static function validate() { $errors = array(); if (!isset($_POST["password"]) || !$_POST["password"]) { array_push($errors, 'Ingrese su contraseña actual'); } if (!isset($_POST["newPassword"]) || !$_POST["newPassword"]) { array_push($errors, 'Ingrese una nueva contraseña'); } if ($_POST["newPassword"] && strlen($_POST["newPassword"]) < 8) { array_push($errors, 'La contraseña debe contener un mínimo de 8 caracteres'); } if ($_POST["newPassword"] && strlen($_POST["newPassword"]) > 50) { array_push($errors, 'La contraseña debe contener un máximo de 50 caracteres'); } if (!isset($_POST["repeatPassword"]) || !$_POST["repeatPassword"]) { array_push($errors, 'Repita la contraseña'); } if ($_POST["newPassword"] != $_POST["repeatPassword"]) { array_push($errors, 'Las contraseñas ingresadas no coinciden'); } if (isset($_POST["password"])) { $user = SecurityAdmin::getUserByCredentials(SecurityManager::UserInfo()->nick, $_POST["password"]); if ($user == null) { array_push($errors, 'La contraseña actual es incorrecta'); } } return $errors; }
<?php if (!isset($_SESSION)) { session_start(); } $_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos'; include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php'; use admin\SecurityAdmin; use lib\ExportDataExcel; use security\SecurityManager; $data = SecurityAdmin::getUsuariosConProvFrescos(); $exporter = new ExportDataExcel('browser', 'Usuarios.xls'); $exporter->initialize(); $exporter->addRow(array("Id", "Nick", "Nombre", "Mail", "Tipo proveedor", "Activo", "FechaAlta")); foreach ($data as $user) { $exporter->addRow(array($user->id, $user->nick, $user->firstName, $user->mail, $user->tipoProveedor, $user->enabled ? 'Si' : 'No', $user->createDate)); } $exporter->finalize(); exit;
break; case "getUsersByFilter": $result = SecurityAdmin::getUsersProveedoresByFilter($request->data); echo $result; break; case "getProveedoresByFilter": $result = SecurityAdmin::getProveedoresByFilter($request->data); echo $result; break; case "enviarMailAlta": $result = SecurityAdmin::enviarMailAlta($request->data); echo $result; break; case "getDataReservasInit": $result = SecurityAdmin::getDataReservasInit($request->data); echo $result; break; case "createReserva": $result = SecurityAdmin::createReserva($request->data); echo $result; break; case "updateReserva": $result = SecurityAdmin::updateReserva($request->data); echo $result; break; case "deleteReserva": $result = SecurityAdmin::deleteReserva($request->data); echo $result; break; //endregion }
static function validate() { $errors = array(); if (!isset($_POST["mail"]) || !$_POST["mail"]) { array_push($errors, 'Ingrese su mail'); } if (isset($_POST["mail"]) && $_POST["mail"] != null && !filter_var($_POST["mail"], FILTER_VALIDATE_EMAIL)) { array_push($errors, 'Formato de mail inválido'); } if (isset($_POST["mail"]) && $_POST["mail"] != null && filter_var($_POST["mail"], FILTER_VALIDATE_EMAIL)) { $user = SecurityAdmin::getUserByMail($_POST["mail"]); if ($user == null) { array_push($errors, 'No existe ningun usuario asociado al mail ingresado'); } } return $errors; }
static function userExists($mail) { $user = SecurityAdmin::getUserByMail($mail); return $user != null; }
private static function getUserByCodes() { if (!isset($_GET["c"])) { return null; } $code = explode("|", base64_decode($_GET["c"])); if (sizeof($code) != 3 || !is_numeric($code[0])) { return null; } return SecurityAdmin::getUserByCodes($code[0], $code[1], $code[2]); }
<?php if (!isset($_SESSION)) { session_start(); } $_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos'; include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php'; use admin\SecurityAdmin; use lib\ExportDataExcel; use security\SecurityManager; SecurityManager::authorize(array('admin')); $multicolumnSearchText = isset($_POST['multicolumnSearchText']) && $_POST['multicolumnSearchText'] ? $_POST['multicolumnSearchText'] : ''; $inactivos = isset($_POST['inactivos']) && $_POST['inactivos'] ? $_POST['inactivos'] : false; $data = SecurityAdmin::getUsersByFilter($multicolumnSearchText, $inactivos); $exporter = new ExportDataExcel('browser', 'Usuarios.xls'); $exporter->initialize(); $exporter->addRow(array("Id", "Nick", "Nombre", "Mail", "Tipo", "Activo", "FechaAlta")); foreach ($data as $user) { $exporter->addRow(array($user->id, $user->nick, $user->firstName, $user->mail, $user->type, $user->enabled ? 'Si' : 'No', $user->createDate)); } $exporter->finalize(); exit;
