File: /home/cafsindia/hrms_allyindian_com/application/controllers/Secure_Controller_bk.php
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
class Secure_Controller extends CI_Controller{
public function __construct($module_id = NULL, $submodule_id = NULL){
parent::__construct();
if(!$this->is_logged_in()){
redirect('login');
}
$logged_user = $this->get_logged_user_info();
if((int)$this->session->userdata('logged_role') === 12){
$logged_id = $logged_user->prime_cumstomer_id;
}else{
$logged_id = $logged_user->prime_employees_id;
}
if(!$this->has_module_grant($module_id, $logged_id)){
redirect('no_access/' . $module_id . '/' . $submodule_id);
}
$data['allowed_modules'] = $this->Module->get_allowed_modules($logged_id);
$data['header_menu'] = $this->Module->get_header_menu($logged_id);
$data['report_menu'] = $this->Module->get_report_menu($logged_user);
$data['template_menu'] = $this->Module->get_template_menu($logged_user);
$data['notification_menu'] = $this->Module->get_notification_count();
$data['company_info'] = $this->Module->get_company_info();
$data['user_info'] = $logged_user;
$data['controller_name'] = $module_id;
$this->load->vars($data);
}
public function is_logged_in(){
return ($this->session->userdata('logged_id') != FALSE);
}
public function get_logged_user_info(){
if($this->is_logged_in()){
return $this->get_info($this->session->userdata('logged_id'));
}
return FALSE;
}
public function get_info($logged_id){
if((int)$this->session->userdata('logged_role') === 12){
$this->db->from('cumstomer');
$this->db->join('cumstomer_cf', 'cumstomer_cf.prime_cumstomer_id = cumstomer.prime_cumstomer_id');
$this->db->join('category', 'category.prime_category_id = 12');
$this->db->where('cumstomer.prime_cumstomer_id', $logged_id);
$query = $this->db->get();
}else{
$this->db->from('employees');
$this->db->where('employees.prime_employees_id', $logged_id);
$this->db->join('category', 'category.prime_category_id = employees.role');
$query = $this->db->get();
}
if((int)$query->num_rows() === 1){
return $query->row();
}else{
$person_obj = "";
return $person_obj;
}
}
public function has_module_grant($permission_id, $logged_id){
if((int)$this->session->userdata('logged_role') === 12){
$this->db->from('grants_customer');
$this->db->like('permission_id', $permission_id, 'after');
$this->db->where('prime_customer_id', $logged_id);
$query = $this->db->get();
}else{
$this->db->from('grants');
$this->db->like('permission_id', $permission_id, 'after');
$this->db->where('prime_employees_id', $logged_id);
$query = $this->db->get();
}
if((int)$query->num_rows() > 0){
return true;
}else{
return false;
}
}
protected function xss_clean($str, $is_image = FALSE){
if($this->config->item('cw_xss_clean') == FALSE){
return $str;
}else{
return $this->security->xss_clean($str, $is_image);
}
}
public function index() { return FALSE; }
public function search() { return FALSE; }
public function suggest_search() { return FALSE; }
public function view($data_item_id = -1) { return FALSE; }
public function save($data_item_id = -1) { return FALSE; }
public function delete() { return FALSE; }
//DR FUNCTION FOR INSERT A FORM SETTING CREATE AND ALTER QRY TO (ALL SETTING QUERIES) TABLE
public function setting_cr_alt_queries_insert($table_qry){
$created_on = date("Y-m-d H:i:s");
$logged_user = $this->get_logged_user_info();
$logged_id = $logged_user->prime_employees_id;
$from_create_qry = 'insert into cw_all_setting_queries (all_setting_query,trans_created_by,trans_created_date) values ("'.$table_qry.'","'.$logged_id.'","'.$created_on.'")';
$this->db->query($from_create_qry);
}
//DR FUNCTION FOR INSERT A FORM SETTING INSERT AND UPDATE QRY TO (ALL SETTING QUERIES) TABLE
public function setting_qry_ins_upd_function($table_qry){
$created_on = date("Y-m-d H:i:s");
$logged_user = $this->get_logged_user_info();
$logged_id = $logged_user->prime_employees_id;
$this->db->query("CALL sp_setting_queries_insert ('$table_qry','$logged_id')");
}
//TL AND PM FETCH BASED ON TEAM
public function tl_pm_fetch(){
$team = $this->input->post("team");
//TEAM TABLE SELECT QUERY
$tl_pm_qry = 'select cw_team.team,cw_team.tl_report,tl.emp_name tl_name,cw_team.manager_report,pm.emp_name pm_name from cw_team inner join cw_employees tl on cw_team.tl_report = tl.employee_code and tl.termination_status = 0 inner join cw_employees pm on cw_team.manager_report = pm.employee_code and pm.termination_status = 0 where cw_team.prime_team_id = "'.$team.'" and tl.trans_status = 1 and pm.trans_status = 1 and cw_team.trans_status = 1';
$tl_pm_info = $this->db->query("CALL sp_a_run ('SELECT','$tl_pm_qry')");
$tl_pm_rslt = $tl_pm_info->result_array();
$tl_pm_info->next_result();
echo json_encode(array('success' => true,'message' => 'Proceed.!','tl_pm_arr' => $tl_pm_rslt));
}
//Generate Key
public function generateKey(){
$sess_id = $this->session->userdata('__ci_last_regenerate');
$employee_code = $this->session->userdata('logged_emp_code');
$encKey = $this->config->item("encKey");
$combineKey = $sess_id."||".$employee_code."||".$encKey;
$key = hash('sha512', $combineKey);
return $key;
}
//Decrypt Encrypted string from Javascript
public function cryptoDecrypt($encString){
try{
$key = $this->generateKey();
$password = hash('sha512', $key);
$keySize = 256;
$iterations = 1000;
$decSalt = substr($encString, 0, 32);
$decIvhex = substr($encString, 32, 32);
$encrypted = substr($encString, 64);
$decKey = hash_pbkdf2( 'sha1', $password, hex2bin($decSalt), $iterations, $keySize / 8, true);
// AES decryption using OpenSSL in PHP
$decrypted = openssl_decrypt(
base64_decode($encrypted), // Encrypted data (decode from Base64)
'AES-256-CBC', // Cipher method (AES-256-CBC for 256-bit key size)
$decKey, // Decryption key
OPENSSL_RAW_DATA, // Options: raw data output
hex2bin($decIvhex) // Initialization vector
);
if(!$decrypted){
throw new Exception('Error0001..');
}else{
return json_decode($decrypted,TRUE);
}
}catch(Exception $e){
// Log the error or handle it as needed
error_log("Decryption Error: " . $e->getMessage()); // Log the error for debugging
return false;
}
}
}
?>