db_onedev = $this->load->database("onedev", true); $this->endpoint = "https://devclone.aplikasi.web.id/"; } function get_tenant() { try { if (! $this->isLogin) { $this->sys_error("Invalid Token"); exit; } $sql = "SELECT TenantId, TenantCode, TenantName, TenantDbName, TenantPackageId, CONCAT(IFNULL(TenantName,''), '(', IFNULL(TenantCode,''), ')') AS tenantNameCode FROM tenant WHERE TenantIsActive = 'Y'"; $rows = $this->db_onedev->query($sql)->result_array(); $result = array("total" => count($rows), "records" => $rows); $this->sys_ok($result); } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } function lookupuser() { try { //# cek token valid if (! $this->isLogin) { $this->sys_error("Invalid Token"); exit; } $prm = $this->sys_input; $id = $prm['id']; $sql = "select M_UserID as id, M_UserM_UserGroupID as usergroupid, M_UserUsername as username, IF(M_StaffIsActive = 'N','',M_StaffName) as staffname, M_UserM_StaffID as xstaff, M_UserDefaultT_SampleStationID as xsamplestation, M_UserIsCoordinator as iscoordinator, M_UserR_ReportGroupID as xreport, 'xxx' as action, TenantId, TenantCode, TenantName, CONCAT(IFNULL(TenantName,''), '(', IFNULL(TenantCode,''), ')') AS tenantNameCode from m_user join m_staff oN M_UserM_StaffID = M_StaffID left join tenant on M_UserTenantId = TenantId where M_UserM_UserGroupID = {$id} AND M_UserIsActive = 'Y'"; //echo $sql; $rows = $this->db_onedev->query($sql)->result(); $result = array("total" => count($rows), "records" => $rows); $this->sys_ok($result); } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } public function lookup() { try { //# cek token valid if (! $this->isLogin) { $this->sys_error("Invalid Token"); exit; } $prm = $this->sys_input; $search = $prm['search']; $all = $prm['all']; $limit = ''; if ($all == 'N') { $limit = ' LIMIT 10'; } $sql = "select COUNT(*) as total from m_usergroup where M_UserGroupIsActive = 'Y'"; $sql_param = array($search); $total = $this->db_onedev->query($sql, $sql_param)->row()->total; $sql = "select M_UserGroupID as id, M_UserGroupDashboard as dashboard, M_UserGroupName as name, M_UserGroupIsClinic as clinic, M_UserGroupName as description , 'xxx' as usergrouptype from m_usergroup where M_UserGroupName LIKE CONCAT('%','{$search}','%') AND M_UserGroupIsActive = 'Y' $limit"; $sql_param = array($search); $query = $this->db_onedev->query($sql); //echo $this->db_onedev->last_query(); if ($query) { $rows = $query->result_array(); } else { $this->sys_error_db("m_usergroup select", $this->db_onedev); exit; } $result = array("total" => $total, "total_filter" => count($rows), "records" => $rows); $this->sys_ok($result); } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } public function getdashboards() { try { //# cek token valid if (! $this->isLogin) { $this->sys_error("Invalid Token"); exit; } $prm = $this->sys_input; $group_id = $prm['group_id']; $search = isset($prm['search']) ? trim($prm['search']) : ''; $sql = "select menu.S_MenuID as id, CONCAT(menu.S_MenuName,' [ ',menuparent.S_MenuName,' ]') as name, CONCAT('one-ui-lab/',menu.S_MenuUrl) as url, menuparent.S_MenuName as group_name FROM s_menu menu LEFT JOIN s_menu menuparent ON menu.S_MenuParentS_MenuID = menuparent.S_MenuID WHERE menu.S_MenuUrl <> '#' AND menu.S_MenuIsActive = 'Y' AND ( menu.S_MenuName LIKE CONCAT('%', ?, '%') OR CONCAT('one-ui-lab/', menu.S_MenuUrl) LIKE CONCAT('%', ?, '%') OR menu.S_MenuUrl LIKE CONCAT('%', ?, '%') )"; $sql_param = array($search, $search, $search); $query = $this->db_onedev->query($sql, $sql_param); // echo $this->db_onedev->last_query(); if ($query) { $rows = $query->result_array(); } else { $this->sys_error_db("m_usergroup select", $this->db_onedev); exit; } $total = count($rows); $result = array("total" => $total, "total_filter" => $total, "records" => $rows); $this->sys_ok($result); } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } public function addnewusergroup() { try { //# cek token valid if (! $this->isLogin) { $this->sys_error("Invalid Token"); exit; } //# ambil parameter input $prm = $this->sys_input; $name_usergroup = $prm['name']; $dashboard_usergroup = $prm['dashboard']; $clinic_usergroup = $prm['clinic']; $query = "SELECT COUNT(*) as exist FROM m_usergroup WHERE M_UserGroupIsActive = 'Y' AND M_UserGroupName = '{$name_usergroup}'"; $exist_name = $this->db_onedev->query($query)->row()->exist; //echo $exist_name; if ($exist_name == 0) { $sql = "insert into m_usergroup( M_UserGroupName, M_UserGroupDashboard, M_UserGroupIsClinic, M_UserGroupCreated, M_UserGroupLastUpdated ) values( ?, ?, ?,now(), now())"; $query = $this->db_onedev->query( $sql, array( $name_usergroup, $dashboard_usergroup, $clinic_usergroup ) ); //echo $query; if (!