function populate()
{
$employee = DataObjectFactory::Factory('Employee');
$user = getCurrentUser();
if (!is_null($user->person_id)) {
$employee->loadBy('person_id', $user->person_id);
}
if ($employee->isLoaded()) {
$authorisor_model = $employee->holiday_model();
$employee->authorisationPolicy($authorisor_model);
$authorisees = $employee->getAuthorisees($authorisor_model);
} else {
$authorisees = array();
}
$holiday = DataObjectFactory::Factory('HolidayRequest');
$holidays = new HolidayrequestCollection($holiday);
if (count($authorisees) > 0) {
$holidays->setParams();
$sh = new SearchHandler($holidays, false);
$sh->setFields(array('id', 'employee', 'employee_id', 'start_date', 'end_date', 'num_days'));
$sh->addConstraint(new Constraint('status', '=', $holiday->newRequest()));
$sh->addConstraint(new Constraint('employee_id', 'in', '(' . implode(',', $authorisees) . ')'));
$this->setSearchLimit($sh);
$sh->setOrderby(array('employee', 'start_date'));
$holidays->load($sh);
$holidays->clickcontroller = 'holidayrequests';
$holidays->editclickaction = 'view';
}
$this->contents = $holidays;
}
public function Execute()
{
$viewData = array();
$errors = array();
if (Helper::IsLoggedInAdmin() && isset($_GET["loginAsUser"])) {
// login as a certain user and redirect to his page
if (Helper::LoginUserByUsername($_GET["loginAsUser"])) {
Helper::Redirect("index.php?" . Helper::CreateQuerystring(getCurrentUser()));
}
}
$viewData["Users"] = DataAccess::GetAllUsers(!Helper::IsLoggedInAdmin());
$viewData["LastMapForEachUser"] = DataAccess::GetLastMapsForUsers("date");
// last x maps
$numberOfMaps = isset($_GET["lastMaps"]) && is_numeric($_GET["lastMaps"]) ? (int) $_GET["lastMaps"] : (isset($_GET["lastMaps"]) && $_GET["lastMaps"] == "all" ? 999999 : 10);
$viewData["LastMaps"] = DataAccess::GetMaps(0, 0, 0, 0, null, $numberOfMaps, "createdTime", Helper::GetLoggedInUserID());
// last x comments
$numberOfComments = isset($_GET["lastComments"]) && is_numeric($_GET["lastComments"]) ? (int) $_GET["lastComments"] : (isset($_GET["lastComments"]) && $_GET["lastComments"] == "all" ? 999999 : 10);
$viewData["LastComments"] = DataAccess::GetLastComments($numberOfComments, Helper::GetLoggedInUserID());
$viewData["OverviewMapData"] = null;
$categories = DataAccess::GetCategoriesByUserID();
foreach ($viewData["LastMaps"] as $map) {
$data = Helper::GetOverviewMapData($map, false, true, true, $categories);
if ($data != null) {
$viewData["OverviewMapData"][] = $data;
}
}
if (isset($_GET["error"]) && $_GET["error"] == "email") {
$errors[] = sprintf(__("ADMIN_EMAIL_ERROR"), ADMIN_EMAIL);
}
$viewData["Errors"] = $errors;
return $viewData;
}
public static function makeHeader($data, $do, &$errors)
{
if (strtotime(fix_date($data['order_date'])) > strtotime(fix_date(date(DATE_FORMAT)))) {
$errors[] = 'Order Date cannot be in the future';
return false;
}
if (!isset($data['id']) || $data['id'] == '') {
// $generator = new OrderNumberHandler();
$generator = new UniqueNumberHandler(false, $data['type'] != 'T');
$data['order_number'] = $generator->handle(DataObjectFactory::Factory($do));
$data['status'] = 'N';
$user = getCurrentUser();
$data['raised_by'] = $user->username;
}
//determine the base currency
$currency = DataObjectFactory::Factory('Currency');
$currency->load($data['currency_id']);
$data['rate'] = $currency->rate;
//determine the twin currency
$glparams = DataObjectFactory::Factory('GLParams');
$twin_currency = DataObjectFactory::Factory('Currency');
$twin_currency->load($glparams->base_currency());
$data['twin_rate'] = $twin_currency->rate;
$data['twin_currency_id'] = $twin_currency->id;
return DataObject::Factory($data, $errors, $do);
}
public function Execute()
{
$viewData = array();
$errors = array();
// no user specified - redirect to user list page
if (!getCurrentUser()) {
Helper::Redirect("users.php");
}
// user is hidden - redirect to user list page
if (!getCurrentUser()->Visible) {
Helper::Redirect("users.php");
}
if (isset($_POST["cancel"])) {
Helper::Redirect("index.php?" . Helper::CreateQuerystring(getCurrentUser()));
}
if (isset($_GET["action"]) && $_GET["action"] == "logout") {
$location = "index.php?" . Helper::CreateQuerystring(getCurrentUser());
Helper::LogoutUser();
Helper::Redirect($location);
}
if (isset($_POST["login"])) {
$currentUserID = getCurrentUser()->ID;
if (Helper::LoginUser(stripslashes($_POST["username"]), stripslashes($_POST["password"]))) {
if (getCurrentUser()->ID == $currentUserID) {
Helper::Redirect("index.php?" . Helper::CreateQuerystring(getCurrentUser()));
}
}
$errors[] = __("INVALID_USERNAME_OR_PASSWORD");
}
if (isset($_POST["forgotPassword"])) {
Helper::Redirect("send_new_password.php?" . Helper::CreateQuerystring(getCurrentUser()));
}
$viewData["Errors"] = $errors;
return $viewData;
}
public function systemCompany(&$do, &$errors)
{
$user = getCurrentUser();
$person = new Person();
$person->load($user->person_id);
$format = new xmlrpcmsg('elgg.user.newCommunity', array(new xmlrpcval($person->firstname . ' ' . $person->surname, "string"), new xmlrpcval($person->email, "string"), new xmlrpcval($do->company, "string")));
$client = new xmlrpc_client("_rpc/RPC2.php", "tech2.severndelta.co.uk", 8091);
$request = $client->send($format);
if (!$request->faultCode()) {
$response = $request->value();
if ($response->structmemexists('owner') && $response->structmemexists('community')) {
$person->published_username = $response->structmem('owner')->scalarval();
$person->save();
$do->published = true;
$do->published_username = $response->structmem('community')->scalarval();
$do->published_owner_id = $person->id;
$do->save();
} else {
$errors[] = 'Failed to publish company';
}
} else {
$errors[] = "Code: " . $request->faultCode() . " Reason '" . $request->faultString();
return false;
}
