function logoutAction() { if (!User::factory()->_admin) { HTTP::redirect('backend/' . Route::controller() . '/login'); } User::factory()->logout(); HTTP::redirect('backend/' . Route::controller() . '/login'); }
public function access() { if (!User::info()) { return false; } $this->_access = User::caccess(); if (in_array(Route::controller(), array('ajax', 'form')) or in_array(Route::action(), array('printTicket', 'print', 'createOrder')) or Route::controller() == 'orders' && Route::action() == 'delete') { return true; } if ($this->_access == 'no') { $this->no_access(); } if ($this->_access == 'view' && Route::action() != 'index' && Route::action() != 'edit') { $this->no_access(); } }
function innerAction() { if (User::info()->role_id != 2 && User::info()->id != Route::param('id')) { $this->no_access(); } // Select current user $organizer = Model::getOrganizerById(Route::param('id'), 1); if (!$organizer) { $this->no_access(); } $this->_seo['h1'] = 'Отчет организатора: ' . $organizer->name; $this->_seo['title'] = 'Отчет организатора: ' . $organizer->name; $this->setBreadcrumbs('Отчет организатора: ' . $organizer->name); // Set filter vars $date_s = NULL; $date_po = NULL; $eventId = null; $status = null; if (Arr::get($_GET, 'date_s')) { $date_s = strtotime(Arr::get($_GET, 'date_s')); } if (Arr::get($_GET, 'date_po')) { $date_po = strtotime(Arr::get($_GET, 'date_po')); } if (Arr::get($_GET, 'event') != 0) { $eventId = Arr::get($_GET, 'event'); } if (Arr::get($_GET, 'status') != 'null') { $status = Arr::get($_GET, 'status'); } $filter = array('date_s' => $date_s, 'date_po' => $date_po, 'status' => $status, 'event_id' => $eventId, 'organizer_id' => $organizer->id, 'order' => array('created_at', 'DESC')); $posters = Model::getPosters($filter); // Make array with all need data $result = array(); foreach ($posters as $poster) { $result[$poster->id]['poster'] = $poster; $result[$poster->id]['detailed'] = Model::getDetailed($poster); } // Rendering $this->_content = View::tpl(array('result' => $result, 'pay_statuses' => $this->pay_statuses, 'events' => DB::select()->from('afisha')->where('place_id', 'IS NOT', null)->where('organizer_id', '=', $organizer->id)->find_all(), 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/Inner'); }
function createOrderAction() { if (User::get_access_for_controller('afisha_brone') != 'edit') { $this->no_access(); } $key = Route::param('key'); $keys = (array) explode(',', $key); $keys = array_filter($keys); if (count($keys) == 0) { Message::GetMessage(0, 'Места не выбраны!'); HTTP::redirect('backend/afisha/index'); } $afisha = DB::select('afisha.*', array('places.name', 'place'), 'places.filename', 'places.address')->from('afisha')->join('places')->on('afisha.place_id', '=', 'places.id')->where('afisha.id', '=', (int) Route::param('id'))->find(); if (!$afisha) { return Config::error(); } // Get prices by afisha ID $prices = DB::select('id')->from('prices')->where('afisha_id', '=', $afisha->id)->find_all(); if (count($prices) == 0) { Message::GetMessage(0, 'Ошибка создания заказа (выборка цен)'); HTTP::redirect('backend/afisha/index'); } $pricesIds = array(); foreach ($prices as $price) { $pricesIds[] = $price->id; } // Generate seats id from places list $seats = DB::select('id')->from('seats')->where('view_key', 'IN', $keys)->where('price_id', 'IN', $pricesIds)->and_where_open()->where('status', '=', 1)->or_where_open()->where('status', '=', 2)->where('reserved_at', '<', time() - 60 * 60 * 24 * Config::get('reserved_days'))->or_where_close()->and_where_close()->find_all(); if (count($seats) == 0) { Message::GetMessage(0, 'Ошибка создания заказа (выборка мест)'); HTTP::redirect('backend/afisha/index'); } $seatsId = array(); foreach ($seats as $seat) { $seatsId[] = $seat->id; } $orderType = (int) Route::param('orderType'); $data = array('afisha_id' => $afisha->id, 'is_admin' => User::info()->role_id == 2 ? 