public function ToHTMLUserPrivateShortInTable() { $author = User::FetchBy(['select_list' => 'id, name, surname, login', 'eq_conds' => ['id' => $this->author_id], 'is_unique' => true]); $link_to_author = ''; if (Error::IsError($author)) { if (Error::IsType($author, Error::not_found)) { $link_to_author = Language::Word('not found'); } else { return AlertMessage('Error while fethching author of report: ' . Error::ToString($author)); } } else { $link_to_author = $author->LinkToThis(); } $users = ''; $receivers = User::FetchBy(['select_list' => 'id, name, surname', 'where_addition' => '(received_reports LIKE "%\\"' . $this->id . '\\"%")']); foreach ($receivers as $key => $user) { $users .= '<div class="row">'; $users .= '<div class="' . ColAllTypes(12) . '">'; $users .= $user->LinkToThis(); $users .= '</div>'; $users .= '</div>'; } $res = '<tr>'; $res .= '<td>' . $link_to_author . '</td>'; $res .= '<td>' . $users . '</td>'; $res .= '<td>' . htmlspecialchars($this->GetName()) . '</td>'; $res .= '<td>' . $this->GetCreatingDate() . '</td>'; $res .= '<td>'; $res .= '<div class="row">'; $author_login = ''; if (is_a($author, 'User')) { $author_login = $author->GetLogin(); } else { $author_login = ''; } if (GetUserLogin() === 'admin') { $res .= '<div class="' . ColAllTypes(4) . '">'; } else { $res .= '<div class="' . ColAllTypes(12) . '">'; } $res .= $this->ToHTMLFullVers(); $res .= '</div>'; if (GetUserLogin() === 'admin') { $res .= '<div class="' . ColAllTypes(4) . '">'; $res .= $this->ToHTMLEdit(); $res .= '</div>'; $res .= '<div class="' . ColAllTypes(4) . '">'; $res .= $this->ToHTMLDel(); $res .= '</div>'; } $res .= '</div>'; $res .= '</td>'; $res .= '</tr>'; return $res; }
case $content_types_short['reports']: $title .= ' :' . Language::Word('reports'); $header = $title; $content .= MenuButton(Language::Word('send report'), $link_to_admin_report, 'btn-primary', 'add', 'get'); $content .= MenuButton(Language::Word('received reports'), $link_to_admin_bookkeeping . '?content_type=received_reps', 'btn-default', '', 'get'); $content .= MenuButton(Language::Word('sended reports'), $link_to_admin_bookkeeping . '?content_type=sended_reps', 'btn-default', '', 'get'); if (GetUserLogin() === 'admin') { $content .= MenuButton(Language::Word('all reports'), $link_to_admin_bookkeeping . '?content_type=all_reps', 'btn-default', '', 'get'); } break; case 'received_reps': case 'sended_reps': case 'all_reps': $content_type = $_REQUEST['content_type']; if ($content_type === 'all_reps') { if (GetUserLogin() !== 'admin') { $content = AlertMessage('alert-danger', Language::Word('access denied')); break; } } if ($content_type === 'received_reps') { $title .= ' :' . Language::Word('received reports'); } else { if ($content_type === 'sended_reps') { $title .= ' :' . Language::Word('sended reports'); } else { $title .= ' :' . Language::Word('all reports'); } } $header = $title; $reports = array();
public static function InsertToDB($request, $lang_vers = 'rus', $glob_id = 0) { global $db_connection; global $link_to_text_part_images; $link_id = $db_connection->real_escape_string($request->link_id); $author_id = $db_connection->real_escape_string($request->author_id); $name = $db_connection->real_escape_string($request->name); $priority = $db_connection->real_escape_string($request->priority); $role = $db_connection->real_escape_string($request->role); $insert_table = TextPart::$table; if ($lang_vers !== 'rus') { $insert_table .= '_' . $lang_vers; } $max_id = self::GetMaximalID() + 1; $insert_id = -1; if ($glob_id !