function changePassword()
{
//put contents here
include_once "../includes/admin_init.php";
$process = new ProcessForm();
$validate = $process::validate();
$postdata = new User("users");
$id = $postdata::$id = isset($GLOBALS["id"]) ? "Id=" . $GLOBALS["id"] : null;
//id recieved form querystring
if ($process->submitForm()) {
/*@setting validation rules*/
$required = array("old_password", "new_password");
$process->errorinfo = array_merge($process->errorinfo, $validate->check_requiredFields($required));
$process->errorinfo = array_merge($process->errorinfo, $validate->check_PasswordFields("new_password", "cpassword"));
//$process->message("Hey successfully submmited the form");
$linkto = GenerateUrl::buildLink("../auth", ".", "Login");
$process->message("Your password was successfully changed, please you can {$linkto} now.");
if ($process->successflag) {
//echo "success happened and all fields are sent to database, Thank you ! :)";
$oldpass = isset($_POST["old_password"]) ? md5($_POST["old_password"]) : null;
$getrow = $postdata::fieldExists("Password={$oldpass}");
var_dump($getrow);
if ($getrow != null) {
$postdata::$id = isset($GLOBALS["id"]) ? "Id=" . $GLOBALS["id"] : null;
$postdata::$tablefields = array("Password" => md5($_POST["new_password"]));
$postdata->save();
}
}
}
$querystr = isset($_SERVER['QUERY_STRING']) ? "?" . $_SERVER['QUERY_STRING'] : null;
$form = new Form("changepass", $_SERVER['PHP_SELF'] . $querystr, "post", "enctype=\"application/x-www-form-urlencoded\"\n");
$form->startForm();
//form heading
$form->setFormField(null, $form->addFormInfo("<h2>Change My Password</h2>"));
//Password
$form->setFormField($form->inputLabel("Old password", "*Old Password"), $form->inputField("password", "old_password", $process->post("old_password")), $validate->displayErrorField($process->errorinfo, "old_password"));
//Password
$form->setFormField($form->inputLabel("new_password", "*New Password"), $form->inputField("password", "new_password", $process->post("new_password")), $validate->displayErrorField($process->errorinfo, "new_password"));
$form->setFormField($form->inputLabel("cpassword", "*Confirm Password"), $form->inputField("password", "cpassword", $process->post("cpassword")), $validate->displayErrorField($process->errorinfo, "cpassword"));
//checks submit type
$form->setFormField(null, $form->inputField("submit", "change", "Change My Password"));
$form->endForm();
return $form->DisplayFields($GLOBALS["form_labling"], $process->message);
}
function loginForm()
{
global $process, $session;
$user = new User();
//$uid = $user::findRow("Id=1");
// Proccessing forms
if ($process->submitForm()) {
// Form validation and processing
if ($session->isLoggedIn()) {
$msg = "* {$_POST["username"]} is already logged in";
}
//if no errors are found
$username = $process->post("username");
$password = $process->post("password");
$password = md5($password);
if (!$user::userExists("Username={$username}")) {
$msg = "Username does not exist, register it now!";
}
$authuser = $user::authenticate($username, $password);
if ($authuser) {
$session->LogIn($authuser);
redirectTo("../admin/");
//echo "you are now logged in";
} else {
$msg = "Username and Password combination is not correct";
}
} else {
$email = "";
$password = "";
}
//login form
$form = new Form("login", filter_var($_SERVER['PHP_SELF']), "post", "enctype=\"application/x-www-form-urlencoded\"\n");
$form->startForm();
$form->setFormField("", $form->addFormInfo("<p style=\"text-align:center;\">Enter your username and password to access admin dashboard<br>\n<img src=\"../" . TEMPLATE_DIR . SITE_TEMPLATE . "/_images/login_icon.png\" /></p>"));
if (isset($msg) && strlen($msg) > 0) {
