static function validate()
{
$errors = array();
if (!isset($_POST["password"]) || !$_POST["password"]) {
array_push($errors, 'Ingrese su contraseña actual');
}
if (!isset($_POST["newPassword"]) || !$_POST["newPassword"]) {
array_push($errors, 'Ingrese una nueva contraseña');
}
if ($_POST["newPassword"] && strlen($_POST["newPassword"]) < 8) {
array_push($errors, 'La contraseña debe contener un mínimo de 8 caracteres');
}
if ($_POST["newPassword"] && strlen($_POST["newPassword"]) > 50) {
array_push($errors, 'La contraseña debe contener un máximo de 50 caracteres');
}
if (!isset($_POST["repeatPassword"]) || !$_POST["repeatPassword"]) {
array_push($errors, 'Repita la contraseña');
}
if ($_POST["newPassword"] != $_POST["repeatPassword"]) {
array_push($errors, 'Las contraseñas ingresadas no coinciden');
}
if (isset($_POST["password"])) {
$user = SecurityAdmin::getUserByCredentials(SecurityManager::UserInfo()->nick, $_POST["password"]);
if ($user == null) {
array_push($errors, 'La contraseña actual es incorrecta');
}
}
return $errors;
}
<?php
if (!isset($_SESSION)) {
session_start();
}
$_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos';
include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php';
use admin\SecurityAdmin;
use lib\ExportDataExcel;
use security\SecurityManager;
$data = SecurityAdmin::getUsuariosConProvFrescos();
$exporter = new ExportDataExcel('browser', 'Usuarios.xls');
$exporter->initialize();
$exporter->addRow(array("Id", "Nick", "Nombre", "Mail", "Tipo proveedor", "Activo", "FechaAlta"));
foreach ($data as $user) {
$exporter->addRow(array($user->id, $user->nick, $user->firstName, $user->mail, $user->tipoProveedor, $user->enabled ? 'Si' : 'No', $user->createDate));
}
$exporter->finalize();
exit;
break;
case "getUsersByFilter":
$result = SecurityAdmin::getUsersProveedoresByFilter($request->data);
echo $result;
break;
case "getProveedoresByFilter":
$result = SecurityAdmin::getProveedoresByFilter($request->data);
echo $result;
break;
case "enviarMailAlta":
$result = SecurityAdmin::enviarMailAlta($request->data);
echo $result;
break;
case "getDataReservasInit":
$result = SecurityAdmin::getDataReservasInit($request->data);
echo $result;
break;
case "createReserva":
$result = SecurityAdmin::createReserva($request->data);
echo $result;
break;
case "updateReserva":
$result = SecurityAdmin::updateReserva($request->data);
echo $result;
break;
case "deleteReserva":
$result = SecurityAdmin::deleteReserva($request->data);
echo $result;
break;
//endregion
}
static function validate()
{
$errors = array();
if (!isset($_POST["mail"]) || !$_POST["mail"]) {
array_push($errors, 'Ingrese su mail');
}
if (isset($_POST["mail"]) && $_POST["mail"] != null && !filter_var($_POST["mail"], FILTER_VALIDATE_EMAIL)) {
array_push($errors, 'Formato de mail inválido');
}
if (isset($_POST["mail"]) && $_POST["mail"] != null && filter_var($_POST["mail"], FILTER_VALIDATE_EMAIL)) {
$user = SecurityAdmin::getUserByMail($_POST["mail"]);
if ($user == null) {
array_push($errors, 'No existe ningun usuario asociado al mail ingresado');
}
}
return $errors;
}
static function userExists($mail)
{
$user = SecurityAdmin::getUserByMail($mail);
return $user != null;
}
private static function getUserByCodes()
{
if (!isset($_GET["c"])) {
return null;
}
$code = explode("|", base64_decode($_GET["c"]));
if (sizeof($code) != 3 || !is_numeric($code[0])) {
return null;
}
return SecurityAdmin::getUserByCodes($code[0], $code[1], $code[2]);
}
<?php
if (!isset($_SESSION)) {
session_start();
}
$_SERVER["DOCUMENT_ROOT"] = $_SERVER["DOCUMENT_ROOT"] . '/turnos';
include_once $_SERVER["DOCUMENT_ROOT"] . '/common/Includes.php';
use admin\SecurityAdmin;
use lib\ExportDataExcel;
use security\SecurityManager;
SecurityManager::authorize(array('admin'));
$multicolumnSearchText = isset($_POST['multicolumnSearchText']) && $_POST['multicolumnSearchText'] ? $_POST['multicolumnSearchText'] : '';
$inactivos = isset($_POST['inactivos']) && $_POST['inactivos'] ? $_POST['inactivos'] : false;
$data = SecurityAdmin::getUsersByFilter($multicolumnSearchText, $inactivos);
$exporter = new ExportDataExcel('browser', 'Usuarios.xls');
$exporter->initialize();
$exporter->addRow(array("Id", "Nick", "Nombre", "Mail", "Tipo", "Activo", "FechaAlta"));
foreach ($data as $user) {
