ok

Mini Shell

Direktori : /home2/selectio/www/mm-tailor-billing/app/controllers/
Upload File :
Current File : /home2/selectio/www/mm-tailor-billing/app/controllers/Auth.php

<?php
defined('BASEPATH') or exit('No direct script access allowed');

class Auth extends MY_Controller
{
    public function __construct()
    {
        parent::__construct();
        $this->lang->load('auth', $this->Settings->language);
        $this->load->library('form_validation');
        $this->form_validation->set_error_delimiters($this->config->item('error_start_delimiter', 'ion_auth'), $this->config->item('error_end_delimiter', 'ion_auth'));
        $this->load->model('auth_model');
        $this->load->library('ion_auth');
    }

    public function _get_csrf_nonce()
    {
        $this->load->helper('string');
        $key   = random_string('alnum', 8);
        $value = random_string('alnum', 20);
        $this->session->set_flashdata('csrfkey', $key);
        $this->session->set_flashdata('csrfvalue', $value);

        return [$key => $value];
    }

    public function _render_page($view, $data = null, $render = false)
    {
        $this->viewdata = (empty($data)) ? $this->data : $data;
        $view_html      = $this->load->view('header', $this->viewdata, $render);
        $view_html .= $this->load->view($view, $this->viewdata, $render);
        $view_html = $this->load->view('footer', $this->viewdata, $render);

        if (!$render) {
            return $view_html;
        }
    }

    public function _valid_csrf_nonce()
    {
        if ($this->input->post($this->session->flashdata('csrfkey')) !== false && $this->input->post($this->session->flashdata('csrfkey')) == $this->session->flashdata('csrfvalue')) {
            return true;
        }
        return false;
    }

    public function activate($id, $code = false)
    {
        if ($code !== false) {
            $activation = $this->ion_auth->activate($id, $code);
        } elseif ($this->Admin) {
            $activation = $this->ion_auth->activate($id);
        }

        if ($activation) {
            $this->session->set_flashdata('message', $this->ion_auth->messages());
            if ($this->Admin) {
                redirect($_SERVER['HTTP_REFERER']);
            } else {
                redirect('auth/login');
            }
        } else {
            $this->session->set_flashdata('error', $this->ion_auth->errors());
            redirect('forgot_password');
        }
    }

    public function captcha_check($cap)
    {
        $expiration = time() - 300;
        $this->db->query('DELETE FROM captcha WHERE captcha_time < ' . $expiration);

        $sql   = 'SELECT COUNT(*) AS count FROM captcha WHERE word = ? AND ip_address = ? AND captcha_time > ?';
        $binds = [$cap, $this->input->ip_address(), $expiration];
        $query = $this->db->query($sql, $binds);
        $row   = $query->row();
        if ($row->count == 0) {
            $this->form_validation->set_message('captcha_check', lang('captcha_wrong'));
            return false;
        }
        return true;
    }

    public function change_password()
    {
        if (!$this->ion_auth->logged_in()) {
            redirect('login');
        }
        $this->form_validation->set_rules('old_password', lang('old_password'), 'required');
        $this->form_validation->set_rules('new_password', lang('new_password'), 'required|max_length[25]');
        $this->form_validation->set_rules('new_password_confirm', lang('confirm_password'), 'required|matches[new_password]');

        $user = $this->ion_auth->user()->row();

        if ($this->form_validation->run() == false) {
            $this->session->set_flashdata('error', validation_errors());
            redirect('auth/profile/' . $user->id . '/#cpassword');
        } else {
            if (DEMO) {
                $this->session->set_flashdata('error', lang('disabled_in_demo'));
                redirect($_SERVER['HTTP_REFERER'] ?? 'welcome');
            }

            $identity = $this->session->userdata($this->config->item('identity', 'ion_auth'));

            $change = $this->ion_auth->change_password($identity, $this->input->post('old_password'), $this->input->post('new_password'));

            if ($change) {
                $this->session->set_flashdata('message', $this->ion_auth->messages());
                $this->logout();
            } else {
                $this->session->set_flashdata('error', $this->ion_auth->errors());
                redirect('auth/profile/' . $user->id . '/#cpassword');
            }
        }
    }

    public function create_user()
    {
        if (!$this->Admin) {
            $this->session->set_flashdata('warning', lang('access_denied'));
            redirect($_SERVER['HTTP_REFERER']);
        }

