/**
* get admin's avatar picture.
*
* @param integer $account_id
* @return string return element ready for display avatar.
*/
function getAdminAvatar($account_id)
{
// set default avatar
$theme = \Theme::instance();
$doc_root = str_replace('\\', '/', DOCROOT);
$default_avatar_getfile = $theme->asset->get_file('default-avatar.jpg', 'img');
$default_no_avatar = str_replace([$doc_root, \Uri::base()], '', $default_avatar_getfile);
unset($doc_root, $default_avatar_getfile, $theme);
if (!is_numeric($account_id) || intval($account_id) === intval(0)) {
return $default_no_avatar;
}
$cache_name = 'public.themes.sys2.getAdminAvatar-' . \Model_Sites::getSiteId(false) . '-' . $account_id;
$cache_data = \Extension\Cache::getSilence($cache_name);
if (false === $cache_data) {
// if never cached or cache expired.
$result = \DB::select()->as_object()->from('accounts')->where('account_id', $account_id)->execute();
if (count($result) > 0) {
$row = $result->current();
if ($row->account_avatar != null) {
$return_val = $row->account_avatar;
\Cache::set($cache_name, $return_val, 86400);
unset($cache_name);
return $return_val;
}
}
if (!isset($return_val) || isset($return_val) && $return_val == null) {
// not found account or not found avatar.
\Cache::set($cache_name, $default_no_avatar, 86400);
unset($cache_name);
return $default_no_avatar;
}
}
unset($cache_name);
return $cache_data;
}
/**
* check level permission
* check permission based on user's level group id and page name and action.
*
* @param string $page_name
* @param string $action
* @param integer $account_id
* @return boolean
*/
private static function checkLevelPermission($page_name = '', $action = '', $account_id = '')
{
// check for required attribute
if (!is_numeric($account_id) || $page_name == null || $action == null) {
return false;
}
if ($account_id == '1') {
return true;
}
// permanent owner's account
$site_id = \Model_Sites::getSiteId(false);
$cache_name = 'model.accountLevelPermission-checkLevelPermission-' . $site_id . '-' . \Extension\Security::formatString($page_name, 'alphanum_dash_underscore') . '-' . \Extension\Security::formatString($action, 'alphanum_dash_underscore') . '-' . $account_id;
$cached = \Extension\Cache::getSilence($cache_name);
if (false === $cached) {
// get current user levels from db.
$result = \DB::select()->as_object()->from(\Model_AccountLevel::getTableName())->where('account_id', $account_id)->execute();
if (count($result) > 0) {
// loop each level of this user.
foreach ($result as $row) {
if ($row->level_group_id == '1') {
// this user is in super admin group.
unset($result, $row);
\Cache::set($cache_name, true, 2592000);
return true;
}
// check this level group in permission db.
$result2 = \DB::select()->from(static::$_table_name)->where('level_group_id', $row->level_group_id)->where('permission_page', $page_name)->where('permission_action', $action)->execute();
if (count($result2) > 0) {
// found.
unset($result, $result2, $row);
\Cache::set($cache_name, true, 2592000);
return true;
}
unset($result2);
}
// endforeach;
// not found in permission db. did not given any permission.
unset($result, $row);
\Cache::set($cache_name, 'false', 2592000);
return false;
}
// not found this user role?
unset($result);
\Cache::set($cache_name, 'false', 2592000);
return false;
}
if ('false' === $cached) {
return false;
} else {
return $cached;
}
}
/**
* check account permission.
* This will be check permission per user.
*
* @param string $page_name
* @param string $action
* @param integer $account_id
* @return boolean
*/
public static function checkAccountPermission($page_name = '', $action = '', $account_id = '')
{
// check for required attribute
if (!is_numeric($account_id) || $page_name == null || $action == null) {
return false;
}
if ($account_id == '1') {
return true;
}
// permanent owner's account
$site_id = \Model_Sites::getSiteId(false);
$cache_name = 'model.accountPermission-checkAccountPermission-' . $site_id . '-' . \Extension\Security::formatString($page_name, 'alphanum_dash_underscore') . '-' . \Extension\Security::formatString($action, 'alphanum_dash_underscore') . '-' . $account_id;
$cached = \Extension\Cache::getSilence($cache_name);
if (false === $cached) {
// get current user from db.
$result = \DB::select()->as_object()->from('accounts')->where('account_id', $account_id)->execute();
if (count($result) > 0) {
$row = $result->current();
// check this account in permission db.
$result2 = \DB::select()->from(static::$_table_name)->where('account_id', $row->account_id)->where('permission_page', $page_name)->where('permission_action', $action)->execute();
if (count($result2) > 0) {
// found.
unset($result, $result2, $row);
\Cache::set($cache_name, true, 2592000);
return true;
}
unset($result, $result2, $row);
}
// endif not found account.
// not found this user or not found permission in db.
unset($result);
\Cache::set($cache_name, 'false', 2592000);
return false;
}
// endif cached
if ('false' === $cached) {
return false;
} else {
return $cached;
}
}
/**
* generate whole page
*
* @param string $view path to view of current controller.
