* @package AgileBill * @version 1.4.93 */ class account_admin { # Open the constructor for this mod function account_admin() { # name of this module: $this->module = "account_admin"; if(!defined('AJAX')) { # location of the construct XML file: $this->xml_construct = PATH_MODULES . "" . $this->module . "/" . $this->module . "_construct.xml"; # open the construct file for parsing $C_xml = new CORE_xml; $construct = $C_xml->xml_to_array($this->xml_construct); $this->method = $construct["construct"]["method"]; $this->trigger = $construct["construct"]["trigger"]; $this->field = $construct["construct"]["field"]; $this->table = $construct["construct"]["table"]; $this->module = $construct["construct"]["module"]; $this->cache = $construct["construct"]["cache"]; $this->order_by = $construct["construct"]["order_by"]; $this->limit = $construct["construct"]["limit"]; } } /** * Check account limitations */ function checkLimits() { if(!defined('AGILE_RST_ACCOUNT') || AGILE_RST_ACCOUNT <= 0) return true; $sql="SELECT count(*) as totalacct from ".AGILE_DB_PREFIX."account WHERE site_id=".DEFAULT_SITE; $db=&DB(); $rs=$db->Execute($sql); if($rs && $rs->RecordCount() && $rs->fields['totalacct'] <= AGILE_RST_ACCOUNT) { return true; } else { echo "Licensed user limit of ".AGILE_RST_ACCOUNT." exceeded, operation failed."; return false; } return true; } /* BEGIN: custom product/group searching method */ function group_search($VAR) { $sql = ''; echo "
"; // get date ranges: foreach($VAR['dates']['val'] as $cond => $val) { if($val > 0) { $exp = $VAR['dates']['expr'][$cond]; $val = $this->convert_date($val,false); if(!empty($sql)) $sql .= " AND "; else $sql = " "; $sql .= " A.date_orig $exp $val "; } } if(!empty($sql)) $sql = " ( $sql ) "; // get group(s) if(!empty($VAR['groups'])) { foreach($VAR['groups'] as $group ) { if($group != 0) { if(!empty($sql2)) $sql2 .= " OR "; else $sql2 = " "; $sql2 .= " B.group_id = $group "; } } } if(!empty($sql2)) { if(!empty($sql)) $sql .= " AND \r\n"; $sql .= " ( $sql2 ) AND ( A.id = B.account_id AND B.active = 1 ) "; } // Assemble SQL: $q = "SELECT DISTINCT A.* FROM ". AGILE_DB_PREFIX ."account as A, ". AGILE_DB_PREFIX ."account_group as B WHERE ( A.site_id = ". DEFAULT_SITE ." AND B.site_id = ". DEFAULT_SITE ." ) "; if(!empty($sql)) $q .= " AND " . $sql; $db = &DB(); $rs = $db->Execute($q); // print results in text format if($rs && $rs->RecordCount() > 0) { while(!$rs->EOF) { echo $rs->fields['first_name'] .', '.$rs->fields['last_name'] .', '.$rs->fields['email'] .', '.$rs->fields['company'] .",\r\n"; $rs->MoveNext(); } } else { echo "No matches!"; } echo ""; } function product_search($VAR) { $sql = ''; echo "
"; // get date ranges: if(!empty($VAR["dates"])) { foreach($VAR['dates']['val'] as $cond => $val) { if($val > 0) { $exp = $VAR['dates']['expr'][$cond]; $val = $this->convert_date($val,false); if(!empty($sql)) $sql .= " AND "; else $sql = " "; $sql .= " B.date_orig $exp $val "; } } } if(!empty($sql)) $sql = " ( $sql ) "; // get group(s) if(!empty($VAR['products'])) { foreach($VAR['products'] as $prod ) { if($prod != 0) { if(!empty($sql2)) $sql2 .= " OR "; else $sql2 = " "; $sql2 .= " B.product_id = $prod "; } } } if(!empty($sql2)) { if(!empty($sql)) $sql .= " AND \r\n"; $sql .= " ( $sql2 ) AND ( A.id = C.account_id AND C.id = B.invoice_id ) "; } // Assemble SQL: $q = "SELECT DISTINCT A.* FROM ". AGILE_DB_PREFIX ."account as A, ". AGILE_DB_PREFIX ."invoice_item as B, ". AGILE_DB_PREFIX ."invoice as C WHERE ( A.site_id = ". DEFAULT_SITE ." AND C.site_id = ". DEFAULT_SITE ." AND B.site_id = ". DEFAULT_SITE ." ) "; if(!empty($sql)) $q .