $quote['quote_id'] == $quote_id) {
if (!module_security::check_page(array('category' => 'Quote', 'page_name' => 'Quotes', 'module' => 'quote', 'feature' => 'edit'))) {
// user does not have edit quote perms
$do_perm_finish_check = true;
}
} else {
if (!module_security::check_page(array('category' => 'Quote', 'page_name' => 'Quotes', 'module' => 'quote', 'feature' => 'create'))) {
// user does not have create quote perms.
}
}
}
$fields = array('fields' => array('name' => 'Name'));
module_form::set_required($fields);
module_form::set_default_field('task_desc_new');
module_form::prevent_exit(array('valid_exits' => array('.submit_button', '.save_task', '.delete', '.task_defaults', '.exit_button', '.apply_discount')));
/**** QUOTE DETAILS ****/
$fieldset_data = array('id' => 'quote_details', 'heading' => array('type' => 'h3', 'title' => 'Quote Details'), 'class' => 'tableclass tableclass_form tableclass_full', 'elements' => array('name' => array('title' => 'Quote Title', 'field' => array('type' => 'text', 'name' => 'name', 'value' => $quote['name'])), 'type' => array('title' => 'Type', 'field' => array('type' => 'select', 'name' => 'type', 'value' => $quote['type'], 'blank' => false, 'options' => module_quote::get_types(), 'allow_new' => true)), 'hourly_rate' => array('title' => 'Hourly Rate', 'field' => array('type' => 'currency', 'id' => 'main_hourly_rate', 'name' => 'hourly_rate', 'value' => number_out($quote['hourly_rate']))), 'status' => array('title' => 'Status', 'field' => array('type' => 'select', 'name' => 'status', 'value' => $quote['status'], 'blank' => false, 'options' => module_quote::get_statuses(), 'allow_new' => true)), 'date_create' => array('title' => 'Create Date', 'field' => array('type' => 'date', 'name' => 'date_create', 'value' => print_date($quote['date_create']), 'help' => 'This is the date the Quote is scheduled to start work. This can be a date in the future.')), 'date_approved' => array('title' => 'Approved Date', 'field' => array('type' => 'date', 'name' => 'date_approved', 'value' => print_date($quote['date_approved']), 'help' => 'This is the date the Quote was accepted by the client. This date is automatically set if the client clicks "Approve"')), 'approved_by' => array('title' => 'Approved By', 'field' => array('type' => 'text', 'name' => 'approved_by', 'value' => $quote['approved_by']))), 'extra_settings' => array('owner_table' => 'quote', 'owner_key' => 'quote_id', 'owner_id' => $quote['quote_id'], 'layout' => 'table_row', 'allow_new' => module_quote::can_i('create', 'Quotes'), 'allow_edit' => module_quote::can_i('create', 'Quotes')));
if (module_config::c('quote_allow_staff_assignment', 1)) {
$fieldset_data['elements']['user_id'] = array('title' => 'Staff Member', 'field' => array('type' => 'select', 'options' => $staff_member_rel, 'name' => 'user_id', 'value' => $quote['user_id'], 'help' => 'Assign a staff member to this quote. You can also assign individual tasks to different staff members. Staff members are users who have EDIT permissions on Quote Tasks.'));
}
$incrementing = false;
if (!isset($quote['taxes']) || !count($quote['taxes'])) {
$locked = true;
}
} else {
$linked_invoice_payments = $finance['linked_invoice_payments'];
$linked_finances = $finance['linked_finances'];
$module->page_title = $finance['name'];
}
// check permissions.
