From 4079e445728d80fd6a35156fdab751392e7a07d3 Mon Sep 17 00:00:00 2001 From: FrancescoUK Date: Sun, 25 Mar 2018 19:18:03 +0100 Subject: [PATCH] Allow password change with no restrictions + code reorg (#1894) --- application/controllers/Employees.php | 163 ++++++++---------- application/controllers/Home.php | 41 ++++- application/controllers/Office.php | 2 +- application/models/Employee.php | 4 +- application/models/Module.php | 1 - application/models/Sale.php | 2 +- application/views/configs/message_config.php | 2 +- .../form_change_password.php | 13 +- application/views/{ => home}/home.php | 0 application/views/{ => home}/office.php | 0 application/views/items/form.php | 2 +- 11 files changed, 115 insertions(+), 115 deletions(-) rename application/views/{employees => home}/form_change_password.php (92%) rename application/views/{ => home}/home.php (100%) rename application/views/{ => home}/office.php (100%) diff --git a/application/controllers/Employees.php b/application/controllers/Employees.php index 62a6fba0e..3267f5c13 100644 --- a/application/controllers/Employees.php +++ b/application/controllers/Employees.php @@ -84,113 +84,86 @@ class Employees extends Persons */ public function save($employee_id = -1) { - if($this->input->post('current_password') != '') - { - if($this->Employee->check_password($this->input->post('username'), $this->input->post('current_password'))) - { - $employee_data = array( - 'username' => $this->input->post('username'), - 'password' => password_hash($this->input->post('password'), PASSWORD_DEFAULT), - 'hash_version' => 2 - ); + $first_name = $this->xss_clean($this->input->post('first_name')); + $last_name = $this->xss_clean($this->input->post('last_name')); + $email = $this->xss_clean(strtolower($this->input->post('email'))); - if($this->Employee->change_password($employee_data, $employee_id)) - { - echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('employees_successful_change_password'), 'id' => $employee_id)); - } - else//failure - { - echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('employees_unsuccessful_change_password'), 'id' => -1)); - } - } - else + // format first and last name properly + $first_name = $this->nameize($first_name); + $last_name = $this->nameize($last_name); + + $person_data = array( + 'first_name' => $first_name, + 'last_name' => $last_name, + 'gender' => $this->input->post('gender'), + 'email' => $email, + 'phone_number' => $this->input->post('phone_number'), + 'address_1' => $this->input->post('address_1'), + 'address_2' => $this->input->post('address_2'), + 'city' => $this->input->post('city'), + 'state' => $this->input->post('state'), + 'zip' => $this->input->post('zip'), + 'country' => $this->input->post('country'), + 'comments' => $this->input->post('comments'), + ); + + $grants_array = array(); + foreach($this->Module->get_all_permissions()->result() as $permission) + { + $grants = array(); + $grant = $this->input->post('grant_'.$permission->permission_id) != NULL ? $this->input->post('grant_'.$permission->permission_id) : ''; + if($grant == $permission->permission_id) { - echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('employees_current_password_invalid'), 'id' => -1)); + $grants['permission_id'] = $permission->permission_id; + $grants['menu_group'] = $this->input->post('menu_group_'.$permission->permission_id) != NULL ? $this->input->post('menu_group_'.$permission->permission_id) : '--'; + $grants_array[] = $grants; } } - else + + //Password has been changed OR first time password set + if($this->input->post('password') != '') { - $first_name = $this->xss_clean($this->input->post('first_name')); - $last_name = $this->xss_clean($this->input->post('last_name')); - $email = $this->xss_clean(strtolower($this->input->post('email'))); - - // format first and last name properly - $first_name = $this->nameize($first_name); - $last_name = $this->nameize($last_name); - - $person_data = array( - 'first_name' => $first_name, - 'last_name' => $last_name, - 'gender' => $this->input->post('gender'), - 'email' => $email, - 'phone_number' => $this->input->post('phone_number'), - 'address_1' => $this->input->post('address_1'), - 'address_2' => $this->input->post('address_2'), - 'city' => $this->input->post('city'), - 'state' => $this->input->post('state'), - 'zip' => $this->input->post('zip'), - 'country' => $this->input->post('country'), - 'comments' => $this->input->post('comments'), + $exploded = explode(":", $this->input->post('language')); + $employee_data = array( + 