Viewing file:  module.php (78.49 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?
/*function isonline(&$row)
{
$date_now = time();
$date_user = strtotime($row['user_date_lastaccess']);
$past_time = $date_now - $date_user;
$minutes = floor($past_time/60); // кол-во полных минут
if ($minutes <= 5)
$row["online"] = true;
return $row;
}*/
function make_seed()
{
list($usec, $sec) = explode(' ', microtime());
return (float) $sec + ((float) $usec * 100000);
}
class Users
{
var $UserMode = true;
var $AdminMode = false;
var $SearchMode = false;
var $PanelMode = true;
var $AdminAsynchMode = true;
var $UserAsynchMode = true;
var $Table;
var $MessagesTable;
var $AccessStatisticsTable;
var $Directory;
var $ClassName = 'Users';
static $AvatarSize1 = array(800,800);
static $AvatarSize2 = array(200,267);
static $AvatarSize3 = array(50, 67);
static $AvatarSize4 = array(30, 40);
static function generatePassword($length = 8){
$chars = 'ABCDEF0123456789';
$numChars = strlen($chars);
$string = '';
for ($i = 0; $i < $length; $i++) {
$string .= substr($chars, rand(1, $numChars) - 1, 1);
}
return $string;
}
function Users()
{
// var_dump($_COOKIE);
if (!isset($_COOKIE['user_uid']))
{
setcookie("user_uid", Users::generatePassword(15), time() + 60 * 60 * 24 * 30 * 12 * 10, "/", ".zt4ever.org.ua");
}
if (!isset($_SESSION['user']['user_id']) && isset($_COOKIE['login']) && isset($_COOKIE['password']) && !isset($_POST['user_login']) && !isset($_POST['user_password']) && !isset($_GET['logout']))
{
if (!isset($_SESSION['PHPSESSID']))
{
header("Location: /");
}
$sql = "SELECT * FROM AMCMS_users WHERE (md5(user_login) = '{$_COOKIE['login']}') AND (md5(user_password) = '{$_COOKIE['password']}')";
$res = mysql_query($sql);
if (mysql_num_rows($res) == 0)
{
setcookie('login', '', time() - 100, '/');
setcookie('password', '', time() - 100, '/');
session_unregister('user_id');
session_unregister('user_login');
session_unregister('user_acccess');
session_unregister('user');
} else
{
$row = mysql_fetch_assoc($res);
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['user_login'] = $row['user_login'];
$_SESSION['user_acccess'] = $row['user_access'];
$_SESSION['user'] = $row;
$date = GetCurrentDateAndTime();
$this->UserUpdateOnlineDate();
}
}
$this->Directory = dirname(__FILE__);
$this->Table = new AMTable2('AMCMS_users');
$this->Table->Module($this->ClassName);
$this->Table->AddIndexField('user_id');
$this->MessagesTable = new AMTable2('AMCMS_users_messages');
$this->MessagesTable->Module($this->ClassName);
$this->MessagesTable->AddIndexField('message_id');
if (isset($_SESSION['user_id']))
{
$_SESSION['user'] = $this->Table->GetRowById($_SESSION['user_id']);
$_SESSION['user']['user_access'] = unserialize($_SESSION['user']['user_access']);
}
}
static function GetUserById($id)
{
$sql = "SELECT * FROM AMCMS_users WHERE (user_id = '{$id}')";
$res = mysql_query($sql);
$row = mysql_fetch_assoc($res);
return $row;
}
function AdminAsynch()
{
global $language, $AMCMS_Admin_Lang;
$this->Table->Run($_POST);
}
function TestFieldValue($field, $value)
{
if ($field == "login")
{
if (strlen(trim($value)) == 0)
return 1;
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $value))
return 1; // login incorrect
$sql = "SELECT COUNT(user_login) FROM AMCMS_users WHERE (user_login = '{$value}') AND (user_status != '0')";
$res = mysql_query($sql);
$row = mysql_fetch_array($res);
$count = $row['COUNT(user_login)'];
if ($count > 0)
return 2; // login exists
return 0; // ok
}
if ($field == "password")
{
if ($value[0] != $value[1])
return 1; // different passwords
if (strlen($value[0]) == 0)
return 2; // password empty
return 0; // ok
}
if ($field == "phone")
{
if (!eregi("^[0-9\ -\(\)]{5,30}$", $value))
return 1; // error
return 0; // ok
}
if ($field == "name" || $field == "surname" || $field == "patronymic")
{
if (strlen(trim($value)) < 2)
return 2;
if (eregi("[0-9]", $value))
return 1;
return 0;
}
if ($field == "country" || $field == "region" || $field == "city")
{
if (strlen(trim($value)) < 2)
return 2;
if (eregi("[0-9]", $value))
return 1;
return 0;
}
if ($field == "date_of_birth")
{
if ($value[0] >= 1900 && $value[0] <= 2100 &&
$value[1] >= 1 && $value[1] <= 12 &&
$value[2] >= 1 && $value[2] <= 31)
return 0;
else
return 1;
}
if ($field == "sex")
{
if (($value != 'M') && ($value != 'F'))
return 1;
return 0;
}
}
function GetCityName($city, $ulang)
{
$sql = "SELECT * FROM AMCMS_cities WHERE city_id = '{$city}'";
$res = mysql_query($sql);
if (mysql_num_rows($res) > 0)
{
$row = mysql_fetch_assoc($res);
$city = $row['city_name_'.$ulang];
}
return $city;
}
function GetCountryName($country, $ulang)
{
$sql = "SELECT * FROM AMCMS_countries WHERE country_id = '{$country}'";
$res = mysql_query($sql);
if (mysql_num_rows($res) > 0)
{
$row = mysql_fetch_assoc($res);
$country = $row['country_name_'.$ulang];
}
return $country;
}
function GetRegionName($region, $ulang)
{
$sql = "SELECT * FROM AMCMS_regions WHERE region_id = '{$region}'";
$res = mysql_query($sql);
if (mysql_num_rows($res) > 0)
{
$row = mysql_fetch_assoc($res);
$region = $row['region_name_'.$ulang];
}
return $region;
}
function GetCity($country, $region, $city, $ulang)
{
$country = $this->GetCountry($country, $ulang);
$region = $this->GetRegion($country, $region, $ulang);
$sql = "SELECT * FROM AMCMS_cities WHERE (region_id = '{$region}') AND (country_id = '{$country}') AND (city_name_{$ulang} = '{$city}')";
$res = mysql_query($sql);
if (mysql_num_rows($res) > 0)
{
$row = mysql_fetch_assoc($res);
$city = $row['city_id'];
}
return $city;
}
function GetRegion($country, $region, $ulang)
{
$country = $this->GetCountry($country, $ulang);