= " AND " . $sql; $db = &DB(); $rs = $db->Execute($q); // print results in text format if($rs && $rs->RecordCount() > 0) { while(!$rs->EOF) { echo $rs->fields['first_name'] .', '.$rs->fields['last_name'] .', '.$rs->fields['email'] .', '.$rs->fields['company'] .",\r\n"; $rs->MoveNext(); } } else { echo "No matches!"; } echo ""; } function convert_date ($date,$field) { if($date == '0' || $date == '') return ''; $Arr_format = split(DEFAULT_DATE_DIVIDER, UNIX_DATE_FORMAT); $Arr_date = split(DEFAULT_DATE_DIVIDER, $date); for($i=0; $i<3; $i++) { if($Arr_format[$i] == 'd') $day = $Arr_date[$i]; if($Arr_format[$i] == 'm') $month = $Arr_date[$i]; if($Arr_format[$i] == 'Y') $year = $Arr_date[$i]; } $timestamp = mktime(0, 0, 0, $month, $day, $year); return $timestamp; } /* END: custom product/group searching method */ ########################################### ### AJAX Auto-selector ########################################### function autoselect($VAR) { if(!$this->checkLimits()) return false; // check account limits $db = &DB(); $p = AGILE_DB_PREFIX; if (empty($VAR['account_search'])) { $where = "id > 0"; $type = 1; } elseif (is_numeric($VAR['account_search'])) { $where = "id LIKE ".$db->qstr($VAR['account_search']."%"); $type = 1; } elseif (eregi(" ", $VAR['account_search'])) { $arr = split(" ", $VAR['account_search']); $where = "first_name = ".$db->qstr($arr[0])." AND ". "last_name LIKE ".$db->qstr($arr[1].'%') ; $type = 2; } elseif (eregi("@", $VAR['account_search'])) { $where = "email LIKE ".$db->qstr('%'.$VAR['account_search'].'%') ; $type = 3; } else { $where = "username LIKE ".$db->qstr($VAR['account_search'].'%')." OR ". "first_name LIKE ".$db->qstr($VAR['account_search'].'%')." OR ". "last_name LIKE ".$db->qstr($VAR['account_search'].'%') ; $type = 4; } $q = "SELECT id,email,first_name,last_name,username FROM {$p}account WHERE ( $where ) AND site_id = " . DEFAULT_SITE." ORDER BY first_name,last_name"; $result = $db->SelectLimit($q,10); # Create the alert for no records found echo '
$q"; # get the result count: $results = $result->RecordCount(); # Create the alert for no records found if ($results == 0) { $id = $result->fields['id']; $name = $result->fields['first_name'].' '.$result->fields['last_name']; $val = $id.'|'.$name; $res = ' '; echo $res; } else if ($results == 1) { $id = $result->fields['id']; $name = $result->fields['first_name'].' '.$result->fields['last_name']; $val = $id.'|'.$name; $res = ' '; echo $res; } else { # create the search record include_once(PATH_CORE . 'search.inc.php'); $search = new CORE_search; $arr['module'] = $this->module; $arr['sql'] = $q_save; $arr['limit'] = '30'; $arr['order_by'] = 'last_name'; $arr['results'] = $results; $search->add($arr); global $smarty; $smarty->assign('search_id', $search->id); $smarty->assign('page', '1'); $smarty->assign('limit', $limit); $smarty->assign('order_by', $order_by); $smarty->assign('results', $results); $res = ' '; echo $res; } } ########################################### ### Top Accounts Graph: ########################################### function top($VAR) { global $smarty, $C_translate, $C_auth; # Get the period type, default to month if (empty($VAR['period'])) $p = 'm'; else $p = $VAR['period']; # Load the jpgraph class include (PATH_GRAPH."jpgraph.php"); include (PATH_GRAPH."jpgraph_bar.php"); # check the validation for this function if(!