Location: PHPKode > projects > SimpleHRM > simplehrm-1.0-beta1/simplehrm-1.0-beta1/flexycms/modules/user/user_manager.php
<?php
/*
 * Class   : user_manager
 * Purpose : All company and employee login functionalities goes here
 */
class user_manager extends mod_manager {
#######################################################################################################
### Function Name : user_manager										  							###
### Description   : This is a constructor which  													###					 
### Input         : Reference of smarty,input and output parameters 	  							###
### Output		  : Initiates mod manager and initialize object and business class for user manager ###
#######################################################################################################
	function user_manager (& $smarty, & $_output, & $_input) {
		$this->mod_manager($smarty, $_output, $_input, 'user');
		$this->obj_user = new user;
		$this->user_bl = new user_bl;
 	}
 	
############################################################
### Function Name : get_module_name(Predefined Function) ###
############################################################
	function get_module_name() {
		return 'user';
	}

#############################################################
### Function Name : get_manager_name(Predefined Function) ###
#############################################################
	function get_manager_name() {
		return 'user';
	}

######################################################################
### Function Name : manager_error_handler						   ###
### Description   : Function to handle error when choice not found ###
### Input         : No input 						   			   ###
### Ouput		  : Error handling template.					   ###
######################################################################
	function manager_error_handler() {
		$call = "_".$this->_input['choice'];
		if (function_exists($call)) {
			$call($this);
		} else {
			//Put your own error handling code here
			$this->_output['tpl'] ='default/error_handler';
		}
	}
####################################################
### Function Name : default(Predefined Function) ###
### Description   : Handle default request 		 ###
####################################################
	function _default() {
		$this->_loginForm();
	}
#####################################################################
### Function Name : _phpinfo(Function to show php info of server) ###
#####################################################################
	function _phpinfo(){
		phpinfo();
	}
######################################################################################
### Function Name : loginForm													   ###
### Description   : Function to check for company/employee log in to system or not ###
######################################################################################
	function _loginForm(){
		setcookie('refer', $this->_input['refer'], time()+60*60*24*365, "/");
		$login = 1;
		if(isset($_COOKIE['username']) && isset($_COOKIE['password'])){
			$login = $this->getCheckCookie();
		}elseif($_SESSION['id_company'] && !$_SESSION['id_admin']) {
			redirect(LBL_SITE_URL."companyDashboard");
		}elseif($_SESSION['id_employee'] && !$_SESSION['id_admin']) {
			redirect(LBL_SITE_URL."index.php/employee/employeeDetail");
		}
	}
#########################################################################
### Function Name : getUserDetail									  ###
### Description   : Function to return user(company/employee) details ###
### Input         : $name(cookie username as set during log in) 	  ###
### Output		  : Result array of user   							  ###
#########################################################################
	function getUserDetail($name){
		global $link;
		$res_company = getsingleindexrow('CALL get_search_sql("'.TABLE_PREFIX.'company","email_id = \''.$name.'\' LIMIT 1")');
		if($res_company) {
			$res_company['is_company'] = 1;
			$res_company['username'] = $res_company['email_id'];
			return $res_company;		
		}else {
			$sql_emp = "SELECT * FROM (SELECT E.*,ETC.terminate_date FROM ".TABLE_PREFIX."employee E LEFT JOIN ".TABLE_PREFIX."employeeTerminationContract ETC ON E.id_employee=ETC.id_employee) AS TE WHERE IF(terminate_date!='',terminate_date > NOW(),1) AND username = '".$name."' LIMIT 1";
			$res_emp = getsingleindexrow($sql_emp);
			if($res_emp) {
				return $res_emp;
			}else {
				return 0;
			}			
		}
	}

#########################################################################
### Function Name : setLogin									  	  ###
### Description   : Function to return user(company/employee) details ###
### Input         : $name(cookie username as set during log in) 	  ###
### Output		  : Result array of user   							  ###
#########################################################################
	function _setLogin($name="",$pass="") {
		if($_SESSION['id_user'])
			redirect(LBL_SITE_URL);
		global $link;
		if($name && $pass) {
			$uname = $name;
			$pwd = $pass;
		}else {
			$uname = $this->_input['username'];
			$pwd = $this->_input['password'];
		}

