Your IP : 216.73.216.40
<?php
date_default_timezone_set('Asia/Kolkata');
//ERP MySQL connection details.
define('DB_SERVER', 'localhost');
define('DB_NAME', 'erp_core');
define('DB_USER', 'erp');
define('DB_PASSWD', 'erpa2018');
class erpModel {
//PDO options. These are optional.
public $options = array(
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_EMULATE_PREPARES => true,
PDO::MYSQL_ATTR_USE_BUFFERED_QUERY => true
);
public $pdo = '';
public $dbStmt = '';
public $sqlStmt = ''; // requires to store sql command executed on database
public $dbError = ''; // database error container
public $tableID = ''; // required to render last updated timestamp of record
public $tupleID = 0; // required to render last updated timestamp of record
public function __construct() {
// mysql connection using PDO
try {
//Instantiate the PDO object and connect to MySQL.
$this->pdo = new PDO('mysql:host=' .DB_SERVER. ';dbname=' .DB_NAME, DB_USER, DB_PASSWD, $options);
$this->pdo->query("use erp_core");
} catch (PDOException $e) {
die("Error!: " . $e->getMessage());
}
}
public function __destruct() {
//print mysql_error();
$this->dbStmt = null;
$this->pdo = null;
}
//***********************************************************************
//* erp country, state, district functions *
//***********************************************************************
function getDashboard() {
$this->dbStmt = $this->pdo->prepare("SELECT dashboard FROM erp_core.erp_groups WHERE groupID=(SELECT groupID FROM erp_core.erp_users WHERE loginID='" .$_SESSION['loginID']. "')");
if ($this->dbStmt->execute()) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['dashboard'];
} else {
return 'erpDashboard';
}
}
function erpSummary() {
$this->dbStmt = $this->pdo->prepare("SELECT COUNT(instituteID) AS no FROM erp_core.erp_institutes WHERE status='Enabled'");
if ($this->dbStmt->execute()) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
$data['institutes'] = $row['no'];
}
$this->dbStmt = $this->pdo->prepare("SELECT COUNT(moduleID) AS no FROM erp_core.erp_modules WHERE status='Enabled'");
if ($this->dbStmt->execute()) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
$data['modules'] = $row['no'];
}
$this->dbStmt = $this->pdo->prepare("SELECT COUNT(appID) AS no FROM erp_core.erp_apps WHERE status='Enabled'");
if ($this->dbStmt->execute()) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
$data['apps'] = $row['no'];
}
$this->dbStmt = $this->pdo->prepare("SELECT COUNT(menuID) AS no FROM erp_core.erp_menus WHERE interface=? AND status='Enabled'");
if ($this->dbStmt->execute(['I'])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
$data['inputs'] = $row['no'];
}
$this->dbStmt = $this->pdo->prepare("SELECT COUNT(menuID) AS no FROM erp_core.erp_menus WHERE interface=? AND status='Enabled'");
if ($this->dbStmt->execute(['O'])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
$data['outputs'] = $row['no'];
}
$this->dbStmt = $this->pdo->prepare("SELECT COUNT(menuID) AS no FROM erp_core.erp_menus WHERE interface=? AND status='Enabled'");
if ($this->dbStmt->execute(['C'])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
$data['configurations'] = $row['no'];
}
$this->dbStmt = $this->pdo->prepare("SELECT COUNT(groupID) AS no FROM erp_core.erp_groups WHERE status='Enabled'");
if ($this->dbStmt->execute()) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
$data['user groups'] = $row['no'];
}
$this->dbStmt = $this->pdo->prepare("SELECT COUNT(userID) AS no FROM erp_core.erp_users WHERE status='Enabled'");
if ($this->dbStmt->execute()) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
$data['user accounts'] = $row['no'];
}
return $data;
}
// *****************************************************************
// configuration functions
// *****************************************************************
function getConfiguration($configID=0) {
if ($configID) {
$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_configurations WHERE configID=$configID");
