API tools faq
paste
Guest User

Untitled

a guest
May 26th, 2018
95
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 24.35 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3.  
  4. class StaffAction extends Action
  5. {
  6. protected static $tpl_dir = "staff/";
  7.  
  8. public function getProcessedString()
  9. {
  10. $this->init();
  11.  
  12. // dir stores profiles photo
  13. $this->smarty->assign( 'photos_dir',BaseConfig::$config["photos_dir_path"] );
  14.  
  15. $action = $this->request->get( 'action','GET' );
  16.  
  17. if ( $action )
  18. {
  19. $id = $this->request->get( 'id','GET' );
  20.  
  21. if ( $action == 'add' )
  22. {
  23. $this->addPersonManage();
  24. }
  25. else
  26. if ( $action == 'edit' )
  27. {
  28. $this->editPersonManage( $id );
  29. }
  30. else
  31. if ( $action == 'search' )
  32. {
  33. $this->smarty->assign( 'content',$this->getSearchResultsList( $word ) );
  34. }
  35. else
  36. if ( $action == 'delete' )
  37. {
  38. $this->deletePersonById( $id );
  39. }
  40. }
  41.  
  42. $this->smarty->assign( 'main_menu',$this->smarty->fetch( 'main_menu.tpl' ) );
  43.  
  44. if ( !$this->smarty->get_template_vars( 'content' ) )
  45. {
  46. $this->smarty->assign( 'content',$this->getStaffList() );
  47. }
  48.  
  49. return $this->smarty->fetch( 'main.tpl' );
  50. }
  51.  
  52. protected function getStaffList()
  53. {
  54. // get current page uri and pass it to tpl
  55. $base_uri = $this->build_uri( 'page' );
  56. $this->smarty->assign( 'base_uri',$base_uri );
  57.  
  58. $header_base_uri = $this->build_uri( array( 'order','direction' ) );
  59. $this->smarty->assign( 'header_base_uri',$header_base_uri );
  60.  
  61. // $order - sorting order
  62. // $direction - sorting direction(ASC and DESC)
  63. list( $order,$direction ) = $this->getSortParams();
  64.  
  65. // current page number
  66. $page = (int) $this->request->get( 'page','GET' );
  67. $page = ( $page ) ? $page : 1;
  68.  
  69. // save current uri(with page var) in session
  70. $this->set_uri( $base_uri . 'page=' . $page );
  71.  
  72. // count of rows in result what need
  73. $items_per_page = BaseConfig::$config['staff_persons_per_page'];
  74.  
  75. // total rows in result count
  76. $this->db->select( "SELECT COUNT(*) FROM " . TAB_PREFIX . "user_profiles AS p
  77. LEFT JOIN " . TAB_PREFIX . "positions AS pos ON p.profile_position_id=pos.position_id
  78. LEFT JOIN " . TAB_PREFIX . "departments AS d ON p.profile_department_id=d.department_id
  79. LEFT JOIN " . TAB_PREFIX . "users AS u ON p.profile_user_id=u.user_id" );
  80.  
  81. $items_total = (int) $this->db->get_one();
  82.  
  83. // pages count
  84. $pages_count = ceil( $items_total / $items_per_page );
  85.  
  86. $page = ( $page > $pages_count ) ? $pages_count : $page;
  87.  
  88. // first row in result number
  89. $start = ( $page - 1 ) * $items_per_page;
  90.  
  91. $this->db->select_limited( "SELECT * FROM " . TAB_PREFIX . "user_profiles AS p
  92. LEFT JOIN " . TAB_PREFIX . "positions AS pos ON p.profile_position_id=pos.position_id
  93. LEFT JOIN " . TAB_PREFIX . "departments AS d ON p.profile_department_id=d.department_id
  94. LEFT JOIN " . TAB_PREFIX . "users AS u ON p.profile_user_id=u.user_id
  95. ORDER BY " . $order . " " . $direction,$start,
  96. $items_per_page );
  97.  
  98. // array of persons info
  99. $info = $this->db->get_all();
  100.  
  101. // and pass it to tpl
  102. $this->smarty->assign( 'stafflist',$info );
  103.  