$sql = "SELECT * FROM AMCMS_regions WHERE (country_id = '{$country}') AND (region_name_{$ulang} = '$region')";
$res = mysql_query($sql);
if (mysql_num_rows($res) > 0)
{
$row = mysql_fetch_assoc($res);
$region = $row['region_id'];
}
return $region;
}
function GetCountry($country, $ulang)
{
$sql = "SELECT * FROM AMCMS_countries WHERE country_name_{$ulang} = '{$country}'";
$res = mysql_query($sql);
if (mysql_num_rows($res) > 0)
{
$row = mysql_fetch_assoc($res);
$country = $row['country_id'];
}
return $country;
}
function UserAsynch()
{
global $ulang, $ULANG;
if (isset($_SESSION['user']))
{
$smarty = GetUserSmarty($this->ClassName);
if ($_POST['oper'] == 'inbox')
{
$_GET['inbox'] = 1;
$res = $this->User();
echo $res['Content']."1";
die;
}
if ($_POST['oper'] == 'history')
{
$id1 = $_SESSION['user_id'];
$id2 = $_POST['id'];
$res = mysql_query("SELECT message_user_from as u1, message_user_to as u2, message_date as md, message_text as text, message_read as r FROM AMCMS_users_messages WHERE ((message_user_from = '{$id1}') AND (message_user_to = '{$id2}') AND (message_user_from_deleted = 'N')) OR ((message_user_from = '{$id2}') AND (message_user_to = '{$id1}') AND (message_user_to_deleted = 'N')) ORDER BY message_date DESC");
$rows = array();
while ($row = mysql_fetch_assoc($res))
{
$row['text'] = ReplaceLinks($row['text']);
$rows [] = $row;
}
$res = mysql_query("SELECT user_name, user_surname FROM AMCMS_users WHERE user_id = '{$id1}'");
$us1 = mysql_fetch_assoc($res);
$res = mysql_query("SELECT user_name, user_surname FROM AMCMS_users WHERE user_id = '{$id2}'");
$us2 = mysql_fetch_assoc($res);
$ans = array('rows' => $rows,
'users' => array($id1 => $us1, $id2 => $us2));
echo json_encode_cyr($ans);
die;
}
if ($_POST['oper'] == 'getwarningdialog')
{
$row = $this->Table->GetRowById($_POST['user_id']);
$rez['title'] = $ULANG['AMCMS_users']['UserDoingWarning'];
$rez['html'] = mb_convert_encoding($smarty->fetch('user-warning.tpl'), 'UTF-8', 'UTF-8');
echo json_encode($rez);
die;
}
if ($_POST['oper'] == 'getbandialog')
{
$row = $this->Table->GetRowById($_POST['user_id']);
if ($row['user_ban'])
{
$rez['title'] = $ULANG['AMCMS_users']['ChangeBanParams'];
$rez['html'] = mb_convert_encoding($smarty->fetch('user-unban.tpl'), 'UTF-8', 'UTF-8');
}
else
{
$rez['title'] = $ULANG['AMCMS_users']['BanUser'];
$rez['html'] = mb_convert_encoding($smarty->fetch('user-ban.tpl'), 'UTF-8', 'UTF-8');
}
echo json_encode($rez);
die;
}
if ($_POST['oper'] == 'getblacklistdialog')
{
$id = $_POST['user_id'];
$f = IsUserBlackListed($id);
if (!$f)
{
$rez['title'] = $ULANG['AMCMS_users']['AddingToBlacklist'];
$rez['html'] = mb_convert_encoding($smarty->fetch('user-blacklist.tpl'), 'UTF-8', 'UTF-8');
}
else
{
$rez['title'] = $ULANG['AMCMS_users']['RemovingFromBlacklist'];
$rez['html'] = mb_convert_encoding($smarty->fetch('user-unblacklist.tpl'), 'UTF-8', 'UTF-8');
}
echo json_encode($rez);
die;
}
if ($_POST['oper'] == 'getvisiblefields')
{
$row = $this->Table->GetRowById($_SESSION['user_id']);
$arr = unserialize($row['user_visible_fields']);
echo json_encode($arr);
die;
}
if (isset($_POST['field']) && isset($_POST['oper']))
{
if ($_POST['oper'] == 'hide')
{
$row = $this->Table->GetRowById($_SESSION['user_id']);
$arr = unserialize($row['user_visible_fields']);
foreach($arr as $key => $value)
{
if($arr[$key] == $_POST['field'])
unset($arr[$key]);
}
$ser['user_visible_fields'] = serialize($arr);
$this->Table->Update($ser, $_SESSION['user_id']);
die;
}
if ($_POST['oper'] == 'show')
{
$row = $this->Table->GetRowById($_SESSION['user_id']);
$ser['user_visible_fields'] = $row['user_visible_fields'] = unserialize($row['user_visible_fields']);
if(@in_array($_POST['field'], $ser['user_visible_fields']))
die;
$ser['user_visible_fields'][] = $_POST['field'];
$ser['user_visible_fields'] = serialize($ser['user_visible_fields']);
$this->Table->Update($ser, $_SESSION['user_id']);
die;
}
}
if (isset($_POST['adduser']))
{
$id = $_POST['adduser'];
$row = $this->Table->GetRowById($_SESSION['user']['user_id']);
$contacts = explode(",",$row['user_contacts']);
if (in_array($_POST['adduser'], $contacts))
{
unset($contacts[array_search($_POST['adduser'], $contacts)]);
$res['text'] = $ULANG['UsersUserAddToContacts'];
} else
{
$contacts[] = $_POST['adduser'];
$res['text'] = $ULANG['UsersUserRemoveFromContacts'];
}
$user_contacts = implode(",",$contacts);
$sql = "UPDATE AMCMS_users SET user_contacts = '{$user_contacts}' WHERE user_id = '{$_SESSION['user']['user_id']}'";
mysql_query($sql);
$res['status'] = 'ok';
$res['id'] = $_POST['adduser'];
echo json_encode($res);
die;
}
if (isset($_POST['profile']) && ($_POST['profile'] == 'del') && ($_POST['id'] > 0) && (($_POST['id'] == $_SESSION['user']['user_id']) || ($_SESSION['user']['user_access']['admin'] == 'Y')))
{
$id = $_POST['id'];
//$_SESSION['user']['user_id']
$row = $this->Table->GetRowById($id);
if ($row['user_delete'] == 0)
$sql = "UPDATE AMCMS_users SET user_delete = '1' WHERE user_id = '{$id}'";
if ($row['user_delete'] == 1)
$sql = "UPDATE AMCMS_users SET user_delete = '0' WHERE user_id = '{$id}'";
mysql_query($sql);
$res['status'] = 'ok';
$res['id'] = $_POST['adduser'];
echo json_encode($res);
die;
}
if (isset($_POST['ban']) && (($_SESSION['user']['user_access']['ban'] == 'Y') || ($_SESSION['user']['user_access']['admin'] == 'Y')))
{
$id = abs($_POST['ban']);
if ($_POST['ban'] > 0)
{
if ($_POST['days'] > 0)
{
$message = $_POST['message'];
$comment = $_POST['comment'];
$days = $_POST['days'];
$time = strtotime(GetParam("TimeOffset"));
$date1 = date("Y-m-d H:i:s", $time);
$time = strtotime(GetParam("TimeOffset")." + {$days} days");
$date2 = date("Y-m-d H:i:s", $time);