'username' => $this->input->post('username'), + 'password' => password_hash($this->input->post('password'), PASSWORD_DEFAULT), + 'hash_version' => 2, + 'language_code' => $exploded[0], + 'language' => $exploded[1] ); + } + else //Password not changed + { + $exploded = explode(":", $this->input->post('language')); + $employee_data = array( + 'username' => $this->input->post('username'), + 'language_code' => $exploded[0], + 'language' => $exploded[1] + ); + } - $grants_array = array(); - foreach($this->Module->get_all_permissions()->result() as $permission) + if($this->Employee->save_employee($person_data, $employee_data, $grants_array, $employee_id)) + { + // New employee + if($employee_id == -1) { - $grants = array(); - $grant = $this->input->post('grant_'.$permission->permission_id) != NULL ? $this->input->post('grant_'.$permission->permission_id) : ''; - if($grant == $permission->permission_id) - { - $grants['permission_id'] = $permission->permission_id; - $grants['menu_group'] = $this->input->post('menu_group_'.$permission->permission_id) != NULL ? $this->input->post('menu_group_'.$permission->permission_id) : '--'; - $grants_array[] = $grants; - } + echo json_encode(array('success' => TRUE, + 'message' => $this->lang->line('employees_successful_adding') . ' ' . $first_name . ' ' . $last_name, + 'id' => $this->xss_clean($employee_data['person_id']))); } - - //Password has been changed OR first time password set - if($this->input->post('password') != '') + else // Existing employee { - $exploded = explode(":", $this->input->post('language')); - $employee_data = array( - 'username' => $this->input->post('username'), - 'password' => password_hash($this->input->post('password'), PASSWORD_DEFAULT), - 'hash_version' => 2, - 'language_code' => $exploded[0], - 'language' => $exploded[1] - ); - } - else //Password not changed - { - $exploded = explode(":", $this->input->post('language')); - $employee_data = array( - 'username' => $this->input->post('username'), - 'language_code' => $exploded[0], - 'language' => $exploded[1] - ); - } - - if($this->Employee->save_employee($person_data, $employee_data, $grants_array, $employee_id)) - { - // New employee - if($employee_id == -1) - { - echo json_encode(array('success' => TRUE, - 'message' => $this->lang->line('employees_successful_adding') . ' ' . $first_name . ' ' . $last_name, - 'id' => $this->xss_clean($employee_data['person_id']))); - } - else // Existing employee - { - echo json_encode(array('success' => TRUE, - 'message' => $this->lang->line('employees_successful_updating') . ' ' . $first_name . ' ' . $last_name, - 'id' => $employee_id)); - } - } - else // Failure - { - echo json_encode(array('success' => FALSE, - 'message' => $this->lang->line('employees_error_adding_updating') . ' ' . $first_name . ' ' . $last_name, - 'id' => -1)); + echo json_encode(array('success' => TRUE, + 'message' => $this->lang->line('employees_successful_updating') . ' ' . $first_name . ' ' . $last_name, + 'id' => $employee_id)); } } + else // Failure + { + echo json_encode(array('success' => FALSE, + 'message' => $this->lang->line('employees_error_adding_updating') . ' ' . $first_name . ' ' . $last_name, + 'id' => -1)); + } } /* diff --git a/application/controllers/Home.php b/application/controllers/Home.php index ea32c6538..27961fecb 100644 --- a/application/controllers/Home.php +++ b/application/controllers/Home.php @@ -11,7 +11,7 @@ class Home extends Secure_Controller public function index() { - $this->load->view('home'); + $this->load->view('home/home'); } public function logout() @@ -20,7 +20,7 @@ class Home extends Secure_Controller } /* - Loads the change password form + Loads the change employee password form */ public function change_password($employee_id = -1) { @@ -31,7 +31,42 @@ class Home extends Secure_Controller } $data['person_info'] = $person_info; - $this->load->view('employees/form_change_password', $data); + $this->load->view('home/form_change_password', $data); + } + + /* + Change employee password + */ + public function save($employee_id = -1) + { + if($this->input->post('current_password') != '' && $employee_id != -1) + { + if($this->Employee->check_password($this->input->post('username'), $this->input->post('current_password'))) + { + $employee_data = array( + 'username' => $this->input->post('username'), + 'password' => password_hash($this->input->post('password'), PASSWORD_DEFAULT), + 'hash_version' => 2 + ); + + if($this->Employee->change_password($employee_data, $employee_id)) + { + echo json_encode(array('success' => TRUE, 'message' => $this->lang->line('employees_successful_change_password'), 'id' => $employee_id)); + } + else//failure + { + echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('employees_unsuccessful_change_password'), 'id' => -1)); + } + } + else + { + echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('employees_current_password_invalid'), 'id' => -1)); + } + } + else + { + echo json_encode(array('success' => FALSE, 'message' => $this->lang->line('employees_current_password_invalid'), 'id' => -1)); + } } } ?