return true;
}
function populate()
{
$employee = DataObjectFactory::Factory('Employee');
$user = getCurrentUser();
if (!is_null($user->person_id)) {
$employee->loadBy('person_id', $user->person_id);
}
if ($employee->isLoaded()) {
$authorisor_model = $employee->expense_model();
$employee->authorisationPolicy($authorisor_model);
$authorisees = $employee->getAuthorisees($authorisor_model);
} else {
$authorisees = array();
}
$expense = DataObjectFactory::Factory('Expense');
$expenses = new ExpenseCollection($expense);
if (count($authorisees) > 0) {
$expenses->setParams();
$sh = new SearchHandler($expenses, false);
$sh->setFields(array('id', 'expense_number', 'employee', 'employee_id', 'description', 'gross_value'));
$sh->addConstraint(new Constraint('status', '=', $expense->statusAwaitingAuthorisation()));
$sh->addConstraint(new Constraint('employee_id', 'in', '(' . implode(',', $authorisees) . ')'));
$this->setSearchLimit($sh);
$sh->setOrderby(array('expense_number'));
$expenses->load($sh);
$expenses->clickcontroller = 'expenses';
$expenses->editclickaction = 'view';
}
$this->contents = $expenses;
$this->vars['module'] = 'hr';
$this->vars['controller'] = 'expenses';
}
public function Execute()
{
$viewData = array();
// no user specified - redirect to user list page
if (!getCurrentUser()) {
Helper::Redirect("users.php");
}
// user is hidden - redirect to user list page
if (!getCurrentUser()->Visible) {
Helper::Redirect("users.php");
}
// the requested map
$map = new Map();
$map->Load($_GET["map"]);
if (!$map->ID) {
die("The map has been removed.");
}
DataAccess::UnprotectMapIfNeeded($map);
if (Helper::MapIsProtected($map)) {
die("The map is protected until " . date("Y-m-d H:i:s", Helper::StringToTime($map->ProtectedUntil, true)) . ".");
}
if ($map->UserID != getCurrentUser()->ID) {
die;
}
$viewData["Comments"] = DataAccess::GetCommentsByMapId($map->ID);
$viewData["Name"] = $map->Name . ' (' . date(__("DATE_FORMAT"), Helper::StringToTime($map->Date, true)) . ')';
// previous map in archive
$previous = DataAccess::GetPreviousMap(getCurrentUser()->ID, $map->ID, Helper::GetLoggedInUserID());
$viewData["PreviousName"] = $previous == null ? null : $previous->Name . ' (' . date(__("DATE_FORMAT"), Helper::StringToTime($previous->Date, true)) . ')';
// next map in archive
$next = DataAccess::GetNextMap(getCurrentUser()->ID, $map->ID, Helper::GetLoggedInUserID());
$viewData["NextName"] = $next == null ? null : $next->Name . ' (' . date(__("DATE_FORMAT"), Helper::StringToTime($next->Date, true)) . ')';
$size = $map->GetMapImageSize();
$viewData["ImageWidth"] = $size["Width"];
$viewData["ImageHeight"] = $size["Height"];
DataAccess::IncreaseMapViews($map);
$viewData["Map"] = $map;
$viewData["BackUrl"] = isset($_SERVER["HTTP_REFERER"]) && basename($_SERVER["HTTP_REFERER"]) == "users.php" ? "users.php" : "index.php?" . Helper::CreateQuerystring(getCurrentUser());
$viewData["Previous"] = $previous;
$viewData["Next"] = $next;
$viewData["ShowComments"] = isset($_GET["showComments"]) && ($_GET["showComments"] = true) || !__("COLLAPSE_VISITOR_COMMENTS");
$viewData["FirstMapImageName"] = Helper::GetMapImage($map);
if ($map->BlankMapImage) {
$viewData["SecondMapImageName"] = Helper::GetBlankMapImage($map);
}
$viewData["QuickRouteJpegExtensionData"] = $map->GetQuickRouteJpegExtensionData();
if (isset($viewData["QuickRouteJpegExtensionData"]) && $viewData["QuickRouteJpegExtensionData"]->IsValid) {
$categories = DataAccess::GetCategoriesByUserID(getCurrentUser()->ID);
$viewData["OverviewMapData"][] = Helper::GetOverviewMapData($map, true, false, false, $categories);
$viewData["GoogleMapsUrl"] = "http://maps.google.com/maps" . "?q=" . urlencode(Helper::GlobalPath("export_kml.php?id=" . $map->ID . "&format=kml")) . "&language=" . Session::GetLanguageCode();
}
if (USE_3DRERUN == '1' && DataAccess::GetSetting("LAST_WORLDOFO_CHECK_DOMA_TIME", "0") + RERUN_FREQUENCY * 3600 < time()) {
$viewData["RerunMaps"] = Helper::GetMapsForRerunRequest();
$viewData["TotalRerunMaps"] = count(explode(",", $viewData["RerunMaps"]));
$viewData["ProcessRerun"] = true;
}
return $viewData;
}
function refreshConfig($auto_redirect = true)
{
global $_SITE_CONFIG;
$db_prefix = getDbPrefix();
$_SITE_CONFIG['uid'] = getCurrentUser();
$_SITE_CONFIG['charset'] = 'utf-8';
$_SITE_CONFIG['lang'] = 'zh_CN';
$_SITE_CONFIG['timeoffset'] = 8;
// 系统信息
$sql = "SELECT `key`,`value` FROM {$db_prefix}system_data WHERE `list` = 'myop' OR `list` = 'siteopt'";
$res = doQuery($sql);
foreach ($res as $v) {
$_SITE_CONFIG[$v['key']] = unserialize($v['value']);
}
// 用户信息
$sql = "SELECT * FROM {$db_prefix}user WHERE `uid` = {$_SITE_CONFIG['uid']}";
$res = doQuery($sql);
$_SITE_CONFIG['userInfo'] = $res[0];
// 消息统计
$sql = "SELECT COUNT(*) AS count FROM {$db_prefix}message WHERE `to_uid` = {$_SITE_CONFIG['uid']} AND `is_read` = 0 AND `deleted_by` <> {$_SITE_CONFIG['uid']}";
$res = doQuery($sql);
$_SITE_CONFIG['userCount']['message'] = $res[0]['count'];
$sql = "SELECT COUNT(*) AS count FROM {$db_prefix}notify WHERE `receive` = {$_SITE_CONFIG['uid']} AND `is_read` = 0";
$res = doQuery($sql);
$_SITE_CONFIG['userCount']['notify'] = $res[0]['count'];
$sql = "SELECT COUNT(*) AS count FROM {$db_prefix}myop_myinvite WHERE `touid` = {$_SITE_CONFIG['uid']} AND `is_read` = 0";
$res = doQuery($sql);
$_SITE_CONFIG['userCount']['appmessage'] = $res[0]['count'];
$sql = "SELECT * FROM {$db_prefix}user_count WHERE `uid` = {$_SITE_CONFIG['uid']}";
$res = doQuery($sql);
$res = $res[0];
$_SITE_CONFIG['userCount']['comment'] = $res['comment'];
$_SITE_CONFIG['userCount']['atme'] = $res['atme'];
$_SITE_CONFIG['userCount']['total'] = array_sum($_SITE_CONFIG['userCount']);
// 广告
$place_array = array('middle', 'header', 'left', 'right', 'footer');
