410 lines
12 KiB
PHP
410 lines
12 KiB
PHP
<?php
|
|
|
|
class Menu extends MY_Controller
|
|
{
|
|
function __construct()
|
|
{
|
|
parent::__construct();
|
|
$this->db_smartone = $this->load->database("onedev", true);
|
|
}
|
|
function change_password()
|
|
{
|
|
$prm = $this->sys_input;
|
|
if (!$this->isLogin) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Invalid Token")
|
|
);
|
|
exit;
|
|
}
|
|
$sm_password = md5($this->one_salt . $prm["old"] . $this->one_salt);
|
|
$userID = $this->sys_user["M_UserID"];
|
|
|
|
$query = $this->db_onedev->query(
|
|
"select * from m_user where M_UserID = ? and M_UserPassword = ?",
|
|
array($userID, $sm_password)
|
|
);
|
|
if (!$query) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Invalid Password")
|
|
);
|
|
exit;
|
|
}
|
|
$rows = $query->result_array();
|
|
if (count($rows) == 0) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Invalid Password")
|
|
);
|
|
exit;
|
|
}
|
|
$new_password = md5($this->one_salt . $prm["new"] . $this->one_salt);
|
|
$query = $this->db_onedev->query(
|
|
"update m_user set M_UserPassword=? where M_UserID = ?",
|
|
array($new_password, $userID)
|
|
);
|
|
if (!$query) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Invalid Password")
|
|
);
|
|
exit;
|
|
}
|
|
echo json_encode(array("status" => "OK", "message" => ""));
|
|
}
|
|
|
|
function change_password_pic()
|
|
{
|
|
$prm = $this->sys_input;
|
|
if (!$this->isLogin) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Invalid Token")
|
|
);
|
|
exit;
|
|
}
|
|
|
|
$sm_password = md5($this->one_salt . $prm["old"] . $this->one_salt);
|
|
$userID = $this->sys_user["M_UserID"];
|
|
$query = $this->db_onedev->query(
|
|
"SELECT * FROM mgm_mcuuser WHERE Mgm_McuUserID = ? AND Mgm_McuUserPassword = ?",
|
|
array($userID, $sm_password)
|
|
);
|
|
if (!$query) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Invalid Password")
|
|
);
|
|
exit;
|
|
}
|
|
|
|
$rows = $query->result_array();
|
|
if (count($rows) == 0) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Failed, 0 account found")
|
|
);
|
|
exit;
|
|
}
|
|
|
|
$new_password = md5($this-> one_salt . $prm["new"] . $this->one_salt);
|
|
$query = $this->db_onedev->query(
|
|
"UPDATE mgm_mcuuser SET Mgm_McuUserPassword = ? WHERE Mgm_McuUserID = ?",
|
|
array($new_password, $userID)
|
|
);
|
|
if (!$query) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Failed update password")
|
|
);
|
|
exit;
|
|
}
|
|
|
|
echo json_encode(array("status" => "OK", "message" => "success change password"));
|
|
}
|
|
|
|
function change_password_pat()
|
|
{
|
|
$prm = $this->sys_input;
|
|
if (!$this->isLogin) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Invalid Token")
|
|
);
|
|
exit;
|
|
}
|
|
|
|
$sm_password = md5($this->one_salt . $prm["old"] . $this->one_salt);
|
|
$userID = $this->sys_user["M_UserID"];
|
|
$query = $this->db_onedev->query(
|
|
"SELECT * FROM auth_patient WHERE authPatientID = ? AND authPatientPassword = ?",
|
|
