Integrated input class in controllers.

This commit is contained in:
alext 2017-09-19 15:44:32 +02:00
parent 9366089c82
commit 579b59b1ec
5 changed files with 92 additions and 97 deletions

View file

@ -220,7 +220,7 @@ class Appointments extends CI_Controller {
{ {
$email->sendDeleteAppointment($appointment, $provider, $email->sendDeleteAppointment($appointment, $provider,
$service, $customer, $company_settings, new Email($provider['email']), $service, $customer, $company_settings, new Email($provider['email']),
new Text($_POST['cancel_reason'])); new Text($this->input->post('cancel_reason')));
} }
$send_customer = filter_var($this->settings_model->get_setting('customer_notifications'), $send_customer = filter_var($this->settings_model->get_setting('customer_notifications'),
@ -230,7 +230,7 @@ class Appointments extends CI_Controller {
{ {
$email->sendDeleteAppointment($appointment, $provider, $email->sendDeleteAppointment($appointment, $provider,
$service, $customer, $company_settings, new Email($customer['email']), $service, $customer, $company_settings, new Email($customer['email']),
new Text($_POST['cancel_reason'])); new Text($this->input->post('cancel_reason')));
} }
} catch (Exception $exc) } catch (Exception $exc)
@ -321,7 +321,7 @@ class Appointments extends CI_Controller {
try try
{ {
// Do not continue if there was no provider selected (more likely there is no provider in the system). // Do not continue if there was no provider selected (more likely there is no provider in the system).
if (empty($_POST['provider_id'])) if (empty($this->input->post('provider_id')))
{ {
echo json_encode([]); echo json_encode([]);
return; return;
@ -329,36 +329,36 @@ class Appointments extends CI_Controller {
// If manage mode is TRUE then the following we should not consider the selected // If manage mode is TRUE then the following we should not consider the selected
// appointment when calculating the available time periods of the provider. // appointment when calculating the available time periods of the provider.
$exclude_appointments = ($_POST['manage_mode'] === 'true') $exclude_appointments = ($this->input->post('manage_mode') === 'true')
? [$_POST['appointment_id']] ? [$this->input->post('appointment_id')]
: []; : [];
// If the user has selected the "any-provider" option then we will need to search // If the user has selected the "any-provider" option then we will need to search
// for an available provider that will provide the requested service. // for an available provider that will provide the requested service.
if ($_POST['provider_id'] === ANY_PROVIDER) if ($this->input->post('provider_id') === ANY_PROVIDER)
{ {
$_POST['provider_id'] = $this->_search_any_provider($_POST['service_id'], $_POST['selected_date']); $_POST['provider_id'] = $this->_search_any_provider($this->input->post('service_id'), $this->input->post('selected_date'));
if ($_POST['provider_id'] === NULL) if ($this->input->post('provider_id') === NULL)
{ {
echo json_encode([]); echo json_encode([]);
return; return;
} }
} }
$availabilities_type = $this->services_model->get_value('availabilities_type', $_POST['service_id']); $availabilities_type = $this->services_model->get_value('availabilities_type', $this->input->post('service_id'));
$attendants_number = $this->services_model->get_value('attendants_number', $_POST['service_id']); $attendants_number = $this->services_model->get_value('attendants_number', $this->input->post('service_id'));
$empty_periods = $this->_get_provider_available_time_periods($_POST['provider_id'], $empty_periods = $this->_get_provider_available_time_periods($this->input->post('provider_id'),
$_POST['selected_date'], $exclude_appointments); $this->input->post('selected_date'), $exclude_appointments);
$available_hours = $this->_calculate_available_hours($empty_periods, $_POST['selected_date'], $available_hours = $this->_calculate_available_hours($empty_periods, $this->input->post('selected_date'),
$_POST['service_duration'], filter_var($_POST['manage_mode'], FILTER_VALIDATE_BOOLEAN), $this->input->post('service_duration'), filter_var($this->input->post('manage_mode'), FILTER_VALIDATE_BOOLEAN),
$availabilities_type); $availabilities_type);
if ($attendants_number > 1) if ($attendants_number > 1)
{ {
$this->_get_multiple_attendants_hours($available_hours, $attendants_number, $_POST['service_id'], $this->_get_multiple_attendants_hours($available_hours, $attendants_number, $this->input->post('service_id'),
$_POST['selected_date']); $this->input->post('selected_date'));
} }
echo json_encode($available_hours); echo json_encode($available_hours);
@ -380,7 +380,7 @@ class Appointments extends CI_Controller {
{ {
try try
{ {
$post_data = $_POST['post_data']; // alias $post_data = $this->input->post('post_data'); // alias
$post_data['manage_mode'] = filter_var($post_data['manage_mode'], FILTER_VALIDATE_BOOLEAN); $post_data['manage_mode'] = filter_var($post_data['manage_mode'], FILTER_VALIDATE_BOOLEAN);
$this->load->model('appointments_model'); $this->load->model('appointments_model');
@ -391,7 +391,7 @@ class Appointments extends CI_Controller {
// Validate the CAPTCHA string. // Validate the CAPTCHA string.
