From 8261cc1f7288806d4d14f698294fca821fb64141 Mon Sep 17 00:00:00 2001 From: Jorge Colmenarez Date: Fri, 21 Apr 2017 16:13:25 -0400 Subject: [PATCH 1/2] Support for change password --- application/controllers/Employees.php | 121 ++++++++++++------ application/language/en/employees_lang.php | 3 + application/language/es/employees_lang.php | 3 + application/models/Employee.php | 19 +++ application/views/change_password.php | 119 +++++++++++++++++ application/views/configs/manage.php | 4 + application/views/home.php | 4 + application/views/messages/sms.php | 4 + application/views/partial/header.php | 2 +- application/views/reports/date_input.php | 5 + application/views/reports/graphical.php | 4 + .../views/reports/inventory_summary_input.php | 5 + application/views/reports/listing.php | 4 + application/views/reports/specific_input.php | 5 + application/views/reports/tabular.php | 4 + 15 files changed, 265 insertions(+), 41 deletions(-) create mode 100644 application/views/change_password.php diff --git a/application/controllers/Employees.php b/application/controllers/Employees.php index 7bbd8f3a4..35fe15eb3 100644 --- a/application/controllers/Employees.php +++ b/application/controllers/Employees.php @@ -92,59 +92,85 @@ class Employees extends Persons */ public function save($employee_id = -1) { - $person_data = array( - 'first_name' => $this->input->post('first_name'), - 'last_name' => $this->input->post('last_name'), - 'gender' => $this->input->post('gender'), - 'email' => $this->input->post('email'), - 'phone_number' => $this->input->post('phone_number'), - 'address_1' => $this->input->post('address_1'), - 'address_2' => $this->input->post('address_2'), - 'city' => $this->input->post('city'), - 'state' => $this->input->post('state'), - 'zip' => $this->input->post('zip'), - 'country' => $this->input->post('country'), - 'comments' => $this->input->post('comments'), - ); - $grants_data = $this->input->post('grants') != NULL ? $this->input->post('grants') : array(); - - //Password has been changed OR first time password set - if($this->input->post('password') != '') + if($this->input->post('current_password') != '') { $employee_data = array( 'username' => $this->input->post('username'), 'password' => password_hash($this->input->post('password'), PASSWORD_DEFAULT), 'hash_version' => 2 ); - } - else //Password not changed - { - $employee_data = array('username' => $this->input->post('username')); - } - - if($this->Employee->save_employee($person_data, $employee_data, $grants_data, $employee_id)) - { - $person_data = $this->xss_clean($person_data); - $employee_data = $this->xss_clean($employee_data); + + if($this->Employee->change_password($employee_data, $employee_id)) + { + $employee_data = $this->xss_clean($employee_data); - //New employee - if($employee_id == -1) - { - echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('employees_successful_adding').' '. - $person_data['first_name'].' '.$person_data['last_name'], 'id' => $employee_data['person_id'])); + echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('employees_successful_change_password').' '. + $person_data['first_name'].' '.$person_data['last_name'], 'id' => $employee_id)); } - else //Existing employee + else//failure { - echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('employees_successful_updating').' '. - $person_data['first_name'].' '.$person_data['last_name'], 'id' => $employee_id)); + $person_data = $this->xss_clean($person_data); + + echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('employees_successful_change_password').' '. + $person_data['first_name'].' '.