$query) { $this->sys_error_db("m_usergroup insert"); exit; } $result = array("total" => 1, "records" => array("xid" => 0)); $this->sys_ok($result); } else { $errors = array(); if ($exist_name != 0) { array_push($errors, array('field' => 'name', 'msg' => 'Nama sudah ada yang pakai dong')); } $result = array("total" => -1, "errors" => $errors, "records" => 0); $this->sys_ok($result); } } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } public function editusergroup() { try { //# cek token valid if (! $this->isLogin) { $this->sys_error("Invalid Token"); exit; } //# ambil parameter input $prm = $this->sys_input; $id_usergroup = $prm['id']; $name_usergroup = $prm['name']; $dashboard_usergroup = $prm['dashboard']; $clinic_usergroup = $prm['clinic']; $query = "SELECT COUNT(*) as exist FROM m_usergroup WHERE M_UserGroupIsActive = 'Y' AND M_UserGroupName = '{$name_usergroup}' AND M_UserGroupID <> {$id_usergroup} "; $exist_name = $this->db_onedev->query($query)->row()->exist; if ($exist_name == 0) { $sql = "update m_usergroup SET M_UserGroupName = ?, M_UserGroupDashboard = ?, M_UserGroupIsClinic = ?, M_UserGroupLastUpdated = now() where M_UserGroupID = ? "; $query = $this->db_onedev->query( $sql, array( $name_usergroup, $dashboard_usergroup, $clinic_usergroup, $id_usergroup ) ); //file_put_contents("/tmp/adi-update-user.sql",$this->db_onedev->last_query()); //echo $query; if (!$query) { $this->sys_error_db("m_usergroup update"); exit; } $result = array("total" => 1, "records" => array("xid" => $id_usergroup)); $this->sys_ok($result); } else { $errors = array(); if ($exist_name != 0) { array_push($errors, array('field' => 'name', 'msg' => 'Nama sudah ada yang pakai dong')); } $result = array("total" => -1, "errors" => $errors, "records" => 0); $this->sys_ok($result); } } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } function getreportsample() { if (! $this->isLogin) { $this->sys_error("Invalid Token"); exit; } $rows = []; $query = " SELECT * FROM r_reportgroup WHERE R_ReportGroupIsActive = 'Y' "; //echo $query; $rows['reports'] = $this->db_onedev->query($query)->result_array(); $query = " SELECT * FROM t_samplestation WHERE T_SampleStationIsActive = 'Y' "; //echo $query; $rows['samplestations'] = $this->db_onedev->query($query)->result_array(); $query = " SELECT * FROM m_usergroup WHERE M_UserGroupIsActive = 'Y' "; //echo $query; $rows['usergroupnames'] = $this->db_onedev->query($query)->result_array(); $query = " SELECT * FROM m_staff WHERE M_StaffIsActive = 'Y' "; //echo $query; $rows['staffs'] = $this->db_onedev->query($query)->result_array(); $result = array( "total" => count($rows), "records" => $rows, ); $this->sys_ok($result); exit; } public function edituser() { try { //# cek token valid if (! $this->isLogin) { $this->sys_error("Invalid Token"); exit; } //# ambil parameter input $prm = $this->sys_input; $userid = $prm['xid']; $username = $prm['username']; $password = $prm['password']; $md5_password = md5($this->one_salt . $prm["password"] . $this->one_salt); $xstaff = $prm['xstaff']; $xsamplestation = $prm['xsamplestation']; $xreport = $prm['xreport']; $xusergroupname = $prm['xusergroupname']; $iscoordinator = $prm['iscoordinator']; $query = "SELECT COUNT(*) as exist FROM m_user WHERE M_UserIsActive = 'Y' AND M_UserUsername = '{$username}' and M_UserID <> $userid "; $exist_username = $this->db_onedev->query($query)->row()->exist; if ($exist_username == 0) { $sql = "update m_user SET M_UserUsername = ?, M_UserM_StaffID = ?, M_UserDefaultT_SampleStationID = ?, M_UserR_ReportGroupID = ?, M_UserM_UserGroupID = ?, M_UserIsCoordinator = ?, M_UserLastUpdated = now() where M_UserID = ? "; $query = $this->db_onedev->query( $sql, array( $username, $xstaff["M_StaffID"], $xsamplestation["T_SampleStationID"], $xreport["R_ReportGroupID"], $xusergroupname["M_UserGroupID"], $iscoordinator, $userid ) ); if (!