function add_process()
{
if( $this->form_validation->run('admin_create_company') == FALSE )
{
echo '<div class="alert error"><ul>' . validation_errors('<li style="color:red">','</li>') . '</ul></div>';
}
elseif( $this->customers_model->exists_email( $this->input->post('email') ) > 0)
{
echo '<div class="alert error">Email already used.</div>';
}
else
{
if( $this->customers_model->add_company())
{
$subject = 'Customer login details';
$message = 'Hello, <br><br><b>Email:</b> '.$this->input->post('email').'. <br> <b>Password:</b> '.$this->input->post('password').'. <br>Please <a href="'.base_url('customer/login').'">click here</a> for login';
send_notice($this->input->post('email'),$subject,$message);
echo '<div class="alert alert-success">'.$this->lang->line('create_succesful').'</div>';
}
else
{
echo $this->lang->line('technical_problem');
}
}
}
/**
* 为Feed添加评论
*
*
* @param string token , 必填
* @param string fid - 必填
* @param string text - 必填
* @return feed array
* @author EasyChen
*/
public function feed_add_comment($text = false, $fid = false)
{
if (!$text) {
$content = $text = z(t(v('text')));
}
if (!not_empty($content)) {
return self::send_error(LR_API_ARGS_ERROR, __('INPUT_CHECK_BAD_ARGS', 'TEXT'));
}
if (!$fid) {
$fid = intval(v('fid'));
}
if (intval($fid) < 1) {
return self::send_error(LR_API_ARGS_ERROR, __('INPUT_CHECK_BAD_ARGS', 'FID'));
}
$finfo = get_line("SELECT * FROM `feed` WHERE `id` = '" . intval($fid) . "' LIMIT 1");
if (is_mobile_request()) {
$device = 'mobile';
} else {
$device = 'web';
}
$sql = "INSERT INTO `comment` ( `fid` , `uid` , `content` , `timeline` , `device` ) \n\t\tVALUES ( '" . intval($fid) . "' , '" . intval($_SESSION['uid']) . "' , '" . s($content) . "' , NOW() , '" . s($device) . "' ) ";
run_sql($sql);
if (db_errno() != 0) {
return self::send_error(LR_API_DB_ERROR, __('API_MESSAGE_DATABASE_ERROR') . mysql_error());
} else {
$lid = last_id();
// feed表comment_count计数增加
$count = get_var("SELECT COUNT(*) FROM `comment` WHERE `fid` = '" . intval($fid) . "' ", db());
$sql = "UPDATE `feed` SET `comment_count` = '" . intval($count) . "' WHERE `id` = '" . intval($fid) . "' LIMIT 1";
run_sql($sql);
// 向Feed作者发通知
if ($finfo['uid'] != uid()) {
send_notice($finfo['uid'], __('API_TEXT_COMMENT_FEED_OWNED', array(uname(), $finfo['content'], $content)), 2, array('fid' => intval($fid), 'count' => $count));
}
// 向参与了该Feed讨论的同学发送通知
$sql = "SELECT `uid` FROM `comment` WHERE `fid`= '" . intval($fid) . "' ";
if ($uitems = get_data($sql)) {
foreach ($uitems as $uitem) {
if ($uitem['uid'] != uid() && $uitem['uid'] != $finfo['uid']) {
$myuids[] = $uitem['uid'];
}
}
}
if (isset($myuids)) {
$myuids = array_unique($myuids);
foreach ($myuids as $muid) {
send_notice($muid, __('API_TEXT_COMMENT_FEED_IN', array(uname(), $finfo['content'], $content)), 2, array('fid' => intval($fid), 'count' => $count));
}
}
// 向被@的同学,发送通知
if ($ats = find_at($content)) {
$sql = "SELECT `id` FROM `user` WHERE ";
foreach ($ats as $at) {
$at = z(t($at));
if ($gname = get_group_names()) {
if (in_array(strtoupper($at), $gname)) {
if ($ndata = get_group_unames($at)) {
foreach ($ndata as $nname) {
$names[] = $nname;
}
}
} else {
$names[] = $at;
}
} else {
$names[] = $at;
}
}
foreach ($names as $at) {
$at = z(t($at));
if (mb_strlen($at, 'UTF-8') < 2) {
continue;
}
$wsql[] = " `name` = '" . s(t($at)) . "' ";
if (c('at_short_name')) {
if (mb_strlen($at, 'UTF-8') == 2) {
$wsql[] = " `name` LIKE '_" . s($at) . "' ";
}
}
}
if (isset($wsql) && is_array($wsql)) {
$sql = $sql . join(' OR ', $wsql);
if ($udata = get_data($sql)) {
foreach ($udata as $uitem) {
$myuids[] = $uitem['id'];
}
if (isset($myuids) && is_array($myuids)) {
$myuids = array_unique($myuids);
foreach ($myuids as $muid) {
if ($muid != uid() && $muid != $finfo['uid']) {
