PageRenderTime 62ms CodeModel.GetById 31ms RepoModel.GetById 1ms app.codeStats 0ms

/lib/contents/member.inc.php

https://gitlab.com/mucill/majalengka
PHP | 767 lines | 570 code | 59 blank | 138 comment | 101 complexity | 7d8b660f88cd0abc7e85e183b842d920 MD5 | raw file
  1. <?php
  2. /**
  3. *
  4. * Member Area/Information
  5. * Copyright (C) 2009 Arie Nugraha (dicarve@yahoo.com)
  6. * Patched by Hendro Wicaksono (hendrowicaksono@yahoo.com)
  7. *
  8. * This program is free software; you can redistribute it and/or modify
  9. * it under the terms of the GNU General Public License as published by
  10. * the Free Software Foundation; either version 2 of the License, or
  11. * (at your option) any later version.
  12. *
  13. * This program is distributed in the hope that it will be useful,
  14. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16. * GNU General Public License for more details.
  17. *
  18. * You should have received a copy of the GNU General Public License
  19. * along with this program; if not, write to the Free Software
  20. * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  21. *
  22. */
  23. // be sure that this file not accessed directly
  24. if (!defined('INDEX_AUTH')) {
  25. die("can not access this file directly");
  26. } elseif (INDEX_AUTH != 1) {
  27. die("can not access this file directly");
  28. }
  29. require SIMBIO.'simbio_DB/simbio_dbop.inc.php';
  30. // IP based access limitation
  31. do_checkIP('opac');
  32. do_checkIP('opac-member');
  33. // required file
  34. require LIB.'member_logon.inc.php';
  35. // check if member already logged in
  36. $is_member_login = utility::isMemberLogin();
  37. $info = __('Welcome to Member\'s Area where you can view your current loan information and view your membership status.');
  38. // member's password changing flags
  39. define('CURR_PASSWD_WRONG', -1);
  40. define('PASSWD_NOT_MATCH', -2);
  41. define('CANT_UPDATE_PASSWD', -3);
  42. // if member is logged out
  43. if (isset($_GET['logout']) && $_GET['logout'] == '1') {
  44. // write log
  45. utility::writeLogs($dbs, 'member', $_SESSION['email'], 'Login', $_SESSION['member_name'].' Log Out from address '.$_SERVER['REMOTE_ADDR']);
  46. // completely destroy session cookie
  47. simbio_security::destroySessionCookie(null, MEMBER_COOKIES_NAME, SWB, false);
  48. header('Location: index.php?p=member');
  49. header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
  50. header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');
  51. header('Pragma: no-cache');
  52. exit();
  53. }
  54. // if there is member login action
  55. if (isset($_POST['logMeIn']) && !$is_member_login) {
  56. $username = trim(strip_tags($_POST['memberID']));
  57. $password = trim(strip_tags($_POST['memberPassWord']));
  58. // check if username or password is empty
  59. if (!$username OR !$password) {
  60. echo '<div class="errorBox">'.__('Please fill your Username and Password to Login!').'</div>';
  61. } else {
  62. # <!-- Captcha form processing - start -->
  63. if ($sysconf['captcha']['member']['enable']) {
  64. if ($sysconf['captcha']['member']['type'] == 'recaptcha') {
  65. require_once LIB.$sysconf['captcha']['member']['folder'].'/'.$sysconf['captcha']['member']['incfile'];
  66. $privatekey = $sysconf['captcha']['member']['privatekey'];
  67. $resp = recaptcha_check_answer ($privatekey,
  68. $_SERVER["REMOTE_ADDR"],
  69. $_POST["recaptcha_challenge_field"],
  70. $_POST["recaptcha_response_field"]);
  71. if (!$resp->is_valid) {
  72. // What happens when the CAPTCHA was entered incorrectly
  73. session_unset();
  74. header("location:index.php?p=member&captchaInvalid=true");
  75. die();
  76. }
  77. } else if ($sysconf['captcha']['member']['type'] == 'others') {
  78. # other captchas here
  79. }
  80. }
  81. # <!-- Captcha form processing - end -->
  82. // regenerate session ID to prevent session hijacking
  83. session_regenerate_id(true);
  84. // create logon class instance
  85. $logon = new member_logon($username, $password, $sysconf['auth']['member']['method']);
  86. if ($sysconf['auth']['member']['method'] === 'LDAP') {
  87. $ldap_configs = $sysconf['auth']['member'];
  88. }
  89. if ($logon->valid($dbs)) {
  90. // write log