$C_auth->auth_method_by_name($this->module,'search')) { $error = $C_translate->translate('module_non_auth','',''); include (PATH_GRAPH."jpgraph_canvas.php"); $graph = new CanvasGraph(460,55,"auto"); $t1 = new Text($error); $t1->Pos(0.2,0.5); $t1->SetOrientation("h"); $t1->SetBox("white","black",'gray'); $t1->SetFont(FF_FONT1,FS_NORMAL); $t1->SetColor("black"); $graph->AddText($t1); $graph->Stroke(); exit; } # Get the period start & end switch ($p) { # By Weeks: case 'w': $interval = "1"; $width = ".9"; $title = 'Top Accounts for Last Last Week'; $dow = date('w'); $start_str = mktime(0,0,0,date('m'), date('d')-$dow, date('y')); $end_str = mktime(23,59,59,date('m'), date('d'), date('y')); break; # By Months: case 'm': $interval = "3"; $width = ".6"; $title = 'Top Accounts for Last Last Month'; $start_str = mktime(0,0,0,date('m'), 1, date('y')); $end_str = mktime(23,59,59,date('m'), date('d'), date('y')); break; # By Years: case 'y': $interval = "1"; $width = ".8"; $title = 'Top Accounts for Last Last Year'; $start_str = mktime(0,0,0,1,1, date('y')); $end_str = mktime(23,59,59, date('m'), date('d'), date('y')); break; } ##############################@@@@@@@@ # Get accounts & sales for this period ##############################@@@@@@@@ $db = &DB(); $sql = 'SELECT account_id,total_amt FROM ' . AGILE_DB_PREFIX . 'invoice WHERE date_orig >= ' . $db->qstr( $start_str ) . ' AND date_orig <= ' . $db->qstr( $end_str ) . ' AND site_id = ' . $db->qstr(DEFAULT_SITE); $result = $db->Execute($sql); if(@$result->RecordCount() == 0) { $file = fopen( PATH_THEMES.'default_admin/images/invisible.gif', 'r'); fpassthru($file); exit; } while(!$result->EOF) { $amt = $result->fields['total_amt']; $acct = $result->fields['account_id']; if(!isset( $arr[$acct] )) $arr[$acct] = 0; $arr[$acct] += $amt; $result->MoveNext(); } $i = 0; while(list($key, $var) = each(@$arr)) { # Get the user name $sql = 'SELECT first_name,last_name FROM ' . AGILE_DB_PREFIX . 'account WHERE id = ' . $db->qstr( $key ) . ' AND site_id = ' . $db->qstr(DEFAULT_SITE); $rs = $db->Execute($sql); $_lbl[] = strtoupper(substr($rs->fields['first_name'],0,1)) . ". " . $rs->fields['last_name']; $_datay[] = $var; $i++; } ### Sort the arrays array_multisort($_datay,SORT_DESC, SORT_NUMERIC, $_lbl); ### Limit the results to 10 or less for($i=0; $i
" . $q; #echo "
" . $q_save; #exit; # run the database query $result = $db->Execute($q); # error reporting if ($result === false) { global $C_debug; $C_debug->error('database.inc.php','search', $db->ErrorMsg()); return false; } # get the result count: $results = $result->RecordCount(); # get the first record id: if($results == 1) $record_id = $result->fields['id']; # define the DB vars as a Smarty accessible block global $smarty; # Create the definition for fast-forwarding to a single record: if ($results == 1 && !isset($this->fast_forward)) { $smarty->assign('record_id', $record_id); } # create the search record: if($results > 0) { # create the search record include_once(PATH_CORE . 'search.inc.php'); $search = new CORE_search; $arr['module'] = $this->module; $arr['sql'] = $q_save; $arr['limit'] = $limit; $arr['order_by']= $order_by; $arr['results'] = $results; $search->add($arr); # define the search id and other parameters for Smarty $smarty->assign('search_id', $search->id); # page: $smarty->assign('page', '1'); # limit: $smarty->assign('limit', $limit); # order_by: $smarty->assign('order_by', $order_by); } # define the result count $smarty->assign('results', $results); } ############################## ## SEARCH SHOW ## ############################## function search_show($VAR) { $type = "search"; $this->method["$type"] = split(",", $this->method["$type"]); # set the field list for this method: $arr = $this->method[$type]; $field_list = ''; $i=0; while (list ($key, $value) = each ($arr)) { if($i == 0) { $field_var = $this->table . '_' . $value; $field_list .