  104. $this->smarty->assign( 'current_page',$page );
  105. $this->smarty->assign( 'pages',range( 1,$pages_count ) );
  106.  
  107. $this->smarty->assign( 'pagenation',$this->smarty->fetch( 'pages.tpl' ) );
  108.  
  109. return $this->smarty->fetch( self::$tpl_dir . 'staff_list.tpl' );
  110. }
  111.  
  112. protected function getSearchResultsList( $word )
  113. {
  114. // get current page uri ana pass it to tpl
  115. $base_uri = $this->build_uri( 'page' );
  116. $this->smarty->assign( 'base_uri',$base_uri );
  117.  
  118. $header_base_uri = $this->build_uri( array( 'order','direction' ) );
  119. $this->smarty->assign( 'header_base_uri',$header_base_uri );
  120.  
  121. // word to search after sanitizing
  122. $word = $this->processWord( $this->request->get( 'word','GET' ) );
  123.  
  124. // $order - sorting order
  125. // $direction - sorting direction(ASC and DESC)
  126. list( $order,$direction ) = $this->getSortParams();
  127.  
  128. // current page number
  129. $page = (int) $this->request->get( 'page','GET' );
  130. $page = ( $page ) ? $page : 1;
  131.  
  132. // save current uri(with page var) in session
  133. $this->set_uri( $base_uri . 'page=' . $page );
  134.  
  135. $this->db->select( "SELECT COUNT(*) FROM " . TAB_PREFIX . "user_profiles AS p
  136. LEFT JOIN " . TAB_PREFIX . "positions AS pos ON p.profile_position_id=pos.position_id
  137. LEFT JOIN " . TAB_PREFIX . "departments AS d ON p.profile_department_id=d.department_id
  138. LEFT JOIN " . TAB_PREFIX . "users AS u ON p.profile_user_id=u.user_id
  139. WHERE
  140. (
  141. p.profile_name LIKE '%" . $word . "%' OR
  142. p.profile_email LIKE '%" . $word . "%' OR
  143. p.profile_phone LIKE '%" . $word . "%' OR
  144. p.profile_address LIKE '%" . $word . "%' OR
  145. pos.position_title LIKE '%" . $word . "%' OR
  146. d.department_title LIKE '%" . $word . "%'
  147. )" );
  148.  
  149. // total rows in result count
  150. $items_total = (int) $this->db->get_one();
  151.  
  152. if ( $items_total > 0 )
  153. {
  154. // count of rows in result what need
  155. $items_per_page = BaseConfig::$config['staff_persons_per_page'];
  156.  
  157. // pages count
  158. $pages_count = ceil( $items_total / $items_per_page );
  159.  
  160. $page = ( $page > $pages_count ) ? $pages_count : $page;
  161.  
  162. // first row in result number
  163. $start = ( $page - 1 ) * $items_per_page;
  164.  
  165. $this->db->select_limited( "SELECT * FROM " . TAB_PREFIX . "user_profiles AS p
  166. LEFT JOIN " . TAB_PREFIX . "positions AS pos ON p.profile_position_id=pos.position_id
  167. LEFT JOIN " . TAB_PREFIX . "departments AS d ON p.profile_department_id=d.department_id
  168. LEFT JOIN " . TAB_PREFIX . "users AS u ON p.profile_user_id=u.user_id
  169. WHERE
  170. (
  171. p.profile_name LIKE '%" . $word . "%' OR
  172. p.profile_email LIKE '%" . $word . "%' OR
  173. p.profile_phone LIKE '%" . $word . "%' OR
  174. p.profile_address LIKE '%" . $word . "%' OR
  175. pos.position_title LIKE '%" . $word . "%' OR
  176. d.department_title LIKE '%" . $word . "%'
  177. )
  178. ORDER BY " . $order . " " . $direction,$start,$items_per_page );
  179.  
  180. // array of persons info for search word
  181. $info = $this->db->get_all();
  182.  
  183. $this->displayMessage( sprintf( 'Результаты поиска по запросу "%s"',$word ) );
  184.  
  185. $this->smarty->assign( 'current_page',$page );
  186. $this->smarty->assign( 'pages',range( 1,$pages_count ) );
  187.  