> diff --git a/application/controllers/Office.php b/application/controllers/Office.php index 466bcad6f..ad9aa1d8e 100644 --- a/application/controllers/Office.php +++ b/application/controllers/Office.php @@ -11,7 +11,7 @@ class Office extends Secure_Controller public function index() { - $this->load->view('office'); + $this->load->view('home/office'); } public function logout() diff --git a/application/models/Employee.php b/application/models/Employee.php index 213521d4d..19b561aa5 100644 --- a/application/models/Employee.php +++ b/application/models/Employee.php @@ -421,9 +421,9 @@ class Employee extends Person $row = $this->db->get()->row(); // If no grants are assigned yet then set the default to 'home' - if ($row == null) + if ($row == NULL) { - return "home"; + return 'home'; } else { diff --git a/application/models/Module.php b/application/models/Module.php index fa01397bc..3937586f8 100644 --- a/application/models/Module.php +++ b/application/models/Module.php @@ -123,6 +123,5 @@ class Module extends CI_Model $this->db->from('modules'); return $this->db->get()->row()->sort; } - } ?> diff --git a/application/models/Sale.php b/application/models/Sale.php index e2d4c56c1..c861f5d13 100644 --- a/application/models/Sale.php +++ b/application/models/Sale.php @@ -565,7 +565,7 @@ class Sale extends CI_Model $sales_data = array( 'sale_time' => date('Y-m-d H:i:s'), - 'customer_id' => $this->Customer->exists($customer_id) ? $customer_id : null, + 'customer_id' => $this->Customer->exists($customer_id) ? $customer_id : NULL, 'employee_id' => $employee_id, 'comment' => $comment, 'sale_status' => $sale_status, diff --git a/application/views/configs/message_config.php b/application/views/configs/message_config.php index 41bf921d9..225141d5a 100755 --- a/application/views/configs/message_config.php +++ b/application/views/configs/message_config.php @@ -41,7 +41,7 @@ 'name' => 'msg_src', 'id' => 'msg_src', 'class' => 'form-control input-sm required', - 'value'=>$this->config->item('msg_src') == null ? $this->config->item('company') : $this->config->item('msg_src')));?> + 'value'=>$this->config->item('msg_src') == NULL ? $this->config->item('company') : $this->config->item('msg_src')));?> diff --git a/application/views/employees/form_change_password.php b/application/views/home/form_change_password.php similarity index 92% rename from application/views/employees/form_change_password.php rename to application/views/home/form_change_password.php index 353042d88..44d51bc04 100644 --- a/application/views/employees/form_change_password.php +++ b/application/views/home/form_change_password.php @@ -2,7 +2,7 @@ -person_id, array('id'=>'employee_form', 'class'=>'form-horizontal')); ?> +person_id, array('id'=>'employee_form', 'class'=>'form-horizontal')); ?>
@@ -87,14 +87,7 @@ $(document).ready(function() success:function(response) { dialog_support.hide(); - if(!response.success) - { - $.notify(response.message, {type: 'danger' }); - } - else - { - $.notify(response.message, {type: 'success' }); - } + $.notify(response.message, { type: response.success ? 'success' : 'danger'} ); }, dataType:'json' }); @@ -131,4 +124,4 @@ $(document).ready(function() } }, form_support.error)); }); - \ No newline at end of file + diff --git a/application/views/home.php b/application/views/home/home.php similarity index 100% rename from application/views/home.php rename to application/views/home/home.php diff --git a/application/views/office.php b/application/views/home/office.php similarity index 100% rename from application/views/office.php rename to application/views/home/office.php diff --git a/application/views/items/form.php b/application/views/items/form.php index 352ef4c31..7ef0f1a2c 100644 --- a/application/views/items/form.php +++ b/application/views/items/form.php @@ -332,7 +332,7 @@ { ?> config->item('custom'.$i.'_name') != null) + if($this->config->item('custom'.$i.'_name') != NULL) { $item_arr = (array)$item_info; ?>