Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- class StaffAction extends Action
- {
- protected static $tpl_dir = "staff/";
- public function getProcessedString()
- {
- $this->init();
- // dir stores profiles photo
- $this->smarty->assign( 'photos_dir',BaseConfig::$config["photos_dir_path"] );
- $action = $this->request->get( 'action','GET' );
- if ( $action )
- {
- $id = $this->request->get( 'id','GET' );
- if ( $action == 'add' )
- {
- $this->addPersonManage();
- }
- else
- if ( $action == 'edit' )
- {
- $this->editPersonManage( $id );
- }
- else
- if ( $action == 'search' )
- {
- $this->smarty->assign( 'content',$this->getSearchResultsList( $word ) );
- }
- else
- if ( $action == 'delete' )
- {
- $this->deletePersonById( $id );
- }
- }
- $this->smarty->assign( 'main_menu',$this->smarty->fetch( 'main_menu.tpl' ) );
- if ( !$this->smarty->get_template_vars( 'content' ) )
- {
- $this->smarty->assign( 'content',$this->getStaffList() );
- }
- return $this->smarty->fetch( 'main.tpl' );
- }
- protected function getStaffList()
- {
- // get current page uri and pass it to tpl
- $base_uri = $this->build_uri( 'page' );
- $this->smarty->assign( 'base_uri',$base_uri );
- $header_base_uri = $this->build_uri( array( 'order','direction' ) );
- $this->smarty->assign( 'header_base_uri',$header_base_uri );
- // $order - sorting order
- // $direction - sorting direction(ASC and DESC)
- list( $order,$direction ) = $this->getSortParams();
- // current page number
- $page = (int) $this->request->get( 'page','GET' );
- $page = ( $page ) ? $page : 1;
- // save current uri(with page var) in session
- $this->set_uri( $base_uri . 'page=' . $page );
- // count of rows in result what need
- $items_per_page = BaseConfig::$config['staff_persons_per_page'];
- // total rows in result count
- $this->db->select( "SELECT COUNT(*) FROM " . TAB_PREFIX . "user_profiles AS p
- LEFT JOIN " . TAB_PREFIX . "positions AS pos ON p.profile_position_id=pos.position_id
- LEFT JOIN " . TAB_PREFIX . "departments AS d ON p.profile_department_id=d.department_id
- LEFT JOIN " . TAB_PREFIX . "users AS u ON p.profile_user_id=u.user_id" );
- $items_total = (int) $this->db->get_one();
- // pages count
- $pages_count = ceil( $items_total / $items_per_page );
- $page = ( $page > $pages_count ) ? $pages_count : $page;
- // first row in result number
- $start = ( $page - 1 ) * $items_per_page;
- $this->db->select_limited( "SELECT * FROM " . TAB_PREFIX . "user_profiles AS p
- LEFT JOIN " . TAB_PREFIX . "positions AS pos ON p.profile_position_id=pos.position_id
- LEFT JOIN " . TAB_PREFIX . "departments AS d ON p.profile_department_id=d.department_id
- LEFT JOIN " . TAB_PREFIX . "users AS u ON p.profile_user_id=u.user_id
- ORDER BY " . $order . " " . $direction,$start,
- $items_per_page );
- // array of persons info
- $info = $this->db->get_all();
- // and pass it to tpl
- $this->smarty->assign( 'stafflist',$info );
- $this->smarty->assign( 'current_page',$page );
- $this->smarty->assign( 'pages',range( 1,$pages_count ) );
- $this->smarty->assign( 'pagenation',$this->smarty->fetch( 'pages.tpl' ) );
- return $this->smarty->fetch( self::$tpl_dir . 'staff_list.tpl' );
- }
- protected function getSearchResultsList( $word )
- {
- // get current page uri ana pass it to tpl
- $base_uri = $this->build_uri( 'page' );
- $this->smarty->assign( 'base_uri',$base_uri );
- $header_base_uri = $this->build_uri( array( 'order','direction' ) );
- $this->smarty->assign( 'header_base_uri',$header_base_uri );