$sql = "UPDATE AMCMS_users SET user_ban = '1', user_ban_date_begin = '{$date1}', user_ban_date_end = '{$date2}', user_ban_comment = '{$comment}', user_ban_message = '{$message}', user_ban_admin = '{$_SESSION['user']['user_id']}' WHERE user_id = '{$id}' ";
mysql_query($sql);
$res['status'] = 'ok';
$res['id'] = $_POST['ban'];
$res['text'] = $ULANG['UsersUserRemoveFromBan'];
$row['message_user_from'] = $_SESSION['user']['user_id'];
$row['message_user_to'] = $id;
$row['message_date'] = GetCurrentDateAndTime();
$row['message_theme'] = $ULANG['AMCMS_users']['YouAddedToBanList'];
$row['message_text'] = $message;
if (strlen(trim($comment)) > 0)
$row['message_text'] = $row['message_text']."<br /><em>{$ULANG['AMCMS_users']['Reason']} ".$comment."</em>";
$id = $this->MessagesTable->Insert($row);
echo json_encode($res);
die;
} else
{
$sql = "UPDATE AMCMS_users SET user_ban = '0', user_ban_date_begin = '', user_ban_date_end = '', user_ban_comment = '', user_ban_message = '', user_ban_admin = '{$_SESSION['user']['user_id']}' WHERE user_id = '{$id}' ";
mysql_query($sql);
$res['status'] = 'ok';
$res['id'] = abs($_POST['ban']);
$res['text'] = $ULANG['UsersUserAddToBan'];
$r['status'] = 'ok';
$r['id'] = $_POST['ban'];
$r['text'] = $ULANG['UsersUserRemoveFromBan'];
$r['message_user_from'] = $_SESSION['user']['user_id'];
$r['message_user_to'] = $id;
$r['message_date'] = GetCurrentDateAndTime();
$r['message_theme'] = $ULANG['AMCMS_users']['YouRemovedFromBanList'];
$r['message_text'] = $_POST['message'];
$comment = $_POST['comment'];
if (strlen(trim($comment)) > 0)
$r['message_text'] = $r['message_text']."<br /><em>{$ULANG['AMCMS_users']['Reason']} ".$comment."</em>";
$id = $this->MessagesTable->Insert($r);
echo json_encode($res);
}
}
}
if (isset($_POST['warning']) && (($_SESSION['user']['user_access']['warning'] == 'Y') || ($_SESSION['user']['user_access']['admin'] == 'Y')))
{
$id = abs($_POST['warning']);
if ($_POST['warning'] > 0)
{
$message = $_POST['message'];
$comment = $_POST['comment'];
$time = strtotime(GetParam("TimeOffset"));
$date1 = date("Y-m-d H:i:s", $time);
$sql = "INSERT INTO AMCMS_user_problems (comment, text, user_id, admin_id, date) VALUES ('$comment', '$message', '$id', '{$_SESSION['user']['user_id']}', '{$date1}')";
mysql_query($sql);
$row['message_user_from'] = $_SESSION['user']['user_id'];
$row['message_user_to'] = $id;
$row['message_date'] = GetCurrentDateAndTime();
$row['message_theme'] = $ULANG['AMCMS_users']['Warning'];
$row['message_text'] = $message;
if (strlen(trim($comment)) > 0)
$row['message_text'] = $row['message_text']."<br /><em>{$ULANG['AMCMS_users']['Reason']} ".$comment."</em>";
$id = $this->MessagesTable->Insert($row);
echo json_encode($res);
die;
}
}
if (isset($_POST['blacklist']))
{
$id = $_POST['blacklist'];
$row = $this->Table->GetRowById($_SESSION['user']['user_id']);
$blacklist = explode(",",$row['user_black_list']);
if (in_array($_POST['blacklist'], $blacklist))
{
unset($blacklist[array_search($_POST['blacklist'], $blacklist)]);
$res['text'] = $ULANG['UsersUserAddToBlackList'];
} else
{
$blacklist[] = $_POST['blacklist'];
$res['text'] = $ULANG['UsersUserRemoveFromBlackList'];
}
$user_blacklist = implode(",",$blacklist);
$sql = "UPDATE AMCMS_users SET user_black_list = '{$user_blacklist}' WHERE user_id = '{$_SESSION['user']['user_id']}'";
mysql_query($sql);
$res['status'] = 'ok';
$res['id'] = $_POST['blacklist'];
echo json_encode($res);
die;
}
if (isset($_POST['blacksite']) && (($_SESSION['user']['user_access']['black'] == 'Y') || ($_SESSION['user']['user_access']['admin'] == 'Y')))
{
$id = $_POST['blacksite'];
$us = $this->Table->GetRowById($id);
$f = $us['user_blacklisted'];
if (!$f)
{
$date = GetCurrentDateAndTime();
$comment = $_POST['comment'];
$message = $_POST['message'];
$admin = $_SESSION['user']['user_id'];
$sql = "UPDATE AMCMS_users SET user_blacklisted = '1', user_blacklisted_date = '{$date}', user_blacklisted_comment = '{$comment}', user_blacklisted_message = '{$message}', user_blacklisted_admin = '{$_SESSION['user']['user_id']}' WHERE user_id = '{$id}'";
mysql_query($sql);
$rez['status'] = 'ok';
$rez['id'] = $_POST['blacksite'];
$rez['text'] = $ULANG['AMCMS_users']['DeleteFromBlackList'];
$row['message_user_from'] = $_SESSION['user']['user_id'];
$row['message_user_to'] = $id;
$row['message_date'] = GetCurrentDateAndTime();
$row['message_theme'] = $ULANG['AMCMS_users']['YouAddedToBlackList'];
$row['message_text'] = $_POST['message'];
$comment = $_POST['comment'];
if (strlen(trim($comment)) > 0)
$row['message_text'] = $row['message_text']."<br /><em>{$ULANG['AMCMS_users']['Reason']} ".$comment."</em>";
$id = $this->MessagesTable->Insert($row);
echo json_encode($rez);
die;
} else
{
$sql = "UPDATE AMCMS_users SET user_blacklisted = '0', user_blacklisted_date = '', user_blacklisted_comment = '', user_blacklisted_message = '' WHERE user_id = '{$id}'";
mysql_query($sql);
$rez['status'] = 'ok';
$rez['id'] = $_POST['blacksite'];
$rez['text'] = $ULANG['AMCMS_users']['AddToBlackList'];
$row['message_user_from'] = $_SESSION['user']['user_id'];
$row['message_user_to'] = $id;
$row['message_date'] = GetCurrentDateAndTime();
$row['message_theme'] = $ULANG['AMCMS_users']['YouRemovedFromBlackList'];
$row['message_text'] = $_POST['message'];
$comment = $_POST['comment'];
if (strlen(trim($comment)) > 0)
$row['message_text'] = $row['message_text']."<br /><em>{$ULANG['AMCMS_users']['Reason']} ".$comment."</em>";
$id = $this->MessagesTable->Insert($row);
echo json_encode($rez);
die;
}
}
if (isset($_POST['GetCountOfNewMessages']))
{
$this->UserUpdateOnlineDate();
$res['status'] = 'ok';
$count = $this->GetCountOfNewMessages($_SESSION['user']['user_id']);
if ($count > 0)
$res['count'] = "(".$count.")";
else
$res['count'] = "";