		//For Server Side Validation(When Javascript disable)
		$admin_url =  $this->_input['admin_st']; 
		if (empty($uname)||empty($pwd)){
			$_SESSION['raise_message']['global']=getmessage('USER_LOGIN');
			if($admin_url) {
				redirect(LBL_ADMIN_SITE_URL."index.php");
			}else {
				redirect(LBL_SITE_URL);
			}
		}//end

		//Checking For Company And Employee Record Exist Or Not
		$result= $this->getUserDetail($uname);
		if($result != 0){
			if(($uname === $result['username']) && ($pwd === $result['password'])) {
				//Start Of Remember Me
				if($this->_input['rem']){
					$id_user = $result['is_company'] ? $result['id_company'] : $result['id_employee'];
					$info = array(
						'autologin' => 1,
						'id_user' 	=> $id_user,
						'username' 	=> $result['username'],
						'email' 	=> $result['username'],
						'password' 	=> $result['password']
					);
					$this->setAutoLogin($info);
				}//End
				if($result['is_company']){
					$_SESSION['id_company']=$result['id_company'];
					$_SESSION['id_user'] = $result['id_company'];
					$_SESSION['username'] = $result['email_id'];
					$_SESSION['company_name'] = $result['company_name'];
					$_SESSION['logo'] = $result['id_company']."_".$result['logo'];
					$_SESSION['last_login'] = $result['last_login'];
					$_SESSION['ip'] = $result['ip'];
					
					$this->obj_user->lastLogin("company","id_company=".$result['id_company']);
					redirect(LBL_SITE_URL."companyDashboard");
				}else {
					if($result['random_num']=='0') {
						$_SESSION['id_employee'] = $result['id_employee'];
						$_SESSION['id_user'] = $result['id_employee'];
						$_SESSION['username'] = $result['username'];
						$_SESSION['firstname'] = $result['firstname'];
						// Employee's company information						
						$res_company = getsingleindexrow('CALL get_search_sql("'.TABLE_PREFIX.'company","id_company = \''.$result['id_company'].'\' LIMIT 1")');
						
						$_SESSION['company_name'] = $res_company['company_name'];
						$_SESSION['logo'] = $res_company['id_company']."_".$res_company['logo'];
						//end
						$this->obj_user->lastLogin("employee","id_employee=".$result['id_employee']);
						redirect(LBL_SITE_URL."index.php/employee/employeeDetail");
					}else{
						$_SESSION['raise_message']['global'] = getmessage('USER_MAIL_CONF');
						redirect(LBL_SITE_URL);
					}
				}
			}else {
				$_SESSION['raise_message']['global'] =getmessage('USER_PASS_CONF');
				if($admin_url) {
					redirect(LBL_ADMIN_SITE_URL."index.php");
				}else {
					redirect(LBL_SITE_URL);
				}
			}
		}else {
			$_SESSION['raise_message']['global'] = getmessage('USER_LOGIN');
			if($admin_url) {
				redirect(LBL_ADMIN_SITE_URL);
			}else {
				redirect(LBL_SITE_URL);
			}
		}
	}
	
############################################################################
### Function Name : setAutoLogin										 ###
### Description   : Function to set cookie for remember me functionality ###
### Input         : $info(Array with user(company/employee) information) ###
### Output		  : Set cookie for browser								 ###
############################################################################
	function setAutoLogin($info){
                $random = rand(2,10);
		$substring = substr($info['password'], 0, $random);
		$substring_encoded = base64_encode($substring);
		$v_user_password = md5($info['id_user'].$info['username'].$info['password']);