if ($this->settings_model->get_setting('require_captcha') === '1' if ($this->settings_model->get_setting('require_captcha') === '1'
&& $this->session->userdata('captcha_phrase') !== $_POST['captcha']) && $this->session->userdata('captcha_phrase') !== $this->input->post('captcha'))
{ {
echo json_encode([ echo json_encode([
'captcha_verification' => FALSE, 'captcha_verification' => FALSE,
@ -406,8 +406,8 @@ class Appointments extends CI_Controller {
throw new Exception($this->lang->line('requested_hour_is_unavailable')); throw new Exception($this->lang->line('requested_hour_is_unavailable'));
} }
$appointment = $_POST['post_data']['appointment']; $appointment = $this->input->post('post_data')['appointment'];
$customer = $_POST['post_data']['customer']; $customer = $this->input->post('post_data')['customer'];
if ($this->customers_model->exists($customer)) if ($this->customers_model->exists($customer))
{ {
@ -617,7 +617,7 @@ class Appointments extends CI_Controller {
$this->load->model('services_model'); $this->load->model('services_model');
$this->load->model('appointments_model'); $this->load->model('appointments_model');
$appointment = $_POST['post_data']['appointment']; $appointment = $this->input->post('post_data')['appointment'];
$service_duration = $this->services_model->get_value('duration', $appointment['id_services']); $service_duration = $this->services_model->get_value('duration', $appointment['id_services']);
@ -646,7 +646,7 @@ class Appointments extends CI_Controller {
{ {
$appointment['id_users_provider'] = $this->_search_any_provider($appointment['id_services'], $appointment['id_users_provider'] = $this->_search_any_provider($appointment['id_services'],
date('Y-m-d', strtotime($appointment['start_datetime']))); date('Y-m-d', strtotime($appointment['start_datetime'])));
$_POST['post_data']['appointment']['id_users_provider'] = $appointment['id_users_provider']; $this->input->post('post_data')['appointment']['id_users_provider'] = $appointment['id_users_provider'];
return TRUE; // The selected provider is always available. return TRUE; // The selected provider is always available.
} }

View file

@ -75,8 +75,8 @@ class Backend_api extends CI_Controller {
$this->load->model('services_model'); $this->load->model('services_model');
$this->load->model('providers_model'); $this->load->model('providers_model');
$startDate = $_POST['startDate'] . ' 00:00:00'; $startDate = $this->input->post('startDate') . ' 00:00:00';
$endDate = $_POST['endDate'] . ' 23:59:59'; $endDate = $this->input->post('endDate') . ' 23:59:59';
$response = [ $response = [
'appointments' => $this->appointments_model->get_batch([ 'appointments' => $this->appointments_model->get_batch([
@ -174,7 +174,7 @@ class Backend_api extends CI_Controller {
throw new Exception('You do not have the required privileges for this task.'); throw new Exception('You do not have the required privileges for this task.');
} }
if ( ! isset($_POST['filter_type'])) if ( ! $this->input->post('filter_type'))
{ {
echo json_encode(['appointments' => []]); echo json_encode(['appointments' => []]);
return; return;
@ -185,7 +185,7 @@ class Backend_api extends CI_Controller {
$this->load->model('services_model'); $this->load->model('services_model');
$this->load->model('customers_model'); $this->load->model('customers_model');
if ($_POST['filter_type'] == FILTER_TYPE_PROVIDER) if ($this->input->post('filter_type') == FILTER_TYPE_PROVIDER)
{ {
$where_id = 'id_users_provider'; $where_id = 'id_users_provider';
} else } else
@ -195,9 +195,9 @@ class Backend_api extends CI_Controller {
// Get appointments // Get appointments
$where_clause = [ $where_clause = [
$where_id => $_POST['record_id'], $where_id => $this->input->post('record_id'),
//'start_datetime >=' => $_POST['start_date'], //'start_datetime >=' => $this->input->post('start_date'),
//'end_datetime <=' => $_POST['end_date'], //'end_datetime <=' => $this->input->post('end_date'),
'is_unavailable' => FALSE 'is_unavailable' => FALSE
]; ];
@ -211,12 +211,12 @@ class Backend_api extends CI_Controller {
} }
// Get unavailable periods (only for provider). // Get unavailable periods (only for provider).
