/
var
/
www
/
barefootlaw.org
/
bios2
/
manager
/
Upload File
HOME
<?php require_once('../Connections/fleetMan.php'); ?> <?php require_once("functions.php"); $api = new fleet(); ?> <?php if (!isset($_SESSION)) { session_start(); } $MM_authorizedUsers = ""; $MM_donotCheckaccess = "true"; if(isset($_SESSION['MM_UserGroup']) && !isset($access)) { $access = array(); foreach($_SESSION['MM_UserGroup'] as $item) { $access[] = $item['permission']; } } // ** Logout the current user. ** $logoutAction = $_SERVER['PHP_SELF']."?doLogout=true"; if ((isset($_SERVER['QUERY_STRING'])) && ($_SERVER['QUERY_STRING'] != "")){ $logoutAction .="&". htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_GET['doLogout'])) &&($_GET['doLogout']=="true")){ //to fully log out a visitor we need to clear the session varialbles $_SESSION['MM_Username'] = NULL; $_SESSION['MM_UserGroup'] = NULL; $_SESSION['PrevUrl'] = NULL; unset($_SESSION['MM_Username']); unset($_SESSION['MM_UserGroup']); unset($_SESSION['PrevUrl']); $logoutGoTo = "signin.php"; if ($logoutGoTo) { header("Location: $logoutGoTo"); exit; } } // *** Restrict Access To Page: Grant or deny access to this page function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { // For security, start by assuming the visitor is NOT authorized. $isValid = False; // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. // Therefore, we know that a user is NOT logged in if that Session variable is blank. if (!empty($UserName)) { // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. // Parse the strings into arrays. $arrUsers = Explode(",", $strUsers); $arrGroups = Explode(",", $strGroups); if (in_array($UserName, $arrUsers)) { $isValid = true; } // Or, you may restrict access to only certain users based on their username. if (in_array($UserGroup, $arrGroups)) { $isValid = true; } if (($strUsers == "") && true) { $isValid = true; } } return $isValid; } $MM_restrictGoTo = "signin.php"; if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) { $MM_qsChar = "?"; $MM_referrer = $_SERVER['PHP_SELF']; if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&"; if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0) $MM_referrer .= "?" . $_SERVER['QUERY_STRING']; $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer); header("Location: ". $MM_restrictGoTo); exit; } ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } mysql_select_db($database_fleetMan, $fleetMan); $query_user_info = "SELECT * FROM bios_sys_user WHERE email = '".$_SESSION['MM_Username']."'"; $user_info = mysql_query($query_user_info, $fleetMan) or die(mysql_error()); $row_user_info = mysql_fetch_assoc($user_info); $totalRows_user_info = mysql_num_rows($user_info); ?> <?php //Modules if(isset($_GET['module'])) { $name = ""; $description = ""; $data = ""; switch($_GET['module']) { case 'Manage_Category': $name = "Manage Query Categories"; $description = "Manager User Query Categories"; $new_record_link = 'add_record.php'; //table_name.field, Requre array("form_title"=>"","form_desc"=>"","form_fields"=>array(array("field","label")) $_SESSION['RecordParameters_'.$_GET['module']] = $api->retrieve_fields('bios_category','Add Category','Enter Category Information Below:'); $data = $api->get_records( "bios_category left join bios_category_sys_user on (bios_category.id = bios_category_sys_user.category) left join bios_category b1 on (bios_category.parent_id = b1.id)", array( "bios_category.id as _id", "bios_category.short_name as `Short Name`", "bios_category.long_name as `Descriptive Name`", "b1.short_name as `Parent Category`", "DATE_FORMAT(bios_category._when_added,'%d %b %Y %h:%i %p') as `When Added`" ), "where bios_category._status = '1'"); break; case 'BFL_Users': $name = "Manage System Users"; $description = "Manage Users"; $_SESSION['RecordParameters_'.