$form->setFormField("", $form->addFormInfo("<p class=\"error\">{$msg}</p>"));
}
//Username
$form->setFormField($form->inputLabel("username", "Username"), $form->inputField("text", "username", "", 'autocomplete="on"'));
$form->setFormField($form->inputLabel("username", "Password"), $form->inputField("password", "password", ""));
$form->setFormField("", $form->inputField("submit", "login", "Login") . " or " . GenerateUrl::buildLink("../auth", "register.php", "Register"));
return $form->DisplayFields($GLOBALS["form_labling"]);
$form->endForm();
}
function categoryForm()
{
//put contents here
$process = new ProcessForm();
$validate = $process::validate();
$postdata = new Table("pagecategory");
if ($GLOBALS["action"] == "editpgcate") {
$postdata::$id = "Id=" . $GLOBALS["id"];
$editcate = $postdata::findRow($postdata::$id);
$category = $editcate->Category;
$visible = $editcate->Visible;
$position = $editcate->Position;
} else {
$category = "";
$visible = "";
$position = "";
}
if ($process->submitForm()) {
/*@setting validation rules*/
$required = array("category");
$process->errorinfo = array_merge($process->errorinfo, $validate->check_requiredFields($required));
$check_invalidchars = array("category");
$process->errorinfo = array_merge($process->errorinfo, $validate->check_invalidChars($check_invalidchars));
$requiredlen = array("category" => 30);
$process->errorinfo = array_merge($process->errorinfo, $validate->check_FieldLength($requiredlen));
$selectedindex = array("position" => "--Select Menu Position--");
$process->errorinfo = array_merge($process->errorinfo, $validate->check_selectField($selectedindex));
$process->message("category has been successfully submmited.");
if ($process->successflag) {
//echo "success happened and all fields are sent to database, Thank you ! :)";//
$postdata::$tablefields = array("Category" => $_POST["category"], "Position" => $_POST["position"], "Visible" => $_POST["visible"]);
$postdata->save();
}
}
$form = new Form("sitenavform", $_SERVER['PHP_SELF'] . "?" . $_SERVER['QUERY_STRING'], "post", "enctype=\"application/x-www-form-urlencoded\"\n");
//Company
$form->startForm();
$form->setFormField("", $form->addFormInfo("<p>" . GenerateUrl::buildLink(".", "dashboard.php", "«Back to Sammary Page", "action=view,target=managesite") . "</p>" . "<h2>Use this form to add new page category.</h2><p>Required Fields are labelled with asterics (*)<hr/>"));
//Category
$form->setFormField($form->inputLabel("category", "*Category Name"), $form->inputField("text", "category", $process->post("category", $category)), $validate->displayErrorField($process->errorinfo, "category"));
//Position
$cateposition = function () {
$getposition = new Table("sitemenu");
$position_options = $getposition::findAllRecords("ORDER BY Id ASC");
foreach ($position_options as $opt) {
$options[0] = "--Select Menu Position--";
$options[$opt->Position] = $opt->Nav_name;
}
return $options;
};
$form->setFormField($form->inputLabel("position", "*Menu Position"), $form->selectOptions("position", $cateposition(), $process->post("position", $position)), $validate->displayErrorField($process->errorinfo, "position"));
//Radio for Visible//
$form->setFormField($form->inputLabel("visible", "Menu Visibility"), $form->radioButton("Yes", "visible", "Y", $process->post("visible", $visible) == "Y" ? true : false) . $form->radioButton("No", "visible", "N", $process->post("visible", $visible) == "N" ? true : false));
//Submit Form//
$form->setFormField(null, $form->inputField("submit", "send", "Save"));
$form->endForm();
return $form->DisplayFields($GLOBALS["form_labling"], $process->message);
}
function viewProfile()
{
global $users, $session;
//$output .= "<p style=\"color:red; margin-left: 2em;\">" ;