  188. $this->smarty->assign( 'pagenation',$this->smarty->fetch( 'pages.tpl' ) );
  189.  
  190. $this->smarty->assign( 'stafflist',$info );
  191. }
  192. else
  193. {
  194. $this->displayMessage( "По Вашему запросу ничего не найдено." );
  195. }
  196.  
  197. return $this->smarty->fetch( self::$tpl_dir . 'staff_list.tpl' );
  198. }
  199.  
  200. public function addPersonManage()
  201. {
  202. $form_sent = $this->request->get( 'person_sent','POST' );
  203. if ( $form_sent )
  204. {
  205. $add_person_res = $this->addPerson();
  206. if ( $add_person_res )
  207. {
  208. $this->response->setHeader( "Location: " . $this->get_uri() );
  209. }
  210. }
  211.  
  212. if ( !$form_sent || !$add_person_res )
  213. {
  214. $this->smarty->assign( 'content',$this->getAddPersonForm() );
  215. }
  216. }
  217.  
  218. protected function addPerson()
  219. {
  220. // base fields
  221.  
  222. $cols = array();
  223. $vals = array();
  224.  
  225. $name = $this->request->get( 'profile_name','POST' );
  226. if ( strlen( $name ) === 0 )
  227. {
  228. $this->displayMessage( 'Введите имя сотрудника' );
  229. return false;
  230. }
  231. else
  232. {
  233. $cols[] = 'profile_name';
  234. $vals[] = $name;
  235. }
  236.  
  237. $position_id = $this->request->get( 'profile_position_id','POST' );
  238. if ( $position_id != 0 )
  239. {
  240. $cols[] = 'profile_position_id';
  241. $vals[] = $position_id;
  242. }
  243.  
  244. $department_id = $this->request->get( 'profile_department_id','POST' );
  245. if ( $department_id != 0 )
  246. {
  247. $cols[] = 'profile_department_id';
  248. $vals[] = $department_id;
  249. }
  250.  
  251. $gender = $this->request->get( 'profile_gender','POST' );
  252. if ( $gender !== null )
  253. {
  254. $cols[] = 'profile_gender';
  255. $vals[] = $gender;
  256. }
  257.  
  258. $birthday = $this->getBirthDay();
  259. if ( $birthday !== null )
  260. {
  261. $cols[] = 'profile_birthday';
  262. $vals[] = $birthday;
  263. }
  264.  
  265. $email = $this->request->get( 'profile_email','POST' );
  266. $phone = $this->request->get( 'profile_phone','POST' );
  267. $address = $this->request->get( 'profile_address','POST' );
  268.  
  269. $cols = array_merge( $cols,array( 'profile_email','profile_phone','profile_address' ) );
  270. $vals = array_merge( $vals,array( $email,$phone,$address ) );
  271.  
  272. // profile photo upload
  273.  
  274. $photo = $this->request->get( 'profile_photo','FILES' );
  275.  
  276. if ( $photo )
  277. {
  278. $filename = $this->uploadFile( $photo,BaseConfig::$config["photos_dir"] );
  279. if ( $filename )
  280. {
  281. $cols[] = 'profile_photo';
  282. $vals[] = $filename;
  283. }
  284. }
  285.  
  286. // add account for system
  287.  
  288. $account_options = $this->request->get( 'account_options','POST' );
  289.  
  290. $add_account_success = true;
  291. if ( $add_account )
  292. {
  293. $login = $this->request->get( 'user_login','POST' );
  294. if ( strlen( $login ) == 0 )
  295. {
  296. $this->displayMessage( 'Введите логин' );
  297. return false;
  298. }
  299.  
  300. $pass = $this->request->get( 'user_pass','POST' );
  301. if ( strlen( $pass ) == 0 )
  302. {
  303. $this->displayMessage( 'Введите пароль' );
  304. return false;
  305. }
  306. else
  307. {
  308. $pass = Action::cryptString( $pass );
  309. }
  310.  
  311. $add_user_res = DbUtils::insert( TAB_PREFIX . "users",
  312. array( 'user_login','user_pass' ),
  313. array( $login,$pass ) );
  314.  