array($userID, $sm_password)
|
|
);
|
|
if (!$query) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Invalid Password")
|
|
);
|
|
exit;
|
|
}
|
|
|
|
$rows = $query->result_array();
|
|
if (count($rows) == 0) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Invalid, 0 account found")
|
|
);
|
|
exit;
|
|
}
|
|
|
|
$new_password = md5($this-> one_salt . $prm["new"] . $this->one_salt);
|
|
$query = $this->db_onedev->query(
|
|
"UPDATE auth_patient SET authPatientPassword = ? WHERE authPatientID = ?",
|
|
array($new_password, $userID)
|
|
);
|
|
if (!$query) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Failed update passwrod")
|
|
);
|
|
exit;
|
|
}
|
|
|
|
echo json_encode(array("status" => "OK", "message" => "success change password"));
|
|
}
|
|
|
|
function reset_password_pat()
|
|
{
|
|
$prm = $this->sys_input;
|
|
if (!$this->isLogin) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Invalid Token")
|
|
);
|
|
exit;
|
|
}
|
|
// $userID = $this->sys_user["M_UserID"];
|
|
$typeUser = $this->sys_user["M_UserGroupDashboard"];
|
|
if ($typeUser != "pic") {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Invalid Login")
|
|
);
|
|
exit;
|
|
}
|
|
|
|
$query = $this->db_onedev->query(
|
|
"SELECT * FROM auth_patient WHERE authPatientID = ? AND authPatientEmail = ?",
|
|
array($prm["authuserid"], $prm["email"])
|
|
);
|
|
if (!$query) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "error check account")
|
|
);
|
|
exit;
|
|
}
|
|
|
|
$rows = $query->result_array();
|
|
if (count($rows) == 0) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Invalid, 0 account found")
|
|
);
|
|
exit;
|
|
}
|
|
|
|
$new_password = md5($this-> one_salt . $prm["new"] . $this->one_salt);
|
|
$query = $this->db_onedev->query(
|
|
"UPDATE auth_patient SET authPatientPassword = ? WHERE authPatientID = ? AND authPatientEmail = ? ",
|
|
array($new_password, $prm["authuserid"], $prm["email"])
|
|
);
|
|
if (!$query) {
|
|
echo json_encode(
|
|
array("status" => "ERR", "message" => "Failed update passwrod")
|
|
);
|
|
exit;
|
|
}
|
|
|
|
echo json_encode(array("status" => "OK", "message" => "Success Reset Password"));
|
|
}
|
|
|
|
|
|
function get_bread_crumb_v2()
|
|
{
|
|
$prm = $this->sys_input;
|
|
/*
|
|
if ( ! $this->is_login ) {
|
|
echo json_encode(
|
|
array("status"=>"ERR", "message"=> "Invalid Token","data"=>$data)
|
|
);
|
|
}
|
|
*/
|
|
$xpath = parse_url($prm["xref"]);
|
|
$path = $xpath["path"];
|
|
if (substr($path, -1) == "/") $path = substr($path, 0, strlen($path) - 1);
|
|
$path = str_replace("/one-ui/", "", $path);
|
|
$path = str_replace("one-ui/", "", $path);
|
|
echo "path : $path \n";
|
|
$user_id = $this->sys_user['M_UserID'];
|
|
// get bread_crumb
|
|
$sql = "select fn_sys_breadcrumb(?,?) as breadcrumb";
|
|
$qry = $this->db_smartone->query($sql, array($path, $user_id));
|
|
$rows = $qry->result();
|
|
$breadcrumb = "";
|
|
$is_page_allowed = false;
|
|
$dashboard = "one-ui/test/vuex/one-fo-verification";
|
|
