From 07f5140771388c9e0c8a99b0dd2e5d950bdb173b Mon Sep 17 00:00:00 2001 From: Yuchen Pei Date: Thu, 14 Oct 2021 15:16:42 +1100 Subject: moving h-source subdir out. --- .../Controllers/AdminboxesController.php | 78 ++++++++ .../Controllers/AdmindeletionController.php | 66 +++++++ .../Controllers/AdminhardwareController.php | 121 +++++++++++++ .../Controllers/AdminhistoryController.php | 68 +++++++ .../Controllers/AdminissuesController.php | 88 +++++++++ .../Controllers/AdminmessagesController.php | 86 +++++++++ .../Controllers/AdminnewsController.php | 78 ++++++++ .../Controllers/AdminparamsController.php | 68 +++++++ .../Controllers/AdminpasswordController.php | 88 +++++++++ .../Controllers/AdminregusersController.php | 101 +++++++++++ .../Controllers/AdmintalkController.php | 59 ++++++ .../Controllers/AdminusersController.php | 200 +++++++++++++++++++++ admin/Application/Controllers/PanelController.php | 43 +++++ 13 files changed, 1144 insertions(+) create mode 100644 admin/Application/Controllers/AdminboxesController.php create mode 100644 admin/Application/Controllers/AdmindeletionController.php create mode 100644 admin/Application/Controllers/AdminhardwareController.php create mode 100644 admin/Application/Controllers/AdminhistoryController.php create mode 100644 admin/Application/Controllers/AdminissuesController.php create mode 100644 admin/Application/Controllers/AdminmessagesController.php create mode 100644 admin/Application/Controllers/AdminnewsController.php create mode 100644 admin/Application/Controllers/AdminparamsController.php create mode 100644 admin/Application/Controllers/AdminpasswordController.php create mode 100644 admin/Application/Controllers/AdminregusersController.php create mode 100644 admin/Application/Controllers/AdmintalkController.php create mode 100644 admin/Application/Controllers/AdminusersController.php create mode 100755 admin/Application/Controllers/PanelController.php (limited to 'admin/Application/Controllers') diff --git a/admin/Application/Controllers/AdminboxesController.php b/admin/Application/Controllers/AdminboxesController.php new file mode 100644 index 0000000..65ba18c --- /dev/null +++ b/admin/Application/Controllers/AdminboxesController.php @@ -0,0 +1,78 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + +class AdminboxesController extends Controller { + + function __construct($model, $controller, $queryString) { + parent::__construct($model, $controller, $queryString); + + $this->load('header_back'); + $this->load('footer_back','last'); + + $this->session('admin'); + $this->model('BoxesModel'); + + $this->modelName = 'BoxesModel'; + + $this->m['BoxesModel']->setFields('title,message','sanitizeAll'); + + $this->setArgKeys(array('page:forceNat'=>1,'token:sanitizeAll'=>'token')); + } + + public function main() + { + $this->shift(); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->loadScaffold('main'); + + $this->scaffold->loadMain('boxes:id_box,boxes:title,smartDate|boxes:creation_date','boxes:id_box','edit,del'); + $this->scaffold->setHead('NEWS ID,TITLE,DATE'); + $this->scaffold->update('del'); + $data['scaffold'] = $this->scaffold->render(); + $this->append($data); + $this->load('main'); + } + + public function form($queryType = 'insert') + { + $this->shift(1); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->m['BoxesModel']->updateTable('insert,update'); + + $this->loadScaffold('form'); + $this->scaffold->loadForm($queryType,"adminboxes/form/$queryType"); + $this->scaffold->getFormValues('sanitizeHtml'); + $data['scaffold'] = $this->scaffold->render(); + + $this->append($data); + $this->load('main'); + } + +} \ No newline at end of file diff --git a/admin/Application/Controllers/AdmindeletionController.php b/admin/Application/Controllers/AdmindeletionController.php new file mode 100644 index 0000000..d5ee6fc --- /dev/null +++ b/admin/Application/Controllers/AdmindeletionController.php @@ -0,0 +1,66 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + +class AdmindeletionController extends Controller { + + function __construct($model, $controller, $queryString) { + parent::__construct($model, $controller, $queryString); + + $this->load('header_back'); + $this->load('footer_back','last'); + + $this->session('admin'); + $this->model('DeletionModel'); + + $this->modelName = 'DeletionModel'; + +// $this->m['DeletionModel']->setFields('object,topic,status,priority,message,notice','sanitizeAll'); + + $this->setArgKeys(array('page:forceNat'=>1,'object:sanitizeAll'=>'undef','token:sanitizeAll'=>'token')); + } + + public function main() + { + $this->shift(); + + Params::$nullQueryValue = 'undef'; + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->loadScaffold('main',array('popup'=>true,'popupType'=>'inclusive','mainMenu'=>'panel','recordPerPage'=>30)); + + $whereClauseArray = array( + 'object' => $this->viewArgs['object'], + ); + $this->scaffold->setWhereQueryClause($whereClauseArray); + + $this->scaffold->loadMain('deletion:id_del,deletion:object,deletion:id_duplicate,deletion:id_hard,getUserName|deletion:created_by,smartDate|deletion:creation_date','deletion:id_del',''); + $this->scaffold->setHead('DEL ID,OBJECT,DUPLICATED,HARDWARE ID,CREATED BY,DATE'); + $this->scaffold->update('del'); + $data['scaffold'] = $this->scaffold->render(); + $this->append($data); + $this->load('main'); + } + +} \ No newline at end of file diff --git a/admin/Application/Controllers/AdminhardwareController.php b/admin/Application/Controllers/AdminhardwareController.php new file mode 100644 index 0000000..c02a4c2 --- /dev/null +++ b/admin/Application/Controllers/AdminhardwareController.php @@ -0,0 +1,121 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + +class AdminhardwareController extends Controller +{ + + function __construct($model, $controller, $queryString) + { + parent::__construct($model, $controller, $queryString); + + $this->load('header_back'); + $this->load('footer_back','last'); + + $this->session('admin'); + $this->model('HardwareModel'); + $this->model('DeletionModel'); + + $this->modelName = 'HardwareModel'; + + $this->m['HardwareModel']->setFields('deleted','sanitizeAll'); + + $this->setArgKeys(array('page:forceNat'=>1,'type:sanitizeAll'=>'undef','ask_for_del:sanitizeAll'=>'undef','-deleted:sanitizeAll'=>'undef','token:sanitizeAll'=>'token')); + } + + public function main() + { + $this->shift(); + + Params::$nullQueryValue = 'undef'; + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->loadScaffold('main',array('popup'=>true,'popupType'=>'inclusive','mainMenu'=>'panel','recordPerPage'=>30)); + + $whereClauseArray = array( + 'type' => $this->viewArgs['type'], + 'ask_for_del' => $this->viewArgs['ask_for_del'], + '-deleted' => $this->viewArgs['-deleted'], + ); + $this->scaffold->setWhereQueryClause($whereClauseArray); + + $this->scaffold->loadMain('hardware:id_hard,hardware:model,hardware:type,getUserName|hardware:created_by,getUserName|hardware:updated_by,smartDate|hardware:creation_date,smartDate|hardware:update_date,hardware:ask_for_del,hardware:deleted','hardware:id_hard','edit'); + + $this->scaffold->addItem('simpleLink','adminhardware/ask/;hardware:id_hard;',null,'who asked for deletion'); + $this->scaffold->setHead('HARD ID,MODEL,TYPE,CREATED BY,UPDATED BY,CREATION DATE,UPDATE DATE,ASK FOR DEL?,DELETED?,EDIT,VIEW'); + $data['scaffold'] = $this->scaffold->render(); + $this->append($data); + $this->load('main'); + } + + public function ask($id_hard = 0) + { + $this->shift(1); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $clean['id_hard'] = (int)$id_hard; + + $this->helper('Menu','adminhardware','panel'); + $this->h['Menu']->links['back']['text'] = 'Back'; + $this->h['Menu']->links['back']['url'] = 'main'; + + $data["table"] = $this->m['DeletionModel']->select()->where(array("id_hard"=>$clean['id_hard']))->orderBy("id_del desc")->send(); + + $data['menu'] = $this->h['Menu']->render('panel,back'); + + $this->append($data); + $this->load('ask'); + + } + + public function form($queryType = 'update') + { + $this->shift(1); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + if (isset($_POST['updateAction'])) + { + $clean['id_hard'] = $this->request->post('id_hard',0,'forceInt'); + $clean['deleted'] = $this->request->post('deleted',0,'sanitizeAll'); + + $this->m['HardwareModel']->db->update('hardware','deleted',array($clean['deleted']),'id_hard='.