        $this->data['title'] = lang('add_user');
        $this->form_validation->set_rules('username', lang('username'), 'trim|is_unique[users.username]');
        $this->form_validation->set_rules('email', lang('email'), 'trim|is_unique[users.email]');

        if ($this->form_validation->run() == true) {
            $username = strtolower($this->input->post('username'));
            $email    = strtolower($this->input->post('email'));
            $password = $this->input->post('password');
            $notify   = $this->input->post('notify');

            $additional_data = [
                'first_name' => $this->input->post('first_name'),
                'last_name'  => $this->input->post('last_name'),
                'phone'      => $this->input->post('phone'),
                'gender'     => $this->input->post('gender'),
                'salary'     => $this->input->post('salary'),
                'salary_type'=> $this->input->post('salary_type'),
                'emp_role'   => $this->input->post('emp_role'),
                'categories'   => $this->input->post('categories'),
                'store_id'   => $this->input->post('group') == 1 ? null : $this->input->post('store_id'),
                'group_id'   => $this->input->post('group') ? $this->input->post('group') : '2',
            ];
            $active = $this->input->post('status');
        }
        if ($this->form_validation->run() == true && $this->ion_auth->register($username, $password, $email, $additional_data, $active, $notify)) {
            $this->session->set_flashdata('message', $this->ion_auth->messages());
            redirect('auth/users');
        } else {
            $this->data['error']      = (validation_errors() ? validation_errors() : ($this->ion_auth->errors() ? $this->ion_auth->errors() : $this->session->flashdata('error')));
            $this->data['groups']     = $this->ion_auth->groups()->result_array();
            $this->data['stores']     = $this->site->getAllStores();
            $this->data['page_title'] = lang('add_user');
            $bc                       = [['link' => site_url('users'), 'page' => lang('users')], ['link' => '#', 'page' => lang('add_user')]];
            $meta                     = ['page_title' => lang('add_user'), 'bc' => $bc];
            $this->page_construct('auth/create_user', $this->data, $meta);
        }
    }

    public function deactivate($id = null)
    {
        if (!$this->Admin) {
            $this->session->set_flashdata('warning', lang('access_denied'));
            redirect($_SERVER['HTTP_REFERER']);
        }
        $id = $this->config->item('use_mongodb', 'ion_auth') ? (string) $id : (int) $id;
        $this->form_validation->set_rules('confirm', lang('confirm'), 'required');

        if ($this->form_validation->run() == false) {
            if ($this->input->post('deactivate')) {
                $this->session->set_flashdata('error', validation_errors());
                redirect($_SERVER['HTTP_REFERER']);
            } else {
                $this->data['csrf']     = $this->_get_csrf_nonce();
                $this->data['user']     = $this->ion_auth->user($id)->row();
                $this->data['modal_js'] = $this->site->modal_js();
                $this->load->view($this->theme . 'auth/deactivate_user', $this->data);
            }
        } else {
            if ($this->input->post('confirm') == 'yes') {
                if ($id != $this->input->post('id')) {
                    show_error(lang('error_csrf'));
                }

                if ($this->ion_auth->logged_in() && $this->Admin) {
                    $this->ion_auth->deactivate($id);
                    $this->session->set_flashdata('message', $this->ion_auth->messages());
                }
            }

            redirect($_SERVER['HTTP_REFERER']);
        }
    }

    public function delete($id = null)
    {
        if (DEMO) {
            $this->session->set_flashdata('error', lang('disabled_in_demo'));
            redirect($_SERVER['HTTP_REFERER'] ?? 'welcome');
        }
        if (!$this->Admin) {
            $this->session->set_flashdata('warning', lang('access_denied'));
            redirect($_SERVER['HTTP_REFERER']);
        }

        if ($this->input->get('id')) {
            $id = $this->input->get('id');
        }

        if ($this->auth_model->delete_user($id)) {
            $this->session->set_flashdata('message', lang('user_deleted'));
            redirect($_SERVER['HTTP_REFERER']);
        }
    }

    public function edit_user($id = null)
    {
        if ($this->input->post('id')) {
            $id = $this->input->post('id');
        }
        $this->data['title'] = lang('edit_user');