$exporter->addRow(array($user->id, $user->nick, $user->firstName, $user->mail, $user->type, $user->enabled ? 'Si' : 'No', $user->createDate));
}
$exporter->finalize();
exit;
static function addEntry($form)
{
$transaction = NULL;
$result = array();
$userId = null;
$user = null;
$newUser = false;
$userExists = SecurityManager::isValidUser();
try {
$transaction = GenericDao::beginTransaction();
if (!$userExists) {
$step = Phinq::create($form->steps)->single(function ($item) {
return isset($item->disabled) && $item->disabled == true;
});
$mail = Phinq::create($step->controls)->single(function ($item) {
return $item->columnName == 'mail';
})->value;
$nombre = Phinq::create($step->controls)->single(function ($item) {
return $item->columnName == 'nombre';
})->value;
$apellido = Phinq::create($step->controls)->single(function ($item) {
return $item->columnName == 'apellido';
})->value;
$user = UserAdmin::getUserByMail($mail);
if ($user != null) {
$form->userId = $userId = $user->id;
} else {
$newUser = true;
$password = substr(md5(uniqid()), 0, 8);
$userDto = new \stdClass();
$userDto->firstName = $nombre;
$userDto->lastName = $apellido;
$userDto->mail = $mail;
$userDto->type = UserType::client;
$userDto->password = $password;
$response = json_decode(SecurityAdmin::createUser($userDto, $transaction));
$form->userId = $userId = $response->data;
}
$form->confirmada = 'N';
} else {
$form->userId = $userId = SecurityManager::UserInfo()->id;
$form->confirmada = 'S';
}
$form->ip = $_SERVER['REMOTE_ADDR'];
$entryId = FormDao::addEntry($form, $transaction);
$user = SecurityDao::getUserById($userId);
$dwoo = new Core();
if (!$userExists) {
if (!$newUser) {
$user->logo = AppConfig::logoUrl;
$user->producto = BaseAdmin::getProductoSimple($form->productoId)->nombre;
$code = base64_encode($user->id . '|' . $user->createDate . '|' . $user->mail . '|' . $entryId . '|' . $form->productoId . '|' . $form->id);
$link = 'http://' . getenv('HTTP_HOST') . APP_FOLDER . '/views/client/Confirmacion.php?c=' . $code;
$user->link = $link;
$template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userSolicitudRequestConfirm.tpl', (array) $user);
Mail::Send($user->mail, 'Confirmación de solicitud', $template);
} else {
$subject = 'Aladinnus, proceso de activación';
$code = base64_encode($user->id . '|' . $user->createDate . '|' . $user->mail . '|' . $entryId . '|' . $form->productoId . '|' . $form->id);
$link = 'http://' . getenv('HTTP_HOST') . APP_FOLDER . '/views/client/Activacion.php?c=' . $code;
$user->link = $link;
$userDto->logo = $user->logo = AppConfig::logoUrl;
$template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userActivation.tpl', (array) $user);
Mail::Send($user->mail, $subject, $template);
}
} else {
//MAIL PROVEEDORES
$usersProveedor = SecurityDao::getUsersProveedorByProductoId($form->productoId);
foreach ($usersProveedor as $prov) {
FormAdmin::addProveedorEntry($prov->id, $form->id, $entryId, $user->id);
$prov->logo = AppConfig::logoUrl;
$template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/providerNewSolicitud.tpl', (array) $prov);
Mail::Send($prov->mail, 'Nueva solicitud', $template);
}
//MAIL ADMINs
$usersAdmin = SecurityDao::getUsersAdmin();
$usersAdmin = Phinq::create($usersAdmin)->where(function ($user) {
return $user->enabled;
})->toArray();
foreach ($usersAdmin as $admin) {
$admin->logo = AppConfig::logoUrl;
$template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userAdminRequest.tpl', (array) $admin);
Mail::Send($admin->mail, 'Nueva solicitud', $template);
}
//MAIL USUARIO
$user->logo = AppConfig::logoUrl;
$user->producto = BaseAdmin::getProductoSimple($form->productoId)->nombre;
$template = $dwoo->get($_SERVER["DOCUMENT_ROOT"] . '/views/shared/templates/mails/userRequest.tpl', (array) $user);
Mail::Send($user->mail, 'Nueva solicitud', $template);
}
$transaction->commit();
} catch (\Exception $ex) {
$transaction->rollBack();
$result = array($ex->getMessage());
}
return $result;
}
static function createSolicitudEntrega($solicitudEntregaDto)
{
$solicitudEntrega = new SolicitudEntrega(NULL, date("Y-m-d H:i:s", time()), TRUE, null, $solicitudEntregaDto->startsAt, $solicitudEntregaDto->endsAt, $solicitudEntregaDto->title, $solicitudEntregaDto->type, $solicitudEntregaDto->status, $solicitudEntregaDto->sucursalId, $solicitudEntregaDto->userId, $solicitudEntregaDto->esFresco);
$transaction = NULL;
$result = new Result();