$clean['id_hard']); + + } + + $this->loadScaffold('form'); + $this->scaffold->loadForm($queryType,"adminhardware/form/$queryType"); + $this->scaffold->getFormValues('sanitizeHtml'); + $data['scaffold'] = $this->scaffold->render(); + + $this->append($data); + $this->load('main'); + } + +} \ No newline at end of file diff --git a/admin/Application/Controllers/AdminhistoryController.php b/admin/Application/Controllers/AdminhistoryController.php new file mode 100644 index 0000000..849e432 --- /dev/null +++ b/admin/Application/Controllers/AdminhistoryController.php @@ -0,0 +1,68 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + +class AdminhistoryController extends Controller +{ + + function __construct($model, $controller, $queryString) + { + parent::__construct($model, $controller, $queryString); + + $this->load('header_back'); + $this->load('footer_back','last'); + + $this->session('admin'); + $this->model('HistoryModel'); + + $this->modelName = 'HistoryModel'; + + $this->setArgKeys(array('page:forceNat'=>1,'type:sanitizeAll'=>'undef','action:sanitizeAll'=>'undef','created_by:sanitizeAll'=>'undef','token:sanitizeAll'=>'token')); + } + + public function main() + { + $this->shift(); + + Params::$nullQueryValue = 'undef'; + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->loadScaffold('main',array('popup'=>true,'popupType'=>'inclusive','mainMenu'=>'panel','recordPerPage'=>30)); + + $whereClauseArray = array( + 'type' => $this->viewArgs['type'], + 'action' => $this->viewArgs['action'], + 'created_by'=> $this->viewArgs['created_by'], + 'gr' => '!="registered"', + ); + $this->scaffold->setWhereQueryClause($whereClauseArray); + $this->scaffold->model->orderBy('id_history desc'); + $this->scaffold->loadMain('history:id_history,history:type,history:action,getUserName|history:created_by,history:id,smartDate|history:creation_date,history:gr,history:message','history:id_history',''); + $this->scaffold->setHead('HISTORY ID,TYPE,ACTION,CREATED BY,OBJECT ID,CREATION DATE,GROUP,MESSAGE'); + $data['scaffold'] = $this->scaffold->render(); + $this->append($data); + $this->load('main'); + } + +} \ No newline at end of file diff --git a/admin/Application/Controllers/AdminissuesController.php b/admin/Application/Controllers/AdminissuesController.php new file mode 100644 index 0000000..476b69c --- /dev/null +++ b/admin/Application/Controllers/AdminissuesController.php @@ -0,0 +1,88 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + +class AdminissuesController extends Controller { + + function __construct($model, $controller, $queryString) { + parent::__construct($model, $controller, $queryString); + + $this->load('header_back'); + $this->load('footer_back','last'); + + $this->session('admin'); + $this->model('IssuesModel'); + + $this->modelName = 'IssuesModel'; + + $this->m['IssuesModel']->setFields('deleted,status','sanitizeAll'); + + $this->setArgKeys(array('page:forceNat'=>1,'priority:sanitizeAll'=>'undef','status:sanitizeAll'=>'undef','topic:sanitizeAll'=>'undef','deleted:sanitizeAll'=>'undef','token:sanitizeAll'=>'token')); + } + + public function main() + { + $this->shift(); + + Params::$nullQueryValue = 'undef'; + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->loadScaffold('main',array('popup'=>true,'popupType'=>'inclusive')); + + $whereClauseArray = array( + 'priority' => $this->viewArgs['priority'], + 'status' => $this->viewArgs['status'], + 'topic' => $this->viewArgs['topic'], + 'deleted' => $this->viewArgs['deleted'], + ); + $this->scaffold->setWhereQueryClause($whereClauseArray); + + $this->scaffold->loadMain('issues:id_issue,issues:title,issues:topic,getUserName|issues:created_by,issues:priority,issues:status,smartDate|issues:creation_date,issues:deleted','issues:id_issue','edit,del'); + $this->scaffold->setHead('ISSUE ID,TITLE,TOPIC,CREATED BY,PRIORITY,STATUS,DATE'); + $this->scaffold->update('del'); + $data['scaffold'] = $this->scaffold->render(); + $this->append($data); + $this->load('main'); + } + + public function form($queryType = 'insert') + { + $this->shift(1); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->m['IssuesModel']->updateTable('insert,update'); + + $this->loadScaffold('form'); + $this->scaffold->loadForm($queryType,"adminissues/form/$queryType"); + $this->scaffold->getFormValues('sanitizeHtml'); + $data['scaffold'] = $this->scaffold->render(); + + $this->append($data); + $this->load('main'); + } + +} \ No newline at end of file diff --git a/admin/Application/Controllers/AdminmessagesController.php b/admin/Application/Controllers/AdminmessagesController.php new file mode 100644 index 0000000..5a979c4 --- /dev/null +++ b/admin/Application/Controllers/AdminmessagesController.php @@ -0,0 +1,86 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + +class AdminmessagesController extends Controller { + + function __construct($model, $controller, $queryString) { + parent::__construct($model, $controller, $queryString); + + $this->load('header_back'); + $this->load('footer_back','last'); + + $this->session('admin'); + $this->model('MessagesModel'); + + $this->modelName = 'MessagesModel'; + + $this->m['MessagesModel']->setFields('deleted,has_read','sanitizeAll'); + + $this->setArgKeys(array('page:forceNat'=>1,'deleted:sanitizeAll'=>'undef','has_read:sanitizeAll'=>'undef','token:sanitizeAll'=>'token')); + } + + public function main() + { + $this->shift(); + + Params::$nullQueryValue = 'undef'; + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->loadScaffold('main',array('popup'=>true,'popupType'=>'inclusive','recordPerPage'=>20)); + + $whereClauseArray = array( + 'deleted' => $this->viewArgs['deleted'], + 'has_read' => $this->viewArgs['has_read'], + ); + $this->scaffold->setWhereQueryClause($whereClauseArray); + $this->scaffold->model->orderBy = "id_mes desc"; + + $this->scaffold->loadMain('messages:id_mes,messages:id_issue,getUserName|messages:created_by,smartDate|messages:creation_date,messages:deleted,messages:has_read','messages:id_mes','edit'); + $this->scaffold->setHead('MESSAGE ID,ISSUE ID,CREATED BY,DATE,DELETED?,ALREADY READ?'); + $data['scaffold'] = $this->scaffold->render(); + $this->append($data); + $this->load('main'); + } + + public function form($queryType = 'insert') + { + $this->shift(1); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->m['MessagesModel']->updateTable('insert,update'); + + $this->loadScaffold('form'); + $this->scaffold->loadForm($queryType,"adminmessages/form/$queryType"); + $this->scaffold->getFormValues('sanitizeHtml'); + $data['scaffold'] = $this->scaffold->render(); + + $this->append($data); + $this->load('main'); + } + +} \ No newline at end of file diff --git a/admin/Application/Controllers/AdminnewsController.php b/admin/Application/Controllers/AdminnewsController.php new file mode 100644 index 0000000..d722ffe --- /dev/null +++ b/admin/Application/Controllers/AdminnewsController.php @@ -0,0 +1,78 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + +class AdminnewsController extends Controller { + + function __construct($model, $controller, $queryString) { + parent::__construct($model, $controller, $queryString); + + $this->load('header_back'); + $this->load('footer_back','last'); + + $this->session('admin'); + $this->model('NewsModel'); + + $this->modelName = 'NewsModel'; + + $this->m['NewsModel']->setFields('title,message','sanitizeAll'); + + $this->setArgKeys(array('page:forceNat'=>1,'token:sanitizeAll'=>'token')); + } + + public function main() + { + $this->shift(); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->loadScaffold('main'); + + $this->scaffold->loadMain('news:id_news,news:title,smartDate|news:creation_date','news:id_news','edit,del'); + $this->scaffold->setHead('NEWS ID,TITLE,DATE'); + $this->scaffold->update('del'); + $data['scaffold'] = $this->scaffold->render(); + $this->append($data); + $this->load('main'); + } + + public function form($queryType = 'insert') + { + $this->shift(1); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->m['NewsModel']->updateTable('insert,update'); + + $this->loadScaffold('form'); + $this->scaffold->loadForm($queryType,"adminnews/form/$queryType"); + $this->scaffold->getFormValues('sanitizeHtml'); + $data['scaffold'] = $this->scaffold->render(); + + $this->append($data); + $this->load('main'); + } + +} \ No newline at end of file diff --git a/admin/Application/Controllers/AdminparamsController.php b/admin/Application/Controllers/AdminparamsController.php new file mode 100644 index 0000000..62e58b6 --- /dev/null +++ b/admin/Application/Controllers/AdminparamsController.php @@ -0,0 +1,68 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + +class AdminparamsController extends Controller { + + function __construct($model, $controller, $queryString) { + parent::__construct($model, $controller, $queryString); + + $this->load('header_back'); + $this->load('footer_back','last'); + + $this->session('admin'); + $this->model('ParamsModel'); + + $this->modelName = 'ParamsModel'; + + $this->m['ParamsModel']->setFields('updating,boxes_xml','sanitizeAll'); + + $this->setArgKeys(array('token:sanitizeAll'=>'token')); + } + + public function form() + { + $this->shift(); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->m['ParamsModel']->updateTable('update',1); + if ($this->m['ParamsModel']->queryResult) + { + if (strcmp($this->m['ParamsModel']->values['updating'],'yes') === 0) + { + $this->m['ParamsModel']->query("delete from regsessions;"); + } + } +// echo $this->m['ParamsModel']->getQuery(); + + $this->loadScaffold('form',array('formMenu'=>'panel')); + $this->scaffold->loadForm('update',"adminparams/form"); + $this->scaffold->getFormValues('sanitizeHtml',1); + $data['scaffold'] = $this->scaffold->render(); + + $this->append($data); + $this->load('form'); + } + +} \ No newline at end of file diff --git a/admin/Application/Controllers/AdminpasswordController.php b/admin/Application/Controllers/AdminpasswordController.php new file mode 100644 index 0000000..bcaca95 --- /dev/null +++ b/admin/Application/Controllers/AdminpasswordController.php @@ -0,0 +1,88 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + +class AdminpasswordController extends Controller +{ + + function __construct($model, $controller, $queryString) + { + parent::__construct($model, $controller, $queryString); + + $this->load('header_back'); + $this->load('footer_back','last'); + + $this->helper('Menu','users','panel/main'); + $this->helper('Array'); + + $this->session('admin'); + $this->model('AdminusersModel'); + + $this->m['AdminusersModel']->setFields('password:sha1','none'); + + $this->m['AdminusersModel']->strongConditions['update'] = array('checkEqual'=>'password,confirmation'); + $this->m['AdminusersModel']->strongConditions['insert'] = array('checkEqual'=>'password,confirmation'); + + $this->m['AdminusersModel']->identifierName = 'id_user'; + + $this->setArgKeys(array('token:sanitizeAll'=>'token')); + } + + public function form() + { + $this->shift(0); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $data['notice'] = null; + + $id = (int)$this->s['admin']->status['id_user']; + if (isset($_POST['updateAction'])) { + $pass = $this->s['admin']->getPassword(); + if (sha1($_POST['old']) === $pass) + { + $this->m['AdminusersModel']->updateTable('update',$id); + $data['notice'] = $this->m['AdminusersModel']->notice; + } + else + { + $data['notice'] = "