return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
}
}
function getAppIcon($appCode) {
$this->dbStmt = $this->pdo->prepare("SELECT appIcon FROM erp_core.erp_apps WHERE appCode='$appCode'");
if ($this->dbStmt->execute()) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['appIcon'];
} else {
return 'fas fa-hourglass';
}
}
// *****************************************************************
// aaa functions
// *****************************************************************
function getProgram($programID=0) {
if ($programID) {
$this->dbStmt = $this->pdo->query("SELECT p.*,c.courseName,c.courseNameH,b.branchName,b.branchNameH,s.specializationName,s.specializationNameH
FROM erp_aaa.aaa_programs AS p LEFT JOIN erp_aaa.aaa_courses AS c ON p.courseID=c.courseID LEFT JOIN erp_aaa.aaa_branches AS b ON p.branchID=b.branchID LEFT JOIN erp_aaa.aaa_specializations AS s ON p.specializationID=s.specializationID
WHERE programID=$programID");
return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
}
}
function selectProgram($degreeLevel='') {
$this->dbStmt = $this->pdo->query("SELECT * FROM erp_aaa.aaa_programs WHERE instituteID=" .$_SESSION['instituteID']. ($degreeLevel ? " AND degreeLevel='$degreeLevel'" : ''). " AND status='Enabled' ORDER BY programCode");
//echo "SELECT * FROM erp_aaa.aaa_programs WHERE instituteID=" .$_SESSION['instituteID']. ($degreeLevel ? " AND degreeLevel='$degreeLevel'" : ''). " AND status='Enabled' ORDER BY programCode";
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
function aaaAdmissions() {
$this->dbStmt = $this->pdo->query("SELECT programCode,gender,COUNT(gender) AS no
FROM erp_aaa.aaa_enrolmentsv WHERE batchYear=" .$_SESSION['batchYear']. " AND estatus='Enrolled' GROUP BY programCode,gender");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
function getEnrolment($enrolmentID=0) {
if ($enrolmentID) {
$this->dbStmt = $this->pdo->query("SELECT * FROM erp_aaa.aaa_enrolmentsv WHERE enrolmentID=$enrolmentID");
return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
}
}
function getStudents($enrolmentNo='') {
if ($enrolmentNo) {
$this->dbStmt = $this->pdo->query("SELECT CONCAT('<img src=\'uploads/photos/', u.fileName, '\' width=\'30\' height=\'40\'>') AS photo,
enrolmentNo,p.programCode,enrolCategory,nameEnglish,e.nameHindi,gender,dateBirth,bloodGroup,category,
commAddress,commPIN,e.phoneNo,e.email,fatherName,motherName,guardianName,guardianPhone,guardianEmail,guardianAddress
FROM erp_aaa.aaa_enrolmentsv AS e LEFT JOIN erp_aaa.aaa_uploads AS u ON e.studentID=u.studentID AND u.docheadCode='PHO' INNER JOIN erp_aaa.aaa_programs AS p ON e.programID=p.programID INNER JOIN erp_core.erp_states AS s ON e.homeState=s.stateID INNER JOIN erp_core.erp_districts AS d ON e.homeDistrict=d.districtID
WHERE enrolmentNo LIKE '$enrolmentNo%' ORDER BY e.enrolmentNo");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
}
function findStudent($queryText='') {
if ($queryText) {
$this->dbStmt = $this->pdo->query("SELECT enrolmentNo,programCode,nameEnglish,e.nameHindi,gender,dateBirth,bloodGroup,category, CONCAT(commAddress, ', ', d.districtName, '-', commPIN, ' (',s.stateName,') ', c.countryName) as address,e.phoneNo,e.email,fatherName,motherName,guardianName,guardianPhone,guardianEmail,guardianAddress
FROM erp_aaa.aaa_enrolmentsv AS e INNER JOIN erp_core.erp_states AS s ON e.homeState=s.stateID INNER JOIN erp_core.erp_districts AS d ON e.homeDistrict=d.districtID INNER JOIN erp_core.erp_countrys AS c ON e.nationality=c.countryCode
WHERE enrolmentNo='$queryText' OR nameEnglish LIKE '$queryText%' ORDER BY e.enrolmentNo");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
}
function getEnrolmentIDByEnrolmentNo($enrolmentNo) {
if ($enrolmentNo) {
$this->dbStmt = $this->pdo->query("SELECT enrolmentID FROM erp_aaa.aaa_enrolments WHERE enrolmentNo='$enrolmentNo'");
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['enrolmentID'];
}
}
function getMyUpload($studentID, $docheadCode='') {