- // word to search after sanitizing
- $word = $this->processWord( $this->request->get( 'word','GET' ) );
- // $order - sorting order
- // $direction - sorting direction(ASC and DESC)
- list( $order,$direction ) = $this->getSortParams();
- // current page number
- $page = (int) $this->request->get( 'page','GET' );
- $page = ( $page ) ? $page : 1;
- // save current uri(with page var) in session
- $this->set_uri( $base_uri . 'page=' . $page );
- $this->db->select( "SELECT COUNT(*) FROM " . TAB_PREFIX . "user_profiles AS p
- LEFT JOIN " . TAB_PREFIX . "positions AS pos ON p.profile_position_id=pos.position_id
- LEFT JOIN " . TAB_PREFIX . "departments AS d ON p.profile_department_id=d.department_id
- LEFT JOIN " . TAB_PREFIX . "users AS u ON p.profile_user_id=u.user_id
- WHERE
- (
- p.profile_name LIKE '%" . $word . "%' OR
- p.profile_email LIKE '%" . $word . "%' OR
- p.profile_phone LIKE '%" . $word . "%' OR
- p.profile_address LIKE '%" . $word . "%' OR
- pos.position_title LIKE '%" . $word . "%' OR
- d.department_title LIKE '%" . $word . "%'
- )" );
- // total rows in result count
- $items_total = (int) $this->db->get_one();
- if ( $items_total > 0 )
- {
- // count of rows in result what need
- $items_per_page = BaseConfig::$config['staff_persons_per_page'];
- // pages count
- $pages_count = ceil( $items_total / $items_per_page );
- $page = ( $page > $pages_count ) ? $pages_count : $page;
- // first row in result number
- $start = ( $page - 1 ) * $items_per_page;
- $this->db->select_limited( "SELECT * FROM " . TAB_PREFIX . "user_profiles AS p
- LEFT JOIN " . TAB_PREFIX . "positions AS pos ON p.profile_position_id=pos.position_id
- LEFT JOIN " . TAB_PREFIX . "departments AS d ON p.profile_department_id=d.department_id
- LEFT JOIN " . TAB_PREFIX . "users AS u ON p.profile_user_id=u.user_id
- WHERE
- (
- p.profile_name LIKE '%" . $word . "%' OR
- p.profile_email LIKE '%" . $word . "%' OR
- p.profile_phone LIKE '%" . $word . "%' OR
- p.profile_address LIKE '%" . $word . "%' OR
- pos.position_title LIKE '%" . $word . "%' OR
- d.department_title LIKE '%" . $word . "%'
- )
- ORDER BY " . $order . " " . $direction,$start,$items_per_page );
- // array of persons info for search word
- $info = $this->db->get_all();
- $this->displayMessage( sprintf( 'Результаты поиска по запросу "%s"',$word ) );
- $this->smarty->assign( 'current_page',$page );
- $this->smarty->assign( 'pages',range( 1,$pages_count ) );
- $this->smarty->assign( 'pagenation',$this->smarty->fetch( 'pages.tpl' ) );
- $this->smarty->assign( 'stafflist',$info );
- }
- else
- {
- $this->displayMessage( "По Вашему запросу ничего не найдено." );
- }
- return $this->smarty->fetch( self::$tpl_dir . 'staff_list.tpl' );
- }
- public function addPersonManage()
- {
- $form_sent = $this->request->get( 'person_sent','POST' );
- if ( $form_sent )
- {
- $add_person_res = $this->addPerson();
- if ( $add_person_res )
- {
- $this->response->setHeader( "Location: " . $this->get_uri() );
- }
- }
- if ( !$form_sent || !$add_person_res )
- {
- $this->smarty->assign( 'content',$this->getAddPersonForm() );
- }
- }
- protected function addPerson()
- {
- // base fields
- $cols = array();
- $vals = array();
- $name = $this->request->get( 'profile_name','POST' );
- if ( strlen( $name ) === 0 )
- {
- $this->displayMessage( 'Введите имя сотрудника' );
- return false;
- }
- else
- {
- $cols[] = 'profile_name';
- $vals[] = $name;
- }
- $position_id = $this->request->get( 'profile_position_id','POST' );
- if ( $position_id != 0 )
- {