if ($_POST['filter_type'] == FILTER_TYPE_PROVIDER) if ($this->input->post('filter_type') == FILTER_TYPE_PROVIDER)
{ {
$where_clause = [ $where_clause = [
$where_id => $_POST['record_id'], $where_id => $this->input->post('record_id'),
//'start_datetime >=' => $_POST['start_date'], //'start_datetime >=' => $this->input->post('start_date'),
//'end_datetime <=' => $_POST['end_date'], //'end_datetime <=' => $this->input->post('end_date'),
'is_unavailable' => TRUE 'is_unavailable' => TRUE
]; ];
@ -252,9 +252,9 @@ class Backend_api extends CI_Controller {
$this->load->model('settings_model'); $this->load->model('settings_model');
// :: SAVE CUSTOMER CHANGES TO DATABASE // :: SAVE CUSTOMER CHANGES TO DATABASE
if (isset($_POST['customer_data'])) if ($this->input->post('customer_data'))
{ {
$customer = json_decode($_POST['customer_data'], TRUE); $customer = json_decode($this->input->post('customer_data'), TRUE);
$REQUIRED_PRIV = ( ! isset($customer['id'])) $REQUIRED_PRIV = ( ! isset($customer['id']))
? $this->privileges[PRIV_CUSTOMERS]['add'] ? $this->privileges[PRIV_CUSTOMERS]['add']
@ -268,9 +268,9 @@ class Backend_api extends CI_Controller {
} }
// :: SAVE APPOINTMENT CHANGES TO DATABASE // :: SAVE APPOINTMENT CHANGES TO DATABASE
if (isset($_POST['appointment_data'])) if ($this->input->post('appointment_data'))
{ {
$appointment = json_decode($_POST['appointment_data'], TRUE); $appointment = json_decode($this->input->post('appointment_data'), TRUE);
$REQUIRED_PRIV = ( ! isset($appointment['id'])) $REQUIRED_PRIV = ( ! isset($appointment['id']))
? $this->privileges[PRIV_APPOINTMENTS]['add'] ? $this->privileges[PRIV_APPOINTMENTS]['add']
@ -417,7 +417,7 @@ class Backend_api extends CI_Controller {
throw new Exception('You do not have the required privileges for this task.'); throw new Exception('You do not have the required privileges for this task.');
} }
if ( ! isset($_POST['appointment_id'])) if ( ! $this->input->post('appointment_id'))
{ {
throw new Exception('No appointment id provided.'); throw new Exception('No appointment id provided.');
} }
@ -429,7 +429,7 @@ class Backend_api extends CI_Controller {
$this->load->model('services_model'); $this->load->model('services_model');
$this->load->model('settings_model'); $this->load->model('settings_model');
$appointment = $this->appointments_model->get_row($_POST['appointment_id']); $appointment = $this->appointments_model->get_row($this->input->post('appointment_id'));
$provider = $this->providers_model->get_row($appointment['id_users_provider']); $provider = $this->providers_model->get_row($appointment['id_users_provider']);
$customer = $this->customers_model->get_row($appointment['id_users_customer']); $customer = $this->customers_model->get_row($appointment['id_users_customer']);
$service = $this->services_model->get_row($appointment['id_services']); $service = $this->services_model->get_row($appointment['id_services']);
@ -441,7 +441,7 @@ class Backend_api extends CI_Controller {
]; ];
// :: DELETE APPOINTMENT RECORD FROM DATABASE // :: DELETE APPOINTMENT RECORD FROM DATABASE
$this->appointments_model->delete($_POST['appointment_id']); $this->appointments_model->delete($this->input->post('appointment_id'));
// :: SYNC DELETE WITH GOOGLE CALENDAR // :: SYNC DELETE WITH GOOGLE CALENDAR
if ($appointment['id_google_calendar'] != NULL) if ($appointment['id_google_calendar'] != NULL)
@ -477,7 +477,7 @@ class Backend_api extends CI_Controller {
{ {
$email->sendDeleteAppointment($appointment, $provider, $email->sendDeleteAppointment($appointment, $provider,
$service, $customer, $company_settings, new Email($provider['email']), $service, $customer, $company_settings, new Email($provider['email']),
new Text($_POST['delete_reason'])); new Text($this->input->post('delete_reason')));
} }
$send_customer = $this->settings_model->get_setting('customer_notifications'); $send_customer = $this->settings_model->get_setting('customer_notifications');
@ -486,7 +486,7 @@ class Backend_api extends CI_Controller {
{ {