$sql = 'SELECT `content`,`place` FROM ' . $db_prefix . 'ad WHERE `is_active` = "1" AND `content` <> "" ORDER BY `display_order` ASC,`ad_id` ASC';
$ads = doQuery($sql);
foreach ($ads as $v) {
$v['content'] = htmlspecialchars_decode($v['content']);
$_SITE_CONFIG['ad'][$place_array[$v['place']]][] = $v;
}
// 底部文章
$sql = 'SELECT `document_id`,`title`,`content` FROM ' . $db_prefix . 'document WHERE `is_active` = "1" AND `is_on_footer` = "1" ORDER BY `display_order` ASC,`document_id` ASC';
$docs = doQuery($sql);
foreach ($docs as $k => $v) {
if (mb_substr($v['content'], 0, 6, 'UTF8') == 'ftp://' || mb_substr($v['content'], 0, 7, 'UTF8') == 'http://' || mb_substr($v['content'], 0, 8, 'UTF8') == 'https://' || mb_substr($v['content'], 0, 9, 'UTF8') == 'mailto://') {
$docs[$k]['url'] = $v['content'];
}
unset($docs[$k]['content']);
}
$_SITE_CONFIG['footer_document'] = $docs;
}
public static function useMySearch($search_data = null, &$errors, $defaults = null, $params)
{
$search = new HoursSearch($defaults);
$search->addSearchField('start_time', 'start_date', 'between');
$user = getCurrentUser();
$search->addSearchField('person_id', 'name', 'hidden', $user->person_id, 'hidden');
foreach ($params as $option) {
$option = 'add' . $option;
$search->{$option}($search);
}
$search->setSearchData($search_data, $errors);
return $search;
}
protected function get_employee_id()
{
$user = getCurrentUser();
if ($user && !is_null($user->person_id)) {
$employee = DataObjectFactory::Factory('Employee');
$employee->loadBy('person_id', $user->person_id);
if ($employee->isLoaded()) {
return $employee->id;
}
}
// User is not an employee
return '';
}
function __construct($tablename = 'tickets')
{
parent::__construct($tablename);
$this->idField = 'id';
$this->orderby = 'lastupdated';
$this->orderdir = 'desc';
$this->identifier = 'summary';
$this->identifierField = 'summary';
$this->setAdditional('number');
$this->hasMany('TicketResponse', 'ticket_id');
$cc = new ConstraintChain();
$cc->add(new Constraint('type', '=', 'site'));
$this->setAlias('response', 'TicketResponse', $cc, 'body');
$this->belongsTo('TicketQueue', 'ticket_queue_id', 'ticket_queue');
$this->belongsTo('TicketPriority', 'client_ticket_priority_id', 'client_ticket_priority');
$this->belongsTo('TicketSeverity', 'client_ticket_severity_id', 'client_ticket_severity');
$this->belongsTo('TicketStatus', 'client_ticket_status_id', 'client_ticket_status');
$this->belongsTo('TicketPriority', 'internal_ticket_priority_id', 'internal_ticket_priority');
$this->belongsTo('TicketSeverity', 'internal_ticket_severity_id', 'internal_ticket_severity');
$this->belongsTo('TicketStatus', 'internal_ticket_status_id', 'internal_ticket_status');
$this->belongsTo('TicketCategory', 'ticket_category_id', 'ticket_category');
$this->belongsTo('TicketReleaseVersion', 'ticket_release_version_id', 'release_version');
$this->belongsTo('Person', 'originator_person_id', 'originator_person');
$this->belongsTo('Company', 'originator_company_id', 'originator_company');
$this->hasOne('Company', 'originator_company_id', 'company');
$this->belongsTo('User', 'assigned_to', 'person_assigned_to');
$this->_fields['originator_company_id']->has_default = true;
$company = new SystemCompany();
$company->load(EGS_COMPANY_ID);
$this->_fields['originator_company_id']->default_value = $company->company_id;
$user = getCurrentUser();
if ($user) {
if (isset($user->email)) {
$this->_fields['originator_email_address']->has_default = true;
$this->_fields['originator_email_address']->default_value = $user->email;
}
if (!is_null($user->person_id)) {
$this->_fields['originator_person_id']->has_default = true;
$this->_fields['originator_person_id']->default_value = $user->person_id;
if (!is_null($user->persondetail->email->contactmethod)) {
$this->_fields['originator_email_address']->has_default = true;
$this->_fields['originator_email_address']->default_value = $user->persondetail->email->contactmethod;
}
}
}
$this->_fields['raised_by']->has_default = true;
$this->_fields['raised_by']->default_value = EGS_USERNAME;
}
/**
* @param void
* @return ConstraintChain
*
* Returns a constraintchain containing OR'd constraints for each status checked on the form
*/
public function toConstraint()
{
$cc = false;
if (!is_array($this->value)) {
$this->value = array($this->value);
}
$cc = new ConstraintChain();
$codes = $this->value_set ? $this->value : array_flip($this->default);
$db = DB::Instance();
$date = fix_date(date(DATE_FORMAT));
foreach ($codes as $code => $on) {
if ($code != '') {
switch ($code) {
case 'Raised by me':
$cc->add(new Constraint('raised_by', '=', getCurrentUser()->username));
break;
case 'Other Orders':
$cc->add(new Constraint('raised_by', '!=', getCurrentUser()->username), 'OR');
break;
case 'Authorised by me':
$c = new ConstraintChain();
$c->add(new Constraint('authorised_by', '=', getCurrentUser()->username));
$c->add(new Constraint('date_authorised', 'is not', 'NULL'));
$cc->add($c, 'OR');
break;
case 'Awaiting Authorisation':
$awaitingauth = new POAwaitingAuthCollection(new POAwaitingAuth());
$authlist = $awaitingauth->getOrderList(getCurrentUser()->username);
if (empty($authlist)) {
$authlist = '-1';
}
$c = new ConstraintChain();
$c->add(new Constraint('type', '=', 'R'));
$c->add(new Constraint('authorised_by', 'is', 'NULL'));
$c->add(new Constraint('raised_by', '!=', getCurrentUser()->username));
$c->add(new Constraint('id', 'in', '(' . $authlist . ')'));
$cc->add($c, 'OR');
break;
}
}
}
return $cc;
}
public function filter(&$res)
{
foreach ($this->_unsetFields as $key) {
unset($res[$key]);
}
$res['about'] = $res['profile']['about'];
$currentUser = getCurrentUser();
$returnRes = array();
if ($currentUser->isAdmin() || $currentUser['id'] == $res['id']) {
foreach ($this->_privateFields as $key) {
$returnRes[$key] = $res[$key];
}