== 0) { $insert_id = $glob_id; } else { $insert_id = $max_id; } $res = $db_connection->query("INSERT INTO `" . $insert_table . "` (`id`, `link_id`, `author_id`, `name`, `priority`, `role`, `text_block`, `creating_date`) VALUES ('" . $insert_id . "', '" . $link_id . "', '" . $author_id . "', '" . $name . "', '" . $priority . "', '" . $role . "', '', CURRENT_TIMESTAMP)"); if (!$res) { echo $db_connection->error; return false; } $id = $db_connection->insert_id; if ($glob_id === 0) { $request->text_block = preg_replace('/tmp_(\\d+)\\//', $id . '/', $request->text_block); } $text_block = $db_connection->real_escape_string($request->text_block); $res = $db_connection->query("UPDATE `" . $insert_table . "` SET `text_block`=\"" . $text_block . "\" WHERE `id`=" . $id); if (!$res) { echo $db_connection->error; $db_connection->query("DELETE FROM `" . $insert_table . "` WHERE `id` = " . $id); return false; } $request->id = $id; if ($glob_id === 0) { recurse_copy($link_to_text_part_images . 'tmp_' . User::GetIDByLogin(GetUserLogin()), $link_to_text_part_images . $id); } return true; }
public static function InsertToDB($request, $lang_vers = 'rus', $glob_id = 0) { global $db_connection; global $link_to_article_images; global $languages; $author_id = $db_connection->real_escape_string($request->author_id); $name = $db_connection->real_escape_string($request->name); $annotation = $db_connection->real_escape_string($request->annotation); $insert_table = self::$table; if ($lang_vers !== 'rus') { $insert_table .= '_' . $lang_vers; } $max_id = self::GetMaximalID() + 1; $insert_id = -1; if ($glob_id !== 0) { $insert_id = $glob_id; } else { $insert_id = $max_id; } $res = $db_connection->query("INSERT INTO `" . $insert_table . "` (`id`, `author_id`, `name`, `annotation`, `text_block`, `creating_date`) VALUES ('" . $insert_id . "', '" . $author_id . "', '" . $name . "', '" . $annotation . "', '', CURRENT_TIMESTAMP)"); if (!$res) { return false; } $id = $db_connection->insert_id; if ($glob_id === 0) { $request->SetTextBlock(preg_replace('/tmp_(\\d+)\\//', $id . '/', $request->text_block)); } $text_block = $db_connection->real_escape_string($request->text_block); $res = $db_connection->query("UPDATE `" . $insert_table . "` SET `text_block`=\"" . $text_block . "\" WHERE `id`=" . $id); if (!$res) { echo $db_connection->error; $db_connection->query("DELETE FROM `" . $insert_table . "` WHERE `id` = " . $id); return false; } $request->SetID($id); $upload_path = ''; if ($glob_id === 0) { recurse_copy($link_to_article_images . 'tmp_' . User::GetIDByLogin(GetUserLogin()), $link_to_article_images . $id); } if (is_uploaded_file($_FILES['cover']['tmp_name'])) { $img_name = 'cover'; if ($lang_vers !== 'rus') { $img_name .= '_' . $lang_vers; } $sepext = explode('.', strtolower($_FILES['cover']['name'])); $type = end($sepext); $img_name .= '.' . $type; $upload_path = $link_to_article_images . $id . '/' . $img_name; if (move_uploaded_file($_FILES['cover']['tmp_name'], $upload_path)) { $request->SetPathToImage($upload_path); } } $request->RemoveFromCache(); self::RemoveFromCacheMeta(); return true; }
public function ToHTMLEditing() { global $user_blocks_in_db; global $link_to_admin_user_block; global $positions; global $link_to_utility_sql_worker; $positions = Language::GetPositions(); $res = ''; $res .= '<form method="post" action="' . $link_to_utility_sql_worker . '" enctype="multipart/form-data">'; $res .= '<div class="row">'; $res .= '<div class="' . ColAllTypes(1) . '"></div>'; $res .= '<div class="' . ColAllTypes(5) . ' vcenter" align="right">'; $res .= '<div class="row">'; $res .= '<img src="' . $this->path_to_photo . '" class="img-rounded img-avatar">'; $res .= '</div>'; $res .