$email->sendDeleteAppointment($appointment, $provider, $email->sendDeleteAppointment($appointment, $provider,
$service, $customer, $company_settings, new Email($customer['email']), $service, $customer, $company_settings, new Email($customer['email']),
new Text($_POST['delete_reason'])); new Text($this->input->post('delete_reason')));
} }
} catch (Exception $exc) } catch (Exception $exc)
{ {
@ -525,22 +525,19 @@ class Backend_api extends CI_Controller {
{ {
try try
{ {
if ( ! isset($_POST['provider_id'])) if ( ! $this->input->post('provider_id'))
{ {
throw new Exception('Provider id not specified.'); throw new Exception('Provider id not specified.');
} }
if ($this->privileges[PRIV_USERS]['edit'] == FALSE if ($this->privileges[PRIV_USERS]['edit'] == FALSE
&& $this->session->userdata('user_id') != $_POST['provider_id']) && $this->session->userdata('user_id') != $this->input->post('provider_id'))
{ {
throw new Exception('You do not have the required privileges for this task.'); throw new Exception('You do not have the required privileges for this task.');
} }
$this->load->model('providers_model'); $this->load->model('providers_model');$this->load->model('appointments_model');$this->providers_model->set_setting('google_sync', FALSE, $this->input->post('provider_id'));
$this->load->model('appointments_model'); $this->providers_model->set_setting('google_token', NULL, $this->input->post('provider_id'));$this->appointments_model->clear_google_sync_ids($this->input->post('provider_id'));
$this->providers_model->set_setting('google_sync', FALSE, $_POST['provider_id']);
$this->providers_model->set_setting('google_token', NULL, $_POST['provider_id']);
$this->appointments_model->clear_google_sync_ids($_POST['provider_id']);
echo json_encode(AJAX_SUCCESS); echo json_encode(AJAX_SUCCESS);
@ -575,7 +572,7 @@ class Backend_api extends CI_Controller {
$this->load->model('providers_model'); $this->load->model('providers_model');
$this->load->model('customers_model'); $this->load->model('customers_model');
$key = $this->db->escape_str($_POST['key']); $key = $this->db->escape_str($this->input->post('key'));
$key = strtoupper($key); $key = strtoupper($key);
$where_clause = $where_clause =
@ -597,10 +594,8 @@ class Backend_api extends CI_Controller {
foreach ($appointments as &$appointment) foreach ($appointments as &$appointment)
{ {
$appointment['service'] = $this->services_model $appointment['service'] = $this->services_model->get_row($appointment['id_services']);
->get_row($appointment['id_services']); $appointment['provider'] = $this->providers_model->get_row($appointment['id_users_provider']);
$appointment['provider'] = $this->providers_model
->get_row($appointment['id_users_provider']);
} }
$customer['appointments'] = $appointments; $customer['appointments'] = $appointments;
@ -628,7 +623,7 @@ class Backend_api extends CI_Controller {
try try
{ {
// Check privileges // Check privileges
$unavailable = json_decode($_POST['unavailable'], TRUE); $unavailable = json_decode($this->input->post('unavailable'), TRUE);
$REQUIRED_PRIV = ( ! isset($unavailable['id'])) $REQUIRED_PRIV = ( ! isset($unavailable['id']))
? $this->privileges[PRIV_APPOINTMENTS]['add'] ? $this->privileges[PRIV_APPOINTMENTS]['add']
@ -713,7 +708,7 @@ class Backend_api extends CI_Controller {
$this->load->model('appointments_model'); $this->load->model('appointments_model');
$this->load->model('providers_model'); $this->load->model('providers_model');
$unavailable = $this->appointments_model->get_row($_POST['unavailable_id']); $unavailable = $this->appointments_model->get_row($this->input->post('unavailable_id'));
$provider = $this->providers_model->get_row($unavailable['id_users_provider']); $provider = $this->providers_model->get_row($unavailable['id_users_provider']);
// Delete unavailable // Delete unavailable
@ -765,7 +760,7 @@ class Backend_api extends CI_Controller {
try try
{ {
$this->load->model('customers_model'); $this->load->model('customers_model');
$customer = json_decode($_POST['customer'], TRUE); $customer = json_decode($this->input->post('customer'), TRUE);
$REQUIRED_PRIV = ( ! isset($customer['id'])) $REQUIRED_PRIV = ( ! isset($customer['id']))
? $this->privileges[PRIV_CUSTOMERS]['add'] ? $this->privileges[PRIV_CUSTOMERS]['add']
@ -805,7 +800,7 @@ class Backend_api extends CI_Controller {
} }
$this->load->model('customers_model'); $this->load->model('customers_model');
$this->customers_model->delete($_POST['customer_id']); $this->customers_model->delete($this->input->post('customer_id'));
echo json_encode(AJAX_SUCCESS); echo json_encode(AJAX_SUCCESS);
} catch (Exception $exc) } catch (Exception $exc)
{ {
@ -827,7 +822,7 @@ class Backend_api extends CI_Controller {
try try
{ {
$this->load->model('services_model'); $this->load->model('services_model');
$service = json_decode($_POST['service'], TRUE); $service = json_decode($this->input->post('service'), TRUE);
$REQUIRED_PRIV = ( ! isset($service['id'])) $REQUIRED_PRIV = ( ! isset($service['id']))
? $this->privileges[PRIV_SERVICES]['add'] ? $this->privileges[PRIV_SERVICES]['add']
@ -867,7 +862,7 @@ class Backend_api extends CI_Controller {
} }
$this->load->model('services_model'); $this->load->model('services_model');
$result = $this->services_model->delete($_POST['service_id']); $result = $this->services_model->delete($this->input->post('service_id'));
echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE); echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
} catch (Exception $exc) } catch (Exception $exc)
{ {
@ -896,7 +891,7 @@ class Backend_api extends CI_Controller {
} }
$this->load->model('services_model'); $this->load->model('services_model');
$key = $this->db->escape_str($_POST['key']); $key = $this->db->escape_str($this->input->post('key'));
$where = $where =
'(name LIKE "%' . $key . '%" OR duration LIKE "%' . $key . '%" OR ' . '(name LIKE "%' . $key . '%" OR duration LIKE "%' . $key . '%" OR ' .
'price LIKE "%' . $key . '%" OR currency LIKE "%' . $key . '%" OR ' . 'price LIKE "%' . $key . '%" OR currency LIKE "%' . $key . '%" OR ' .
@ -924,7 +919,7 @@ class Backend_api extends CI_Controller {
try try
{ {
$this->load->model('services_model'); $this->load->model('services_model');
$category = json_decode($_POST['category'], TRUE); $category = json_decode($this->input->post('category'), TRUE);
$REQUIRED_PRIV = ( ! isset($category['id'])) $REQUIRED_PRIV = ( ! isset($category['id']))
? $this->privileges[PRIV_SERVICES]['add'] ? $this->privileges[PRIV_SERVICES]['add']
@ -962,7 +957,7 @@ class Backend_api extends CI_Controller {
} }
$this->load->model('services_model'); $this->load->model('services_model');
$result = $this->services_model->delete_category($_POST['category_id']); $result = $this->services_model->delete_category($this->input->post('category_id'));
echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE); echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
} catch (Exception $exc) } catch (Exception $exc)
{ {
@ -991,7 +986,7 @@ class Backend_api extends CI_Controller {
} }
$this->load->model('services_model'); $this->load->model('services_model');
$key = $this->db->escape_str($_POST['key']); $key = $this->db->escape_str($this->input->post('key'));
$where = '(name LIKE "%' . $key . '%" OR description LIKE "%' . $key . '%")'; $where = '(name LIKE "%' . $key . '%" OR description LIKE "%' . $key . '%")';
$categories = $this->services_model->get_all_categories($where); $categories = $this->services_model->get_all_categories($where);
echo json_encode($categories); echo json_encode($categories);
@ -1022,7 +1017,7 @@ class Backend_api extends CI_Controller {
} }
$this->load->model('admins_model'); $this->load->model('admins_model');
$key = $this->db->escape_str($_POST['key']); $key = $this->db->escape_str($this->input->post('key'));
$where = $where =
'(first_name LIKE "%' . $key . '%" OR last_name LIKE "%' . $key . '%" ' . '(first_name LIKE "%' . $key . '%" OR last_name LIKE "%' . $key . '%" ' .
'OR email LIKE "%' . $key . '%" OR mobile_number LIKE "%' . $key . '%" ' . 'OR email LIKE "%' . $key . '%" OR mobile_number LIKE "%' . $key . '%" ' .