$person_data['last_name'], 'id' => -1)); } } - else//failure + else { - $person_data = $this->xss_clean($person_data); + $person_data = array( + 'first_name' => $this->input->post('first_name'), + 'last_name' => $this->input->post('last_name'), + 'gender' => $this->input->post('gender'), + 'email' => $this->input->post('email'), + 'phone_number' => $this->input->post('phone_number'), + 'address_1' => $this->input->post('address_1'), + 'address_2' => $this->input->post('address_2'), + 'city' => $this->input->post('city'), + 'state' => $this->input->post('state'), + 'zip' => $this->input->post('zip'), + 'country' => $this->input->post('country'), + 'comments' => $this->input->post('comments'), + ); + $grants_data = $this->input->post('grants') != NULL ? $this->input->post('grants') : array(); + + //Password has been changed OR first time password set + if($this->input->post('password') != '') + { + $employee_data = array( + 'username' => $this->input->post('username'), + 'password' => password_hash($this->input->post('password'), PASSWORD_DEFAULT), + 'hash_version' => 2 + ); + } + else //Password not changed + { + $employee_data = array('username' => $this->input->post('username')); + } + + if($this->Employee->save_employee($person_data, $employee_data, $grants_data, $employee_id)) + { + $person_data = $this->xss_clean($person_data); + $employee_data = $this->xss_clean($employee_data); - echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('employees_error_adding_updating').' '. - $person_data['first_name'].' '.$person_data['last_name'], 'id' => -1)); + //New employee + if($employee_id == -1) + { + echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('employees_successful_adding').' '. + $person_data['first_name'].' '.$person_data['last_name'], 'id' => $employee_data['person_id'])); + } + else //Existing employee + { + echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('employees_successful_updating').' '. + $person_data['first_name'].' '.$person_data['last_name'], 'id' => $employee_id)); + } + } + else//failure + { + $person_data = $this->xss_clean($person_data); + + echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('employees_error_adding_updating').' '. + $person_data['first_name'].' '.$person_data['last_name'], 'id' => -1)); + } } } @@ -165,5 +191,20 @@ class Employees extends Persons echo json_encode(array('success' => FALSE,'message' => $this->lang->line('employees_cannot_be_deleted'))); } } + + /* + Loads the change password form + */ + public function change_password($employee_id = -1) + { + $person_info = $this->Employee->get_info($employee_id); + foreach(get_object_vars($person_info) as $property => $value) + { + $person_info->$property = $this->xss_clean($value); + } + $data['person_info'] = $person_info; + + $this->load->view("change_password", $data); + } } ?> \ No newline at end of file diff --git a/application/language/en/employees_lang.php b/application/language/en/employees_lang.php index 81e0ec4fb..6583fe3c9 100644 --- a/application/language/en/employees_lang.php +++ b/application/language/en/employees_lang.php @@ -2,7 +2,9 @@ $lang["employees_basic_information"] = "Information"; $lang["employees_cannot_be_deleted"] = "Could not deleted selected employees, one or more of the employees has processed sales or you are trying to delete yourself :)"; +$lang["employees_change_password"] = "Change Password"; $lang["employees_confirm_delete"] = "Are you sure you want to delete the selected employees?"; +$lang["employees_current_password"] = "Current Password"; $lang["employees_employee"] = "Employee"; $lang["employees_error_adding_updating"] = "Error adding/updating employee"; $lang["employees_error_deleting_demo_admin"] = "You can not delete the demo admin user"; @@ -22,6 +24,7 @@ $lang["employees_subpermission_required"] = "Add at least one grant for each mod $lang["employees_successful_adding"] = "You have successfully added employee"; $lang["employees_successful_deleted"] = "You have successfully deleted"; $lang["employees_successful_updating"] = "You have successfully updated employee"; +$lang["employees_successful_change_password"] = "Password successfully changed"; $lang["employees_update"] = "Update Employee"; $lang["employees_username"] = "Username"; $lang["employees_username_minlength"] = "The username must be at least 5 characters"; diff --git a/application/language/es/employees_lang.php