1 : 0, 'admin_brone' => $orderType, 'creator_id' => User::info()->id, 'seats_keys' => implode(',', $keys), 'created_at' => time(), 'first_created_at' => time(), 'status' => ''); $res = DB::insert('afisha_orders', array_keys($data))->values(array_values($data))->execute(); if ($res) { // Update status $res2 = DB::update('seats')->set(array('status' => $orderType == 1 ? 3 : 2, 'reserved_at' => time()))->where('id', 'IN', $seatsId)->execute(); Message::GetMessage(1, 'Заказ успешно создан!'); HTTP::redirect('backend/afisha_orders/edit/' . $res[0]); } else { Message::GetMessage(0, 'Ошибка создания заказа!'); HTTP::redirect('backend/afisha/index'); } }
public function sidebarBackend($array = array()) { $result = DB::select()->from('menu')->where('status', '=', 1)->order_by('sort')->as_object()->execute(); $arr = array(); if (User::god()) { foreach ($result as $obj) { $arr[$obj->id_parent][] = $obj; } } else { $access = User::access(); $_arr = array(); foreach ($result as $obj) { $r = explode('/', trim($obj->link, '/')); if ($r[0] == 'seo') { array_splice($r, 0, 1); } if (!$obj->link || Arr::get($access, $r[0], 'no') == 'edit' || Arr::get($access, $r[0]) == 'view' && Arr::get($r, 1) == 'index') { $_arr[$obj->id_parent][] = $obj; } else { if (!$obj->link || Arr::get($access, str_replace('seo_', '', $r[0]), 'no') == 'edit' || Arr::get($access, str_replace('seo_', '', $r[0])) == 'view' && Arr::get($r, 1) == 'index') { $_arr[$obj->id_parent][] = $obj; } } } $arr = array(); foreach ($_arr[0] as $el) { if ($el->link || count(Arr::get($_arr, $el->id, array()))) { $arr[0][] = $el; } } foreach ($_arr as $key => $el) { if ($key != 0) { $arr[$key] = $el; } } } return $this->_data['sidebar'] = View::widget(array('result' => $arr, 'counts' => array()), 'Sidebar'); }
<?php if ($obj->status == 1) { ?> <i class="fa-check green"></i> <?php } else { ?> <i class="fa-dot-circle-o red"></i> <?php } ?> <?php } ?> <?php if (\Core\User::caccess() == 'edit') { ?> <a data-pub="<b>Отметить как непрочитанное</b><br>Прочитано" data-unpub="<b>Отметить как прочитано</b><br>Не прочитано" title="<?php echo $obj->status == 1 ? '<b>Отметить как непрочитанное</b><br>Прочитано' : '<b>Отметить как прочитано</b><br>Не прочитано'; ?> " data-status="<?php echo $obj->status; ?> " data-id="<?php echo $obj->id; ?>
public function updateOrderStatusAction() { $post = $_POST; $afisha_id = $post['afisha_id']; $status = $post['status']; if ($status == '') { $status = null; } if ($status == 'success') { $seatsStatus = 3; } else { $seatsStatus = 2; } $data = array('status' => $seatsStatus); if ($seatsStatus == 2) { $data['reserved_at'] = time(); } if (!$afisha_id) { die(json_encode(array('success' => false, 'message' => 'Ошибка получения данных'))); } if ($status != 'success' && User::info()->role_id != 2) { die(json_encode(array('success' => false, 'message' => 'У Вас нет прав для изменения статуса'))); } $orderData = array('status' => $status); if ($status == 'success') { $orderData['payer_id'] = User::info()->id; $orderData['payed_at'] = time(); $orderData['printed_seats'] = ''; } else { $orderData['payer_id'] = 0; } \Core\Common::update('afisha_orders', $orderData)->where('id', '=', (int) $afisha_id)->execute(); // Get current order $afisha = DB::select()->from('afisha_orders')->where('id', '=', (int) $afisha_id)->find(); $prices = DB::select('id')->from('prices')->where('afisha_id', '=', $afisha->afisha_id)->find_all(); $pricesArr = array(); if (count($prices)) { foreach ($prices as $key => $value) { $pricesArr[] = $value->id; } $res2 = \Core\Common::update('seats', $data)->where('view_key', 'IN', array_filter(explode(',', $afisha->seats_keys)))->where('price_id', 'IN', $pricesArr)->execute(); } die(json_encode(array('success' => true, 'message' => 'Данные сохранены', 'reload' => true))); }