if (count($rows) > 0) {
|
|
$breadcrumb = $rows[0]->breadcrumb;
|
|
if ($breadcrumb != "") $is_page_allowed = true;
|
|
}
|
|
$data = array(
|
|
"bread_crumb" => $breadcrumb,
|
|
"dashboard" => $dashboard,
|
|
"is_page_allowed" => $is_page_allowed
|
|
);
|
|
echo json_encode(
|
|
array("status" => "OK", "data" => $data)
|
|
);
|
|
}
|
|
function get_bread_crumb()
|
|
{
|
|
$prm = $this->sys_input;
|
|
/*
|
|
if ( ! $this->is_login ) {
|
|
echo json_encode(
|
|
array("status"=>"ERR", "message"=> "Invalid Token","data"=>$data)
|
|
);
|
|
}
|
|
*/
|
|
$xpath = parse_url($prm["xref"]);
|
|
$path = $xpath["path"];
|
|
if (substr($path, -1) == "/") $path = substr($path, 0, strlen($path) - 1);
|
|
$path = str_replace("/one-ui/", "", $path);
|
|
$path = str_replace("one-ui/", "", $path);
|
|
|
|
$user_id = $this->sys_user['M_UserID'];
|
|
// get bread_crumb
|
|
$sql = "select fn_sys_breadcrumb(?,?) as breadcrumb";
|
|
$qry = $this->db_smartone->query($sql, array($path, $user_id));
|
|
file_put_contents("/xtmp/fx-last_query", "\n" . $this->db_smartone->last_query());
|
|
$rows = $qry->result();
|
|
$breadcrumb = "";
|
|
$is_page_allowed = false;
|
|
$dashboard = "one-ui/test/vuex/one-fo-verification";
|
|
if (count($rows) > 0) {
|
|
$breadcrumb = $rows[0]->breadcrumb;
|
|
if ($breadcrumb != "") $is_page_allowed = true;
|
|
}
|
|
$data = array(
|
|
"bread_crumb" => $breadcrumb,
|
|
"dashboard" => $dashboard,
|
|
"is_page_allowed" => $is_page_allowed
|
|
);
|
|
$sql = "select * from m_branch where M_BranchIsDefault = 'Y' and M_BranchIsActive ='Y'";
|
|
$qry = $this->db_smartone->query($sql);
|
|
$branch = array();
|
|
if ($qry) {
|
|
$rows = $qry->result_array();
|
|
if (count($rows) > 0) {
|
|
$branch = $rows[0];
|
|
}
|
|
}
|
|
$data["branch"] = $branch;
|
|
echo json_encode(
|
|
array("status" => "OK", "data" => $data)
|
|
);
|
|
}
|
|
function get_menu_new()
|
|
{
|
|
$sql = "SELECT M_UserM_UserGroupID FROM m_user WHERE M_UserID = ?";
|
|
$qry = $this->db->query($sql, [$this->sys_user["M_UserID"]]);
|
|
if (!$qry) {
|
|
echo json_encode(["status" => "ERR", "message" => $this->db->error()]);
|
|
exit;
|
|
}
|
|
$rows = $qry->result_array();
|
|
print_r($rows);
|
|
$ResultSet = [];
|
|
$index = 0;
|
|
$sql = "CALL sp_sys_menu_group(?)";
|
|
foreach ($rows as $r) {
|
|
$gid = $r["M_UserM_UserGroupID"];
|
|
$qry = $this->db->query($sql, [$gid]);
|
|
if (!$qry) {
|
|
echo json_encode(["status" => "ERR", "message" => $this->db->error()]);
|
|
exit;
|
|
}
|
|
$rows = $qry->result_array();
|
|
foreach ($rows as $row) {
|
|
$x = json_decode($row['x']);
|
|
echo "json : " . $row['x'];
|
|
print_r($x);
|
|
echo json_last_error_msg();
|
|
foreach ($x as $k => $v) {
|
|
if (!isset($ResultSet[$index]['p_' . $v->parent_id]))
|
|
$ResultSet[$index]['p_' . $v->parent_id] = [];
|
|
$ResultSet[$index]['p_' . $v->parent_id][] = $v;
|
|
}
|
|
$index++;
|
|
}
|
|
$this->clean_mysqli_connection($this->db->conn_id);
|
|
}
|
|
echo json_encode(["status" => "OK", "data" => $ResultSet]);
