API tools faq
paste
Guest User

Untitled

a guest
Jul 16th, 2018
234
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.30 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. $content = '<h1>Edit '.$user->name.'</h1>';
  4.  
  5. if(!empty($_POST)){
  6.  
  7. // User wants to edit
  8. if(
  9. empty($_POST['name']) ||
  10. empty($_POST['email']) ||
  11. empty($_POST['position']) ||
  12. empty($_POST['date_joined']) ||
  13. empty($_POST['address1']) ||
  14. empty($_POST['postcode']) ||
  15. empty($_POST['user_level'])
  16. ){
  17. $content .= '<p class="error">Sorry, you need to enter all of the fields marked with
  18. an asterix (*).</p>';
  19. } else {
  20. // Check the date
  21. $datearr = explode('/',$_POST['date_joined']);
  22. $date = mktime(0, 0, 0, $datearr[0], $datearr[1], $datearr[2]);
  23. if($date < 100){
  24. // Dodgey time
  25. $content .= '<p class="error">Sorry, the date you entered was invalid.</p>';
  26. } else {
  27.  
  28. // Passed validation
  29. $this->db->query("
  30. UPDATE users
  31. SET email = ".$this->db->escape($_POST['email']).",
  32. name = ".$this->db->escape($_POST['name']).",
  33. position = ".$this->db->escape($_POST['position']).",
  34. date_company = ".$this->db->escape($date).",
  35. address1 = ".$this->db->escape($_POST['address1']).",
  36. address2 = ".$this->db->escape($_POST['address2']).",
  37. town = ".$this->db->escape($_POST['town']).",
  38. county = ".$this->db->escape($_POST['county']).",
  39. postcode = ".$this->db->escape($_POST['postcode']).",
  40. user_level = ".$this->db->escape($_POST['user_level'])."
  41. WHERE user_id = ".$this->db->escape($user_id)."
  42. LIMIT 1
  43. ");
  44.  
  45. if(!empty($_POST['new_pass'])){
  46. $password = uniqid();
  47. $password = substr($password, 0, 8);
  48. $this->db->query("
  49. UPDATE users
  50. SET password = ".$this->db->escape($password)."
  51. WHERE user_id = ".$this->db->escape($user_id)."
  52. LIMIT 1
  53. ");
  54. // Email user
  55. $this->email->from('no-reply@officing.co.uk', 'Officing');
  56. $this->email->to($_POST['email']);
  57. $this->email->subject('Password Changed');
  58. $message = "Hi ".$_POST['name']."\n\n";
  59. $message .= "Your password for Officing.co.uk has been changed by one";
  60. $message .= " of your managers. Please log in and change this password";
  61. $message .= " to something more memorable.\n";
  62. $message .= "New password: ".$password."\n\n";
  63. $message .= "Kind Regards,\n";
  64. $message .= "The Officing Team\n\n--\n\n";
  65. $message .= "Please note that this is an automatically generated email and should not be replied to. Should you have an issue you can contact us through the support section of the web site.";
  66. $this->email->send();
  67. }
  68.  
  69. // Upload request?
  70. if(!empty($_FILES['image']['tmp_name'])){
  71. // Grab the mime type
  72. if(
  73. $_FILES['image']['type'] != 'image/jpeg' &&
  74. $_FILES['image']['type'] != 'image/jpg' &&
  75. $_FILES['image']['type'] != 'image/png' &&
  76. $_FILES['image']['type'] != 'image/gif'
  77. ){
  78. redirect('users/add_success/image_mime');
  79. } else {
  80. // Check file size
  81. if($_FILES['image']['size'] > 2097152){
  82. redirect('users/add_success/file_size');
  83. } else {
  84. // All is well, move the image
  85. $uploaddir = ABSDIR . 'images/companies/'.$_SESSION['user']['company_id'].'/';
  86. // Grab the extension
  87. $pathinfo = pathinfo($_FILES['image']['name']);
  88. $filename = uniqid() . time() .'.'. $pathinfo['extension'];
  89. // Move the image
  90. if(!@move_uploaded_file($_FILES['image']['tmp_name'], $uploaddir . $filename)){
  91. redirect('users/add_success/error_upload');
  92. } else {
  93. // Resize the image
  94. exec("/usr/bin/mogrify -resize 600x '".$uploaddir . $filename."'");
  95. // Make 2 copies
  96. copy($uploaddir . $filename, $uploaddir . 'thumb_'.$filename);
  97. copy($uploaddir . $filename, $uploaddir . 'small_'.$filename);
  98. // Resize copies
  99. exec("/usr/bin/mogrify -resize 150x '".$uploaddir .'thumb_'. $filename."'");
  100. exec("/usr/bin/mogrify -resize 50x '".$uploaddir .'small_'. $filename."'");
  101.  