send_notice($muid, __('API_TEXT_AT_IN_CAST_COMMENT', array(uname(), $finfo['content'], $content)), 2, array('fid' => intval($fid), $count));
}
}
}
}
}
}
if ($comment = get_line("SELECT * FROM `comment` WHERE `id` = '" . intval($lid) . "' LIMIT 1", db())) {
$comment['user'] = get_user_info_by_id($_SESSION['uid']);
return self::send_result($comment);
} else {
if (db_errno() != 0) {
return self::send_error(LR_API_DB_ERROR, __('API_MESSAGE_DATABASE_ERROR') . mysql_error());
} else {
return self::send_error(LR_API_DB_EMPTY_RESULT, __('API_MESSAGE_EMPTY_RESULT_DATA'));
}
}
}
}
echo "\n<tr><td colspan=2><h2>Edit Event</h2></td></tr>";
echo "\n<tr><td>Date(s):</td><td>" . getDateList(false, $date) . "</td></tr>";
echo "\n<tr><td>Event:</td><td><input type=\"text\" size=40 value=\"{$event}\" name=\"txttitle\"></td></tr>";
echo "\n<tr><td>Details:</td><td><textarea rows=5 cols=40 name=\"txtnotice\">{$details}</textarea><p>";
echo "\n<input type=\"submit\" value=\"Save Changes\" name=\"B1\"></td></tr>";
echo "\n</table>";
echo "\n</form>";
} else {
$tempDate = getVAR("lstdate");
$tempTitle = mysql_real_escape_string(getVAR("txttitle"));
$tempNotice = mysql_real_escape_string(getVAR("txtnotice"));
foreach ($tempDate as $d) {
$d = date("Y-m-d", $d);
$query = "UPDATE {$events_table} SET event='{$tempTitle}',details='{$tempNotice}', event_date='{$d}' WHERE ID={$id}";
$result = do_mysql_query($query);
echo send_notice("OK", "Event edited.");
}
}
}
break;
case "manage_users":
if (authenticate($username, $password)) {
echo "<h2>Edit Users</h2>";
if (getVAR("txtUsername")) {
if (getVAR("txtPwd1") != getVAR("txtPwd2")) {
echo "Passwords don't match.<br>";
} else {
$tempUsername = getVAR("txtUsername");
$tempRealname = getVAR("txtRealname");
$tempPassword = md5(getVAR("txtPwd1"));
$result = do_mysql_query("INSERT INTO {$users_table} (ID,username,realname,password) VALUES ('','{$tempUsername}','{$tempRealname}','{$tempPassword}')");
send_notice($T['username'], lang($L['manage_msg_title'], array('帖子', dsubstr($T['title'], 20, '...'), $ontop ? '置顶' : '取消置顶')), lang($L['manage_msg_content'], array($MOD['linkurl'] . $T['linkurl'], nl2br($reason), $_username)));
}
}
dmsg($ontop ? '置顶设置成功' : '置顶取消成功', $forward);
break;
case 'style':
$itemid or msg('请选择帖子');
$style = isset($COLOR[$style]) ? '#' . $style : '';
foreach ($itemid as $tid) {
$db->query("UPDATE {$table} SET style='{$style}' WHERE itemid={$tid}");
}
if (need_notice()) {
foreach ($itemid as $tid) {
$T = $db->get_one("SELECT title,linkurl,username FROM {$table} WHERE itemid={$tid}");
$body = lang($L['manage_msg_content'], array($MOD['linkurl'] . $T['linkurl'], nl2br($reason), $_username));
send_notice($T['username'], lang($L['manage_msg_title'], array('帖子', dsubstr($T['title'], 20, '...'), $style ? '高亮' : '取消高亮')), lang($L['manage_msg_content'], array($MOD['linkurl'] . $T['linkurl'], nl2br($reason), $_username)));
}
}
dmsg($style ? '高亮设置成功' : '高亮取消成功', $forward);
break;
case 'recycle':
$lists = $do->get_list('status=0' . $condition, $dorder[$order]);
$menuid = 4;
include tpl('index', $module);
break;
case 'reject':
if ($itemid && !$psize) {
$do->reject($itemid);
dmsg('拒绝成功', $forward);
} else {
$lists = $do->get_list('status=1' . $condition, $dorder[$order]);
function add_process_ajax()
{
check_login();
if( $this->form_validation->run('admin_create_customers') == FALSE )
{
echo '<div class="alert error"><ul>' . validation_errors('<li style="color:red">','</li>') . '</ul></div>';
}
elseif( $this->contact_persons_model->exists_email( $this->input->post('email') ) > 0)
{
echo '<div class="alert error">Email already used.</div>';
}
else
{
if( $this->contact_persons_model->add_contact_persons())
{
$contact_person_id = $this->db->insert_id();
