Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $content = '<h1>Edit '.$user->name.'</h1>';
- if(!empty($_POST)){
- // User wants to edit
- if(
- empty($_POST['name']) ||
- empty($_POST['email']) ||
- empty($_POST['position']) ||
- empty($_POST['date_joined']) ||
- empty($_POST['address1']) ||
- empty($_POST['postcode']) ||
- empty($_POST['user_level'])
- ){
- $content .= '<p class="error">Sorry, you need to enter all of the fields marked with
- an asterix (*).</p>';
- } else {
- // Check the date
- $datearr = explode('/',$_POST['date_joined']);
- $date = mktime(0, 0, 0, $datearr[0], $datearr[1], $datearr[2]);
- if($date < 100){
- // Dodgey time
- $content .= '<p class="error">Sorry, the date you entered was invalid.</p>';
- } else {
- // Passed validation
- $this->db->query("
- UPDATE users
- SET email = ".$this->db->escape($_POST['email']).",
- name = ".$this->db->escape($_POST['name']).",
- position = ".$this->db->escape($_POST['position']).",
- date_company = ".$this->db->escape($date).",
- address1 = ".$this->db->escape($_POST['address1']).",
- address2 = ".$this->db->escape($_POST['address2']).",
- town = ".$this->db->escape($_POST['town']).",
- county = ".$this->db->escape($_POST['county']).",
- postcode = ".$this->db->escape($_POST['postcode']).",
- user_level = ".$this->db->escape($_POST['user_level'])."
- WHERE user_id = ".$this->db->escape($user_id)."
- LIMIT 1
- ");
- if(!empty($_POST['new_pass'])){
- $password = uniqid();
- $password = substr($password, 0, 8);
- $this->db->query("
- UPDATE users
- SET password = ".$this->db->escape($password)."
- WHERE user_id = ".$this->db->escape($user_id)."
- LIMIT 1
- ");
- // Email user
- $this->email->from('no-reply@officing.co.uk', 'Officing');
- $this->email->to($_POST['email']);
- $this->email->subject('Password Changed');
- $message = "Hi ".$_POST['name']."\n\n";
- $message .= "Your password for Officing.co.uk has been changed by one";
- $message .= " of your managers. Please log in and change this password";
- $message .= " to something more memorable.\n";
- $message .= "New password: ".$password."\n\n";
- $message .= "Kind Regards,\n";
- $message .= "The Officing Team\n\n--\n\n";
- $message .= "Please note that this is an automatically generated email and should not be replied to. Should you have an issue you can contact us through the support section of the web site.";
- $this->email->send();
- }
- // Upload request?
- if(!empty($_FILES['image']['tmp_name'])){
- // Grab the mime type
- if(
- $_FILES['image']['type'] != 'image/jpeg' &&
- $_FILES['image']['type'] != 'image/jpg' &&
- $_FILES['image']['type'] != 'image/png' &&
- $_FILES['image']['type'] != 'image/gif'
- ){
- redirect('users/add_success/image_mime');
- } else {
- // Check file size
- if($_FILES['image']['size'] > 2097152){
- redirect('users/add_success/file_size');
- } else {
- // All is well, move the image
- $uploaddir = ABSDIR . 'images/companies/'.$_SESSION['user']['company_id'].'/';
- // Grab the extension
- $pathinfo = pathinfo($_FILES['image']['name']);
- $filename = uniqid() . time() .'.'. $pathinfo['extension'];
- // Move the image
- if(!@move_uploaded_file($_FILES['image']['tmp_name'], $uploaddir . $filename)){
- redirect('users/add_success/error_upload');
- } else {
- // Resize the image
- exec("/usr/bin/mogrify -resize 600x '".$uploaddir . $filename."'");
- // Make 2 copies
- copy($uploaddir . $filename, $uploaddir . 'thumb_'.$filename);
- copy($uploaddir . $filename, $uploaddir . 'small_'.$filename);
- // Resize copies
- exec("/usr/bin/mogrify -resize 150x '".$uploaddir .'thumb_'. $filename."'");
- exec("/usr/bin/mogrify -resize 50x '".$uploaddir .'small_'. $filename."'");
- // Update the entry
- $this->db->query("
- UPDATE users
- SET img = ".$this->db->escape($filename)."
- WHERE user_id = ".$this->db->escape($user_id)."
- LIMIT 1
- ");
- }
- }
- }
- }
- // Redrect user
- redirect('users/add_success');
- }
- }
- }
- if(empty($user->img)){
- $image = site_url('images/thumb_nophoto.jpg');
- } else {
- $image = site_url('images/companies/'.$_SESSION['user']['company_id'].'/thumb_'.$user->img.'');
- }
- $content .= '
- <p>
- Adding an employee to your company is easy, just fill out as much information
- as possible in the form below. Fields marked with an asterix (*) must be filled
- in. As soon as you complete this form we will automatically e-mail the new employee
- with their log in details.
- </p>
- <form action="" method="post" enctype="multipart/form-data">
- <label>Name *</label>
- <input type="text" name="name" value="'.(empty($_POST['name']) ? $user->name : $_POST['name']).'" />
- <label>Email *</label>
- <input type="text" name="email" value="'.(empty($_POST['email']) ? $user->email : $_POST['email']).'" />
- <label>Reset Password? <span>We will email a new password to the employee</span></label>
- <input type="checkbox" name="new_pass" value="1" '.empty($_POST['new_pass']) ? '' : ' checked="checked"'.' />
- <label>Position within the company (eg. Sales Administrator) *</label>
- <input type="text" name="position" value="'.(empty($_POST['position']) ? $user->position : $_POST['position']).'" />
- <label>Date Joined *</label>
- <input type="text" readonly name="date_joined" id="date_joined" value="'.(empty($_POST['date_joined']) ? date('m/d/Y',$user->date_company) : $_POST['date_joined']).'" />
- <label>Address *</label>
- <input type="text" name="address1" value="'.(empty($_POST['address1']) ? $user->address1 : $_POST['address1']).'" />
- <input type="text" name="address2" value="'.(empty($_POST['address2']) ? $user->address2 : $_POST['address2']).'" />
- <label>Town/City</label>
- <input type="text" name="town" value="'.(empty($_POST['town']) ? $user->town : $_POST['town']).'" />
- <label>County</label>
- <input type="text" name="county" value="'.(empty($_POST['county']) ? $user->county : $_POST['county']).'" />
- <label>Postcode *</label>
- <input type="text" name="postcode" value="'.(empty($_POST['postcode']) ? $user->postcode : $_POST['postcode']).'" />
- <p class="help" style="float:right;width:400px">
- <strong>Managers</strong> are able to see all holidays and sick days of employees and have
- more privledges than normal employees.
- </p>
- <label>User Level *</label>
- <select name="user_level">
- <option value="1">Normal Employee</option>
- <option value="2">Manager</option>
- </select>
- <label>Photo <span>This optional photo must be below 2MB</span></label>
- <img src="'.$image.'" alt="User Photo" style="float:left;margin:0 5px 5px 15px;border:1px solid #000;" />
- <input type="file" name="image" />
- <br clear="both" />
- <button type="submit">Add employee</button>
- </form>
- ';
- var_dump($content);
- ?>
Add Comment
Please, Sign In to add comment