private function getFileContent($url, $escape)
{
if (DISABLE_INCLUDE) {
return 'remote file inclusion disabled';
}
try {
$content = mb_convert_encoding(file_get_contents($url), 'HTML-ENTITIES', 'utf-8');
} catch (\Exception $e) {
Log::error(sprintf("Error while retrieving %s\n%s", $url, $e->getMessage()));
return 'Error while retrieving ' . htmlentities($url);
}
if ($escape) {
$content = htmlspecialchars($content);
}
return $content;
}
public function index()
{
if (!Auth::isLogged()) {
Url::redirect('login');
}
$data['js'] = array(Url::assetPath('js') . 'plugins/forms/selects/select2.min.js', Url::assetPath('js') . 'plugins/forms/validation/validate.min.js', Url::assetPath('js') . 'plugins/notifications/bootbox.min.js', Url::assetPath('js') . 'pages/settings.js');
$settings = $this->setting->getSettings();
if (isset($settings)) {
foreach ($settings as $obj) {
$data[$obj->name] = $obj->value;
}
}
if (isset($_POST['update'])) {
$site_name = $_POST['site_name'];
$site_email = $_POST['site_email'];
$domains = $_POST['domains'];
if ($site_name == '') {
$error[] = $this->language->get('site_name_required');
}
if ($site_email == '') {
$error[] = $this->language->get('site_email_required');
}
if ($domains == '') {
$error[] = $this->language->get('domains_required');
}
if (!$error) {
foreach ($_POST as $key => $value) {
$data2 = array('value' => $value);
$where = array('name' => $key);
$log[$key] = $value;
if (!empty($value) && $data[$key] != $log[$key]) {
$this->setting->updateSettings($data2, $where);
Log::notice('log_settings_edit', json_encode(array($data2, $where)));
}
}
Session::set('success', $this->language->get('msg_settings_edit'));
Url::redirect('settings');
}
}
View::renderTemplate('header', $data);
View::render('settings/index', $data, $error);
View::renderTemplate('footer', $data);
}
/**
* Comment Delete
*/
public function commentsDelete($id = null)
{
$result = $this->blog->deleteComment(array('id' => $id));
Log::notice('log_comments_delete', json_encode(array('id' => $id)));
}
/**
* Assign Permissions
*/
public function assign($role_id)
{
$data['js'] = array(Url::assetPath('js') . 'plugins/forms/selects/select2.min.js', Url::assetPath('js') . 'plugins/forms/validation/validate.min.js', Url::assetPath('js') . 'plugins/forms/styling/switch.min.js', Url::assetPath('js') . 'plugins/extensions/quicksearch.js', Url::assetPath('js') . 'pages/roles_assign.js');
$data['role'] = $this->role->getRole($role_id);
$rolePermissions = $this->permission->getRolePermissions($role_id);
$data['permissions'] = $this->buildPermissionsTable($role_id, $rolePermissions);
if (isset($_POST['update'])) {
$permissions = $_POST['permission'];
$where = array('role_id' => $role_id);
$this->role->deletePermissionsForRole($where);
if (!empty($permissions)) {
foreach ($permissions as $permission) {
$permisions_ids .= $permission . ', ';
$data = array('permission_id' => $permission, 'role_id' => $role_id);
$this->role->insertPermissionsForRole($data);
}
}
$permisions_ids = substr($permisions_ids, 0, -2);
Session::set('success', $this->language->get('msg_role_assign'));
Log::notice('log_role_assign', 'role_id: ' . $role_id . ', permission_ids: ' . $permisions_ids);
Url::redirect('roles');
}
if (isset($_POST['cancel'])) {
Url::redirect('roles');
}
View::renderTemplate('header', $data);
View::render('roles/assign', $data, $error);
View::renderTemplate('footer', $data);
}
/**
* Delete Office
*/
public function delete($id)
{
$this->office->deleteOffice(array('id' => $id));
Session::set('success', $this->language->get('msg_office_delete'));
Log::notice('log_office_delete', 'id: ' . $id);
Url::redirect('offices');
}
/**
* Delete Team
*/
public function delete($id)
{
$this->team->deleteTeam(array('id' => $id));
Session::set('success', $this->language->get('msg_team_delete'));
Log::notice('log_team_delete', 'id: ' . $id);
Url::redirect('teams');
}
/**
* Delete Group
*/
public function delete($id)
{
$this->group->deleteGroup(array('id' => $id));
Session::set('success', $this->language->get('msg_group_delete'));