$data['contact_person'] = $this->contact_persons_model->get_contact_persons( $contact_person_id );
$subject = 'Customer login details';
$message = 'Hello, <br><br><b>Email:</b> '.$this->input->post('email').'. <br> <b>Password:</b> '.$this->input->post('password').'. <br>Please <a href="'.base_url('customer/login').'">click here</a> for login';
send_notice($this->input->post('email'),$subject,$message);
//echo '<div class="alert alert-success">'.$this->lang->line('create_succesful').'</div>';
$details=array();
$details['co_person_id']=$contact_person_id;
$details['co_person_name']=$data['contact_person']->first_name.' '.$data['contact_person']->last_name;
echo json_encode($details);
}
else
{
echo $this->lang->line('technical_problem');
}
}
}
function auto($is_fst)
{
if ($is_fst) {
$snts = snts_n_days_later(6);
} else {
$snts = snts_n_days_later(2);
}
foreach ($snts as $snt) {
$msg = gen_snt_msg($is_fst, $snt);
send_notice($is_fst, $snt, $msg);
}
}
function url_action_calendar($tools, $get, $post)
{
require_once $tools->include_path . 'cal_include.php';
if (!$tools->logged_in()) {
$tools->page_not_found();
}
/* get the current mailbox if any */
$mailbox = $tools->get_mailbox();
/* set the current mailbox */
if ($mailbox) {
$tools->set_mailbox($mailbox);
}
/* default values */
$page_data = array();
$week = false;
$month = false;
$today = date('m-d-Y');
$year = false;
$title = '';
$detail = '';
$repeat = 0;
$duration = 0;
$event_time = 0;
$month_label = false;
$day = false;
$last_day = false;
$events = array();
$duration = '';
$duration2 = '';
$event_time = '';
$event_time2 = '';
$first_week_day = false;
$all_events = array();
$edit_id = 0;
$dsp_page = 'calendar_month';
$final_week = false;
if (isset($post['calendar_add'])) {
$req_flds = array('title', 'year', 'month', 'day');
$opt_flds = array('repeat', 'detail', 'event_time', 'event_time2', 'duration', 'duration2');
$cal_atts = normalize_input($req_flds, $opt_flds, $post);
$cnt = count($req_flds) + count($opt_flds);
if (count($cal_atts) == $cnt) {
$edit_id = add_cal_event($cal_atts, $tools);
if ($edit_id) {
$tools->send_notice('Event Added');
$dsp_page = 'edit';
} else {
$tools->send_notice('An error occured adding this event');
$dsp_page = 'add';
}
} else {
$dsp_page = 'add';
foreach ($req_flds as $v) {
if (isset($cal_atts[$v])) {
${$v} = $cal_atts[$v];
}
}
foreach ($opt_flds as $v) {
if (isset($cal_atts[$v])) {
${$v} = $cal_atts[$v];
}
}
}
} elseif (isset($post['calendar_update'])) {
if (isset($post['event_id']) && ($event_id = $post['event_id'])) {
$edit_id = $post['event_id'];
$dsp_page = 'edit';
$req_flds = array('title', 'year', 'month', 'day', 'event_id');
$opt_flds = array('repeat', 'detail', 'event_time', 'event_time2', 'duration', 'duration2');
$cal_atts = normalize_input($req_flds, $opt_flds, $post);
$cnt = count($req_flds) + count($opt_flds);
if (count($cal_atts) == $cnt) {
$res = update_event($tools, $cal_atts);
if ($res) {
$tools->send_notice('Event Updated');
}
}
}
} elseif (isset($post['calendar_delete'])) {
if (isset($post['event_id']) && ($del_id = intval($post['event_id']))) {
if (delete_event($tools, $del_id)) {
calendar_init($tools);
$tools->send_notice('Event Deleted');
$dsp_page = 'calendar_month';
$month = date('m');
$year = date('Y');
$month_label = strtolower(date('F'));
$last_day = date('d', mktime(0, 0, 0, $month + 1, 0, $year));
$first_week_day = date('w', mktime(0, 0, 0, $month, 1, $year));
if ($first_week_day + $last_day > 36) {
$final_week = 6;
} elseif ($first_week_day == 0 && $last_day == 28) {
$final_week = 4;
} else {
$final_week = 5;
}
} else {
$edit_id = $del_id;
send_notice('Could not delete event');
}
}
} elseif (isset($get['list_events'])) {
$dsp_page = 'list_events';