if ($studentID && $docheadCode) {
$this->dbStmt = $this->pdo->query("SELECT fileName
FROM erp_aaa.aaa_uploads
WHERE studentID=$studentID AND docheadCode='$docheadCode'");
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['fileName'];
}
}
function listUploads($studentID, $programID) {
if ($studentID && $programID) {
$this->dbStmt = $this->pdo->query("SELECT DISTINCT u.*,h.docheadName,h.original
FROM erp_aaa.aaa_uploads AS u LEFT JOIN erp_aaa.aaa_docheads AS h ON u.docheadCode=h.docheadCode INNER JOIN erp_aaa.aaa_doccharts AS c ON c.docheadID=h.docheadID
WHERE u.studentID=$studentID AND c.programID REGEXP CONCAT('(^|,)(', REPLACE('$programID', ',', '|'), ')(,|$)')
ORDER BY uploadID");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
}
function listExemptions($studentID) {
if ($studentID) {
$this->dbStmt = $this->pdo->query("SELECT e.*,h.docheadName,h.original
FROM erp_aaa.aaa_exemptions AS e LEFT JOIN erp_aaa.aaa_docheads AS h ON e.docheadCode=h.docheadCode
WHERE e.studentID=$studentID ORDER BY h.docheadCode");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
}
// *****************************************************************
// hms functions
// *****************************************************************
function findAllottee($allotteeNo='') {
if ($allotteeNo) {
$this->dbStmt = $this->pdo->query("SELECT h.hostelCode,r.floorNo,r.roomNo
FROM erp_hms.hms_allotments AS a LEFT JOIN erp_hms.hms_hostels AS h ON a.hostelID=h.hostelID LEFT JOIN erp_hms.hms_rooms AS r ON a.roomID=r.roomID
WHERE a.allotteeNo='$allotteeNo'");
return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
}
}
function getHostelCodeByHostelID($hostelID) {
if ($hostelID) {
$this->dbStmt = $this->pdo->query("SELECT hostelCode FROM erp_hms.hms_hostels WHERE hostelID=$hostelID");
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['hostelCode'];
}
}
function getRoom($roomID=0) {
if ($roomID) {
$this->dbStmt = $this->pdo->query("SELECT * FROM erp_hms.hms_rooms WHERE roomID=$roomID");
return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
}
}
function filterRooms($hostelID, $roomType=0) {
if ($hostelID) {
$this->dbStmt = $this->pdo->query("SELECT * FROM erp_hms.hms_rooms WHERE hostelID=$hostelID" .($roomType ? " AND roomType=$roomType" : ''). " ORDER BY floorNo,roomNo");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
}
function getAllotment($allotmentID=0) {
if ($allotmentID) {
$this->dbStmt = $this->pdo->query("SELECT * FROM erp_hms.hms_allotments WHERE allotmentID=$allotmentID");
return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
}
}
function getAllotmentCountByRoomType($hostelID, $roomType) {
if ($hostelID && $roomType) {
$this->dbStmt = $this->pdo->query("SELECT count(a.allotteeNo) AS no FROM erp_hms.hms_allotments AS a INNER JOIN erp_hms.hms_rooms AS r ON a.roomID=r.roomID WHERE r.hostelID=$hostelID AND r.roomType=$roomType");
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return ($row['no'] ? $row['no'] : 0);
}
}
function getAllotmentIDByAllotteeNo($allotteeNo) {
if ($allotteeNo) {
$this->dbStmt = $this->pdo->query("SELECT allotmentID FROM erp_hms.hms_allotments WHERE allotteeNo='$allotteeNo'");
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return ($row['allotmentID'] ? $row['allotmentID'] : 0);
}
}
// *****************************************************************
// hc functions
// *****************************************************************
function ihcRegistrations() {
$this->dbStmt = $this->pdo->query("SELECT reg_date AS dated,pat_group AS pgroup,COUNT(pat_id) AS no FROM icure.registrations WHERE reg_date>'" .date('Y-m-d', strtotime(date('Y-m-d') .' -7 day')). "' GROUP BY dated desc,pgroup");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
function stRequisitions() {
$this->dbStmt = $this->pdo->query("SELECT date_indent AS dated,status,COUNT(status) AS no FROM istore.indents WHERE date_indent>'" .date('Y-m-d', strtotime(date('Y-m-d') .' -7 day')). "'GROUP BY dated desc,status");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
function iwdConsumptions() {
$this->dbStmt = $this->pdo->query("SELECT month, SUM(curreading-prevreading) AS reading FROM ilight.el_billing GROUP BY month ORDER BY id DESC LIMIT 0, 12");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
//***********************************************************************
//* erp core functions *
//***********************************************************************
public function checkAbuser($userIP, $txt) {
if ($this->pdo->query("SELECT * from erp_core.erp_abusers WHERE userIP='$userIP'")->rowCount() > 0) {
$this->dbStmt = $this->pdo->prepare("update erp_core.erp_abusers set userText=concat(userText,', ',?) WHERE userIP=?");
$this->dbStmt->execute([$txt,$userIP]);
return TRUE;
} else {
$abuses = ['nude','teen','www','url','sex','suck','fuck','xxx','pussy','penis','hotty','sexual','porn','sexy'];
if (in_array($txt, $abuses)) {
$this->dbStmt = $this->pdo->prepare("INSERT INTO erp_core.erp_abusers(userText,userIP) VALUES(?, ?)");
$this->dbStmt->execute([$txt,$userIP]);
return TRUE;
}
}
return FALSE;
}
public function openSession($userIP) {
$this->dbStmt = $this->pdo->prepare("INSERT INTO erp_core.erp_sessions(sessionID,loginID,userIP,timeLogin) VALUES(?,?,?,now())");
$this->dbStmt->execute([$_SESSION['sessionID'], $_SESSION['loginID'], $userIP]);
$this->dbStmt = $this->pdo->prepare("UPDATE erp_core.erp_sessions SET duration=timediff(now(),timeLogin) WHERE timeLogin=timeLogout AND loginID=?");
$this->dbStmt->execute([$_SESSION['loginID']]);
}
public function closeSession() {
$this->dbStmt = $this->pdo->prepare("UPDATE erp_core.erp_sessions SET duration=timediff(now(),timeLogin) WHERE sessionID=? AND timeLogin=timeLogout");
$this->dbStmt->execute([$_SESSION['sessionID']]);
$this->dbStmt = $this->pdo->prepare("UPDATE erp_core.erp_sessions SET duration=timediff(now(),timeLogin) WHERE timeLogin=timeLogout AND loginID=?");
$this->dbStmt->execute([$_SESSION['loginID']]);
}
function erpLog($userIP,$appURL,$referer) {
$this->dbStmt = $this->pdo->prepare("INSERT INTO erp_core.erp_logs(loginID,userIP,appURL,referer) VALUES(?,?,?,?)");
$this->dbStmt->execute([$_SESSION['loginID'], $userIP, $appURL, $referer]);
}
function sqlLog() {
$this->dbStmt = $this->pdo->prepare("INSERT INTO erp_core.erp_sqls(loginID, tableID, tupleID, sqlCommand) VALUES(?,?,?,?)");
$this->dbStmt->execute([$_SESSION['loginID'], $this->tableID, $this->tupleID, $this->sqlStmt]);
}
function getXlogin() {
//get last login timestamp
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_sessions WHERE loginID=? AND timeLogin <> timeLogout ORDER BY sesID DESC LIMIT 0,1");
if ($this->dbStmt->execute([$_SESSION['loginID']])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
$str = "Last login at " .$row['timeLogin']. " AND logout at " .$row['timeLogout'];
} else {
$str = "Congratulations on first ever login.";
}
return $str;
}
function getXupdate() {
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_sqls WHERE tableID=? AND tupleID=? ORDER BY sqlID DESC LIMIT 0,1");
$this->dbStmt->execute([$this->tableID, $this->tupleID]);
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
if ($row) $str = "Last updated at " .$row['timeAccess']. " by user " .$row['loginID'];
return $str;
}
function erpModules() {
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_modules WHERE status=? ORDER BY moduleID");
if ($this->dbStmt->execute(['Enabled'])) {
$rows = $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
return $rows;
}
function erpApps() {
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_apps WHERE (moduleID=? OR universal=1) AND status='Enabled' ORDER BY appID");
if ($this->dbStmt->execute([$_SESSION['moduleID']])) {
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
}
function getAppTitle($appCode) {
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_apps WHERE appCode=?");
if ($this->dbStmt->execute([$appCode])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
if ($row) return "<i class='" .$row['appIcon']. "'></i> " .$row['appName']. " (" . $row['description']. ") ";
return "<i class='fas fa-times'></i> Missing";
}
}
function erpMenus($appID, $interface='') {
if ($appID && $interface) {
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_menus WHERE appID=? AND interface=? AND protection<2 AND status='Enabled' ORDER BY menuID");
if ($this->dbStmt->execute([$appID, $interface])) {
$rows = $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
} else {
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_menus WHERE appID=? AND status='Enabled' ORDER BY menuID");
if ($this->dbStmt->execute([$appID])) {
$rows = $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
}
return $rows;
}
function erpSubmenus($menuID) {
if ($menuID) {
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_menus WHERE parentID=? AND status='Enabled' ORDER BY menuID");
if ($this->dbStmt->execute([$menuID])) {
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
}
}
function getModuleName($moduleID) {
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_modules WHERE moduleID=?");
if ($this->dbStmt->execute([$moduleID])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['moduleName'];
}
}
function getMenuID($menuURL) {
$this->dbStmt = $this->pdo->prepare("SELECT menuID FROM erp_core.erp_menus WHERE menuURL=?");
if ($this->dbStmt->execute([$menuURL])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['menuID'];
}
}
function getMenuURL($menuID) {
$this->dbStmt = $this->pdo->prepare("SELECT menuURL FROM erp_core.erp_menus WHERE menuID=?");
if ($this->dbStmt->execute([$menuID])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['menuURL'];
}
}
function getMenuHelp($menuID) {
$this->dbStmt = $this->pdo->prepare("SELECT menuHelp FROM erp_core.erp_menus WHERE menuID=?");
if ($this->dbStmt->execute([$menuID])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['menuHelp'];
}
}
function getMenuTitle($menuURL) {
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_menus WHERE menuURL=?");
if ($this->dbStmt->execute([$menuURL])) {
return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
}
}
function getMenuACL($menuID) {
$this->dbStmt = $this->pdo->prepare("SELECT a.*,u.loginID
FROM erp_core.erp_uacls AS a INNER JOIN erp_core.erp_users AS u ON a.userID=u.userID
WHERE a.menuID=?");
if ($this->dbStmt->execute([$menuID])) {
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
}
function getMenuProtection($menuURL) {
$this->dbStmt = $this->pdo->prepare("SELECT protection FROM erp_core.erp_menus WHERE menuURL=?");
if ($this->dbStmt->execute([$menuURL])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['protection'];
}
}
//*******************************get user auth mode for authentication
public function getAuthMode($loginID) {
$this->dbStmt = $this->pdo->prepare("SELECT authMode FROM erp_core.erp_users WHERE loginID=? AND status=?");
$this->dbStmt->execute([$loginID, 'Enabled']);
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
$str = $this->dbStmt->rowCount() ? $row['authMode'] : 'Disabled';
return $str;
}
public function erpLDAPAuth($loginID, $secretCode) {
//$ds = ldap_connect("ldaps://172.31.1.41:636");
$ds = ldap_connect("ldap://172.31.1.41:389");
ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, 3);
$a = ldap_search($ds, "dc=iiita,dc=ac,dc=in", "uid=$loginID");
$b = ldap_get_entries($ds, $a);
$dn = $b[0]['dn'];
return (ldap_bind($ds, $dn, $secretCode) ? TRUE : FALSE);
ldap_close($ds);
}
public function erpDBAuth($loginID, $secretCode) {
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_users WHERE loginID=? AND secretCode=password(?)");
$this->dbStmt->execute([$loginID, $secretCode]);
return ($this->dbStmt->rowCount() ? TRUE : FALSE);
}
public function getUserAccount($loginID='') {
if ($loginID) {
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_users WHERE loginID=?");