Vecchia password sbagliata
\n"; + } + } + $data['menĂ¹'] = $this->h['Menu']->render('panel'); + + $values = $this->m['AdminusersModel']->selectId($id); + + $action = array('updateAction'=>'save'); + $form = new Form_Form('adminpassword/form'.$this->viewStatus,$action); + $form->setEntry('old','Password'); + $form->entry['old']->labelString = 'old password:'; + $form->setEntry('password','Password'); + $form->setEntry('confirmation','Password'); + $data['form'] = $form->render($values,'old,password,confirmation'); + + $this->append($data); + $this->load('form'); + } + +} \ No newline at end of file diff --git a/admin/Application/Controllers/AdminregusersController.php b/admin/Application/Controllers/AdminregusersController.php new file mode 100644 index 0000000..b4ed6ed --- /dev/null +++ b/admin/Application/Controllers/AdminregusersController.php @@ -0,0 +1,101 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + +class AdminregusersController extends Controller { + + function __construct($model, $controller, $queryString) { + parent::__construct($model, $controller, $queryString); + + $this->load('header_back'); + $this->load('footer_back','last'); + + $this->session('admin'); + $this->model('UsersModel'); + + $this->modelName = 'UsersModel'; + + $this->helper('Menu','adminregusers','panel/main'); + +// $this->m['UsersModel']->setFields('username,e_mail,has_confirmed,deleted,creation_date','sanitizeAll'); + + $this->setArgKeys(array('page:forceNat'=>1,'has_confirmed:sanitizeAll'=>'undef','deleted:sanitizeAll'=>'undef','id_group:sanitizeAll'=>'undef','token:sanitizeAll'=>'token')); + } + + public function main() + { + $this->shift(); + + Params::$nullQueryValue = 'undef'; + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->loadScaffold('main',array('popup'=>true,'popupType'=>'inclusive','mainMenu'=>'panel','recordPerPage'=>30)); + + $whereClauseArray = array( + 'has_confirmed' => $this->viewArgs['has_confirmed'], + 'deleted' => $this->viewArgs['deleted'], + 'id_group' => $this->viewArgs['id_group'], + ); + $this->scaffold->setWhereQueryClause($whereClauseArray); + + $this->scaffold->loadMain('regusers:id_user,regusers:username,regusers:e_mail,regusers:has_confirmed,regusers:deleted,smartDate|regusers:creation_date','regusers:id_user','link'); + $this->scaffold->setHead('USER ID,USERNAME,E-MAIL,HAS CONFIRMED?,DELETED?,DATE'); + $data['scaffold'] = $this->scaffold->render(); + $this->append($data); + $this->load('main'); + } + + public function associate() + { + $this->shift(0); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->m['UsersModel']->printAssError = 'yes'; + $this->m['UsersModel']->updateTable('associate,dissociate'); + + $data['notice'] = $this->m['UsersModel']->notice; + + $data['menu'] = $this->h['Menu']->render('back'); + + $data['action'] = $this->baseUrl.'/adminregusers/associate'.$this->viewStatus; + + $data['groups'] = $this->m['UsersModel']->getFieldArray('reggroups:id_group','reggroups:name'); + + //get the name of the user whose id is $_POST['id_user'] + $users = $this->m['UsersModel']->db->select('regusers','username','id_user='.