        /*if (!$this->loggedIn || !$this->Admin && $id != $this->session->userdata('user_id')) {
            $this->session->set_flashdata('warning', lang('access_denied'));
            redirect($_SERVER['HTTP_REFERER']);
        }*/

        $user = $this->ion_auth->user($id)->row();

        if ($user->username != $this->input->post('username')) {
            $this->form_validation->set_rules('username', lang('username'), 'trim|is_unique[users.username]');
        }
        if ($user->email != $this->input->post('email')) {
            $this->form_validation->set_rules('email', lang('email'), 'trim|is_unique[users.email]');
        }

        if ($this->form_validation->run() === true) {
            if (DEMO) {
                $this->session->set_flashdata('error', lang('disabled_in_demo'));
                redirect($_SERVER['HTTP_REFERER'] ?? 'welcome');
            }
            if ($this->Admin) {
                if ($id == $this->session->userdata('user_id')) {
                    $data = [
                        'first_name' => $this->input->post('first_name'),
                        'phone'      => $this->input->post('phone'),
                        'gender'     => $this->input->post('gender'),
                        'categories'   => $this->input->post('categories'),
                    ];
                } else {
                    $data = [
                        'first_name' => $this->input->post('first_name'),
                        'username'   => $this->input->post('username'),
                        'email'      => $this->input->post('email'),
                        'phone'      => $this->input->post('phone'),
                        'gender'     => $this->input->post('gender'),
                        'salary'     => $this->input->post('salary'),
                        'salary_type'=> $this->input->post('salary_type'),
                        'emp_role'   => $this->input->post('emp_role'),
                        'active'     => $this->input->post('status'),
                        'group_id'   => $this->input->post('group'),
                        'categories'   => $this->input->post('categories'),
                        'store_id'   => $this->input->post('group') == 1 ? null : $this->input->post('store_id'),
                    ];
                }
            } else {
                $data = [
                    'first_name' => $this->input->post('first_name'),
                    'phone'      => $this->input->post('phone'),
                    'gender'     => $this->input->post('gender'),
                    'categories'   => $this->input->post('categories'),
                ];
            }

            if ($this->Admin) {
                if ($this->input->post('password')) {
                    $this->form_validation->set_rules('password', lang('edit_user_validation_password_label'), 'required|min_length[' . $this->config->item('min_password_length', 'ion_auth') . ']|max_length[' . $this->config->item('max_password_length', 'ion_auth') . ']|matches[password_confirm]');
                    $this->form_validation->set_rules('password_confirm', lang('edit_user_validation_password_confirm_label'), 'required');
                    $data['password'] = $this->input->post('password');
                }
            }
            //$this->sma->print_arrays($data);
        }
        if ($this->form_validation->run() === true && $this->ion_auth->update($user->id, $data)) {
            $this->session->set_flashdata('message', lang('user_updated'));
            redirect('auth/profile/' . $id);
        } else {
            $this->session->set_flashdata('error', validation_errors());
            redirect($_SERVER['HTTP_REFERER']);
        }
    }

    public function forgot_password()
    {
        $this->form_validation->set_rules('forgot_email', lang('email_address'), 'required|valid_email');

        if ($this->form_validation->run() == false) {
            $error = validation_errors() ? validation_errors() : $this->session->flashdata('error');
            $this->session->set_flashdata('error', $error);
            redirect('login#forgot_password');
        } else {
            $identity = $this->ion_auth->where('email', strtolower($this->input->post('forgot_email')))->users()->row();
            if (empty($identity)) {
                $this->ion_auth->set_message('forgot_password_email_not_found');
                $this->session->set_flashdata('error', $this->ion_auth->messages());
                redirect('login#forgot_password');
            }