= AGILE_DB_PREFIX . "account" . "." . $value; // determine if this record is linked to another table/field if($this->field[$value]["asso_table"] != "") { $this->linked[] = array('field' => $value, 'link_table' => $this->field[$value]["asso_table"], 'link_field' => $this->field[$value]["asso_field"]); } } else { $field_var = $this->table . '_' . $value; $field_list .= "," . AGILE_DB_PREFIX . "account" . "." . $value; // determine if this record is linked to another table/field if($this->field[$value]["asso_table"] != "") { $this->linked[] = array('field' => $value, 'link_table' => $this->field[$value]["asso_table"], 'link_field' => $this->field[$value]["asso_field"]); } } $i++; } # get the search details: if(isset($VAR['search_id'])) { include_once(PATH_CORE . 'search.inc.php'); $search = new CORE_search; $search->get($VAR['search_id']); } else { # invalid search! echo '
The search terms submitted were invalid!'; # translate... # alert if(isset($this->trigger["$type"])) { include_once(PATH_CORE . 'trigger.inc.php'); $trigger = new CORE_trigger; $trigger->trigger($this->trigger["$type"], 0, $VAR); } } # get the sort order details: if(isset($VAR['order_by']) && $VAR['order_by'] != "") { $order_by = ' ORDER BY ' . AGILE_DB_PREFIX . 'account.'.$VAR['order_by']; $smarty_order = $VAR['order_by']; } else { $order_by = ' ORDER BY ' . AGILE_DB_PREFIX . 'account.'.$this->order_by; $smarty_order = $search->order_by; } # determine the sort order if(isset($VAR['desc'])) { $order_by .= ' DESC'; $smarty_sort = 'desc='; } else if(isset($VAR['asc'])) { $order_by .= ' ASC'; $smarty_sort = 'asc='; } else { if (!eregi('date',$smarty_order)) { $order_by .= ' ASC'; $smarty_sort = 'asc='; } else { $order_by .= ' DESC'; $smarty_sort = 'desc='; } } # generate the full query $db = &DB(); $q = eregi_replace("%%fieldList%%", $field_list, $search->sql); $q = eregi_replace("%%tableList%%", AGILE_DB_PREFIX.$construct->table, $q); $q = eregi_replace("%%whereList%%", "", $q); $q .= " ".AGILE_DB_PREFIX . "account."."site_id = " . $db->qstr(DEFAULT_SITE); $q .= $order_by; ////////////////// #echo "$q
"; $current_page=1; $offset=-1; if (!empty($VAR['page'])) $current_page = $VAR['page']; if (empty($search->limit)) $search->limit=25; if($current_page>1) $offset = (($current_page * $search->limit) - $search->limit); $result = $db->SelectLimit($q, $search->limit, $offset); # error reporting if ($result === false) { global $C_debug; $C_debug->error('database.inc.php','search', $db->ErrorMsg()); if(isset($this->trigger["$type"])) { include_once(PATH_CORE . 'trigger.inc.php'); $trigger = new CORE_trigger; $trigger->trigger($this->trigger["$type"], 0, $VAR); } return; } # put the results into a smarty accessable array $i=0; $class_name = TRUE; while (!