File manager - Edit - /home/autoph/public_html/connectv1/lms/app/controllers/user.php
Back
<?php class User{ function read_id_number_count($id_no,$utility_class,$db){ return $db->sql_query_num_rows("SELECT id FROM lms2_users WHERE id_number = '$id_no' AND status = 1"); } function read_email_count($email,$utility_class,$db){ return $db->sql_query_num_rows("SELECT lu.id FROM lms2_user_contacts luc INNER JOIN lms2_users lu ON luc.user_id = lu.id WHERE luc.email = '$email' AND lu.status = 1"); } function read_mobile_count($mobile,$utility_class,$db){ return $db->sql_query_num_rows("SELECT lu.id FROM lms2_user_contacts luc INNER JOIN lms2_users lu ON luc.user_id = lu.id WHERE luc.mobile = '$mobile' AND lu.status = 1"); } function insert_user_details($array_data,$utility_class,$db){ $query = "INSERT INTO `lms2_users`( `id_number`,`default_position_id`, `default_dealer_id`, `firstname`, `lastname`, `date_added`, `status`) VALUES ('".$array_data['id_no']."','".$array_data['position']."','".$array_data['dealer']."','".$array_data['firstname']."','".$array_data['lastname']."',NOW(),'1')"; $inserted_user_id = $db->sql_query_id($query); $query_contact = "INSERT INTO `lms2_user_contacts`(`user_id`, `mobile`, `email`) VALUES ('$inserted_user_id','".$array_data['mobile']."','".$array_data['email']."')"; $inserted_user_contact_count = $db->sql_query_affected_rows($query_contact); $hash_password = password_hash(md5($array_data['password']), PASSWORD_DEFAULT); $query_account = "INSERT INTO `lms2_user_accounts`( `user_id`, `username`, `password`, `is_active_account`) VALUES ('$inserted_user_id','".$array_data['id_no']."','$hash_password','0')"; $inserted_user_account_count = $db->sql_query_affected_rows($query_account); return intval($inserted_user_contact_count + $inserted_user_account_count); } function read_user_status($array_data,$utility_class,$db){ } function read_user_account_status($array_data,$utility_class,$db){ } function insert_temporary_role($array_data,$user_id,$utility_class,$db){ $query_insert_role = "INSERT INTO `lms2_roles`( `status`) VALUES (0)"; $role_id = $db->sql_query_id($query_insert_role); $query_insert_role_access = "INSERT INTO `lms2_role_access`( `role_id`, `json_dealers`, `json_menus`) VALUES ($role_id,'[]','[]')"; $db->sql_query($query_insert_role_access); return $role_id; } function delete_temporary_role($array_data,$user_id,$utility_class,$db){ $query_remove_role_access = "DELETE FROM `lms2_role_access` WHERE role_id = ".$array_data['id'].""; $db->sql_query($query_remove_role_access); $query_remove_role = "DELETE FROM `lms2_roles` WHERE id = ".$array_data['id'].""; return $db->sql_query_affected_rows($query_remove_role); } function update_role($role_id,$array_data,$user_id,$utility_class,$db){ $query_update_role = "UPDATE `lms2_roles` SET `name`=NULLIF('".$array_data['txt_role_name']."',''),`added_by`=NULLIF('$user_id',''),date_added = NOW() ,`status`=1 WHERE id = $role_id"; $db->sql_query_affected_rows($query_update_role); } function read_role_dealers($role_id ,$utility_class,$db){ $query = "SELECT `json_dealers` FROM `lms2_role_access` WHERE `role_id` = $role_id LIMIT 1"; return $db->select($query); } function update_role_dealers($role_id,$role_dealers,$utility_class,$db){ $query = "UPDATE `lms2_role_access` SET `json_dealers`= '$role_dealers' WHERE `role_id` = $role_id"; return $db->sql_query_affected_rows($query); } function update_role_menus($role_id,$role_menus,$utility_class,$db){ $query = "UPDATE `lms2_role_access` SET `json_menus`= '$role_menus' WHERE `role_id` = $role_id"; return $db->sql_query_affected_rows($query); } function role_dealer_list($array_data,$utility_class,$db){ // $offset_limit = "LIMIT ".