aboutsummaryrefslogtreecommitdiffstats
path: root/public/admin/controller/user
diff options
context:
space:
mode:
authorJesús <heckyel@hyperbola.info>2019-08-18 21:14:58 -0500
committerJesús <heckyel@hyperbola.info>2019-08-18 21:14:58 -0500
commit2eed7b082f83630301e51f57ca8394de228a8605 (patch)
tree1d19962d22d30f99317d9276e4bae7744fc93fc2 /public/admin/controller/user
downloadlibrecart-2eed7b082f83630301e51f57ca8394de228a8605.tar.lz
librecart-2eed7b082f83630301e51f57ca8394de228a8605.tar.xz
librecart-2eed7b082f83630301e51f57ca8394de228a8605.zip
first commit
Diffstat (limited to 'public/admin/controller/user')
-rw-r--r--public/admin/controller/user/api.php417
-rw-r--r--public/admin/controller/user/user.php495
-rw-r--r--public/admin/controller/user/user_permission.php409
3 files changed, 1321 insertions, 0 deletions
diff --git a/public/admin/controller/user/api.php b/public/admin/controller/user/api.php
new file mode 100644
index 0000000..c07c628
--- /dev/null
+++ b/public/admin/controller/user/api.php
@@ -0,0 +1,417 @@
+<?php
+class ControllerUserApi extends Controller {
+ private $error = array();
+
+ public function index() {
+ $this->load->language('user/api');
+
+ $this->document->setTitle($this->language->get('heading_title'));
+
+ $this->load->model('user/api');
+
+ $this->getList();
+ }
+
+ public function add() {
+ $this->load->language('user/api');
+
+ $this->document->setTitle($this->language->get('heading_title'));
+
+ $this->load->model('user/api');
+
+ if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validateForm()) {
+ $this->model_user_api->addApi($this->request->post);
+
+ $this->session->data['success'] = $this->language->get('text_success');
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $this->response->redirect($this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url, true));
+ }
+
+ $this->getForm();
+ }
+
+ public function edit() {
+ $this->load->language('user/api');
+
+ $this->document->setTitle($this->language->get('heading_title'));
+
+ $this->load->model('user/api');
+
+ if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validateForm()) {
+ $this->model_user_api->editApi($this->request->get['api_id'], $this->request->post);
+
+ $this->session->data['success'] = $this->language->get('text_success');
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $this->response->redirect($this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url, true));
+ }
+
+ $this->getForm();
+ }
+
+ public function delete() {
+ $this->load->language('user/api');
+
+ $this->document->setTitle($this->language->get('heading_title'));
+
+ $this->load->model('user/api');
+
+ if (isset($this->request->post['selected']) && $this->validateDelete()) {
+ foreach ($this->request->post['selected'] as $api_id) {
+ $this->model_user_api->deleteApi($api_id);
+ }
+
+ $this->session->data['success'] = $this->language->get('text_success');
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $this->response->redirect($this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url, true));
+ }
+
+ $this->getList();
+ }
+
+ protected function getList() {
+ if (isset($this->request->get['sort'])) {
+ $sort = $this->request->get['sort'];
+ } else {
+ $sort = 'username';
+ }
+
+ if (isset($this->request->get['order'])) {
+ $order = $this->request->get['order'];
+ } else {
+ $order = 'ASC';
+ }
+
+ if (isset($this->request->get['page'])) {
+ $page = $this->request->get['page'];
+ } else {
+ $page = 1;
+ }
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $data['breadcrumbs'] = array();
+
+ $data['breadcrumbs'][] = array(
+ 'text' => $this->language->get('text_home'),
+ 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true)
+ );
+
+ $data['breadcrumbs'][] = array(
+ 'text' => $this->language->get('heading_title'),
+ 'href' => $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url, true)
+ );
+
+ $data['add'] = $this->url->link('user/api/add', 'user_token=' . $this->session->data['user_token'] . $url, true);
+ $data['delete'] = $this->url->link('user/api/delete', 'user_token=' . $this->session->data['user_token'] . $url, true);
+
+ $data['apis'] = array();
+
+ $filter_data = array(
+ 'sort' => $sort,
+ 'order' => $order,
+ 'start' => ($page - 1) * $this->config->get('config_limit_admin'),
+ 'limit' => $this->config->get('config_limit_admin')
+ );
+
+ $user_total = $this->model_user_api->getTotalApis();
+
+ $results = $this->model_user_api->getApis($filter_data);
+
+ foreach ($results as $result) {
+ $data['apis'][] = array(
+ 'api_id' => $result['api_id'],
+ 'username' => $result['username'],
+ 'status' => ($result['status'] ? $this->language->get('text_enabled') : $this->language->get('text_disabled')),
+ 'date_added' => date($this->language->get('date_format_short'), strtotime($result['date_added'])),