  102. // Update the entry
  103. $this->db->query("
  104. UPDATE users
  105. SET img = ".$this->db->escape($filename)."
  106. WHERE user_id = ".$this->db->escape($user_id)."
  107. LIMIT 1
  108. ");
  109. }
  110. }
  111. }
  112. }
  113. // Redrect user
  114. redirect('users/add_success');
  115. }
  116. }
  117. }
  118. if(empty($user->img)){
  119. $image = site_url('images/thumb_nophoto.jpg');
  120. } else {
  121. $image = site_url('images/companies/'.$_SESSION['user']['company_id'].'/thumb_'.$user->img.'');
  122. }
  123. $content .= '
  124. <p>
  125. Adding an employee to your company is easy, just fill out as much information
  126. as possible in the form below. Fields marked with an asterix (*) must be filled
  127. in. As soon as you complete this form we will automatically e-mail the new employee
  128. with their log in details.
  129. </p>
  130. <form action="" method="post" enctype="multipart/form-data">
  131. <label>Name *</label>
  132. <input type="text" name="name" value="'.(empty($_POST['name']) ? $user->name : $_POST['name']).'" />
  133.  
  134. <label>Email *</label>
  135. <input type="text" name="email" value="'.(empty($_POST['email']) ? $user->email : $_POST['email']).'" />
  136.  
  137. <label>Reset Password? <span>We will email a new password to the employee</span></label>
  138. <input type="checkbox" name="new_pass" value="1" '.empty($_POST['new_pass']) ? '' : ' checked="checked"'.' />
  139.  
  140. <label>Position within the company (eg. Sales Administrator) *</label>
  141. <input type="text" name="position" value="'.(empty($_POST['position']) ? $user->position : $_POST['position']).'" />
  142.  
  143. <label>Date Joined *</label>
  144. <input type="text" readonly name="date_joined" id="date_joined" value="'.(empty($_POST['date_joined']) ? date('m/d/Y',$user->date_company) : $_POST['date_joined']).'" />
  145.  
  146. <label>Address *</label>
  147. <input type="text" name="address1" value="'.(empty($_POST['address1']) ? $user->address1 : $_POST['address1']).'" />
  148. <input type="text" name="address2" value="'.(empty($_POST['address2']) ? $user->address2 : $_POST['address2']).'" />
  149.  
  150. <label>Town/City</label>
  151. <input type="text" name="town" value="'.(empty($_POST['town']) ? $user->town : $_POST['town']).'" />
  152.  
  153. <label>County</label>
  154. <input type="text" name="county" value="'.(empty($_POST['county']) ? $user->county : $_POST['county']).'" />
  155.  
  156. <label>Postcode *</label>
  157. <input type="text" name="postcode" value="'.(empty($_POST['postcode']) ? $user->postcode : $_POST['postcode']).'" />
  158.  
  159. <p class="help" style="float:right;width:400px">
  160. <strong>Managers</strong> are able to see all holidays and sick days of employees and have
  161. more privledges than normal employees.
  162. </p>
  163.  
  164. <label>User Level *</label>
  165. <select name="user_level">
  166. <option value="1">Normal Employee</option>
  167. <option value="2">Manager</option>
  168. </select>
  169.  
  170. <label>Photo <span>This optional photo must be below 2MB</span></label>
  171. <img src="'.$image.'" alt="User Photo" style="float:left;margin:0 5px 5px 15px;border:1px solid #000;" />
  172. <input type="file" name="image" />
  173.  
  174. <br clear="both" />
  175. <button type="submit">Add employee</button>
  176. </form>
  177. ';
  178. var_dump($content);
  179.  
  180. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!