Log::notice('log_group_delete', 'id: ' . $id);
Url::redirect('groups');
}
/**
* Delete Company
*/
public function delete($id)
{
$this->company->deleteCompany(array('id' => $id));
Session::set('success', $this->language->get('msg_company_delete'));
Log::notice('log_company_delete', 'id: ' . $id);
Url::redirect('companies');
}
/**
* Delete Menu
*/
public function deleteMenu($id)
{
$this->navigation->deleteNavigation(array('id' => $id));
Session::set('success', $this->language->get('msg_navigation_delete'));
Log::notice('log_navigation_delete', 'id: ' . $id);
Url::redirect('navigation/1');
}
/**
* Edit User
*/
public function edit($id)
{
$data['js'] = array(Url::assetPath('js') . 'plugins/forms/selects/select2.min.js', Url::assetPath('js') . 'plugins/tables/datatables/datatables.min.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/responsive.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/buttons.min.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/jszip/jszip.min.js', Url::assetPath('js') . 'plugins/moment/moment.min.js', Url::assetPath('js') . 'plugins/pickers/bootstrap-datetimepicker.min.js', Url::assetPath('js') . 'plugins/tables/datatables/extensions/jquery.dataTables.yadcf.js', Url::assetPath('js') . 'plugins/forms/inputs/passy.js', Url::assetPath('js') . 'plugins/forms/inputs/email-autocomplete.js', Url::assetPath('js') . 'plugins/forms/inputs/slugify.js', Url::assetPath('js') . 'plugins/forms/validation/validate.min.js', Url::assetPath('js') . 'plugins/forms/styling/uniform.min.js', Url::assetPath('js') . 'plugins/extensions/sticky-tabs.js', Url::assetPath('js') . 'plugins/media/cropper.min.js', Url::assetPath('js') . 'pages/profile.js');
$data['user'] = $this->user->getUser($id);
$data['user_groups'] = $this->user->getUserGroups($id);
$data['user_departments'] = $this->user->getUserDepartments($id);
$data['user_teams'] = $this->user->getUserTeams($id);
$data['user_direct_mangers'] = $this->user->getUserDirectManager($id);
$data['user_indirect_mangers'] = $this->user->getUserIndirectManager($id);
$data['user_roles'] = $this->user->getUserRoles($id);
$data['users'] = $this->user->getUsers();
$data['groups'] = $this->group->getGroups();
$data['departments'] = $this->department->getDepartments();
$data['companies'] = $this->company->getCompanies();
$data['offices'] = $this->office->getOffices();
$data['teams'] = $this->team->getTeams();
$data['user_types'] = $this->user_type->getUserTypes();
$data['activity_log'] = $this->user->getPersonalActivityLog(Session::get('id'));
$data['prac_etaty'] = $this->optima->getPracEtaty();
$data['languages'] = $this->interface_language->getLanguages();
$data['roles'] = $this->role->getRoles();
$rolePermissions = $this->permission->getRolePermissions($data['user_roles']);
$userPermissions = $this->permission->getUserPermissions($id);
$data['permissions'] = $this->buildPermissionsTable($id, $rolePermissions, $userPermissions);
if (isset($_POST['save_details'])) {
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
if (!empty($_POST['birthday'])) {
$birthday = Date::convertLocalDateToSQL($_POST['birthday'], $_SESSION['dateformat']);
} else {
$birthday = NULL;
}
$birthday_agree = $_POST['birthday_agree'];
$position_title = $_POST['position_title'];
$department_id = $_POST['department'];
$company = $_POST['company'];
$office = $_POST['office'];
$office_location = $_POST['office_location'];
$user_type = $_POST['user_type'];
$phone_business = $_POST['phone_business'];
$phone_personal = $_POST['phone_personal'];
$mobile_business = $_POST['mobile_business'];
$mobile_personal = $_POST['mobile_personal'];
$email_business = $_POST['email_business'];
$email_personal = $_POST['email_personal'];
$skype = $_POST['skype'];
$linkedin = $_POST['linkedin'];
$twitter = $_POST['twitter'];
$twitter = $_POST['twitter'];
$facebook = $_POST['facebook'];
$facebook = $_POST['facebook'];
$googleplus = $_POST['googleplus'];
$optima_id = $_POST['optima_id'];
if (!empty($_POST['date_of_employment'])) {
$date_of_employment = Date::convertLocalDateToSQL($_POST['date_of_employment'], $_SESSION['dateformat']);