@ -1054,7 +1049,7 @@ class Backend_api extends CI_Controller {
try try
{ {
$this->load->model('admins_model'); $this->load->model('admins_model');
$admin = json_decode($_POST['admin'], TRUE); $admin = json_decode($this->input->post('admin'), TRUE);
$REQUIRED_PRIV = ( ! isset($admin['id'])) $REQUIRED_PRIV = ( ! isset($admin['id']))
? $this->privileges[PRIV_USERS]['add'] ? $this->privileges[PRIV_USERS]['add']
@ -1099,7 +1094,7 @@ class Backend_api extends CI_Controller {
} }
$this->load->model('admins_model'); $this->load->model('admins_model');
$result = $this->admins_model->delete($_POST['admin_id']); $result = $this->admins_model->delete($this->input->post('admin_id'));
echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE); echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
} catch (Exception $exc) } catch (Exception $exc)
{ {
@ -1128,7 +1123,7 @@ class Backend_api extends CI_Controller {
} }
$this->load->model('providers_model'); $this->load->model('providers_model');
$key = $this->db->escape_str($_POST['key']); $key = $this->db->escape_str($this->input->post('key'));
$where = $where =
'(first_name LIKE "%' . $key . '%" OR last_name LIKE "%' . $key . '%" ' . '(first_name LIKE "%' . $key . '%" OR last_name LIKE "%' . $key . '%" ' .
'OR email LIKE "%' . $key . '%" OR mobile_number LIKE "%' . $key . '%" ' . 'OR email LIKE "%' . $key . '%" OR mobile_number LIKE "%' . $key . '%" ' .
@ -1160,7 +1155,7 @@ class Backend_api extends CI_Controller {
try try
{ {
$this->load->model('providers_model'); $this->load->model('providers_model');
$provider = json_decode($_POST['provider'], TRUE); $provider = json_decode($this->input->post('provider'), TRUE);
$REQUIRED_PRIV = ( ! isset($provider['id'])) $REQUIRED_PRIV = ( ! isset($provider['id']))
? $this->privileges[PRIV_USERS]['add'] ? $this->privileges[PRIV_USERS]['add']
@ -1211,7 +1206,7 @@ class Backend_api extends CI_Controller {
} }
$this->load->model('providers_model'); $this->load->model('providers_model');
$result = $this->providers_model->delete($_POST['provider_id']); $result = $this->providers_model->delete($this->input->post('provider_id'));
echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE); echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
} catch (Exception $exc) } catch (Exception $exc)
{ {
@ -1240,7 +1235,7 @@ class Backend_api extends CI_Controller {
} }
$this->load->model('secretaries_model'); $this->load->model('secretaries_model');
$key = $this->db->escape_str($_POST['key']); $key = $this->db->escape_str($this->input->post('key'));
$where = $where =
'(first_name LIKE "%' . $key . '%" OR last_name LIKE "%' . $key . '%" ' . '(first_name LIKE "%' . $key . '%" OR last_name LIKE "%' . $key . '%" ' .
'OR email LIKE "%' . $key . '%" OR mobile_number LIKE "%' . $key . '%" ' . 'OR email LIKE "%' . $key . '%" OR mobile_number LIKE "%' . $key . '%" ' .
@ -1272,7 +1267,7 @@ class Backend_api extends CI_Controller {
try try
{ {
$this->load->model('secretaries_model'); $this->load->model('secretaries_model');
$secretary = json_decode($_POST['secretary'], TRUE); $secretary = json_decode($this->input->post('secretary'), TRUE);
$REQUIRED_PRIV = ( ! isset($secretary['id'])) $REQUIRED_PRIV = ( ! isset($secretary['id']))
? $this->privileges[PRIV_USERS]['add'] ? $this->privileges[PRIV_USERS]['add']
@ -1315,7 +1310,7 @@ class Backend_api extends CI_Controller {
} }
$this->load->model('secretaries_model'); $this->load->model('secretaries_model');
$result = $this->secretaries_model->delete($_POST['secretary_id']); $result = $this->secretaries_model->delete($this->input->post('secretary_id'));
echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE); echo ($result) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);
} catch (Exception $exc) } catch (Exception $exc)
{ {
@ -1340,25 +1335,25 @@ class Backend_api extends CI_Controller {
{ {
try try
{ {
if ($_POST['type'] == SETTINGS_SYSTEM) if ($this->input->post('type') == SETTINGS_SYSTEM)
{ {
if ($this->privileges[PRIV_SYSTEM_SETTINGS]['edit'] == FALSE) if ($this->privileges[PRIV_SYSTEM_SETTINGS]['edit'] == FALSE)
{ {
throw new Exception('You do not have the required privileges for this task.'); throw new Exception('You do not have the required privileges for this task.');
} }
$this->load->model('settings_model'); $this->load->model('settings_model');
$settings = json_decode($_POST['settings'], TRUE); $settings = json_decode($this->input->post('settings'), TRUE);
$this->settings_model->save_settings($settings); $this->settings_model->save_settings($settings);
} else } else
{ {
if ($_POST['type'] == SETTINGS_USER) if ($this->input->post('type') == SETTINGS_USER)
{ {
if ($this->privileges[PRIV_USER_SETTINGS]['edit'] == FALSE) if ($this->privileges[PRIV_USER_SETTINGS]['edit'] == FALSE)
{ {
throw new Exception('You do not have the required privileges for this task.'); throw new Exception('You do not have the required privileges for this task.');
} }
$this->load->model('user_model'); $this->load->model('user_model');
$this->user_model->save_settings(json_decode($_POST['settings'], TRUE)); $this->user_model->save_settings(json_decode($this->input->post('settings'), TRUE));
} }
} }
@ -1386,7 +1381,7 @@ class Backend_api extends CI_Controller {
// We will only use the function in the admins_model because it is sufficient // We will only use the function in the admins_model because it is sufficient
// for the rest user types for now (providers, secretaries). // for the rest user types for now (providers, secretaries).