echo json_encode($res);
die;
}
if (isset($_POST['delmessage']))
{
if ($_SESSION['user']['user_blacklisted'] == 1)
return;
$id = $_POST['delmessage'];
$user_id = $_SESSION['user']['user_id'];
$message_spam = 'N';
if ($_POST['spam'] == 1)
$message_spam = 'Y';
if ($_POST['type'] == 0)
$sql = "UPDATE AMCMS_users_messages SET message_user_from_deleted = 'Y', message_spam = '{$message_spam}' WHERE message_id = '{$id}' AND message_user_to = '{$user_id}'";
else
$sql = "UPDATE AMCMS_users_messages SET message_user_to_deleted = 'Y', message_spam = '{$message_spam}' WHERE message_id = '{$id}' AND message_user_from = '{$user_id}'";
mysql_query($sql);
$res['status'] = 'ok';
echo json_encode($res);
die;
}
if (isset($_POST['restmessage']))
{
if ($_SESSION['user']['user_blacklisted'] == 1)
return;
$id = $_POST['restmessage'];
$user_id = $_SESSION['user']['user_id'];
if ($_POST['type'] == 0)
$sql = "UPDATE AMCMS_users_messages SET message_user_from_deleted = 'N', message_spam = 'N' WHERE message_id = '{$id}' AND message_user_to = '{$user_id}'";
else
$sql = "UPDATE AMCMS_users_messages SET message_user_to_deleted = 'N', message_spam = 'N' WHERE message_id = '{$id}' AND message_user_from = '{$user_id}'";
mysql_query($sql);
$res['status'] = 'ok';
echo json_encode($res);
die;
}
if (isset($_POST['write']))
{
if ($_SESSION['user']['user_blacklisted'] == 1)
return;
$user_to = $this->Table->GetRowById($_POST['write']);
if (in_array($_SESSION['user']['user_id'], explode(",",$user_to['user_black_list'])) === true)
return;
$row['message_user_from'] = $_SESSION['user']['user_id'];
$row['message_user_to'] = $_POST['write'];
$row['message_date'] = GetCurrentDateAndTime();
$row['message_theme'] = htmlspecialchars($_POST['theme']);
$row['message_text'] = htmlspecialchars($_POST['message']);
$id = $this->MessagesTable->Insert($row);
$res['status'] = "ok";
$res["html"] = $ULANG['AMCMS_users']['SendMessageOK'];
echo json_encode($res);
die;
}
if (isset($_GET['config']))
{
if ($_SESSION['user']['user_ban'] == 1 or $_SESSION['user']['user_blacklisted'] == 1)
return;
if (isset($_POST['photo']) && ($_POST['photo'] == 'delete'))
{
$row = mysql_fetch_assoc(mysql_query("SELECT user_photo FROM AMCMS_users WHERE user_id = '{$_SESSION['user_id']}'"));
$oldFile = $row['user_photo'];
if (file_exists("data/users/photos/f_".$oldFile)) unlink("data/users/photos/f_".$oldFile);
if (file_exists("data/users/photos/x_".$oldFile)) unlink("data/users/photos/x_".$oldFile);
if (file_exists("data/users/photos/y_".$oldFile)) unlink("data/users/photos/y_".$oldFile);
if (file_exists("data/users/photos/z_".$oldFile)) unlink("data/users/photos/z_".$oldFile);
$res['status'] = "ok";
echo json_encode($res);
die;
}
}
}
if (isset($_GET['get']))
{
if ($_GET['get'] == 'countries')
{
$sql = "SELECT * FROM AMCMS_countries WHERE country_name_{$ulang} LIKE '{$_GET['term']}%'";
$res = mysql_query($sql);
$rows = array();
$rows[] = array('id' => 0, 'title' => '');
while($row = mysql_fetch_array($res))
$rows[] = array('id' => $row['country_id'], 'label' => trim($row['country_name_'.$ulang]), 'value' => trim($row['country_name_'.$ulang]));
// $result = array('status' => 'ok', 'rows' => $rows);
print json_encode($rows);
die;
}
if ($_GET['get'] == 'regions')
{
$sql = "SELECT * FROM AMCMS_countries WHERE country_name_{$ulang} = '{$_GET['country_id']}'";
$res = mysql_query($sql);
if (mysql_num_rows($res) > 0)
{
$row = mysql_fetch_assoc($res);
$country_id = $row['country_id'];
} else
die;
$sql = "SELECT * FROM AMCMS_regions WHERE (country_id = '{$country_id}') AND (region_name_{$ulang} LIKE '{$_GET['term']}%')";
$res = mysql_query($sql);
$rows = array();
$rows[] = array('id' => 0, 'title' => '');
while($row = mysql_fetch_array($res))
{
$rows[] = array('id' => $row['region_id'], 'title' => trim($row['region_name_'.$ulang]), 'value' => trim($row['region_name_'.$ulang]));
}
// $result = array('status' => 'ok', 'rows' => $rows);
print json_encode($rows);
die;
}
if ($_GET['get'] == 'cities')
{
$sql = "SELECT * FROM AMCMS_countries WHERE country_name_{$ulang} = '{$_GET['country_id']}'";
$res = mysql_query($sql);
if (mysql_num_rows($res) > 0)
{
$row = mysql_fetch_assoc($res);
$country_id = $row['country_id'];
} else
die;
$sql = "SELECT * FROM AMCMS_regions WHERE region_name_{$ulang} = '{$_GET['region_id']}'";
$res = mysql_query($sql);
if (mysql_num_rows($res) > 0)
{
$row = mysql_fetch_assoc($res);
$region_id = $row['region_id'];
} else
die;
$sql = "SELECT * FROM AMCMS_cities WHERE (region_id = '{$region_id}') AND (country_id = '{$country_id}') AND (city_name_{$ulang} LIKE '{$_GET['term']}%')";
$res = mysql_query($sql);
$rows = array();
$rows[] = array('id' => 0, 'title' => '');
while($row = mysql_fetch_array($res))
{
$rows[] = array('id' => $row['city_id'], 'title' => trim($row['city_name_'.$ulang]), 'value' => trim($row['city_name_'.$ulang]),);
}
// $result = array('status' => 'ok', 'rows' => $rows);
print json_encode($rows);
die;
}
}
if (isset($_GET['test']))
{
$error = 0;
if ($_GET['test'] == 'login')
{
$login = $_POST['user_login'];
$error = $this->TestFieldValue("login", $login);
if ($login == $_SESSION['user_login'] && strlen($_SESSION['user_login']) > 0)
$error = 0;
$res['error'] = $ULANG['UsersErrorLogin'.$error];
}
if ($_GET['test'] == 'password')
{
$p[0] = $_POST['user_password'];
$p[1] = $_POST['user_password2'];
$error = $this->TestFieldValue("password", $p);
$res['error'] = $ULANG['UsersErrorPassword'.$error];
}
if ($_GET['test'] == 'phone')
{
$phone = $_POST['user_phone'];
$error = $this->TestFieldValue("phone", $phone);
$res['error'] = $ULANG['UsersErrorPhone'.$error];
}
if ($_GET['test'] == 'name')
{
$name = $_POST['user_name'];
$error = $this->TestFieldValue("name", $name);
