/**
* Log an admin log
* @param string $messsage
* @return boolean
*/
function alog($message)
{
if (!trim($message)) {
return false;
}
$userId = Yii::app()->user->id ? Yii::app()->user->id : 0;
$note = trim($message);
$ipAddress = Yii::app()->request ? Yii::app()->request->getUserHostAddress() : '';
$controller = Yii::app()->getController() ? Yii::app()->getController()->id : '';
$action = $controller && Yii::app()->getController()->getAction() ? Yii::app()->getController()->getAction()->id : '';
// Add to db
$model = new AdminLog();
$model->user_id = $userId;
$model->note = $note;
$model->ip_address = $ipAddress;
$model->controller = $controller;
$model->action = $action;
return $model->save();
}
if ($_POST['epassword'] != '') {
$user->password = sha1($_POST['epassword']);
$user->db_fields = array('surname', 'othernames', 'password', 'email', 'staff_id', 'rank', 'activated_status', 'role', 'department_id');
} else {
$user->db_fields = array('surname', 'othernames', 'email', 'staff_id', 'rank', 'activated_status', 'role', 'department_id');
}
$user->email = $_POST['email'];
$user->staff_id = $_POST['staffid'];
$user->rank = $_POST['rank'];
$user->activated_status = $_POST['activated_status'];
$user->role = $_POST['role'];
if ($user->role != 4) {
$user->department_id = 0;
} else {
$user->department_id = $_POST['department_id'];
}
// print_r($user);
// die();
//$database->affected_rows() == 1
if ($user->save()) {
echo '<h4 class="alert alert-success">Success</h4>';
echo '<hr>';
echo "You have successfully edited " . $user->surname . " " . $user->othernames . "'s account\n";
echo '<hr>';
echo "Use the button below to proceed to view admin users";
echo '<hr>';
echo '<a href="view_users.php" class="btn btn-info">View Users</a>';
} else {
echo "No change was made to " . $user->surname . " " . $user->othernames . "'s account\n";
}
}
echo '<hr>';
echo "The Staff ID:<font color='#FF0000'> '" . $user_exist->staff_id . "'</font> already exists in our database";
echo '<br>';
echo 'Use the Close Button to Continue';
} else {
$user = new AdminLog();
$user->surname = htmlspecialchars($_POST['surname'], ENT_QUOTES);
$user->othernames = htmlspecialchars($_POST['othernames'], ENT_QUOTES);
$user->password = htmlspecialchars(sha1($_POST['epassword']), ENT_QUOTES);
$user->email = htmlspecialchars($_POST['email'], ENT_QUOTES);
$user->staff_id = htmlspecialchars($_POST['staffid'], ENT_QUOTES);
$user->rank = htmlspecialchars($_POST['rank'], ENT_QUOTES);
$user->role = htmlspecialchars($_POST['role'], ENT_QUOTES);
$user->department_id = htmlspecialchars($_POST['department_id'], ENT_QUOTES);
$user->activated_status = 1;
$user->save();
if ($database->affected_rows() == 1) {
if ($user->sendVerificationMail($_POST['epassword'])) {
sleep(2);
echo '<h4 class="alert alert-success">Success</h4>';
echo '<hr>';
echo "The Information for staff with ID <font color=#0000FF>" . $user->staff_id . "</font> has been successfully saved.\n";
echo "Use the close botton to go back and continue";
echo '<br>';
} else {
sleep(2);
echo '<h4 class="alert alert-info">Information</h4>';
echo '<hr>';
echo 'Your information has been successfully saved but activation mail was not sent.<br>';
echo 'Please contact us at <span class="label label-success">support@unijos.edu.ng</span> for further enquiries';
echo '<br>';
sleep(2);
echo '<h4 class="alert alert-error">Error</h4>';
echo '<hr>';
echo 'Your information does not exist in our database it may be due to the following reasons.';
echo '<ol>';
echo '<li>Your staff_id and password combination is wrong.</li>';
echo '<li>You do not have an account.</li>';
echo '</ol>';
} else {
// store applicant_id in session
$adminLog = new AdminLog();
$adminLog->user_id = $user->user_id;
if ($user->activated_status == 1) {
$adminLog->db_fields = array('last_logged_in');
$adminLog->last_logged_in = date('Y-m-d H:i:s');
$adminLog->save();
$session->admin_login($user->user_id);
$_SESSION["role"] = $user->role;
if ($user->role == 4) {
$_SESSION["department_id"] = $user->department_id;
}
sleep(2);
echo '<h4 class="alert alert-success">' . $display_greeting . ', ' . ucfirst($user->surname) . ' ' . ucfirst($user->othernames) . '</h4>';
if ($user->edit_status == 0) {
echo '<hr>';
echo 'You must edit your details before you can continue<br>';
echo '<hr>';
echo '<a href="editprofile.php" class="btn btn-info">Proceed</a>';
} else {
echo '<hr>';
echo 'You can continue with your administrative privieges<br>';