// $$msg ="Your Profile has been successfully updated, thank you.";
//$output .= isset($_GET["msg"])?${$_GET["msg"]}:'' ;
// @$$changepass_msg ="Your password has been successfully changed.";
//$output .= isset($_GET["changepass_msg"])?${$_GET["changepass_msg"]}:'' ;
$u = $users::findRow("Id={$session->userid}");
$authlevel = function ($param) {
switch ($param) {
case ADMIN:
return "Administrator";
break;
case MODERATOR:
return "Moderator";
break;
case EDITOR:
return "Editor";
break;
case USER:
return "User";
break;
}
};
$output = "";
$editlink = GenerateUrl::buildLink(".", "dashboard.php", "+Edit Profile", "target=profile,action=editregister,id={$u->Id}");
$changepasslink = GenerateUrl::buildLink(".", "dashboard.php", "Change Password", "target=profile,action=changepass,id={$u->Id}");
$password = $u->Password ? "*********" : "";
$gender = $u->Gender == "M" ? "Male" : "Female";
$output .= <<<HTML
<div id="admdetail">
\t <h2>My Profile</h2>
<table border="1" style="text-align:left;">
<tr>
<th colspan="3" style="text-align:center">Personal Information</th>
</tr>
<tr>
\t<th colspan="6"><p>{$editlink}</p></th>
</tr>
<tr>
<th scope="row">Fullname:</th>
<td>{$u->fullName()}</td>
<td rowspan="2">Upload your picture here</td>
</tr>
<tr>
<th scope="row">Gender:</th>
<td>{$gender}</td>
</tr>
<tr>
<th colspan="3" style="text-align:center">Login Information</th>
</tr>
<tr>
<th scope="row">Username:</th>
<td colspan="2">{$u->Username}</td>
</tr>
<tr>
<th scope="row">Email:</th>
<td colspan="2" >{$u->Email}</td>
</tr>
<tr>
<th scope="row">Password:</th>
<td>{$password}</td>
<td>{$changepasslink}</td>
</tr>
HTML;
$output .= "<tr><th scope=\"row\">Userlevel:</th>\n <td>" . $authlevel($u->Authlevel) . "</td>\n <td> </td></tr>\n </table></div>";
return $output;
}
function register()
{
//put contents here
include_once "../includes/admin_init.php";
$process = new ProcessForm();
$validate = $process::validate();
$postdata = new User("users");
$id = $postdata::$id = isset($GLOBALS["id"]) ? "Id=" . $GLOBALS["id"] : null;
//id recieved form querystring
if ($GLOBALS["action"] == "editregister") {
$edit = $postdata::findRow($id);
//
$firstname = $edit->Firstname;
$lastname = $edit->Lastname;
$gender = $edit->Gender;
$username = $edit->Username;
$email = $edit->Email;
} else {
$firstname = "";
$lastname = "";
$gender = "";
$username = "";
$password = "";
$email = "";
}
if ($process->submitForm()) {
/*@setting validation rules*/
$required = array("firstname", "lastname", "gender", "username", "email_address");
$process->errorinfo = array_merge($process->errorinfo, $validate->check_requiredFields($required));
$check_invalidchars = array("firstname", "lastname", "username");
$process->errorinfo = array_merge($process->errorinfo, $validate->check_invalidChars($check_invalidchars));
$requiredlen = array("firstname" => 50, "lastname" => 50, "username" => 50);
$process->errorinfo = array_merge($process->errorinfo, $validate->check_FieldLength($requiredlen));
//$selectedindex = $setuserlevel==true?array("gender"=>"--Select Gender--","ulevel"=>"--Select User Level--"):array("gender"=>"--Select Gender--");
//$process->errorinfo = array_merge($process->errorinfo,$validate->check_selectField($selectedindex));
if ($_POST) {
$getrow = $postdata::fieldExists("Username={$_POST["username"]}");
//$uservalidate = (isset($_POST["username"]))?$getrow->Username:null;
if ($getrow != null) {
$process->errorinfo["username"] = $_POST["username"] . " already a users, try anther username please";
}
}
if ($GLOBALS["action"] == "register" || $GLOBALS["action"] == "adduser") {
array_push($required, "password");
$process->errorinfo = array_merge($process->errorinfo, $validate->check_requiredFields($required));