$result->EOF) { $smart[$i] = $result->fields; if($class_name) { $smart[$i]['_C'] = 'row1'; $class_name = FALSE; } else { $smart[$i]['_C'] = 'row2'; $class_name = TRUE; } $result->MoveNext(); $i++; } # get any linked fields if($i > 0) { $db_join = new CORE_database; $this->result = $db_join->join_fields($smart, $this->linked); } else { $this->result = $smart; } # get the result count: $results = $result->RecordCount(); # define the DB vars as a Smarty accessible block global $smarty; # define the results $smarty->assign($this->table, $this->result); $smarty->assign('page', $VAR['page']); $smarty->assign('order', $smarty_order); $smarty->assign('sort', $smarty_sort); $smarty->assign('limit', $search->limit); $smarty->assign('search_id',$search->id); $smarty->assign('results', $search->results); # get the total pages for this search: if(empty($search->limit)) $this->pages = 1; else $this->pages = intval($search->results / $search->limit); if ($search->results % $search->limit) $this->pages++; # total pages $smarty->assign('pages', $this->pages); # current page $smarty->assign('page', $current_page); $page_arr = ''; for($i=0; $i <= $this->pages; $i++) { if ($this->page != $i) $page_arr[] = $i; } # page array for menu $smarty->assign('page_arr', $page_arr); } ############################## ## SEARCH EXPORT ## ############################## function search_export($VAR) { if(!$this->checkLimits()) return false; // check account limits # require the export class require_once (PATH_CORE . "export.inc.php"); # Call the correct export function for inline browser display, download, email, or web save. if($VAR["format"] == "excel") { $type = "export_excel"; $this->method["$type"] = split(",", $this->method["$type"]); $export = new CORE_export; $export->search_excel($VAR, $this, $type); } else if ($VAR["format"] == "pdf") { $type = "export_pdf"; $this->method["$type"] = split(",", $this->method["$type"]); $export = new CORE_export; $export->search_pdf($VAR, $this, $type); } else if ($VAR["format"] == "xml") { $type = "export_xml"; $this->method["$type"] = split(",", $this->method["$type"]); $export = new CORE_export; $export->search_xml($VAR, $this, $type); } else if ($VAR["format"] == "csv") { $type = "export_csv"; $this->method["$type"] = split(",", $this->method["$type"]); $export = new CORE_export; $export->search_csv($VAR, $this, $type); } else if ($VAR["format"] == "tab") { $type = "export_tab"; $this->method["$type"] = split(",", $this->method["$type"]); $export = new CORE_export; $export->search_tab($VAR, $this, $type); } } ############################## ## ADD GROUPS ## ############################## function add_account_groups($groups, $account, $expire) { global $C_auth; $ii = 0; #loop through the array to add each account_group record for($i=0; $iauth_group_by_id($groups[$i])) { # add the account to the selected groups... $dba = &DB(); # determine the record id: $this->new_id = $dba->GenID(AGILE_DB_PREFIX . "" . 'account_group_id'); # generate the full query $q = "INSERT INTO ".AGILE_DB_PREFIX."account_group SET id = ". $dba->qstr($this->new_id).", date_orig = ". $dba->qstr(time()).", date_expire = ". $dba->qstr($expire).", group_id = ". $dba->qstr($groups[$i]).", account_id = ". $dba->qstr($account).", active = ". $dba->qstr('1').", site_id = ". $dba->qstr(DEFAULT_SITE); # execute the query $result = $dba->Execute($q); $ii++; # error reporting: if ($result === false) { global $C_debug; $C_debug->error('account_admin.inc.php','add_account_groups', $dba->ErrorMsg()); } } } ### Add default group if($ii == 0) { # add the account to the selected groups... $dba = &DB(); # determine the record id: $this->new_id = $dba->GenID(AGILE_DB_PREFIX . "" . 