+ 'date_modified' => date($this->language->get('date_format_short'), strtotime($result['date_modified'])),
+ 'edit' => $this->url->link('user/api/edit', 'user_token=' . $this->session->data['user_token'] . '&api_id=' . $result['api_id'] . $url, true)
+ );
+ }
+
+ if (isset($this->error['warning'])) {
+ $data['error_warning'] = $this->error['warning'];
+ } else {
+ $data['error_warning'] = '';
+ }
+
+ if (isset($this->session->data['success'])) {
+ $data['success'] = $this->session->data['success'];
+
+ unset($this->session->data['success']);
+ } else {
+ $data['success'] = '';
+ }
+
+ if (isset($this->request->post['selected'])) {
+ $data['selected'] = (array)$this->request->post['selected'];
+ } else {
+ $data['selected'] = array();
+ }
+
+ $url = '';
+
+ if ($order == 'ASC') {
+ $url .= '&order=DESC';
+ } else {
+ $url .= '&order=ASC';
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $data['sort_username'] = $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . '&sort=username' . $url, true);
+ $data['sort_status'] = $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . '&sort=status' . $url, true);
+ $data['sort_date_added'] = $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . '&sort=date_added' . $url, true);
+ $data['sort_date_modified'] = $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . '&sort=date_modified' . $url, true);
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ $pagination = new Pagination();
+ $pagination->total = $user_total;
+ $pagination->page = $page;
+ $pagination->limit = $this->config->get('config_limit_admin');
+ $pagination->url = $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url . '&page={page}', true);
+
+ $data['pagination'] = $pagination->render();
+
+ $data['results'] = sprintf($this->language->get('text_pagination'), ($user_total) ? (($page - 1) * $this->config->get('config_limit_admin')) + 1 : 0, ((($page - 1) * $this->config->get('config_limit_admin')) > ($user_total - $this->config->get('config_limit_admin'))) ? $user_total : ((($page - 1) * $this->config->get('config_limit_admin')) + $this->config->get('config_limit_admin')), $user_total, ceil($user_total / $this->config->get('config_limit_admin')));
+
+ $data['sort'] = $sort;
+ $data['order'] = $order;
+
+ $data['header'] = $this->load->controller('common/header');
+ $data['column_left'] = $this->load->controller('common/column_left');
+ $data['footer'] = $this->load->controller('common/footer');
+
+ $this->response->setOutput($this->load->view('user/api_list', $data));
+ }
+
+ protected function getForm() {
+ $data['text_form'] = !isset($this->request->get['api_id']) ? $this->language->get('text_add') : $this->language->get('text_edit');
+ $data['text_ip'] = sprintf($this->language->get('text_ip'), $this->request->server['REMOTE_ADDR']);
+
+ $data['user_token'] = $this->session->data['user_token'];
+
+ if (isset($this->error['warning'])) {
+ $data['error_warning'] = $this->error['warning'];
+ } else {
+ $data['error_warning'] = '';
+ }
+
+ if (isset($this->error['username'])) {
+ $data['error_username'] = $this->error['username'];
+ } else {
+ $data['error_username'] = '';
+ }
+
+ if (isset($this->error['key'])) {
+ $data['error_key'] = $this->error['key'];
+ } else {
+ $data['error_key'] = '';
+ }
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $data['breadcrumbs'] = array();
+
+ $data['breadcrumbs'][] = array(
+ 'text' => $this->language->get('text_home'),
+ 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true)
+ );
+
+ $data['breadcrumbs'][] = array(
+ 'text' => $this->language->get('heading_title'),
+ 'href' => $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url, true)
+ );
+
+ if (!isset($this->request->get['api_id'])) {
+ $data['action'] = $this->url->link('user/api/add', 'user_token=' . $this->session->data['user_token'] . $url, true);
+ } else {
+ $data['action'] = $this->url->link('user/api/edit', 'user_token=' . $this->session->data['user_token'] . '&api_id=' . $this->request->get['api_id'] . $url, true);
+ }
+
+ $data['cancel'] = $this->url->link('user/api', 'user_token=' . $this->session->data['user_token'] . $url, true);
+
+ if (isset($this->request->get['api_id']) && ($this->request->server['REQUEST_METHOD'] != 'POST')) {
+ $api_info = $this->model_user_api->getApi($this->request->get['api_id']);
+ }
+
+ if (isset($this->request->post['username'])) {
+ $data['username'] = $this->request->post['username'];
+ } elseif (!empty($api_info)) {
+ $data['username'] = $api_info['username'];
+ } else {
+ $data['username'] = '';
+ }
+
+ if (isset($this->request->post['key'])) {
+ $data['key'] = $this->request->post['key'];
+ } elseif (!empty($api_info)) {
+ $data['key'] = $api_info['key'];
+ } else {
+ $data['key'] = '';
