RanchiMall/php-mpos
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update worker.class.php

Browse Source 
Cleaned up code
This commit is contained in:
Joey 2013-12-19 09:11:59 -05:00
parent d85ae9bd7c
commit 47a13f937b
1 changed files with 14 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
public/include/classes/worker.class.php
View File

@ -21,25 +21,19 @@ class Worker extends Base {
$username = $this->user->getUserName($account_id);
$iFailed = 0;
foreach ($data as $key => $value) {
$validWorker = 1;
if ('' === $value['username'] || '' === $value['password']) {
if ('' === $value['username'] || '' === $value['password']) {
$iFailed++;
} else {
// Check worker name first
if (! preg_match("/^[0-9a-zA-Z_\-]*$/", $value['username'])) {
$iFailed++;
continue;
}
// Prefix the WebUser to Worker name
$value['username'] = "$username." . $value['username'];
$stmt = $this->mysqli->prepare("UPDATE $this->table SET password = ?, username = ?, monitor = ? WHERE account_id = ? AND id = ?");
if ( ! ( $this->checkStmt($stmt) && $stmt->bind_param('ssiii', $value['password'], $value['username'], $value['monitor'], $account_id, $key) && $stmt->execute()) )
$iFailed++;
} else {
// Prefix the WebUser to Worker name
$value['username'] = "$username." . $value['username'];
// Ensure we have a sane worker name
$wData = explode('.', $value['username']);
$validName = (bool) preg_match("/^[0-9a-zA-Z_\-]*$/", $wData[1]);
if ($validName === false || strlen($value['username']) > 50) {
$validWorker = 0;
}
if ($validWorker) {
$stmt = $this->mysqli->prepare("UPDATE $this->table SET password = ?, username = ?, monitor = ? WHERE account_id = ? AND id = ?");
if ( ! ( $this->checkStmt($stmt) && $stmt->bind_param('ssiii', $value['password'], $value['username'], $value['monitor'], $account_id, $key) && $stmt->execute()) )
$iFailed++;
} else {
$iFailed++;
}
}
}
if ($iFailed == 0)
@ -236,15 +230,14 @@ class Worker extends Base {
$this->setErrorMessage($this->getErrorMsg('E0058'));
return false;
}
$validName = (bool) preg_match("/^[0-9a-zA-Z_\-]*$/", $workerName);
if ($validName === false) {
if (!preg_match("/^[0-9a-zA-Z_\-]*$/", $workerName)) {
$this->setErrorMessage($this->getErrorMsg('E0072'));
return false;
}
$username = $this->user->getUserName($account_id);
$workerName = "$username.$workerName";
if (strlen($workerName) > 50) {
$this->setErrorMessage($this->getErrorMessage('E0073'));
$this->setErrorMessage($this->getErrorMsg('E0073'));
return false;
}
$stmt = $this->mysqli->prepare("INSERT INTO $this->table (account_id, username, password) VALUES(?, ?, ?)");