= '<div class="row">'; $res .= PairLabelAndInputFile(3, 5, Language::Word('upload image'), 'img'); $res .= '</div>'; $res .= '</div>'; $res .= '<div class="' . ColAllTypes(5) . ' vcenter" align="left">'; $res .= PairLabelAndInput(2, 10, Language::Word('name'), 'name', Language::Word('insert name'), $this->name); $res .= PairLabelAndInput(2, 10, Language::Word('surname'), 'surname', Language::Word('insert surname'), $this->surname); $res .= PairLabelAndInput(2, 10, Language::Word('fathername'), 'fathername', Language::Word('insert fathername'), $this->fathername); if ($this->login != 'admin' && GetUserLogin() == 'admin') { $tmp = User::FetchAllByPosition(DirectorPositionNum); if (($tmp != NULL || GetUserLogin() != 'admin') && $this->position != DirectorPositionNum) { unset($positions[DirectorPositionNum]); } $res .= PairLabelAndSelect(2, 10, Language::Word('position'), 'position', $positions, $selected_field = array($this->position, $positions[$this->position])); } else { $res .= PairLabelAndPanel(2, 10, Language::Word('position'), htmlspecialchars(Language::Position($this->position))); } $res .= PairLabelAndInput(2, 10, Language::Word('mail'), 'email', Language::Word('insert mail'), $this->email); $res .= PairLabelAndInput(2, 10, Language::Word('telephone'), 'telephone', Language::Word('insert telephone'), $this->telephone); if ($this->login == GetUserLogin() && $this->login != 'admin') { $res .= PairLabelAndInput(2, 10, Language::Word('login'), 'login', Language::Word('insert login'), $this->login); } else { $res .= PairLabelAndPanel(2, 10, Language::Word('login'), $this->login); } $res .= PairLabelAndInput(2, 10, Language::Word('birthday'), 'birth_day', 'dd', date('j', $this->birthday)); $res .= PairLabelAndInput(2, 10, Language::Word('birthmonth'), 'birth_month', 'mm', date('n', $this->birthday)); $res .= PairLabelAndInput(2, 10, Language::Word('birthyear'), 'birth_year', 'yyyy', date('Y', $this->birthday)); if ($this->login == GetUserLogin()) { $res .= PairLabelAndPassword(4, 8, Language::Word('old password'), 'password_old', Language::Word('only for password changing')); $res .= PairLabelAndPassword(4, 8, Language::Word('new password'), 'password_new1', Language::Word('only for password changing')); $res .= PairLabelAndPassword(4, 8, Language::Word('repeat new password'), 'password_new2', Language::Word('only for password changing')); } $res .= '</div>'; $res .= '</div>'; $res .= DialogInputsYesNo('edit', $_POST['type'], $_POST['id'], Language::Word('save'), Language::Word('cancel')); $res .= '</form>'; return $res; }
public function ToHTMLUserPrivateShortInTable() { $author = User::FetchBy(['eq_conds' => ['id' => $this->author_id], 'select_list' => 'id, name, surname, login', 'is_unique' => true]); $res = '<tr>'; $res .= '<td>' . Direction::FetchByID($this->direction_id)->LinkToThis() . '</td>'; $res .= '<td>' . htmlspecialchars($this->name) . '</td>'; $res .= '<td>' . date('d : m : Y - H : i', $this->creating_date) . '</td>'; $res .= '<td>' . $author->LinkToThis() . '</td>'; $res .= '<td>'; $res .= '<div class="row">'; if (GetUserLogin() === $author->GetLogin() || GetUserLogin() === 'admin') { $res .= '<div class="' . ColAllTypes(4) . '">'; } else { $res .= '<div class="' . ColAllTypes(12) . '">'; } $res .= $this->ToHTMLFullVers(); $res .= '</div>'; if (GetUserLogin() === $author->GetLogin() || GetUserLogin() === 'admin') { $res .= '<div class="' . ColAllTypes(4) . '">'; $res .= $this->ToHTMLEdit(); $res .= '</div>'; $res .= '<div class="' . ColAllTypes(4) . '">'; $res .= $this->ToHTMLDel(); $res .= '</div>'; } $res .= '</div>'; $res .= '</td>'; $res .= '</tr>'; return $res; }