$query) { $this->sys_error_db("m_user update", $this->db_onedev); exit; } $result = array("total" => 1, "records" => array("xid" => $userid)); $this->sys_ok($result); } else { $errors = array(); if ($exist_name != 0) { array_push($errors, array('field' => 'username', 'msg' => 'Nama sudah ada yang pakai dong')); } $result = array("total" => -1, "errors" => $errors, "records" => 0); $this->sys_ok($result); } } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } public function addnewuser() { try { //# cek token valid if (! $this->isLogin) { $this->sys_error("Invalid Token"); exit; } //# ambil parameter input $prm = $this->sys_input; $usergroupid = $prm['usergroupid']; $username = $prm['username']; $password = $prm['password']; $md5_password = md5($this->one_salt . $prm["password"] . $this->one_salt); $xstaff = $prm['xstaff']; $xsamplestation = $prm['xsamplestation']; $xreport = $prm['xreport']; $iscoordinator = $prm['iscoordinator']; $tenant = $prm['selected_tenant']; if ($prm['xid'] == 0) { $query = "SELECT COUNT(*) as exist FROM m_user WHERE M_UserIsActive = 'Y' AND M_UserUsername = '{$username}'"; $exist_username = $this->db_onedev->query($query)->row()->exist; if ($exist_username == 0) { $sql = "insert into m_user( M_UserM_UserGroupID, M_UserUsername, M_UserPassword, M_UserM_StaffID, M_UserTenantId, M_UserDefaultT_SampleStationID, M_UserR_ReportGroupID, M_UserIsCoordinator, M_UserCreated, M_UserLastUpdated ) values( ?,?,?,?,?,?,?,?,now(),now())"; $query = $this->db_onedev->query( $sql, array( $usergroupid, $username, $md5_password, $xstaff["M_StaffID"], $tenant["TenantId"], $xsamplestation["T_SampleStationID"], $xreport["R_ReportGroupID"], $iscoordinator ) ); if (!$query) { $this->sys_error_db("m_user insert", $this->db_onedev); exit; } $user_klinik = $this->adduserklinik( $xstaff["M_StaffID"], $password, $username, $tenant["TenantCode"] ); $result = array("total" => 1, "records" => array("xid" => 0), "user_klinik" => $user_klinik); $this->sys_ok($result); } else { $errors = array(); if ($exist_username != 0) { array_push($errors, array('field' => 'username', 'msg' => 'Nama User sudah ada yang pakai dong')); } $result = array("total" => -1, "errors" => $errors, "records" => 0, "user_klinik" => []); $this->sys_ok($result); } } else { $query = "SELECT COUNT(*) as exist FROM m_user WHERE M_UserIsActive = 'Y' AND M_UserUsername = '{$username}' AND M_UserID <> {$prm['xid']}"; $exist_username = $this->db_onedev->query($query)->row()->exist; //echo $query; //echo $query; if ($exist_username == 0) { $sql = "UPDATE m_user SET M_UserUsername = '{$username}', M_UserPassword = '{$password}', M_UserM_StaffID = '{$xstaff}', M_UserR_ReportGroupID = '{$xreport}', M_UserDefaultT_SampleStationID = '{$xsamplestation}', M_UserIsCoordinator = '{$iscoordinator}' WHERE M_UserID = '{$prm['xid']}'"; //echo $sql; $query = $this->db_onedev->query($sql); $result = array("total" => 1, "records" => array("xid" => 0)); $this->sys_ok($result); } else { $errors = array(); if ($exist_username != 0) { array_push($errors, array('field' => 'username', 'msg' => 'Username sudah ada yang pakai dong')); } $result = array("total" => -1, "errors" => $errors, "records" => 0, "user_klinik" => []); $this->sys_ok($result); } } } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } private function adduserklinik($staffid, $password, $username, $tenant_code) { try { $sql_staff = "SELECT M_StaffID, M_StaffName FROM m_staff WHERE M_StaffIsActive = 'Y' AND M_StaffID = ?"; $qry_staff = $this->db_onedev->query($sql_staff, [$staffid]); if (!$qry_staff) { $this->sys_error_db("error get staff", $this->db_onedev); exit; } $row = $qry_staff->row_array(); $password_hash = $this->password_hash_api($password); $email = $username . "@gmail.com"; // user_klinik ibl $sql_user = "INSERT INTO antrione.clinic_user( ClinicUserUsername, ClinicUserPasswordHash, ClinicUserTenantCode, ClinicUserCreated) VALUES(?,?,?,NOW())"; $qry_user = $this->db_onedev->query($sql_user, [ $username, $password_hash, $tenant_code ]); if (!