$this->load->model('admins_model'); $this->load->model('admins_model');
$is_valid = $this->admins_model->validate_username($_POST['username'], $_POST['user_id']); $is_valid = $this->admins_model->validate_username($this->input->post('username'), $this->input->post('user_id'));
echo json_encode($is_valid); echo json_encode($is_valid);
} catch (Exception $exc) } catch (Exception $exc)
{ {
@ -1413,7 +1408,7 @@ class Backend_api extends CI_Controller {
$found = FALSE; $found = FALSE;
foreach ($this->config->item('available_languages') as $lang) foreach ($this->config->item('available_languages') as $lang)
{ {
if ($lang == $_POST['language']) if ($lang == $this->input->post('language'))
{ {
$found = TRUE; $found = TRUE;
break; break;
@ -1422,11 +1417,11 @@ class Backend_api extends CI_Controller {
if ( ! $found) if ( ! $found)
{ {
throw new Exception('Translations for the given language does not exist (' . $_POST['language'] . ').'); throw new Exception('Translations for the given language does not exist (' . $this->input->post('language') . ').');
} }
$this->session->set_userdata('language', $_POST['language']); $this->session->set_userdata('language', $this->input->post('language'));
$this->config->set_item('language', $_POST['language']); $this->config->set_item('language', $this->input->post('language'));
echo json_encode(AJAX_SUCCESS); echo json_encode(AJAX_SUCCESS);
@ -1455,16 +1450,16 @@ class Backend_api extends CI_Controller {
$this->load->library('google_sync'); $this->load->library('google_sync');
$this->load->model('providers_model'); $this->load->model('providers_model');
if ( ! isset($_POST['provider_id'])) if ( ! $this->input->post('provider_id'))
{ {
throw new Exception('Provider id is required in order to fetch the google calendars.'); throw new Exception('Provider id is required in order to fetch the google calendars.');
} }
// Check if selected provider has sync enabled. // Check if selected provider has sync enabled.
$google_sync = $this->providers_model->get_setting('google_sync', $_POST['provider_id']); $google_sync = $this->providers_model->get_setting('google_sync', $this->input->post('provider_id'));
if ($google_sync) if ($google_sync)
{ {
$google_token = json_decode($this->providers_model->get_setting('google_token', $_POST['provider_id'])); $google_token = json_decode($this->providers_model->get_setting('google_token', $this->input->post('provider_id')));
$this->google_sync->refresh_token($google_token->refresh_token); $this->google_sync->refresh_token($google_token->refresh_token);
$calendars = $this->google_sync->get_google_calendars(); $calendars = $this->google_sync->get_google_calendars();
echo json_encode($calendars); echo json_encode($calendars);
@ -1495,14 +1490,14 @@ class Backend_api extends CI_Controller {
try try
{ {
if ($this->privileges[PRIV_USERS]['edit'] == FALSE if ($this->privileges[PRIV_USERS]['edit'] == FALSE
&& $this->session->userdata('user_id') != $_POST['provider_id']) && $this->session->userdata('user_id') != $this->input->post('provider_id'))
{ {
throw new Exception('You do not have the required privileges for this task.'); throw new Exception('You do not have the required privileges for this task.');
} }
$this->load->model('providers_model'); $this->load->model('providers_model');
$result = $this->providers_model->set_setting('google_calendar', $_POST['calendar_id'], $result = $this->providers_model->set_setting('google_calendar', $this->input->post('calendar_id'),
$_POST['provider_id']); $this->input->post('provider_id'));
echo json_encode(($result) ? AJAX_SUCCESS : AJAX_FAILURE); echo json_encode(($result) ? AJAX_SUCCESS : AJAX_FAILURE);
} catch (Exception $exc) } catch (Exception $exc)

View file

@ -59,10 +59,10 @@ class Google extends CI_Controller {
*/ */
public function oauth_callback() public function oauth_callback()
{ {
if (isset($_GET['code'])) if ($this->input->get('code'))
{ {
$this->load->library('Google_sync'); $this->load->library('Google_sync');
$token = $this->google_sync->authenticate($_GET['code']); $token = $this->google_sync->authenticate($this->input->get('code'));
// Store the token into the database for future reference. // Store the token into the database for future reference.