$data = null;
$ordenesDeCompraDetail = '';
$usuario = SecurityDao::getUserById($solicitudEntregaDto->userId);
/*try{*/
$transaction = GenericDao::beginTransaction();
$solicitudEntrega->id = SolicitudesEntregaDao::createSolicitudEntrega($solicitudEntrega, $transaction);
$solicitudEntregaDto->ordenesDeCompra = isset($solicitudEntregaDto->ordenesDeCompra) ? $solicitudEntregaDto->ordenesDeCompra : array();
foreach ($solicitudEntregaDto->ordenesDeCompra as $ordenDeCompra) {
$so = new SolicitudEntrega_OrdenDeCompra($solicitudEntrega->id, $ordenDeCompra->id, $ordenDeCompra->entregaCompleta ? 1 : 0);
SolicitudesEntregaDao::AddOrdenDeCompraToSolicitud($so, $transaction);
$ordenesDeCompraDetail = $ordenesDeCompraDetail . ', ' . $ordenDeCompra->id;
}
$transaction->commit();
$ordenesDeCompraDetail = substr($ordenesDeCompraDetail, 1);
$subject = 'Nueva solicitud';
$title = 'Se le comunica que el usuario ' . $usuario->firstName . 'ha ingresado una nueva solicitud con nro. ' . $solicitudEntrega->id . '.';
$detail = 'La entrega esta compuesta por las siguientes ordenes de compra: ' . $ordenesDeCompraDetail;
$users = json_decode(SecurityAdmin::getDataListInitUsers());
$gestores = Phinq::create($users->data->users)->where(function ($p) use($solicitudEntrega) {
return $p->type == 'Gestor' && $p->sucursalId == $solicitudEntrega->sucursalId;
})->toArray();
foreach ($gestores as $gestor) {
SolicitudesEntregaAdmin::sendMail($gestor->mail, $subject, $gestor->firstName, $title, $detail);
}
$data = SolicitudesEntregaDao::getSolicitudEntregaById($solicitudEntrega->id);
$data->ordenesDeCompra = SolicitudesEntregaDao::getOrdenesDeCompraBySolicitudId($solicitudEntrega->id);
/* }catch (\Exception $ex){
$result->hasErrors = true;
$result->messages = array($ex->getMessage());
}*/
$response = new Response($result, $data);
return json_encode($response);
}
static function updateUser($userDto)
{
$errors = SecurityAdmin::validateUser($userDto);
$result = new Result();
if (sizeof($errors) == 0) {
$user = SecurityDao::getUserById($userDto->id);
$actualRoles = SecurityDao::getRolesByMail($user->mail);
$actualRolesIds = Phinq::create($actualRoles)->select(function ($role) {
return $role->id;
})->toArray();
$rolesToAdd = Phinq::create($userDto->roles)->except($actualRolesIds);
$rolesToDelete = Phinq::create($actualRolesIds)->except($userDto->roles);
$actualProveedores = SecurityDao::getUserProveedores($user->id);
$actualProveedoresIds = Phinq::create($actualProveedores)->select(function ($up) {
return $up->proveedorId;
})->toArray();
$newProveedoresIds = Phinq::create($userDto->proveedores)->select(function ($proveedor) {
return $proveedor->id;
})->toArray();
$proveedoresToAdd = Phinq::create($newProveedoresIds)->except($actualProveedoresIds);
$proveedoresToDelete = Phinq::create($actualProveedoresIds)->except($newProveedoresIds);
try {
$transaction = GenericDao::beginTransaction();
if (isset($userDto->editPassword) && $userDto->editPassword) {
$user->password = sha1($userDto->password);
}
$user->nick = $userDto->nick;
$user->sucursalId = $userDto->sucursalId;
$user->firstName = $userDto->firstName;
$user->lastName = $userDto->lastName;
$user->mail = $userDto->mail;
$user->enabled = $userDto->enabled;
$user->esFresco = $userDto->esFresco;
$user->optionalMails = $userDto->optionalMails;
$user->updateDate = date("Y-m-d H:i:s", time());
SecurityDao::updateUser($user, $transaction);
foreach ($rolesToAdd as $roleId) {
$user_role = new User_Role($user->id, $roleId);
SecurityDao::AddRoleToUser($user_role, $transaction);
}
foreach ($rolesToDelete as $roleId) {
$user_role = new User_Role($user->id, $roleId);
SecurityDao::deleteRoleFromUser($user_role, $transaction);
}
foreach ($proveedoresToAdd as $proveedorId) {
$user_proveedor = new User_Proveedor($user->id, $proveedorId);
SecurityDao::addProveedorToUser($user_proveedor, $transaction);
}
foreach ($proveedoresToDelete as $proveedorId) {
$user_proveedor = new User_Proveedor($user->id, $proveedorId);
SecurityDao::deleteProveedorFromUser($user_proveedor, $transaction);
}
$transaction->commit();
} catch (\Exception $ex) {
$transaction->rollBack();
$result->hasErrors = true;
$result->messages = array($ex->getMessage());
}
} else {
$result->hasErrors = true;
$result->messages = $errors;
}
$response = new Response($result, NULL);
return json_encode($response);
}