public function control($next)
{
if (PermissionModel::findBy(['user_id' => User::getData()->id, 'permission' => 'admin'])) {
return $next();
} else {
goBack();
}
}
public function report($id)
{
$msg = MessageModel::id($id);
if ($msg) {
Response::download(path($msg->report));
} else {
goBack();
}
}
/**
* Authenticate the user by username and password and then by Messente's verification widget.
* @param type $username
* @param type $password
*/
function authenticate($username, $password)
{
// Primitive and unsecure authentication just for illustrating this example
if ($username == 'test' && $password == '1234') {
$request_params = array('user' => MESSENTE_API_USERNAME, 'version' => VERSION, 'callback_url' => CALLBACK_URL);
// Add phone number if it was submitted
if (isset($_POST['phone']) && !empty($_POST['phone'])) {
$request_params['phone'] = $_POST['phone'];
}
// Initialize signature calculation object
$signer = new Signer();
// Generate signature
$sig = $signer->generateSignature($request_params, MESSENTE_API_PASSWORD);
// Add signature to array
$request_params['sig'] = $sig;
// Redirect to Messente
verify($request_params);
} else {
goBack('Wrong credentials!');
}
}
if(empty($error_msg)){
if(isset($_POST['email_invoice']) && $_POST['email_invoice'] == 'Y'){
$invoice = new SI_Invoice();
if($invoice->get(intval($_POST['invoice_id'])) === FALSE){
$error_msg .= "Error retreiving invoice!\n";
debug_message($invoice->getLastError());
}
if($invoice->sendEmail('InvoiceEmail') === FALSE){
$error_msg .= "Error sending invoice notification!\n";
debug_message($invoice->getLastError());
}
}
if(empty($error_msg)){
goBack();
}
}
}else{
$error_msg .= "Error adding Payment!\n";
debug_message($payment->getLastError());
}
}
?>
<? require('header.php'); ?>
<div class="tableContainer">
<a href="javascript:;" class="tCollapse" onclick="toggleGrid(this)"><img src="images/arrow_down.jpg" alt="Hide table" /><?php
echo $title;
?>
</a><div>
function registrationAction()
{
if (POST) {
$regError = array();
$_POST["rid"] = $_POST["rid"] == "" ? 0 : decode($_POST["rid"]);
if ($_POST["fname"] == "") {
$regError["fname"] = "First name should not blank.";
}
if ($_POST["lname"] == "") {
$regError["lname"] = "Last name should not blank.";
}
if (!eregi("^[_a-z0-9-]+(\\.[_a-z0-9-]+)*@[a-z0-9-]+(\\.[a-z0-9-]+)*(\\.[a-z]{2,3})\$", $_POST["email"])) {
$regError["email"] = "Invalid email.";
} elseif ($this->user->CheckEmail($_POST["email"])) {
$regError["email"] = "Email already registered. Try with another.";
}
if ($_POST["email"] == "") {
$regError["email"] = "Email should not blank.";
}
if (strlen($_POST["password"]) < 6) {
$regError["password"] = "******";
}
if ($_POST["gender"] == "") {
$regError["gender"] = "Please select your gender.";
}
if (!$_POST["month"] > 0) {
$regError["month"] = "Please select your birth month.";
}
if (!$_POST["day"] > 0) {
$regError["day"] = "Please select your birth day.";
}
if (!$_POST["year"] > 0) {
$regError["year"] = "Please select your birth year.";
}
if (!count($regError) > 0) {
$reg = $this->user->Register($_POST);
if ($reg) {
$this->session->user = $user = $this->user->Login($_POST);
$this->session->error = array("<strong>Yo buddy</strong> ;-)<br />You are now a Pepoolean. We are waiting for your email confirmation.<br /><br />Please go to " . $_POST["email"] . " and follow the link..", 45, "welcome");