+ }
+
+ if (isset($this->request->post['status'])) {
+ $data['status'] = $this->request->post['status'];
+ } elseif (!empty($api_info)) {
+ $data['status'] = $api_info['status'];
+ } else {
+ $data['status'] = 0;
+ }
+
+ // IP
+ if (isset($this->request->post['api_ip'])) {
+ $data['api_ips'] = $this->request->post['api_ip'];
+ } elseif (isset($this->request->get['api_id'])) {
+ $data['api_ips'] = $this->model_user_api->getApiIps($this->request->get['api_id']);
+ } else {
+ $data['api_ips'] = array();
+ }
+
+ // Session
+ $data['api_sessions'] = array();
+
+ if (isset($this->request->get['api_id'])) {
+ $results = $this->model_user_api->getApiSessions($this->request->get['api_id']);
+
+ foreach ($results as $result) {
+ $data['api_sessions'][] = array(
+ 'api_session_id' => $result['api_session_id'],
+ 'session_id' => $result['session_id'],
+ 'ip' => $result['ip'],
+ 'date_added' => date($this->language->get('datetime_format'), strtotime($result['date_added'])),
+ 'date_modified' => date($this->language->get('datetime_format'), strtotime($result['date_modified']))
+ );
+ }
+ }
+
+ $data['header'] = $this->load->controller('common/header');
+ $data['column_left'] = $this->load->controller('common/column_left');
+ $data['footer'] = $this->load->controller('common/footer');
+
+ $this->response->setOutput($this->load->view('user/api_form', $data));
+ }
+
+ protected function validateForm() {
+ if (!$this->user->hasPermission('modify', 'user/user')) {
+ $this->error['warning'] = $this->language->get('error_permission');
+ }
+
+ if ((utf8_strlen(trim($this->request->post['username'])) < 3) || (utf8_strlen(trim($this->request->post['username'])) > 64)) {
+ $this->error['username'] = $this->language->get('error_username');
+ }
+
+ if ((utf8_strlen($this->request->post['key']) < 64) || (utf8_strlen($this->request->post['key']) > 256)) {
+ $this->error['key'] = $this->language->get('error_key');
+ }
+
+ if (!isset($this->error['warning']) && !isset($this->request->post['api_ip'])) {
+ $this->error['warning'] = $this->language->get('error_ip');
+ }
+
+ return !$this->error;
+ }
+
+ protected function validateDelete() {
+ if (!$this->user->hasPermission('modify', 'user/api')) {
+ $this->error['warning'] = $this->language->get('error_permission');
+ }
+
+ return !$this->error;
+ }
+
+ public function deleteSession() {
+ $this->load->language('user/api');
+
+ $json = array();
+
+ if (!$this->user->hasPermission('modify', 'user/api')) {
+ $json['error'] = $this->language->get('error_permission');
+ } else {
+ $this->load->model('user/api');
+
+ $this->model_user_api->deleteApiSession($this->request->get['api_session_id']);
+
+ $json['success'] = $this->language->get('text_success');
+ }
+
+ $this->response->addHeader('Content-Type: application/json');
+ $this->response->setOutput(json_encode($json));
+ }
+}
diff --git a/public/admin/controller/user/user.php b/public/admin/controller/user/user.php
new file mode 100644
index 0000000..7bf4c61
--- /dev/null
+++ b/public/admin/controller/user/user.php
@@ -0,0 +1,495 @@
+<?php
+class ControllerUserUser extends Controller {
+ private $error = array();
+
+ public function index() {
+ $this->load->language('user/user');
+
+ $this->document->setTitle($this->language->get('heading_title'));
+
+ $this->load->model('user/user');
+
+ $this->getList();
+ }
+
+ public function add() {
+ $this->load->language('user/user');
+
+ $this->document->setTitle($this->language->get('heading_title'));
+
+ $this->load->model('user/user');
+
+ if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validateForm()) {
+ $this->model_user_user->addUser($this->request->post);
+
+ $this->session->data['success'] = $this->language->get('text_success');
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $this->response->redirect($this->url->link('user/user', 'user_token=' . $this->session->data['user_token'] . $url, true));
+ }
+
+ $this->getForm();
+ }
+
+ public function edit() {
+ $this->load->language('user/user');
+
+ $this->document->setTitle($this->language->get('heading_title'));
+
+ $this->load->model('user/user');
+
+ if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validateForm()) {
+ $this->model_user_user->editUser($this->request->get['user_id'], $this->request->post);
+
+ $this->session->data['success'] = $this->language->get('text_success');
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $this->response->redirect($this->url->link('user/user', 'user_token=' . $this->session->data['user_token'] . $url, true));
+ }
+
+ $this->getForm();
+ }
+
+ public function delete() {
+ $this->load->language('user/user');
+
+ $this->document->setTitle($this->language->get('heading_title'));
+
+ $this->load->model('user/user');
+