} else {
$date_of_employment = NULL;
}
if (!empty($_POST['date_of_termination'])) {
$date_of_termination = Date::convertLocalDateToSQL($_POST['date_of_termination'], $_SESSION['dateformat']);
} else {
$date_of_termination = NULL;
}
$sign_attendance_list = $_POST['sign_attendance_list'];
if ($first_name == '') {
$error[] = $this->language->get('first_name_required');
}
if ($last_name == '') {
$error[] = $this->language->get('last_name_required');
}
if ($user_type == '') {
$error[] = $this->language->get('user_type_required');
}
if (!$error) {
//user
$data = array('first_name' => $first_name, 'last_name' => $last_name, 'optima_id' => $optima_id);
$where = array('id' => $id);
$this->user->update($data, $where);
//details
$data_details = array('user_id' => $id, 'birthday' => $birthday, 'birthday_agree' => $birthday_agree, 'position_title' => $position_title, 'company_id' => $company, 'office_id' => $office, 'office_location' => $office_location, 'user_type_id' => $user_type, 'phone_business' => $phone_business, 'phone_personal' => $phone_personal, 'mobile_business' => $mobile_business, 'mobile_personal' => $mobile_personal, 'email_business' => $email_business, 'email_personal' => $email_personal, 'skype' => $skype, 'linkedin' => $linkedin, 'twitter' => $twitter, 'facebook' => $facebook, 'googleplus' => $googleplus, 'date_of_employment' => $date_of_employment, 'date_of_termination' => $date_of_termination, 'sign_attendance_list' => $sign_attendance_list);
$this->user->updateDetails($data_details);
//departments
if (isset($_POST['departments'])) {
$where_department = array('user_id' => $id);
$this->user->deleteUserDepartments($where_department);
foreach ($_POST['departments'] as $department_id) {
$data_department = array('department_id' => $department_id, 'user_id' => $id);
$this->user->updateUserDepartments($data_department);
}
} else {
$where_department = array('user_id' => $id);
$this->user->deleteUserDepartments($where_department, '');
}
//teams
if (isset($_POST['teams'])) {
$where_team = array('user_id' => $id);
$this->user->deleteUserTeams($where_team);
foreach ($_POST['teams'] as $team_id) {
$data_team = array('team_id' => $team_id, 'user_id' => $id);
$this->user->updateUserTeams($data_team);
}
} else {
$where_team = array('user_id' => $id);
$this->user->deleteUserTeams($where_team, '');
}
//groups
if (isset($_POST['groups'])) {
$where_group = array('user_id' => $id);
$this->user->deleteUserGroups($where_group);
foreach ($_POST['groups'] as $group_id) {
$data_group = array('group_id' => $group_id, 'user_id' => $id);
$this->user->updateUserGroups($data_group);
}
} else {
$where_group = array('user_id' => $id);
$this->user->deleteUserGroups($where_group, '');
}
//direct managers
if (isset($_POST['direct_mangers']) && !empty($_POST['direct_mangers']) && $_POST['direct_mangers'] != 0) {
$where_direct_mangers = array('user_id' => $id, 'indirect' => '0');
$this->user->deleteUserMangers($where_direct_mangers);
foreach ($_POST['direct_mangers'] as $manager_id) {
$data_direct_mangers = array('manager_id' => $manager_id != '' ? $manager_id : NULL, 'user_id' => $id, 'indirect' => '0');
$this->user->updateUserMangers($data_direct_mangers);
}
} else {
$data_direct_mangers = array('manager_id' => NULL, 'user_id' => $id, 'indirect' => '0');
$this->user->updateUserMangers($data_direct_mangers);
}
//indirect managers
if (isset($_POST['indirect_mangers'])) {
$where_indirect_mangers = array('user_id' => $id, 'indirect' => '1');
$this->user->deleteUserMangers($where_indirect_mangers);
foreach ($_POST['indirect_mangers'] as $manager_id) {
$data_indirect_mangers = array('manager_id' => $manager_id != 'null' ? $manager_id : NULL, 'user_id' => $id, 'indirect' => '1');
$this->user->updateUserMangers($data_indirect_mangers);
}
} else {
$where_indirect_mangers = array('user_id' => $id, 'indirect' => '1');
$this->user->deleteUserMangers($where_indirect_mangers, '');
}
Session::set('success', $this->language->get('msg_user_edit'));