$msg = "<strong>Yo buddy</strong> ;-)<br /><br />\r\n\t\t\t\t\t\t\tYou are now a Pepoolean.<br />\r\n\t\t\t\t\t\t\tTo confirm your email address go to the link below:<br />\r\n\t\t\t\t\t\t\t<a href=\"" . WWW_ROOT . "greet/" . $user["regStatus"] . "/\">" . WWW_ROOT . "greet/" . $user["regStatus"] . "</a>\r\n\t\t\t\t\t\t\t<br /><br />Thanks<br />Pepool.com";
sendmail($user["fname"] . " " . $user["lname"] . " welcome to pepool.com", $msg, $user["email"], $user['fname'] . " " . $user['lname']);
if ($_POST["rid"] > 0) {
$invitee = new UsersModel($_POST["rid"]);
$invitee = $invitee->Info();
$msg = "Hello " . $invitee['fname'] . " " . $invitee['lname'] . ",<br /><br />\r\n\t\t\t\t\t\t\r\n\t\t\t\t\t\t" . $user["fname"] . " " . $user["lname"] . " just joined you on pepool.<br />\r\n\t\t\t\t\t\tTo view " . ($user["gender"] == 'M' ? 'his' : 'her') . " profile <a href=\"" . WWW_ROOT . "user/" . encode($user["id"]) . "/\">click here</a>.\r\n\t\t\t\t\t\t\r\n\t\t\t\t\t\t<br /><br />Thanks<br />Pepool.com";
sendmail($user["fname"] . " " . $user["lname"] . " is now a pepoolian", $msg, $invitee['email'], $invitee['fname'] . ' ' . $invitee['lname']);
// $this->session->user = $user;
@header("Location:" . WWW_ROOT . 'bio/' . encode($_POST['rid']) . '#slams/post');
die;
}
@header("Location:" . WWW_ROOT . 'my#invite');
die;
} else {
$this->session->error = array("<strong>SYSTEM DOWN!</strong><br />Please try again later.", 15);
$this->admin->Report("REG_0001");
}
} else {
$this->session->error = array(implode("<br />", $regError), 15);
}
goBack();
die;
}
}
*/
require_once $_SERVER["ROOT_DIR"] . "/init.php";
if (!me()->id()) {
goU('main');
}
if (isset($_POST['cancel'])) {
goBack('shop.network');
}
$data = $_POST;
$obNetwork = M('Shop')->loadNetworkById(@$_GET['id']);
if (isset($data['posted'])) {
if (isNull($obNetwork)) {
$obNetwork = M('Shop')->createNetwork();
}
try {
foreach ($obNetwork->props() as $key => $value) {
if (isset($data[$key]) && $key != 'id') {
$obNetwork->{$key} = $data[$key];
}
}
$obNetwork->save();
goBack('shop.network');
} catch (RM_Validator_Exception $e) {
foreach ($e->getResult()->getErrors() as $error) {
error(L('error.' . $error['code'], array('OBJECT' => L('shop.' . $error['place']))) . '<br>');
}
}
} else {
$data = isNull($obNetwork) ? array() : $obNetwork->props();
}
show('reports/shop/network_add', array('data' => $data));
return false;
}
if (!(isset($_POST['state']) && checkState($_POST['state']))) {
goBack('Shipping Address: State');
return false;
}
if (!(isset($_POST['zip']) && checkZip($_POST['zip']))) {
goBack('Shipping Address: Zip');
return false;
}
if (isset($_POST['favorite_cheese']) && strlen($_POST['favorite_cheese']) && !checkString($_POST['favorite_cheese'], 20)) {
goBack('Favorite Cheese');
return false;
}
if (isset($_POST['source']) && strlen($_POST['source']) && !checkString($_POST['source'], 60)) {
goBack('Where did you hear about us?');
return false;
}