  91. utility::writeLogs($dbs, 'member', $username, 'Login', 'Login success for member '.$username.' from address '.$_SERVER['REMOTE_ADDR']);
  92. header('Location: index.php?p=member');
  93. exit();
  94. } else {
  95. // md5 password
  96. $md5_password = MD5($password);
  97. // query password
  98. $_pass_q = $dbs->query('SELECT mpasswd FROM member WHERE member_id = \''.$username.'\'');
  99. $_pass_d = $_pass_q->fetch_row();
  100. if ($_pass_d[0] === $md5_password) {
  101. $msg = '';
  102. $msg .= '<div class="panel panel-danger">';
  103. $msg .= '<div class="panel-heading">'.__('Please update your password!').'</div>';
  104. $msg .= '<div class="panel-body">';
  105. $msg .= '<form method="post" action="index.php?p=member">';
  106. $msg .= '<div class="form-group">';
  107. $msg .= '<label for="isusername">Username</label>';
  108. $msg .= '<input type="text" class="form-control" id="isusername" name="isusername" placeholder="Username">';
  109. $msg .= '</div>';
  110. $msg .= '<div class="form-group">';
  111. $msg .= '<label for="isoldpassword">Current Password</label>';
  112. $msg .= '<input type="password" class="form-control" id="isoldpassword" name="isoldpassword" placeholder="Old Password">';
  113. $msg .= '</div>';
  114. $msg .= '<div class="form-group">';
  115. $msg .= '<label for="isnewpassword">New Password</label>';
  116. $msg .= '<input type="password" class="form-control" id="isnewpassword" name="isnewpassword" placeholder="New Password">';
  117. $msg .= '</div>';
  118. $msg .= '<div class="form-group">';
  119. $msg .= '<label for="isconfirmnewpassword">Confirm New Password</label>';
  120. $msg .= '<input type="password" class="form-control" id="isconfirmnewpassword" name="isconfirmnewpassword" placeholder="Confirm New Password">';
  121. $msg .= '</div>';
  122. $msg .= '</div>';
  123. $msg .= '<div class="panel-footer">';
  124. $msg .= '<button type="submit" name="renewPass" class="btn btn-success">Update</button>';
  125. $msg .= '</form></div></div>';
  126. simbio_security::destroySessionCookie($msg, MEMBER_COOKIES_NAME, SWB, false);
  127. } else {
  128. // write log
  129. utility::writeLogs($dbs, 'member', $username, 'Login', 'Login FAILED for member '.$username.' from address '.$_SERVER['REMOTE_ADDR']);
  130. // message
  131. $msg = '<div class="errorBox">'.__('Login FAILED! Wrong username or password!').'</div>';
  132. simbio_security::destroySessionCookie($msg, MEMBER_COOKIES_NAME, SWB, false);
  133. }
  134. }
  135. }
  136. }
  137. // check if member already login
  138. if (!$is_member_login) {
  139. function procChangePasswordNew($str_user, $str_curr_pass, $str_new_pass, $str_conf_new_pass)
  140. {
  141. global $dbs;
  142. // current password checking
  143. $_sql_pass_check = sprintf('SELECT member_id FROM member
  144. WHERE mpasswd=MD5(\'%s\') AND member_id=\'%s\'',
  145. $dbs->escape_string(trim($str_curr_pass)), $dbs->escape_string(trim($str_user)));
  146. $_pass_check = $dbs->query($_sql_pass_check);
  147. if ($_pass_check->num_rows == 1) {
  148. $str_new_pass = trim($str_new_pass);
  149. $str_conf_new_pass = trim($str_conf_new_pass);
  150. // password confirmation check
  151. if ($str_new_pass && $str_conf_new_pass && ($str_new_pass === $str_conf_new_pass)) {
  152. $_new_password = password_hash($str_conf_new_pass, PASSWORD_BCRYPT);
  153. $_sql_update_mpasswd = sprintf('UPDATE member SET mpasswd=\'%s\'
  154. WHERE member_id=\'%s\'', $dbs->escape_string($_new_password), $dbs->escape_string(trim($str_user)));
  155. @$dbs->query($_sql_update_mpasswd);
  156. if (!$dbs->error) {
  157. return true;
  158. } else {
  159. return CANT_UPDATE_PASSWD;
  160. }
  161. } else {
  162. return PASSWD_NOT_MATCH;
  163. }
  164. } else {
  165. return CURR_PASSWD_WRONG;
  166. }
  167. }
  168. // if there is change md5 password request
  169. if (isset($_POST['renewPass'])) {
  170. $change_pass = procChangePasswordNew($_POST['isusername'], $_POST['isoldpassword'], $_POST['isnewpassword'], $_POST['isconfirmnewpassword']);
  171. if ($change_pass === true) {
  172. $info = '<span style="font-size: 120%; font-weight: bold;">'.__('Your password have been changed successfully.').'</span>';
  173. $info_class = 'alert-success';
  174. } else {
  175. if ($change_pass === CURR_PASSWD_WRONG) {
  176. $info = __('Current password entered WRONG! Please insert the right password!');