'account_group_id'); # generate the full query $q = "INSERT INTO ".AGILE_DB_PREFIX."account_group SET id = ". $dba->qstr($this->new_id).", date_orig = ". $dba->qstr(time()).", date_expire = ". $dba->qstr($expire).", group_id = ". $dba->qstr(DEFAULT_GROUP).", account_id = ". $dba->qstr($account).", active = ". $dba->qstr('1').", site_id = ". $dba->qstr(DEFAULT_SITE); # execute the query $result = $dba->Execute($q); if ($result === false) { global $C_debug; $C_debug->error('account_admin.inc.php','add_account_groups', $dba->ErrorMsg()); } } } ############################## ## UDPATE GROUPS ## ############################## function update_account_groups($VAR) { global $C_auth; $ii = 0; @$groups = $VAR['groups']; @$account = $VAR['account_admin_id']; # admin accounts groups cannot be altered # user cannot modify their own groups if($account == "1" || SESS_ACCOUNT == $account) return false; ### Drop the current groups for this account: # generate the full query $dba = &DB(); $q = "DELETE FROM ".AGILE_DB_PREFIX."account_group WHERE service_id IS NULL AND account_id = ". $dba->qstr($account)." AND site_id = ". $dba->qstr(DEFAULT_SITE); # execute the query $result = $dba->Execute($q); #loop through the array to add each account_group record for($i=0; $i auth_group_by_id($groups[$i])) { # add the account to the selected groups... $dba = &DB(); # determine the record id: $this->new_id = $dba->GenID(AGILE_DB_PREFIX . "" . 'account_group_id'); # determine the expiration if(!empty($VAR['account_admin_date_expire'])) { include_once(PATH_CORE.'validate.inc.php'); $validate = new CORE_validate; $expire = $validate->DateToEpoch(DEFAULT_DATE_FORMAT,$VAR['account_admin_date_expire']); } else { $expire = 0; } # generate the full query $q = "INSERT INTO ".AGILE_DB_PREFIX."account_group SET id = ". $dba->qstr($this->new_id).", date_orig = ". $dba->qstr(time()).", date_expire = ". $dba->qstr($expire).", group_id = ". $dba->qstr($groups[$i]).", account_id = ". $dba->qstr($account).", active = ". $dba->qstr('1').", site_id = ". $dba->qstr(DEFAULT_SITE); # execute the query $result = $dba->Execute($q); $ii++; # error reporting: if ($result === false) { global $C_debug; $C_debug->error('account_admin.inc.php','update_account_groups', $dba->ErrorMsg()); } } } ### Add default group if($ii == 0) { # add the account to the selected groups... $dba = &DB(); # determine the record id: $this->new_id = $dba->GenID(AGILE_DB_PREFIX . "" . 'account_group_id'); # generate the full query $q = "INSERT INTO ".AGILE_DB_PREFIX."account_group SET id = ". $dba->qstr($this->new_id).", date_orig = ". $dba->qstr(time()).", date_expire = ". $dba->qstr(@$expire).", group_id = ". $dba->qstr(DEFAULT_GROUP).", account_id = ". $dba->qstr($account).", active = ". $dba->qstr('1').", site_id = ". $dba->qstr(DEFAULT_SITE); $result = $dba->Execute($q); if ($result === false) { global $C_debug; $C_debug->error('account_admin.inc.php','update_account_groups', $dba->ErrorMsg()); } } ### Remove the user's session_auth_cache so it is regenerated on user's next pageview $db = &DB(); $q = "SELECT id FROM ".AGILE_DB_PREFIX."session WHERE account_id = ".$db->qstr($account)." AND site_id = ".$db->qstr(DEFAULT_SITE); $rss = $db->Execute($q); while(!$rss->EOF) { $q = "DELETE FROM ".AGILE_DB_PREFIX."session_auth_cache WHERE session_id = ".$db->qstr($rss->fields['id'])." AND site_id = ".$db->qstr(DEFAULT_SITE); $db->Execute($q); $rss->MoveNext(); } ### Do any db_mapping global $C_list; if($C_list->is_installed('db_mapping')) { include_once ( PATH_MODULES . 'db_mapping/db_mapping.inc.php' ); $db_map = new db_mapping; $db_map->account_group_sync ( $account ); } } } ?>