            $forgotten = $this->ion_auth->forgotten_password($identity->email);

            if ($forgotten) {
                $this->session->set_flashdata('message', $this->ion_auth->messages());
                redirect('login#forgot_password');
            } else {
                $this->session->set_flashdata('error', $this->ion_auth->errors());
                redirect('login#forgot_password');
            }
        }
    }

    /*public function index()
    {
        $this->data['customers'] = $this->site->getAllCustomers();
        if (!$this->loggedIn) {
            redirect('login');
        } elseif ($this->Admin) {
            $this->page_construct('admin', $this->data);
            //redirect('admin');
        } else {
            
            $this->page_construct('index', $this->data);
            //redirect('index');
        }
    }*/

    public function index()
    {
        if (!$this->loggedIn) {
            redirect('login');
        } elseif ($this->Admin) {
            redirect('admin');
        } else {
            redirect('index');
        }
    }

    //log the user in
    public function login($m = null)
    {
        if (!$m) {
            $m = $this->input->get('m');
        }

        if ($this->Settings->captcha) {
            $this->form_validation->set_rules('captcha', lang('captcha'), 'required|callback_captcha_check');
        }

        if ($this->form_validation->run() == true) {
            $remember = (bool) $this->input->post('remember');

            if ($this->ion_auth->login($this->input->post('identity'), $this->input->post('password'), $remember)) {
                if ($this->Settings->mmode) {
                    if (!$this->ion_auth->in_group('admin')) {
                        $this->session->set_flashdata('error', lang('site_is_offline_plz_try_later'));
                        redirect('auth/logout');
                    }
                }

                $this->session->set_flashdata('message', $this->ion_auth->messages());
                setcookie("MM_Tailor", "TRUE", time() + (86400 * 30), "/");
                redirect($this->session->userdata('store_id') ? 'pos' : 'welcome');
            } else {
                $this->session->set_flashdata('error', $this->ion_auth->errors());
                sleep(2);
                redirect('login');
            }
        } else {
            $this->data['error']   = (validation_errors()) ? validation_errors() : $this->session->flashdata('error');
            $this->data['message'] = $this->session->flashdata('message') ? $this->session->flashdata('message') : ($m ? lang($m) : '');
            if ($this->Settings->captcha) {
                $this->load->helper('captcha');
                $vals = [
                    'img_path'   => './uploads/captcha/',
                    'img_url'    => site_url() . 'uploads/captcha/',
                    'img_width'  => 150,
                    'img_height' => 34,
                ];
                $cap     = create_captcha($vals);
                $capdata = [
                    'captcha_time' => $cap['time'],
                    'ip_address'   => $this->input->ip_address(),
                    'word'         => $cap['word'],
                ];

                $query = $this->db->insert_string('captcha', $capdata);
                $this->db->query($query);
                $this->data['image']   = $cap['image'];
                $this->data['captcha'] = ['name' => 'captcha',
                    'id'                         => 'captcha',
                    'type'                       => 'text',
                    'class'                      => 'form-control',
                    'required'                   => 'required',
                    'placeholder'                => lang('type_captcha'),
                ];
            }
            $this->data['page_title'] = lang('login');

            $this->load->view($this->theme . 'auth/login', $this->data);
        }
    }

    public function logout($m = null)
    {
        $logout = $this->ion_auth->logout();
        $this->session->set_flashdata('message', $this->ion_auth->messages());
        unset($_COOKIE['MM_Tailor']); 
        setcookie('MM_Tailor', '', -1, '/');
        redirect('login?m=' . ($m ? $m : ($this->input->get('m') ? $this->input->get('m') : '')));
        
    }

    public function profile($id = null)
    {
        if (!$this->ion_auth->logged_in() || !$this->Admin && $id != $this->session->userdata('user_id')) {
            $this->session->set_flashdata('warning', lang('access_denied'));
            redirect($_SERVER['HTTP_REFERER']);
        }
        if (!$id || empty($id)) {
            redirect('auth');
        }

        $this->data['title'] = lang('profile');

