/** * Log an admin log * @param string $messsage * @return boolean */ function alog($message) { if (!trim($message)) { return false; } $userId = Yii::app()->user->id ? Yii::app()->user->id : 0; $note = trim($message); $ipAddress = Yii::app()->request ? Yii::app()->request->getUserHostAddress() : ''; $controller = Yii::app()->getController() ? Yii::app()->getController()->id : ''; $action = $controller && Yii::app()->getController()->getAction() ? Yii::app()->getController()->getAction()->id : ''; // Add to db $model = new AdminLog(); $model->user_id = $userId; $model->note = $note; $model->ip_address = $ipAddress; $model->controller = $controller; $model->action = $action; return $model->save(); }
if ($_POST['epassword'] != '') { $user->password = sha1($_POST['epassword']); $user->db_fields = array('surname', 'othernames', 'password', 'email', 'staff_id', 'rank', 'activated_status', 'role', 'department_id'); } else { $user->db_fields = array('surname', 'othernames', 'email', 'staff_id', 'rank', 'activated_status', 'role', 'department_id'); } $user->email = $_POST['email']; $user->staff_id = $_POST['staffid']; $user->rank = $_POST['rank']; $user->activated_status = $_POST['activated_status']; $user->role = $_POST['role']; if ($user->role != 4) { $user->department_id = 0; } else { $user->department_id = $_POST['department_id']; } // print_r($user); // die(); //$database->affected_rows() == 1 if ($user->save()) { echo '<h4 class="alert alert-success">Success</h4>'; echo '<hr>'; echo "You have successfully edited " . $user->surname . " " . $user->othernames . "'s account\n"; echo '<hr>'; echo "Use the button below to proceed to view admin users"; echo '<hr>'; echo '<a href="view_users.php" class="btn btn-info">View Users</a>'; } else { echo "No change was made to " . $user->surname . " " . $user->othernames . "'s account\n"; } }
echo '<hr>'; echo "The Staff ID:<font color='#FF0000'> '" . $user_exist->staff_id . "'</font> already exists in our database"; echo '<br>'; echo 'Use the Close Button to Continue'; } else { $user = new AdminLog(); $user->surname = htmlspecialchars($_POST['surname'], ENT_QUOTES); $user->othernames = htmlspecialchars($_POST['othernames'], ENT_QUOTES); $user->password = htmlspecialchars(sha1($_POST['epassword']), ENT_QUOTES); $user->email = htmlspecialchars($_POST['email'], ENT_QUOTES); $user->staff_id = htmlspecialchars($_POST['staffid'], ENT_QUOTES); $user->rank = htmlspecialchars($_POST['rank'], ENT_QUOTES); $user->role = htmlspecialchars($_POST['role'], ENT_QUOTES); $user->department_id = htmlspecialchars($_POST['department_id'], ENT_QUOTES); $user->activated_status = 1; $user->save(); if ($database->affected_rows() == 1) { if ($user->sendVerificationMail($_POST['epassword'])) { sleep(2); echo '<h4 class="alert alert-success">Success</h4>'; echo '<hr>'; echo "The Information for staff with ID <font color=#0000FF>" . $user->staff_id . "</font> has been successfully saved.\n"; echo "Use the close botton to go back and continue"; echo '<br>'; } else { sleep(2); echo '<h4 class="alert alert-info">Information</h4>'; echo '<hr>'; echo 'Your information has been successfully saved but activation mail was not sent.<br>'; echo 'Please contact us at <span class="label label-success">support@unijos.edu.ng</span> for further enquiries'; echo '<br>';
sleep(2); echo '<h4 class="alert alert-error">Error</h4>'; echo '<hr>'; echo 'Your information does not exist in our database it may be due to the following reasons.'; echo '<ol>'; echo '<li>Your staff_id and password combination is wrong.</li>'; echo '<li>You do not have an account.</li>'; echo '</ol>'; } else { // store applicant_id in session $adminLog = new AdminLog(); $adminLog->user_id = $user->user_id; if ($user->activated_status == 1) { $adminLog->db_fields = array('last_logged_in'); $adminLog->last_logged_in = date('Y-m-d H:i:s'); $adminLog->save(); $session->admin_login($user->user_id); $_SESSION["role"] = $user->role; if ($user->role == 4) { $_SESSION["department_id"] = $user->department_id; } sleep(2); echo '<h4 class="alert alert-success">' . $display_greeting . ', ' . ucfirst($user->surname) . ' ' . ucfirst($user->othernames) . '</h4>'; if ($user->edit_status == 0) { echo '<hr>'; echo 'You must edit your details before you can continue<br>'; echo '<hr>'; echo '<a href="editprofile.php" class="btn btn-info">Proceed</a>'; } else { echo '<hr>'; echo 'You can continue with your administrative privieges<br>';