foreach ($this->_profileFields as $key) {
$returnRes[$key] = $res['profile'][$key];
}
} else {
foreach ($this->_publicFields as $key) {
$returnRes[$key] = $res[$key];
}
if (in_array('ROLE_TEACHER', $returnRes['roles'])) {
$returnRes['roles'] = array('ROLE_TEACHER');
} else {
$returnRes['roles'] = array('ROLE_USER');
}
}
$res = $returnRes;
foreach (array('smallAvatar', 'mediumAvatar', 'largeAvatar') as $key) {
$res[$key] = $this->getFileUrl($res[$key]);
}
foreach (array('promotedTime', 'loginTime', 'approvalTime', 'createdTime') as $key) {
if (!isset($res[$key])) {
continue;
}
$res[$key] = date('c', $res[$key]);
}
$res['updatedTime'] = date('c', $res['updatedTime']);
return $res;
}
public function Execute()
{
$viewData = array();
$errors = array();
// no user specified - redirect to user list page
if (!getCurrentUser()) {
Helper::Redirect("users.php");
}
// user is hidden - redirect to user list page
if (!getCurrentUser()->Visible) {
Helper::Redirect("users.php");
}
// no email address for user is not specified
if (!getCurrentUser()->Email) {
Helper::Redirect("users.php");
}
if ($_POST["cancel"]) {
Helper::Redirect("login.php?" . Helper::CreateQuerystring(getCurrentUser()));
}
if ($_POST["send"]) {
$password = Helper::CreatePassword(6);
$user = getCurrentUser();
$user->Password = md5($password);
$user->Save();
$fromName = __("DOMA_ADMIN_EMAIL_NAME");
$subject = __("NEW_PASSWORD_EMAIL_SUBJECT");
$baseAddress = Helper::GlobalPath("");
$userAddress = Helper::GlobalPath("index.php?user="******"NEW_PASSWORD_EMAIL_BODY"), $user->FirstName, $baseAddress, $userAddress, $user->Username, $password);
$emailSentSuccessfully = Helper::SendEmail($fromName, $user->Email, $subject, $body);
if ($emailSentSuccessfully) {
Helper::Redirect("login.php?" . Helper::CreateQuerystring(getCurrentUser()) . "&action=newPasswordSent");
}
$errors[] = __("EMAIL_ERROR");
}
$viewData["Errors"] = $errors;
return $viewData;
}
<?php
require_once '../includes/header.php';
if (!getCurrentUser()) {
header('Location: ../user/login.php');
}
?>
<?php
$id = $_GET['id'];
$sql = "SELECT * FROM kids WHERE id = '{$id}'";
$result = mysqli_query($mysql_connection, $sql);
$row = mysqli_fetch_array($result);
?>
<?php
if ($row) {
?>
<div class="row">
<div class="card col s6 push-s3">
<div class="card-content">
<span class="card-title">Edit <?php
echo $row['first_name'];
?>
</span>
<form method="post" action="update.php">
<div class="input-field">
First name:
<input type="text" name="first_name" value="<?php
echo $row['first_name'];
?>
echo getCurrentUser('username');
?>
</a></li><?php
}
?>
</ul>
</div>
<div class="row visible-xs visible-sm" style="text-align: center">
<ul class="mobile_nav">
<li id="first_menu"><a class="btn btn-default" href="/"><i class="mdi mdi-home"></i> Home</a></li>
<li id="first_menu"><a class="btn btn-default" href="#info"><i class="mdi mdi-file"></i> Docs</a></li>
<li><a class="btn btn-default" href="#new_user"><i class="mdi mdi-puzzle"></i> Contents</a></li>
<?php
if (getCurrentUser() != '') {
?>
<li><a rel="nofollow" class="btn btn-warning" href="c_admin"><i class="mdi mdi-account"></i> <?php
echo getCurrentUser('username');
?>
</a></li><?php
}
?>
</ul>
</div>
<!-- TOP RIGHT RIBBON: START COPYING HERE -->
<div class="github-fork-ribbon-wrapper left">
<div class="github-fork-ribbon">
<a href="https://github.com/vsg24/ccms" target="_blank">Fork me on GitHub</a>
</div>
</div>
<!-- TOP RIGHT RIBBON: END COPYING HERE -->
<br>
function _errorlog_logErrorRecord($logType, $logData)
{
// limit errors logged per session (to prevent infinite loops from logging infinite errors)
$maxErrorsPerPage = 25;
$maxErrorsReached = false;
static $totalErrorsLogged = 0;
$totalErrorsLogged++;
if ($totalErrorsLogged > $maxErrorsPerPage + 1) {
return;
}
// ignore any errors after max error limit
if ($totalErrorsLogged > $maxErrorsPerPage) {
$maxErrorsReached = true;
}
// get summary of CMS user data
$CMS_USER = getCurrentUserFromCMS();
$subsetFields = array();
foreach (array('num', 'username') as $field) {
if (isset($CMS_USER[$field])) {
$subsetFields[$field] = $CMS_USER[$field];
}
}
$subsetFields['_tableName'] = 'accounts';
$cms_user_summary = print_r($subsetFields, true);
// get summary of WEB user data
$WEB_USER = getCurrentUser();
$subsetFields = array();
foreach (array('num', 'username') as $field) {
if (isset($WEB_USER[$field])) {
$subsetFields[$field] = $WEB_USER[$field];
}
}
$subsetFields['_tableName'] = accountsTable();
$web_user_summary = print_r($subsetFields, true);
// create error message
if ($maxErrorsReached) {
$errorMessage = t(sprintf("Max error limit reached! Only the first %s errors per page will be logged.", $maxErrorsPerPage));
} else {
if (isset($logData['errno'])) {
$errorName = _errorLog_erronoToConstantName($logData['errno']);
} else {
$errorName = 'UNKNOWN_ERROR';
}
$errorMessage = "{$errorName}: " . (isset($logData['errstr']) ? $logData['errstr'] : '');
}
// create $logDataSummary without
$logDataSummary = $logData;
if (array_key_exists('errcontext', $logData)) {
$logDataSummary['errcontext'] = "*** in symbol table field above ***";
}
// create log record data
$colsToValues = array('dateLogged=' => 'NOW()', 'updatedDate=' => 'NOW()', 'updatedByuserNum' => '0', 'error' => $errorMessage, 'url' => thisPageUrl(), 'filepath' => isset($logData['errfile']) ? $logData['errfile'] : '', 'line_num' => isset($logData['errline']) ? $logData['errline'] : '', 'user_cms' => isset($CMS_USER['num']) ? $cms_user_summary : '', 'user_web' => isset($WEB_USER['num']) ? $web_user_summary : '', 'http_user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '', 'remote_addr' => isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '', 'request_vars' => print_r($_REQUEST, true), 'get_vars' => print_r($_GET, true), 'post_vars' => print_r($_POST, true), 'cookie_vars' => print_r($_COOKIE, true), 'session_vars' => isset($_SESSION) ? print_r($_SESSION, true) : '', 'server_vars' => print_r($_SERVER, true), 'symbol_table' => isset($logData['errcontext']) ? print_r($logData['errcontext'], true) : '', 'raw_log_data' => print_r($logDataSummary, true), 'email_sent' => 0);