* @param array $output
* @param boolean $auto_filter
* @return view
*/
public function generatePage($view = null, $output = array(), $auto_filter = null)
{
if (!is_array($output)) {
$output = array();
}
// list sites to display links in admin page ------------------------------------------
$cache_name = 'controller.AdminController-generatePage-fs_list_sites';
$cached = \Extension\Cache::getSilence($cache_name);
if (false === $cached) {
$list_sites_option['list_for'] = 'admin';
$list_sites_option['unlimit'] = true;
$list_sites = \Model_Sites::listSites($list_sites_option);
\Cache::set($cache_name, $list_sites, 2592000);
} else {
if (isset($cached['items']) && isset($cached['total'])) {
$list_sites = $cached;
} else {
$list_sites = array('total' => 0, 'items' => array());
}
}
unset($cache_name, $cached);
if (isset($list_sites['total']) && $list_sites['total'] > 1) {
if (isset($list_sites['items']) && is_array($list_sites['items']) && !empty($list_sites['items'])) {
$output['fs_list_sites'] = $list_sites['items'];
} else {
$output['fs_list_sites'] = null;
}
}
unset($list_sites, $list_sites_option);
// end list sites ------------------------------------------------------------------------
// start theme class
$theme = \Theme::instance();
$theme->active($this->theme_system_name);
// load requested controller theme into page_content variable.
$output['page_content'] = $theme->view($view, $output, $auto_filter);
// load main template and put page_content variable in it.
return $theme->view('admin/template', $output, $auto_filter);
}
/**
* check account is logged in correctly and status is enabled. also call to check simultaneous login.
*
* @param intger $account_id
* @param string $account_username
* @param string $account_email
* @param string $account_online_code
* @return boolean
*/
public function checkAccount($account_id = '', $account_username = '', $account_email = '', $account_online_code = '')
{
// check all required data
if ($account_id == null || $account_username == null || $account_email == null || $account_online_code == null) {
return false;
}
$site_id = \Model_Sites::getSiteId(false);
$cache_name = 'model.accounts-checkAccount-' . $site_id . '-' . $account_id . '-' . \Extension\Security::formatString($account_username, 'alphanum_dash_underscore') . '-' . \Extension\Security::formatString($account_email, 'alphanum_dash_underscore') . '-' . \Extension\Security::formatString($account_online_code, 'alphanum_dash_underscore');
$cached = \Extension\Cache::getSilence($cache_name);
if (false === $cached) {
// check for matches id username and email. ---------------------------------------------------------------
$result = \DB::select()->from(static::$_table_name)->where('account_id', $account_id)->where('account_username', $account_username)->where('account_email', $account_email)->where('account_status', 1)->execute();
if (count($result) > 0) {
unset($result);
// if not allow simultaneous login. (if not allow login from many places)
if (\Model_Config::getval('simultaneous_login') == '0') {
if ($this->isSimultaneousLogin($account_id, $account_online_code, $site_id) == true) {
// log out
static::logout(array('remove_online_code' => false));
// load langauge for set error msg.
\Lang::load('account');
// set error message.
\Session::set_flash('form_status', array('form_status' => 'error', 'form_status_message' => \Lang::get('account_simultaneous_login_detected')));
return false;
}
}
// check account passed! with or without simultaneous login check.
\Cache::set($cache_name, true, 2592000);
return true;
}
// not found account in db. or found but disabled
unset($result);
// log out
static::logout();
return false;
}
return $cached;
}
/**
* get multiple config values from config_name field in config table
*
* @param array $config_name
* @return array|null array if exists, null if not exists.
*/
public static function getvalues($config_name = array())
{
if (!is_array($config_name) || is_array($config_name) && empty($config_name)) {
return null;
}
$cache_name = 'model.config-getvalues-' . \Model_Sites::getSiteId(false) . '-' . \Extension\Security::formatString(md5(json_encode($config_name)), 'alphanum_dash_underscore');
$cached = \Extension\Cache::getSilence($cache_name);
if (false === $cached) {
// because FuelPHP ORM cannot get multiple results if that table has no primary key.
// we will use DB class
$output = array();
$result = \DB::select('*')->from(static::$_table_name)->as_object()->where('config_name', 'IN', $config_name)->execute();
if ((is_array($result) || is_object($result)) && !empty($result)) {
foreach ($result as $row) {
$output[$row->config_name]['value'] = $row->config_value;
$output[$row->config_name]['core'] = $row->config_core;
$output[$row->config_name]['description'] = $row->config_description;
}
// endforeach;
}
// endif;
unset($result, $row);
\Cache::set($cache_name, $output, 2592000);
return $output;
// end get values by array loop.
}
return $cached;
}
/**
* check if current site is enabled
*
* @return boolean
*/
public static function isSiteEnabled()
{
// always return true if it is main site. (site id 1).
$site_id = static::getSiteId(false);
if (1 == $site_id) {
return true;
}
// get domain
if (isset($_SERVER['HTTP_HOST'])) {
$site_domain = $_SERVER['HTTP_HOST'];
} elseif (isset($_SERVER['SERVER_NAME'])) {
$site_domain = $_SERVER['SERVER_NAME'];
} else {
$site_domain = 'localhost';
}
$cache_name = 'model.sites-isSiteEnabled-' . \Extension\Security::formatString($site_domain, 'alphanum_dash_underscore');
$cached = \Extension\Cache::getSilence($cache_name);
if (false === $cached) {
$result = \DB::select()->from(static::$_table_name)->where('site_domain', $site_domain)->where('site_status', 1)->execute();
$total = count($result);
unset($result, $site_domain);
if ($total > 0) {
\Cache::set($cache_name, true, 2592000);
return true;
}
\Cache::set($cache_name, 'false', 2592000);
return false;
}
if ('false' === $cached) {
return false;
} else {
return $cached;
}
}
