db_smartone = $this->load->database("onedev", true); } function change_password() { $prm = $this->sys_input; if (!$this->isLogin) { echo json_encode( array("status" => "ERR", "message" => "Invalid Token") ); exit; } $sm_password = md5($this->one_salt . $prm["old"] . $this->one_salt); $userID = $this->sys_user["M_UserID"]; $query = $this->db_onedev->query( "select * from m_user where M_UserID = ? and M_UserPassword = ?", array($userID, $sm_password) ); if (!$query) { echo json_encode( array("status" => "ERR", "message" => "Invalid Password") ); exit; } $rows = $query->result_array(); if (count($rows) == 0) { echo json_encode( array("status" => "ERR", "message" => "Invalid Password") ); exit; } $new_password = md5($this->one_salt . $prm["new"] . $this->one_salt); $query = $this->db_onedev->query( "update m_user set M_UserPassword=? where M_UserID = ?", array($new_password, $userID) ); if (!$query) { echo json_encode( array("status" => "ERR", "message" => "Invalid Password") ); exit; } echo json_encode(array("status" => "OK", "message" => "")); } function change_password_pic() { $prm = $this->sys_input; if (!$this->isLogin) { echo json_encode( array("status" => "ERR", "message" => "Invalid Token") ); exit; } $sm_password = md5($this->one_salt . $prm["old"] . $this->one_salt); $userID = $this->sys_user["M_UserID"]; $query = $this->db_onedev->query( "SELECT * FROM mgm_mcuuser WHERE Mgm_McuUserID = ? AND Mgm_McuUserPassword = ?", array($userID, $sm_password) ); if (!$query) { echo json_encode( array("status" => "ERR", "message" => "Invalid Password") ); exit; } $rows = $query->result_array(); if (count($rows) == 0) { echo json_encode( array("status" => "ERR", "message" => "Failed, 0 account found") ); exit; } $new_password = md5($this-> one_salt . $prm["new"] . $this->one_salt); $query = $this->db_onedev->query( "UPDATE mgm_mcuuser SET Mgm_McuUserPassword = ? WHERE Mgm_McuUserID = ?", array($new_password, $userID) ); if (!$query) { echo json_encode( array("status" => "ERR", "message" => "Failed update password") ); exit; } echo json_encode(array("status" => "OK", "message" => "success change password")); } function change_password_pat() { $prm = $this->sys_input; if (!$this->isLogin) { echo json_encode( array("status" => "ERR", "message" => "Invalid Token") ); exit; } $sm_password = md5($this->one_salt . $prm["old"] . $this->one_salt); $userID = $this->sys_user["M_UserID"]; $query = $this->db_onedev->query( "SELECT * FROM auth_patient WHERE authPatientID = ? AND authPatientPassword = ?", array($userID, $sm_password) ); if (!$query) { echo json_encode( array("status" => "ERR", "message" => "Invalid Password") ); exit; } $rows = $query->result_array(); if (count($rows) == 0) { echo json_encode( array("status" => "ERR", "message" => "Invalid, 0 account found") ); exit; } $new_password = md5($this-> one_salt . $prm["new"] . $this->one_salt); $query = $this->db_onedev->query( "UPDATE auth_patient SET authPatientPassword = ? WHERE authPatientID = ?", array($new_password, $userID) ); if (!$query) { echo json_encode( array("status" => "ERR", "message" => "Failed update passwrod") ); exit; } echo json_encode(array("status" => "OK", "message" => "success change password")); } function reset_password_pat() { $prm = $this->sys_input; if (!