$array_data['offset'].",".$array_data['limit']." "; $offset_limit = ""; $field = " c.id as c_id, c.code as c_code, c.name as c_name, d.id as d_id, d.code as d_code, d.name as d_name "; $field_count = " COUNT(1) "; $query = "SELECT %s FROM `lms2_companies` c INNER JOIN lms2_dealers d ON c.id = d.company_id WHERE 1 AND (CONCAT(c.code,' ',c.name) LIKE '%%%s%%' OR CONCAT(d.code,' ',d.name) LIKE '%%%s%%') AND c.status = 1 AND d.status = 1 ORDER BY d.name ASC %s "; $query_formatted = sprintf( $query, $field, $array_data['search'], $array_data['search'], $offset_limit ); $query_formatted_count = sprintf( $query, $field_count, $array_data['search'], $array_data['search'], '' ); // echo $query_formatted;exit; return array(intval($db->select($query_formatted_count)),$db->sql_query($query_formatted)); } function get_user_notification_info($user_id,$utility_class,$db){ $query = " SELECT nt.id,COUNT(nt.id) as total,nt.name , MAX(nl.date_added) ago_time FROM `lms2_notification_type` nt INNER JOIN lms2_notification_list nl ON nt.id = nl.notification_type_id WHERE 1 AND nt.status = 1 AND nl.status = 1 AND nl.is_read = 0 AND nl.to_user = $user_id GROUP BY nt.id ORDER BY nl.date_added DESC"; return $db->sql_query($query); } function get_user_notification_list($user_id,$type_id,$offset,$limit,$utility_class,$db){ $notif_type = ""; if(intval($type_id)){ $notif_type = " AND nl.`notification_type_id` = $type_id "; } $query = "SELECT u1.firstname,u1.lastname,nl.`id` as notif_id, nl.`notification_type_id`, nl.`description`, nl.`date_added`, nl.`is_read`, nl.target_id, DATE_FORMAT(nl.date_added,'%%M %%d, %%Y %%h:%%i %%p') as date_addedf FROM `lms2_notification_list` nl INNER JOIN lms2_users u1 ON nl.`from_user` = u1.id WHERE 1 AND nl.status = 1 AND nl.`to_user` = %s %s /*type_id*/ ORDER BY nl.`date_added` DESC LIMIT %s,%s"; $query_final = sprintf($query,$user_id,$notif_type,$offset,$limit); // echo $query; return $db->sql_query($query_final); } function mark_as_read_notification($user_id,$type_id,$utility_class,$db){ $notif_type = ""; if(intval($type_id)){ $notif_type = " AND `notification_type_id` = $type_id "; } $query = "UPDATE `lms2_notification_list` SET `is_read`=1 WHERE 1 AND `to_user` = %s %s"; $query_final = sprintf($query,$user_id,$notif_type); // echo $query_final; return $db->sql_query($query_final); } function role_list($array_data,$utility_class,$db){ // $offset_limit = "LIMIT ".$array_data['offset'].",".$array_data['limit']." "; $offset_limit = ""; $field = " r.`id`, r.`name`, (SELECT COUNT(1) FROM lms2_users su INNER JOIN lms2_user_accounts sus ON su.id = sus.user_id WHERE sus.role_id = r.id AND su.status = 1 AND sus.is_active_account = 1) as user_count,ra.json_menus "; $field_count = " COUNT(1) "; $query = "SELECT %s FROM `lms2_roles` r LEFT OUTER JOIN lms2_role_access ra ON r.id = ra.role_id WHERE 1 AND r.name LIKE '%%%s%%' AND r.status = 1 ORDER BY r.name ASC %s "; $query_formatted = sprintf( $query, $field, $array_data['search'], $offset_limit ); $query_formatted_count = sprintf( $query, $field_count, $array_data['search'], '' ); // echo $query_formatted_count;exit; return array(intval($db->select($query_formatted_count)),$db->sql_query($query_formatted)); } function remove_role($id,$utility_class,$db){ $query = "UPDATE `lms2_roles` SET `status`=0 WHERE id = $id"; $affected_rows = $db->sql_query_affected_rows($query); return intval($affected_rows); } function system_user_security($where_statement,$array_data,$source,$utility_class,$db){ //check user status $query = "SELECT u.