static function createedit_payroll($id, $data, $unused, $table) { $cdata = array(); if ($data["status"] != "open") { if ($data["rwrite_users"] != "") { $cdata["rwrite_users"] = ""; } if ($data["rwrite_groups"] != "" and $data["rwrite_groups"] != "admin_payroll") { $cdata["rwrite_groups"] = ""; } if (count($cdata) > 0) { db_update($table, $cdata, array("id=@id@"), array("id" => $id)); sys_notification("{t}Asset marked as read-only.{/t}"); } if (self::_add_asset_permission_group($table, $id, array_merge($data, $cdata), "admin_payroll")) { sys_notification(sprintf("{t}Permissions added for: %s{/t}", "admin_payroll")); } } return ""; }
static function create_user($username, $data = array()) { $data["username"] = $username; $data["createdby"] = "auth_" . SETUP_AUTH; if (empty($data["password"])) { $data["password"] = "******"; } if (empty($data["email"])) { $data["email"] = $username; } if (!strpos($data["email"], "@")) { $data["email"] .= "@invalid.local"; } if (empty($_SESSION["username"])) { $_SESSION["username"] = "******"; $_SESSION["permission_sql"] = "1=1"; $_SESSION["permission_sql_read"] = "1=1"; $_SESSION["groups"] = array(); } $row_id = db_select_value("simple_sys_users", "id", "username=@username@", array("username" => $username)); if (!empty($row_id)) { return; } $row = db_select_first("simple_sys_tree", "id", "ftype=@ftype@", "lft asc", array("ftype" => "sys_users")); if (empty($row["id"])) { return; } $sgsml = new sgsml($row["id"], "new"); $result = $sgsml->insert($data); if (is_numeric($result)) { trigger::addgroupmember(0, array("username" => $username), array("users_self_registration")); sys_notification("{t}Item successfully created.{/t} (" . $result . ")"); } else { if (is_array($result) and count($result) > 0) { $message = array(); foreach ($result as $errors) { foreach ($errors as $error) { $message[] = $error[0] . ": " . $error[1]; } } sys_log_message_alert("login", implode("\n", $message)); } } }
private function _save(array &$data, $id = -1) { $insert = ($id > 0 or !is_numeric($id)) ? false : true; if (count($data) == 0) { return array(); } if (!empty($this->att["DEFAULT_SQL"]) and $this->att["DEFAULT_SQL"] == "no_select") { return self::_error("{t}Module{/t}", "{t}Access denied.{/t}"); } if (!empty($data["folder"])) { // check permissions if (!db_get_right($data["folder"], "write", $this->view)) { return self::_error("{t}Folder{/t}", "{t}Access denied.{/t}", "folder"); } $this->folder = $data["folder"]; } else { $data["folder"] = $this->folder; } // fill data array list($rdata, $data_row, $error) = $this->_complete_data($data, $id); if ($error) { return $error; } // validate if ($result = $this->_validate($rdata, $id)) { return $result; } if ($insert) { $id = sql_genID($this->tname) * 100; $sql_data = array("id" => $id, "dsize" => 0, "history" => sprintf("{t}Item created by %s at %s{/t}\n", $_SESSION["username"], sys_date("{t}m/d/y g:i:s a{/t}"))); } else { $sql_data = array("dsize" => 0, "history" => sprintf("{t}Item edited (%s) by %s at %s{/t}\n", "@fields@", $_SESSION["username"], sys_date("{t}m/d/y g:i:s a{/t}"))); } // count sizes, move files to store, delete old files foreach ($this->current_fields as $field_name => $field) { if ($field["SIMPLE_TYPE"] == "id") { continue; } if ($field["SIMPLE_TYPE"] == "files" and !empty($rdata[$field_name])) { foreach ($rdata[$field_name] as $val) { if (file_exists($val)) { $sql_data["dsize"] += filesize($val); } } // TODO 2 store handler? if (!empty($data_row[$field_name])) { $data_old = explode("|", trim($data_row[$field_name], "|")); foreach ($data_old as $filekey => $file) { if (in_array($file, $rdata[$field_name])) { continue; } if (ARCHIVE_DELETED_FILES and file_exists($file)) { $i = 1; $m = ""; $trash_name = SIMPLE_STORE . "/trash/" . $this->folder . "_" . $id . "_"; $trash_file = modify::basename($file); while (file_exists($trash_name . $m . $trash_file)) { $m = $i++ . "_"; } rename($file, $trash_name . $m . $trash_file); touch($trash_name . $m . $trash_file); } else { @unlink($file); } } } foreach ($rdata[$field_name] as $filekey => $file) { if ($file == "") { unset($rdata[$field_name][$filekey]); $data[$field_name] = implode("|", $rdata[$field_name]); continue; } if (file_exists(SIMPLE_CACHE . "/upload/" . basename($file))) { $filebase = modify::basename(basename($file)); list($target, $filename) = sys_build_filename($filebase, $this->tname); dirs_checkdir($target); $target .= sys_get_pathnum($id) . "/"; dirs_checkdir($target); $target .