Log::notice('log_user_edit_details', json_encode(array($data, $data_details, $data_department, $data_team, $data_group, $data_direct_mangers, $data_indirect_mangers)));
Url::redirect('users/edit/' . $id);
}
}
if (isset($_POST['save_settings'])) {
$dateformat = $_POST['dateformat'];
$timeformat = $_POST['timeformat'];
$interface_language = $_POST['interface_language'];
$timezone = $_POST['timezone'];
if ($dateformat == '') {
$error[] = $this->language->get('dateformat_required');
}
if ($timeformat == '') {
$error[] = $this->language->get('timeformat_required');
}
if ($interface_language == '') {
$error[] = $this->language->get('interface_language_required');
}
if ($timezone == '') {
$error[] = $this->language->get('timezone_required');
}
if (!$error) {
//user
$data = array('dateformat' => $dateformat, 'timeformat' => $timeformat, 'language_id' => $interface_language, 'timezone' => $timezone);
$where = array('id' => $id);
$this->user->update($data, $where);
Session::set('timezone', $timezone);
Session::set('dateformat', $dateformat);
Session::set('timeformat', $timeformat);
Session::set('language_id', $interface_language);
Session::set('success', $this->language->get('msg_user_edit'));
Log::notice('log_user_edit_settings', json_encode($data));
Url::redirect('users/edit/' . $id . '#settings');
}
}
if (isset($_POST['save_authentication'])) {
$username = $_POST['username'];
if (!empty($_POST['status'])) {
$status = $_POST['status'];
} else {
$status = 0;
}
$password = Password::make($_POST['password']);
if ($username == '') {
$error[] = $this->language->get('username_required');
}
if (!$error) {
if (!empty($_POST['password'])) {
$data = array('username' => $username, 'status' => $status, 'password' => $password, 'password_updated_at' => date("Y-m-d H:i:s"));
//log
$data_log = array('username' => $username, 'status' => $status, 'password' => '***', 'password_updated_at' => date("Y-m-d H:i:s"));
} else {
$data = array('username' => $username, 'status' => $status);
//log
$data_log = array('username' => $username, 'status' => $status);
}
$where = array('id' => $id);
$this->user->update($data, $where);
Session::set('success', $this->language->get('msg_user_edit'));
Log::notice('log_user_edit_authentication', json_encode($data_log));
Url::redirect('users/edit/' . $id . '#authentication');
}
}
if (isset($_POST['save_roles'])) {
if (isset($_POST['roles'])) {
$where_role = array('user_id' => $id);
$this->user->deleteUserRoles($where_role);
$roles_log = array();
foreach ($_POST['roles'] as $role_id) {
$data_role = array('role_id' => $role_id, 'user_id' => $id);
$this->user->updateUserRoles($data_role);
$roles_log[] = $data_role;
}
} else {
$where_role = array('user_id' => $id);
$this->user->deleteUserRoles($where_role, '');
}
Session::set('success', $this->language->get('msg_user_edit'));
Log::notice('log_user_edit_roles', json_encode($roles_log));
Url::redirect('users/edit/' . $id . '#permissions');
}
if (isset($_POST['save_permissions'])) {
$permissions = $_POST['permission'];
$where_permission = array('user_id' => $id);
$this->user->deletePermissionsForUser($where_permission);
if (!empty($permissions)) {
$permissions_log = array();
foreach ($permissions as $permission) {
$permisions_ids .= $permission . ', ';
$data_permission = array('permission_id' => $permission, 'user_id' => $id);
$permissions_log[] = $data_permission;
$this->user->insertPermissionsForUser($data_permission);
}
}
$permisions_ids = substr($permisions_ids, 0, -2);
Session::set('success', $this->language->get('msg_user_edit'));
Log::notice('log_user_edit_permissions', json_encode($permissions_log));
Url::redirect('users/edit/' . $id . '#permissions');
}
View::renderTemplate('header', $data);
View::render('users/edit', $data, $error);
View::renderTemplate('footer', $data);
}
<th class="all" style="min-width: 30px;" data-orderable="false"> </th
</tr>
<tr class="yadcf-filters">
<th></th>
<th></th>
<th></th>
<th></th>
<th></th>
<th></th>
</tr>
</thead>
<tbody>
<?php
if ($data['prac_etaty']) {
foreach ($data['prac_etaty'] as $row) {
$color = Log::colorLog($row->type);
if (!is_null($row->id)) {