		setcookie('email', $info['email'], time()+60*60*24*365, "/");
		setcookie('username',$info['username'], time()+60*60*24*365, "/");
		setcookie('password', $v_user_password, time()+60*60*24*365, "/");
		setcookie('id_user', $info['id_user'], time()+60*60*24*365, "/");
	}
################################################################
### Function Name : getCheckCookie			     ###
### Description   : Function to check cookies are set or not ###
################################################################
	function getCheckCookie(){
		global $link;
		$result = $this->getUserDetail($_COOKIE['username']);
		if($result != 0){
			if($result['is_company'] == 1){
				$result['id_user'] =$result['id_company'];
				$result['email']   =$result['email_id'];
				$result['username']=$result['email_id'];				
			}else{
				$result['id_user']=$result['id_employee'];
				$result['email']=$result['username'];
			}
			$checkpass=md5($result['id_user'].$result['username'].$result['password']);
			$substring = base64_encode($_COOKIE['v_sub_str']);
			$v_user_password = str_replace($substring,'',$_COOKIE['password']);
			if ($checkpass === $v_user_password) {							
				if($result['is_company']){
					$_SESSION['id_company']=$result['id_company'];
					$_SESSION['id_user'] = $result['id_company'];
					$_SESSION['username'] = $result['email_id'];
					$_SESSION['company_name'] = $result['company_name'];
					$_SESSION['logo'] = $result['id_company']."_".$result['logo'];
					$_SESSION['last_login'] = $result['last_login'];
					$_SESSION['ip'] = $result['ip'];
					redirect(LBL_SITE_URL."index.php/companyDashboard");
				}else{
					$_SESSION['id_employee'] = $result['id_employee'];
					$_SESSION['id_user'] = $result['id_employee'];
					$_SESSION['username'] = $result['username'];
					// Employee's company information
					$res_company = getsingleindexrow('CALL get_search_sql("'.TABLE_PREFIX.'company","id_company = \''.$result['id_company'].'\' LIMIT 1")');
					$_SESSION['company_name'] = $res_company['company_name'];
					$_SESSION['logo'] = $res_company['id_company']."_".$res_company['logo'];
					redirect(LBL_SITE_URL."index.php/employee/employeeDetail");
				}
			}
		}else {
			redirect(LBL_SITE_URL);
		}
	}
#############################################################
### Function Name : companyDashboard					  ###
### Description   : Function to display company dashboard ###
### Output		  : Template for company dashboard		  ###
#############################################################
	function _companyDashboard() {
		check_session();
		$this->_output['tpl']='user/companyDashboard';
	}

###################################################################
### Function Name : welcomeCompany					  			###
### Description   : Function to display Company Welcome Message ###
### Output		  : Template for Company Welcome Message 	    ###
###################################################################
	function _welcomeCompany() {
		check_session();
		$_SESSION['wel_flag'] = 0;
		$this->_output['tpl']='static/welcomeCompany';
	}
	
##############################################################
### Function Name : employeeDashboard					   ###
### Description   : Function to display employee dashboard ###
### Output		  : Template for employee dashboard		   ###
##############################################################
	function _employeeDashboard() {
		check_session();
		$this->_output['tpl']='user/employeeDashboard';
	}

########################################################
### Function Name : forgotPwd					     ###
### Description   : Function to show forgot password ###
### Output		  : Template for forgot password     ###
########################################################
	function _forgotPwd() {
		if($_SESSION['id_user']) {
			redirect(LBL_SITE_URL);
		}else{
			$this->_output['tpl']='user/forgotPwd';
		}
	}

#############################################################################
### Function Name : getForgotPwd				       					  ###
### Description   : Function to handle forgot password 					  ###
### Input         : Username from form input		   					  ###
### Output		  : Mail to user(company/employee) to reset password link ###
#############################################################################
	function _getForgotPwd() {
		$username = $this->_input['username'];
		if($username) {
			$result = $this->getUserDetail($username);
			if($result != 0) {				
				$info['name'] = $result['is_company'] ? $result['company_name'] : $result['firstname']." ".$result['lastname'];
				$uid          = $result['is_company'] ? $result['id_company'] : $result['id_employee'];
				$user_type    = $result['is_company'] ? "c" : "e";
				$to  = $result['username'];				
				$from = $GLOBALS['conf']['SITE_ADMIN']['email'];
				$subject="Forgot password \n\n";				
				$info['link'] = LBL_SITE_URL.'user/resetPwd/uid-'.md5($uid)."-utype-".$user_type;			
				$tpl = "user/forgotPassword";
				$this->smarty->assign('sm',$info);
				$body = $this->smarty->fetch($this->smarty->add_theme_to_template($tpl));
				$msg = sendmail($to,$subject,$body,$from);// also u can pass  $cc,$bcc
				$_SESSION['raise_message']['global'] = getmessage('USER_FORGOT_PASS');
				redirect(LBL_SITE_URL);
			}else {
				$_SESSION['raise_message']['global'] = getmessage('USER_ACCOUNT');
				redirect(LBL_SITE_URL);
			}
		}else {
			$_SESSION['raise_message']['global'] = getmessage('USER_UNAME');
			redirect(LBL_SITE_URL.'user/forgotPwd');
		}
	}