function innerAction() { if (User::info()->role_id != 2 && User::info()->id != Route::param('id') && User::info()->see_all_cashier_stat == 0) { $this->no_access(); } // Set filter vars $date_s = NULL; $date_po = NULL; $status = NULL; $eventId = null; $creatorId = null; if (Arr::get($_GET, 'date_s')) { $date_s = strtotime(Arr::get($_GET, 'date_s')); } if (Arr::get($_GET, 'date_po')) { $date_po = strtotime(Arr::get($_GET, 'date_po')); } if (isset($this->pay_statuses[Arr::get($_GET, 'status')])) { $status = Arr::get($_GET, 'status', 1); } if (Arr::get($_GET, 'status') == 'null') { $status = 'null'; } if (Arr::get($_GET, 'event') != 0) { $eventId = Arr::get($_GET, 'event'); } if (Arr::get($_GET, 'creator_id') != 0) { $creatorId = Arr::get($_GET, 'creator_id'); } // Select current user $cassier = DB::select()->from($this->tablename)->where($this->tablename . '.id', '=', Route::param('id'))->find(); $this->_seo['h1'] = 'Статистика по ' . $cassier->name; $this->_seo['title'] = 'Статистика по ' . $cassier->name; $this->setBreadcrumbs('Статистика по ' . $cassier->name); $ordersQuery = DB::select()->from('afisha_orders')->where('payer_id', '=', $cassier->id); $this->setFilter($ordersQuery, $date_s, $date_po, $status, $eventId, $creatorId, 'afisha_orders'); $orders = $ordersQuery->order_by('created_at', 'DESC')->find_all(); // Make array with all need data $afishaGroups = array(); foreach ($orders as $order) { $afisha = DB::select()->from('afisha')->where('id', '=', $order->afisha_id)->find(); $afishaGroups[$order->afisha_id]['afisha'] = $afisha; $afishaGroups[$order->afisha_id]['orders'][$order->id] = $order; } // Rendering $this->_content = View::tpl(array('afishaGroups' => $afishaGroups, 'pay_statuses' => $this->pay_statuses, 'events' => DB::select()->from('afisha')->where('place_id', 'IS NOT', null)->find_all(), 'creators' => array(), 'pager' => '', 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/Inner'); }
</a> <ul class="navbarNav"> <?php $access = \Core\User::access(); ?> <?php if (\Core\User::god() || isset($access['contacts']) && $access['log'] != 'no') { ?> <?php echo Core\Widgets::get('headerNew'); ?> <?php } ?> <?php if (\Core\User::god() || isset($access['contacts']) && $access['contacts'] != 'no') { ?> <?php echo Core\Widgets::get('headerContacts'); ?> <?php } ?> <li class="dropdown dropdownMenuHidden"> <a class="dropdownToggle" href="#"> <i class="fa-male"></i> <span class="navText username"><?php echo Core\User::info()->name; ?> </span> <i class="fa-caret-down small"></i>
function sendAction() { $id = (int) Route::param('id'); $user = Model::getRow($id); if (!$user) { Message::GetMessage(0, 'Пользователь не существуют!'); HTTP::redirect('backend/admins/index'); } if ($user->deleted || $user->status == 0) { Message::GetMessage(1, 'Пользователь удален или заблокирован!'); HTTP::redirect('backend/admins/index'); } if (!filter_var($user->email, FILTER_VALIDATE_EMAIL)) { Message::GetMessage(1, 'E-Mail пользователя некорректен!'); HTTP::redirect('backend/admins/index'); } // Generate new password for user and save it to his account $password = User::factory()->generate_random_password(); User::factory()->update_password($user->id, $password); // Send E-Mail to user with instructions how recover password $mail = Common::factory('mail_templates')->getRow(5); if ($mail) { $from = array('{{site}}', '{{ip}}', '{{date}}', '{{password}}'); $to = array(Arr::get($_SERVER, 'HTTP_HOST'), System::getRealIP(), date('d.m.Y H:i'), $password); $subject = str_replace($from, $to, $mail->subject); $text = str_replace($from, $to, $mail->text); Email::send($subject, $text, $user->email); } Message::GetMessage(1, 'Новый пароль отправлен на E-Mail пользователя!'); HTTP::redirect('backend/admins/index'); }