+ if (isset($this->request->post['selected']) && $this->validateDelete()) {
+ foreach ($this->request->post['selected'] as $user_id) {
+ $this->model_user_user->deleteUser($user_id);
+ }
+
+ $this->session->data['success'] = $this->language->get('text_success');
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $this->response->redirect($this->url->link('user/user', 'user_token=' . $this->session->data['user_token'] . $url, true));
+ }
+
+ $this->getList();
+ }
+
+ protected function getList() {
+ if (isset($this->request->get['sort'])) {
+ $sort = $this->request->get['sort'];
+ } else {
+ $sort = 'username';
+ }
+
+ if (isset($this->request->get['order'])) {
+ $order = $this->request->get['order'];
+ } else {
+ $order = 'ASC';
+ }
+
+ if (isset($this->request->get['page'])) {
+ $page = $this->request->get['page'];
+ } else {
+ $page = 1;
+ }
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $data['breadcrumbs'] = array();
+
+ $data['breadcrumbs'][] = array(
+ 'text' => $this->language->get('text_home'),
+ 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true)
+ );
+
+ $data['breadcrumbs'][] = array(
+ 'text' => $this->language->get('heading_title'),
+ 'href' => $this->url->link('user/user', 'user_token=' . $this->session->data['user_token'] . $url, true)
+ );
+
+ $data['add'] = $this->url->link('user/user/add', 'user_token=' . $this->session->data['user_token'] . $url, true);
+ $data['delete'] = $this->url->link('user/user/delete', 'user_token=' . $this->session->data['user_token'] . $url, true);
+
+ $data['users'] = array();
+
+ $filter_data = array(
+ 'sort' => $sort,
+ 'order' => $order,
+ 'start' => ($page - 1) * $this->config->get('config_limit_admin'),
+ 'limit' => $this->config->get('config_limit_admin')
+ );
+
+ $user_total = $this->model_user_user->getTotalUsers();
+
+ $results = $this->model_user_user->getUsers($filter_data);
+
+ foreach ($results as $result) {
+ $data['users'][] = array(
+ 'user_id' => $result['user_id'],
+ 'username' => $result['username'],
+ 'status' => ($result['status'] ? $this->language->get('text_enabled') : $this->language->get('text_disabled')),
+ 'date_added' => date($this->language->get('date_format_short'), strtotime($result['date_added'])),
+ 'edit' => $this->url->link('user/user/edit', 'user_token=' . $this->session->data['user_token'] . '&user_id=' . $result['user_id'] . $url, true)
+ );
+ }
+
+ if (isset($this->error['warning'])) {
+ $data['error_warning'] = $this->error['warning'];
+ } else {
+ $data['error_warning'] = '';
+ }
+
+ if (isset($this->session->data['success'])) {
+ $data['success'] = $this->session->data['success'];
+
+ unset($this->session->data['success']);
+ } else {
+ $data['success'] = '';
+ }
+
+ if (isset($this->request->post['selected'])) {
+ $data['selected'] = (array)$this->request->post['selected'];
+ } else {
+ $data['selected'] = array();
+ }
+
+ $url = '';
+
+ if ($order == 'ASC') {
+ $url .= '&order=DESC';
+ } else {
+ $url .= '&order=ASC';
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $data['sort_username'] = $this->url->link('user/user', 'user_token=' . $this->session->data['user_token'] . '&sort=username' . $url, true);
+ $data['sort_status'] = $this->url->link('user/user', 'user_token=' . $this->session->data['user_token'] . '&sort=status' . $url, true);
+ $data['sort_date_added'] = $this->url->link('user/user', 'user_token=' . $this->session->data['user_token'] . '&sort=date_added' . $url, true);
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ $pagination = new Pagination();
+ $pagination->total = $user_total;
+ $pagination->page = $page;
+ $pagination->limit = $this->config->get('config_limit_admin');
+ $pagination->url = $this->url->link('user/user', 'user_token=' . $this->session->data['user_token'] . $url . '&page={page}', true);
+
+ $data['pagination'] = $pagination->render();
+
+ $data['results'] = sprintf($this->language->get('text_pagination'), ($user_total) ? (($page - 1) * $this->config->get('config_limit_admin')) + 1 : 0, ((($page - 1) * $this->config->get('config_limit_admin')) > ($user_total - $this->config->get('config_limit_admin'))) ? $user_total : ((($page - 1) * $this->config->get('config_limit_admin')) + $this->config->get('config_limit_admin')), $user_total, ceil($user_total / $this->config->get('config_limit_admin')));
+
+ $data['sort'] = $sort;
+ $data['order'] = $order;
+
+ $data['header'] = $this->load->controller('common/header');
+ $data['column_left'] = $this->load->controller('common/column_left');
+ $data['footer'] = $this->load->controller('common/footer');
+
+ $this->response->setOutput($this->load->view('user/user_list', $data));
+ }
+
+ protected function getForm() {
+ $data['text_form'] = !isset($this->request->get['user_id']) ? $this->language->get('text_add') : $this->language->get('text_edit');