  177. } else if ($change_pass === PASSWD_NOT_MATCH) {
  178. $info = __('Password confirmation FAILED! Make sure to check undercase or uppercase letters!');
  179. } else {
  180. $info = __('Password update FAILED! ERROR ON DATABASE!');
  181. }
  182. $info_class = 'alert-danger';
  183. }
  184. $msg = '<div class="alert '.$info_class.'"><span>'.$info.'</span></div>';
  185. simbio_security::destroySessionCookie($msg, MEMBER_COOKIES_NAME, SWB, false);
  186. }
  187. ?>
  188. <div class="tagline"><?php echo __('Library Member Login'); ?></div>
  189. <?php
  190. // captcha invalid warning
  191. if (isset($_GET['captchaInvalid']) && $_GET['captchaInvalid'] === 'true') {
  192. echo '<div class="errorBox">'.__('Wrong Captcha Code entered, Please write the right code!').'</div>';
  193. }
  194. ?>
  195. <div class="loginInfo"><?php echo __('Please insert your member ID and password given by library system administrator. If you are library\'s member and don\'t have a password yet, please contact library staff.'); ?></div>
  196. <!-- Captcha preloaded javascript - start -->
  197. <?php if ($sysconf['captcha']['member']['enable']) { ?>
  198. <?php if ($sysconf['captcha']['member']['type'] == "recaptcha") { ?>
  199. <script type="text/javascript">
  200. var RecaptchaOptions = {
  201. theme : '<?php echo$sysconf['captcha']['member']['recaptcha']['theme']; ?>',
  202. lang : '<?php echo$sysconf['captcha']['member']['recaptcha']['lang']; ?>',
  203. <?php if($sysconf['captcha']['member']['recaptcha']['customlang']['enable']) { ?>
  204. custom_translations : {
  205. instructions_visual : "<?php echo $sysconf['captcha']['member']['recaptcha']['customlang']['instructions_visual']; ?>",
  206. instructions_audio : "<?php echo $sysconf['captcha']['member']['recaptcha']['customlang']['instructions_audio']; ?>",
  207. play_again : "<?php echo $sysconf['captcha']['member']['recaptcha']['customlang']['play_again']; ?>",
  208. cant_hear_this : "<?php echo $sysconf['captcha']['member']['recaptcha']['customlang']['cant_hear_this']; ?>",
  209. visual_challenge : "<?php echo $sysconf['captcha']['member']['recaptcha']['customlang']['visual_challenge']; ?>",
  210. audio_challenge : "<?php echo $sysconf['captcha']['member']['recaptcha']['customlang']['audio_challenge']; ?>",
  211. refresh_btn : "<?php echo $sysconf['captcha']['member']['recaptcha']['customlang']['refresh_btn']; ?>",
  212. help_btn : "<?php echo $sysconf['captcha']['member']['recaptcha']['customlang']['help_btn']; ?>",
  213. incorrect_try_again : "<?php echo $sysconf['captcha']['member']['recaptcha']['customlang']['incorrect_try_again']; ?>",
  214. },
  215. <?php } ?>
  216. };
  217. </script>
  218. <?php } ?>
  219. <?php } ?>
  220. <!-- Captcha preloaded javascript - end -->
  221. <div class="loginInfo">
  222. <form action="index.php?p=member" method="post">
  223. <div class="fieldLabel"><?php echo __('Member ID'); ?></div>
  224. <div class="login_input"><input type="text" name="memberID" /></div>
  225. <div class="fieldLabel marginTop"><?php echo __('Password'); ?></div>
  226. <div class="login_input"><input type="password" name="memberPassWord" /></div>
  227. <!-- Captcha in form - start -->
  228. <div>
  229. <?php if ($sysconf['captcha']['member']['enable']) { ?>
  230. <?php if ($sysconf['captcha']['member']['type'] == "recaptcha") { ?>
  231. <div class="captchaMember">
  232. <?php
  233. require_once LIB.$sysconf['captcha']['member']['folder'].'/'.$sysconf['captcha']['member']['incfile'];
  234. $publickey = $sysconf['captcha']['member']['publickey'];
  235. echo recaptcha_get_html($publickey);
  236. ?>
  237. </div>
  238. <!-- <div><input type="text" name="captcha_code" id="captcha-form" style="width: 80%;" /></div> -->
  239. <?php
  240. } elseif ($sysconf['captcha']['member']['type'] == "others") {
  241. }
  242. #debugging
  243. #echo SWB.'lib/'.$sysconf['captcha']['folder'].'/'.$sysconf['captcha']['webfile'];
  244. } ?>
  245. </div>
  246. <!-- Captcha in form - end -->
  247. <input type="submit" name="logMeIn" value="<?php echo __('Login'); ?>" class="memberButton" />
  248. </form>
  249. </div>
  250. </div>
  251. <?php
  252. } else {
  253. /*
  254. * Function to show member change password form
  255. *
