ACC SHELL
<?php
class CustomersController extends AppController
{
//var $scaffold;
var $name = 'Customers';
var $helpers = array('Pagination', 'Filter');
var $components = array('Pagination', 'Filter');
var $uses = 'Customer';
/**
*
*/
function beforeFilter()
{
if (! empty($this->params['admin'])) {
if (! $this->Session->read('logged_user')) {
$this->Session->write('redir_to', '/admin/customers/index');
$this->redirect('/admin/login');
exit();
}
}
}
function index() {
$this->Customer->recursive = 0;
if (! empty($_REQUEST['logname']) && ! empty($_REQUEST['pass'])) {
if ($customer = $this->Customer->findByLogname($_REQUEST['logname'])) {
if ($customer['Customer']['pass'] == md5($_REQUEST['pass'])) {
$_SESSION['logged_customer'] = $customer['Customer'];
if (! empty($_SESSION['redir_to'])) {
$redir = $_SESSION['redir_to'];
unset($_SESSION['redir_to']);
$this->redirect($redir);
}
else {
$this->redirect('/');
}
exit();
}
}
$this->set('wrong_login', 1);
}
}
/**
*
*/
function logout()
{
unset($_SESSION['logged_customer']);
$this->redirect('/');
exit();
}
/**
*
*/
function register()
{
if (! empty($_REQUEST['e']) && ! empty($_REQUEST['h'])) {
if ($customer = $this->Customer->findByEmail($_REQUEST['e'])) {
if ($customer['Customer']['pass'][0] == '!'
&& $customer['Customer']['hash'] == $_REQUEST['h']) {
$customer['Customer']['hash'] = '!';
$customer['Customer']['pass'] = substr($customer['Customer']['pass'], 1);
$this->Customer->save($customer);
$this->render('thanks');
return;
}
}
}
global $DOMAINS;
$domains = $DOMAINS;
$this->set('domains', array_keys($domains));
if (! empty($_REQUEST['Customer']['real_name'])
&& ! empty($_REQUEST['Customer']['email'])
&& ! empty($_REQUEST['Customer']['phone'])) {
if ($this->Customer->findByEmail($_REQUEST['Customer']['email'])) {
$this->set('customer', array('Customer' => $_REQUEST['Customer']));
$this->set('error_message', 'Tento e-mail nemůže být použit');
return;
}
$hash = md5(uniqid(rand(), true));
$password = substr(md5(uniqid(rand(), true)), 0, 7);
$_REQUEST['Customer']['logname'] = $_REQUEST['Customer']['email'];
$_REQUEST['Customer']['pass'] = '!' . md5($password);
$_REQUEST['Customer']['hash'] = $hash;
$_REQUEST['Customer']['created_d'] = date('Y-m-d H:i:s');
$this->Customer->save(array('Customer' => $_REQUEST['Customer']));
$this->set('send', 1);
$link = sprintf('http://%s%s?h=%s&e=%s',
$_SERVER['SERVER_NAME'], $this->here, $hash, $_REQUEST['Customer']['email']);
$text = <<<EOT
Děkujeme za registraci na stránky TSI System.
Registraci na stránky www.tsisystem.cz potvrdíte kliknutím na odkaz:
$link
Vaše přihlašovací údaje jsou následující:
Přihlašovací jméno: {$_REQUEST['Customer']['email']}
Přihlašovací heslo: $password
EOT;
mail(
$_REQUEST['Customer']['email'],
'Registrace na stranky TSI System',
$text,
"From: noreply@tsisystem.cz\n" .
"Reply-To: info@tsisystem.cz"
);
}
else if (! empty($_REQUEST['f_submit'])) {
$this->set('customer', array('Customer' => $_REQUEST['Customer']));
}
else {
$this->set('customer', NULL);
}
}
/**
*
*/
function lost_password()
{
// TODO: kontrola kliknutim!
if (empty($_REQUEST['email'])) {
return;
}
$customer = $this->Customer->findByEmail($_REQUEST['email']);
if (! $customer || $customer['Customer']['pass'][0] == '!') {
return $this->set('send', 2);
}
$hash = md5(uniqid(rand(), true));
$password = substr(md5(uniqid(rand(), true)), 0, 7);
$customer['Customer']['pass'] = md5($password);
$this->Customer->save($customer);
$text = <<<EOT
Z IP adresy {$_SERVER['REMOTE_ADDR']} bylo vyžádáno nové heslo pro přihlášení
na stránky TSI System.
Vaše přihlašovací údaje jsou následující:
Přihlašovací jméno: {$customer['Customer']['logname']}
Přihlašovací heslo: $password
EOT;
mail(
$_REQUEST['email'],
'Nove heslo pro prihlaseni na strankach TSI System',
$text,
"From: noreply@tsisystem.cz\n" .
"Reply-To: info@tsisystem.cz"
);
$this->set('send', 1);
}
/**
*
*/
function admin_disable()
{
if (! empty($_REQUEST['id'])) {
$id = (int) $_REQUEST['id'];
$customer = $this->Customer->findById($id);
if ($customer['Customer']['pass'][0] != '!') {
$customer['Customer']['pass'] = '!' . $customer['Customer']['pass'];
$this->Customer->save($customer);
}
}
$this->redirect('/admin/customers');
}
/**
*
*/
function admin_delete($id = NULL)
{
$this->Customer->delete((int) $id);
$this->redirect('/admin/customers');
}
/**
*
*/
function admin_enable()
{
if (! empty($_REQUEST['id'])) {
$id = (int) $_REQUEST['id'];
$customer = $this->Customer->findById($id);
if ($customer['Customer']['pass'][0] == '!') {
$customer['Customer']['pass'] = substr($customer['Customer']['pass'], 1);
$this->Customer->save($customer);
}
}
$this->redirect('/admin/customers');
}
/**
*
*/
function admin_index()
{
global $DOMAINS;
$domains = $DOMAINS;
$domains = array_keys($domains);
unset($domains[0]);
$this->Filter->init($this);
$this->Filter->setFilter(aa('firm', 'Firma'), '', a('~'));
$this->Filter->setFilter(aa('real_name', 'Jméno'), '', a('~'));
$this->Filter->setFilter(aa('role', 'Funkce'), '', a('~'));
$this->Filter->setFilter(aa('email', 'Email'), '', a('~'));
$this->Filter->setFilter(aa('interest', 'Zájem'), $domains, a('='));
$this->Filter->setFilter(aa('send_news', 'Novinky?'), array('Ne', 'Ano'), a('='));
$this->Filter->filter($f, $cond);
$this->set('filters', $f);
$this->Pagination->controller = &$this;
$this->Pagination->show = 35;
$this->Pagination->init(
$cond,
'Customer',
NULL,
array('id', 'created_d'),
0
);
$this->set('customers', $this->Customer->findAll($cond, NULL,
$this->Pagination->order,
$this->Pagination->show,
$this->Pagination->page
));
}
}
?>
ACC SHELL 2018