`id`, u.`default_dealer_id`, d.id AS department_id ,u.`default_position_id`, u.`gender_id`, u.`id_number`, CONCAT(u.`firstname`, ' ', u.`lastname`) as fullname ,u.`firstname`, u.`middlename`, u.`lastname`, u.`birthday`, u.`avatar`, u.`date_added`, u.`status`, uc.`mobile`, uc.`email`, uc.`address`, uc.`city_id`, uc.`facebook`, uc.`instagram`, uc.`whatsapp`, uc.`viber`, uc.`linkedin`, ua.`role_id`, ua.`username`, ua.`password`, ua.`is_active_account`, ra.json_dealers, ra.json_menus FROM lms2_users u INNER JOIN lms2_user_contacts uc ON u.id = uc.user_id INNER JOIN lms2_user_accounts ua ON u.id = ua.user_id LEFT OUTER JOIN lms2_roles r ON ua.role_id = r.id LEFT OUTER JOIN lms2_role_access ra ON r.id = ra.role_id LEFT OUTER JOIN lms2_positions p ON u.`default_position_id` = p.id LEFT OUTER JOIN lms2_departments d ON p.`department_id` = d.id WHERE 1 %s "; $user_information_obj = $db->sql_query(sprintf($query,$where_statement)); $user_information = array(); foreach($user_information_obj as $row){ // print_r($row);exit; $user_information = $row; } if(count($user_information) > 0){ //check password if($source == 'login'){ $md5_password = md5($array_data['password']); if (!password_verify($md5_password, $user_information['password'])) { $return_arr['message'] = "Invalid password."; $return_arr['status'] = 0; return $return_arr; // echo json_encode($return_arr); // exit; } } if (intval($user_information['status']) !== 1) { $return_arr['message'] = "Your account is deactivated."; $return_arr['status'] = 0; return $return_arr; // echo json_encode($return_arr); // exit; } if (intval($user_information['is_active_account']) !== 1) { $return_arr['message'] = "Your account is not yet approved."; $return_arr['status'] = 0; return $return_arr; // echo json_encode($return_arr); // exit; } $json_dealers = array(); //merge dealers if($utility_class->isJson($user_information['json_dealers'])){ $json_dealers = json_decode($user_information['json_dealers']); } if($utility_class -> isNotEmpty($user_information['default_dealer_id'])){ $json_dealers = array_merge($json_dealers,array($user_information['default_dealer_id'])); } $json_dealers = $utility_class -> toArrayInt($json_dealers); $json_menus = array(); if($utility_class->isJson($user_information['json_menus'])){ $json_menus = json_decode($user_information['json_menus']); } $json_menus = $utility_class -> toArrayInt($json_menus); //merge dealers to session $user_information = array_merge($user_information,array('dealer_access'=>$json_dealers),array('menu_access'=>$json_menus)); // print_r($user_information);exit; $_SESSION['crm_user'] = $user_information; // if($source == 'login'){ $return_arr['message'] = "Welcome ".ucfirst(strtolower($user_information['firstname']))."."; // $return_arr['data'] = $user_information; $return_arr['status'] = 1; return $return_arr; // echo json_encode($return_arr); // exit; // } }else{ $return_arr['message'] = "No account associated with this credentials."; $return_arr['status'] = 0; // echo json_encode($return_arr); // exit; } } } ?>
| ver. 1.4 |
.
| PHP 7.3.33 | Generation time: 0 |
proxy
|
phpinfo
|
Settings