Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once($_SERVER['DOCUMENT_ROOT'] . "/res/database.inc");
- $data["routes"] = array(
- 1 => array(
- "name" => "notices",
- "lg" => $data["lg"]["notice_board"],
- "url" => url(1)
- ),
- 2 => array(
- "name" => "contact_manager",
- "lg" => $data["lg"]["contact_manager"],
- "url" => url(2)
- ),
- 3 => array(
- "name" => "contact_accounting",
- "lg" => $data["lg"]["contact_accounting"],
- "url" => url(3)
- ),
- 4 => array(
- "name" => "counters",
- "lg" => $data["lg"]["counters"],
- "url" => url(4)
- ),
- 5 => array(
- "name" => "documents",
- "lg" => $data["lg"]["house_documents"],
- "url" => url(5)
- ),
- 6 => array(
- "name" => "profile",
- "lg" => $data["lg"]["profile_data"],
- "url" => url(6),
- "hidden" => true
- ),
- 7 => array(
- "name" => "estates",
- "lg" => $data["lg"]["estates"],
- "url" => url(7),
- "hidden" => true
- ),
- 0 => array(
- "name" => "exit",
- "lg" => $data["lg"]["exit"],
- "url" => url(0)
- )
- );
- /* ==================================================== */
- $data["manager"] = array();
- $page = get_page();
- if ($page >= sizeof($data["routes"]) || $page <= 0) {
- $page = 0;
- }
- $data["manager"]["route"] = $data["routes"][$page];
- $data["manager"]["route"]["file"] = "./manager/" . $data["routes"][$page]["name"] . ".html";
- /* ==================================================== */
- $user = $database->get($database_prefix . "users", array("mail", "name", "surname", "image", "user_type"), array(
- "id" => get_user_id()
- ));
- $data["manager"]["user"] = $user;
- /* ==================================================== */
- $estate = $database->get($database_prefix . "manager_estates", "*", array("id" => get_est_id()));
- $data["manager"]["estate"] = $estate;
- $apartments = $database->select($database_prefix . "manager_apartments", array(
- "[>]{$database_prefix}manager_estates" => array("estate_id" => "id")
- ), array(
- "{$database_prefix}manager_estates.name(estate_name)",
- "{$database_prefix}manager_estates.id(estate_id)",
- "{$database_prefix}manager_apartments.id",
- "{$database_prefix}manager_apartments.nth",
- "{$database_prefix}manager_apartments.residents"
- ), array(
- "{$database_prefix}manager_apartments.user_id" => get_user_id()
- ));
- $data["manager"]["apartments"] = $apartments;
- $apartment = $database->get($database_prefix . "manager_apartments", "*", array("id" => get_apt_id()));
- $data["manager"]["apartment"] = $apartment;
- $documents = $database->select($database_prefix . "manager_files", "*", array(
- "estate_id" => get_est_id()
- ));
- $data["manager"]["documents"] = $documents;
- $numbers = $database->select($database_prefix . "manager_numbers", "*", array(
- "estate_id" => get_est_id()
- ));
- $data["manager"]["numbers"] = $numbers;
- /* ==================================================== */
- $redirect = is_null(get_est_id());
- $url = rtrim("http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]", "/")
- . "/{$apartments[0]['estate_id']}/{$apartments[0]['id']}/1";
- ob_clean();
- // if user has no apartments assigned he gets redirected to index
- if (empty($apartments) || empty($_SESSION["user"]["id"])) {
- //header("Location: /");
- exit();
- }
- // if no estate was selected select the first one and redirect to it
- /*if ($redirect) {
- header("Location: " . $url);
- exit();
- }*/
- /* ==================================================== */
- if ($data["manager"]["route"]["name"] != "profile") {
- unset($_SESSION["profile_errors"]);
- }
- switch ($data["manager"]["route"]["name"]) {
- case "notices":
- $notices = $database->select($database_prefix . "manager_notices",
- array("[>]{$database_prefix}manager_notices_mapping" => array("id" => "notice_id")),
- "*",
- array(
- "AND" => array(
- "{$database_prefix}manager_notices_mapping.estate_id" => get_est_id(),
- "{$database_prefix}manager_notices_mapping.apartment_id" => array(-100, get_apt_id())