+
+ if (isset($this->error['warning'])) {
+ $data['error_warning'] = $this->error['warning'];
+ } else {
+ $data['error_warning'] = '';
+ }
+
+ if (isset($this->error['username'])) {
+ $data['error_username'] = $this->error['username'];
+ } else {
+ $data['error_username'] = '';
+ }
+
+ if (isset($this->error['password'])) {
+ $data['error_password'] = $this->error['password'];
+ } else {
+ $data['error_password'] = '';
+ }
+
+ if (isset($this->error['confirm'])) {
+ $data['error_confirm'] = $this->error['confirm'];
+ } else {
+ $data['error_confirm'] = '';
+ }
+
+ if (isset($this->error['firstname'])) {
+ $data['error_firstname'] = $this->error['firstname'];
+ } else {
+ $data['error_firstname'] = '';
+ }
+
+ if (isset($this->error['lastname'])) {
+ $data['error_lastname'] = $this->error['lastname'];
+ } else {
+ $data['error_lastname'] = '';
+ }
+
+ if (isset($this->error['email'])) {
+ $data['error_email'] = $this->error['email'];
+ } else {
+ $data['error_email'] = '';
+ }
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $data['breadcrumbs'] = array();
+
+ $data['breadcrumbs'][] = array(
+ 'text' => $this->language->get('text_home'),
+ 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true)
+ );
+
+ $data['breadcrumbs'][] = array(
+ 'text' => $this->language->get('heading_title'),
+ 'href' => $this->url->link('user/user', 'user_token=' . $this->session->data['user_token'] . $url, true)
+ );
+
+ if (!isset($this->request->get['user_id'])) {
+ $data['action'] = $this->url->link('user/user/add', 'user_token=' . $this->session->data['user_token'] . $url, true);
+ } else {
+ $data['action'] = $this->url->link('user/user/edit', 'user_token=' . $this->session->data['user_token'] . '&user_id=' . $this->request->get['user_id'] . $url, true);
+ }
+
+ $data['cancel'] = $this->url->link('user/user', 'user_token=' . $this->session->data['user_token'] . $url, true);
+
+ if (isset($this->request->get['user_id']) && ($this->request->server['REQUEST_METHOD'] != 'POST')) {
+ $user_info = $this->model_user_user->getUser($this->request->get['user_id']);
+ }
+
+ if (isset($this->request->post['username'])) {
+ $data['username'] = $this->request->post['username'];
+ } elseif (!empty($user_info)) {
+ $data['username'] = $user_info['username'];
+ } else {
+ $data['username'] = '';
+ }
+
+ if (isset($this->request->post['user_group_id'])) {
+ $data['user_group_id'] = $this->request->post['user_group_id'];
+ } elseif (!empty($user_info)) {
+ $data['user_group_id'] = $user_info['user_group_id'];
+ } else {
+ $data['user_group_id'] = '';
+ }
+
+ $this->load->model('user/user_group');
+
+ $data['user_groups'] = $this->model_user_user_group->getUserGroups();
+
+ if (isset($this->request->post['password'])) {
+ $data['password'] = $this->request->post['password'];
+ } else {
+ $data['password'] = '';
+ }
+
+ if (isset($this->request->post['confirm'])) {
+ $data['confirm'] = $this->request->post['confirm'];
+ } else {
+ $data['confirm'] = '';
+ }
+
+ if (isset($this->request->post['firstname'])) {
+ $data['firstname'] = $this->request->post['firstname'];
+ } elseif (!empty($user_info)) {
+ $data['firstname'] = $user_info['firstname'];
+ } else {
+ $data['firstname'] = '';
+ }
+
+ if (isset($this->request->post['lastname'])) {
+ $data['lastname'] = $this->request->post['lastname'];
+ } elseif (!empty($user_info)) {
+ $data['lastname'] = $user_info['lastname'];
+ } else {
+ $data['lastname'] = '';
+ }
+
+ if (isset($this->request->post['email'])) {
+ $data['email'] = $this->request->post['email'];
+ } elseif (!empty($user_info)) {
+ $data['email'] = $user_info['email'];
+ } else {
+ $data['email'] = '';
+ }
+
+ if (isset($this->request->post['image'])) {
+ $data['image'] = $this->request->post['image'];
+ } elseif (!empty($user_info)) {
+ $data['image'] = $user_info['image'];
+ } else {
+ $data['image'] = '';
+ }
+
+ $this->load->model('tool/image');
+
+ if (isset($this->request->post['image']) && is_file(DIR_IMAGE . $this->request->post['image'])) {
+ $data['thumb'] = $this->model_tool_image->resize($this->request->post['image'], 100, 100);
+ } elseif (!empty($user_info) && $user_info['image'] && is_file(DIR_IMAGE . $user_info['image'])) {
+ $data['thumb'] = $this->model_tool_image->resize($user_info['image'], 100, 100);
+ } else {
+ $data['thumb'] = $this->model_tool_image->resize('no_image.png', 100, 100);
+ }
+
+ $data['placeholder'] = $this->model_tool_image->resize('no_image.png', 100, 100);
+
+ if (isset($this->request->post['status'])) {
+ $data['status'] = $this->request->post['status'];
+ } elseif (!empty($user_info)) {
+ $data['status'] = $user_info['status'];
+ } else {
+ $data['status'] = 0;
+ }
+
+ $data['header'] = $this->load->controller('common/header');