if (class_exists('module_security', false)) {
if ($finance_id > 0 && $finance['finance_id'] == $finance_id || isset($_REQUEST['invoice_payment_id']) && isset($invoice_payment_data) && $invoice_payment_data) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Finance', 'page_name' => 'Finance', 'module' => 'finance', 'feature' => 'Edit'));
} else {
module_security::check_page(array('category' => 'Finance', 'page_name' => 'Finance', 'module' => 'finance', 'feature' => 'Create'));
}
module_security::sanatise_data('finance', $finance);
}
if (isset($finance['invoice_payment_id']) && (int) $finance['invoice_payment_id'] > 0) {
//$locked = true;
}
$finance_recurring_id = isset($_REQUEST['finance_recurring_id']) ? (int) $_REQUEST['finance_recurring_id'] : false;
if ($finance_id > 0 && $finance && isset($finance['finance_recurring_id']) && $finance['finance_recurring_id']) {
$finance_recurring_id = $finance['finance_recurring_id'];
}
if ($finance_recurring_id > 0) {
$finance_recurring = module_finance::get_recurring($finance_recurring_id);
}
if (!$finance_id && $finance_recurring_id > 0) {
$finance = array_merge($finance, $finance_recurring);
public function check_page_permissions()
{
$data = $this->get_data();
if ($this->file_id > 0 && (!$data || isset($data['new']) || $data['file_id'] != $this->file_id)) {
$this->file_id = 0;
die('Failed to access file. No permissions to view this file, please check with the administrator.');
} else {
if ($this->file_id > 0) {
if (class_exists('module_security', false)) {
if (!module_security::check_page(array('module' => 'file', 'feature' => 'Edit'))) {
$this->file_id = 0;
}
}
} else {
if (class_exists('module_security', false)) {
if (!module_security::check_page(array('module' => 'file', 'feature' => 'Create'))) {
$this->file_id = 0;
}
}
}
}
}
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!module_config::can_i('view', 'Settings')) {
redirect_browser(_BASE_HREF);
}
if (class_exists('module_security', false)) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => 'Config', 'page_name' => 'Settings', 'module' => 'config', 'feature' => 'Edit'));
}
$module->page_title = 'Settings';
?>
<form action="" method="post">
<?php
module_form::prevent_exit(array('valid_exits' => array('.submit_button')));
?>
<input type="hidden" name="_process" value="save_config">
<style type="text/css">
.config_variable{
border:1px solid #EFEFEF;
if (class_exists('module_security', false)) {
/*module_security::check_page(array(
'module' => $module->module_name,
'feature' => 'edit',
));*/
// we want to do our own special type of form modification here
// so we don't pass it off to "check_page" which will hide all input boxes.
if (!module_ticket::can_i('edit', 'Tickets') && !module_ticket::can_i('create', 'Tickets')) {
set_error('Access to editing or creating tickets is denied.');
redirect_browser(module_ticket::link_open(false));
}
}
} else {
$ticket_id = false;
if (class_exists('module_security', false)) {
module_security::check_page(array('module' => $module->module_name, 'feature' => 'create'));
}
}
if (module_ticket::can_edit_tickets()) {
module_ticket::mark_as_read($ticket_id, true);
}
//$module->pre_menu(); // so the links are re-build and the correct "unread" count is at the top.
if (!module_security::can_access_data('ticket', $ticket)) {
echo 'Ticket access denied';
exit;
}
$ticket_messages = module_ticket::get_ticket_messages($ticket['ticket_id'], true);
if (!isset($logged_in_user) || !$logged_in_user) {
// we assume the user is on the public side.
// use the creator id as the logged in id.
$logged_in_user = module_security::get_loggedin_id();
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
$module->page_title = _l('Editor');
//print_heading('Newsletter Editor');
$newsletter_id = isset($_REQUEST['newsletter_id']) ? (int) $_REQUEST['newsletter_id'] : false;
$current_newsletter_content_id = isset($_REQUEST['newsletter_content_id']) && (int) $_REQUEST['newsletter_content_id'] > 0 ? (int) $_REQUEST['newsletter_content_id'] : false;
$newsletter = module_newsletter::get_newsletter($newsletter_id);
$newsletter_template = module_newsletter::get_newsletter_template($newsletter['newsletter_template_id']);
// check permissions.