$res['error'] = $ULANG['UsersErrorName'.$error];
}
if ($_GET['test'] == 'surname')
{
$name = $_POST['user_surname'];
$error = $this->TestFieldValue("surname", $name);
$res['error'] = $ULANG['UsersErrorSurName'.$error];
}
if ($_GET['test'] == 'patronymic')
{
$name = $_POST['user_patronymic'];
$error = $this->TestFieldValue("patronymic", $name);
$res['error'] = $ULANG['UsersErrorName'.$error];
}
if ($_GET['test'] == 'date_of_birth')
{
$value[0] = $_POST['user_date_of_birth_year'];
$value[1] = $_POST['user_date_of_birth_month'];
$value[2] = $_POST['user_date_of_birth_day'];
$error = $this->TestFieldValue("date_of_birth", $value);
$res['error'] = $ULANG['UsersErrorName'.$error];
}
if ($_GET['test'] == 'city')
{
$value = $_POST['user_city'];
$error = $this->TestFieldValue("city", $value);
$res['error'] = $ULANG['UsersErrorCity'.$error];
}
if ($_GET['test'] == 'country')
{
$value = $_POST['user_country'];
$error = $this->TestFieldValue("country", $value);
$res['error'] = $ULANG['UsersErrorCity'.$error];
}
if ($_GET['test'] == 'region')
{
$value = $_POST['user_region'];
$error = $this->TestFieldValue("region", $value);
$res['error'] = $ULANG['UsersErrorCity'.$error];
}
if ($_GET['test'] == 'sex')
{
$value = $_POST['user_sex'];
$error = $this->TestFieldValue("sex", $value);
$res['error'] = $ULANG['UsersErrorSex'.$error];
}
if ($error == 0)
{
$res['status'] = 'ok';
$res['icon'] = '<img src="/user/icons/yes.png" />';
}
else
{
$res['status'] = 'error';
$res['icon'] = '<img src="/user/icons/no.png" />';
}
echo json_encode($res);
}
if (isset($_GET['register']) && $_GET['register'] == 'form')
{
$user_login = addslashes($_POST['user_login']);
$user_email = addslashes($_POST['user_email']);
$user_password[0] = addslashes($_POST['user_password1']);
$user_password[1] = addslashes($_POST['user_password2']);
$user_phone = addslashes($_POST['user_phone']);
$user_name = addslashes($_POST['user_name']);
$user_surname = addslashes($_POST['user_surname']);
$user_nick = addslashes($_POST['user_nick']);
$user_city = addslashes($_POST['user_city']);
$user_country = addslashes($_POST['user_country']);
$user_region = addslashes($_POST['user_region']);
$user_sex = addslashes($_POST['user_sex']);
$user_date_of_birth_c[0] = addslashes($_POST['user_birth_year']);
$user_date_of_birth_c[1] = addslashes($_POST['user_birth_month']);
$user_date_of_birth_c[2] = addslashes($_POST['user_birth_day']);
$user_date_of_birth = $user_date_of_birth_c[0]."-".$user_date_of_birth_c[1]."-".$user_date_of_birth_c[2];
mt_srand(make_seed());
$user_regcode = md5(uniqid(mt_rand(1,100000), true));
$stat = $this->TestFieldValue("login", $user_login) +
$this->TestFieldValue("password", $user_password) +
$this->TestFieldValue("name", $user_name) +
$this->TestFieldValue("surname", $user_surname) +
$this->TestFieldValue("sex", $user_sex) +
$this->TestFieldValue("date_of_birth", $user_date_of_birth_c) +
$this->TestFieldValue("country", $user_country) +
$this->TestFieldValue("region", $user_region) +
$this->TestFieldValue("city", $user_city);
if ($stat == 0)
{
$user_country = $this->GetCountry($user_country, $ulang);
$user_region = $this->GetRegion($user_country, $user_region, $ulang);
$user_city = $this->GetCity($user_country, $user_region, $user_city, $ulang);
$user_date_of_creation = GetCurrentDateAndTime();
$sql = "INSERT INTO AMCMS_users (user_email, user_login, user_password, user_name, user_surname, user_nick, user_date_register, user_city, user_region, user_country, user_birth_day, user_birth_month, user_birth_year, user_sex, user_regcode) VALUES ('$user_email', '$user_login', '{$user_password[0]}', '$user_name', '$user_surname', '$user_nick', '$user_date_of_creation', '$user_city', '$user_region', '$user_country', '{$user_date_of_birth_c[2]}', '{$user_date_of_birth_c[1]}', '{$user_date_of_birth_c[0]}', '$user_sex', '$user_regcode')";
mysql_query($sql);
$res['status'] = 'ok';
$mess = GetParam("UsersRegisterEmailTextMessage", $ulang);
$mess = str_replace("%LOGIN%",$user_login,$mess);
$mess = str_replace("%PASSWORD%",$user_password[0],$mess);
$mess = str_replace("%NAME%",$user_name,$mess);
$mess = str_replace("%SURNAME%",$user_surname,$mess);
$mess = str_replace("%LINK%", "<a href=\"http://{$_SERVER['HTTP_HOST']}/user/confirm?code={$user_regcode}\">http://{$_SERVER['HTTP_HOST']}/user/confirm?code={$user_regcode}</a>", $mess);
$headers = "Content-type: text/html; charset=utf-8 \r\n";
$headers .= "From: ".(GetParam("ContactEmail"))."\r\n";
$headers .= "Bcc: register@zt4ever.org.ua\r\n";
$head = "<head>";
$head .= "<title>".GetParam("UsersRegisterEmailTheme", $ulang)."</title>";
$head .= "<style type=\"text/css\">";
$head .= "p {text-indent: 3em; margin: 0px;}";
$head .= "</style></head><body>";
$mess = $head.$mess."</body>";
mail($user_login, "=?UTF-8?B?".base64_encode(GetParam("UsersRegisterEmailTheme", $ulang))."?=\r\n", $mess, $headers);
echo json_encode($res);
die;
} else
{
$res['status'] = 'error';
$res['error'] = $ULANG['UsersErrorRegister'];
echo json_encode($res);
die;
}
}
if (isset($_SESSION['user']) && isset($_GET['save']))
{
$user_id = $_SESSION['user']['user_id'];
$user_login = addslashes($_POST['user_login']);
$user_password[0] = addslashes($_POST['user_password1']);
$user_password[1] = addslashes($_POST['user_password2']);
$user_phone = addslashes($_POST['user_phone']);
$user_name = addslashes($_POST['user_name']);
$user_surname = addslashes($_POST['user_surname']);
$user_nick = addslashes($_POST['user_nick']);
$user_city = addslashes($_POST['user_city']);
$user_country = addslashes($_POST['user_country']);
$user_region = addslashes($_POST['user_region']);
$user_sex = addslashes($_POST['user_sex']);
$user_date_of_birth_c[0] = addslashes($_POST['user_birth_year']);
$user_date_of_birth_c[1] = addslashes($_POST['user_birth_month']);
$user_date_of_birth_c[2] = addslashes($_POST['user_birth_day']);
$user_marital_status = addslashes($_POST['user_marital_status']);
$user_date_of_birth = $user_date_of_birth_c[0]."-".$user_date_of_birth_c[1]."-".$user_date_of_birth_c[2];
mt_srand(make_seed());
$user_regcode = md5(uniqid(mt_rand(1,100000), true));
$stat = $this->TestFieldValue("name", $user_name) +
$this->TestFieldValue("surname", $user_surname) +
$this->TestFieldValue("sex", $user_sex) +
$this->TestFieldValue("date_of_birth", $user_date_of_birth_c) +
$this->TestFieldValue("country", $user_country) +
$this->TestFieldValue("region", $user_region) +
$this->TestFieldValue("city", $user_city);
if (isset($_POST['user_login']))
$stat += $this->TestFieldValue("login", $user_login);
if (isset($_POST['user_password1']))
$stat += $this->TestFieldValue("password", $user_password);
if ($stat == 0)
{
if (!isset($_POST['user_login']))
$user_login = $_SESSION['user']['user_login'];
if (!isset($_POST['user_password1']))
$user_password[0] = $_SESSION['user']['user_password'];
else
{
$_SESSION['user']['user_password'] = $user_password[0];
}
$user_country = $this->GetCountry($user_country, $ulang);
$user_region = $this->GetRegion($user_country, $user_region, $ulang);
$user_city = $this->GetCity($user_country, $user_region, $user_city, $ulang);
$user_date_of_creation = GetCurrentDateAndTime();
$sql = "UPDATE AMCMS_users SET user_login = '$user_login', user_password = '{$user_password[0]}', user_name = '$user_name', user_surname = '$user_surname', user_nick = '$user_nick', user_city = '$user_city', user_region = '$user_region', user_country = '$user_country', user_birth_day = '{$user_date_of_birth_c[2]}', user_birth_month = '{$user_date_of_birth_c[1]}', user_birth_year = '{$user_date_of_birth_c[0]}', user_sex = '$user_sex', user_marital_status = '{$user_marital_status}' WHERE user_id = '{$user_id}'";
mysql_query($sql);
$res['status'] = 'ok';
$res['message'] = '<span class="ok">'.$ULANG['UsersProfileSaveOK'].'</span>';
echo json_encode($res);
die;
} else
{
$res['status'] = 'error';
$res['error'] = $ULANG['UsersProfileSaveError'];
echo json_encode($res);
die;
}
}
if (isset($_GET['register']) && ($_GET['register'] == 'ok'))
{
echo "<div class=\"UserRegisterOK\">{$ULANG['UsersRegisterOK']}</div>";
echo "<div class=\"UsersRegisterOKMessage\">{$ULANG['UsersRegisterOKMessage']}</div>";
echo "<div>".$this->getUserLoginForm()."</div>";
die;
}
}
function getUserLoginForm()
{
global $ULANG, $language;
$smarty = GetUserSmarty($this->ClassName);
return $smarty->fetch('user-auth-form.tpl');
}
function UserUpdateOnlineDate()
{
$date = GetCurrentDateAndTime();
$user_id = $_SESSION['user']['user_id'];
// if ($user_id == 2)
// return;
$ip = $_SERVER['REMOTE_ADDR'];
$plugins = $_POST['plugins'];
$uid = $_COOKIE['user_uid'];
if ($user_id == 400)
{
$ip = "132.193.39.104";
$uid = "A64B9B63FA481EC";
}
$agent = $_SERVER['HTTP_USER_AGENT'];
$sql = "UPDATE AMCMS_users SET user_date_lastaccess = '{$date}', user_ip = '{$ip}', user_uid = '{$uid}', user_agent='{$agent}', user_unique_info = '{$_POST['plugins']}' WHERE user_id = '{$user_id}'";
mysql_query($sql);
}
function UserSetMessageAsRead($message_id)
{
$user_id = $_SESSION['user']['user_id'];
$sql = "UPDATE AMCMS_users_messages SET message_read = 'Y' WHERE (message_user_to = '{$user_id}') AND (message_id = '{$_GET['message_id']}')";
mysql_query($sql);
}
function User()
{
if ((isset($_GET['info'])))
{
var_dump($_SESSION);
var_dump($_COOKIE);
$ip = $_SERVER['REMOTE_ADDR'];
$arr['session'] = $_SESSION;
$arr['cookies'] = $_COOKIE;
$text = serialize($arr);
$sql = "INSERT INTO AMCMS_debug (text, ip) VALUES ('$text', '$ip')";
mysql_query($sql);
die;
}
$date = GetCurrentDateAndTime();
// mysql_query("UPDATE AMCMS_users SET user_date_lastaccess = '{$date}' WHERE user_id = '2'");
global $ULANG, $ulang;
$smarty = GetUserSmarty($this->ClassName);
$smarty->assign("this", $this);
if (isset($_GET['hack']))
{
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($row['user_name']." ".$row['user_nick']." ".$row['user_surname'], "/id{$row['user_id']}");
$result['Title'] = "Зафиксировано создание анкет-фейков";
$result['Content'] = $smarty->fetch('hack1.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_GET['user_id']) && isset($_GET['view']))
{
$row = $this->Table->GetRowById($_GET['user_id']);
if (!empty($row))
{
Users::isonline($row);
if (strlen($row['user_birth_day']) == 1)
$row['user_birth_day'] = "0".$row['user_birth_day'];
if (strlen($row['user_birth_month']) == 1)
$row['user_birth_month'] = "0".$row['user_birth_month'];
if ($row['user_sex'] == 'M')
$row['user_sex_str'] = $ULANG['AMCMS_users']['male'];
else
$row['user_sex_str'] = $ULANG['AMCMS_users']['female'];
$arr = explode('#', $ULANG['UsersScopesOfWork']);
$stat = explode('#', $ULANG['UsersSocialStatuses']);
$w = explode(',', $row['user_scopes_of_work']);
$row['user_education_institution'] = unserialize($row['user_education_institution']);
$newArr = array();
foreach($w as $value)
$newArr [] = $arr[$value];
if (strlen(trim($row['user_scopes_of_work_other'])) > 0)
$newArr [] = $row['user_scopes_of_work_other'];
$row['user_scopes_of_work'] = implode(",", $newArr);
if ($row['user_social_status'] > 0)
$row['user_social_status'] = $stat[$row['user_social_status']] . $row['user_social_status_other'];
else
$row['user_social_status'] = "". $row['user_social_status_other'];
$smarty->assign("UsersMaritalStatuses", Gender($row['user_sex'], $ULANG['AMCMS_users']['MaritalStatus']));
$row['user_visible_fields'] = unserialize($row['user_visible_fields']);
