allow = getAccess(); $context->menu = setMenu(); if(isset($_SESSION['UI'])){ if($_SESSION['PRO'] == "#SP"){ $sql = "select Correo, Clave_Nueva from servpub where ID_Serv = " . $_SESSION['UI']; $data = $db->getObject($sql); if($data->Clave_Nueva || !$data->Correo){ if($data->Clave_Nueva) $_SESSION['PWD'] = true; if(!$data->Correo) $_SESSION['MAIL'] = true; }else Header('location: declare.php'); }else{ $sql = "select Fecha_Clave from users where ID_User = " . $_SESSION['UI']; $last = $db->getOne($sql); if(DateDiff(Date('Y-m-d'), $last, 'DIAS', true) > 60) $context->change = true; if(in_array(60, $context->allow)){ $sql = "select COUNT(RFC) as Conteo, RFC from servpub where Estatus in (1, 2) and ID_Serv not in (select ID_Serv from serv_ex) GROUP by RFC having COUNT(RFC) > 1"; $rfc = $db->getArray($sql); $sql = "select * from serv_ex"; $data_ex = $db->getArray($sql); $ex = array(); foreach ($data_ex as $e) $ex[] = $e['ID_Serv']; $cont = 0; foreach($rfc as $r){ $sql = "select ID_Serv, RFC, CONCAT_WS(' ', Paterno, Materno, Nombre) as Nombre, Dependencia, Puesto, Fecha_Inicio, Fecha_Termino, Estatus from servpub sp join dependencias d on d.ID_Dependencia = sp.ID_Dependencia join puestos p on p.ID_Puesto = sp.ID_Puesto where RFC = '" . $r['RFC'] . "' order by ID_Serv DESC LIMIT 2"; $data = $db->getArray($sql); if($data[0]['Estatus'] == "1" && !in_array($data[1]['ID_Serv'], $ex)){ $mov[$cont]['new'] = $data[0]; $mov[$cont]['old'] = $data[1]; $cont++; } } $context->mov = $mov?$mov:array(); $sql = "select COUNT(ID_Prorroga) from prorrogas where Estatus = 0 and Terminado = 0"; $context->pro = $db->getOne($sql); $sql = "select COUNT(ID_Correccion) from correcciones where Estatus = 0"; $context->correct = $db->getOne($sql); $context->params[] = array("Header" => "#", "Width" => "40", "Attach" => "", "Align" => "center", "Sort" => "", "Type" => "ro"); $context->params[] = array("Header" => "RFC", "Width" => "80", "Attach" => "txt", "Align" => "left", "Sort" => "str", "Type" => "ro"); $context->params[] = array("Header" => "Nombre", "Width" => "*", "Attach" => "txt", "Align" => "left", "Sort" => "str", "Type" => "ro"); $context->params[] = array("Header" => "Dependencia", "Width" => "*", "Attach" => "txt", "Align" => "left", "Sort" => "str", "Type" => "ro"); $context->params[] = array("Header" => "Usuario", "Width" => "100", "Attach" => "txt", "Align" => "left", "Sort" => "str", "Type" => "ro"); $context->params[] = array("Header" => "Fecha", "Width" => "100", "Attach" => "txt", "Align" => "left", "Sort" => "str", "Type" => "ro"); $context->params[] = array("Header" => "Ver", "Width" => "50", "Attach" => "", "Align" => "center", "Sort" => "str", "Type" => "ro"); $context->control[] = array("Header" => "#", "Width" => "40", "Attach" => "", "Align" => "center", "Sort" => "", "Type" => "ro"); $context->control[] = array("Header" => "RFC", "Width" => "80", "Attach" => "txt", "Align" => "left", "Sort" => "str", "Type" => "ro"); $context->control[] = array("Header" => "Nombre", "Width" => "*", "Attach" => "txt", "Align" => "left", "Sort" => "str", "Type" => "ro"); $context->control[] = array("Header" => "Dependencia", "Width" => "*", "Attach" => "txt", "Align" => "left", "Sort" => "str", "Type" => "ro"); $context->control[] = array("Header" => "Declaración", "Width" => "80", "Attach" => "cmb", "Align" => "left", "Sort" => "str", "Type" => "ro"); $context->control[] = array("Header" => "Usuario", "Width" => "100", "Attach" => "txt", "Align" => "left", "Sort" => "str", "Type" => "ro"); $context->control[] = array("Header" => "Fecha Permiso", "Width" => "100", "Attach" => "txt", "Align" => "left", "Sort" => "str", "Type" => "ro"); $context->control[] = array("Header" => "Fecha Límite", "Width" => "100", "Attach" => "txt", "Align" => "left", "Sort" => "str", "Type" => "ro"); } } } RenderTemplate('templates/index.tpl.php', $context, 'templates/base.php'); }elseif($action == "change"){ RenderTemplate('templates/index.change.php', $context); }elseif($action == "data"){ $pwd = trim($_POST['pwd']); $confirm = trim($_POST['confirm']); $mail = trim($_POST['mail']); $error = false; if($pwd && $confirm) $error = validatePwd($_SESSION['UI'], $pwd, $confirm, ($_SESSION['PRO']=="#SP"?"SP":"USER")); if(!