// insert record
$newRecordNum = mysql_insert('_error_log', utf8_force($colsToValues, true));
// remove old log records
$maxRecords = 900;
$buffer = 100;
// only erase records when we're this many over (to avoid erasing records every time)
if (mysql_count('_error_log') > $maxRecords + $buffer) {
$oldestRecordToSave_query = "SELECT * FROM `{$GLOBALS['TABLE_PREFIX']}_error_log` ORDER BY `num` DESC LIMIT 1 OFFSET " . ($maxRecords - 1);
$oldestRecordToSave = mysql_get_query($oldestRecordToSave_query);
if (!empty($oldestRecordToSave['num'])) {
mysql_delete('_error_log', null, "num < {$oldestRecordToSave['num']}");
}
}
// send email update
if ($GLOBALS['SETTINGS']['advanced']['phpEmailErrors']) {
register_shutdown_function('_errorlog_sendEmailAlert');
}
}
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Kids</title>
<link href="https://fonts.googleapis.com/icon?family=Material+Icons" rel="stylesheet">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/materialize/0.97.5/css/materialize.min.css">
</head>
<body>
<nav class="pink">
<div class="nav-wrapper">
<div class="row">
<div class="col s12">
<a href="#" class="brand-logo center">I got kids</a>
<?php
if ($row = getCurrentUser()) {
?>
<ul id="nav-mobile" class="left hide-on-med-and-down">
<li><a href="../kids/index.php">Home</a></li>
<li><a href="../kids/new.php">New</a></li>
</ul>
<ul class="right">
<li><i class="material-icons">perm_identity</i></li>
<li><?php
echo $row['email'];
?>
</li>
<li>
<form action="../session/destroy.php" method="POST">
<button class="waves-effect waves-light btn" type="submit">Log out</button>
</form>
<?php
error_reporting(E_ERROR);
//Сценарий для обработки запросов к БД из форм поисков
require_once 'functions/database.php';
require_once 'functions/functions.php';
require_once 'functions/access.php';
// подключение к БД
$link = startup();
//Определение текущего пользователя
$user = getCurrentUser($link);
//Определяем, может ли пользователь редактировать, добавлять, удалять записи и видеть панель администратора
$canDoEdit = canDo($link, $user, 'EDIT_ENTRY');
$canDoAdd = canDo($link, $user, 'ADD_ENTRY');
$canDoDelete = canDo($link, $user, 'DELETE_ENTRY');
$canDoViewAdminPanel = canDo($link, $user, 'ADMIN_PANEL');
//вытаскиваем полное число записей из БД
//$numEntriesAll = getEntriesAll($link);
if (!empty($_POST['numOrder'])) {
//Поиск записей по номеру договора
$entries = get_entry_by_order($link, $_POST['numOrder']);
$searchStringNumOrder = $_POST['numOrder'];
} else {
if (!empty($_POST['customer'])) {
//Поиск записей по название клиента
$entries = get_entries_by_customer($link, $_POST['customer']);
$searchStringCustomer = $_POST['customer'];
} else {
if (!empty($_POST['ip_address'])) {
//Поиск записей по IP-адресу
$entries = get_entries_by_ip($link, $_POST['ip_address']);
function isAuthorised($authoriser)
{
// Identifies if the current user is authorised to act
// for another employee - e.g. to input their holidays
$user = getCurrentUser();
if ($user && !is_null($user->person_id)) {
if ($this->person_id == $user->person_id) {
// The user is the employee
return true;
}
if ($this->person->reports_to == $user->person_id) {
// The user is the employees manager
return true;
}
$employee = DataObjectFactory::Factory('Employee');
$employee->loadBy('person_id', $user->person_id);
// The user is an authoriser for the employee
return $authoriser->isAuthorised($this->id, $employee->id);
}
return false;
}
public function Execute()
{
$viewData = array();
// check if user is not specified or hidden
if (!getCurrentUser()) {
// all maps in archive
$mode = "all";
$count = $_GET["count"];
if (!$count) {
$count = 30;
}
$maps = DataAccess::GetMaps(0, 0, 0, 0, null, $count, "ID");
$categories = DataAccess::GetCategoriesByUserID();
$users = DataAccess::GetAllUsers(true);
$viewData["Title"] = _SITE_TITLE;
$viewData["LastCreatedTime"] = date("r", DataAccess::GetLastCreatedTime());
$viewData["Description"] = _SITE_DESCRIPTION;
$viewData["WebsiteUrl"] = Helper::GlobalPath("index.php");
} else {
// specified archive
$mode = "user";
if (!getCurrentUser()->Visible) {
die;
}
$users[getCurrentUser()->ID] = getCurrentUser();
$maps = DataAccess::GetMaps(getCurrentUser()->ID);
$categories = DataAccess::GetCategoriesByUserID(getCurrentUser()->ID);
$viewData["Title"] = __("PAGE_TITLE");
$viewData["LastCreatedTime"] = date("r", DataAccess::GetLastCreatedTime(getCurrentUser()->ID));
$viewData["Description"] = __("RSS_DESCRIPTION");
$viewData["WebsiteUrl"] = Helper::GlobalPath("index.php?" . Helper::CreateQuerystring(getCurrentUser()));
}
$viewData["Items"] = array();
foreach ($maps as $map) {
$item = array();
$user = $users[$map->UserID];
$item["Title"] = hsc(Helper::DateToLongString(Helper::StringToTime($map->Date, true)) . ": " . $map->Name);
$item["URL"] = $map->MapImage ? Helper::GlobalPath('show_map.php?user='******'&map=' . $map->ID) : "";
$atoms = array();
if (__("SHOW_MAP_AREA_NAME") && $map->MapName != "") {
$atoms[] = $map->MapName;
}
if (__("SHOW_ORGANISER") && $map->Organiser != "") {
$atoms[] = $map->Organiser;
}
if (__("SHOW_COUNTRY") && $map->Country != "") {
$atoms[] = $map->Country;
}
$atoms2 = array();
if (__("SHOW_DISCIPLINE") && $map->Discipline != "") {
$atoms2[] = hsc($map->Discipline);
}
if (__("SHOW_RELAY_LEG") && $map->RelayLeg != "") {
$atoms2[] = __("RELAY_LEG_LOWERCASE") . ' ' . hsc($map->RelayLeg);
}
