<?php
require 'path.php';
init_cobalt();
$page_title = 'Barangay System';
$stylesheet_link = 'style';
require 'header.php';
$data_con = new data_abstraction();
$data_con->set_fields('skin_name, header, footer, master_css, colors_css, fonts_css, override_css, icon_set');
$data_con->set_table('system_skins');
$data_con->set_where("skin_id=1");
$data_con->exec_fetch('single');
if ($data_con->num_rows == 1) {
extract($data_con->dump);
$_SESSION['header'] = $header;
$_SESSION['footer'] = $footer;
$_SESSION['skin'] = $skin_name;
$_SESSION['master_css'] = $master_css;
$_SESSION['colors_css'] = $colors_css;
$_SESSION['fonts_css'] = $fonts_css;
$_SESSION['override_css'] = $override_css;
$_SESSION['icon_set'] = $icon_set;
if (trim($_SESSION['icon_set'] == '')) {
$_SESSION['icon_set'] = 'cobalt';
}
}
$data_con->close_db();
require 'components/get_listview_referrer.php';
init_var($arr_error);
init_var($first_field);
init_var($goto_region);
$dbh->set_where("username='******'");
$dbh->make_query();
$dbh->close_db();
//Get the role permissions
require_once 'subclasses/user_role_links.php';
$obj_role = new user_role_links();
$obj_role->get_user_role_links($role);
$arrLink = $obj_role->dump['link_id'];
$numLinks = $obj_role->num_rows;
$obj_role->close_db();
//Assign permissions to user
$dbh = new data_abstraction();
foreach ($arrLink as $link_id) {
$dbh->set_query_type('SELECT');
$dbh->set_table('user_passport');
$dbh->set_fields('username, link_id');
$dbh->set_where("username='******' AND link_id='" . quote_smart($link_id) . "'");
$dbh->make_query();
if ($dbh->num_rows == 0) {
$dbh->set_query_type('INSERT');
$dbh->set_values("'" . quote_smart($Username) . "','" . quote_smart($link_id) . "'");
$dbh->make_query();
}
}
$dbh->close_db();
}
$message = 'Success! User passport has been updated.';
$message_type = 'system';
}
}
$html_writer = new html();
$KeywordSearch = cobalt_htmlentities($KeywordSearch);
$IPAddressOptions = cobalt_htmlentities($IPAddressOptions);
$TimeStart = cobalt_htmlentities($TimeStart);
$TimeEnd = cobalt_htmlentities($TimeEnd);
$Username = cobalt_htmlentities($Username);
$Module = cobalt_htmlentities($Module);
$Keyword = cobalt_htmlentities($Keyword);
$IPAddress = cobalt_htmlentities($IPAddress);
}
if (!isset($start)) {
$start = 0;
}
//Pagination ****************************
//->Query to get total number of records.
$data_con = new data_abstraction();
$data_con->set_fields("entry_id, ip_address, user, datetime, action, module");
$data_con->set_table("`system_log`");
$data_con->set_where("{$TimeFilter} AND {$UserFilter} AND {$ModuleFilter} AND {$KeywordFilter} AND {$IPAddressFilter}");
$data_con->set_order("entry_id");
if ($result = $data_con->make_query()->result) {
$total_records = $data_con->num_rows;
} else {
die("Error getting log entries: " . $data_con->QUERY);
}
//-> Now instantiate the pagination class and feed it the necessary information.