        $user                 = $this->ion_auth->user($id)->row();
        $groups               = $this->ion_auth->groups()->result_array();
        $this->data['csrf']   = $this->_get_csrf_nonce();
        $this->data['user']   = $user;
        $this->data['groups'] = $groups;

        $this->data['error']    = (validation_errors()) ? validation_errors() : $this->session->flashdata('error');
        $this->data['password'] = [
            'name'  => 'password',
            'id'    => 'password',
            'class' => 'form-control',
            'type'  => 'password',
            'value' => '',
        ];
        $this->data['password_confirm'] = [
            'name'  => 'password_confirm',
            'id'    => 'password_confirm',
            'class' => 'form-control',
            'type'  => 'password',
            'value' => '',
        ];
        $this->data['min_password_length'] = $this->config->item('min_password_length', 'ion_auth');
        $this->data['old_password']        = [
            'name'  => 'old',
            'id'    => 'old',
            'class' => 'form-control',
            'type'  => 'password',
        ];
        $this->data['new_password'] = [
            'name'    => 'new',
            'id'      => 'new',
            'type'    => 'password',
            'class'   => 'form-control',
            'pattern' => '^.{' . $this->data['min_password_length'] . '}.*$',
        ];
        $this->data['new_password_confirm'] = [
            'name'    => 'new_confirm',
            'id'      => 'new_confirm',
            'type'    => 'password',
            'class'   => 'form-control',
            'pattern' => '^.{' . $this->data['min_password_length'] . '}.*$',
        ];
        $this->data['user_id'] = [
            'name'  => 'user_id',
            'id'    => 'user_id',
            'type'  => 'hidden',
            'value' => $user->id,
        ];

        $this->data['id']         = $id;
        $this->data['stores']     = $this->site->getAllStores();
        $this->data['page_title'] = lang('profile');
        $bc                       = [['link' => site_url('users'), 'page' => lang('users')], ['link' => '#', 'page' => lang('profile')]];
        $meta                     = ['page_title' => lang('profile'), 'bc' => $bc];
        $this->page_construct('auth/profile', $this->data, $meta);
    }

    public function reload_captcha()
    {
        $this->load->helper('captcha');
        $vals = [
            'img_path'   => './uploads/captcha/',
            'img_url'    => site_url() . 'uploads/captcha/',
            'img_width'  => 150,
            'img_height' => 34,
        ];
        $cap     = create_captcha($vals);
        $capdata = [
            'captcha_time' => $cap['time'],
            'ip_address'   => $this->input->ip_address(),
            'word'         => $cap['word'],
        ];
        $query = $this->db->insert_string('captcha', $capdata);
        $this->db->query($query);

        echo $cap['image'];
    }

    public function reset_password($code = null)
    {
        if (!$code) {
            show_404();
        }

        $user = $this->ion_auth->forgotten_password_check($code);

        if ($user) {
            $this->form_validation->set_rules('new', lang('password'), 'required|min_length[8]|max_length[25]|matches[new_confirm]');
            $this->form_validation->set_rules('new_confirm', lang('confirm_password'), 'required');

            if ($this->form_validation->run() == false) {
                $this->data['error']               = (validation_errors()) ? validation_errors() : $this->session->flashdata('error');
                $this->data['message']             = $this->session->flashdata('message');
                $this->data['title']               = lang('reset_password');
                $this->data['min_password_length'] = $this->config->item('min_password_length', 'ion_auth');
                $this->data['new_password']        = [
                    'name'    => 'new',
                    'id'      => 'new',
                    'type'    => 'password',
                    'class'   => 'form-control',
                    'pattern' => '^.{8}.*$',
                ];
                $this->data['new_password_confirm'] = [
                    'name'    => 'new_confirm',
                    'id'      => 'new_confirm',
                    'type'    => 'password',
                    'class'   => 'form-control',
                    'pattern' => '^.{8}.*$',
                ];
                $this->data['user_id'] = [
                    'name'  => 'user_id',
                    'id'    => 'user_id',
                    'type'  => 'hidden',
                    'value' => $user->id,
                ];
                $this->data['csrf']           = $this->_get_csrf_nonce();
                $this->data['code']           = $code;
                $this->data['identity_label'] = $user->email;
                $this->data['page_title']     = lang('reset_password');
                $this->load->view($this->theme . 'auth/reset_password', $this->data);
            } else {
                if ($this->_valid_csrf_nonce() === false || $user->id != $this->input->post('user_id')) {
                    $this->ion_auth->clear_forgotten_password_code($code);
                    show_error(lang('error_csrf'));
                } else {
                    $identity = $user->email;