$item["Description"] = ($mode == "all" ? hsc($user->FirstName . " " . $user->LastName . '<br />') : '') . __("CATEGORY") . ": " . hsc($categories[$map->CategoryID]->Name) . hsc('<br />') . hsc(join(", ", $atoms)) . hsc('<br />') . join(", ", $atoms2);
$item["PubDate"] = hsc(date("r", Helper::StringToTime($map->CreatedTime, true)));
$viewData["Items"][] = $item;
}
return $viewData;
}
<?php
include 'db_connection.php';
include 'functions.php';
header('Content-Type: application/json');
$user = getCurrentUser($connection);
if (!$user) {
header("HTTP/1.0 401 Unauthorized", true, 401);
echo json_encode(['error' => 'unauthorized']);
exit;
}
$data = json_decode(file_get_contents('php://input'), true);
if ($data) {
$checkSql = mysqli_query($connection, '
SELECT username
FROM ig_usernames
WHERE username = "******"
AND deleted_at IS NULL');
if (mysqli_num_rows($checkSql) != 0) {
echo json_encode(['error' => 'inList']);
exit;
}
$inserSql = mysqli_query($connection, '
INSERT INTO ig_usernames (username, user_id, change_user_id, created_at, updated_at)
VALUES ("' . mysqli_real_escape_string($connection, strtolower($data['username'])) . '", "' . mysqli_real_escape_string($connection, $_SESSION['user']['id']) . '", "' . mysqli_real_escape_string($connection, $_SESSION['user']['id']) . '", CURRENT_TIMESTAMP, CURRENT_TIMESTAMP)');
if ($inserSql) {
$lastId = mysqli_insert_id($connection);
$lastSql = mysqli_query($connection, '
SELECT * FROM ig_usernames WHERE id = "' . $lastId . '" AND deleted_at IS NULL');
$last = mysqli_fetch_array($lastSql);
echo json_encode($last);
// Delete the no-longer-occurring variants from variant_occurs
print "Deleting disputed rows from variant_occurs...";
theDb()->query("DELETE v.*\nFROM variant_occurs_not n, variant_occurs v\nWHERE n.variant_id=v.variant_id\n AND n.dataset_id=v.dataset_id");
print theDb()->affectedRows();
print "\n";
// For each deleted variant+genome_id assoc, if the latest edit was
// made by this program (i.e., nobody has written any comments about
// this variant+genome_id association), and there is no longer any
// evidence in variant_occurs supporting it, add a "delete" edit and
// remove the entry from snap_latest.
print "Entering \"delete\" edits for \"genome\" comment which have no supporting evidence after deleting those disputed rows and have not been edited by users...";
$q = theDb()->query("\nINSERT IGNORE INTO edits\n(variant_id, genome_id, article_pmid, previous_edit_id, is_draft, is_delete,\n edit_oid, edit_timestamp)\nSELECT old.variant_id, old.genome_id, 0, old.edit_id, 0, 1, ?, ?\nFROM variant_occurs_not del\nLEFT JOIN datasets deld\n ON deld.dataset_id=del.dataset_id\nLEFT JOIN snap_latest old\n ON old.variant_id=del.variant_id\n AND old.article_pmid=0\n AND old.genome_id=deld.genome_id\n AND old.edit_oid=?\nLEFT JOIN variant_occurs v\n ON old.variant_id=v.variant_id\nLEFT JOIN datasets d\n ON v.dataset_id=d.dataset_id\n AND d.genome_id=deld.genome_id\nWHERE old.edit_id IS NOT NULL\n AND d.dataset_id IS NULL\nGROUP BY del.variant_id, deld.genome_id\n", array(getCurrentUser("oid"), $timestamp, getCurrentUser("oid")));
if (theDb()->isError($q)) {
print $q->getMessage();
}
print $count_removals = theDb()->affectedRows();
print "\n";
if ($count_removals > 0) {
print "Really removing them from snap_latest...";
theDb()->query("\nDELETE FROM snap_latest\nWHERE edit_id IN (SELECT previous_edit_id FROM edits WHERE edit_oid=? AND edit_timestamp=? AND is_delete=1)\n", array(getCurrentUser("oid"), $timestamp));
print theDb()->affectedRows();
print "\n";
}
// Clean up
if (getenv("DEBUG")) {
theDb()->query("DROP TABLE IF EXISTS import_genomes_last");
theDb()->query("CREATE TABLE import_genomes_last LIKE import_genomes_tmp");
theDb()->query("INSERT INTO import_genomes_last SELECT * FROM import_genomes_tmp");
}
theDb()->query("DROP TEMPORARY TABLE variant_occurs_not");
theDb()->query("DROP TEMPORARY TABLE import_genomes_tmp");
<?php
$usermeta = getCurrentUser();
include 'cities.php';
global $login;
if (isset($_POST['login']) and $login->isUserLoggedIn() and CUSER > 0) {
updateField('users', 'user_lastlogin', date('Y-m-d H:i:s'), 'user_id', CUSER);
updateField('users', 'user_lastlogin_ip', $_SERVER['REMOTE_ADDR'], 'user_id', CUSER);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>pagalbadaiktais.lt</title>
<link rel="stylesheet" type="text/css" href="/normalize.css" />
<link rel="stylesheet" type="text/css" href="/style.css" />
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<link rel="icon" href="/favicon.ico" type="image/x-icon">
<link href="//netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="/chosen.css" />
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
<script src="//ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js"></script>
<script src="//ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/i18n/jquery-ui-i18n.min.js"></script>
<script src="/chosen.jquery.min.js"></script>
<script src="/clamp.min.js"></script>
<script src="/script.js"></script>
<!--[if lte IE 9]><link rel="stylesheet" type="text/css" href="/styleIE.css" /><![endif]-->
<!-- Google Tag Manager -->
<noscript><iframe src="//www.googletagmanager.com/ns.html?id=GTM-W4BZ22"
<div class="container">
<label for="password"><?php
print __("PASSWORD");
?>
</label>
<input type="password" class="password" name="password" id="password" value="" />
</div>
<div class="buttons">
<input type="submit" class="submit" name="login" value="<?php
print __("LOGIN");
?>
" />
<?php
if (getCurrentUser()->Email) {
?>
<input type="submit" class="submit" name="forgotPassword" value="<?php
print __("FORGOT_PASSWORD");
?>
" /> <?php
}
?>
<input type="submit" class="submit" name="cancel" value="<?php
print __("CANCEL");
?>
" />
</div>
</form>
</div>
/**
* Get html or txt template. If no data is specified, return content (to eval later).
