public function postProcess()
{
global $cookie, $currentIndex;
if (Tools::isSubmit('submitDatePicker')) {
if (!Validate::isDate($from = Tools::getValue('datepickerFrom')) or !Validate::isDate($to = Tools::getValue('datepickerTo'))) {
$this->_errors[] = Tools::displayError('Date specified is invalid');
}
}
if (Tools::isSubmit('submitDateDay')) {
$from = date('Y-m-d');
$to = date('Y-m-d');
}
if (Tools::isSubmit('submitDateDayPrev')) {
$yesterday = time() - 60 * 60 * 24;
$from = date('Y-m-d', $yesterday);
$to = date('Y-m-d', $yesterday);
}
if (Tools::isSubmit('submitDateMonth')) {
$from = date('Y-m-01');
$to = date('Y-m-t');
}
if (Tools::isSubmit('submitDateMonthPrev')) {
$m = date('m') == 1 ? 12 : date('m') - 1;
$y = $m == 12 ? date('Y') - 1 : date('Y');
$from = $y . '-' . $m . '-01';
$to = $y . '-' . $m . date('-t', mktime(12, 0, 0, $m, 15, $y));
}
if (Tools::isSubmit('submitDateYear')) {
$from = date('Y-01-01');
$to = date('Y-12-31');
}
if (Tools::isSubmit('submitDateYearPrev')) {
$from = date('Y') - 1 . date('-01-01');
$to = date('Y') - 1 . date('-12-31');
}
if (isset($from) and isset($to) and !sizeof($this->_errors)) {
$employee = new Employee($cookie->id_employee);
$employee->stats_date_from = $from;
$employee->stats_date_to = $to;
$employee->update();
Tools::redirectAdmin($_SERVER['REQUEST_URI']);
}
if (Tools::getValue('submitSettings')) {
if ($this->tabAccess['edit'] === '1') {
$currentIndex .= '&module=' . Tools::getValue('module');
$this->_postConfig($this->_fieldsSettings);
} else {
$this->_errors[] = Tools::displayError('You do not have permission to edit here.');
}
}
if (sizeof($this->_errors)) {
AdminTab::displayErrors();
}
}
public function update($id)
{
$params = $_POST;
$services = Service::all();
$attributes = array('id' => $id, 'name' => $params['name'], 'special' => $params['special'], 'introduction' => $params['introduction']);
$employee = new Employee($attributes);
$errors = $employee->errors();
foreach ($services as $serv) {
if (isset($_POST[$serv->id])) {
OfferedServicesController::create($id, $serv->id);
} else {
OfferedServicesController::destroy($id, $serv->id);
}
}
$serviceList = OfferedServicesController::getServices($id, $services);
if (count($errors) > 0) {
View::make('employee/edit.html', array('errors' => $errors, 'attributes' => $attributes, 'services' => $services, 'serviceList' => $serviceList));
} else {
$employee->update();
Redirect::to('/tyontekijat/' . $employee->id, array('message' => "Työntekijään tehdyt muutokset tallennettu!"));
}
}
public function postProcess()
{
global $cookie, $currentIndex;
if (Tools::isSubmit('submitDatePicker')) {
if (!Validate::isDate($from = Tools::getValue('datepickerFrom')) or !Validate::isDate($to = Tools::getValue('datepickerTo'))) {
$this->_errors[] = Tools::displayError('date specified not valid');
}
}
if (Tools::isSubmit('submitDateToday')) {
$from = date('Y-m-d');
$to = date('Y-m-d');
}
if (Tools::isSubmit('submitDateMonth')) {
$from = date('Y-m-01');
$to = date('Y-m-t');
}
if (Tools::isSubmit('submitDateYear')) {
$from = date('Y-01-01');
$to = date('Y-12-31');
}
if (isset($from) and isset($to) and !sizeof($this->_errors)) {
$employee = new Employee($cookie->id_employee);
$employee->stats_date_from = $from;
$employee->stats_date_to = $to;
$employee->update();
Tools::redirectAdmin($_SERVER['REQUEST_URI']);
}
if (Tools::getValue('submitSettings')) {
if ($this->tabAccess['edit'] === '1') {
$currentIndex .= '&module=' . Tools::getValue('module');
$this->_postConfig($this->_fieldsSettings);
} else {
$this->_errors[] = Tools::displayError('You do not have permission to edit something here.');
}
}
if (sizeof($this->_errors)) {
AdminTab::displayErrors();
}
}
public function processForgot()
{
if (_PS_MODE_DEMO_) {
$this->errors[] = Tools::displayError('This functionality has been disabled.');
} elseif (!($email = trim(Tools::getValue('email_forgot')))) {
$this->errors[] = Tools::displayError('Email is empty.');
} elseif (!Validate::isEmail($email)) {
$this->errors[] = Tools::displayError('Invalid email address.');
} else {