$this->isLogin) { echo json_encode( array("status" => "ERR", "message" => "Invalid Token") ); exit; } // $userID = $this->sys_user["M_UserID"]; $typeUser = $this->sys_user["M_UserGroupDashboard"]; if ($typeUser != "pic") { echo json_encode( array("status" => "ERR", "message" => "Invalid Login") ); exit; } $query = $this->db_onedev->query( "SELECT * FROM auth_patient WHERE authPatientID = ? AND authPatientEmail = ?", array($prm["authuserid"], $prm["email"]) ); if (!$query) { echo json_encode( array("status" => "ERR", "message" => "error check account") ); exit; } $rows = $query->result_array(); if (count($rows) == 0) { echo json_encode( array("status" => "ERR", "message" => "Invalid, 0 account found") ); exit; } $new_password = md5($this-> one_salt . $prm["new"] . $this->one_salt); $query = $this->db_onedev->query( "UPDATE auth_patient SET authPatientPassword = ? WHERE authPatientID = ? AND authPatientEmail = ? ", array($new_password, $prm["authuserid"], $prm["email"]) ); if (!$query) { echo json_encode( array("status" => "ERR", "message" => "Failed update passwrod") ); exit; } echo json_encode(array("status" => "OK", "message" => "Success Reset Password")); } function get_bread_crumb_v2() { $prm = $this->sys_input; /* if ( ! $this->is_login ) { echo json_encode( array("status"=>"ERR", "message"=> "Invalid Token","data"=>$data) ); } */ $xpath = parse_url($prm["xref"]); $path = $xpath["path"]; if (substr($path, -1) == "/") $path = substr($path, 0, strlen($path) - 1); $path = str_replace("/one-ui/", "", $path); $path = str_replace("one-ui/", "", $path); echo "path : $path \n"; $user_id = $this->sys_user['M_UserID']; // get bread_crumb $sql = "select fn_sys_breadcrumb(?,?) as breadcrumb"; $qry = $this->db_smartone->query($sql, array($path, $user_id)); $rows = $qry->result(); $breadcrumb = ""; $is_page_allowed = false; $dashboard = "one-ui/test/vuex/one-fo-verification"; if (count($rows) > 0) { $breadcrumb = $rows[0]->breadcrumb; if ($breadcrumb != "") $is_page_allowed = true; } $data = array( "bread_crumb" => $breadcrumb, "dashboard" => $dashboard, "is_page_allowed" => $is_page_allowed ); echo json_encode( array("status" => "OK", "data" => $data) ); } function get_bread_crumb() { $prm = $this->sys_input; /* if ( ! $this->is_login ) { echo json_encode( array("status"=>"ERR", "message"=> "Invalid Token","data"=>$data) ); } */ $xpath = parse_url($prm["xref"]); $path = $xpath["path"]; if (substr($path, -1) == "/") $path = substr($path, 0, strlen($path) - 1); $path = str_replace("/one-ui/", "", $path); $path = str_replace("one-ui/", "", $path); $user_id = $this->sys_user['M_UserID']; // get bread_crumb $sql = "select fn_sys_breadcrumb(?,?) as breadcrumb"; $qry = $this->db_smartone->query($sql, array($path, $user_id)); file_put_contents("/xtmp/fx-last_query", "\n" . $this->db_smartone->last_query()); $rows = $qry->result(); $breadcrumb = ""; $is_page_allowed = false; $dashboard = "one-ui/test/vuex/one-fo-verification"; if (count($rows) > 0) { $breadcrumb = $rows[0]->breadcrumb; if ($breadcrumb != "") $is_page_allowed = true; } $data = array( "bread_crumb" => $breadcrumb, "dashboard" => $dashboard, "is_page_allowed" => $is_page_allowed ); $sql = "select * from m_branch where M_BranchIsDefault = 'Y' and M_BranchIsActive ='Y'"; $qry = $this->db_smartone->query($sql); $branch = array(); if ($qry) { $rows = $qry->result_array(); if (count($rows) > 0) { $branch = $rows[0]; } } $data["branch"] = $branch; echo json_encode( array("status" => "OK", "data" => $data) ); } function get_menu_new() { $sql = "SELECT M_UserM_UserGroupID FROM m_user WHERE M_UserID = ?"; $qry = $this->db->query($sql, [$this->sys_user["M_UserID"]]); if (!