  256. * @return string
  257. */
  258. function changePassword()
  259. {
  260. // show the member information
  261. $_form = '<form id="memberChangePassword" method="post" action="index.php?p=member">'."\n";
  262. $_form .= '<table class="memberDetail" cellpadding="5" cellspacing="0">'."\n";
  263. $_form .= '<tr>'."\n";
  264. $_form .= '<td class="key alterCell" width="20%"><strong>'.__('Current Password').'</strong></td>';
  265. $_form .= '<td class="value alterCell2"><input type="password" name="currPass" /></td>';
  266. $_form .= '</tr>'."\n";
  267. $_form .= '<tr>'."\n";
  268. $_form .= '<td class="key alterCell" width="20%"><strong>'.__('New Password').'</strong></td>';
  269. $_form .= '<td class="value alterCell2"><input type="password" name="newPass" /></td>';
  270. $_form .= '</tr>'."\n";
  271. $_form .= '<tr>'."\n";
  272. $_form .= '<td class="key alterCell" width="20%"><strong>'.__('Confirm Password').'</strong></td>';
  273. $_form .= '<td class="value alterCell2"><input type="password" name="newPass2" /></td>';
  274. $_form .= '</tr>'."\n";
  275. $_form .= '<tr>'."\n";
  276. $_form .= '<td class="alterCell2" colspan="2"><input type="submit" id="loginButton" name="changePass" value="'.__('Change Password').'" /></td>';
  277. $_form .= '</tr>'."\n";
  278. $_form .= '</table>'."\n";
  279. $_form .= '</form>'."\n";
  280. return $_form;
  281. }
  282. /*
  283. * Function to process member's password changes
  284. *
  285. * @param string $str_curr_pass = member's current password
  286. * @param string $str_new_pass = member's new password request
  287. * @param string $str_conf_new_pass = member's new password request confirmation
  288. * @return boolean true on success, false on failed
  289. */
  290. function procChangePassword($str_curr_pass, $str_new_pass, $str_conf_new_pass)
  291. {
  292. global $dbs;
  293. // get hash from db
  294. $_str_pass_sql = sprintf('SELECT mpasswd FROM member
  295. WHERE member_id=\'%s\'', $dbs->escape_string(trim($_SESSION['mid'])));
  296. $_str_pass_q = $dbs->query($_str_pass_sql);
  297. $_str_pass_d = $_str_pass_q->fetch_row();
  298. $verified = password_verify($str_curr_pass, $_str_pass_d[0]);
  299. // current password checking
  300. // $_sql_pass_check = sprintf('SELECT member_id FROM member
  301. // WHERE mpasswd=MD5(\'%s\') AND member_id=\'%s\'',
  302. // $dbs->escape_string(trim($str_curr_pass)), $dbs->escape_string(trim($_SESSION['mid'])));
  303. // $_pass_check = $dbs->query($_sql_pass_check);
  304. if ($verified) {
  305. $str_new_pass = trim($str_new_pass);
  306. $str_conf_new_pass = trim($str_conf_new_pass);
  307. // password confirmation check
  308. if ($str_new_pass && $str_conf_new_pass && ($str_new_pass === $str_conf_new_pass)) {
  309. $_new_password = password_hash($str_conf_new_pass, PASSWORD_BCRYPT);
  310. $_sql_update_mpasswd = sprintf('UPDATE member SET mpasswd=\'%s\'
  311. WHERE member_id=\'%s\'', $dbs->escape_string($_new_password), $dbs->escape_string(trim($_SESSION['mid'])));
  312. @$dbs->query($_sql_update_mpasswd);
  313. if (!$dbs->error) {
  314. return true;
  315. } else {
  316. return CANT_UPDATE_PASSWD;
  317. }
  318. } else {
  319. return PASSWD_NOT_MATCH;
  320. }
  321. } else {
  322. return CURR_PASSWD_WRONG;
  323. }
  324. }
  325. /*
  326. * Function to send reservation e-mail for titles in basket
  327. *
  328. * @return array
  329. */
  330. function sendReserveMail()
  331. {
  332. if (count($_SESSION['m_mark_biblio']) > 0) {
  333. $_ids = '(';
  334. foreach ($_SESSION['m_mark_biblio'] as $_biblio) {
  335. $_ids .= (integer)$_biblio.',';
  336. }
  337. $_ids = substr_replace($_ids, '', -1);
  338. $_ids .= ')';
  339. } else {
  340. return array('status' => 'ERROR', 'message' => 'No Titles to reserve');
  341. }
  342. global $dbs, $sysconf;
  343. require LIB.'phpmailer/class.phpmailer.php';
  344. $_mail = new PHPMailer(false);
  345. $_mail->IsSMTP();
  346. // get message template
  347. $_msg_tpl = @file_get_contents(SB.'template/reserve-mail-tpl.html');
  348. // date
  349. $_curr_date = date('Y-m-d H:i:s');
  350. // query
  351. $_biblio_q = $dbs->query("SELECT biblio_id, title FROM biblio WHERE biblio_id IN $_ids");
  352. // compile reservation data
  353. $_data = '<table width="100%" border="1">'."\n";