- ),
- "ORDER" => "{$database_prefix}manager_notices.created DESC"
- )
- );
- foreach ($notices as $n => $notice) {
- $notices[$n]["attachments"] = $database->select($database_prefix . "manager_notices_attachments",
- array("[>]{$database_prefix}manager_files" => array("file_id" => "id")),
- "*",
- array(
- "{$database_prefix}manager_notices_attachments.notice_id" => $notice["id"]
- )
- );
- }
- $data["manager"]["data"] = $notices;
- break;
- case "contact_manager":
- case "contact_accounting":
- if (is_action("ask_question")) {
- if (!empty($_POST["subject"]) && !empty($_POST["content"])) {
- $database->insert($database_prefix . "manager_questions", array(
- "user_id" => get_user_id(),
- "estate_id" => get_est_id(),
- "apartment_id" => get_apt_id(),
- "subject" => $_POST["subject"],
- "content" => $_POST["content"],
- "type" => ($data["manager"]["route"]["name"] == "contact_accounting" ? "accounting" : "manager")
- ));
- $_SESSION["ask_question_show_message"] = true;
- refresh();
- }
- }
- if (!empty($_SESSION["ask_question_show_message"])) {
- unset($_SESSION["ask_question_show_message"]);
- $data["ask_question_show_message"] = true;
- }
- $questions = $database->select($database_prefix . "manager_questions", "*", array(
- "AND" => array(
- "user_id" => get_user_id(),
- "estate_id" => get_est_id(),
- "apartment_id" => get_apt_id(),
- "type" => $data["manager"]["route"]["name"] == "contact_accounting" ? "accounting" : "manager"
- )
- ));
- $data["manager"]["data"] = $questions;
- break;
- case "counters":
- $data["period"] = date("m Y");
- $data["manager"]["data"] = array(
- );
- $uc = $database->select($database_prefix . "manager_apartment_counters", "*", array(
- "AND" => array(
- "estate_id" => get_est_id(),
- "apartment_id" => get_apt_id()
- )
- ));
- foreach ($uc as $type) {
- $data["manager"]["data"][] = array("info" => $type);
- }
- $mo = date("m") - 1;
- $yo = date("Y");
- if ($mo < 1) {
- $yo = --$yo;
- $mo = 12;
- }
- if ($mo < 10) {
- $mo = "0$mo";
- }
- $period_old = "$mo $yo";
- foreach ($data["manager"]["data"] as $key => $value) {
- $data["manager"]["data"][$key]["value"] =
- $database->get($database_prefix . "manager_counters", "value", array(
- "AND" => array(
- "estate_id" => get_est_id(),
- "apartment_id" => get_apt_id(),
- "period" => $data["period"],
- "type" => $value["info"]["type"],
- "counter_id" => $value["info"]["id"]
- )
- ));
- $data["manager"]["data"][$key]["old"] =
- $database->get($database_prefix . "manager_counters", "value", array(
- "AND" => array(
- "estate_id" => get_est_id(),
- "apartment_id" => get_apt_id(),
- "period" => $period_old,
- "type" => $value["info"]["type"],
- "counter_id" => $value["info"]["id"]
- )
- ));
- }
- if (is_action("save") || is_action("modify")) {
- $has = $database->has($database_prefix . "manager_counters", array(
- "AND" => array(
- "estate_id" => get_est_id(),
- "apartment_id" => get_apt_id(),
- "period" => $data["period"],
- "type" => $_POST["type"],
- "counter_id" => $_POST["counter_id"]
- )
- ));
- $_POST[$_POST["counter_id"]] = str_replace(",", ".", $_POST[$_POST["counter_id"]]);
- $_POST[$_POST["counter_id"]] = floatval($_POST[$_POST["counter_id"]]);
- if ($has) {
- $database->update($database_prefix . "manager_counters", array(
- "updated" => date("Y-m-d H:i:s"),
- "value" => $_POST[$_POST["counter_id"]],
- ), array(
- "AND" => array(
- "estate_id" => get_est_id(),
- "apartment_id" => get_apt_id(),
- "type" => $_POST["type"],
- "period" => $data["period"],
- "counter_id" => $_POST["counter_id"]
- )
- ));
- } else {
- $database->insert($database_prefix . "manager_counters", array(
- "updated" => date("Y-m-d H:i:s"),
- "estate_id" => get_est_id(),
- "apartment_id" => get_apt_id(),
- "type" => $_POST["type"],
- "value" => $_POST[$_POST["counter_id"]],
- "period" => $data["period"],
- "counter_id" => $_POST["counter_id"]