  315. if ( $add_user_res )
  316. {
  317. $user_id = $this->db->get_last_insert_id();
  318.  
  319. $cols[] = 'profile_user_id';
  320. $vals[] = $user_id;
  321. }
  322. else
  323. {
  324. $add_account_success = false;
  325. }
  326. }
  327.  
  328. // add profile
  329.  
  330. $add_profile_res = DbUtils::insert( TAB_PREFIX . "user_profiles",$cols,$vals );
  331.  
  332. if ( !$add_account_success || !$add_profile_res )
  333. {
  334. $this->displayMessage( 'Во время добавления сотрудника произошла ошибка' );
  335. return false;
  336. }
  337. else
  338. {
  339. $this->setMessage( 'Сотрудник успешно добавлен' );
  340. return true;
  341. }
  342. }
  343.  
  344. protected function getAddPersonForm()
  345. {
  346. // at first check if edit_mode is on
  347. if ( !array_key_exists( 'edit_mode',$_SESSION ) || $_SESSION['edit_mode'] == 0 )
  348. {
  349. $this->response->setHeader( "Location: /staff" );
  350. return '';
  351. }
  352.  
  353. // return profile form
  354.  
  355. $this->smarty->assign( 'header',"Добавление сотрудника" );
  356. $this->smarty->assign( 'account_options_header',"Дать доступ в систему" );
  357.  
  358. $this->smarty->assign( 'person_form_target','/staff/?action=add' );
  359.  
  360. $this->profileListsAssign();
  361. $this->personListsAssign();
  362.  
  363. return $this->smarty->fetch( self::$tpl_dir . 'person_form.tpl' );
  364. }
  365.  
  366. public function editPersonManage( $id )
  367. {
  368. $form_sent = $this->request->get( 'person_sent','POST' );
  369.  
  370. // if form was sent
  371. if ( $form_sent )
  372. {
  373. $edit_person_res = $this->editPersonById( $id );
  374. // if editing form is success
  375. if ( $edit_person_res )
  376. {
  377. // go to the saved uri
  378. $this->response->setHeader( "Location: " . $this->get_uri() );
  379. }
  380. }
  381.  
  382. // if form was not sent or there is errors in form editing
  383. // display form
  384. if ( !$form_sent || !$edit_person_res )
  385. {
  386. $this->smarty->assign( 'content',$this->getEditPersonForm( $id ) );
  387. }
  388. }
  389.  
  390. protected function editPersonById( $id )
  391. {
  392. // base fields
  393.  
  394. $cols = array();
  395. $vals = array();
  396.  
  397. $name = $this->request->get( 'profile_name','POST' );
  398. if ( strlen( $name ) === 0 )
  399. {
  400. $this->displayMessage( 'Введите имя сотрудника' );
  401. return false;
  402. }
  403. else
  404. {
  405. $cols[] = 'profile_name';
  406. $vals[] = $name;
  407. }
  408.  
  409. $position_id = $this->request->get( 'profile_position_id','POST' );
  410. $cols[] = 'profile_position_id';
  411. $vals[] = ( $position_id != 0 ) ? $position_id : 'NULL';
  412.  
  413. $department_id = $this->request->get( 'profile_department_id','POST' );
  414.  
  415. $cols[] = 'profile_department_id';
  416. $vals[] = ( $department_id != 0 ) ? $department_id : 'NULL';
  417.  
  418. $gender = $this->request->get( 'profile_gender','POST' );
  419. if ( $gender !== null )
  420. {
  421. $cols[] = 'profile_gender';
  422. $vals[] = $gender;
  423. }
  424.  
  425. $birthday = $this->getBirthDay();
  426. if ( $birthday !== null )
  427. {
  428. $cols[] = 'profile_birthday';
  429. $vals[] = $birthday;
  430. }
  431.  
  432. $email = $this->request->get( 'profile_email','POST' );
  433. $phone = $this->request->get( 'profile_phone','POST' );
  434. $address = $this->request->get( 'profile_address','POST' );
  435.  
  436. $cols = array_merge( $cols,array( 'profile_email','profile_phone','profile_address' ) );
  437. $vals = array_merge( $vals,array( $email,$phone,$address ) );
  438.  