+ $data['column_left'] = $this->load->controller('common/column_left');
+ $data['footer'] = $this->load->controller('common/footer');
+
+ $this->response->setOutput($this->load->view('user/user_form', $data));
+ }
+
+ protected function validateForm() {
+ if (!$this->user->hasPermission('modify', 'user/user')) {
+ $this->error['warning'] = $this->language->get('error_permission');
+ }
+
+ if ((utf8_strlen($this->request->post['username']) < 3) || (utf8_strlen($this->request->post['username']) > 20)) {
+ $this->error['username'] = $this->language->get('error_username');
+ }
+
+ $user_info = $this->model_user_user->getUserByUsername($this->request->post['username']);
+
+ if (!isset($this->request->get['user_id'])) {
+ if ($user_info) {
+ $this->error['warning'] = $this->language->get('error_exists_username');
+ }
+ } else {
+ if ($user_info && ($this->request->get['user_id'] != $user_info['user_id'])) {
+ $this->error['warning'] = $this->language->get('error_exists_username');
+ }
+ }
+
+ if ((utf8_strlen(trim($this->request->post['firstname'])) < 1) || (utf8_strlen(trim($this->request->post['firstname'])) > 32)) {
+ $this->error['firstname'] = $this->language->get('error_firstname');
+ }
+
+ if ((utf8_strlen(trim($this->request->post['lastname'])) < 1) || (utf8_strlen(trim($this->request->post['lastname'])) > 32)) {
+ $this->error['lastname'] = $this->language->get('error_lastname');
+ }
+
+ if ((utf8_strlen($this->request->post['email']) > 96) || !filter_var($this->request->post['email'], FILTER_VALIDATE_EMAIL)) {
+ $this->error['email'] = $this->language->get('error_email');
+ }
+
+ $user_info = $this->model_user_user->getUserByEmail($this->request->post['email']);
+
+ if (!isset($this->request->get['user_id'])) {
+ if ($user_info) {
+ $this->error['warning'] = $this->language->get('error_exists_email');
+ }
+ } else {
+ if ($user_info && ($this->request->get['user_id'] != $user_info['user_id'])) {
+ $this->error['warning'] = $this->language->get('error_exists_email');
+ }
+ }
+
+ if ($this->request->post['password'] || (!isset($this->request->get['user_id']))) {
+ if ((utf8_strlen(html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8')) < 4) || (utf8_strlen(html_entity_decode($this->request->post['password'], ENT_QUOTES, 'UTF-8')) > 40)) {
+ $this->error['password'] = $this->language->get('error_password');
+ }
+
+ if ($this->request->post['password'] != $this->request->post['confirm']) {
+ $this->error['confirm'] = $this->language->get('error_confirm');
+ }
+ }
+
+ return !$this->error;
+ }
+
+ protected function validateDelete() {
+ if (!$this->user->hasPermission('modify', 'user/user')) {
+ $this->error['warning'] = $this->language->get('error_permission');
+ }
+
+ foreach ($this->request->post['selected'] as $user_id) {
+ if ($this->user->getId() == $user_id) {
+ $this->error['warning'] = $this->language->get('error_account');
+ }
+ }
+
+ return !$this->error;
+ }
+} \ No newline at end of file
diff --git a/public/admin/controller/user/user_permission.php b/public/admin/controller/user/user_permission.php
new file mode 100644
index 0000000..d13dc57
--- /dev/null
+++ b/public/admin/controller/user/user_permission.php
@@ -0,0 +1,409 @@
+<?php
+class ControllerUserUserPermission extends Controller {
+ private $error = array();
+
+ public function index() {
+ $this->load->language('user/user_group');
+
+ $this->document->setTitle($this->language->get('heading_title'));
+
+ $this->load->model('user/user_group');
+
+ $this->getList();
+ }
+
+ public function add() {
+ $this->load->language('user/user_group');
+
+ $this->document->setTitle($this->language->get('heading_title'));
+
+ $this->load->model('user/user_group');
+
+ if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validateForm()) {
+ $this->model_user_user_group->addUserGroup($this->request->post);
+
+ $this->session->data['success'] = $this->language->get('text_success');
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $this->response->redirect($this->url->link('user/user_permission', 'user_token=' . $this->session->data['user_token'] . $url, true));
+ }
+
+ $this->getForm();
+ }
+
+ public function edit() {
+ $this->load->language('user/user_group');
+
+ $this->document->setTitle($this->language->get('heading_title'));
+
+ $this->load->model('user/user_group');
+
+ if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validateForm()) {
+ $this->model_user_user_group->editUserGroup($this->request->get['user_group_id'], $this->request->post);
+
+ $this->session->data['success'] = $this->language->get('text_success');
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $this->response->redirect($this->url->link('user/user_permission', 'user_token=' . $this->session->data['user_token'] . $url, true));
+ }
+
+ $this->getForm();