if (class_exists('module_security', false)) {
if ($newsletter_id > 0 && $newsletter['newsletter_id'] == $newsletter_id) {
module_security::check_page(array('category' => 'Newsletter', 'page_name' => 'Newsletters', 'module' => 'newsletter', 'feature' => 'edit'));
} else {
module_security::check_page(array('category' => 'Newsletter', 'page_name' => 'Newsletters', 'module' => 'newsletter', 'feature' => 'create'));
}
}
$templates = module_newsletter::get_templates();
//$input_method = 'wysiwyg';
$default_content = isset($newsletter_template['default_inner']) ? $newsletter_template['default_inner'] : '';
if (!$default_content && $newsletter_template['directory'] && is_dir($newsletter_template['directory']) && is_file($newsletter_template['directory'] . 'inside.html')) {
ob_start();
include $newsletter_template['directory'] . 'inside.html';
$default_content = ob_get_clean();
}
if ($newsletter_template['directory'] && is_dir($newsletter_template['directory']) && is_file($newsletter_template['directory'] . 'settings.php')) {
include $newsletter_template['directory'] . 'settings.php';
}
$sends = $newsletter['sends'];
$sends_warning = array();
$contact_type_permission = 'Vendor';
$contact_module_name = 'vendor';
break;
default:
die('Unsupported type');
}
$module->page_title = _l($contact_type_permission . ' Contacts');
if (!isset($search[$use_master_key]) || !$search[$use_master_key]) {
// we are just showing a list of all customer contacts.
$show_customer_details = true;
// check they have permissions to view all customer contacts.
if (class_exists('module_security', false)) {
// if they are not allowed to "edit" a page, but the "view" permission exists
// then we automatically grab the page and regex all the crap out of it that they are not allowed to change
// eg: form elements, submit buttons, etc..
module_security::check_page(array('category' => $contact_type, 'page_name' => 'All ' . $contact_type_permission . ' Contacts', 'module' => $contact_module_name, 'feature' => 'view'));
}
//throw new Exception('Please create a user correctly');
} else {
$show_customer_details = false;
}
$users = module_user::get_contacts($search, true, false);
if (class_exists('module_group', false)) {
module_group::enable_pagination_hook(array('fields' => array('owner_id' => 'user_id', 'owner_table' => 'user', 'name' => 'name', 'email' => 'email')));
}
// hack to add a "export" option to the pagination results.
if (class_exists('module_import_export', false) && module_user::can_i('view', 'Export ' . $contact_type_permission . ' Contacts')) {
if (isset($_REQUEST['import_export_go'])) {
$users = query_to_array($users);
foreach ($users as $user_id => $user) {
$users[$user_id]['is_primary'] = $user['is_primary'] == $user['user_id'] ? _l('Yes') : _l('No');
redirect_browser(_BASE_HREF);
}
$security_role_id = $_REQUEST['security_role_id'];
$security_role = array();
if ($security_role_id && $security_role_id != 'new') {
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Security', 'page_name' => 'Security Roles', 'module' => 'security', 'feature' => 'edit'));
}
$security_role = module_security::get_security_role($security_role_id);
if (!$security_role) {
$security_role_id = 'new';
}
}
if ($security_role_id == 'new' || !$security_role_id) {
if (class_exists('module_security', false)) {
module_security::check_page(array('category' => 'Security', 'page_name' => 'Security Roles', 'module' => 'security', 'feature' => 'create'));
}
$security_role = array('security_role_id' => 'new', 'name' => '');
}
if (module_security::can_i('edit', 'Security Roles', 'Security') && isset($_REQUEST['delete_security_permission_id'])) {
$id = (int) $_REQUEST['delete_security_permission_id'];
if ($id > 0) {
delete_from_db('security_permission', 'security_permission_id', $id);
delete_from_db('security_role_perm', 'security_permission_id', $id);
}
redirect_browser(module_security::link_open_role($security_role_id) . '&advanced');
}
if (isset($_REQUEST['export_json'])) {
$export_json = array();
}
?>