(int)$_POST['id_user']); + $data['user'] = $users[0]['regusers']['username']; + + //get the groups inside which the user is inserted + $this->m['UsersModel']->setWhereQueryClause(array('id_user'=>(int)$_POST['id_user'])); + $this->m['UsersModel']->orderBy = 'reggroups.id_group desc'; + $data['groupsUser'] = $this->m['UsersModel']->getAll('Boxes'); +// echo $this->m['UsersModel']->getQuery(); + + $this->set($data); + $this->load('associate'); + } +} \ No newline at end of file diff --git a/admin/Application/Controllers/AdmintalkController.php b/admin/Application/Controllers/AdmintalkController.php new file mode 100644 index 0000000..b91912a --- /dev/null +++ b/admin/Application/Controllers/AdmintalkController.php @@ -0,0 +1,59 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + +class AdmintalkController extends Controller { + + function __construct($model, $controller, $queryString) { + parent::__construct($model, $controller, $queryString); + + $this->load('header_back'); + $this->load('footer_back','last'); + + $this->session('admin'); + $this->model('TalkModel'); + + $this->modelName = 'TalkModel'; + + $this->m['TalkModel']->setFields('title,message','sanitizeAll'); + + $this->setArgKeys(array('page:forceNat'=>1,'token:sanitizeAll'=>'token')); + } + + public function main() + { + $this->shift(); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->loadScaffold('main',array('mainMenu'=>'panel')); + + $this->scaffold->loadMain('talk:id_talk,talk:id_hard,talk:title,getUserName|talk:created_by,smartDate|talk:creation_date','talk:id_talk','del'); + $this->scaffold->setHead('TALK ID,HARDWARE ID,TITLE,CREATED BY,DATE'); + $this->scaffold->update('del'); + $data['scaffold'] = $this->scaffold->render(); + $this->append($data); + $this->load('main'); + } + +} \ No newline at end of file diff --git a/admin/Application/Controllers/AdminusersController.php b/admin/Application/Controllers/AdminusersController.php new file mode 100644 index 0000000..0154c0c --- /dev/null +++ b/admin/Application/Controllers/AdminusersController.php @@ -0,0 +1,200 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + +class AdminusersController extends Controller +{ + + function __construct($model, $controller, $queryString) + { + parent::__construct($model, $controller, $queryString); + + $this->load('header_back'); + $this->load('footer_back','last'); + + $this->helper('Menu','adminusers','panel/main'); + $this->helper('Array'); + + $this->session('admin'); + $this->model(); + + $this->m['AdminusersModel']->setFields('username:sanitizeAll,password:sha1','none'); + + $this->m['AdminusersModel']->strongConditions['update'] = array('checkAlphaNum'=>'username','checkEqual'=>'password,confirmation'); + $this->m['AdminusersModel']->strongConditions['insert'] = array('checkAlphaNum'=>'username','checkEqual'=>'password,confirmation'); + + $this->m['AdminusersModel']->databaseConditions['insert'] = array('checkUnique'=>'username'); + $this->m['AdminusersModel']->databaseConditions['update'] = array('checkUniqueCompl'=>'username'); + + $this->setArgKeys(array('page:forceNat'=>1,'id_group:forceInt'=>'0','token:sanitizeAll'=>'token')); + Params::$nullQueryValue = '0'; + } + + public function login() + { + $data['action'] = Url::getRoot('adminusers/login'); + $data['notice'] = null; + + $this->s['admin']->checkStatus(); + if ($this->s['admin']->status['status']=='logged') + { + $this->s['admin']->redirect('logged'); + } + if (isset($_POST['username']) and isset($_POST['password'])) + { + $username = ctype_alnum($_POST['username']) ? sanitizeAll($_POST['username']) : ''; + $choice = $this->s['admin']->login($username,$_POST['password']); + + switch($choice) + { + case 'logged': + $this->redirect('panel/main',3,'You are already logged...'); + break; + case 'accepted': + $this->redirect('panel/main',3,'Hi '.$this->s['admin']->status['user'].'...'); + break; + case 'login-error': + $data['notice'] = '
Wrong username or password
'; + break; + case 'wait': + $data['notice'] = '
You have to wait 5 seconds before you can try to login another time
'; + break; + } + } + $this->set($data); + $this->load('login'); + } + + public function logout() + { + $res = $this->s['admin']->logout(); + if ($res == 'not-logged') { + $data['notice'] = "
You can't logout because you are not logged..
\n"; + + } else if ($res == 'was-logged') { + $data['notice'] = "
Logout executed successfully!