static function addEntry($form) { $transaction = NULL; $result = array(); $userId = null; $user = null; $newUser = false; $userExists = SecurityManager::isValidUser(); try { $transaction = GenericDao::beginTransaction(); if (!$userExists) { $step = Phinq::create($form->steps)->single(function ($item) { return isset($item->disabled) && $item->disabled == true; }); $mail = Phinq::create($step->controls)->single(function ($item) { return $item->columnName == 'mail'; })->value; $nombre = Phinq::create($step->controls)->single(function ($item) { return $item->columnName == 'nombre'; })->value; $apellido = Phinq::create($step->controls)->single(function ($item) { return $item->columnName == 'apellido'; })->value; $user = UserAdmin::getUserByMail($mail); if ($user != null) { $form->userId = $userId = $user->id; } else { $newUser = true; $password = substr(md5(uniqid()), 0, 8); $userDto = new \stdClass(); $userDto->firstName = $nombre; $userDto->lastName = $apellido; $userDto->mail = $mail; $userDto->type = UserType::client; $userDto->password = $password; $response = json_decode(SecurityAdmin::createUser($userDto, $transaction)); $form->userId = $userId = $response->data; } $form->confirmada = 'N'; } else { $form->userId = $userId = SecurityManager::UserInfo()->id; $form->confirmada = 'S'; } $form->ip = $_SERVER['REMOTE_ADDR']; $entryId = FormDao::addEntry($form, $transaction); $user = SecurityDao::getUserById($userId); $dwoo = new Core(); if (!$userExists) { if (!$newUser) { $user->logo = AppConfig::logoUrl; $user->producto = BaseAdmin::getProductoSimple($form->productoId)->nombre; $code = base64_encode($user->id . '|' . $user->createDate . '|' . $user->mail . '|' . $entryId . '|' . $form->productoId . '|' . $form->id); $link = 'http://' . getenv('HTTP_HOST') . APP_FOLDER . '/views/client/Confirmacion.php?c=' . $code; $user->link = $link; $template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userSolicitudRequestConfirm.tpl', (array) $user); Mail::Send($user->mail, 'Confirmación de solicitud', $template); } else { $subject = 'Aladinnus, proceso de activación'; $code = base64_encode($user->id . '|' . $user->createDate . '|' . $user->mail . '|' . $entryId . '|' . $form->productoId . '|' . $form->id); $link = 'http://' . getenv('HTTP_HOST') . APP_FOLDER . '/views/client/Activacion.php?c=' . $code; $user->link = $link; $userDto->logo = $user->logo = AppConfig::logoUrl; $template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userActivation.tpl', (array) $user); Mail::Send($user->mail, $subject, $template); } } else { //MAIL PROVEEDORES $usersProveedor = SecurityDao::getUsersProveedorByProductoId($form->productoId); foreach ($usersProveedor as $prov) { FormAdmin::addProveedorEntry($prov->id, $form->id, $entryId, $user->id); $prov->logo = AppConfig::logoUrl; $template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/providerNewSolicitud.tpl', (array) $prov); Mail::Send($prov->mail, 'Nueva solicitud', $template); } //MAIL ADMINs $usersAdmin = SecurityDao::getUsersAdmin(); $usersAdmin = Phinq::create($usersAdmin)->where(function ($user) { return $user->enabled; })->toArray(); foreach ($usersAdmin as $admin) { $admin->logo = AppConfig::logoUrl; $template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userAdminRequest.tpl', (array) $admin); Mail::Send($admin->mail, 'Nueva solicitud', $template); } //MAIL USUARIO $user->logo = AppConfig::logoUrl; $user->producto = BaseAdmin::getProductoSimple($form->productoId)->nombre; $template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userRequest.tpl', (array) $user); Mail::Send($user->mail, 'Nueva solicitud', $template); } $transaction->commit(); } catch (\Exception $ex) { $transaction->rollBack(); $result = array($ex->getMessage()); } return $result; }