- ));
- }
- refresh();
- }
- break;
- case "documents":
- $documents = $database->select($database_prefix . "manager_files", "*", array(
- "estate_id" => get_est_id()
- ));
- $data["manager"]["data"] = $documents;
- break;
- case "profile":
- $data["manager"]["data"] = $user;
- $user_data = $database->select($database_prefix . "users_data", "*", array(
- "user_id" => get_user_id()
- ));
- if (! empty($user_data)) {
- foreach ($user_data as $value) {
- $data["manager"]["data"][$value["name"]] = $value["value"];
- }
- }
- if (! empty($_POST)) {
- unset($_SESSION["profile_errors"]);
- foreach ($_POST as $key => $value) {
- if (in_array($key, array("mail", "name", "surname"))) {
- $database->update($database_prefix . "users", array(
- $key => $value
- ), array(
- "id" => get_user_id()
- ));
- } else if ($key != "image") {
- $exists = $database->has($database_prefix . "users_data", array(
- "AND" => array(
- "user_id" => get_user_id(),
- "name" => $key
- )
- ));
- if ($exists) {
- $database->update($database_prefix . "users_data", array(
- "value" => $value
- ), array(
- "AND" => array(
- "user_id" => get_user_id(),
- "name" => $key
- )
- ));
- } else {
- $database->insert($database_prefix . "users_data", array(
- "user_id" => get_user_id(),
- "name" => $key,
- "value" => $value,
- "lang_id" => 0
- ));
- }
- }
- }
- // password reset
- if (! empty($_POST["existing_password"])) {
- $db_hash = sha1(DB_DATABASE);
- $exists = $database->has($database_prefix . "users", array(
- "AND" => array(
- "id" => get_user_id(),
- "password" => $db_hash . md5($_POST["existing_password"])
- )
- ));
- if ($exists) {
- if (!empty($_POST["new_password"]) && !empty($_POST["new_password_repeat"])) {
- if ($_POST["new_password"] == $_POST["new_password_repeat"]) {
- $password = $db_hash . md5($_POST["new_password"]);
- $database->update($database_prefix . "users", array(
- "password" => $password
- ), array(
- "id" => get_user_id()
- ));
- }
- }
- } else {
- $_SESSION["profile_errors"]["password"] = true;
- }
- }
- if (! empty($_FILES)) {
- foreach ($_FILES as $key => $value) {
- if (! empty($value["name"])) {
- upload($value);
- }
- }
- }
- refresh();
- }
- break;
- case "estates":
- break;
- case "exit":
- header("Location: /logout.php");
- exit();
- break;
- default:
- # code...
- break;
- }
- /* ==================================================== */
- function upload($file) {
- global $id, $database, $database_prefix;
- if (empty($file["tmp_name"])) {
- $file["tmp_name"] = $file["name"];
- }
- $ext = end(explode(".", $file["name"]));
- $hash = sha1(uniqid());
- $path = $_SERVER['DOCUMENT_ROOT'] . "/images/users/$hash.$ext";
- if ($file["size"] > 4000000) {
- $_SESSION["profile_errors"]["image"] = true;
- return;
- }
- $database->update($database_prefix . "users", array(
- "image" => $hash . ".$ext"
- ), array(
- "id" => get_user_id()
- ));
- move_uploaded_file($file["tmp_name"], $path);
- }
- function refresh() {
- header("Location: http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]");
- exit();
- }
- function is_action($try) {
- if (! isset($_POST)) {
- return false;
- }
- return isset($_POST["action"]) ?
- $_POST["action"] == $try : false;
- }
- function get_user_id() {
- return $_SESSION["user"]["id"];
- }
- function get_est_id() {
- return get_arg(3);
- }
- function get_apt_id() {
- return get_arg(2);
- }
- function get_page() {
- return get_arg(1);
- }
- function get_arg($i) {
- $expl = explode("/", $_GET["variables"]);
- out($expl);
- out(sizeof($expl));
- if(!empty($expl[sizeof($expl) - $i])){
- return $expl[sizeof($expl) - $i];
- }else{
- return false;
- }
- }
- function url($page) {
- $url = rtrim("http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]", "/");
- $pieces = explode("/", $url);
- $pieces[sizeof($pieces) - 1] = $page;
- return implode("/", $pieces);
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement