advation
/
OpenTimeTracker


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372
							<?php

class accountModel extends Staple_Model
{
    private $db;

    private $id;
    private $username;
    private $password;
    private $pin;
    private $tempPin;
    private $firstName;
    private $lastName;
    private $authLevel;
    private $batchId;
    private $supervisorId;
    private $type;
    private $status;

    /**
     * @return mixed
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * @param mixed $id
     */
    public function setId($id)
    {
        $this->id = $id;
    }

    /**
     * @return mixed
     */
    public function getUsername()
    {
        return $this->username;
    }

    /**
     * @param mixed $username
     */
    public function setUsername($username)
    {
        $this->username = $username;
    }

    /**
     * @return mixed
     */
    public function getPassword()
    {
        return $this->password;
    }

    /**
     * @param mixed $password
     */
    public function setPassword($password)
    {
        $this->password = $password;
    }

    /**
     * @return mixed
     */
    public function getPin()
    {
        return $this->pin;
    }

    /**
     * @param mixed $pin
     */
    public function setPin($pin)
    {
        $this->pin = $pin;
    }

    /**
     * @return mixed
     */
    public function getTempPin()
    {
        return $this->tempPin;
    }

    /**
     * @param mixed $tempPin
     */
    public function setTempPin($tempPin)
    {
        $this->tempPin = $tempPin;
    }

    /**
     * @return mixed
     */
    public function getFirstName()
    {
        return $this->firstName;
    }

    /**
     * @param mixed $firstName
     */
    public function setFirstName($firstName)
    {
        $this->firstName = $firstName;
    }

    /**
     * @return mixed
     */
    public function getLastName()
    {
        return $this->lastName;
    }

    /**
     * @param mixed $lastName
     */
    public function setLastName($lastName)
    {
        $this->lastName = $lastName;
    }

    /**
     * @return mixed
     */
    public function getAuthLevel()
    {
        return $this->authLevel;
    }

    /**
     * @param mixed $authLevel
     */
    public function setAuthLevel($authLevel)
    {
        $this->authLevel = $authLevel;
    }

    /**
     * @return mixed
     */
    public function getBatchId()
    {
        return $this->batchId;
    }

    /**
     * @param mixed $batchId
     */
    public function setBatchId($batchId)
    {
        $this->batchId = $batchId;
    }

    /**
     * @return mixed
     */
    public function getSupervisorId()
    {
        return $this->supervisorId;
    }

    /**
     * @param mixed $supervisorId
     */
    public function setSupervisorId($supervisorId)
    {
        $this->supervisorId = $supervisorId;
    }

    /**
     * @return mixed
     */
    public function getType()
    {
        return $this->type;
    }

    /**
     * @param mixed $type
     */
    public function setType($type)
    {
        $this->type = $type;
    }

    /**
     * @return mixed
     */
    public function getStatus()
    {
        return $this->status;
    }

    /**
     * @param mixed $status
     */
    public function setStatus($status)
    {
        $this->status = $status;
    }

    function __construct()
    {
        $this->db = Staple_DB::get();

    }

    function load($id)
    {
        $sql = "SELECT id, username, firstName, lastName, authLevel, batchId, supervisorId, type, status FROM accounts WHERE id = '".$this->db->real_escape_string($id)."'";
        $query = $this->db->query($sql);
        $result = $query->fetch_assoc();

        $data = array();

        $data['id'] = $result['id'];
        $data['username'] = $result['username'];
        $data['firstName'] = $result['firstName'];
        $data['lastName'] = $result['lastName'];
        $data['level'] = $result['authLevel'];
        $data['supervisor'] = $result['supervisorId'];
        $data['type'] = $result['type'];
        $data['status'] = $result['status'];

        return $data;
    }

    function save()
    {
        if(isset($this->id))
        {
            //Check if username already exists
            $sql = "SELECT username FROM accounts WHERE username = '".$this->db->real_escape_string($this->username)."' AND id <> '".$this->db->real_escape_string($this->id)."'";
            $query = $this->db->query($sql);
            if($query->num_rows == 0)
            {
                $sql = "
                    UPDATE accounts SET
                    username = '".$this->db->real_escape_string($this->username)."',
                    firstName = '".$this->db->real_escape_string($this->firstName)."',
                    lastName = '".$this->db->real_escape_string($this->lastName)."',
                    authLevel = '".$this->db->real_escape_string($this->authLevel)."',
                    supervisorId = '".$this->db->real_escape_string($this->supervisorId)."',
                    type = '".$this->db->real_escape_string($this->type)."',
                    status = '".$this->db->real_escape_string($this->status)."'
                    WHERE id = '".$this->db->real_escape_string($this->id)."'
                ";

                if($this->db->query($sql))
                {
                    return true;
                }
            }
        }
        else
        {
            //Build username
            $username = strtolower(substr($this->firstName,0,1).$this->lastName);

            //Check if username already exists
            $sql = "SELECT username FROM accounts WHERE username = '".$this->db->real_escape_string($username)."'";
            $query = $this->db->query($sql);
            if($query->num_rows == 0)
            {
                //Check if PIN already exists
                $sql = "SELECT pin FROM accounts WHERE pin = '".$this->db->real_escape_string(sha1($this->pin))."'";
                $query = $this->db->query($sql);

                if($query->num_rows > 0)
                {
                    $pin = $this->generatePin();
                }
                else
                {
                    $pin = $this->pin;
                }

                $sql = "

                    INSERT INTO accounts (username,password,pin,firstName,lastName,authLevel,batchId,supervisorId,type,status)
                    VALUES (
                    '".$this->db->real_escape_string($username)."',
                    '".$this->db->real_escape_string(sha1('taketime'))."',
                    '".$this->db->real_escape_string(sha1($pin))."',
                    '".$this->db->real_escape_string($this->firstName)."',
                    '".$this->db->real_escape_string($this->lastName)."',
                    '".$this->db->real_escape_string($this->authLevel)."',
                    '".$this->db->real_escape_string('0')."',
                    '".$this->db->real_escape_string($this->supervisorId)."',
                    '".$this->db->real_escape_string($this->type)."',
                    '".$this->db->real_escape_string('1')."'
                    );
                ";

                if($this->db->query($sql))
                {
                    $id = $this->db->insert_id;

                    $this->tempPin = $pin;

                    $account = new userModel();
                    $userInfo = $account->userInfo($id);

                    $audit = new auditModel();
                    $audit->setUserId($userInfo['id']);
                    $audit->setAction('New Account Created');
                    $audit->setItem($account->getUsername()." created account.");
                    $audit->save();

                    return true;
                }
            }
        }

    }

    function generatePin()
    {
        $pin = array();

        for($i=0;$i<4;$i++)
        {
            $pin[$i] = rand(0,9);
        }

        $pin = implode("",$pin);

        $sql = "SELECT pin FROM accounts WHERE pin = '".$this->db->real_escape_string(sha1($pin))."'";
        $query = $this->db->query($sql);
        if($query->num_rows == 0)
        {
            return $pin;
        }
        else
        {
            $this->generatePin();
        }
    }

    function resetPin($id)
    {
        $pin = $this->generatePin();
        $this->tempPin = $pin;

        $sql = "UPDATE accounts SET pin='".$this->db->real_escape_string(sha1($pin))."' WHERE id = '".$this->db->real_escape_string($id)."'";

        if($this->db->query($sql))
        {
            $account = new userModel();
            $userInfo = $account->userInfo($id);

            $audit = new auditModel();
            $audit->setUserId($userInfo['id']);
            $audit->setAction('PIN Reset');
            $audit->setItem($account->getUsername()." reset users PIN.");
            $audit->save();

            return true;
        }
    }
}
?>