$_GET['module']] = $api->retrieve_fields('bios_sys_user','Add User','Add User Information Below:'); $data = $api->get_records("bios_sys_user", array("id as _id", "name as `Name`", "email as `Email`", "phone as `Phone Number`", "DATE_FORMAT(bios_sys_user._when_added,'%d %b %Y %h:%i %p') as `When Added`" ), "where _status = '1'" ); break; case 'User_Permission': $name = "Manage User Permissions"; $description = "Manage System Permissions per User"; $_SESSION['RecordParameters_'.$_GET['module']] = $api->retrieve_fields('bios_user_permission','Assign Permissions','Enter Information Below:'); $data = $api->get_records("bios_user_permission join bios_sys_user on (bios_user_permission.user = bios_sys_user.id)", array( "bios_user_permission.id as _id", "bios_sys_user.name as `User`", "bios_user_permission.permission as Permission", "DATE_FORMAT(bios_user_permission._when_added,'%d %b %Y %h:%i %p') as `When Added`" ), "where bios_user_permission._status = '1'"); break; // / case 'User_Categories': $name = "Manage User Categories"; $description = "Manage User Categories"; $_SESSION['RecordParameters_'.$_GET['module']] = $api->retrieve_fields('bios_category_sys_user','Assign User to Category','Enter Information Below:'); $data = $api->get_records("bios_category_sys_user join bios_category on (bios_category_sys_user.category = bios_category.id) left join bios_sys_user on (bios_sys_user.id = bios_category_sys_user.user)", array( "bios_category_sys_user.id as _id", "bios_sys_user.name as `User`", "bios_category.short_name as `Category`", "DATE_FORMAT(bios_category_sys_user._when_added,'%d %b %Y %h:%i %p') as `When Added`"), "where bios_category_sys_user._status = '1'"); break; case 'Manage_User_Query': $name = "User Posts"; $description = "Manage User Categories"; //$_SESSION['RecordParameters_'.$_GET['module']] = $api->retrieve_fields('bios_category_sys_user','Assign User to Category','Enter Information Below:'); $data = $api->get_records("bios_user join bios_issue_tracker on (bios_user.id = bios_issue_tracker.user) left join bios_category on (bios_category.id = bios_issue_tracker.category) left join bios_user u1 on (u1.id = bios_issue_tracker.staff_assigned)", array( "concat('<a href=\"reply.php?id=',bios_issue_tracker.id,'\" class=\"other_page\" title=\"Add Response \ Modify Status\">BFL',bios_issue_tracker.id,'</a>') as `Issue ID`", "concat(bios_user.fname,' ',bios_user.lname) as `Name`", "bios_category.short_name as `Issue Type`", "concat(u1.fname,' ',u1.lname) as `Staff Assigned`", "DATE_FORMAT(bios_issue_tracker.log_date,'%d %b %Y %h:%i %p') as `Date Opened`", "bios_issue_tracker.status as `Status`" ), "where 1"); break; case 'View_Message_Log': $name = "View Message Log".(isset($_GET['type']) ? " - ".strtoupper($_GET['type']) : ""); $description = "Message Log"; //$_SESSION['RecordParameters_'.$_GET['module']] = $api->retrieve_fields('bios_category_sys_user','Assign User to Category','Enter Information Below:'); $hack = array("General Inquiry","Msme Garage","Land"); $data = $api->get_records("bios_message join bios_user on (bios_message.sender_id = bios_user.id) left join bios_category on (bios_message.category = bios_category.id)", array( "concat('<a href=\"reply.php?id=',bios_user.id,'\" class=\"other_page\" title=\"Add Response \ Modify Status\">',concat(bios_user.fname,' ',bios_user.lname),'</a>') as `Sender`", "bios_message.recipient as `Channel`", "count(bios_message.message) as `Message(s)`", "'".$hack[rand(0,sizeof($hack))]."' as `Current Category`", "DATE_FORMAT(max(bios_message.send_date),'%d %b %Y %h:%i %p') as `Last Update`"), "where bios_message._status = '1' ".(isset($_GET['type']) ? "and bios_message.channel = '".mysql_real_escape_string($_GET['type'])."' " : "")."group by bios_message.sender_id order by bios_message.send_date desc"); break; case 'Manage_BFL_User': $name = "Manage User Information"; $description = "Message Log"; $_SESSION['RecordParameters_'.