\n"; + + } else if ($res == 'error') { + + } + + $data['login'] = Url::getRoot('adminusers/login'); + $this->set($data); + $this->load('logout'); + } + + public function forceout($id) + { + $this->shift(1); + + $this->s['admin']->check(); + $data['menĂ¹'] = $this->h['Menu']->render('back'); + $data['notice'] = null; + $id = (int)$id; + if (strcmp($this->s['admin']->status['id_user'],$id) !== 0) + { + if ($this->s['admin']->forceOut($id)) + { + $data['notice'] = "
User has been forced out..
\n"; + } + else + { + $data['notice'] = "
Error..
\n"; + } + } + + $this->set($data); + $this->load('forceout'); + } + + public function main() + { + $this->shift(); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->loadScaffold('main',array('popup'=>false)); + $this->scaffold->setWhereQueryClause(array('id_group'=>$this->viewArgs['id_group'])); + $this->scaffold->loadMain('adminusers:id_user,adminusers:username','adminusers:id_user','edit,del'); + $this->scaffold->addItem('simpleLink','adminusers/forceout/;adminusers:id_user;',null,'ForceOut'); + $this->scaffold->update('del'); + $data['scaffold'] = $this->scaffold->render(); + $this->set($data); + $this->load('main'); + } + + public function form($queryType = 'insert') + { + $this->shift(1); + + $this->s['admin']->check(); + + if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); + + $this->m['AdminusersModel']->updateTable('insert,update'); + + $this->loadScaffold('form'); + $this->scaffold->loadForm($queryType,"adminusers/form/$queryType"); + $this->scaffold->getFormValues('sanitizeHtml'); + $this->scaffold->setFormEntries('model',array('password'=>'Password')); + $this->scaffold->form->setEntry('confirmation','Password'); + $data['scaffold'] = $this->scaffold->render(null,'username,password,confirmation,id_user'); + + $this->set($data); + $this->load('main'); + } + +// public function associate() +// { +// $this->shift(0); +// +// $this->s['admin']->check(); +// +// if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); +// +// $this->m['AdminusersModel']->printAssError = 'yes'; +// $this->m['AdminusersModel']->updateTable('associate,dissociate'); +// +// $data['notice'] = $this->m['AdminusersModel']->notice; +// +// $data['menu'] = $this->h['Menu']->render('back'); +// +// $data['action'] = $this->baseUrl.'/adminusers/associate'.$this->viewStatus; +// +// $data['groups'] = $this->m['AdminusersModel']->getFieldArray('admingroups:id_group','admingroups:name'); +// +// //get the name of the user whose id is $_POST['id_user'] +// $users = $this->m['AdminusersModel']->db->select('adminusers','username','id_user='.(int)$_POST['id_user']); +// $data['user'] = $users[0]['adminusers']['username']; +// +// //get the groups inside which the user is inserted +// $this->m['AdminusersModel']->setWhereQueryClause(array('id_user'=>(int)$_POST['id_user'])); +// $this->m['AdminusersModel']->orderBy = 'admingroups.id_group desc'; +// $data['groupsUser'] = $this->m['AdminusersModel']->getAll('Boxes'); +// // echo $this->m['AdminusersModel']->getQuery(); +// +// $this->set($data); +// $this->load('associate'); +// } + +} \ No newline at end of file diff --git a/admin/Application/Controllers/PanelController.php b/admin/Application/Controllers/PanelController.php new file mode 100755 index 0000000..27eeacf --- /dev/null +++ b/admin/Application/Controllers/PanelController.php @@ -0,0 +1,43 @@ +. + +if (!defined('EG')) die('Direct access not allowed!'); + +class PanelController extends Controller { + + public function __construct($model, $controller, $queryString) { + parent::__construct($model, $controller, $queryString); + $this->session('admin'); + $this->load('header_back'); + $this->load('footer_back','last'); + } + + public function main() + { + $this->s['admin']->check(); + $data['logged'] = $this->s['admin']->getUsersLogged(); + + $data['token'] = $this->s['admin']->status['token']; + + $this->set($data); + $this->load('panel'); + } + +} \ No newline at end of file -- cgit v1.2.3