$custom_fields = array($is_gift = isset($_POST['is_gift']) ? 'yes' : 'no', $age = $_POST['age'], $gender = $_POST['gender'], $favorite_cheese = isset($_POST['favorite_cheese']) ? $_POST['favorite_cheese'] : '', $billing_first_name = $_POST['billing_first_name'], $billing_last_name = $_POST['billing_last_name'], $billing_address1 = $_POST['billing_address1'], $billing_address2 = isset($_POST['billing_address2']) ? $_POST['billing_address2'] : '', $billing_city = $_POST['billing_city'], $billing_state = $_POST['billing_state'], $billing_zip = $_POST['billing_zip'], $source = isset($_POST['source']) ? $_POST['source'] : '');
$custom_string = implode('|', $custom_fields);
$all_fields = array();
$all_fields['first_name'] = $_POST['first_name'];
$all_fields['last_name'] = $_POST['last_name'];
$all_fields['address1'] = $_POST['address1'];
$all_fields['address2'] = $_POST['address2'];
$all_fields['city'] = $_POST['city'];
$all_fields['state'] = $_POST['state'];
$all_fields['zip'] = $_POST['zip'];
$all_fields['email'] = $_POST['email'];
$all_fields['night_phone_a'] = $_POST['night_phone_a'];
$all_fields['night_phone_b'] = $_POST['night_phone_b'];
goU('main');
}
if ($_GET['action'] == 'add') {
$obNews = M('News')->createNews(array());
} elseif ($_GET['action'] == 'edit') {
if (isNull($obNews = M('News')->loadNewsById($_GET['id']))) {
error(L('news.no_record'));
goU('news.index');
}
}
if (isset($_POST['posted'])) {
//echo '<pre>';
//var_dump($_POST);
$_POST['data']['posted'] = $_POST['data']['posted']['d'] . '-' . $_POST['data']['posted']['m'] . '-' . $_POST['data']['posted']['y'];
$_POST['data']['is_published'] = @$_POST['data']['is_published'] ? 1 : 0;
foreach ($_POST['data'] as $k => $v) {
$obNews->{$k} = $v;
}
try {
$obNews->save();
goBack('news.index');
} catch (RM_Validator_Exception $e) {
$err = iterFirst($e->getResult()->getErrors());
//var_dump($err);
error(L('news.field', array('place' => L('news.' . $err['place']), 'code' => L('news.' . $err['code']))));
} catch (RM_Base_Exception_Result $e) {
$err = iterFirst($e->getResult()->getErrors());
error(L('news.' . $err['code']));
}
}
show("/news/edit", array('action' => $_GET['action'], 'obNews' => $obNews));
*/
require_once $_SERVER["ROOT_DIR"] . "/init.php";
if (!me()->id()) {
goU('main');
}
if (isset($_POST['cancel'])) {
goBack('shop.trade_center');
}
$data = $_POST;
$obTradeCenter = M('Shop')->loadTradeCenterById(@$_GET['id']);
if (isset($data['posted'])) {
if (isNull($obTradeCenter)) {
$obTradeCenter = M('Shop')->createTradeCenter();
}
try {
foreach ($obTradeCenter->props() as $key => $value) {
if (isset($data[$key]) && $key != 'id') {
$obTradeCenter->{$key} = $data[$key];
}
}
$obTradeCenter->save();
goBack('shop.trade_center');
} catch (RM_Validator_Exception $e) {
foreach ($e->getResult()->getErrors() as $error) {
error(L('error.' . $error['code'], array('OBJECT' => L('shop.' . $error['place']))) . '<br>');
}
}
} else {
$data = isNull($obTradeCenter) ? array() : $obTradeCenter->props();
}
show('reports/shop/trade_center_add', array('data' => $data));
require_once('includes/common.php');
require_once('includes/SI_Invoice.php');
require_once('includes/SI_Company.php');
require_once('includes/SI_PDFInvoice.php');
checkLogin('accounting');
if(intval($_REQUEST['id']) == 0){
fatal_error("You must provide an invoice id to email!");
}
$invoice = new SI_Invoice();
if($invoice->get(intval($_REQUEST['id'])) === FALSE){
$error_msg .= "Error retreiving invoice information!\n";
debug_message($invoice->getLastError());