+ }
+
+ public function delete() {
+ $this->load->language('user/user_group');
+
+ $this->document->setTitle($this->language->get('heading_title'));
+
+ $this->load->model('user/user_group');
+
+ if (isset($this->request->post['selected']) && $this->validateDelete()) {
+ foreach ($this->request->post['selected'] as $user_group_id) {
+ $this->model_user_user_group->deleteUserGroup($user_group_id);
+ }
+
+ $this->session->data['success'] = $this->language->get('text_success');
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $this->response->redirect($this->url->link('user/user_permission', 'user_token=' . $this->session->data['user_token'] . $url, true));
+ }
+
+ $this->getList();
+ }
+
+ protected function getList() {
+ if (isset($this->request->get['sort'])) {
+ $sort = $this->request->get['sort'];
+ } else {
+ $sort = 'name';
+ }
+
+ if (isset($this->request->get['order'])) {
+ $order = $this->request->get['order'];
+ } else {
+ $order = 'ASC';
+ }
+
+ if (isset($this->request->get['page'])) {
+ $page = $this->request->get['page'];
+ } else {
+ $page = 1;
+ }
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $data['breadcrumbs'] = array();
+
+ $data['breadcrumbs'][] = array(
+ 'text' => $this->language->get('text_home'),
+ 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true)
+ );
+
+ $data['breadcrumbs'][] = array(
+ 'text' => $this->language->get('heading_title'),
+ 'href' => $this->url->link('user/user_permission', 'user_token=' . $this->session->data['user_token'] . $url, true)
+ );
+
+ $data['add'] = $this->url->link('user/user_permission/add', 'user_token=' . $this->session->data['user_token'] . $url, true);
+ $data['delete'] = $this->url->link('user/user_permission/delete', 'user_token=' . $this->session->data['user_token'] . $url, true);
+
+ $data['user_groups'] = array();
+
+ $filter_data = array(
+ 'sort' => $sort,
+ 'order' => $order,
+ 'start' => ($page - 1) * $this->config->get('config_limit_admin'),
+ 'limit' => $this->config->get('config_limit_admin')
+ );
+
+ $user_group_total = $this->model_user_user_group->getTotalUserGroups();
+
+ $results = $this->model_user_user_group->getUserGroups($filter_data);
+
+ foreach ($results as $result) {
+ $data['user_groups'][] = array(
+ 'user_group_id' => $result['user_group_id'],
+ 'name' => $result['name'],
+ 'edit' => $this->url->link('user/user_permission/edit', 'user_token=' . $this->session->data['user_token'] . '&user_group_id=' . $result['user_group_id'] . $url, true)
+ );
+ }
+
+ if (isset($this->error['warning'])) {
+ $data['error_warning'] = $this->error['warning'];
+ } else {
+ $data['error_warning'] = '';
+ }
+
+ if (isset($this->session->data['success'])) {
+ $data['success'] = $this->session->data['success'];
+
+ unset($this->session->data['success']);
+ } else {
+ $data['success'] = '';
+ }
+
+ if (isset($this->request->post['selected'])) {
+ $data['selected'] = (array)$this->request->post['selected'];
+ } else {
+ $data['selected'] = array();
+ }
+
+ $url = '';
+
+ if ($order == 'ASC') {
+ $url .= '&order=DESC';
+ } else {
+ $url .= '&order=ASC';
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $data['sort_name'] = $this->url->link('user/user_permission', 'user_token=' . $this->session->data['user_token'] . '&sort=name' . $url, true);
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ $pagination = new Pagination();
+ $pagination->total = $user_group_total;
+ $pagination->page = $page;
+ $pagination->limit = $this->config->get('config_limit_admin');
+ $pagination->url = $this->url->link('user/user_permission', 'user_token=' . $this->session->data['user_token'] . $url . '&page={page}', true);
+
+ $data['pagination'] = $pagination->render();
+
+ $data['results'] = sprintf($this->language->get('text_pagination'), ($user_group_total) ? (($page - 1) * $this->config->get('config_limit_admin')) + 1 : 0, ((($page - 1) * $this->config->get('config_limit_admin')) > ($user_group_total - $this->config->get('config_limit_admin'))) ? $user_group_total : ((($page - 1) * $this->config->get('config_limit_admin')) + $this->config->get('config_limit_admin')), $user_group_total, ceil($user_group_total / $this->config->get('config_limit_admin')));
+
+ $data['sort'] = $sort;
+ $data['order'] = $order;
+
+ $data['header'] = $this->load->controller('common/header');
+ $data['column_left'] = $this->load->controller('common/column_left');
+ $data['footer'] = $this->load->controller('common/footer');
+
+ $this->response->setOutput($this->load->view('user/user_group_list', $data));
+ }
+
+ protected function getForm() {
+ $data['text_form'] = !isset($this->request->get['user_group_id']) ? $this->language->get('text_add') : $this->language->get('text_edit');
+
+ if (isset($this->error['warning'])) {