b/application/language/es/employees_lang.php index b88d31bfd..ea2e37fa1 100644 --- a/application/language/es/employees_lang.php +++ b/application/language/es/employees_lang.php @@ -2,7 +2,9 @@ $lang["employees_basic_information"] = "Información Básica de Empleados"; $lang["employees_cannot_be_deleted"] = "No se pudieron borrar empleados. Uno o más empleados tiene ventas procesadas o estás tratando de borrarte a tí mismo(a)."; +$lang["employees_change_password"] = "Cambiar Contraseña"; $lang["employees_confirm_delete"] = "¿Seguro(a) que quieres borrar los empleados seleccionados?"; +$lang["employees_current_password"] = "Contraseña Actual"; $lang["employees_employee"] = "Empleado"; $lang["employees_error_adding_updating"] = "Error al agregar/actualizar empleado"; $lang["employees_error_deleting_demo_admin"] = "No puedes borrar el usuario admin del demo"; @@ -22,6 +24,7 @@ $lang["employees_subpermission_required"] = "Agregar al menos un permiso para ca $lang["employees_successful_adding"] = "Has agregado el empleado satisfactoriamente"; $lang["employees_successful_deleted"] = "Has borrado satisfactoriamente a"; $lang["employees_successful_updating"] = "Has actualizado el empleado satisfactoriamente"; +$lang["employees_successful_change_password"] = "Contraseña cambiada satisfactoriamente"; $lang["employees_update"] = "Actualizar Empleado"; $lang["employees_username"] = "Usuario"; $lang["employees_username_minlength"] = "El Usuario debe tener, por lo menos, 5 caracteres"; diff --git a/application/models/Employee.php b/application/models/Employee.php index dfeec9ff7..4b13692a0 100644 --- a/application/models/Employee.php +++ b/application/models/Employee.php @@ -411,5 +411,24 @@ class Employee extends Person return $this->db->get()->result_array(); } + /* + Change password for the employee + */ + public function change_password(&$employee_data, $employee_id = FALSE) + { + $success = FALSE; + + //Run these queries as a transaction, we want to make sure we do all or nothing + $this->db->trans_start(); + + $this->db->where('person_id', $employee_id); + $success = $this->db->update('employees', $employee_data); + + $this->db->trans_complete(); + + $success &= $this->db->trans_status(); + + return $success; + } } ?> diff --git a/application/views/change_password.php b/application/views/change_password.php new file mode 100644 index 000000000..f16a9937b --- /dev/null +++ b/application/views/change_password.php @@ -0,0 +1,119 @@ +
lang->line('common_fields_required_message'); ?>
+ + + +person_id, array('id'=>'employee_form', 'class'=>'form-horizontal')); ?> +
+
+
+
+ lang->line('employees_username'), 'username', array('class'=>'required control-label col-xs-3')); ?> +
+
+ + 'username', + 'id'=>'username', + 'class'=>'form-control input-sm', + 'value'=>$person_info->username, + 'readonly'=>'true') + );?> +
+
+
+ + person_id == "" ? array('class'=>'required') : array(); ?> + +
+ lang->line('employees_current_password'), 'current_password', array_merge($password_label_attributes, array('class'=>'control-label col-xs-3'))); ?> +
+
+ + 'current_password', + 'id'=>'current_password', + 'class'=>'form-control input-sm', + 'value'=>$person_info->password, + 'readonly'=>'true') + );?> +
+
+
+ +
+ lang->line('employees_password'), 'password', array_merge($password_label_attributes, array('class'=>'control-label col-xs-3'))); ?> +
+
+ + 'password', + 'id'=>'password', + 'class'=>'form-control input-sm') + );?> +
+
+
+ +
+ lang->line('employees_repeat_password'), 'repeat_password', array_merge($password_label_attributes, array('class'=>'control-label col-xs-3'))); ?> +
+
+ + 'repeat_password', + 'id'=>'repeat_password', + 'class'=>'form-control input-sm') + );?> +
+
+
+
+
+
+ + + \ No newline at end of file diff --git a/application/views/configs/manage.php b/application/views/configs/manage.php index bd8b28038..b802b6f0e 100644 --- a/application/views/configs/manage.php +++ b/application/views/configs/manage.php @@ -1,5 +1,9 @@ load->view("partial/header"); ?> + +