static function createSolicitudEntrega($solicitudEntregaDto) { $solicitudEntrega = new SolicitudEntrega(NULL, date("Y-m-d H:i:s", time()), TRUE, null, $solicitudEntregaDto->startsAt, $solicitudEntregaDto->endsAt, $solicitudEntregaDto->title, $solicitudEntregaDto->type, $solicitudEntregaDto->status, $solicitudEntregaDto->sucursalId, $solicitudEntregaDto->userId, $solicitudEntregaDto->esFresco); $transaction = NULL; $result = new Result(); $data = null; $ordenesDeCompraDetail = ''; $usuario = SecurityDao::getUserById($solicitudEntregaDto->userId); /*try{*/ $transaction = GenericDao::beginTransaction(); $solicitudEntrega->id = SolicitudesEntregaDao::createSolicitudEntrega($solicitudEntrega, $transaction); $solicitudEntregaDto->ordenesDeCompra = isset($solicitudEntregaDto->ordenesDeCompra) ? $solicitudEntregaDto->ordenesDeCompra : array(); foreach ($solicitudEntregaDto->ordenesDeCompra as $ordenDeCompra) { $so = new SolicitudEntrega_OrdenDeCompra($solicitudEntrega->id, $ordenDeCompra->id, $ordenDeCompra->entregaCompleta ? 1 : 0); SolicitudesEntregaDao::AddOrdenDeCompraToSolicitud($so, $transaction); $ordenesDeCompraDetail = $ordenesDeCompraDetail . ', ' . $ordenDeCompra->id; } $transaction->commit(); $ordenesDeCompraDetail = substr($ordenesDeCompraDetail, 1); $subject = 'Nueva solicitud'; $title = 'Se le comunica que el usuario ' . $usuario->firstName . 'ha ingresado una nueva solicitud con nro. ' . $solicitudEntrega->id . '.'; $detail = 'La entrega esta compuesta por las siguientes ordenes de compra: ' . $ordenesDeCompraDetail; $users = json_decode(SecurityAdmin::getDataListInitUsers()); $gestores = Phinq::create($users->data->users)->where(function ($p) use($solicitudEntrega) { return $p->type == 'Gestor' && $p->sucursalId == $solicitudEntrega->sucursalId; })->toArray(); foreach ($gestores as $gestor) { SolicitudesEntregaAdmin::sendMail($gestor->mail, $subject, $gestor->firstName, $title, $detail); } $data = SolicitudesEntregaDao::getSolicitudEntregaById($solicitudEntrega->id); $data->ordenesDeCompra = SolicitudesEntregaDao::getOrdenesDeCompraBySolicitudId($solicitudEntrega->id); /* }catch (\Exception $ex){ $result->hasErrors = true; $result->messages = array($ex->getMessage()); }*/ $response = new Response($result, $data); return json_encode($response); }
static function updateUser($userDto) { $errors = SecurityAdmin::validateUser($userDto); $result = new Result(); if (sizeof($errors) == 0) { $user = SecurityDao::getUserById($userDto->id); $actualRoles = SecurityDao::getRolesByMail($user->mail); $actualRolesIds = Phinq::create($actualRoles)->select(function ($role) { return $role->id; })->toArray(); $rolesToAdd = Phinq::create($userDto->roles)->except($actualRolesIds); $rolesToDelete = Phinq::create($actualRolesIds)->except($userDto->roles); $actualProveedores = SecurityDao::getUserProveedores($user->id); $actualProveedoresIds = Phinq::create($actualProveedores)->select(function ($up) { return $up->proveedorId; })->toArray(); $newProveedoresIds = Phinq::create($userDto->proveedores)->select(function ($proveedor) { return $proveedor->id; })->toArray(); $proveedoresToAdd = Phinq::create($newProveedoresIds)->except($actualProveedoresIds); $proveedoresToDelete = Phinq::create($actualProveedoresIds)->except($newProveedoresIds); try { $transaction = GenericDao::beginTransaction(); if (isset($userDto->editPassword) && $userDto->editPassword) { $user->password = sha1($userDto->password); } $user->nick = $userDto->nick; $user->sucursalId = $userDto->sucursalId; $user->firstName = $userDto->firstName; $user->lastName = $userDto->lastName; $user->mail = $userDto->mail; $user->enabled = $userDto->enabled; $user->esFresco = $userDto->esFresco; $user->optionalMails = $userDto->optionalMails; $user->updateDate = date("Y-m-d H:i:s", time()); SecurityDao::updateUser($user, $transaction); foreach ($rolesToAdd as $roleId) { $user_role = new User_Role($user->id, $roleId); SecurityDao::AddRoleToUser($user_role, $transaction); } foreach ($rolesToDelete as $roleId) { $user_role = new User_Role($user->id, $roleId); SecurityDao::deleteRoleFromUser($user_role, $transaction); } foreach ($proveedoresToAdd as $proveedorId) { $user_proveedor = new User_Proveedor($user->id, $proveedorId); SecurityDao::addProveedorToUser($user_proveedor, $transaction); } foreach ($proveedoresToDelete as $proveedorId) { $user_proveedor = new User_Proveedor($user->id, $proveedorId); SecurityDao::deleteProveedorFromUser($user_proveedor, $transaction); } $transaction->commit(); } catch (\Exception $ex) { $transaction->rollBack(); $result->hasErrors = true; $result->messages = array($ex->getMessage()); } } else { $result->hasErrors = true; $result->messages = $errors; } $response = new Response($result, NULL); return json_encode($response); }