$qry_user) { $this->sys_error_db("error insert clinic user ibl", $this->db_onedev); exit; } $url = $this->endpoint . "api/ibl/users"; $param = [ "name" => $row['M_StaffName'], "email" => $email, "username" => $username, "password" => $password_hash, "tenant_code" => $tenant_code ]; $resp = $this->post($url, json_encode($param)); return $resp; } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } public function post($url, $data) { $ch = curl_init($url); curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST"); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_HTTPHEADER, [ "Content-Type: application/json" ]); $result = curl_exec($ch); if (curl_error($ch) != "") { return "ERROR CLINIC API [$url] : " . curl_error($ch) . "\n"; } curl_close($ch); return $result; } public function password_hash_api($password) { try { if ($password == "") { echo json_encode([ "status" => "error", "message" => "Password kosong" ]); exit; } $hash = password_hash($password, PASSWORD_BCRYPT, [ "cost" => 10 ]); return $hash; } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } function generate_string($input, $strength = 4) { $input_length = strlen($input); $random_string = ''; for ($i = 0; $i < $strength; $i++) { $random_character = $input[mt_rand(0, $input_length - 1)]; $random_string .= $random_character; } return $random_string; } function reset_password() { try { //# cek token valid if (! $this->isLogin) { $this->sys_error("Invalid Token"); exit; } $prm = $this->sys_input; $id = $prm['id']; $userid = $this->sys_user["M_UserID"]; $permitted_chars = 'wertyuioplkjhgfdsazxcvbnm0123456789'; $new_password = $this->generate_string($permitted_chars, 9); $md5_password = md5($this->one_salt . $new_password . $this->one_salt); //echo $new_password; $sql = "UPDATE m_user SET M_UserPassword = '{$md5_password}', M_UserLastUpdated = NOW(), M_UserM_UserID = {$userid} WHERE M_UserID = {$id}"; //echo $sql; $rows = $this->db_onedev->query($sql); $sql = "SELECT * FROM m_user WHERE M_UserID = {$id}"; $data_user = $this->db_onedev->query($sql)->row_array(); $data_log = array( "user_id" => $id, "old_password" => $data_user['M_UserPassword'], "new_password" => $md5_password, "new_password_show" => $new_password, "reason" => $prm['reason'] ); $data_log = json_encode($data_log); $sql = "INSERT INTO log_user ( Log_UserDatetime, Log_UserCode, Log_UserXID, Log_UserJson, Log_UserM_UserID ) VALUES( NOW(), 'RESETPWD', {$id}, '{$data_log}', {$userid} )"; $this->db_onedev->query($sql); $result = array("password" => $new_password); $this->sys_ok($result); } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } public function deleteuser() { try { //# cek token valid if (! $this->isLogin) { $this->sys_error("Invalid Token"); exit; } //# ambil parameter input $prm = $this->sys_input; $sql = "update m_user SET M_UserUsername = CONCAT(M_UserUsername,'-DELETED'), M_UserIsActive = 'N', M_UserPassword = '1234567890XD3L3T3US312', M_UserActiveToken = NULL, M_UserIsLoggedIn = 'N', M_UserLastUpdated = now() WHERE M_UserID = ? "; $query = $this->db_onedev->query( $sql, array( $prm['id'] ) ); // echo $query; if (!$query) { $this->sys_error_db("m_user delete"); exit; } $result = array("total" => 1, "records" => array("xid" => 0)); $this->sys_ok($result); } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } public function deleteusergroup() { try { //# cek token valid if (! $this->isLogin) { $this->sys_error("Invalid Token"); exit; } //# ambil parameter input $prm = $this->sys_input; $sql = "update m_usergroup SET M_UserGroupIsActive = 'N', M_UserGroupLastUpdated = now() WHERE M_UserGroupID = ? "; $query = $this->db_onedev->query( $sql, array( $prm['id'] ) ); // echo $query; if (!$query) { $this->sys_error_db("m_usergroup delete"); exit; } $sql = "UPDATE m_user SET M_UserIsActive = 'N', M_UserLastUpdated = now() WHERE M_UserM_UserGroupID = ? "; $query = $this->db_onedev->query( $sql, array( $prm['id'] ) ); // echo $query; if (!$query) { $this->sys_error_db("m_user delete"); exit; } $result = array("total" => 1, "records" => array("xid" => 0)); $this->sys_ok($result); } catch (Exception $exc) { $message = $exc->getMessage(); $this->sys_error($message); } } }