* Otherwise replace variables with data and return eval'ed content
*
* Always available variables are:
* $user from globals and $name, $surename, $nickname of $user
* $sitename
* $modulename
* They will be overwritten by variables of $data.
*
* @param string $template, may include an folder like email/filename
* @param string $module
* @param array $data; default: false
* @param string $type; default: html, txt or any other file extension
*/
function getTemplateContent($template, $module, $data = false, $type = 'html', $language = null)
{
if (!$language) {
$language = getConf("language");
}
if (!$type) {
$type = 'html';
}
$lang = '_' . $language;
$defaultLang = '_en';
$template = constant(strtoupper($module)) . TEMPLATES . "/{$template}";
$filename = "{$template}{$lang}.{$type}";
// try to find template file for current or default lang or lang independently or as plain text with or without lang
if (file_exists("{$template}{$lang}.{$type}")) {
$filename = "{$template}{$lang}.{$type}";
} elseif (file_exists("{$template}{$defaultLang}.{$type}")) {
$filename = "{$template}{$defaultLang}.{$type}";
} elseif (file_exists("{$template}.{$type}")) {
$filename = "{$template}.{$type}";
} elseif (file_exists("{$template}{$lang}.{$type}")) {
$filename = "{$template}{$lang}.txt";
} elseif (file_exists("{$template}{$defaultLang}.{$type}")) {
$filename = "{$template}{$defaultLang}.txt";
} elseif (file_exists("{$template}.{$type}")) {
$filename = "{$template}.txt";
}
if (!file_exists($filename)) {
throw new CTFail(t('template.x.not.found', "{$template}.{$type}"));
}
//get template prefixed with closing php tag to prevent eval take content as php code
$content = '?>' . file_get_contents($filename);
// if no data specified return content
if (empty($data)) {
return $content;
}
// else extract data into current symbole table and eval content to populate variables
$user = getCurrentUser();
// Get $user not through globals, otherwise it could overloaded through extract()!!
$nickname = isset($user->spitzname) ? $user->spitzname : $user->vorname;
$surname = $user->vorname;
$name = $user->name;
$sitename = getConf('site_name');
$modulename = getConf($module . '_name', $module);
if (count($data)) {
extract($data);
}
ob_start();
eval($content);
$content = ob_get_contents();
ob_end_clean();
if (!$content) {
throw new CTFail(t('error.occured'));
}
//TODO: refine error message
return $content;
}
function render_row(&$row)
{
global $gDisableEditing;
$html = "";
$this->row_transition($row);
$id_prefix = "v_{$row['variant_id']}__a_{$row['article_pmid']}__g_{$row['genome_id']}__d_{$row['disease_id']}__p_{$row['edit_id']}__";
$title = "";
foreach (array("article_pmid", "genome_id", "disease_id") as $keyfield) {
if (strlen($row[$keyfield]) == 0) {
$row[$keyfield] = 0;
}
}
if ($row["disease_id"] != "0") {
$tr = editable("{$id_prefix}f_summary_short__8x1__oddsratio", $row["summary_short"], $row["disease_name"] . "<BR />", array("rownumber" => $this->rownumber, "tip" => "Indicate the contribution of this article to OR statistics for " . htmlspecialchars($row["disease_name"]) . "."));
if ($tr != "") {
if ($this->rownumber == 0) {
$html .= $this->starttable;
}
$html .= $tr;
++$this->rownumber;
}
} else {
if ($row["article_pmid"] != "0") {
$html .= "<A name=\"a" . htmlentities($row["article_pmid"]) . "\"></A>\n";
$summary = article_get_summary($row["article_pmid"]);
$html .= editable("{$id_prefix}f_summary_short__70x8__textile", $row[summary_short], $summary . "<BR />", array("tip" => "Explain this article's contribution to the conclusions drawn in the variant summary above."));
} else {
if ($row["genome_id"] != "0") {
$html .= "<A name=\"g" . $row["genome_id"] . "\"></A>\n";
// Pick the most human-readable name for this genome/person
if (!($name = $row["name"])) {
if (!($name = $row["global_human_id"])) {
$name = "[" . $row["genome_id"] . "]";
}
}
$name = htmlspecialchars($name);
// Link to the full genome(s)
if ($row["dataset_count"] > 0) {
$name = "<A href=\"{$row['dataset_url']}\">{$name}</A>";
}
if ($row["dataset_count"] > 1) {
$more = $row["dataset_count"] - 1;
$name .= " (";
if ($row["dataset_url_2"]) {
$name .= "<A href=\"{$row['dataset_url_2']}\">alternate</A>, ";
--$more;
}
if ($more > 1) {
$name .= "plus {$more} other data sets";
} else {
if ($more == 1) {
$name .= "plus 1 other data set";
} else {
$name = ereg_replace(", \$", "", $name);
}
}
$name .= ")";
}
// Indicate the SNP that causes the variant
if ($row["chr"]) {
$name .= htmlspecialchars("\n" . substr($row["zygosity"], 0, 3) . " " . $row["allele"] . " @ " . $row["chr"] . ":" . $row["chr_pos"]);
$name = nl2br($name);
}
$html .= editable("{$id_prefix}f_summary_short__70x8__textile", $row[summary_short], $name);
} else {
if ($row["disease_id"] != "0") {
// Disease summary not attached to any particular publication
} else {
$html .= editable("{$id_prefix}f_summary_short__70x8__textile", $row[summary_short], "Short summary", array("tip" => "Provide a one line summary of clinical action to be undertaken given this variant (possibly modified by known phenotypes)."));
$html .= editable("{$id_prefix}f_variant_quality", $row, "Variant quality");
global $gImpactOptions;
$opts =& $gImpactOptions;
$qualified_impact = evidence_qualify_impact($row["variant_quality"], $row["variant_impact"]);
$html .= editable("{$id_prefix}f_variant_impact__", $row["variant_impact"], "Impact", array("select_options" => $opts, "previewtextile" => $qualified_impact, "tip" => "Categorize the expected impact of this variant."));
if (strtolower($qualified_impact) != strtolower($row["variant_impact"])) {