$employee = new Employee();
if (!$employee->getByEmail($email) || !$employee) {
$this->errors[] = Tools::displayError('This account does not exist.');
} elseif (strtotime($employee->last_passwd_gen . '+' . Configuration::get('PS_PASSWD_TIME_BACK') . ' minutes') - time() > 0) {
$this->errors[] = sprintf(Tools::displayError('You can regenerate your password only every %d minute(s)'), Configuration::get('PS_PASSWD_TIME_BACK'));
}
}
if (!count($this->errors)) {
$pwd = Tools::passwdGen(10, 'RANDOM');
$employee->passwd = Tools::encrypt($pwd);
$employee->last_passwd_gen = date('Y-m-d H:i:s', time());
$params = array('{email}' => $employee->email, '{lastname}' => $employee->lastname, '{firstname}' => $employee->firstname, '{passwd}' => $pwd);
if (Mail::Send($employee->id_lang, 'employee_password', Mail::l('Your new password', $employee->id_lang), $params, $employee->email, $employee->firstname . ' ' . $employee->lastname)) {
// Update employee only if the mail can be sent
Shop::setContext(Shop::CONTEXT_SHOP, (int) min($employee->getAssociatedShops()));
$result = $employee->update();
if (!$result) {
$this->errors[] = Tools::displayError('An error occurred while attempting to change your password.');
} else {
die(Tools::jsonEncode(array('hasErrors' => false, 'confirm' => $this->l('Your password has been emailed to you.', 'AdminTab', false, false))));
}
} else {
die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => array(Tools::displayError('An error occurred while attempting to change your password.')))));
}
} elseif (Tools::isSubmit('ajax')) {
die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => $this->errors)));
}
}
public function processForgot()
{
if (_PS_MODE_DEMO_) {
$this->errors[] = Tools::displayError('This functionality has been disabled.');
} elseif (!($email = trim(Tools::getValue('email_forgot')))) {
$this->errors[] = Tools::displayError('E-mail is empty');
} elseif (!Validate::isEmail($email)) {
$this->errors[] = Tools::displayError('Invalid e-mail address');
} else {
$employee = new Employee();
if (!$employee->getByemail($email) || !$employee) {
$this->errors[] = Tools::displayError('This account does not exist');
} elseif (strtotime($employee->last_passwd_gen . '+' . Configuration::get('PS_PASSWD_TIME_BACK') . ' minutes') - time() > 0) {
$this->errors[] = sprintf(Tools::displayError('You can regenerate your password only every %d minute(s)'), Configuration::get('PS_PASSWD_TIME_BACK'));
}
}
if (!count($this->errors)) {
$pwd = Tools::passwdGen();
$employee->passwd = md5(pSQL(_COOKIE_KEY_ . $pwd));
$employee->last_passwd_gen = date('Y-m-d H:i:s', time());
$params = array('{email}' => $employee->email, '{lastname}' => $employee->lastname, '{firstname}' => $employee->firstname, '{passwd}' => $pwd);
if (Mail::Send((int) Configuration::get('PS_LANG_DEFAULT'), 'password', Mail::l('Your new password', (int) Configuration::get('PS_LANG_DEFAULT')), $params, $employee->email, $employee->firstname . ' ' . $employee->lastname)) {
// Update employee only if the mail can be sent
$result = $employee->update();
if (!$result) {
$this->errors[] = Tools::displayError('An error occurred during your password change.');
} else {
die(Tools::jsonEncode(array('hasErrors' => false, 'confirm' => $this->l('Your password has been e-mailed to you', 'AdminTab', false, false))));
}
} else {
die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => array(Tools::displayError('An error occurred during your password change.')))));
}
} else {
if (Tools::isSubmit('ajax')) {
die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => $this->errors)));
}
}
}
/* Server Params */
$protocol_link = Configuration::get('PS_SSL_ENABLED') ? 'https://' : 'http://';
$protocol_content = (isset($useSSL) and $useSSL and Configuration::get('PS_SSL_ENABLED')) ? 'https://' : 'http://';
define('_PS_BASE_URL_', Tools::getShopDomain(true));
define('_PS_BASE_URL_SSL_', Tools::getShopDomainSsl(true));
$employee = new Employee((int) $cookie->id_employee);
$cookie->profile = $employee->id_profile;
$cookie->id_lang = (int) $employee->id_lang;