$all_events = get_calendar_events(false, false, false, 'all', $tools);
} elseif (isset($get['add_event'])) {
$dsp_page = 'add';
foreach (array('year', 'month', 'day') as $v) {
if (isset($get[$v])) {
${$v} = $get[$v];
}
}
} elseif (isset($get['edit_event'])) {
$dsp_page = 'edit';
$edit_id = intval($get['edit_event']);
foreach (array('year', 'month', 'day') as $v) {
if (isset($get[$v])) {
${$v} = $get[$v];
}
}
} elseif (isset($get['year']) && $get['year']) {
if (preg_match("/^\\d{4}\$/", $get['year'])) {
$year = $get['year'];
$dsp_page = 'calendar_year';
/* check for month in URL args */
if (isset($get['month']) && $get['month']) {
$month = strtotime($get['month']);
if ($month && $month != -1) {
$month_label = $get['month'];
$month = date('m', $month);
$dsp_page = 'calendar_month';
$last_day = date('d', mktime(0, 0, 0, $month + 1, 0, $year));
$first_week_day = date('w', mktime(0, 0, 0, $month, 1, $year));
if ($first_week_day + $last_day > 36) {
$final_week = 6;
} elseif ($first_week_day == 0 && $last_day == 28) {
$final_week = 4;
} else {
$final_week = 5;
}
/* check for week in the URL args */
if (isset($get['week']) && $get['week']) {
if (preg_match("/^week([1-{$final_week}])\$/", $get['week'], $matches)) {
$dsp_page = 'calendar_week';
$week = $matches[1];
if ($week == 1) {
$last_month = strtolower(date('F', mktime(0, 0, 0, $month - 1, 1, $year)));
$last_int_month = strtolower(date('m', mktime(0, 0, 0, $month - 1, 1, $year)));
$last_year = date('Y', mktime(0, 0, 0, $month - 1, 1, $year));
$last_last_day = date('d', mktime(0, 0, 0, $last_int_month + 1, 0, $last_year));
$last_month_first_week_day = date('w', mktime(0, 0, 0, $last_int_month, 1, $last_year));
if ($last_month_first_week_day + $last_last_day > 36) {
$last_final_week = 6;
} elseif ($first_week_day == 0 && $last_day == 28) {
$last_final_week = 4;
} else {
$last_final_week = 5;
}
$last_url = '?page=calendar&year=' . $last_year . '&month=' . $last_month . '&week=week' . $last_final_week;
$next_url = '?page=calendar&year=' . $year . '&month=' . $month_label . '&week=week2';
} elseif ($week == $final_week) {
$next_month = strtolower(date('F', mktime(0, 0, 0, $month + 1, 1, $year)));
$next_year = date('Y', mktime(0, 0, 0, $month + 1, 1, $year));
$next_url = '?page=calendar&year=' . $next_year . '&month=' . $next_month . '&week=week1';
$last_url = '?page=calendar&year=' . $year . '&month=' . $month_label . '&week=week' . ($week - 1);
} else {
$next_url = '?page=calendar&year=' . $year . '&month=' . $month_label . '&week=week' . ($week + 1);
$last_url = '?page=calendar&year=' . $year . '&month=' . $month_label . '&week=week' . ($week - 1);
}
$page_data['last_url'] = $last_url;
$page_data['next_url'] = $next_url;
}
} elseif (isset($get['day']) && $get['day'] > 0 && $get['day'] <= $last_day) {
$dsp_page = 'calendar_day';
$day = $get['day'];
if ($day == $last_day) {
$last_url = '?page=calendar&year=' . $year . '&month=' . $month_label . '&day=' . ($day - 1);
if ($month == 12) {
$next_url = '?page=calendar&year=' . ($year + 1) . '&month=january&day=1';
} else {
$next_month = strtolower(date("F", mktime(0, 0, 0, $month + 1, 1, $year)));
$next_url = '?page=calendar&year=' . $year . '&month=' . $next_month . '&day=1';
}
} elseif ($day == 1) {
if ($month == 1) {
$last_url = '?page=calendar&year=' . ($year - 1) . '&month=december&day=31';
} else {
$last_month = strtolower(date("F", mktime(0, 0, 0, $month - 1, 1, $year)));
$last_day = date("t", mktime(0, 0, 0, $month - 1, 1, $year));
$last_url = '?page=calendar&year=' . $year . '&month=' . $last_month . '&day=' . $last_day;
}
$next_url = '?page=calendar&year=' . $year . '&month=' . $month_label . '&day=2';
} else {
$last_url = '?page=calendar&year=' . $year . '&month=' . $month_label . '&day=' . ($day - 1);