$html .= "<P><I>(The \"" . strtolower(eregi_replace(",? " . $row["variant_impact"], "", $qualified_impact)) . "\" qualifier is assigned automatically based on the above evidence and importance scores.)</I></P>";
}
global $gInheritanceOptions;
$html .= editable("{$id_prefix}f_variant_dominance__", $row[variant_dominance], "Inheritance pattern", array("select_options" => $gInheritanceOptions));
$html .= editable("{$id_prefix}f_summary_long__70x8__textile", $row[summary_long], "Summary of published research, and additional commentary", array("tip" => "Provide a comprehensive review of the variant including youngest age of onset, oldest age of onset and oldest asymptomatic individual."));
}
}
}
}
if ($html == "") {
return;
}
if (ereg('^<(TABLE|TR)', $html)) {
// TODO: handle is_delete and flag_edited_id for table rows
// somehow; for now just don't indicate them at all
if ($row["is_delete"]) {
return;
}
if ($row["flag_edited_id"]) {
$this->html .= $html;
return;
}
} else {
if (!$gDisableEditing && getCurrentUser() || 0 < strlen($row["talk_text"])) {
$show_label = 0 < strlen($row["talk_text"]) ? "<B>show discussion</B>" : "start discussion";
$html .= "<DIV class=\"rectangle-speech-border-hidden\"><DIV>{$show_label}</DIV>";
$html .= editable("{$id_prefix}f_talk_text__70x8__textile", $row[talk_text], "Discussion<BR />", array("tip" => "Comments about this section"));
$html .= "</DIV>";
}
}
if ($row["is_delete"]) {
$html .= "<DIV style=\"outline: 1px dashed #300; background-color: #fdd; color: #300; padding: 20px 20px 0 20px; margin: 0 0 10px 0;\"><P>Deleted in this revision:</P>{$html}</DIV>";
} else {
if ($row["flag_edited_id"]) {
if ($row["previous_edit_id"]) {
$edited = "Edited";
} else {
$edited = "Added";
}
$html = "<DIV style=\"outline: 1px dashed #300; background-color: #dfd; color: #300; padding: 20px 20px 0 20px; margin: 0 0 10px 0;\"><P>{$edited} in this revision:</P>\n{$html}</DIV>";
}
}
$this->html .= $html;
}
| 名称 | 类型 | 必需 | 说明 |
| ---- | ----- | ----- | ---- |
| nickname | string | 是 | 接收者昵称 |
| content | string | 是 | 私信内容 |
| type | string | 否 | 私信类型,默认为text |
`type`的值有:
'text','image','video','audio'
** 响应 **
```
{
'success':true
}
```
*/
$api->post('/', function (Request $request) {
$nickname = $request->request->get('nickname');
$content = $request->request->get('content');
$type = $request->request->get('type', 'text');
$sender = getCurrentUser();
$receiver = ServiceKernel::instance()->createService('User.UserService')->getUserByNickname($nickname);
if (empty($receiver)) {
throw $this->createNotFoundException("抱歉,该收信人尚未注册!");
}
$message = ServiceKernel::instance()->createService('User.MessageService')->sendMessage($sender['id'], $receiver['id'], $content, $type);
return array('success' => empty($message) ? 'flase' : 'true', 'id' => empty($message) ? 0 : $message['id']);
});
return $api;
$params = array('site_url' => FConfig::getUrl(), 'logo_url' => FConfig::getUrl('images/logo_footer.png'), 'username' => $rs_proj->name . ' ' . $rs_proj->lastname, 'oferta_username' => $user['name'] . ' ' . $user['lastname'], 'project_title' => $rs_proj->pro_tit, 'project_url' => $rs_proj->pro_tit);
$body = FMailer::replaceParameters($params, file_get_contents('../views/emails/modificadaOfertaEnProyectoEmail.html'));
$mailer = new FMailer();
$receivers = array(array('email' => $to));
$mailer->setReceivers($receivers);
$mailer->sendEmail($asunto, $body);
}
}
$arreglo[] = array('resp' => "Se ha enviado la información");
echo json_encode($arreglo);
}
//comentario en bid
if ($act == "comentarioOferta") {
//TODO Warning posible sql inyection
$offerId = intval($_REQUEST['o_id']);
$currentUser = getCurrentUser();
insertTable("oferta_comments", "'',{$offerId}, {$currentUser->id},'" . $_REQUEST['comment'] . "',NOW()");
$commentId = mysql_insert_id();
//usuario que oferto
$user_of = listAll("ofertas", "WHERE id = {$_REQUEST['o_id']}");
$rs_user_of = mysql_fetch_object($user_of);
$us_of = getUserInfo($rs_user_of->user_id);
//usuario que posteo el proyecto
$user_pro = listAll("proyectos", "WHERE pro_id = {$rs_user_of->pro_id}");
$rs_user_pro = mysql_fetch_object($user_pro);
$us_pro = getUserInfo($rs_user_pro->user_id);
//cliente
//TODO use Notification model to abstract this logic
//Begin notification
//Json data to know what to do with this notification
$notificationData = new stdClass();
public function getHours($_start_date = '', $_end_date = '', $_user = '')
{
// Used by Ajax to get a list of hours for a user between two dates
if (isset($this->_data['ajax'])) {
if (!empty($this->_data['start_date'])) {
$_start_date = fix_date($this->_data['start_date']);
}
if (!empty($this->_data['end_date'])) {
$_end_date = $this->_data['end_date'];
}
if (!empty($this->_data['person_id'])) {
$_user = $this->_data['person_id'];
}
}
if (empty($_start_date)) {
$_start_date = fix_date(date(DATE_FORMAT));
}
if (empty($_end_date)) {
$_end_date = fix_date(date(DATE_FORMAT, strtotime("+1 day", strtotime($_start_date))));
}
if (empty($_user)) {
$user = getCurrentUser();
if (!is_null($user->person_id)) {
$_user = $user->person_id;
}
}
$hours = new HourCollection();
if (!empty($_user)) {
$sh = new SearchHandler($hours, false);
$sh->addConstraint(new Constraint('person_id', '=', $_user));
$sh->addConstraint(new Constraint('start_time', 'between', "'" . $_start_date . "' and '" . $_end_date . "'"));
$sh->setFields(array('id', 'start_time', 'type', 'duration'));
$sh->setOrderBy('start_time', 'ASC');
$hours->load($sh);
}
if (isset($this->_data['ajax'])) {
$this->view->set('no_ordering', true);
$this->view->set('collection', $hours);
$this->view->set('showheading', true);
$this->setTemplateName('datatable_inline');
} else {
return $hours;
}
}