|
|
}
|
|
function get_menu()
|
|
{
|
|
|
|
$prm = $this->sys_input;
|
|
$user_id = $this->sys_user['M_UserID'];
|
|
$xpath = $prm['path'];
|
|
$xpath = str_replace("/one-ui/", "", $xpath);
|
|
$xpathx = str_replace("/one-ui/", "", $xpath);
|
|
$last_char = substr($xpath , -1);
|
|
if($last_char == "/")
|
|
$xpath = substr($xpath, 0, -1);
|
|
|
|
$sql = "SELECT COUNT(*) as xcount
|
|
FROM s_privilege
|
|
JOIN m_user ON M_UserID = ? AND M_UserIsActive = 'Y' AND
|
|
M_UserM_UserGroupID = S_PrivilegeM_UserGroupID
|
|
JOIN s_menu ON S_PrivilegeS_MenuID = S_MenuID AND ( S_MenuUrl = ? OR S_MenuUrl = ? )AND S_MenuIsActive = 'Y'
|
|
WHERE
|
|
S_PrivilegeIsActive = 'Y'";
|
|
$qry = $this->db->query($sql, [ $user_id , $xpath, $xpathx]);
|
|
if (!$qry) {
|
|
echo json_encode(["status" => "ERR", "message" => $this->db->error()]);
|
|
exit;
|
|
}
|
|
$menu_exist = $qry->row()->xcount;
|
|
//echo $this->db->last_query();
|
|
if($menu_exist == 0){
|
|
$sql = "SELECT M_UserGroupDashboard as url_x
|
|
FROM m_usergroup
|
|
JOIN m_user ON M_UserID = ? AND M_UserIsActive = 'Y' AND
|
|
M_UserM_UserGroupID = M_UserGroupID
|
|
WHERE
|
|
M_UserGroupIsActive = 'Y'";
|
|
$qry = $this->db->query($sql, [ $user_id]);
|
|
if (!$qry) {
|
|
echo json_encode(["status" => "ERR", "message" => $this->db->error()]);
|
|
exit;
|
|
}
|
|
$menu_redirect = $qry->row()->url_x;
|
|
echo json_encode(
|
|
array("status" => "ERRMENU", "message" => "Not Have Access", "menu" => $menu_redirect)
|
|
);
|
|
exit;
|
|
}
|
|
|
|
$last_path = 'one-ui/'.$xpathx;
|
|
$sql = "INSERT INTO m_userlastactivity(M_UserLastActivityM_UserID,M_UserLastActivityUrl,M_UserLastActivityLastUpdated)
|
|
VALUES (?,?,NOW())
|
|
ON DUPLICATE KEY
|
|
UPDATE M_UserLastActivityUrl = ?, M_UserLastActivityLastUpdated = NOW()";
|
|
$qry = $this->db->query($sql, [ $user_id, $last_path, $last_path ]);
|
|
if (!$qry) {
|
|
echo json_encode(["status" => "ERR", "message" => $this->db->error()]);
|
|
exit;
|
|
}
|
|
|
|
$sql = "CALL sp_sys_menu_user({$this->sys_user['M_UserID']})";
|
|
// $query = $this->db_smartone->query($sql);
|
|
$index = 0;
|
|
$ResultSet = array();
|
|
/* execute multi query */
|
|
if (mysqli_multi_query($this->db_smartone->conn_id, $sql)) {
|
|
do {
|
|
$result = mysqli_store_result($this->db_smartone->conn_id);
|
|
if (false != $result) {
|
|
$rowID = 0;
|
|
while ($row = $result->fetch_assoc()) {
|
|
$x = json_decode($row['x']);
|
|
|
|
foreach ($x as $k => $v) {
|
|
if (!isset($ResultSet[$index]['p_' . $v->parent_id]))
|
|
$ResultSet[$index]['p_' . $v->parent_id] = [];
|
|
|
|
$ResultSet[$index]['p_' . $v->parent_id][] = $v;
|
|
}
|
|
// $ResultSet[$index] =
|
|
// $rowID++;
|
|
}
|
|
} else {
|
|
echo mysqli_error($this->db_smartone->conn_id);
|
|
}
|
|
$index++;
|
|
} while (mysqli_next_result($this->db_smartone->conn_id));
|
|
} else {
|
|
echo mysqli_error($this->db_smartone->conn_id);
|
|
}
|
|
|
|
echo json_encode(["status" => "OK", "data" => $ResultSet]);
|
|
}
|
|
}
|