function printAction() { if (User::get_access_for_controller('afisha_brone') != 'edit') { $this->no_access(); } $seats = (array) $_POST['SEATS']; $printType = $_POST['print-type'] ? $_POST['print-type'] : 'base'; if (count($seats) == 0) { Message::GetMessage(0, 'Места не выбраны!'); HTTP::redirect('backend/afisha_orders/edit/' . Route::param('id')); } $order = DB::select()->from($this->tablename)->where('id', '=', Route::param('id'))->find(); if (!$order) { return Config::error(); } $afisha = DB::select('afisha.*', array('places.name', 'place'), 'places.filename', 'places.address', 'places.city_id')->from('afisha')->join('places')->on('afisha.place_id', '=', 'places.id')->where('afisha.id', '=', $order->afisha_id)->find(); if (!$afisha) { return Config::error(); } $city = DB::select()->from('cities')->where('id', '=', $afisha->city_id)->find(); $seatStr = array(); $termoSeatStr = array(); try { $dom = Map::factory()->loadFile($afisha->filename)->getDomInstance(); $gTag = $dom->getElementsByTagName('g'); foreach ($gTag as $el) { $id = $el->getAttribute('id'); if (in_array($id, $seats)) { if ($el->parentNode->hasAttribute('data-plase')) { $originalPlace = $el->parentNode->getAttribute('data-plase'); } elseif ($el->parentNode->parentNode->hasAttribute('data-plase')) { $originalPlace = $el->parentNode->parentNode->getAttribute('data-plase'); } if ($originalPlace) { $place = str_replace('(левая сторона)', '(лев. сторона)', $originalPlace); $place = str_replace('(правая сторона)', '(пр. сторона)', $place); $place = str_replace(',', '<br />', $place); $place = str_replace('ряд', 'ряд:', $place); $seatStr[$id] = str_replace(array('места', 'Места'), 'место', $place); $dataInit = json_decode($el->getAttribute('data-init')); $seatStr[$id] .= $dataInit->seat; // For termo print preg_match('#^(.*)?, ряд ([0-9]+)#', $originalPlace, $matches); $termoSeatStr[$id]['block'] = $matches[1]; $termoSeatStr[$id]['row'] = $matches[2]; $termoSeatStr[$id]['seat'] = $dataInit->seat; $termoSeatStr[$id]['block'] = str_replace('(левая сторона)', '(лев. сторона)', $termoSeatStr[$id]['block']); $termoSeatStr[$id]['block'] = str_replace('(правая сторона)', '(пр. сторона)', $termoSeatStr[$id]['block']); } } } } catch (\Exception $e) { die('Ошибка загрузки карты'); } $tickets = array(); foreach ($seats as $seat) { if (User::info()->role_id != 2 && User::get_access_for_controller('afisha_print_unlimit') == 'edit' && strpos($order->printed_seats, $seat) !== false) { continue; } $priceRow = DB::select('price')->from('prices')->join('seats', 'LEFT')->on('prices.id', '=', 'seats.price_id')->where('afisha_id', '=', $order->afisha_id)->where('seats.view_key', '=', $seat)->find(); $tickets[] = Arr::to_object(array('event_name' => $afisha->name, 'print_name' => $afisha->print_name, 'print_name_small' => $afisha->print_name_small, 'event_date' => date('d', $afisha->event_date) . ' ' . Dates::month(date('m', $afisha->event_date)) . ' ' . date('Y', $afisha->event_date) . ' в ' . $afisha->event_time, 'event_place' => $afisha->place, 'event_just_date' => date('j', $afisha->event_date) . ' ' . Dates::month(date('m', $afisha->event_date)) . ' ' . date('Y', $afisha->event_date), 'event_time' => $afisha->event_time, 'event_address' => $afisha->address, 'place_string' => $seatStr[$seat], 'place_block' => $termoSeatStr[$seat]['block'], 'place_row' => $termoSeatStr[$seat]['row'], 'place_seat' => $termoSeatStr[$seat]['seat'], 'price' => $priceRow->price, 'phone' => $city->phone, 'barcode' => $afisha->id . '-' . $order->id . '-' . $seat)); } // Update print seats keys if (User::info()->role_id != 2 && User::get_access_for_controller('afisha_print_unlimit') == 'edit') { $oldSeats = $order->printed_seats; $newSeats = array(); if (strlen($oldSeats)) { $oldSeats = explode(',', $oldSeats); if (count($oldSeats)) { $newSeats = (array) $oldSeats; } } foreach ($seats as $seat) { $newSeats[] = $seat; } $newSeats = array_filter(array_unique($newSeats)); $newSeats = implode(',', $newSeats); DB::update($this->tablename)->set(array('printed_seats' => $newSeats))->where('id', '=', $order->id)->execute(); } // Update order status $newOrder = DB::select()->from('afisha_orders')->where('id', '=', $order->id)->find(); $printedAllSeats = true; $printedSeats = array_filter(explode(',', $newOrder->printed_seats)); foreach (array_filter(explode(',', $newOrder->seats_keys)) as $seat) { if (!in_array($seat, $printedSeats)) { $printedAllSeats = false; } } if (User::info()->role_id != 2 && $printedAllSeats) { \Core\Common::update('afisha_orders', array('status' => 'success'))->where('id', '=', (int) $order->id)->execute(); $prices = DB::select('id')->from('prices')->where('afisha_id', '=', $order->afisha_id)->find_all(); $pricesArr = array(); if (count($prices)) { foreach ($prices as $key => $value) { $pricesArr[] = $value->id; } \Core\Common::update('seats', array('status' => 3))->where('view_key', 'IN', array_filter(explode(',', $order->seats_keys)))->where('price_id', 'IN', $pricesArr)->execute(); } } if ($printType == 'base') { echo View::tpl(array('tickets' => $tickets), 'Afisha_orders/Print'); } else { echo View::tpl(array('tickets' => $tickets), 'Afisha_orders/PrintTermo'); } die; }
public function before() { User::factory()->is_remember(); $this->config(); }
/** * Check if user want to remember his password * If true - auth him */ public function is_remember() { if (User::info()) { return false; } if (!isset($_COOKIE[$this->_session])) { return false; } $cookie = Cookie::getArray($this->_session); if (!isset($cookie['remember']) || (int) $cookie['remember'] == 0) { return false; } if (!isset($cookie['id']) || (int) $cookie['id'] == 0) { return false; } if (isset($cookie['exit']) && (int) $cookie['exit'] == 1) { return false; } if (!isset($cookie['exit'])) { Cookie::set($this->_session, array('remember' => (int) $cookie['remember'], 'exit' => 0, 'id' => $cookie['id']), 60 * 60 * 24 * 7); } $user = DB::select($this->_tbl . '.*', array($this->_tbl_roles . '.alias', 'role'))->from($this->_tbl)->join($this->_tbl_roles)->on($this->_tbl . '.role_id', '=', $this->_tbl_roles . '.id')->where($this->_tbl . '.status', '=', 1)->where($this->_tbl . '.id', '=', $cookie['id']); if (APPLICATION) { $user->where($this->_tbl_roles . '.alias', '!=', 'user'); } else { $user->where($this->_tbl_roles . '.alias', '=', 'user'); } $user = $user->find(); if (!$user) { return false; } if ($this->auth($user, $cookie['remember'])) { HTTP::redirect(Arr::get($_SERVER, 'REQUEST_URI')); } return false; }
function addAction() { if ($_POST) { $post = $_POST['FORM']; $post['status'] = Arr::get($_POST, 'status', 0); $post['password'] = trim(Arr::get($_POST, 'password')); if (Model::valid($post)) { if ($post['password']) { $post['password'] = User::factory()->hash_password($post['password']); } $res = Model::insert(Model::$table, $post)->execute(); if ($res[1]) { Message::GetMessage(1, 'Вы успешно добавили данные!'); if (Arr::get($_POST, 'button', 'save') == 'save-close') { HTTP::redirect('backend/' . Route::controller() . '/index'); } else { if (Arr::get($_POST, 'button', 'save') == 'save-add') { HTTP::redirect('backend/' . Route::controller() . '/add'); } else { HTTP::redirect('backend/' . Route::controller() . '/edit/' . $res[0]); } } } else { Message::GetMessage(0, 'Не удалось добавить данные!'); } } unset($post['password']); $result = Arr::to_object($post); } else { $result = Model::getRow(Route::param('id')); } $this->_toolbar = Widgets::get('Toolbar/Edit'); $this->_seo['h1'] = 'Редактирование'; $this->_seo['title'] = 'Редактирование'; $this->setBreadcrumbs('Редактирование', 'backend/' . Route::controller() . '/edit/' . Route::param('id')); $this->_content = View::tpl(array('obj' => $result, 'tpl_folder' => $this->tpl_folder), $this->tpl_folder . '/Form'); }