$_GET['module']] = $api->retrieve_fields('bios_user','Assign Barefoot Law User / Customer','Enter Information Below:'); $data = $api->get_records("bios_user", array( "bios_user.id as _id", "concat(bios_user.fname,' ',bios_user.lname) as `Sender`", "bios_user.gender as `Sex`", "bios_user.email as `Email`", "bios_user.phone as `Phone Number`", "bios_user.dob as `Date of Birth`", "bios_user.locale as `Locality`", "DATE_FORMAT(bios_user.last_update,'%d %b %Y %h:%i %p') as `Last Update`"), "where bios_user._status = '1' order by bios_user.fname asc"); break; default: echo "Please check connection"; exit; $name = "Store Reports"; $description = "Store Report Templates"; //$_SESSION['RecordParameters'] = $api->retrieve_fields('alert_type','Add Alert Type','Enter Information Below'); $data = $api->get_records("alert_type",array("alert_type.id as `_id`","alert_type.alert_type as `Alert Type`"),"where alert_type.`_status` = '1'"); break; } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0"> <meta name="description" content=""> <meta name="author" content=""> <!--<link rel="shortcut icon" href="../images/favicon.png" type="image/png">--> <title><?php echo $api->site_name; ?></title> <link rel="stylesheet" href="../lib/fontawesome/css/font-awesome.css"> <link rel="stylesheet" href="../lib/weather-icons/css/weather-icons.css"> <link rel="stylesheet" href="../lib/jquery-toggles/toggles-full.css"> <link rel="stylesheet" href="../lib/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.css"> <link rel="stylesheet" href="../lib/select2/select2.css"> <link rel="stylesheet" href="fancybox/source/jquery.fancybox.css?v=2.1.5" type="text/css" media="screen" /> <link rel="stylesheet" href="../css/quirk.css"> <script src="/lib/modernizr/modernizr.js"></script> <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries --> <!--[if lt IE 9]> <script src="../lib/html5shiv/html5shiv.js"></script> <script src="../lib/respond/respond.src.js"></script> <![endif]--> </head> <body class="_120-deg"> <header> <?php include('header.php'); ?> </header> <section> <div class="leftpanel"> <?php include('menu.php'); ?><!-- leftpanelinner --> </div><!-- leftpanel --> <div class="mainpanel"> <div class="contentpanel"> <div class="panel"> <div class="panel-heading"> <h4 class="panel-title"><?php echo $name ?> <?php if((isset($_SESSION['RecordParameters_'.$_GET['module']]) && $_SESSION['RecordParameters_'.$_GET['module']] != "") || (isset($extra_buttons) && sizeof($extra_buttons) > 0)) { ?> <div class="btn-group"> <button type="button" class="btn btn-success dropdown-toggle" data-toggle="dropdown"> Select Action <span class="caret"></span> </button> <ul class="dropdown-menu" role="menu"> <?php if(isset($_SESSION['RecordParameters_'.$_GET['module']]) && $_SESSION['RecordParameters_'.$_GET['module']] != "") { ?> <li><a href="#" class="new_record">Add New Record</a></li> <?php } ?> <?php if(isset($extra_buttons) && sizeof($extra_buttons) > 0) { foreach($extra_buttons as $item) { ?> <li><a href="<?php echo $item['link']; ?>" class="edit_record"><?php echo $item['label']; ?></a></li> <?php } } ?> </ul> </div> <?php } ?> </h4> <p><?php echo $description; ?></p> </div> <div class="panel-body"> <div class="table-responsive"> <?php if(sizeof($data) > 0) { ?> <table id="dataTable1" class="table table-bordered table-striped-col"> <thead> <tr> <?php $keys = array_keys($data[0]); foreach($keys as $header) { if(strtolower(substr($header,0,1)) != "_") { $json = json_decode($header, true); if(sizeof($json) > 0) { $header = $json['label']; } ?> <th><?php echo $header; ?></th> <?php } } ?> <?php if($api->table_name != "") { ?> <th>ACTION</th> <?php } ?> </tr> </thead> <tfoot> <tr> <?php foreach($keys as $footer) { if(strtolower(substr($footer,0,1)) != "_") { $json = json_decode($footer, true); if(sizeof($json) > 0) { $footer = $json['label']; } ?> <th><?php echo $footer; ?></th> <?php } } ?> <?php if($api->table_name != "") { ?> <th>ACTION</th> <?php } ?