$process->errorinfo = array_merge($process->errorinfo, $validate->check_PasswordFields("password", "cpassword"));
}
//Sucess
//$process->message("Hey successfully submmited the form");
$linkto = GenerateUrl::buildLink("../auth", ".", "Login");
$process->message("Your registeration was successfully, please you can {$linkto} now.");
if ($process->successflag) {
//echo "success happened and all fields are sent to database, Thank you ! :)";
$postdata::$tablefields = array("Firstname" => $_POST["firstname"], "Lastname" => $_POST["lastname"], "Gender" => $_POST["gender"], "Username" => $_POST["username"], "Email" => $_POST["email_address"], "Password" => md5($_POST["password"]));
$postdata->save();
}
}
$querystr = isset($_SERVER['QUERY_STRING']) ? "?" . $_SERVER['QUERY_STRING'] : null;
$form = new Form("Register", $_SERVER['PHP_SELF'] . $querystr, "post", "enctype=\"application/x-www-form-urlencoded\"\n");
$form->startForm();
//form heading
if ($GLOBALS["action"] == "editregister") {
$form->setFormField(null, $form->addFormInfo("<h2>Edit your profile ..</h2>"));
} elseif ($GLOBALS["action"] == "edituser") {
$form->setFormField(null, $form->addFormInfo("<h2>Edit User Account</h2>"));
} else {
$form->setFormField(null, $form->addFormInfo("<h2>Use this form to add register new users..</h2>"));
}
//FIrstname
$form->setFormField($form->inputLabel("firstname", "Firstname"), $form->inputField("text", "firstname", $process->post("firstname", $firstname)), $validate->displayErrorField($process->errorinfo, "firstname"));
//Lastname
$form->setFormField($form->inputLabel("lastname", "Lastname"), $form->inputField("text", "lastname", $process->post("lastname", $lastname)), $validate->displayErrorField($process->errorinfo, "lastname"));
//gender
$gender_options = array("--Select Gender--", "M" => "Male", "F" => "Female");
$form->setFormField($form->inputLabel("gender", "Gender"), $form->selectOptions("gender", $gender_options, $process->post("gender", $gender)), $validate->displayErrorField($process->errorinfo, "gender"));
//Username
$form->setFormField($form->inputLabel("username", "Username"), $form->inputField("text", "username", $process->post("username", $username)), $validate->displayErrorField($process->errorinfo, "username"));
//Email Address
$form->setFormField($form->inputLabel("email", "Email"), $form->inputField("email", "email_address", $process->post("email_address", $email)), $validate->displayErrorField($process->errorinfo, "email_address"));
//checks userlevel
//if in edit mode
if ($GLOBALS["action"] != "editregister") {
//Password
$form->setFormField($form->inputLabel("password", "Password"), $form->inputField("password", "password", $process->post("password")), $validate->displayErrorField($process->errorinfo, "password"));
$form->setFormField($form->inputLabel("cpassword", "Confirm Password"), $form->inputField("password", "cpassword", $process->post("cpassword")), $validate->displayErrorField($process->errorinfo, "cpassword"));
}
//Submit Form
$hyperlink = GenerateUrl::buildLink("..", ".", "Terms and Conditions of use", "target=terms.html");
//checks submit type
if ($GLOBALS["action"] == "editregister") {
$form->setFormField(null, $form->inputField("submit", "send", "Update My Profile "));
} else {
$form->setFormField(null, $form->addFormInfo("<strong role=\"agreement\">By Clicking on Register you Agree to our {$hyperlink}.</strong>"));
$form->setFormField(null, $form->inputField("submit", "send", "Register"));
}
$form->endForm();
return $form->DisplayFields($GLOBALS["form_labling"], $process->message);
}
public function hyperlink($url, $addfile, $linktext, $params = '', $id = '')
{
return GenerateUrl::buildLink($url, $addfile, $linktext, $params, $id);
}