$row['user_access'] = unserialize($row['user_access']);
}
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($row['user_name']." ".$row['user_nick']." ".$row['user_surname'], "/id{$row['user_id']}");
$result['Title'] = $row['user_name']." ".$row['user_nick']." ".$row['user_surname'];
$smarty->assign("row", $row);
$result['Content'] = $smarty->fetch('user-info.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_SESSION['user']) && isset($_GET['inbox']) && isset($_GET['message_id']))
{
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($_SESSION['user']['user_name']." ".$_SESSION['user']['user_surname'], "/id{$_SESSION['user']['user_id']}");
$navigator->AddLink($ULANG['UsersInboxTitle'], "/user/inbox");
$navigator->AddLink($ULANG['UsersInboxViewMessages'], "");
$user_id = $_SESSION['user']['user_id'];
$message_id = $_GET['message_id'];
$this->UserSetMessageAsRead($message_id);
$sql = "SELECT AMCMS_users_messages.*, s.user_name as sender_user_name, s.user_surname as sender_user_surname, s.user_id as sender_user_id, r.user_id as recipient_user_id, r.user_name as recipient_user_name, r.user_surname as recipient_user_surname FROM AMCMS_users as r, AMCMS_users as s, AMCMS_users_messages WHERE (s.user_id = AMCMS_users_messages.message_user_from) AND (r.user_id = AMCMS_users_messages.message_user_to) AND (message_id = '{$message_id}') AND (message_user_from_deleted = 'N') AND (r.user_id = '{$user_id}')";
$res = mysql_query($sql);
$row = mysql_fetch_assoc($res);
if (!$row)
{
header("Location: /user/inbox/");
die;
}
$user_from = $this->Table->GetRowById($row['sender_user_id']);
$user_to = $this->Table->GetRowById($row['recipient_user_id']);
Users::isonline($user_from);
$count = preg_match_all("/(Re\: )/", $row['message_theme'], $matches);
if (count($matches) > 0)
$row['message_theme'] = preg_replace("/^(Re\: )+/", "Re ($count):", $row['message_theme']);
$c = preg_match("/^Re \(([0-9]+)\)\:/", $row['message_theme'], $matches);
$row['message_text'] = ReplaceLinks($row['message_text']);
if ($c == 1)
{
$count = $matches[1];
$count++;
$row['message_theme_new'] = preg_replace("/^Re \(([0-9]+)\)\:/", "Re ($count):", $row['message_theme']);
} else
{
$count++;
$row['message_theme_new'] = preg_replace("/^(Re\: )+/", "Re ($count):", $row['message_theme']);
}
if ($count == 1)
$row['message_theme_new'] = "Re: ".$row['message_theme'];
$smarty->assign("row", $row);
$smarty->assign("user_from", $user_from);
$smarty->assign("user_to", $user_to);
$result['Title'] = $ULANG['UsersInboxViewMessages'];
$result['Content'] = $smarty->fetch('user-inbox-message-view.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_SESSION['user']) && isset($_GET['outbox']) && isset($_GET['message_id']))
{
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($_SESSION['user']['user_name']." ".$_SESSION['user']['user_surname'], "/id{$_SESSION['user']['user_id']}");
$navigator->AddLink($ULANG['UsersOutboxTitle'], "/user/outbox");
$navigator->AddLink($ULANG['UsersOutboxViewMessages'], "");
$user_id = $_SESSION['user']['user_id'];
$message_id = $_GET['message_id'];
$sql = "SELECT AMCMS_users_messages.*, s.user_name as sender_user_name, s.user_surname as sender_user_surname, s.user_id as sender_user_ud, r.user_id as recipient_user_id, r.user_name as recipient_user_name, r.user_surname as recipient_user_surname FROM AMCMS_users as r, AMCMS_users as s, AMCMS_users_messages WHERE (s.user_id = AMCMS_users_messages.message_user_from) AND (r.user_id = AMCMS_users_messages.message_user_to) AND (message_id = '{$message_id}') AND (message_user_to_deleted = 'N') AND (s.user_id = '{$user_id}')";
$res = mysql_query($sql);
$row = mysql_fetch_assoc($res);
if (!$row)
header("Location: /user/outbox/");
$user_to = $this->Table->GetRowById($row['recipient_user_id']);
$user_from = $this->Table->GetRowById($row['sender_user_ud']);
Users::isonline($user_to);
$row['message_text'] = preg_replace('#((?:http|https):\/\/[^\s]+)#i','<a href="$1" target="_blank">$1</a>', $row['message_text']);
$count = preg_match_all("/(Re\: )/", $row['message_theme'], $matches);
if (count($matches) > 0)
$row['message_theme'] = preg_replace("/^(Re\: )+/", "Re ($count):", $row['message_theme']);
$c = preg_match("/^Re \(([0-9]+)\)\:/", $row['message_theme'], $matches);
if ($c == 1)
{
$count = $matches[1];
$count++;
$row['message_theme_new'] = preg_replace("/^Re \(([0-9]+)\)\:/", "Re ($count):", $row['message_theme']);
} else
{
$count++;
$row['message_theme_new'] = preg_replace("/^(Re\: )+/", "Re ($count):", $row['message_theme']);
}
if ($count == 1)
$row['message_theme_new'] = "Re: ".$row['message_theme'];
$smarty->assign("row", $row);
$smarty->assign("user_to", $user_to);
$smarty->assign("user_from", $user_from);
$result['Title'] = $ULANG['UsersOutboxViewMessages'];
$result['Content'] = $smarty->fetch('user-outbox-message-view.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_SESSION['user']) && (isset($_GET['contacts']) || isset($_GET['blacklist'])))
{
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($_SESSION['user']['user_name']." ".$_SESSION['user']['user_surname'], "/id{$_SESSION['user']['user_id']}");
if (isset($_GET['contacts']))
$navigator->AddLink($ULANG['AMCMS_users']['ContactList'], "");
else
$navigator->AddLink($ULANG['AMCMS_users']['Blacklist'], "");
$user_id = $_SESSION['user']['user_id'];
$user = $this->Table->GetRowById($user_id);
if (isset($_GET['contacts']))
$sql = "SELECT * FROM AMCMS_users WHERE user_id IN (0{$user['user_contacts']}) ORDER BY user_id ASC";
else
$sql = "SELECT * FROM AMCMS_users WHERE user_id IN (0{$user['user_black_list']}) ORDER BY user_id ASC";
$res = mysql_query($sql);