$next_url = '?page=calendar&year=' . $year . '&month=' . $month_label . '&day=' . ($day + 1);
}
$page_data['last_url'] = $last_url;
$page_data['next_url'] = $next_url;
}
}
}
}
} else {
$dsp_page = 'calendar_month';
$month = date('m');
$year = date('Y');
$month_label = strtolower(date('F'));
$last_day = date('d', mktime(0, 0, 0, $month + 1, 0, $year));
$first_week_day = date('w', mktime(0, 0, 0, $month, 1, $year));
if ($first_week_day + $last_day > 36) {
$final_week = 6;
} elseif ($first_week_day == 0 && $last_day == 28) {
$final_week = 4;
} else {
$final_week = 5;
}
}
if ($dsp_page != 'add' && $dsp_page != 'edit') {
$events = get_calendar_events($month, $year, $day, $dsp_page, $tools);
}
if ($edit_id != 0 && $dsp_page == 'edit') {
list($year, $month, $day, $event_time, $event_time2, $duration, $duration2, $title, $detail, $repeat) = get_cal_event($tools, $edit_id);
}
/* Build some more values for the display and stick everything into the $page_data array */
$prev_month = strtolower(date('F', mktime(0, 0, 0, $month - 1, 1, $year)));
$prev_month_url = '?page=calendar&year=' . date('Y', mktime(0, 0, 0, $month - 1, 1, $year)) . '&month=' . $prev_month;
$next_month = strtolower(date('F', mktime(0, 0, 0, $month + 1, 1, $year)));
$next_month_url = '?page=calendar&year=' . date('Y', mktime(0, 0, 0, $month + 1, 1, $year)) . '&month=' . $next_month;
$page_data['cal_data'] = array('events' => $events, 'all_events' => $all_events, 'month' => $month, 'year' => $year, 'day' => $day, 'week' => $week, 'last_day' => $last_day, 'first_week_day' => $first_week_day, 'final_week' => $final_week, 'prev_month' => $prev_month, 'next_month' => $next_month, 'today' => $today, 'next_month_url' => $next_month_url, 'prev_month_url' => $prev_month_url, 'month_label' => $month_label);
$page_data['dsp_page'] = $dsp_page;
$page_data['title'] = $title;
$page_data['detail'] = $detail;
$page_data['event_time'] = $event_time;
$page_data['duration'] = $duration;
$page_data['repeat'] = $repeat;
$page_data['duration'] = $duration;
$page_data['duration2'] = $duration2;
$page_data['event_time'] = $event_time;
$page_data['event_time2'] = $event_time2;
$page_data['edit_id'] = $edit_id;
$tools->set_title($tools->str[1]);
return $page_data;
}
function check_code( $email, $code )
{
$status = $this->customer_model->check_code( $email,$code );
if( $status == 0 )
{
$this->session->set_flashdata('message','<div class="alert error">'.$this->lang->line('invalid_reset_code').'</div>');
redirect(base_url('customer/login'),'refresh');
}
else
{
$new_password = $this->customer_model->create_new_password( $email );
$subject = 'New Password';
$message = 'Hello, <br><br> New password is <b>'.$new_password.'</b>. Please <a href="'.base_url('customer/login').'">click here</a> for login';
send_notice($email,$subject,$message);
$this->session->set_flashdata('message','<div class="alert ok">'.$this->lang->line('new_pass_sent').'</div>');
redirect(base_url('customer/login'),'refresh');
}
}
\t\t</div>
\t\t<br>
\t</div>
</div>
<div class="span3">
a;
classes($classno, $globalbranch);
echo "</div></div></div>";
display_footer();
echo "\n</body>\n</html>";
} else {
echo "<script type='text/javascript'>document.location.href='404.php';</script>";
}
}
}
send_notice("Send notice section");
if (isset($_POST['send'])) {
include 'config/db.php';
include 'config/settings.php';
$dbname = $branchyear . '_Logs';
$table = $branchyear . '_Notifications';
$To = $_SERVER['QUERY_STRING'];
if ($To != "all" and $To != "allcrs") {
$to = $_POST['to'];
$TO = $To . "@" . $to;
} else {
$TO = $To;
}
$from = $_SESSION['UserId'];
$sub = trim(htmlentities(addslashes($_POST['sub'])));
$mes = trim(htmlentities(addslashes(str_replace("\n", "<br>", $_POST['mes']))));