require 'paged_result_class.php';
$results_per_page = 50;
$pager = new paged_result($total_records, $results_per_page);
$pager->get_page_data($result_pager, $current_page);
$current_page = $pager->current_page;
$data_con->set_limit($pager->offset, $pager->records_per_page);
}
$redraw = TRUE;
}
}
$html = new html();
$html->draw_header('Change Skin', $message);
$html->display_info('Changing the System Skin does not affect functionality.<br>All changes are merely aesthetic.');
echo '<div class="container">
<fieldset class="container_invisible">
<fieldset class="top"> Skin (UI Theme) Management
</fieldset>
<fieldset class="middle">
<table class="input_form">';
echo '<tr><td class="label">System Skin:</td><td> <select name="skin_id">';
$data_con = new data_abstraction();
$data_con->set_fields('skin_id AS new_skin_id, skin_name');
$data_con->set_table('system_skins');
$data_con->set_order('skin_name');
$result = $data_con->make_query()->result;
$numrows = $data_con->num_rows;
if ($data_con->error) {
echo die($data_con->error);
}
$data_con->close_db();
for ($a = 0; $a < $numrows; $a++) {
$data = $result->fetch_assoc();
extract($data);
$selected = '';
if ($skin_name == $_SESSION['skin']) {
$selected = 'selected';
}
$data_con = new data_abstraction();
$data_con->set_fields('username');
$data_con->set_table('user_passport');
$data_con->set_where("username='******' AND link_id='{$link_id}'");
$data_con->make_query();
$checked = '';
if ($data_con->num_rows == 1) {
$checked = 'checked';
}
echo "<TR class={$class}><td class=\"listCell\"><label style=\"display: block;\" for='checkfield[{$a}]'><input type=checkbox ID='checkfield[{$a}]' name=\"link[]\" value='{$link_id}' {$checked}> {$Module_Name}</label></td>";
$data_con->close_db();
if ($a + 1 < $numrows) {
$info = $result->fetch_assoc();
extract($info);
$data_con = new data_abstraction();
$data_con->set_fields('username');
$data_con->set_table('user_passport');
$data_con->set_where("username='******' AND link_id='{$link_id}'");
$data_con->make_query();
if ($data_con->num_rows == 0) {
echo "<td class='listCell'><label style=\"display: block;\" for=\"checkfield[" . ($a + 1) . "]\"><input type=checkbox ID='checkfield[" . ($a + 1) . "]' name=\"link[]\" value='{$link_id}'> {$Module_Name}</label></td></tr>";
} elseif ($data_con->num_rows == 1) {
echo "<td class='listCell'><label style=\"display: block;\" for=\"checkfield[" . ($a + 1) . "]\"><input type=checkbox ID='checkfield[" . ($a + 1) . "]' name=\"link[]\" value='{$link_id}' checked> {$Module_Name}</label></td></tr>";
}
$data_con->close_db();
} else {
echo "<td class='listCell'> </td></tr>";
}
}
if ($numrows > 0) {
echo '<tr><td colspan=2 align=center>
function log_action($action, $module = '')
{
if (isset($_SESSION['user'])) {
$username = quote_smart($_SESSION['user']);
} else {
$username = '******';
}
if ($module == '') {
$module = $_SERVER['SCRIPT_NAME'];
}
$date = date("m-d-Y");
$real_time = date("G:i:s");
$new_date = explode("-", $date);
$new_time = explode(":", $real_time);
$timestamp = mktime($new_time[0], $new_time[1], $new_time[2], $new_date[0], $new_date[1], $new_date[2]);
$date_time = date("l, F d, Y -- h:i:s a");
$ip_address = get_ip();
$action = quote_smart($action);
$data_con = new data_abstraction();
$data_con->set_query_type('INSERT');
$data_con->set_table('system_log');
$data_con->set_fields('ip_address, user, datetime, action, module');
$data_con->set_values("'{$ip_address}', '{$username}', '{$timestamp}', '{$action}', '{$module}'");
$data_con->make_query(TRUE, FALSE);
}
$res = count($hi);
$html->display_tip('You have: ' . $res . ' documents to process');
require_once 'subclasses/citizen.php';
$dbh_citizen = new request();
$dbh_citizen->execute_query("SELECT status FROM validate WHERE status = 'wait list'");
$result2 = $dbh_citizen->result;
$hi = array();
while ($row2 = $result2->fetch_assoc()) {
extract($row2);
$hi[] = $row1['status'];
}
$results = count($hi);
$html->display_tip('There are: ' . $results . ' Wait listed citizen');
$menu_links = '';
$data_con = new data_abstraction();
$data_con->set_fields('a.link_id, a.descriptive_title, a.target, a.description, c.passport_group, a.icon as link_icon, c.icon as `group_icon`');
$data_con->set_table('user_links a, user_passport b, user_passport_groups c');
$data_con->set_where("a.link_id=b.link_id AND b.username='******'user']) . "' AND a.passport_group_id=c.passport_group_id AND a.show_in_tasklist='Yes' AND a.status='On'");