$iso = strtolower(Language::getIsoById($cookie->id_lang ? $cookie->id_lang : Configuration::get('PS_LANG_DEFAULT')));
include _PS_TRANSLATIONS_DIR_ . $iso . '/errors.php';
include _PS_TRANSLATIONS_DIR_ . $iso . '/fields.php';
include _PS_TRANSLATIONS_DIR_ . $iso . '/admin.php';
/* attribute id_lang is often needed, so we create a constant for performance reasons */
define('_USER_ID_LANG_', (int) $cookie->id_lang);
$path = dirname(__FILE__) . '/themes/';
if (empty($employee->bo_theme) or !file_exists($path . $employee->bo_theme . '/admin.css')) {
if (file_exists($path . 'oldschool/admin.css')) {
$employee->bo_theme = 'oldschool';
} elseif (file_exists($path . 'origins/admin.css')) {
$employee->bo_theme = 'origins';
} else {
foreach (scandir($path) as $theme) {
if ($theme[0] != '.' and file_exists($path . $theme . '/admin.css')) {
$employee->bo_theme = $theme;
break;
}
}
}
$employee->update();
}
}
} elseif (!Validate::isEmail($_POST['email'])) {
$errors[] = Tools::displayError('Invalid e-mail address');
} else {
$employee = new Employee();
if (!$employee->getByemail($_POST['email']) or !$employee) {
$errors[] = Tools::displayError('This account does not exist');
} else {
if (strtotime($employee->last_passwd_gen . '+' . Configuration::get('PS_PASSWD_TIME_BACK') . ' minutes') - time() > 0) {
$errors[] = Tools::displayError('You can regenerate your password only every') . ' ' . Configuration::get('PS_PASSWD_TIME_BACK') . ' ' . Tools::displayError('minute(s)');
} else {
$pwd = Tools::passwdGen();
$previous_password = $employee->passwd;
$previous_last_passwd_gen = $employee->last_passwd_gen;
$employee->passwd = md5(pSQL(_COOKIE_KEY_ . $pwd));
$employee->last_passwd_gen = date('Y-m-d H:i:s', time());
if (!$employee->update()) {
$errors[] = Tools::displayError('An error occurred during your password change.');
} elseif (!Mail::Send((int) $id_lang, 'password', Mail::l('Your new admin password', (int) $id_lang), array('{email}' => $employee->email, '{lastname}' => $employee->lastname, '{firstname}' => $employee->firstname, '{passwd}' => $pwd), $employee->email, $employee->firstname . ' ' . $employee->lastname)) {
$errors[] = Tools::displayError('Impossible to send the e-mail with your new password.');
$employee->passwd = $previous_password;
$employee->last_passwd_gen = $previous_last_passwd_gen;
$employee->update();
} else {
$confirmation = 'ok';
}
}
}
}
}
}
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
protected static function getEmployee($employee = null)
{
if (!$employee) {
global $cookie;
$employee = new Employee((int) $cookie->id_employee);
}
if (empty($employee->stats_date_from) or empty($employee->stats_date_to) or $employee->stats_date_from == '0000-00-00' or $employee->stats_date_to == '0000-00-00') {
if (empty($employee->stats_date_from) or $employee->stats_date_from == '0000-00-00') {
$employee->stats_date_from = date('Y') . '-01-01';
}
if (empty($employee->stats_date_to) or $employee->stats_date_to == '0000-00-00') {
$employee->stats_date_to = date('Y') . '-12-31';
}
$employee->update();
}
return $employee;
}
private static function getEmployee($employee = null)
{
if (!$employee) {
global $cookie;
$employee = new Employee(intval($cookie->id_employee));
}
if (empty($employee->stats_date_from) or empty($employee->stats_date_to)) {
if (empty($employee->stats_date_from)) {
$employee->stats_date_from = date('Y') . '-01-01';
}
if (empty($employee->stats_date_to)) {
$employee->stats_date_to = date('Y') . '-12-31';
}
$employee->update();
}
return $employee;
}
<?php
require '../includes/functions.php';
require 'templates/header.php';
$header = "accounts";
$page = "edit";
require 'templates/navbar.php';
require 'templates/sidebar.php';
$alert_array = array();
if (isset($_POST['submit'])) {
$employee = new Employee();
$employee->user_id = $_GET['id'];
$employee->validity = $_POST['validity'];
if ($employee->update('user_id')) {
$alert_array['success'] = 'The account was successfully updated!';
} else {
$alert_array['error'] = 'The account was not updated!';
}
}
if (isset($_GET['id']) && is_int(intval($_GET['id']))) {