$exist = '<span data-popup="tooltip" title="' . $row->first_name . ' ' . $row->last_name . ' (ID:' . $row->id . ')"><i class="icon-user text-success"></i></span>';
} else {
$exist = '';
}
$use = "<ul class=\"icons-list\"><li class=\"select-optima-id\" data-data-optima=\"{$row->o_PRE_PraId}\"><i data-popup=\"tooltip\" data-placement=\"left\" title=\"" . Language::show('use_this', 'users') . "\" class=\"icon-select2 cursor-pointer\"></i></li></ul>";
echo "<tr>";
echo "<td>{$row->o_PRE_Imie1}</td>";
echo "<td>{$row->o_PRE_Nazwisko}</td>";
echo "<td>{$row->o_PRE_PraId} {$exist}</td>";
echo "<td data-filter=\"" . Date::showDate($row->o_PRE_ZatrudnionyOd, 'local', 'local') . "\" data-sort=\"{$row->o_PRE_ZatrudnionyOd}\">" . Date::showDate($row->o_PRE_ZatrudnionyOd, 'local', 'local') . "</td>";
echo "<td data-filter=\"" . Date::showDate($row->o_PRE_ZatrudnionyDo, 'local', 'local') . "\" data-sort=\"{$row->o_PRE_ZatrudnionyDo}\">" . Date::showDate($row->o_PRE_ZatrudnionyDo, 'local', 'local') . "</td>";
echo "<td> \n {$use}\n </td>";
echo "</tr>";
}
/**
* Delete Department
*/
public function delete($id)
{
$this->department->deleteDepartment(array('id' => $id));
Session::set('success', $this->language->get('msg_department_delete'));
Log::notice('log_department_delete', 'id: ' . $id);
Url::redirect('departments');
}
/**
* Password Recovery
*/
public function recovery()
{
$data['title'] = $this->language->get('title_recovery');
if (isset($_POST['submit'])) {
$email = $_POST['email'];
//validation
if (Password::verify($password, $this->model->getHash($username)) == false) {
$error[] = $this->language->get('error_recovery');
}
//if validation has passed carry on
if (!$error) {
$userDb = $this->model->getUser($username);
$user = $userDb[0];
Session::set('loggedin', true);
Session::set('id', $user->id);
Session::set('first_name', $user->first_name);
Session::set('last_name', $user->last_name);
Session::set('timezone', $user->timezone);
Session::set('dateformat', $user->dateformat);
Session::set('timeformat', $user->timeformat);
Session::set('dateformat_moment', Date::convertPHPToMomentFormat($user->dateformat));
Session::set('timeformat_moment', Date::convertPHPToMomentFormat($user->timeformat));
Session::set('language_id', 1);
Session::set('language_code', 'en');
if (!Cookie::exists('navigation')) {
Cookie::set('navigation', '');
}
Log::info('logged_in');
//$data = array('lastLogin' => date('Y-m-d H:i:s'));
//$where = array('id' => $this->_model->getId($username));
//$this->_model->update($data,$where);
Url::redirect();
} else {
$data['username'] = $username;
}
}
View::renderTemplate('header', $data, 'auth');
View::render('auth/recovery', $data, $error);
View::renderTemplate('footer', $data, 'auth');
}
<?php
/**
* Piwik - Open source web analytics
*
* @link http://piwik.org
* @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
*/
require '../vendor/autoload.php';
if (file_exists('../config/local.php')) {
require '../config/local.php';
}
require '../config/app.php';
use Slim\Slim;
use Slim\Views\Twig;
use helpers\Log;
use helpers\CacheMiddleware;
// New Slim App
$app = new Slim(array('view' => new Twig(), 'log.enabled' => true, 'debug' => DEBUG, 'templates.path' => '../templates', 'templates.cache' => realpath('../tmp/templates'), 'templates.charset' => 'utf-8', 'templates.auto_reload' => true, 'templates.autoescape' => true, 'log.writer' => new \Slim\Extras\Log\DateTimeFileWriter(array('path' => realpath('../tmp/logs'), 'name_format' => 'Y-m-d'))));
$app->add(new CacheMiddleware());
$app->error(function (\Exception $e) use($app) {
Log::error('An unhandled exception occurred: ' . $e->getMessage() . $e->getTraceAsString());
$app->response()->status(500);
});
$app->setName('developer.piwik.org');
$log = $app->getLog();
$log->setEnabled(true);
require '../routes/page.php';
$app->run();
/**
* Delete UserType
*/
public function delete($id)
{
$this->user_type->deleteUserType(array('id' => $id));
Session::set('success', $this->language->get('msg_user_type_delete'));
Log::notice('log_user_type_delete', 'id: ' . $id);
Url::redirect('user-types');
}
