tableName(); $this->selectAdd("i18n_translate('c' , {$tn}.country, 'en') as country_display_name "); $tn = $this->tableName(); //DB_DataObject::debugLevel(1); $x = DB_DataObject::factory('core_company'); $x->comptype= 'OWNER'; $x->find(true); if (!empty($q['query']['company_project_id'])) { $add = ''; if (!empty($q['query']['company_include_self'])) { $add = " OR {$tn}.id = {$x->id}"; } if (!empty($q['query']['company_not_self'])) { $add = " AND {$tn}.id != {$x->id}"; } $pids = array(); $pid = $q['query']['company_project_id']; if (strpos($pid, ',')) { $bits = explode(',', $pid); foreach($bits as $b) { $pids[] = (int)$b; } } else { $pids = array($pid); } $pids = implode(',', $pids); $this->whereAdd("{$tn}.id IN ( SELECT distinct(company_id) FROM ProjectDirectory where project_id IN ($pids) ) $add" ); } if (!empty($q['query']['comptype'])) { $this->whereAddIn('comptype', explode(',', $q['query']['comptype']), 'string'); } // depricated - should be moved to module specific (texon afair) if (!empty($q['query']['province'])) { $prov = $this->escape($q['query']['province']); $this->whereAdd("province LIKE '$prov%'"); } // ADD comptype_display name.. = for combos.. $this->selectAdd(" (SELECT display_name FROM core_enum WHERE etype='comptype' AND name={$tn}.comptype LIMIT 1 ) as comptype_display_name "); if(!empty($q['search']['name'])){ $s = $this->escape($q['search']['name']); $this->whereAdd(" {$tn}.name LIKE '%$s%' "); } if(!empty($q['search']['name_starts'])){ $s = $this->escape($q['search']['name_starts']); $this->whereAdd(" {$tn}.name LIKE '$s%' "); } } function toEventString() { return $this->name; } // ---------- AUTHENTICATION function isAuth() { $db = $this->getDatabaseConnection(); $sesPrefix = $db->dsn['database']; @session_start(); if (!empty($_SESSION[__CLASS__][$sesPrefix .'-auth'])) { // in session... $a = unserialize($_SESSION[__CLASS__][$sesPrefix .'-auth']); $u = DB_DataObject::factory('core_company'); if ($u->get($a->id)) { //&& strlen($u->passwd)) { return true; } $_SESSION[__CLASS__][$sesPrefix .'-auth'] = ''; } // not in session or not matched... return false; } function getAuthUser() { if (!$this->isAuth()) { return false; } $db = $this->getDatabaseConnection(); $sesPrefix = $db->dsn['database']; if (!empty($_SESSION[__CLASS__][$sesPrefix .'-auth'])) { $a = unserialize($_SESSION[__CLASS__][$sesPrefix .'-auth']); $u = DB_DataObject::factory('core_company'); if ($u->get($a->id)) { /// && strlen($u->passwd)) { return clone($u); } } return false; } function login() { $this->isAuth(); // force session start.. $db = $this->getDatabaseConnection(); $sesPrefix = $db->dsn['database']; $_SESSION[__CLASS__][$sesPrefix .'-auth'] = serialize($this); } function logout() { $this->isAuth(); // force session start.. $db = $this->getDatabaseConnection(); $sesPrefix = $db->dsn['database']; $_SESSION[__CLASS__][$sesPrefix .'-auth'] = ""; } // ---------- AUTHENTICATION function checkPassword($val) { //echo '
'.$val . print_R($this,true); if (substr($this->passwd,0,1) == '$') { return crypt($val,$this->passwd) == $this->passwd ; } // old style md5 passwords...- cant be used with courier.... return md5($val) == $this->passwd; } function setPassword($value) { $salt=''; while(strlen($salt)<9) { $salt.=chr(rand(64,126)); //php -r var_dump(crypt('testpassword', '$1$'. (rand(64,126)). '$')); } $this->passwd = crypt($value, '$1$'. $salt. '$'); } function onUpload($controller) { $image = DB_DataObject::factory('Images'); return $image->onUploadWithTbl($this, 'logo_id'); } function onUpdate($old, $req,$roo) { if (!empty($req['password1'])) { $this->setPassword($req['password1']); $this->update(); } } function onInsert($req, $roo) { if (!empty($this->logo_id)) { // update images table to sycn with this.. $img = DB_DataObject::factory('Images'); if ($img->get($this->logo_id) && ($img->onid != $this->id)) { $img->onid = $this->id; $img->update(); } } if (!empty($req['password1'])) { $this->setPassword($req['password1']); $this->update(); } $img = DB_DataObject::factory('Images'); $img->onid= 0; $img->ontable = $this->tableName(); $img->imgtype = 'LOGO'; // should check uploader!!! if ($img->find()) { while($img->fetch()) { $ii = clone($img); $ii->onid = $this->id; $ii->update(); $this->logo_id = $ii->id; } $this->update(); } } function beforeUpdate($old, $q,$roo) { if(!empty($this->is_system) && ($old->code != $this->code ) // used to be not allowed to change name.. ){ $roo->jerr('This company is not allow to editing Ref. or Company Name...'); } } function beforeDelete($req, $roo) { // should check for members.... if(!empty($this->is_system) && ($old->code != $this->code || $old->name != $this->name) ){ $roo->jerr('This company is not allow to delete'); } $img = DB_DataObject::factory('Images'); $img->ontable = $this->tableName(); $img->onid = $this->id; $img->find(); while ($img->fetch()) { $img->beforeDelete(); $img->delete(); } return true; } /** * check who is trying to access this. false == access denied.. */ function checkPerm($lvl, $au, $changes = false) { // do we have an empty system.. if ($au && $au->id == -1) { return true; } if ($au->company()->comptype != 'OWNER') { // hacking! if ($changes && isset($changes['comptype']) && $changes['comptype'] != $this->comptype) { return false; } return $this->id == $au->company_id; } return $au->hasPerm("Core.Companies", $lvl); } function logoImageToHTML($size) { $i = DB_DataObject::factory('Images'); if (!$this->logo_id || !$i->get($this->logo_id)) { return ''; } return $i->toHTML($size); } function firstImage($filter='image/%') { $i = DB_DataObject::factory('Images'); //DB_DataObject::debugLevel(1); $im = $i->gather($this, $filter); if (empty($im)) { return false; } return $im[0]; } function firstImageTag($size =-1, $base="/Images/Thumb", $filter='image/%') { $fm = $this->firstImage($filter); if (empty($fm)) { return ''; } return $fm->toHTML($size, $base); } function toRooSingleArray($authUser, $request) { $ret = $this->toArray(); // DB_DataObject::debugLevel(1); // get the comptype display $e = DB_DataObject::Factory('core_enum')->lookupObject('COMPTYPE', $this->comptype); $ret['comptype_display'] = $ret['comptype']; if ($e && !empty($e->name_display)) { $ret['comptype_display'] = $e->name_display; } return $ret; } /** * # 2028 * create the suppliers... * * @param object $roo * @param array $data * */ function initCompaniesArray($roo, $data) { $tn = $this->tableName(); foreach($data as $d){ $com = DB_DataObject::factory($tn); $com->setFrom($d); if(!$com->find(true)){ $com->created_dt = Date('Y-m-d H:i:s'); $com->updated_dt = Date('Y-m-d H:i:s'); $com->is_system = 1;// new column.. block the user changing the code and name.. $com->insert(); } } } function initCompanies($roo, $opts) { $companies = DB_DataObject::factory('core_company'); $ctype = empty($opts['add-company-with-type']) ? 'OWNER' : $opts['add-company-with-type']; $enum = DB_DataObject::Factory('core_enum')->lookup('COMPTYPE', $ctype ); if (empty($enum)) { $roo->jerr("invalid company type '$ctype'"); } if ($ctype =='OWNER') { $companies = DB_DataObject::factory('core_company'); $companies->comptype_id = $enum; if ($companies->count()) { $roo->jerr("Owner company already exists"); } } $companies = DB_DataObject::factory('core_company'); // check that $companies->setFrom(array( 'name' => $opts['add-company'], 'comptype' => $ctype, 'comptype_id' => $enum, )); if ($companies->find(true)) { $roo->jerr("company already exists"); } $companies->setFrom(array( 'background_color' => '', 'created_dt' => $this->sqlValue('NOW()'), 'updated_dt' => $this->sqlValue('NOW()') )); $companies->insert(); $companies->onInsert(array(), $roo); } function lookupOwner() { $enum = DB_DataObject::Factory('core_enum')->lookup('COMPTYPE', 'OWNER' ); $companies = DB_DataObject::factory('core_company'); $companies->comptype_id = $enum; if ($companies->find(true)) { return $companies; } return false; } }