$qry) { echo json_encode(["status" => "ERR", "message" => $this->db->error()]); exit; } $rows = $qry->result_array(); print_r($rows); $ResultSet = []; $index = 0; $sql = "CALL sp_sys_menu_group(?)"; foreach ($rows as $r) { $gid = $r["M_UserM_UserGroupID"]; $qry = $this->db->query($sql, [$gid]); if (!$qry) { echo json_encode(["status" => "ERR", "message" => $this->db->error()]); exit; } $rows = $qry->result_array(); foreach ($rows as $row) { $x = json_decode($row['x']); echo "json : " . $row['x']; print_r($x); echo json_last_error_msg(); foreach ($x as $k => $v) { if (!isset($ResultSet[$index]['p_' . $v->parent_id])) $ResultSet[$index]['p_' . $v->parent_id] = []; $ResultSet[$index]['p_' . $v->parent_id][] = $v; } $index++; } $this->clean_mysqli_connection($this->db->conn_id); } echo json_encode(["status" => "OK", "data" => $ResultSet]); } function get_menu() { $prm = $this->sys_input; $user_id = $this->sys_user['M_UserID']; $xpath = $prm['path']; $xpath = str_replace("/one-ui/", "", $xpath); $xpathx = str_replace("/one-ui/", "", $xpath); $last_char = substr($xpath , -1); if($last_char == "/") $xpath = substr($xpath, 0, -1); $sql = "SELECT COUNT(*) as xcount FROM s_privilege JOIN m_user ON M_UserID = ? AND M_UserIsActive = 'Y' AND M_UserM_UserGroupID = S_PrivilegeM_UserGroupID JOIN s_menu ON S_PrivilegeS_MenuID = S_MenuID AND ( S_MenuUrl = ? OR S_MenuUrl = ? )AND S_MenuIsActive = 'Y' WHERE S_PrivilegeIsActive = 'Y'"; $qry = $this->db->query($sql, [ $user_id , $xpath, $xpathx]); if (!$qry) { echo json_encode(["status" => "ERR", "message" => $this->db->error()]); exit; } $menu_exist = $qry->row()->xcount; //echo $this->db->last_query(); if($menu_exist == 0){ $sql = "SELECT M_UserGroupDashboard as url_x FROM m_usergroup JOIN m_user ON M_UserID = ? AND M_UserIsActive = 'Y' AND M_UserM_UserGroupID = M_UserGroupID WHERE M_UserGroupIsActive = 'Y'"; $qry = $this->db->query($sql, [ $user_id]); if (!$qry) { echo json_encode(["status" => "ERR", "message" => $this->db->error()]); exit; } $menu_redirect = $qry->row()->url_x; echo json_encode( array("status" => "ERRMENU", "message" => "Not Have Access", "menu" => $menu_redirect) ); exit; } $last_path = 'one-ui/'.$xpathx; $sql = "INSERT INTO m_userlastactivity(M_UserLastActivityM_UserID,M_UserLastActivityUrl,M_UserLastActivityLastUpdated) VALUES (?,?,NOW()) ON DUPLICATE KEY UPDATE M_UserLastActivityUrl = ?, M_UserLastActivityLastUpdated = NOW()"; $qry = $this->db->query($sql, [ $user_id, $last_path, $last_path ]); if (!$qry) { echo json_encode(["status" => "ERR", "message" => $this->db->error()]); exit; } $sql = "CALL sp_sys_menu_user({$this->sys_user['M_UserID']})"; // $query = $this->db_smartone->query($sql); $index = 0; $ResultSet = array(); /* execute multi query */ if (mysqli_multi_query($this->db_smartone->conn_id, $sql)) { do { $result = mysqli_store_result($this->db_smartone->conn_id); if (false != $result) { $rowID = 0; while ($row = $result->fetch_assoc()) { $x = json_decode($row['x']); foreach ($x as $k => $v) { if (!isset($ResultSet[$index]['p_' . $v->parent_id])) $ResultSet[$index]['p_' . $v->parent_id] = []; $ResultSet[$index]['p_' . $v->parent_id][] = $v; } // $ResultSet[$index] = // $rowID++; } } else { echo mysqli_error($this->db_smartone->conn_id); } $index++; } while (mysqli_next_result($this->db_smartone->conn_id)); } else { echo mysqli_error($this->db_smartone->conn_id); } echo json_encode(["status" => "OK", "data" => $ResultSet]); } }