if (isset($_SESSION['oauth_provider_id'])) if (isset($_SESSION['oauth_provider_id']))

View file

@ -92,7 +92,7 @@ class Installation extends CI_Controller {
// Insert admin // Insert admin
$this->load->model('admins_model'); $this->load->model('admins_model');
$admin = json_decode($_POST['admin'], TRUE); $admin = json_decode($this->input->post('admin'), TRUE);
$admin['settings']['username'] = $admin['username']; $admin['settings']['username'] = $admin['username'];
$admin['settings']['password'] = $admin['password']; $admin['settings']['password'] = $admin['password'];
$admin['settings']['calendar_view'] = CALENDAR_VIEW_DEFAULT; $admin['settings']['calendar_view'] = CALENDAR_VIEW_DEFAULT;
@ -107,7 +107,7 @@ class Installation extends CI_Controller {
// Save company settings // Save company settings
$this->load->model('settings_model'); $this->load->model('settings_model');
$company = json_decode($_POST['company'], TRUE); $company = json_decode($this->input->post('company'), TRUE);
$this->settings_model->set_setting('company_name', $company['company_name']); $this->settings_model->set_setting('company_name', $company['company_name']);
$this->settings_model->set_setting('company_email', $company['company_email']); $this->settings_model->set_setting('company_email', $company['company_email']);
$this->settings_model->set_setting('company_link', $company['company_link']); $this->settings_model->set_setting('company_link', $company['company_link']);

View file

@ -121,13 +121,13 @@ class User extends CI_Controller {
{ {
try try
{ {
if ( ! isset($_POST['username']) || ! isset($_POST['password'])) if ( ! $this->input->post('username') || ! $this->input->post('password'))
{ {
throw new Exception('Invalid credentials given!'); throw new Exception('Invalid credentials given!');
} }
$this->load->model('user_model'); $this->load->model('user_model');
$user_data = $this->user_model->check_login($_POST['username'], $_POST['password']); $user_data = $this->user_model->check_login($this->input->post('username'), $this->input->post('password'));
if ($user_data) if ($user_data)
{ {
@ -159,7 +159,7 @@ class User extends CI_Controller {
{ {
try try
{ {
if ( ! isset($_POST['username']) || ! isset($_POST['email'])) if ( ! $this->input->post('username') || ! $this->input->post('email'))
{ {
throw new Exception('You must enter a valid username and email address in ' throw new Exception('You must enter a valid username and email address in '
. 'order to get a new password!'); . 'order to get a new password!');
@ -168,7 +168,7 @@ class User extends CI_Controller {
$this->load->model('user_model'); $this->load->model('user_model');
$this->load->model('settings_model'); $this->load->model('settings_model');
$new_password = $this->user_model->regenerate_password($_POST['username'], $_POST['email']); $new_password = $this->user_model->regenerate_password($this->input->post('username'), $this->input->post('email'));
if ($new_password != FALSE) if ($new_password != FALSE)
{ {
@ -180,7 +180,7 @@ class User extends CI_Controller {
'company_email' => $this->settings_model->get_setting('company_email') 'company_email' => $this->settings_model->get_setting('company_email')
]; ];
$email->sendPassword(new NonEmptyText($new_password), new Email($_POST['email']), $company_settings); $email->sendPassword(new NonEmptyText($new_password), new Email($this->input->post('email')), $company_settings);
} }
echo ($new_password != FALSE) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE); echo ($new_password != FALSE) ? json_encode(AJAX_SUCCESS) : json_encode(AJAX_FAILURE);