if ($this->dbStmt->execute([$loginID])) $row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return ($row ? TRUE : FALSE);
}
}
public function getUserGroup() {
$str = 'Guest';
$this->dbStmt = $this->pdo->prepare("SELECT u.*, g.groupName FROM erp_core.erp_users AS u, erp_core.erp_groups AS g WHERE u.groupID=g.groupID AND u.loginID=?");
if ($this->dbStmt->execute([$_SESSION['loginID']])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
$str = $row['groupName'];
}
return $str;
}
//*******************************get userACL (insert, update, delete) by loginID
public function getUserACL($menuURL) {
$str = '000'; // default ACL, no (insert, update, delete)
// protected content, so acl record is must
$this->dbStmt = $this->pdo->prepare("SELECT CONCAT(aclInsert,aclUpdate,aclDelete) AS acl,CONCAT(aclInsert,',',aclUpdate,',',aclDelete) AS acls FROM erp_core.erp_uacls WHERE menuID=(SELECT menuID FROM erp_core.erp_menus WHERE protection=1 AND menuURL=?) AND userID=(SELECT userID FROM erp_core.erp_users WHERE loginID=?)");
if ($this->dbStmt->execute([$menuURL, $_SESSION['loginID']])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
$str = $row['acls'];
//echo 'bb';
}
return $str;
}
function getUserACLs($userID) {
$this->sqlStml = "SELECT a.aclRead,a.aclInsert,a.aclUpdate,a.aclDelete,m.menuName FROM erp_core.erp_uacls as a,erp_core.erp_menus as m WHERE a.menuID=m.menuID AND a.userID=?";
$this->dbStmt = $this->pdo->prepare($this->sqlStml);
if ($this->dbStmt->execute([$userID])) {
$rows = $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
return $rows;
}
//*******************************check user read acl by loginID
public function checkReadACL($menuID) {
$this->sqlStml = "SELECT aclRead FROM erp_core.erp_uacls WHERE menuID=? AND userID=(SELECT userID FROM erp_core.erp_users WHERE loginID=?)";
$this->dbStmt = $this->pdo->prepare($this->sqlStml);
if ($this->dbStmt->execute([$menuID, $_SESSION['loginID']])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
$str = $row['aclRead'];
}
return $str;
}
//*******************************system information functions
function listSessions($dated) {
$this->sqlStml = "SELECT sessionID,loginID,userIP,timeLogin,timeLogout,duration FROM erp_core.erp_sessions WHERE date(timeLogin)=? ORDER BY sesID DESC";
$this->dbStmt = $this->pdo->prepare($this->sqlStml);
$this->dbStmt->execute([$dated]);
$rows = $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
return $rows;
}
function listLogs($dated) {
if ($this->getUserGroup() == 'Admin') {
$this->sqlStml = "SELECT loginID,userIP,appURL,referer,timeAccess FROM erp_core.erp_logs WHERE date(timeAccess)=? ORDER BY logID DESC";
$this->dbStmt = $this->pdo->prepare($this->sqlStml);
if ($this->dbStmt->execute([$dated])) {
$rows = $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
} else {
$this->sqlStml = "SELECT loginID,userIP,appURL,referer,timeAccess FROM erp_core.erp_logs WHERE date(timeAccess)=? AND loginID=? ORDER BY logID DESC";
$this->dbStmt = $this->pdo->prepare($this->sqlStml);
if ($this->dbStmt->execute([$dated, $_SESSION['loginID']])) {
$rows = $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
}
return $rows;
}
function listSqls($dated) {
if ($this->getUserGroup() == 'Admin') {
$this->sqlStml = "SELECT loginID,sqlCommand,timeAccess FROM erp_core.erp_sqls WHERE date(timeAccess)=? ORDER BY sqlID DESC";
$this->dbStmt = $this->pdo->prepare($this->sqlStml);
if ($this->dbStmt->execute([$dated])) {
$rows = $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
} else {
$this->sqlStml = "SELECT loginID,sqlCommand,timeAccess FROM erp_core.erp_sqls WHERE date(timeAccess)=? AND loginID=? ORDER BY sqlID DESC";
$this->dbStmt = $this->pdo->prepare($this->sqlStml);
if ($this->dbStmt->execute([$dated, $_SESSION['loginID']])) {
$rows = $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
}
return $rows;
}
// **********************************************************
// multi app calling functions *
// **********************************************************