                    $change = $this->ion_auth->reset_password($identity, $this->input->post('new'));

                    if ($change) {
                        $this->session->set_flashdata('message', $this->ion_auth->messages());
                        redirect('login');
                    } else {
                        $this->session->set_flashdata('error', $this->ion_auth->errors());
                        redirect('auth/reset_password/' . $code);
                    }
                }
            }
        } else {
            $this->session->set_flashdata('error', $this->ion_auth->errors());
            redirect('login#forgot_password');
        }
    }

    public function update_avatar($id = null)
    {
        if ($this->input->post('id')) {
            $id = $this->input->post('id');
        }

        if (!$this->loggedIn || !$this->Admin && $id != $this->session->userdata('user_id')) {
            $this->session->set_flashdata('warning', lang('access_denied'));
            redirect($_SERVER['HTTP_REFERER']);
        }

        //validate form input
        $this->form_validation->set_rules('avatar', lang('avatar'), 'trim');

        if ($this->form_validation->run() == true) {
            if ($_FILES['avatar']['size'] > 0) {
                $this->load->library('upload');
                $config['upload_path']   = 'uploads/avatars';
                $config['allowed_types'] = 'gif|jpg|png';
                $config['max_size']      = 1024;
                $config['max_width']     = 600;
                $config['max_height']    = 600;
                $config['overwrite']     = false;
                $config['encrypt_name']  = true;
                $config['max_filename']  = 25;
                $this->upload->initialize($config);

                if (!$this->upload->do_upload('avatar')) {
                    $error = $this->upload->display_errors();
                    $this->session->set_flashdata('error', $error);
                    redirect($_SERVER['HTTP_REFERER']);
                }

                $photo = $this->upload->file_name;

                $this->load->helper('file');
                $this->load->library('image_lib');
                $config['image_library']  = 'gd2';
                $config['source_image']   = 'uploads/avatars/' . $photo;
                $config['new_image']      = 'uploads/avatars/thumbs/' . $photo;
                $config['maintain_ratio'] = true;
                $config['width']          = 100;
                $config['height']         = 100;

                $this->image_lib->clear();
                $this->image_lib->initialize($config);
                if (!$this->image_lib->resize()) {
                    echo $this->image_lib->display_errors();
                }
                $user = $this->ion_auth->user($id)->row();
            } else {
                $this->form_validation->set_rules('avatar', lang('avatar'), 'required');
            }
        }

        if ($this->form_validation->run() == true && $this->auth_model->updateAvatar($id, $photo)) {
            // unlink('uploads/avatars/' . $user->avatar);
            // unlink('uploads/avatars/thumbs/' . $user->avatar);
            $this->session->set_userdata('avatar', $photo);
            $this->session->set_flashdata('message', lang('avatar_updated'));
            redirect($_SERVER['HTTP_REFERER']);
        } else {
            $this->session->set_flashdata('error', validation_errors());
            redirect($_SERVER['HTTP_REFERER']);
        }
    }

    public function users()
    {
        if (!$this->loggedIn) {
            redirect('login');
        }
        if (!$this->Admin) {
            $this->session->set_flashdata('warning', lang('access_denied'));
            redirect($_SERVER['HTTP_REFERER']);
        }

        $this->data['error']      = (validation_errors()) ? validation_errors() : $this->session->flashdata('error');
        $this->data['users']      = $this->site->getAllUsers();
        $bc                       = [['link' => '#', 'page' => lang('users')]];
        $meta                     = ['page_title' => lang('users'), 'bc' => $bc];
        $this->data['page_title'] = lang('users');
        $this->page_construct('auth/index', $this->data, $meta);
    }
}

Zerion Mini Shell 1.0