  439. if ( $this->request->get( 'delete_photo','POST' ) == 1 )
  440. {
  441. self::deletePhoto( $id );
  442.  
  443. $cols[] = 'profile_photo';
  444. $vals[] = '';
  445. }
  446. else
  447. {
  448. $photo = $this->request->get( 'profile_photo','FILES' );
  449.  
  450. if ( $photo )
  451. {
  452. $filename = $this->uploadFile( $photo,BaseConfig::$config["photos_dir"] );
  453. if ( $filename )
  454. {
  455. $cols[] = 'profile_photo';
  456. $vals[] = $filename;
  457. }
  458. }
  459. }
  460.  
  461. // edit account for system
  462.  
  463. $account_options = $this->request->get( 'account_options','POST' );
  464.  
  465. $edit_account_success = true;
  466. if ( $account_options )
  467. {
  468. $login = $this->request->get( 'user_login','POST' );
  469. if ( strlen( $login ) == 0 )
  470. {
  471. $this->displayMessage( 'Введите логин' );
  472. return false;
  473. }
  474.  
  475. $pass = $this->request->get( 'user_pass','POST' );
  476. if ( strlen( $pass ) == 0 )
  477. {
  478. $this->displayMessage( 'Введите пароль' );
  479. return false;
  480. }
  481. else
  482. {
  483. $pass = Action::cryptString( $pass );
  484. }
  485.  
  486. $user_id = $this->getUserIdByProfileId( $id );
  487.  
  488. $edit_account_success = DbUtils::updateBy( TAB_PREFIX . "users",
  489. array( 'user_login','user_pass' ),
  490. array( $login,$pass ),
  491. 'user_id',(int) $user_id );
  492. }
  493.  
  494.  
  495. $edit_profile_res = DbUtils::updateBy( TAB_PREFIX . "user_profiles",$cols,$vals,'profile_id',$id );
  496.  
  497.  
  498. if ( !$edit_account_success || !$edit_profile_res )
  499. {
  500. $this->displayMessage( 'Во время редактирования анкеты сотрудника произошла ошибка' );
  501. return false;
  502. }
  503. else
  504. {
  505. $this->setMessage( 'Анкета сотрудника успешно отредактирована' );
  506. return true;
  507. }
  508. }
  509.  
  510. public function getEditPersonForm( $id )
  511. {
  512. // at first check if edit_mode is on
  513. if ( !array_key_exists( 'edit_mode',$_SESSION ) || $_SESSION['edit_mode'] == 0 )
  514. {
  515. $this->response->setHeader( "Location: /staff" );
  516. return '';
  517. }
  518.  
  519. // return edit profile form
  520.  
  521. $this->smarty->assign( 'header',"Редактирование сотрудника" );
  522. $this->smarty->assign( 'account_options_header',"Изменить настройки доступа" );
  523.  
  524. $this->smarty->assign( 'person_form_target','/staff/?action=edit&id=' . $id );
  525.  
  526. $this->profileListsAssign();
  527. $this->personListsAssign();
  528.  
  529. $user = $this->getPersonById( $id );
  530.  
  531. // build vars day,month and year for tpl
  532. if ( $user['profile_birthday'] !== null )
  533. {
  534. $date = getdate( strtotime( $user['profile_birthday'] ) );
  535.  
  536. $user['day'] = $date['mday'];
  537. $user['month'] = $date['mon'];
  538. $user['year'] = $date['year'];
  539. }
  540.  
  541. $this->smarty->assign( 'user',$user );
  542.  
  543. return $this->smarty->fetch( self::$tpl_dir . 'person_form.tpl' );
  544. }
  545.  
  546. public function getPersonById( $id )
  547. {
  548. $this->db->select( "SELECT * FROM " . TAB_PREFIX . "user_profiles AS p
  549. LEFT JOIN " . TAB_PREFIX . "positions AS pos ON p.profile_position_id=pos.position_id
  550. LEFT JOIN " . TAB_PREFIX . "departments AS d ON p.profile_department_id=d.department_id
  551. LEFT JOIN " . TAB_PREFIX . "users AS u ON p.profile_user_id=u.user_id
  552. WHERE p.profile_id='" . (int) $id . "'" );
  553.  