$data_con->set_order('c.priority DESC, c.passport_group, a.priority DESC, a.descriptive_title');
if ($result = $data_con->make_query()->result) {
while ($data = $result->fetch_assoc()) {
extract($data);
$menu_links[$passport_group]['title'][] = $descriptive_title;
$menu_links[$passport_group]['target'][] = $target;
$menu_links[$passport_group]['link_id'][] = $link_id;
$menu_links[$passport_group]['description'][] = $description;
$menu_links[$passport_group]['link_icon'][] = $link_icon;
$menu_links[$passport_group]['group_icon'][] = $group_icon;
}
$result->close();
} else {
$mysqli->real_query("SELECT `username`, `skin_id`, `first_name`, `middle_name`, `last_name` FROM `user`, `person` WHERE `username`='{$clean_username}' AND `password`='{$clean_password}' AND `user`.`person_id` = `person`.`person_id`");
if ($result = $mysqli->use_result()) {
if ($data = $result->fetch_assoc()) {
$result->close();
extract($data);
$data_con = new data_abstraction();
$data_con->set_fields('citizen_id');
$data_con->set_table('citizen');
$data_con->set_where("username=?");
$bind_params = array('s', $username);
$data_con->stmt_prepare($bind_params);
$data_con->stmt_fetch('single');
if ($data_con->num_rows > 0) {
extract($data_con->dump);
$data_con_validate = new data_abstraction();
$data_con_validate->set_fields('status');
$data_con_validate->set_table('validate');
$data_con_validate->set_where("citizen_id=?");
$bind_params = array('i', $citizen_id);
$data_con_validate->stmt_prepare($bind_params);
$data_con_validate->stmt_fetch('single');
if ($data_con_validate->num_rows > 0) {
extract($data_con_validate->dump);
if ($status == 'Accepted') {
$verified = TRUE;
}
}
$data_con_validate->close_db();
}
$data_con->close_db();
$_SESSION['logged'] = 'Logged';
</td></tr>
<tr>
<td colspan=2>
<table width="900" class="listView">
<tr class=listRowHead>
<td colspan="2"><?php
echo $active_passport_group;
?>
Modules</td>
</tr>
<?php
init_var($filter);
$a = 0;
$data_con = new data_abstraction();
$data_con->connect_db();
$data_con->set_fields('a.link_id, a.descriptive_title as `title`, a.status, b.passport_group');
$data_con->set_table('user_links a, user_passport_groups b');
$data_con->set_where("a.passport_group_id = b.passport_group_id AND a.name!='Module Control' {$filter}");
$data_con->set_order('a.descriptive_title');
if ($result = $data_con->make_query()->result) {
while ($data = $result->fetch_assoc()) {
extract($data);
if ($a % 4 == 0) {
$class = 'listRowOddNoHighlight';
} else {
$class = 'listRowEvenNoHighlight';
}
echo "<tr class={$class}>\n <td class=\"listCell\"><label style=\"display: block;\" for=\"checkfield[{$link_id}]\">";
$checked = '';
if ($status == "On") {
$checked = 'checked';
if (isset($_POST['group_field1'])) {
$group_field1 = $_POST['group_field1'];
$_SESSION[$sess_var]['group_field1'] = $group_field1;
}
if (isset($_POST['group_field2'])) {
$group_field2 = $_POST['group_field2'];
$_SESSION[$sess_var]['group_field2'] = $group_field2;
}
if (isset($_POST['group_field3'])) {
$group_field3 = $_POST['group_field3'];
$_SESSION[$sess_var]['group_field3'] = $group_field3;
}
$token = generate_token();
$_SESSION[$sess_var]['token'] = $token;
$token = rawurlencode($token);
$result_page = $reporter->result_page;
$open_result_page = TRUE;
}
}
}
//retrieve saved reports (if any)
$d = new data_abstraction();
$d->set_table('cobalt_reporter');
$d->set_fields('report_name');
$d->set_where("module_name=?");
$reporter_mod_name = $reporter->session_array_name;
$bind_params = array('s', $reporter_mod_name);
$d->stmt_prepare($bind_params);
$d->stmt_fetch();
$arr_saved_reports = $d->dump;
$d = null;
<?php
require 'path.php';
init_cobalt('ALLOW_ALL', FALSE);
function menuGroupWindowHeader($group)
{
echo '<table width="180" class="listView">
<tr class="listRowHead"><td>' . $group . '</td></tr>';
}
function menuGroupWindowFooter()
{
echo "</table>";
}
require_once $_SESSION['header'];
$data_con = new data_abstraction();
$data_con->set_fields('a.link_id, a.descriptive_title, a.target, a.description, c.passport_group')->set_table('user_links a, user_passport b, user_passport_groups c')->set_where("a.link_id=b.link_id AND b.username='******'user']) . "' AND a.passport_group_id=c.passport_group_id AND a.show_in_tasklist='Yes' AND a.status='On'")->set_order('c.priority DESC, c.passport_group, a.priority DESC, a.descriptive_title');