- $cols[] = 'profile_position_id';
- $vals[] = $position_id;
- }
- $department_id = $this->request->get( 'profile_department_id','POST' );
- if ( $department_id != 0 )
- {
- $cols[] = 'profile_department_id';
- $vals[] = $department_id;
- }
- $gender = $this->request->get( 'profile_gender','POST' );
- if ( $gender !== null )
- {
- $cols[] = 'profile_gender';
- $vals[] = $gender;
- }
- $birthday = $this->getBirthDay();
- if ( $birthday !== null )
- {
- $cols[] = 'profile_birthday';
- $vals[] = $birthday;
- }
- $email = $this->request->get( 'profile_email','POST' );
- $phone = $this->request->get( 'profile_phone','POST' );
- $address = $this->request->get( 'profile_address','POST' );
- $cols = array_merge( $cols,array( 'profile_email','profile_phone','profile_address' ) );
- $vals = array_merge( $vals,array( $email,$phone,$address ) );
- // profile photo upload
- $photo = $this->request->get( 'profile_photo','FILES' );
- if ( $photo )
- {
- $filename = $this->uploadFile( $photo,BaseConfig::$config["photos_dir"] );
- if ( $filename )
- {
- $cols[] = 'profile_photo';
- $vals[] = $filename;
- }
- }
- // add account for system
- $account_options = $this->request->get( 'account_options','POST' );
- $add_account_success = true;
- if ( $add_account )
- {
- $login = $this->request->get( 'user_login','POST' );
- if ( strlen( $login ) == 0 )
- {
- $this->displayMessage( 'Введите логин' );
- return false;
- }
- $pass = $this->request->get( 'user_pass','POST' );
- if ( strlen( $pass ) == 0 )
- {
- $this->displayMessage( 'Введите пароль' );
- return false;
- }
- else
- {
- $pass = Action::cryptString( $pass );
- }
- $add_user_res = DbUtils::insert( TAB_PREFIX . "users",
- array( 'user_login','user_pass' ),
- array( $login,$pass ) );
- if ( $add_user_res )
- {
- $user_id = $this->db->get_last_insert_id();
- $cols[] = 'profile_user_id';
- $vals[] = $user_id;
- }
- else
- {
- $add_account_success = false;
- }
- }
- // add profile
- $add_profile_res = DbUtils::insert( TAB_PREFIX . "user_profiles",$cols,$vals );
- if ( !$add_account_success || !$add_profile_res )
- {
- $this->displayMessage( 'Во время добавления сотрудника произошла ошибка' );
- return false;
- }
- else
- {
- $this->setMessage( 'Сотрудник успешно добавлен' );
- return true;
- }
- }
- protected function getAddPersonForm()
- {
- // at first check if edit_mode is on
- if ( !array_key_exists( 'edit_mode',$_SESSION ) || $_SESSION['edit_mode'] == 0 )
- {
- $this->response->setHeader( "Location: /staff" );
- return '';
- }
- // return profile form
- $this->smarty->assign( 'header',"Добавление сотрудника" );
- $this->smarty->assign( 'account_options_header',"Дать доступ в систему" );
- $this->smarty->assign( 'person_form_target','/staff/?action=add' );
- $this->profileListsAssign();
- $this->personListsAssign();
- return $this->smarty->fetch( self::$tpl_dir . 'person_form.tpl' );
- }
- public function editPersonManage( $id )
- {
- $form_sent = $this->request->get( 'person_sent','POST' );
- // if form was sent
- if ( $form_sent )
- {
- $edit_person_res = $this->editPersonById( $id );
- // if editing form is success
- if ( $edit_person_res )
- {
- // go to the saved uri
- $this->response->setHeader( "Location: " . $this->get_uri() );
- }
- }
- // if form was not sent or there is errors in form editing
- // display form
- if ( !$form_sent || !$edit_person_res )
- {
- $this->smarty->assign( 'content',$this->getEditPersonForm( $id ) );
- }
- }
- protected function editPersonById( $id )
- {
- // base fields
- $cols = array();