$error){ if($mail) $error = ValidateMail($mail); if(!$error){ If($_SESSION['PRO'] == "#SP"){ $sql = "update servpub set "; if($pwd && $mail) $sql .= "Password = '" . Encrypt($pwd) . "', Clave_Nueva = 0, Correo = '" . $mail . "' "; elseif($pwd && !$mail) $sql .= "Password = '" . Encrypt($pwd) . "', Clave_Nueva = 0 "; elseif(!$pwd && $mail) $sql .= "Correo = '" . $mail . "' "; $sql .= "where ID_Serv = " . $_SESSION['UI']; }else{ $sql = "select Password from users where ID_User = " . $_SESSION['UI']; $old = $db->getOne($sql); $sql = "update users set Password = '" . Encrypt($pwd) . "', Old = '" . $old . "', Fecha_Clave = NOW() where ID_User = " . $_SESSION['UI']; } $db->execute($sql); $_SESSION['PWD'] = false; $_SESSION['MAIL'] = false; }else echo $error; }else echo $error; }elseif($action == "recover"){ RenderTemplate('templates/index.recover.php', $context); }elseif($action == "send"){ $search = $_POST['data']; if(strpos($search, "@") === false) // #SP $type = "#SP"; else // User $type = "USER"; $data = $db->getObject("CALL FindAndRecover('" . $type . "', '" . $search . "')"); if($data){ $subject = "Acceso temporal"; $text = "

A continuación se presenta un enlace para conceder su acceso al sistema Declaranet.

PULSE AQUÍ

"; if($type == "#SP" && !$data->Correo) echo "No cuenta con una dirección de correo registrada. Consulte su área de personal para generar su clave"; else{ if(!SendMail(($type=="#SP"?$data->Correo:$search), $subject, $data->Nombre, $text)) echo "Error al enviar correo, por favor intente de nuevo"; } }else echo "El usuario no ha sido encontrado con estos datos"; }elseif($action == "consult"){ $rfc = $_GET['rfc']; if(ctype_alpha(substr($rfc, 0, 4))){ $sql = "select ID_Serv, RFC, CONCAT_WS(' ', Paterno, Materno, Nombre) as Nombre, Dependencia, CASE Estatus when 1 then 'ACTIVO' when 2 then 'BAJA' when 4 then 'LICENCIA' END as Estatus from servpub sp join dependencias d on d.ID_Dependencia = sp.ID_Dependencia where RFC like '" . $rfc . "%' and Estatus in (1, 2, 4) order by ID_Serv DESC"; $context->results = $db->getArray($sql); } RenderTemplate('templates/index.results.php', $context); }elseif($action == "fix"){ $opt = $_POST['opt']; $newid = $_POST['newid']; $newst = $_POST['newst']; $oldid = $_POST['oldid']; $oldst = $_POST['oldst']; switch($opt){ case "back": $sql = "select Fecha_Inicio from servpub where ID_Serv = " . $newid; $start = $db->getOne($sql); $sql = "select Fecha_Termino from servpub where ID_Serv = " . $oldid; $end = $db->getOne($sql); $sql = "select Valor from parametros where ID_Parametro = 3"; $days = $db->getOne($sql); $sql = "select * from dias_inhabiles where YEAR(Fecha) >= YEAR(NOW())"; $omit = $db->getArray($sql); $calc = Calculate($end, $days, $omit); if(strtotime($calc) >= strtotime($start)){ $sql = "update movimientos set Procedencia = " . $oldid . " where Tipo_Mov = 1 and ID_Serv = " . $newid; $db->execute($sql); $db->queryStored("Transfer", array($oldid, $newid)); } break; case "promo": $sql = "update movimientos set Procedencia = " . $oldid . " where Tipo_Mov = 1 and ID_Serv = " . $newid; $db->execute($sql); $sql = "select Fecha_Inicio from servpub where ID_Serv = " . $oldid; $start = $db->getOne($sql); $sql = "update servpub set Fecha_Inicio = '" . $start . "' where ID_Serv = " . $newid; $db->execute($sql); $db->queryStored("Transfer", array($oldid, $newid)); break; } $sql = "insert into serv_ex(ID_Serv, Fecha, ID_User, Opcion) values(" . $oldid . ", NOW(), " . $_SESSION['UI'] . ", '" . $opt . "')"; $db->execute($sql); }elseif($action == "details"){ $id = $_GET['id']; $date = $_GET['date']; $sql = "select Fecha, Tipo from consultas where ID_Serv = " . $id . " and DATE(Fecha) = '". $date . "' order by Fecha"; $context->data = $db->getArray($sql); RenderTemplate('templates/index.alert.php', $context); }elseif($action == "load"){ $context->target = $_GET['target']; RenderTemplate('templates/index.loader.php', $context); }elseif($action == "control"){ $rfc = $_GET['rfc']; $sql = "select ID_Dec, Tipo_Dec, CONCAT_WS(' ', Paterno, Materno, Nombre) as Nombre, RFC, Dependencia, CASE Estatus when 1 then 'ACTIVO' when 2 then 'BAJA' when 4 then 'LICENCIA' END as St from servpub sp join declaraciones d on d.ID_Serv = sp.ID_Serv join dependencias dep on dep.ID_Dependencia = sp.ID_Dependencia where RFC = '" . $rfc . "' and Estatus in (1, 2, 4) order by ID_Dec DESC, sp.ID_Serv DESC LIMIT 1"; $context->data = $db->getObject($sql); RenderTemplate('templates/index.control.php', $context); }elseif($action == "modify"){ $id = $_GET['id']; $date = $_POST['date']; if(strtotime($date) > strtotime(Date('Y-m-d'))){ if(!$db->exist("ID_Modif", "modificaciones", "ID_Dec = " . $id . " and Fecha_Limite >= DATE(NOW())")){ $sql = "insert into modificaciones values(" . $db->getID("ID_Modif", "modificaciones") . ", " . "NOW(), " . $id . ", " . $_SESSION['UI'] . ", " . "'" . $date . "')"; $db->execute($sql); }else echo "Ya existe un permiso de modificación vigente"; }else echo "Debe ingresar una fecha límite mayor a la actual"; } function RollBack($id){ $sql = "select ID_Serv, Tipo_Dec from declaraciones where ID_Dec = " . $id; $info = $db->getObject($sql); $sql = "select ID_Trans, ID_Elem, Tipo_Elem, Tipo_Trans from dtransacciones where ID_Dec = " . $id; $data = $db->getArray($sql); foreach ($data as $d){ switch($d['Tipo_Trans']){ case 1: if($d['Tipo_Elem'] == "ingresos"){ $sql = "delete from dingresos where ID_Ingreso = " . $d['ID_Elem']; $db->execute($sql); Trans("delete", $d['ID_Trans']); }else{ Trans("update", $d['ID_Trans']); } break; case 2: case 4: case 5: case 6: case 7: case 8: Reactivar($d); break; case 3: Trans("update", $d['ID_Trans']); break; case 9: switch($d['Tipo_Elem']){ case "inmuebles": $sql = "update dinmuebles set Estatus = 2 where ID_Inmueble = " . $d['ID_Elem']; break; case "muebles": $sql = "update dmuebles set Estatus = 2 where ID_Mueble = " . $d['ID_Elem']; break; case "vehiculos": $sql = "update dvehiculos set Estatus = 2 where ID_Vehiculo = " . $d['ID_Elem']; break; } $db->execute($sql); Trans("delete", $d['ID_Trans']); break; case 10: case 11: Trans("delete", $d['ID_Trans']); break; } } $sql = "delete from declaraciones where ID_Dec = " . $id; $db->execute($sql); if($_SESSION['UI'] != "1" && $_SESSION['UI'] != "5"){ $sql = "insert into log (ID_Serv, Tipo_Dec, Fecha, ID_User) values (" . $info->ID_Serv . ", '" . $info->Tipo_Dec . "', NOW(), " . $_SESSION['UI'] . ")"; $db->execute($sql); } } function Reactivar($d){ global $db; switch($d['Tipo_Elem']){ case "inmuebles": $sql = "update dinmuebles set Estatus = 0 where ID_Inmueble = " . $d['ID_Elem']; $db->execute($sql); Trans("delete", $d['ID_Trans']); break; case "muebles": $sql = "update dmuebles set Estatus = 0 where ID_Mueble = " . $d['ID_Elem']; $db->execute($sql); Trans("delete", $d['ID_Trans']); break; case "vehiculos": $sql = "update dvehiculos set Estatus = 0 where ID_Vehiculo = " . $d['ID_Elem']; $db->execute($sql); Trans("delete", $d['ID_Trans']); break; case "dependientes": $sql = "update ddependientes set Estatus = 0 where ID_Depend = " . $d['ID_Elem']; $db->execute($sql); Trans("delete", $d['ID_Trans']); break; case "adeudos": $sql = "update dadeudos set Estatus = 0 where ID_Adeudo = " . $d['ID_Elem']; $db->execute($sql); Trans("delete", $d['ID_Trans']); break; case "inversiones": $sql = "update dinversiones set Estatus = 0 where ID_Inversion = " . $d['ID_Elem']; $db->execute($sql); Trans("delete", $d['ID_Trans']); break; } } function Trans($action, $id){ global $db; if($action == "update") $sql = "update dtransacciones set ID_Dec = null where ID_Trans = " . $id; elseif($action == "delete") $sql = "delete from dtransacciones where ID_Trans = " . $id; $db->execute($sql); } ?>