}
if(!$loggedin_user->hasRight('admin') && !$loggedin_user->hasRight('admin')){
if($loggedin_user->company_id != $invoice->company_id){
fatal_error("You do not have rights to access this invoice!");
}
}
$notification = 'InvoiceEmail';
if(isset($_REQUEST['notification'])){
$notification = $_REQUEST['notification'];
}
if($invoice->sendEmail($notification) === FALSE)
fatal_error("Error sending invoice:\n".$invoice->getLastError());
goBack(0);
error(L('equipment.not_exists'));
goBack('holder');
}
if (!M('Permission')->can('EDIT', $obHolder)) {
error(L('equipment.can_not_edit_holder'));
goBack('holder');
}
if ($obHolder->is_closed) {
message(L('equipment.edit_closed'));
goBack('holder');
}
if (!@$_POST['posted']) {
$data = $obHolder->props();
}
break;
}
if (@$_POST['posted']) {
updateObjectByArray($obHolder, $data);
try {
$obHolder->save();
message(L('equipment.saved'));
goBack('holder');
} catch (RM_Validator_Exception $e) {
$err = iterFirst($e->getResult()->getErrors());
error(L('equipment.' . $err['place']) . ' ' . L('equipment.' . $err['code']));
} catch (RM_Permission_Exception_Denied $e) {
error(L('equipment.can_not_edit_holder'));
goBack('holder');
}
}
show("/equipment/holder/edit", array('data' => @$data));
<?php
/**
* Add shop and create link to it
*/
require_once $_SERVER["ROOT_DIR"] . "/init.php";
if (!me()->id()) {
goU('main');
}
$data = $_POST;
$obShop = M('Shop')->createShop($data);
if (@$data['posted'] == 1) {
unset($obShop->posted);
try {
if ($obShop->save()) {
$obLink = M('Shop')->createLinkToShop($obShop->id(), me());
$obLink->save();
goBack('shop.user.nomap');
}
} catch (RM_Validator_Exception $e) {
$err = iterFirst($e->getResult()->getErrors());
error(L('shop.' . $err['code'], array('OBJECT' => L('shop.' . $err['place']))));
}
}
show('/shop/add', array('obShop' => $obShop));
break;
*/
case 'edit':
if (isNull($obInvoice = M('Holder')->loadInvoiceById(p('id')))) {
error(L('equipment.not_exists'));
goBack('invoice');
}
if (!@$_POST['posted']) {
$data = $obInvoice->props();
}
break;
}
if (@$_POST['posted']) {
updateObjectByArray($obInvoice, $data);
try {
if ($obInvoice->changeState(@$data['state'])) {
$obInvoice->save();
message(L('equipment.saved'));
} else {
error(L('equipment.change_state_' . @$data['state']));
}
goBack('invoice');
} catch (RM_Validator_Exception $e) {
$err = iterFirst($e->getResult()->getErrors());
error(L('equipment.' . $err['place']) . ' ' . L('equipment.' . $err['code']));
} catch (RM_Permission_Exception $e) {
PE($e);
}
}
show("/equipment/invoice/edit", array('data' => @$data));
break;
case 'edit':
if (isNull($obEquipment = M('Equipment')->loadById(p('id')))) {
error(L('equipment.not_exists'));
goBack('equipment');
}
if (!@$_POST['posted']) {
$data = $obEquipment->props();
}
break;
}
if (@$_POST['posted']) {
/*
echo '<pre>';
var_dump($data);
echo '</pre>';
*/
if (!@$data['deploy']) {
$data['deploy'] = 0;
}
updateObjectByArray($obEquipment, $data);
try {
$obEquipment->save();
message(L('equipment.saved'));
goBack('equipment');
} catch (RM_Validator_Exception $e) {
$err = iterFirst($e->getResult()->getErrors());
error(L('equipment.' . $err['place']) . ' ' . L('equipment.' . $err['code']));
}
}
show("/equipment/equipment/edit", array('data' => @$data));