  354. $_data .= '<tr><th>Titles to reserve</th></tr>'."\n";
  355. while ($_title_d = $_biblio_q->fetch_assoc()) {
  356. $_data .= '<tr>';
  357. $_data .= '<td>'.$_title_d['title'].'</td>'."\n";
  358. $_data .= '</tr>';
  359. }
  360. $_data .= '</table>';
  361. // message
  362. $_message = str_ireplace(array('<!--MEMBER_ID-->', '<!--MEMBER_NAME-->', '<!--DATA-->', '<!--DATE-->'),
  363. array($_SESSION['mid'], $_SESSION['m_name'], $_data, $_curr_date), $_msg_tpl);
  364. // e-mail setting
  365. // $_mail->SMTPDebug = 2;
  366. $_mail->SMTPAuth = $sysconf['mail']['auth_enable'];
  367. $_mail->Host = $sysconf['mail']['server'];
  368. $_mail->Port = $sysconf['mail']['server_port'];
  369. $_mail->Username = $sysconf['mail']['auth_username'];
  370. $_mail->Password = $sysconf['mail']['auth_password'];
  371. $_mail->SetFrom($sysconf['mail']['from'], $sysconf['mail']['from_name']);
  372. $_mail->AddReplyTo($sysconf['mail']['reply_to'], $sysconf['mail']['reply_to_name']);
  373. // send carbon copy off reserve e-mail to member/requester
  374. $_mail->AddCC($_SESSION['m_email'], $_SESSION['m_name']);
  375. // send reservation e-mail to librarian
  376. $_mail->AddAddress($sysconf['mail']['from'], $sysconf['mail']['from_name']);
  377. // additional recipient
  378. if (isset($sysconf['mail']['add_recipients'])) {
  379. foreach ($sysconf['mail']['add_recipients'] as $_recps) {
  380. $_mail->AddAddress($_recps['from'], $_recps['from_name']);
  381. }
  382. }
  383. $_mail->Subject = 'Reservation request from Member '.$_SESSION['m_name'].' ('.$_SESSION['m_email'].')';
  384. $_mail->AltBody = strip_tags($_message);
  385. $_mail->MsgHTML($_message);
  386. $_sent = $_mail->Send();
  387. if (!$_sent) {
  388. return array('status' => 'ERROR', 'message' => $_mail->ErrorInfo);
  389. utility::writeLogs($this->obj_db, 'member', isset($_SESSION['mid'])?$_SESSION['mid']:'0', 'membership', 'FAILED to send reservation e-mail to '.$_SESSION['m_email'].' ('.$_mail->ErrorInfo.')');
  390. } else {
  391. return array('status' => 'SENT', 'message' => 'Overdue notification E-Mail have been sent to '.$_SESSION['m_email']);
  392. utility::writeLogs($this->obj_db, 'member', isset($_SESSION['mid'])?$_SESSION['mid']:'0', 'membership', 'Reservation notification e-mail sent to '.$_SESSION['m_email']);
  393. }
  394. }
  395. /*
  396. * Function to show member collection basket
  397. *
  398. * @param int number of loan records to show
  399. * @return string
  400. */
  401. function showBasket($num_recs_show = 20)
  402. {
  403. global $dbs;
  404. // table spec
  405. $_table_spec = 'biblio AS b';
  406. // create datagrid
  407. $_loan_list = new simbio_datagrid();
  408. $_loan_list->table_ID = 'basket';
  409. $_loan_list->setSQLColumn('b.biblio_id AS \''.__('Remove').'\'', 'b.title AS \''.__('Title').'\'');
  410. $_loan_list->setSQLorder('b.last_update DESC');
  411. $_criteria = 'biblio_id = 0';
  412. if (count($_SESSION['m_mark_biblio']) > 0) {
  413. $_ids = '';
  414. foreach ($_SESSION['m_mark_biblio'] as $_biblio) {
  415. $_ids .= (integer)$_biblio.',';
  416. }
  417. $_ids = substr_replace($_ids, '', -1);
  418. $_criteria = "b.biblio_id IN ($_ids)";
  419. }
  420. $_loan_list->setSQLCriteria($_criteria);
  421. $_loan_list->column_width[0] = '5%';
  422. $_loan_list->modifyColumnContent(0, '<input type="checkbox" name="basket[]" class="basketItem" value="{column_value}" />');
  423. // set table and table header attributes
  424. $_loan_list->table_attr = 'align="center" class="memberBasketList" cellpadding="5" cellspacing="0"';
  425. $_loan_list->table_header_attr = 'class="dataListHeader" style="font-weight: bold;"';
  426. $_loan_list->using_AJAX = false;
  427. // return the result
  428. $_result = '<form name="memberBasketListForm" id="memberBasketListForm" action="index.php?p=member" method="post">'."\n";
  429. $_datagrid = $_loan_list->createDataGrid($dbs, $_table_spec, $num_recs_show);
  430. if ($_loan_list->num_rows > 0) {
  431. $_actions = '<div class="memberBasketAction">';
  432. $_actions .= '<a href="index.php?p=member" class="basket reserve">'.__('Reserve title(s) on Basket').'</a> ';
  433. $_actions .= '<a href="index.php?p=member" class="basket clearAll" postdata="clear_biblio=1">'.__('Clear Basket').'</a> ';