$id = intval($_GET['id']);
$user = User::select(array('id' => $id));
$employee = Employee::select(array('user_id' => $id));
if (!$user || !$employee) {
redirect_to('account.view.php');
}
if (isset($_GET['clearBalance']) && $_GET['clearBalance'] == 'Continue') {
if (isset($_GET['deleteOrders']) && $_GET['deleteOrders'] == 'on') {
$orders = Order::select(array('user_id' => $user->id));
if (is_object($orders)) {
$orders = array($orders);
if (empty($_POST['email'])) {
$errors[] = Tools::displayError('e-mail is empty');
} elseif (!Validate::isEmail($_POST['email'])) {
$errors[] = Tools::displayError('invalid e-mail address');
} else {
$employee = new Employee();
if (!$employee->getByemail($_POST['email']) or !$employee) {
$errors[] = Tools::displayError('this account doesn\'t exist');
} else {
if (strtotime($employee->last_passwd_gen . '+' . Configuration::get('PS_PASSWD_TIME_BACK') . ' minutes') - time() > 0) {
$errors[] = Tools::displayError('You can regenerate your password only each') . ' ' . Configuration::get('PS_PASSWD_TIME_BACK') . ' ' . Tools::displayError('minute(s)');
} else {
$pwd = Tools::passwdGen();
$employee->passwd = md5(pSQL(_COOKIE_KEY_ . $pwd));
$employee->last_passwd_gen = date('Y-m-d H:i:s', time());
$result = $employee->update();
if (!$result) {
$errors[] = Tools::displayError('an error occurred during your password change');
} else {
Mail::Send($id_lang, 'password', 'Your new admin password', array('{email}' => $employee->email, '{lastname}' => $employee->lastname, '{firstname}' => $employee->firstname, '{passwd}' => $pwd), $employee->email, $employee->firstname . ' ' . $employee->lastname);
$confirmation = 'ok';
}
}
}
}
}
echo '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="fr" lang="fr">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
}
?>
</p><p style="font-weight: bold;">Update my details... </p><p><?php
$old_data = $employee->get();
echo "Before...<br><br>";
echo "<pre>";
print_r($old_data);
echo "</pre><br><br>";
$data = array();
$data['password'] = md5('new_passwd');
$data['phone_num'] = '+618-8463-2238';
$data['address'] = 'Lala Land';
$data['zip'] = '1100';
$data['state'] = 'Penang';
$new_employee = array();
if ($employee->update($data)) {
$new_employee = $employee->get();
echo "<pre>";
print_r($new_employee);
echo "</pre><br><br>";
$hash = sha1($id . $new_employee[0]['password'] . $seed);
} else {
echo "failed";
exit;
}
?>
</p><p style="font-weight: bold;">Still logged in after a password change?</p><p><?php
if (!$employee->isLoggedIn($hash)) {
echo "failed";
exit;
} else {
public static function edit_employee($email, $password = NULL, $profile = NULL, $firstname = NULL, $lastname = NULL)
{
if (!Validate::isEmail($email)) {
echo "{$email} is not a valid email address\n";
return false;
}
$employee = new Employee();
if (!$employee->getByEmail($email)) {
echo "Could not find an employee with email {$email}\n";
return false;
}
if ($password != NULL) {
$employee->passwd = md5(_COOKIE_KEY_ . $password);
}
if ($profile != NULL) {
if (!Validate::isInt($profile)) {
echo "{$profile} is not a valid profile ID\n";
return false;
}
$employee->id_profile = $profile;
}
if ($firstname != NULL) {
$employee->firstname = $firstname;
}
if ($lastname != NULL) {
$employee->lastname = $lastname;
}
$res = $employee->update();
if ($res) {
echo "Successfully updated user {$email}\n";
return true;
} else {
echo "Error, could not update user {$email}\n";
return false;
}
}
public function processReset()
{
if (_PS_MODE_DEMO_) {
$this->errors[] = $this->trans('This functionality has been disabled.', array(), 'Admin.Notifications.Error');
} elseif (!($reset_token_value = trim(Tools::getValue('reset_token')))) {
// hidden fields
$this->errors[] = $this->trans('Some identification information is missing.', array(), 'Admin.Login.Notification');
} elseif (!($id_employee = trim(Tools::getValue('id_employee')))) {
$this->errors[] = $this->trans('Some identification information is missing.', array(), 'Admin.Login.Notification');
} elseif (!($reset_email = trim(Tools::getValue('reset_email')))) {