  554. return $this->db->get_row();
  555. }
  556.  
  557. protected function personListsAssign()
  558. {
  559. // pass positions and departments lists and to tpl
  560.  
  561. $positions = DbUtils::getAssocFromTab( TAB_PREFIX . "positions",'position_id','position_title' );
  562. $this->smarty->assign( 'positions',$positions );
  563.  
  564. $departments = DbUtils::getAssocFromTab( TAB_PREFIX . "departments",'department_id','department_title' );
  565. $this->smarty->assign( 'departments',$departments );
  566. }
  567.  
  568. /**
  569. * method cleans search keyword
  570. *
  571. * @param string $word
  572. * @return string
  573. */
  574. protected function processWord( $word )
  575. {
  576. $word = trim( urldecode( $word ) );
  577.  
  578. FileIO::include_file( PATH . 'base/filter/FilterChain.php' );
  579. $fc = new FilterChain();
  580.  
  581. $fc->addFilter( "HtmlTagsFilter" )->addFilter( "CropFilter",array( 'size' => 50 ) );
  582.  
  583. return $fc->filter( $word );
  584. }
  585.  
  586. protected function deletePersonById( $id )
  587. {
  588. // at first delete profile photo from photos dir
  589. self::deletePhoto( $id );
  590.  
  591. // delete profile
  592. $delete_profile_res = DbUtils::deleteBy( TAB_PREFIX . "user_profiles",'profile_id',(int) $id );
  593.  
  594. // delete user account if it exists
  595. $user_id = $this->getUserIdByProfileId( $id );
  596.  
  597. $delete_user_res = true;
  598.  
  599. if ( $user_id != 0 )
  600. {
  601. $delete_user_res = DbUtils::deleteBy( TAB_PREFIX . "users",'user_id',(int) $user_id );
  602. }
  603.  
  604. if ( $delete_profile_res && $delete_user_res )
  605. {
  606. $this->setMessage( 'Сотрудник успешно удален' );
  607. }
  608. else
  609. {
  610. $this->setMessage( 'В процессе удаления сотрудника возникла ошибка' );
  611. }
  612.  
  613. $this->response->setHeader( "Location: " . $this->get_uri() );
  614. }
  615.  
  616. public static function deletePhoto( $profile_id )
  617. {
  618. $db = DbFactory::getProduct();
  619. // get profile photo name
  620. $db->select( "SELECT profile_photo
  621. FROM " . TAB_PREFIX . "user_profiles
  622. WHERE profile_id='" . $profile_id . "'" );
  623.  
  624. $filename = $db->get_one();
  625.  
  626. // and if file exists delete file
  627. $full_path = BaseConfig::$config["photos_dir"] . $filename;
  628.  
  629. if ( FileIO::is_file( $full_path ) )
  630. {
  631. return unlink( $full_path );
  632. }
  633. return true;
  634. }
  635.  
  636. /**
  637. * method takes profile id from user_profiles table
  638. * and returns user id from users table
  639. *
  640. * @param int $profile_id
  641. * @return int $user_id
  642. */
  643. protected function getUserIdByProfileId( $profile_id )
  644. {
  645. $this->db->select( "SELECT profile_user_id FROM " . TAB_PREFIX . "user_profiles
  646. WHERE profile_id='" . (int) $profile_id . "'" );
  647.  
  648. return (int) $this->db->get_one();
  649. }
  650.  
  651. protected function getSortParams()
  652. {
  653. // try to get $order and direction sorting params from GET
  654. // if there is no get from options
  655. $order = $this->request->get( 'order','GET' );
  656.  
  657. if ( !$order )
  658. {
  659. $order = BaseConfig::$config['default_staff_sorting_col'];
  660. }
  661.  
  662. $direction = $this->request->get( 'direction','GET' );
  663.  
  664. if ( !$direction )
  665. {
  666. $direction = BaseConfig::$config['default_staff_sorting_direction'];
  667. }
  668.  
  669. return array( $order,$direction );
  670. }
  671. }
  672.  
  673. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!