  434. $_actions .= '<a href="index.php?p=member" class="basket clearOne">'.__('Remove selected title(s) from Basket').'</a> ';
  435. $_actions .= '</div>';
  436. $_result .= '<div class="memberBasketInfo">'.$_loan_list->num_rows.' '.__('title(s) on basket').$_actions.'</div>'."\n".$_datagrid;
  437. }
  438. $_result .= "\n</form>";
  439. return $_result;
  440. }
  441. /*
  442. * Function to show membership detail of logged in member
  443. *
  444. * @return string
  445. */
  446. function showMemberDetail()
  447. {
  448. // show the member information
  449. $_detail = '<table class="memberDetail" cellpadding="5" cellspacing="0">'."\n";
  450. // member notes and pending information
  451. if ($_SESSION['m_membership_pending'] || $_SESSION['m_is_expired']) {
  452. $_detail .= '<tr>'."\n";
  453. $_detail .= '<td class="key alterCell" width="15%"><strong>Notes</strong></td><td class="value alterCell2" colspan="3">';
  454. if ($_SESSION['m_is_expired']) {
  455. $_detail .= '<div style="color: #f00;">'.__('Your Membership Already EXPIRED! Please extend your membership.').'</div>';
  456. }
  457. if ($_SESSION['m_membership_pending']) {
  458. $_detail .= '<div style="color: #f00;">'.__('Membership currently in pending state, no loan transaction can be made yet.').'</div>';
  459. }
  460. $_detail .= '</td>';
  461. $_detail .= '</tr>'."\n";
  462. }
  463. $_detail .= '<tr>'."\n";
  464. $_detail .= '<td class="key alterCell" width="15%"><strong>'.__('Member Name').'</strong></td><td class="value alterCell2" width="30%">'.$_SESSION['m_name'].'</td>';
  465. $_detail .= '<td class="key alterCell" width="15%"><strong>'.__('Member ID').'</strong></td><td class="value alterCell2" width="30%">'.$_SESSION['mid'].'</td>';
  466. $_detail .= '</tr>'."\n";
  467. $_detail .= '<tr>'."\n";
  468. $_detail .= '<td class="key alterCell" width="15%"><strong>'.__('Member Email').'</strong></td><td class="value alterCell2" width="30%">'.$_SESSION['m_email'].'</td>';
  469. $_detail .= '<td class="key alterCell" width="15%"><strong>'.__('Member Type').'</strong></td><td class="value alterCell2" width="30%">'.$_SESSION['m_member_type'].'</td>';
  470. $_detail .= '</tr>'."\n";
  471. $_detail .= '<tr>'."\n";
  472. $_detail .= '<td class="key alterCell" width="15%"><strong>'.__('Register Date').'</strong></td><td class="value alterCell2" width="30%">'.$_SESSION['m_register_date'].'</td>';
  473. $_detail .= '<td class="key alterCell" width="15%"><strong>'.__('Expiry Date').'</strong></td><td class="value alterCell2" width="30%">'.$_SESSION['m_expire_date'].'</td>';
  474. $_detail .= '</tr>'."\n";
  475. $_detail .= '<tr>'."\n";
  476. $_detail .= '<td class="key alterCell" width="15%"><strong>'.__('Institution').'</strong></td>'
  477. .'<td class="value alterCell2" colspan="3">'.$_SESSION['m_institution'].'</td>';
  478. $_detail .= '</tr>'."\n";
  479. $_detail .= '</table>'."\n";
  480. return $_detail;
  481. }
  482. /* callback function to show overdue */
  483. function showOverdue($obj_db, $array_data)
  484. {
  485. $_curr_date = date('Y-m-d');
  486. if (simbio_date::compareDates($array_data[3], $_curr_date) == $_curr_date) {
  487. return '<strong style="color: #f00;">'.$array_data[3].' '.__('OVERDUED').'</strong>';
  488. } else {
  489. return $array_data[3];
  490. }
  491. }
  492. /*
  493. * Function to show list of logged in member loan
  494. *
  495. * @param int number of loan records to show
  496. * @return string
  497. */
  498. function showLoanList($num_recs_show = 20)
  499. {
  500. global $dbs;
  501. require SIMBIO.'simbio_GUI/table/simbio_table.inc.php';
  502. require SIMBIO.'simbio_DB/datagrid/simbio_dbgrid.inc.php';
  503. require SIMBIO.'simbio_GUI/paging/simbio_paging.inc.php';
  504. require SIMBIO.'simbio_UTILS/simbio_date.inc.php';
  505. // table spec
  506. $_table_spec = 'loan AS l
  507. LEFT JOIN member AS m ON l.member_id=m.member_id
  508. LEFT JOIN item AS i ON l.item_code=i.item_code
  509. LEFT JOIN biblio AS b ON i.biblio_id=b.biblio_id';
  510. // create datagrid
  511. $_loan_list = new simbio_datagrid();
  512. $_loan_list->disable_paging = true;
  513. $_loan_list->table_ID = 'loanlist';
  514. $_loan_list->setSQLColumn('l.item_code AS \''.__('Item Code').'\'',
  515. 'b.title AS \''.__('Title').'\'',
  516. 'l.loan_date AS \''.__('Loan Date').'\'',
  517. 'l.due_date AS \''.__('Due Date').'\'');
  518. $_loan_list->setSQLorder('l.loan_date DESC');
  519. $_criteria = sprintf('m.member_id=\'%s\' AND l.is_lent=1 AND is_return=0 ', $_SESSION['mid']);
  520. $_loan_list->setSQLCriteria($_criteria);
  521. // modify column value
  522. $_loan_list->modifyColumnContent(3, 'callback{showOverdue}');
  523. // set table and table header attributes
  524. $_loan_list->table_attr = 'align="center" class="memberLoanList" cellpadding="5" cellspacing="0"';
  525. $_loan_list->table_header_attr = 'class="dataListHeader" style="font-weight: bold;"';
  526. $_loan_list->using_AJAX = false;
  527. // return the result
  528. $_result = $_loan_list->createDataGrid($dbs, $_table_spec, $num_recs_show);
  529. $_result = '<div class="memberLoanListInfo">'.$_loan_list->num_rows.' '.__('item(s) currently on loan').' | <a href="?p=download_current_loan">Download All Current Loan</a></div>'."\n".$_result;
  530. return $_result;
  531. }
  532. /* Experimental Loan History - start */
  533. function showLoanHist($num_recs_show = 20)
  534. {
  535. global $dbs;
  536. // table spec
  537. $_table_spec = 'loan AS l
  538. LEFT JOIN member AS m ON l.member_id=m.member_id
  539. LEFT JOIN item AS i ON l.item_code=i.item_code
  540. LEFT JOIN biblio AS b ON i.biblio_id=b.biblio_id';
  541. // create datagrid
  542. $_loan_hist = new simbio_datagrid();
  543. $_loan_hist->disable_paging = true;
  544. $_loan_hist->table_ID = 'loanhist';
  545. $_loan_hist->setSQLColumn('l.item_code AS \''.__('Item Code').'\'',
  546. 'b.title AS \''.__('Title').'\'',
  547. 'l.loan_date AS \''.__('Loan Date').'\'',
  548. 'l.return_date AS \''.__('Return Date').'\'');
  549. $_loan_hist->setSQLorder('l.loan_date DESC');
  550. $_criteria = sprintf('m.member_id=\'%s\' AND l.is_lent=1 AND is_return=1 ', $_SESSION['mid']);
  551. $_loan_hist->setSQLCriteria($_criteria);
  552. // modify column value
  553. #$_loan_hist->modifyColumnContent(3, 'callback{showOverdue}');
  554. // set table and table header attributes
  555. $_loan_hist->table_attr = 'align="center" class="memberLoanList" cellpadding="5" cellspacing="0"';
  556. $_loan_hist->table_header_attr = 'class="dataListHeader" style="font-weight: bold;"';
  557. $_loan_hist->using_AJAX = false;
  558. // return the result
  559. $_result = $_loan_hist->createDataGrid($dbs, $_table_spec, $num_recs_show);
  560. $_result = '<div class="memberLoanHistInfo"> &nbsp;'.$_loan_hist->num_rows.' '.__('item(s) loan history').' | <a href="?p=download_loan_history">Download All Loan History</a></div>'."\n".$_result;
  561. return $_result;
  562. }
  563. /* Experimental Loan History - end */
  564. // if there is change password request
  565. if (isset($_POST['changePass']) && $sysconf['auth']['member']['method'] == 'native') {
  566. $change_pass = procChangePassword($_POST['currPass'], $_POST['newPass'], $_POST['newPass2']);
  567. if ($change_pass === true) {
  568. $info = '<span style="font-size: 120%; font-weight: bold;">'.__('Your password have been changed successfully.').'</span>';
  569. } else {
  570. if ($change_pass === CURR_PASSWD_WRONG) {
  571. $info = __('Current password entered WRONG! Please insert the right password!');
  572. } else if ($change_pass === PASSWD_NOT_MATCH) {
  573. $info = __('Password confirmation FAILED! Make sure to check undercase or uppercase letters!');
  574. } else {
  575. $info = __('Password update FAILED! ERROR ON DATABASE!');
  576. }
  577. $info = '<span style="font-size: 120%; font-weight: bold; color: red;">'.$info.'</span>';
  578. }
  579. }
  580. // send reserve e-mail
  581. if (isset($_POST['sendReserve'])) {
  582. $mail = sendReserveMail();
  583. // die();
  584. if ($mail['status'] != 'ERROR') {
  585. $info = __('Reservation e-mail sent successfully!');
  586. } else {
  587. $info = '<span style="font-size: 120%; font-weight: bold; color: red;">'.__(sprintf('Reservation e-mail FAILED to sent with error: %s Please contact administrator!', $mail['message'])).'</span>';
  588. }
  589. }
  590. // biblio basket add process
  591. if (isset($_POST['biblio'])) {
  592. if (!is_array($_POST['biblio']) && is_scalar($_POST['biblio'])) {
  593. $_tmp_biblio = $_POST['biblio']; unset($_POST['biblio']);