- $vals = array();
- $name = $this->request->get( 'profile_name','POST' );
- if ( strlen( $name ) === 0 )
- {
- $this->displayMessage( 'Введите имя сотрудника' );
- return false;
- }
- else
- {
- $cols[] = 'profile_name';
- $vals[] = $name;
- }
- $position_id = $this->request->get( 'profile_position_id','POST' );
- $cols[] = 'profile_position_id';
- $vals[] = ( $position_id != 0 ) ? $position_id : 'NULL';
- $department_id = $this->request->get( 'profile_department_id','POST' );
- $cols[] = 'profile_department_id';
- $vals[] = ( $department_id != 0 ) ? $department_id : 'NULL';
- $gender = $this->request->get( 'profile_gender','POST' );
- if ( $gender !== null )
- {
- $cols[] = 'profile_gender';
- $vals[] = $gender;
- }
- $birthday = $this->getBirthDay();
- if ( $birthday !== null )
- {
- $cols[] = 'profile_birthday';
- $vals[] = $birthday;
- }
- $email = $this->request->get( 'profile_email','POST' );
- $phone = $this->request->get( 'profile_phone','POST' );
- $address = $this->request->get( 'profile_address','POST' );
- $cols = array_merge( $cols,array( 'profile_email','profile_phone','profile_address' ) );
- $vals = array_merge( $vals,array( $email,$phone,$address ) );
- if ( $this->request->get( 'delete_photo','POST' ) == 1 )
- {
- self::deletePhoto( $id );
- $cols[] = 'profile_photo';
- $vals[] = '';
- }
- else
- {
- $photo = $this->request->get( 'profile_photo','FILES' );
- if ( $photo )
- {
- $filename = $this->uploadFile( $photo,BaseConfig::$config["photos_dir"] );
- if ( $filename )
- {
- $cols[] = 'profile_photo';
- $vals[] = $filename;
- }
- }
- }
- // edit account for system
- $account_options = $this->request->get( 'account_options','POST' );
- $edit_account_success = true;
- if ( $account_options )
- {
- $login = $this->request->get( 'user_login','POST' );
- if ( strlen( $login ) == 0 )
- {
- $this->displayMessage( 'Введите логин' );
- return false;
- }
- $pass = $this->request->get( 'user_pass','POST' );
- if ( strlen( $pass ) == 0 )
- {
- $this->displayMessage( 'Введите пароль' );
- return false;
- }
- else
- {
- $pass = Action::cryptString( $pass );
- }
- $user_id = $this->getUserIdByProfileId( $id );
- $edit_account_success = DbUtils::updateBy( TAB_PREFIX . "users",
- array( 'user_login','user_pass' ),
- array( $login,$pass ),
- 'user_id',(int) $user_id );
- }
- $edit_profile_res = DbUtils::updateBy( TAB_PREFIX . "user_profiles",$cols,$vals,'profile_id',$id );
- if ( !$edit_account_success || !$edit_profile_res )
- {
- $this->displayMessage( 'Во время редактирования анкеты сотрудника произошла ошибка' );
- return false;
- }
- else
- {
- $this->setMessage( 'Анкета сотрудника успешно отредактирована' );
- return true;
- }
- }
- public function getEditPersonForm( $id )
- {
- // at first check if edit_mode is on
- if ( !array_key_exists( 'edit_mode',$_SESSION ) || $_SESSION['edit_mode'] == 0 )
- {
- $this->response->setHeader( "Location: /staff" );
- return '';
- }
- // return edit profile form
- $this->smarty->assign( 'header',"Редактирование сотрудника" );
- $this->smarty->assign( 'account_options_header',"Изменить настройки доступа" );
- $this->smarty->assign( 'person_form_target','/staff/?action=edit&id=' . $id );
- $this->profileListsAssign();
- $this->personListsAssign();
- $user = $this->getPersonById( $id );
- // build vars day,month and year for tpl
- if ( $user['profile_birthday'] !== null )
- {
- $date = getdate( strtotime( $user['profile_birthday'] ) );
- $user['day'] = $date['mday'];
- $user['month'] = $date['mon'];