if ($result = $data_con->make_query()->result) {
$menu_links = array();
while ($data = $result->fetch_row()) {
$menu_links[$data[4]]['link_id'][] = $data[0];
$menu_links[$data[4]]['title'][] = $data[1];
$menu_links[$data[4]]['target'][] = $data[2];
$menu_links[$data[4]]['description'][] = $data[3];
unset($data);
}
$result->close();
$current_group = '';
foreach ($menu_links as $group => $link_info) {
if ($current_group == '') {
$current_group = $group;
menuGroupWindowHeader($group);
$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
require 'core/validation_class.php';
$validator = new validation();
$message = $validator->check_if_null('Old Password', $old_password, 'New Password', $password1, 'Confirm Password', $password2);
if (strlen($old_password) > MAX_PASSWORD_LENGTH || strlen($password1) > MAX_PASSWORD_LENGTH || strlen($password2) > MAX_PASSWORD_LENGTH) {
$message = 'Password must not be more than ' . MAX_PASSWORD_LENGTH . ' chars.<br>';
$old_password = '';
$password1 = '';
$password2 = '';
} elseif ($password1 != $password2) {
$message .= "New passwords do not match. <br>";
}
if ($message == '') {
$data_con = new data_abstraction();
$data_con->set_fields('password');
$data_con->set_table('user');
$data_con->set_where("username='******'user']) . "'");
$result = $data_con->make_query()->result;
$data_con->close_db();
$data = $result->fetch_assoc();
$result->close();
require 'core/password_crypto.php';
//Hash old password using default Cobalt password hashing technique
$hashed_old_password = cobalt_password_hash('RECREATE', $old_password, $_SESSION['user']);
if ($hashed_old_password != $data['password']) {
$message .= "The password you entered in 'Old Password' does not match the password in your records. <BR>";
}
}
if ($message == '') {
//Hash the password using default Cobalt password hashing technique
function cobalt_password_must_rehash($username)
{
$must_rehash = FALSE;
$dbh = new data_abstraction();
$dbh->set_table('user');
$dbh->set_fields('`iteration`, `method` AS `current_method`');
$dbh->set_where("`username`= ?");
$bind_params = array('s', $username);
$dbh->stmt_prepare($bind_params);
$dbh->stmt_fetch('single');
if ($dbh->num_rows == 1) {
extract($dbh->dump);
}
$method = cobalt_password_set_method();
if ($method == $current_method) {
if ($method == 'blowfish') {
$blowfish_cost_factor = AUTH_BLOWFISH_COST_FACTOR;
if ((int) $iteration != (int) $blowfish_cost_factor) {
$must_rehash = TRUE;
}
} else {
$min = constant('AUTH_' . strtoupper($method) . '_MIN_ROUNDS');
$max = constant('AUTH_' . strtoupper($method) . '_MAX_ROUNDS');
if ($max < $min) {
$max = $min;
}
if ($iteration < $min || $iteration > $max) {
$must_rehash = TRUE;
}
}
} else {
$must_rehash = TRUE;
}
return $must_rehash;
}
$data_con = new data_abstraction();
$data_con->set_fields('role_id');
$data_con->set_table('user_role_links');
$data_con->set_where("role_id='{$role_id}' AND link_id='{$link_id}'");
$data_con->make_query();
$checked = '';
if ($data_con->num_rows == 1) {
$checked = 'checked';
}
echo "<TR class={$class}><TD class=\"listCell\"><label style=\"display: block;\" for='checkfield[{$a}]'><input type=checkbox ID='checkfield[{$a}]' name=\"link[]\" value='{$link_id}' {$checked}> {$Module_Name}</label></TD>";
$data_con->close_db();
if ($a + 1 < $numrows) {
$info = $result->fetch_assoc();
extract($info);
$data_con = new data_abstraction();
$data_con->set_fields('role_id');
$data_con->set_table('user_role_links');
$data_con->set_where("role_id='{$role_id}' AND link_id='{$link_id}'");
$data_con->make_query();
if ($data_con->num_rows == 0) {
echo "<TD class='listCell'><label style=\"display: block;\" for=\"checkfield[" . ($a + 1) . "]\"><input type=checkbox ID='checkfield[" . ($a + 1) . "]' name=\"link[]\" value='{$link_id}'> {$Module_Name}</label></TD></TR>";
} elseif ($data_con->num_rows == 1) {
echo "<TD class='listCell'><label style=\"display: block;\" for=\"checkfield[" . ($a + 1) . "]\"><input type=checkbox ID='checkfield[" . ($a + 1) . "]' name=\"link[]\" value='{$link_id}' checked> {$Module_Name}</label></TD></TR>";
}
$data_con->close_db();
} else {
echo "<TD class='listCell'> </TD></TR>";
}
}
if ($numrows > 0) {
echo "<TR><TD colspan=2 align=center>\n <input type=submit name=btn_submit value='SUBMIT' class=submit>\n <input type=submit name=btn_cancel value='BACK' class=cancel>";