  594. $_POST['biblio'][] = $_tmp_biblio;
  595. }
  596. // check reserve limit
  597. if ( (count($_SESSION['m_mark_biblio'])+count($_POST['biblio'])) > $sysconf['max_biblio_mark'] ) {
  598. $info = '<span style="font-size: 120%; font-weight: bold; color: red;">Maximum '.$sysconf['max_biblio_mark'].' titles can be added to basket!</span>';
  599. } else {
  600. foreach ($_POST['biblio'] as $biblio) {
  601. $biblio = (integer)$biblio;
  602. $_SESSION['m_mark_biblio'][$biblio] = $biblio;
  603. }
  604. }
  605. }
  606. // biblio basket remove process
  607. if (isset($_GET['rm_biblio'])) {
  608. if (!is_array($_GET['rm_biblio']) && is_scalar($_GET['rm_biblio'])) {
  609. $_tmp_biblio = $_GET['rm_biblio']; unset($_GET['rm_biblio']);
  610. $_GET['rm_biblio'][] = $_tmp_biblio;
  611. }
  612. foreach ($_GET['rm_biblio'] as $biblio) {
  613. $biblio = (integer)$biblio;
  614. unset($_SESSION['m_mark_biblio'][$biblio]);
  615. }
  616. }
  617. // biblio basket item removal process
  618. if (isset($_POST['basketRemove']) && isset($_POST['basket']) && count($_POST['basket']) > 0) {
  619. foreach ($_POST['basket'] as $basket_item) {
  620. unset($_SESSION['m_mark_biblio'][$basket_item]);
  621. }
  622. }
  623. // biblio basket clear process
  624. if (isset($_POST['clear_biblio'])) {
  625. $_SESSION['m_mark_biblio'] = array();
  626. }
  627. // show all
  628. echo '<div class="tagline">';
  629. echo '<div class="memberInfoHead">'.__('Member Detail').'</div>'."\n";
  630. echo '</div>';
  631. echo '<div class="collection-list"><div class="item_list">';
  632. echo showMemberDetail();
  633. echo '</div>';
  634. echo '<div class="tagline">';
  635. echo '<div class="memberInfoHead">'.__('Your Current Loan').'</div>'."\n";
  636. echo '</div>';
  637. echo '<div class="collection-list"><div class="item_list">';
  638. echo showLoanList();
  639. echo '</div>';
  640. echo '<div class="tagline">';
  641. echo '<div class="memberInfoHead">'.__('Your Loan History').'</div>'."\n";
  642. echo '</div>';
  643. echo showLoanHist();
  644. echo '</div>';
  645. echo '<div class="tagline">';
  646. echo '<div class="memberInfoHead">'.__('Your Title Basket').'</div><a name="biblioBasket"></a>'."\n";
  647. echo showBasket();
  648. echo '</div>';
  649. // change password only form NATIVE authentication, not for others such as LDAP
  650. if ($sysconf['auth']['member']['method'] == 'native') {
  651. echo '<div class="tagline">';
  652. echo '<div class="memberInfoHead">'.__('Change Password').'</div>'."\n";
  653. echo '</div>';
  654. echo changePassword();
  655. }
  656. ?>
  657. <script type="text/javascript">
  658. $(document).ready( function() {
  659. $('.clearAll').click(function(evt) {
  660. evt.preventDefault();
  661. var anchor = $(this);
  662. // get anchor href
  663. var aHREF = anchor.attr('href');
  664. var postData = anchor.attr('postdata');
  665. if (confirm('Clear your title(s) basket?')) {
  666. // send ajax
  667. $.ajax({ type: 'POST',
  668. url: aHREF, cache: false, data: postData, async: false,
  669. success: function(ajaxRespond) {
  670. alert('Basket data cleared!');
  671. window.location.href = aHREF;
  672. }
  673. });
  674. }
  675. });
  676. $('.clearOne').click(function(evt) {
  677. evt.preventDefault();
  678. var basketForm = $('#memberBasketListForm');
  679. var basketData = basketForm.serialize() + '&basketRemove=1';
  680. // get anchor href
  681. var basketAction = basketForm.attr('action');
  682. if (confirm('Remove selected title(s) from basket?')) {
  683. // send ajax
  684. $.ajax({ type: 'POST',
  685. url: basketAction, cache: false, data: basketData, async: false,
  686. success: function(ajaxRespond) {
  687. alert('Selected basket data removed!');
  688. window.location.href = 'index.php?p=member';
  689. }
  690. });
  691. }
  692. });
  693. $('.reserve').click(function(evt) {
  694. evt.preventDefault();
  695. var anchor = $(this);
  696. // get anchor href
  697. var aHREF = anchor.attr('href');
  698. // send ajax
  699. $.ajax({ type: 'POST',
  700. url: aHREF, cache: false, data: 'sendReserve=1', async: false,
  701. success: function(ajaxRespond) { alert('Reservation e-mail sent'); window.location.href = aHREF; }
  702. });
  703. });
  704. }
  705. );
  706. </script>
  707. <?php
  708. }