> </tr> </tfoot> <tbody> <?php foreach ($data as $record) { $pk = $record['_id']; $lock = isset($record['_edit_lock']) ? $record['_edit_lock'] : "Yes"; $rKey = array_keys($record); foreach($rKey as $kItem) { if(substr($kItem,0,1) == "_") { $record[$kItem] = null; unset($record[$kItem]); } $json = json_decode($kItem, true); if(sizeof($json) > 0) { $record[$kItem] = $api->$json['parse']($record[$kItem]); } } ?> <tr id="row<?php echo $pk; ?>"> <?php foreach($record as $record_item) { ?> <td><?php echo $record_item; ?></td> <?php } ?> <?php if($api->table_name != "") { ?> <td> <?php if($lock != "No") { ?> <a href="edit_record.php?pk=<?php echo $pk; ?>&module=<?php echo $_GET['module']; ?>" class="edit_record"><img src="icons/edit.png" width="20" height="20" alt="Edit Record"></a> <?php } ?> <?php if($lock != "No") { ?> <img src="icons/delete.png" width="20" height="20" alt="Delete Record" onClick="clear_record('<?php echo $pk; ?>')"></td> <?php } ?> <?php } ?> </tr> <?php } ?> </tbody> </table> <?php } ?> </div> </div> </div><!-- panel --><!-- panel --> </div><!-- contentpanel --> </div><!-- mainpanel --> </section> <script src="../lib/jquery/jquery.js"></script> <script src="../lib/jquery-ui/jquery-ui.js"></script> <script src="../lib/bootstrap/js/bootstrap.js"></script> <script src="../lib/jquery-toggles/toggles.js"></script> <script src="../lib/datatables/jquery.dataTables.js"></script> <script src="../lib/datatables-plugins/integration/bootstrap/3/dataTables.bootstrap.js"></script> <script src="../lib/select2/select2.js"></script> <script src="../js/quirk.js"></script> <script> $(document).ready(function() { 'use strict'; $('#dataTable1').DataTable({ 'order': [] }); var exRowTable = $('#exRowTable').DataTable({ responsive: true, 'fnDrawCallback': function(oSettings) { $('#exRowTable_paginate ul').addClass('pagination-active-success'); }, 'ajax': 'ajax/objects.txt', 'columns': [{ 'class': 'details-control', 'orderable': false, 'data': null, 'defaultContent': '' }, { 'data': 'name' }, { 'data': 'position' }, { 'data': 'office' }, { 'data': 'start_date'}, { 'data': 'salary' } ], 'order': [] }); // Add event listener for opening and closing details $('#exRowTable tbody').on('click', 'td.details-control', function () { var tr = $(this).closest('tr'); var row = exRowTable.row( tr ); if ( row.child.isShown() ) { // This row is already open - close it row.child.hide(); tr.removeClass('shown'); } else { // Open this row row.child( format(row.data()) ).show(); tr.addClass('shown'); } }); function format (d) { // `d` is the original data object for the row return '<h4>'+d.name+'<small>'+d.position+'</small></h4>'+ '<p class="nomargin">Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.</p>'; } // Select2 $('select').select2({ minimumResultsForSearch: Infinity }); }); </script> <script type="text/javascript" src="fancybox/source/jquery.fancybox.pack.js?v=2.1.5"></script> <script type="text/javascript"> $('.fancybox').fancybox(); $(".new_record").fancybox({ href : 'add_record.php?module=<?php echo $_GET['module']; ?>', type : 'iframe', autoScale: 'true', topRatio : 0, padding : 5/*, afterClose : function () { parent.location.reload(true); }*/ }); $(".edit_record").fancybox({ type : 'iframe', autoScale: 'true', topRatio : 0, padding : 5/*, afterClose : function () { parent.location.reload(true); }*/ }); $(".other_page").fancybox({ type : 'iframe', autoScale: 'true', topRatio : 0, padding : 5, }); $(".additional").fancybox({ type : 'iframe', autoScale: 'true', topRatio : 0, padding : 5 }); </script> <script type="text/javascript"> function clear_record(pk) { $.getJSON("json_async.php?action=delete&key="+pk+"&entity="+pk+"<?php echo sha1($api->table_name); ?>"+pk, function(result){ if(result.status == "1") { $("#row"+pk).css("visibility","hidden"); } else { alert("Delete failed. Please try again."); } }); } </script> </body> </html> <?php mysql_free_result($user_info); ?>