- $user['year'] = $date['year'];
- }
- $this->smarty->assign( 'user',$user );
- return $this->smarty->fetch( self::$tpl_dir . 'person_form.tpl' );
- }
- public function getPersonById( $id )
- {
- $this->db->select( "SELECT * FROM " . TAB_PREFIX . "user_profiles AS p
- LEFT JOIN " . TAB_PREFIX . "positions AS pos ON p.profile_position_id=pos.position_id
- LEFT JOIN " . TAB_PREFIX . "departments AS d ON p.profile_department_id=d.department_id
- LEFT JOIN " . TAB_PREFIX . "users AS u ON p.profile_user_id=u.user_id
- WHERE p.profile_id='" . (int) $id . "'" );
- return $this->db->get_row();
- }
- protected function personListsAssign()
- {
- // pass positions and departments lists and to tpl
- $positions = DbUtils::getAssocFromTab( TAB_PREFIX . "positions",'position_id','position_title' );
- $this->smarty->assign( 'positions',$positions );
- $departments = DbUtils::getAssocFromTab( TAB_PREFIX . "departments",'department_id','department_title' );
- $this->smarty->assign( 'departments',$departments );
- }
- /**
- * method cleans search keyword
- *
- * @param string $word
- * @return string
- */
- protected function processWord( $word )
- {
- $word = trim( urldecode( $word ) );
- FileIO::include_file( PATH . 'base/filter/FilterChain.php' );
- $fc = new FilterChain();
- $fc->addFilter( "HtmlTagsFilter" )->addFilter( "CropFilter",array( 'size' => 50 ) );
- return $fc->filter( $word );
- }
- protected function deletePersonById( $id )
- {
- // at first delete profile photo from photos dir
- self::deletePhoto( $id );
- // delete profile
- $delete_profile_res = DbUtils::deleteBy( TAB_PREFIX . "user_profiles",'profile_id',(int) $id );
- // delete user account if it exists
- $user_id = $this->getUserIdByProfileId( $id );
- $delete_user_res = true;
- if ( $user_id != 0 )
- {
- $delete_user_res = DbUtils::deleteBy( TAB_PREFIX . "users",'user_id',(int) $user_id );
- }
- if ( $delete_profile_res && $delete_user_res )
- {
- $this->setMessage( 'Сотрудник успешно удален' );
- }
- else
- {
- $this->setMessage( 'В процессе удаления сотрудника возникла ошибка' );
- }
- $this->response->setHeader( "Location: " . $this->get_uri() );
- }
- public static function deletePhoto( $profile_id )
- {
- $db = DbFactory::getProduct();
- // get profile photo name
- $db->select( "SELECT profile_photo
- FROM " . TAB_PREFIX . "user_profiles
- WHERE profile_id='" . $profile_id . "'" );
- $filename = $db->get_one();
- // and if file exists delete file
- $full_path = BaseConfig::$config["photos_dir"] . $filename;
- if ( FileIO::is_file( $full_path ) )
- {
- return unlink( $full_path );
- }
- return true;
- }
- /**
- * method takes profile id from user_profiles table
- * and returns user id from users table
- *
- * @param int $profile_id
- * @return int $user_id
- */
- protected function getUserIdByProfileId( $profile_id )
- {
- $this->db->select( "SELECT profile_user_id FROM " . TAB_PREFIX . "user_profiles
- WHERE profile_id='" . (int) $profile_id . "'" );
- return (int) $this->db->get_one();
- }
- protected function getSortParams()
- {
- // try to get $order and direction sorting params from GET
- // if there is no get from options
- $order = $this->request->get( 'order','GET' );
- if ( !$order )
- {
- $order = BaseConfig::$config['default_staff_sorting_col'];
- }
- $direction = $this->request->get( 'direction','GET' );
- if ( !$direction )
- {
- $direction = BaseConfig::$config['default_staff_sorting_direction'];
- }
- return array( $order,$direction );
- }
- }
- ?>
Add Comment
Please, Sign In to add comment