$this->errors[] = $this->trans('Some identification information is missing.', array(), 'Admin.Login.Notification');
} elseif (!($reset_password = trim(Tools::getValue('reset_passwd')))) {
// password (twice)
$this->errors[] = $this->trans('The password is missing: please enter your new password.', array(), 'Admin.Login.Notification');
} elseif (!Validate::isPasswd($reset_password)) {
$this->errors[] = $this->trans('The password is not in a valid format.', array(), 'Admin.Login.Notification');
} elseif (!($reset_confirm = trim(Tools::getValue('reset_confirm')))) {
$this->errors[] = $this->trans('The confirmation is empty: please fill in the password confirmation as well.', array(), 'Admin.Login.Notification');
} elseif ($reset_password !== $reset_confirm) {
$this->errors[] = $this->trans('The password and its confirmation do not match. Please double check both passwords.', array(), 'Admin.Login.Notification');
} else {
$employee = new Employee();
if (!$employee->getByEmail($reset_email) || !$employee || $employee->id != $id_employee) {
// check matching employee id with its email
$this->errors[] = $this->trans('This account does not exist.', array(), 'Admin.Login.Notification');
} elseif (strtotime($employee->last_passwd_gen . '+' . Configuration::get('PS_PASSWD_TIME_BACK') . ' minutes') - time() > 0) {
$this->errors[] = sprintf($this->trans('You can reset your password every %d minute(s) only. Please try again later.', array(), 'Admin.Login.Notification'), Configuration::get('PS_PASSWD_TIME_BACK'));
} elseif ($employee->getValidResetPasswordToken() !== $reset_token_value) {
// To update password, we must have the temporary reset token that matches.
$this->errors[] = $this->trans('Your password reset request expired. Please start again.', array(), 'Admin.Login.Notification');
}
}
if (!count($this->errors)) {
$employee->passwd = Tools::encrypt($reset_password);
$employee->last_passwd_gen = date('Y-m-d H:i:s', time());
$params = array('{email}' => $employee->email, '{lastname}' => $employee->lastname, '{firstname}' => $employee->firstname);
if (Mail::Send($employee->id_lang, 'password', Mail::l('Your new password', $employee->id_lang), $params, $employee->email, $employee->firstname . ' ' . $employee->lastname)) {
// Update employee only if the mail can be sent
Shop::setContext(Shop::CONTEXT_SHOP, (int) min($employee->getAssociatedShops()));
$result = $employee->update();
if (!$result) {
$this->errors[] = $this->trans('An error occurred while attempting to change your password.', array(), 'Admin.Login.Notification');
} else {
$employee->removeResetPasswordToken();
// Delete temporary reset token
$employee->update();
die(Tools::jsonEncode(array('hasErrors' => false, 'confirm' => $this->l('The password has been changed successfully.', 'AdminTab', false, false))));
}
} else {
die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => array($this->trans('An error occurred while attempting to change your password.', array(), 'Admin.Login.Notification')))));
}
} elseif (Tools::isSubmit('ajax')) {
die(Tools::jsonEncode(array('hasErrors' => true, 'errors' => $this->errors)));
}
}
<?php
require_once dirname(__FILE__) . "/../private/lib/utilities.php";
session_start();
if (!isset($_POST['id']) || !isset($_POST['firstname']) || !isset($_POST['phone_num']) || !isset($_POST['alternate_email']) || !isset($_POST['lastname']) || !isset($_POST['zip']) || !isset($_POST['country'])) {
echo "ko";
exit;
//redirect_to('login.php');
}
$employee = new Employee($_POST['id'], $_SESSION['yel']['employee']['sid']);
$data = array();
$data['firstname'] = $_POST['firstname'];
$data['lastname'] = $_POST['lastname'];
$data['phone_num'] = $_POST['phone_num'];
$data['alternate_email'] = $_POST['alternate_email'];
$data['mobile'] = $_POST['mobile'];
$data['zip'] = $_POST['zip'];
$data['country'] = $_POST['country'];
$data['state'] = $_POST['state'];
$data['address'] = $_POST['address'];
if (isset($_POST['password'])) {
$data['password'] = $_POST['password'];
}
if (!$employee->update($data)) {
echo 'ko';
exit;
}
echo 'ok';
