Untitled
unknown
plain_text
a year ago
12 kB
8
Indexable
<?php session_start(); ini_set('display_errors', 1); Class Action { private $db; public function __construct() { ob_start(); include 'db_connect.php'; $this->db = $conn; } function __destruct() { $this->db->close(); ob_end_flush(); } function login(){ extract($_POST); $qry = $this->db->query("SELECT *,concat(firstname,' ',lastname) as name FROM users where email = '".$email."' and password = '".md5($password)."' "); if($qry->num_rows > 0){ foreach ($row = $qry->fetch_array() as $key => $value) { if($key != 'password' && !is_numeric($key)) $_SESSION['login_id'] = $row[0]; $_SESSION['login_type'] =$row[5]; $_SESSION['login_'.$key] = $value; //print_r($_SESSION); die(); } return 1; }else{ return 2; } } function logout(){ session_destroy(); foreach ($_SESSION as $key => $value) { unset($_SESSION[$key]); } header("location:login.php"); } function login2(){ extract($_POST); $qry = $this->db->query("SELECT *,concat(lastname,', ',firstname,' ',middlename) as name FROM students where student_code = '".$student_code."' "); if($qry->num_rows > 0){ foreach ($qry->fetch_array() as $key => $value) { if($key != 'password' && !is_numeric($key)) $_SESSION['rs_'.$key] = $value; } return 1; }else{ return 3; } } function save_user(){ extract($_POST); $data = ""; foreach($_POST as $k => $v){ if(!in_array($k, array('id','cpass','password')) && !is_numeric($k)){ if(empty($data)){ $data .= " $k='$v' "; }else{ $data .= ", $k='$v' "; } } } if(!empty($password)){ $data .= ", password=md5('$password') "; } $check = $this->db->query("SELECT * FROM users where email ='$email' ".(!empty($id) ? " and id != {$id} " : ''))->num_rows; if($check > 0){ return 2; exit; } if(isset($_FILES['img']) && $_FILES['img']['tmp_name'] != ''){ $fname = strtotime(date('y-m-d H:i')).'_'.$_FILES['img']['name']; $move = move_uploaded_file($_FILES['img']['tmp_name'],'assets/uploads/'. $fname); $data .= ", avatar = '$fname' "; } if(empty($id)){ $save = $this->db->query("INSERT INTO users set $data"); }else{ $save = $this->db->query("UPDATE users set $data where id = $id"); } if($save){ return 1; } } function signup(){ extract($_POST); $data = ""; foreach($_POST as $k => $v){ if(!in_array($k, array('id','cpass')) && !is_numeric($k)){ if($k =='password'){ if(empty($v)) continue; $v = md5($v); } if(empty($data)){ $data .= " $k='$v' "; }else{ $data .= ", $k='$v' "; } } } $check = $this->db->query("SELECT * FROM users where email ='$email' ".(!empty($id) ? " and id != {$id} " : ''))->num_rows; if($check > 0){ return 2; exit; } if(isset($_FILES['img']) && $_FILES['img']['tmp_name'] != ''){ $fname = strtotime(date('y-m-d H:i')).'_'.$_FILES['img']['name']; $move = move_uploaded_file($_FILES['img']['tmp_name'],'assets/uploads/'. $fname); $data .= ", avatar = '$fname' "; } if(empty($id)){ $save = $this->db->query("INSERT INTO users set $data"); }else{ $save = $this->db->query("UPDATE users set $data where id = $id"); } if($save){ if(empty($id)) $id = $this->db->insert_id; foreach ($_POST as $key => $value) { if(!in_array($key, array('id','cpass','password')) && !is_numeric($key)) $_SESSION['login_'.$key] = $value; } $_SESSION['login_id'] = $id; if(isset($_FILES['img']) && !empty($_FILES['img']['tmp_name'])) $_SESSION['login_avatar'] = $fname; return 1; } } function update_user(){ extract($_POST); $data = ""; foreach($_POST as $k => $v){ if(!in_array($k, array('id','cpass','table','password')) && !is_numeric($k)){ if(empty($data)){ $data .= " $k='$v' "; }else{ $data .