= md5($id) . $filename; rename(SIMPLE_CACHE . "/upload/" . basename($file), $target); $rdata[$field_name][$filekey] = $target; $data[$field_name] = implode("|", $rdata[$field_name]); } } $basenames = array(); foreach (array_reverse($rdata[$field_name]) as $filekey => $file) { $basename = modify::basename($file); if (isset($basenames[$basename])) { $old_filekey = $basenames[$basename]; $basename = preg_replace("|_rev\\d+|", "", $basename); $base = $basename; $i = 1; while (isset($basenames[$basename])) { if ($pos = strrpos($base, ".")) { $basename = substr($base, 0, $pos) . "_rev" . $i++ . substr($base, $pos); } else { $basename = $base . "_rev" . $i++; } } $target = str_replace(modify::basename($file), $basename, $file); if (rename($file, $target)) { // swap $rdata[$field_name][$filekey] = $rdata[$field_name][$old_filekey]; $rdata[$field_name][$old_filekey] = $target; $data[$field_name] = implode("|", $rdata[$field_name]); } } $basenames[$basename] = $filekey; } } if (!empty($field["STORE"]) and is_array($field["STORE"])) { foreach ($field["STORE"] as $store) { list($class, $function, $params) = sys_find_callback("modify", $store["FUNCTION"]); $rdata[$field_name] = call_user_func(array($class, $function), $rdata[$field_name], $rdata, $params); } } if (!isset($sql_data[$field_name]) and !is_null($rdata[$field_name])) { $sql_data[$field_name] = $rdata[$field_name]; } } // transform foreach ($sql_data as $key => $value) { $sql_data[$key] = self::scalarize($value, $this->fields[$key]); } // reduce to new values $sys_fields = array("history" => "", "dsize" => "", "seen" => ""); foreach ($sql_data as $data_key => $data_value) { if (isset($sys_fields[$data_key])) { continue; } $addfield = true; $field = $this->fields[$data_key]; if (!isset($this->current_fields[$data_key])) { $addfield = false; } if (isset($field["NOTINALL"])) { $addfield = false; } if (isset($field["NOTIN"]) and in_array($this->view, $field["NOTIN"])) { $addfield = false; } if (isset($field["READONLYIN"]) and (in_array($this->view, $field["READONLYIN"]) or in_array("all", $field["READONLYIN"]))) { $addfield = false; } if (isset($field["ONLYIN"])) { if (in_array($this->view, $field["ONLYIN"])) { $addfield = true; } else { $addfield = false; } } if (!$addfield) { unset($sql_data[$data_key]); } } // build history $sql_data = $this->build_history($sql_data, $data_row); if (!array_diff(array_keys($sql_data), array("history", "seen"))) { $sql_data = array(); } // save in db if ($insert) { $error_sql = db_insert($this->tname, $sql_data, array("handler" => $this->handler)); if ($error_sql != "") { return self::_error("{t}SQL failed.{/t}", $error_sql); } if ($this->notification) { sys_notification("{t}Item successfully created.{/t} (" . $id . ")"); } } else { if (count($sql_data) == 0) { return $id; } $error_sql = db_update($this->tname, $sql_data, array("id=@id@"), array("id" => $id, "folder" => $this->folder), array("handler" => $this->handler)); if ($error_sql != "") { return self::_error("{t}SQL failed.{/t}", $error_sql); } if ($this->notification) { sys_notification("{t}Item successfully updated.{/t} (" . (is_numeric($id) ? $id : 1) . ")"); } } if (empty($this->handler)) { db_update("simple_sys_tree", array("history" => "[" . $id . "/details] " . $sql_data["history"]), array("id=@id@"), array("id" => $this->folder)); db_update_treesize($this->tname, $this->folder); if (!$insert and $this->folder != $data_row["folder"]) { db_update("simple_sys_tree", array("history" => "[" . $id . "/details] " . $sql_data["history"]), array("id=@id@"), array("id" => $data_row["folder"])); db_update_treesize($this->tname, $data_row["folder"]); db_search_delete($this->tname, $id, $data_row["folder"]); } if (empty($this->att["NO_SEARCH_INDEX"])) { db_search_update($this->tname, $id, $this->fields); } sys_log_stat($insert ? "new_records" : "changed_records", 1); } // call triggers $trigger = ""; if ($insert and !empty($this->att["TRIGGER_NEW"])) { $trigger = $this->att["TRIGGER_NEW"]; } if (!$insert and !empty($this->att["TRIGGER_EDIT"])) { $trigger = $this->att["TRIGGER_EDIT"]; } if ($trigger and $result = asset_process_trigger($trigger, $id, $rdata, $this->tname)) { return self::_error("{t}Trigger failed{/t}", $result); } // send notification $tree_notification = db_select_value("simple_sys_tree", "notification", "id=@id@", array("id" => $this->folder)); if ($tree_notification != "") { $rdata["notification"] .= "," . $tree_notification; } if (!$insert and $this->folder != $data_row["folder"]) { $tree_notification = db_select_value("simple_sys_tree", "notification", "id=@id@", array("id" => $data_row["folder"])); if ($tree_notification != "") { $rdata["notification"] .= "," . $tree_notification; } } if (!empty($rdata["notification"])) { $rdata["notification"] = trim($rdata["notification"], ","); $smtp_data = asset::build_notification($this->att["NAME"], $this->current_fields, $rdata, $sql_data, $id, $data_row); if ($result = asset_process_trigger("sendmail", $id, $smtp_data)) { return self::_error("{t}Trigger failed{/t}", $result); } } // update stats if (!empty($this->handler)) { foreach ($sql_data as $data_key => $data_value) { $field = $this->fields[$data_key]; if ($field["SIMPLE_TYPE"] != "files") { continue; } foreach (explode("|", $data_value) as $file) { if (sys_strbegins($file, SIMPLE_CACHE . "/upload/")) { @unlink($file); } } } } return $id; }