+ $data['error_warning'] = $this->error['warning'];
+ } else {
+ $data['error_warning'] = '';
+ }
+
+ if (isset($this->error['name'])) {
+ $data['error_name'] = $this->error['name'];
+ } else {
+ $data['error_name'] = '';
+ }
+
+ $url = '';
+
+ if (isset($this->request->get['sort'])) {
+ $url .= '&sort=' . $this->request->get['sort'];
+ }
+
+ if (isset($this->request->get['order'])) {
+ $url .= '&order=' . $this->request->get['order'];
+ }
+
+ if (isset($this->request->get['page'])) {
+ $url .= '&page=' . $this->request->get['page'];
+ }
+
+ $data['breadcrumbs'] = array();
+
+ $data['breadcrumbs'][] = array(
+ 'text' => $this->language->get('text_home'),
+ 'href' => $this->url->link('common/dashboard', 'user_token=' . $this->session->data['user_token'], true)
+ );
+
+ $data['breadcrumbs'][] = array(
+ 'text' => $this->language->get('heading_title'),
+ 'href' => $this->url->link('user/user_permission', 'user_token=' . $this->session->data['user_token'] . $url, true)
+ );
+
+ if (!isset($this->request->get['user_group_id'])) {
+ $data['action'] = $this->url->link('user/user_permission/add', 'user_token=' . $this->session->data['user_token'] . $url, true);
+ } else {
+ $data['action'] = $this->url->link('user/user_permission/edit', 'user_token=' . $this->session->data['user_token'] . '&user_group_id=' . $this->request->get['user_group_id'] . $url, true);
+ }
+
+ $data['cancel'] = $this->url->link('user/user_permission', 'user_token=' . $this->session->data['user_token'] . $url, true);
+
+ if (isset($this->request->get['user_group_id']) && $this->request->server['REQUEST_METHOD'] != 'POST') {
+ $user_group_info = $this->model_user_user_group->getUserGroup($this->request->get['user_group_id']);
+ }
+
+ if (isset($this->request->post['name'])) {
+ $data['name'] = $this->request->post['name'];
+ } elseif (!empty($user_group_info)) {
+ $data['name'] = $user_group_info['name'];
+ } else {
+ $data['name'] = '';
+ }
+
+ $ignore = array(
+ 'common/dashboard',
+ 'common/startup',
+ 'common/login',
+ 'common/logout',
+ 'common/forgotten',
+ 'common/reset',
+ 'common/footer',
+ 'common/header',
+ 'error/not_found',
+ 'error/permission'
+ );
+
+ $data['permissions'] = array();
+
+ $files = array();
+
+ // Make path into an array
+ $path = array(DIR_APPLICATION . 'controller/*');
+
+ // While the path array is still populated keep looping through
+ while (count($path) != 0) {
+ $next = array_shift($path);
+
+ foreach (glob($next) as $file) {
+ // If directory add to path array
+ if (is_dir($file)) {
+ $path[] = $file . '/*';
+ }
+
+ // Add the file to the files to be deleted array
+ if (is_file($file)) {
+ $files[] = $file;
+ }
+ }
+ }
+
+ // Sort the file array
+ sort($files);
+
+ foreach ($files as $file) {
+ $controller = substr($file, strlen(DIR_APPLICATION . 'controller/'));
+
+ $permission = substr($controller, 0, strrpos($controller, '.'));
+
+ if (!in_array($permission, $ignore)) {
+ $data['permissions'][] = $permission;
+ }
+ }
+
+ if (isset($this->request->post['permission']['access'])) {
+ $data['access'] = $this->request->post['permission']['access'];
+ } elseif (isset($user_group_info['permission']['access'])) {
+ $data['access'] = $user_group_info['permission']['access'];
+ } else {
+ $data['access'] = array();
+ }
+
+ if (isset($this->request->post['permission']['modify'])) {
+ $data['modify'] = $this->request->post['permission']['modify'];
+ } elseif (isset($user_group_info['permission']['modify'])) {
+ $data['modify'] = $user_group_info['permission']['modify'];
+ } else {
+ $data['modify'] = array();
+ }
+
+ $data['header'] = $this->load->controller('common/header');
+ $data['column_left'] = $this->load->controller('common/column_left');
+ $data['footer'] = $this->load->controller('common/footer');
+
+ $this->response->setOutput($this->load->view('user/user_group_form', $data));
+ }
+
+ protected function validateForm() {
+ if (!$this->user->hasPermission('modify', 'user/user_permission')) {
+ $this->error['warning'] = $this->language->get('error_permission');
+ }
+
+ if ((utf8_strlen($this->request->post['name']) < 3) || (utf8_strlen($this->request->post['name']) > 64)) {
+ $this->error['name'] = $this->language->get('error_name');
+ }
+
+ return !$this->error;
+ }
+
+ protected function validateDelete() {
+ if (!$this->user->hasPermission('modify', 'user/user_permission')) {
+ $this->error['warning'] = $this->language->get('error_permission');
+ }
+
+ $this->load->model('user/user');
+
+ foreach ($this->request->post['selected'] as $user_group_id) {
+ $user_total = $this->model_user_user->getTotalUsersByGroupId($user_group_id);
+
+ if ($user_total) {
+ $this->error['warning'] = sprintf($this->language->get('error_user'), $user_total);
+ }
+ }
+
+ return !$this->error;
+ }
+} \ No newline at end of file