= ", $k='$v' "; } } } $check = $this->db->query("SELECT * FROM users where email ='$email' ".(!empty($id) ? " and id != {$id} " : ''))->num_rows; if($check > 0){ return 2; exit; } if(isset($_FILES['img']) && $_FILES['img']['tmp_name'] != ''){ $fname = strtotime(date('y-m-d H:i')).'_'.$_FILES['img']['name']; $move = move_uploaded_file($_FILES['img']['tmp_name'],'assets/uploads/'. $fname); $data .= ", avatar = '$fname' "; } if(!empty($password)) $data .= " ,password=md5('$password') "; if(empty($id)){ $save = $this->db->query("INSERT INTO users set $data"); }else{ $save = $this->db->query("UPDATE users set $data where id = $id"); } if($save){ foreach ($_POST as $key => $value) { if($key != 'password' && !is_numeric($key)) $_SESSION['login_'.$key] = $value; } if(isset($_FILES['img']) && !empty($_FILES['img']['tmp_name'])) $_SESSION['login_avatar'] = $fname; return 1; } } function delete_user(){ extract($_POST); $delete = $this->db->query("DELETE FROM users where id = ".$id); if($delete) return 1; } function save_system_settings(){ extract($_POST); $data = ''; foreach($_POST as $k => $v){ if(!is_numeric($k)){ if(empty($data)){ $data .= " $k='$v' "; }else{ $data .= ", $k='$v' "; } } } if($_FILES['cover']['tmp_name'] != ''){ $fname = strtotime(date('y-m-d H:i')).'_'.$_FILES['cover']['name']; $move = move_uploaded_file($_FILES['cover']['tmp_name'],'../assets/uploads/'. $fname); $data .= ", cover_img = '$fname' "; } $chk = $this->db->query("SELECT * FROM system_settings"); if($chk->num_rows > 0){ $save = $this->db->query("UPDATE system_settings set $data where id =".$chk->fetch_array()['id']); }else{ $save = $this->db->query("INSERT INTO system_settings set $data"); } if($save){ foreach($_POST as $k => $v){ if(!is_numeric($k)){ $_SESSION['system'][$k] = $v; } } if($_FILES['cover']['tmp_name'] != ''){ $_SESSION['system']['cover_img'] = $fname; } return 1; } } function save_image(){ extract($_FILES['file']); if(!empty($tmp_name)){ $fname = strtotime(date("Y-m-d H:i"))."_".(str_replace(" ","-",$name)); $move = move_uploaded_file($tmp_name,'assets/uploads/'. $fname); $protocol = strtolower(substr($_SERVER["SERVER_PROTOCOL"],0,5))=='https'?'https':'http'; $hostName = $_SERVER['HTTP_HOST']; $path =explode('/',$_SERVER['PHP_SELF']); $currentPath = '/'.$path[1]; if($move){ return $protocol.'://'.$hostName.$currentPath.'/assets/uploads/'.$fname; } } } function save_project(){ extract($_POST); $data = ""; foreach($_POST as $k => $v){ if(!in_array($k, array('id','user_ids')) && !is_numeric($k)){ if($k == 'description') $v = htmlentities(str_replace("'","’",$v)); if(empty($data)){ $data .= " $k='$v' "; }else{ $data .= ", $k='$v' "; } } } if(isset($user_ids)){ $data .= ", user_ids='".implode(',',$user_ids)."' "; } // echo $data;exit; if(empty($id)){ $save = $this->db->query("INSERT INTO project_list set $data"); }else{ $save = $this->db->query("UPDATE project_list set $data where id = $id"); } if($save){ return 1; } } function delete_project(){ extract($_POST); $delete = $this->db->query("DELETE FROM project_list where id = $id"); if($delete){ return 1; } } function save_task() { extract($_POST); //$_POST['project_id'] = 0; $data = ""; foreach ($_POST as $k => $v) { // echo "<pre>"; print_r($_POST); die(); if (!in_array($k, array('id')) && !is_numeric($k)) { if ($k == 'description') { $v = htmlentities(str_replace("'", "’", $v)); } if ($k == 'task' && is_array($v)) { $v = serialize($v); } if ($k == 'time_taken' && is_array($v)) { $v = serialize($v); // Merge multiple time_taken values into a single string } $data .