#######################################################
### Function Name : resetPwd					    ###
### Description   : Function to show reset password ###
### Input         : Username from url link		    ###
### Output		  : Template for reset password     ###
#######################################################
	function _resetPwd(){
		$this->_output['uid'] = $this->_input['uid'];
		$this->_output['utype']    = $this->_input['utype'];
		$this->_output['tpl']      = 'user/resetPwd';
	}

###############################################################
### Function Name : changePwd					    		###
### Description   : Function to show reset password 		###
### Input         : Form input								###
### Output		  : Updated user(company/employee) password ###
###############################################################
	function _changePwd(){
		$res = $this->obj_user->changePwd($this->_input['pwd']);
		$_SESSION['raise_message']['global'] = getmessage('USER_RESET_PASS');
		redirect(LBL_SITE_URL);
	}

####################################################################
### Function Name : checkUser					    			 ###
### Description   : Function for confirmation of employee		 ###
### Input         : random number created during adding employee ###
### Output		  : Confirmation of employee					 ###
####################################################################
	function _checkUser(){
		global $link;
		if($_SESSION['id_company']){
			$_SESSION['raise_message']['global']=  getmessage('USER_LOGIN_CONF_FAIL');
			redirect(LBL_SITE_URL);	
		}
		$res 	= getsingleindexrow('CALL get_search_sql("'.TABLE_PREFIX.'employee","random_num = \''.$this->_input['confirm'].'\' LIMIT 1")');
		if($res){
			$sql_update="UPDATE ".TABLE_PREFIX."employee SET random_num='0' WHERE id_employee='".$res['id_employee']."'";
			execute($sql_update,$err);
			$_SESSION['wel_flag_emp'] = 1;
			$name = $res['username'];
			$pass = $res['password'];
			$this->_setLogin($name,$pass);
		}else{
			$_SESSION['raise_message']['global']=  getmessage('USER_LOGIN_CONF');
			redirect(LBL_SITE_URL);	
		}		
	}
##########################################################################
### Function Name : logout					    					   ###
### Description   : Function to unset all session and cookie variables ###
##########################################################################
	function _logout(){
		$site = $_SESSION['site_used'];
		setcookie('username', '', time()-60*60*24*365,"/");
		setcookie('password','', time()-60*60*24*365,"/");	
		setcookie('email', '', time()-60*60*24*365,"/");
		setcookie('id_user','', time()-60*60*24*365,"/");		
		$_COOKIE = array('');
		
		$_SESSION = array('');
		unset($_SESSION);
		session_unset();
		session_destroy();
		
		session_start();
		if($this->_input['noses']) {	
			$_SESSION['raise_message']['global'] = getmessage('COM_NO_SESSION');
		}else{
			$_SESSION['raise_message']['global'] = getmessage('USER_LOGOUT');
		}
		if($this->_input['a']) {		
			redirect(LBL_ADMIN_SITE_URL."index.php");
		}else {
			redirect(LBL_SITE_URL);
		}
	}


######################################################
########Set language session #########################
######################################################
	function _setlang() {
		$_SESSION['multi_language']=$this->_input['lang']?$this->_input['lang']:'';
		if ($_SERVER['HTTP_REFERER']) {
			redirect($_SERVER['HTTP_REFERER']);
		} else {
			redirect(LBL_SITE_URL);
		}
	}
}
Return current item: SimpleHRM