public function Upload(){
$EmailAddress = Session::singleton()->getUser();
$query = "SELECT UserID FROM User WHERE EmailAddress='$EmailAddress'";
data_model()->executeQuery($query);
$row = data_model()->getResult()->fetch_assoc();
$id = $row['UserID'];
$ruta = "static/img/";
$foto = $_FILES['imagen']['tmp_name'];
$nom_archivo = $_FILES['imagen']['name'];
//$ext = pathinfo($nom_archivo);
//$array = explode(".", $nom_archivo); //Lo uso para dividir el nombre
//$nombre= $array[0]."_".$id.".".$array[1]; //Aqui formo el nuevo nombre
$nombre = "profile_".$id.".jpg";
$subir = move_uploaded_file($foto, "$ruta/$nombre");
if($subir){
$query = "update user set ProfilePic =2,imagen='$nombre' where UserID='$id'";
data_model()->executeQuery($query);
HttpHandler::redirect("/warbook/Profile/view");
}
}
public function login() {
if (empty($_POST)) {
HttpHandler::redirect('/'+MODULE+'/login/form');
} else {
BM::singleton()->getObject('db')->newConnection(HOST, USER, PASSWORD, DATABASE);
$usuario = BM::singleton()->getObject('db')->sanitizeData($_POST['usuario']);
$clave = cifrar_RIJNDAEL_256($_POST['clave']);
$query = "SELECT * FROM empleado WHERE usuario='{$usuario}' AND clave='{$clave}' AND modulo='terceros';";
BM::singleton()->getObject('db')->executeQuery($query);
if (BM::singleton()->getObject('db')->getNumRows() > 0) {
$level = 1;
while ($data = BM::singleton()->getObject('db')->getResult()->fetch_assoc()) {
$level = $data['permiso'];
}
Session::singleton()->NewSession($usuario, $level);
if(!isset($_GET['url'])||empty($_GET['url'])){
HttpHandler::redirect('/'.MODULE.'/login/form');
}else{
HttpHandler::redirect($_GET['url']);
}
} else {
HttpHandler::redirect('/'.MODULE.'/login/form?error_id=2');
}
}
}
public function View(){
if (!Session::singleton()->ValidateSession()) {
HttpHandler::redirect('/warbook/login/form');
} else {
$this->view->View();
}
}
/**
* close current session
*
*/
public static function logOut() {
$_SESSION = array();
session_destroy();
$parametros_cookies = session_get_cookie_params();
setcookie(session_name(), 0, 1, $parametros_cookies["path"]);
HttpHandler::redirect(DEFAULT_DIR);
}
public function guardar_tercero(){
$proveedor = $this->model->get_child('cliente');
$proveedor->get(0);
$proveedor->change_status($_POST);
$proveedor->save();
HttpHandler::redirect('/terceros/terceros/terceros?status=save');
}
public function eliminar(){
if(isset($_POST)&&!empty($_POST)){
if($this->validarCampo('codigo')){
$codigo = $_POST['codigo'];
if($this->model->exists($codigo)){
$query = "SELECT * FROM cuenta_contable WHERE madre = '{$codigo}'";
data_model()->executeQuery($query);
if(data_model()->getNumRows()>0){
HttpHandler::redirect('/contabilidad/main/cuentas?error=dependency');
}else{
$this->model->delete($codigo);
HttpHandler::redirect('/contabilidad/main/cuentas?success=deleted');
}
}
}
}
}
public function login() {
if (empty($_POST)) {
HttpHandler::redirect('/warbook/login/form');
} else {
BM::singleton()->getObject('db')->newConnection(HOST, USER, PASSWORD, DATABASE);
$usuario = BM::singleton()->getObject('db')->sanitizeData($_POST['usuario']);
$clave = md5($_POST['clave']);
$query = "SELECT * FROM User WHERE EmailAddress='{$usuario}' AND AccessPassword='******'";
//echo $query;
BM::singleton()->getObject('db')->executeQuery($query);
if (BM::singleton()->getObject('db')->getNumRows() > 0) {
$level = 1;
Session::singleton()->NewSession($usuario, $level);
HttpHandler::redirect('/warbook/login/form');
} else {
HttpHandler::redirect('/warbook/login/form?error_id=2');
}
}
}
function proveedor_activo() {
if (validar_sesion_proveedor()) {
HttpHandler::redirect('/nymsa_testing/mdl/Proveedor/acceder');
}
}
public function run() {
if (is_callable(array(new $this->controller, $this->action))):
call_user_func_array(array(new $this->controller, $this->action), $this->params);
else:
HttpHandler::redirect($this->basePath . 'error/not_found');
endif;
}