= " $k='$v', "; } } $data = rtrim($data, ', '); if (empty($id)) { // echo "INSERT INTO task_list SET $data"; die("Insert"); $save = $this->db->query("INSERT INTO task_list SET $data"); } else { //echo "UPDATE task_list SET $data WHERE id = $id"; die("update"); $save = $this->db->query("UPDATE task_list SET $data WHERE id = $id"); } if ($save) { return 1; } else { return $data; } } function delete_task(){ extract($_POST); $delete = $this->db->query("DELETE FROM task_list where id = $id"); if($delete){ return 1; } } function save_progress(){ extract($_POST); $data = ""; foreach($_POST as $k => $v){ if(!in_array($k, array('id')) && !is_numeric($k)){ if($k == 'comment') $v = htmlentities(str_replace("'","’",$v)); if(empty($data)){ $data .= " $k='$v' "; }else{ $data .= ", $k='$v' "; } } } $dur = abs(strtotime("2020-01-01 ".$end_time)) - abs(strtotime("2020-01-01 ".$start_time)); $dur = $dur / (60 * 60); $data .= ", time_rendered='$dur' "; // echo "INSERT INTO user_productivity set $data"; exit; if(empty($id)){ $data .= ", user_id={$_SESSION['login_id']} "; $save = $this->db->query("INSERT INTO user_productivity set $data"); }else{ $save = $this->db->query("UPDATE user_productivity set $data where id = $id"); } if($save){ return 1; } } function delete_progress(){ extract($_POST); $delete = $this->db->query("DELETE FROM user_productivity where id = $id"); if($delete){ return 1; } } function get_report(){ extract($_POST); $data = array(); $get = $this->db->query("SELECT t.*,p.name as ticket_for FROM ticket_list t inner join pricing p on p.id = t.pricing_id where date(t.date_created) between '$date_from' and '$date_to' order by unix_timestamp(t.date_created) desc "); while($row= $get->fetch_assoc()){ $week_day = date("l", strtotime($row['date_created'])); $row['date_created'] = date("M d, Y", strtotime($row['date_created'])); $row['name'] = ucwords($row['name']); $row['adult_price'] = number_format($row['adult_price'], 2); $row['child_price'] = number_format($row['child_price'], 2); $row['amount'] = number_format($row['amount'], 2); $row['week_day'] = $week_day; // Add the name of the week to the array $data[] = $row; } return json_encode($data); } function get_monthly_report() { extract($_POST); $data = array(); // Assuming your table has a 'time_taken' column to store the time taken by each employee by ashish pandey $get = $this->db->query("SELECT t.*, p.name as ticket_for FROM ticket_list t INNER JOIN pricing p ON p.id = t.pricing_id WHERE DATE(t.date_created) BETWEEN '$date_from' AND '$date_to' ORDER BY UNIX_TIMESTAMP(t.date_created) DESC "); while ($row = $get->fetch_assoc()) { $row['date_created'] = date("M d, Y", strtotime($row['date_created'])); $row['name'] = ucwords($row['name']); $row['adult_price'] = number_format($row['adult_price'], 2); $row['child_price'] = number_format($row['child_price'], 2); $row['amount'] = number_format($row['amount'], 2); $monthYear = date("Y-m", strtotime($row['date_created'])); // Create a new array for each employee and month if it doesn't exist by ashish pandey if (!isset($data[$row['name']][$monthYear])) { $data[$row['name']][$monthYear] = array( 'total_amount' => 0, 'total_time_taken' => 0, 'tickets' => array() ); } // Update the total amount and time taken for the employee and month ashish pandey $data[$row['name']][$monthYear]['total_amount'] += $row['amount']; $data[$row['name']][$monthYear]['total_time_taken'] += $row['time_taken']; // Store ticket details for reference if needed pandey $data[$row['name']][$monthYear]['tickets'][] = $row; } return json_encode($data); } }
Editor is loading...
Leave a Comment