// *********** country **************
function listCountrys() {
$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_countrys ORDER BY countryID");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
function selectCountry() {
$this->dbStmt = $this->pdo->query("SELECT countryCode,countryName FROM erp_core.erp_countrys ORDER BY countryName");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
function getCountryNameByCountryCode($countryCode) {
$this->dbStmt = $this->pdo->prepare("SELECT countryName FROM erp_core.erp_countrys WHERE countryCode=?");
if ($this->dbStmt->execute([ucfirst($countryCode)])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['countryName'];
}
}
// *********** state **************
function listStates($countryCode) {
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_states WHERE countryID=(SELECT countryID FROM erp_core.erp_countrys WHERE countryCode=?)");
if ($this->dbStmt->execute([ucfirst($countryCode)])) {
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
}
function getStateNameByStateID($stateID) {
$this->dbStmt = $this->pdo->prepare("SELECT stateName FROM erp_core.erp_states WHERE stateID=?");
if ($this->dbStmt->execute([$stateID])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['stateName'];
}
}
function getStateIDByStateName($stateName) {
$this->dbStmt = $this->pdo->prepare("SELECT stateID FROM erp_core.erp_states WHERE stateName=?");
if ($this->dbStmt->execute([ucwords(strtolower($stateName))])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return ($row['stateID'] ? $row['stateID'] : 0);
}
return 0;
}
function selectState() {
$this->dbStmt = $this->pdo->query("SELECT stateID,stateName FROM erp_core.erp_states ORDER BY stateName");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
// *********** district **************
function getDistrictNameByDistrictID($districtID) {
$this->dbStmt = $this->pdo->prepare("SELECT districtName FROM erp_core.erp_districts WHERE districtID=?");
if ($this->dbStmt->execute([$districtID])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['districtName'];
}
}
function getDistrictIDByDistrictName($districtName) {
$this->dbStmt = $this->pdo->prepare("SELECT districtID FROM erp_core.erp_districts WHERE districtName=?");
if ($this->dbStmt->execute([ucfirst($districtName)])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return ($row['districtID'] ? $row['districtID'] : 0);
}
return 0;
}
function selectDistrict($stateID=0) {
$this->dbStmt = $this->pdo->prepare("SELECT districtID,districtName FROM erp_core.erp_districts WHERE stateID=? ORDER BY districtName");
if ($this->dbStmt->execute([$stateID])) {
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
}
// **************************************** institute *****************************************
function getInstitute() {
$this->dbStmt = $this->pdo->prepare("SELECT * FROM erp_core.erp_institutes WHERE instituteID=?");
if ($this->dbStmt->execute([$_SESSION['instituteID']])) {
return $this->dbStmt->fetch(PDO::FETCH_ASSOC);
}
}
function listInstitutes() {
$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_institutes ORDER BY instituteID");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
function selectInstitute() {
$this->dbStmt = $this->pdo->query("SELECT * FROM erp_core.erp_institutes WHERE status='Enabled' ORDER BY instituteID");
return $this->dbStmt->fetchAll(PDO::FETCH_ASSOC);
}
function getInstituteCodeByInstituteID() {
$this->dbStmt = $this->pdo->prepare("SELECT instituteCode FROM erp_core.erp_institutes WHERE instituteID=?");
if ($this->dbStmt->execute([$_SESSION['instituteID']])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['instituteCode'];
}
}
function getInstituteNameByInstituteID() {
$this->dbStmt = $this->pdo->prepare("SELECT instituteName FROM erp_core.erp_institutes WHERE instituteID=?");
if ($this->dbStmt->execute([$_SESSION['instituteID']])) {
$row = $this->dbStmt->fetch(PDO::FETCH_ASSOC);
return $row['instituteName'];
}
}
}
?>