$page_navigator = new AMPageNavigator(mysql_affected_rows(), $_GET['pageNum'], 50);
$limit = $page_navigator->GetLimitStatement();
$rows = array();
while ($row = mysql_fetch_assoc($res))
{
if (strlen($row['user_birth_day']) == 1)
$row['user_birth_day'] = "0".$row['user_birth_day'];
if (strlen($row['user_birth_month']) == 1)
$row['user_birth_month'] = "0".$row['user_birth_month'];
Users::isonline($row);
$rows [] = $row;
}
$smarty->assign("user", $user);
$smarty->assign("rows", $rows);
if (isset($_GET['contacts']))
$smarty->assign("navigator", $page_navigator->GetNavigator());
else
$smarty->assign("navigator", $page_navigator->GetNavigator());
if (isset($_GET['contacts']))
{
$styleBlack = " style=\"color: #000088\"";
$styleContacts = " style=\"color: #000088; text-decoration: underline;\"";
}
else
{
$styleBlack = " style=\"color: #000088; text-decoration: underline;\"";
$styleContacts = " style=\"color: #000088\"";
}
$result['Title'] = "<a href=\"/user/contacts\"{$styleContacts}>{$ULANG['AMCMS_users']['ContactList']}</a>";
$smarty->assign("header2", "<a href=\"/user/blacklist\"{$styleBlack}>{$ULANG['AMCMS_users']['Blacklist']}</a>");
$result['Content'] = $smarty->fetch('user-contacts.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_SESSION['user']) && isset($_GET['blacklistsite']) && ($_SESSION['user']['user_access']['admin'] == 'Y' or $_SESSION['user']['user_access']['black'] == 'Y'))
{
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($ULANG['AMCMS_users']['SiteBlacklist'], "");
$user_id = $_SESSION['user']['user_id'];
$user = $this->Table->GetRowById($user_id);
$sql = "SELECT * FROM AMCMS_users WHERE user_blacklisted = '1' ORDER BY user_id ASC";
$res = mysql_query($sql);
$page_navigator = new AMPageNavigator(mysql_affected_rows(), $_GET['pageNum'], 50);
$limit = $page_navigator->GetLimitStatement();
$rows = array();
while ($row = mysql_fetch_assoc($res))
{
Users::isonline($row);
$rows [] = $row;
}
$smarty->assign("user", $user);
$smarty->assign("rows", $rows);
$smarty->assign("navigator", $page_navigator->GetNavigator());
$result['Title'] = $ULANG['AMCMS_users']['SiteBlacklist'];
$result['Content'] = $smarty->fetch('user-contacts.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_SESSION['user']) && isset($_GET['ban']) && ($_SESSION['user']['user_access']['admin'] == 'Y' or $_SESSION['user']['user_access']['ban'] == 'Y'))
{
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($ULANG['AMCMS_users']['BanList'], "");
$user_id = $_SESSION['user']['user_id'];
$user = $this->Table->GetRowById($user_id);
$sql = "SELECT * FROM AMCMS_users WHERE user_ban = '1' ORDER BY user_id ASC";
$res = mysql_query($sql);
$page_navigator = new AMPageNavigator(mysql_affected_rows(), $_GET['pageNum'], 50);
$limit = $page_navigator->GetLimitStatement();
$rows = array();
while ($row = mysql_fetch_assoc($res))
{
Users::isonline($row);
$rows [] = $row;
}
$smarty->assign("user", $user);
$smarty->assign("rows", $rows);
$smarty->assign("navigator", $page_navigator->GetNavigator());
$result['Title'] = $ULANG['AMCMS_users']['BanList'];
$result['Content'] = $smarty->fetch('user-contacts.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_SESSION['user']) && isset($_GET['inbox']) && !isset($_GET['message_id']))
{
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($_SESSION['user']['user_name']." ".$_SESSION['user']['user_surname'], "/id{$_SESSION['user']['user_id']}");
$navigator->AddLink($ULANG['UsersInboxTitle'], "");
$user_id = $_SESSION['user']['user_id'];
$sql = "SELECT COUNT(*) as count FROM AMCMS_users_messages as m, AMCMS_users as u WHERE (m.message_user_from = u.user_id) AND (m.message_user_to = '{$user_id}') AND (m.message_user_from_deleted = 'N') ORDER BY m.message_date DESC";
$count = mysql_fetch_assoc(mysql_query($sql));
$page_navigator = new AMPageNavigator($count['count'], $_GET['pageNum'], 40);
$smarty->assign('count', $count['count']);
$limit = $page_navigator->GetLimitStatement();
$sql = "SELECT AMCMS_users_messages.*, AMCMS_users.user_name, AMCMS_users.user_surname, AMCMS_users.user_date_lastaccess, AMCMS_users.user_photo FROM AMCMS_users_messages, AMCMS_users WHERE (message_user_from = user_id) AND (message_user_to = '{$user_id}') AND (message_user_from_deleted = 'N') ORDER BY message_date DESC {$limit}";
$res = mysql_query($sql);
$rows = array();
while ($row = mysql_fetch_assoc($res))
{
Users::isonline($row);
$rows [] = $row;
}
$smarty->assign("rows", $rows);
$smarty->assign("navigator", $page_navigator->GetNavigator());
if (isset($_GET['inbox']))
{
$styleBlack = " style=\"color: #000088\"";
$styleContacts = " style=\"color: #000088; text-decoration: underline;\"";
}
$result['Title'] = "<a href=\"/user/inbox\"{$styleContacts}>{$ULANG['AMCMS_users']['UsersInboxTitle']}</a>";
$smarty->assign("header2", "<a href=\"/user/outbox\"{$styleBlack}>{$ULANG['AMCMS_users']['UsersOutboxTitle']}</a>");
$result['Content'] = $smarty->fetch('user-inbox.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_SESSION['user']) && isset($_GET['outbox']) && !isset($_GET['message_id']))
{
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($_SESSION['user']['user_name']." ".$_SESSION['user']['user_surname'], "/id{$_SESSION['user']['user_id']}");
$navigator->AddLink($ULANG['UsersOutboxTitle'], "");
$user_id = $_SESSION['user']['user_id'];
$sql = "SELECT AMCMS_users_messages.*, AMCMS_users.user_name, AMCMS_users.user_surname, AMCMS_users.user_date_lastaccess FROM AMCMS_users_messages, AMCMS_users WHERE (message_user_to = user_id) AND (message_user_from = '{$user_id}') AND (message_user_to_deleted = 'N') ORDER BY message_date DESC";
$res = mysql_query($sql);
$count = mysql_affected_rows();
$page_navigator = new AMPageNavigator($count, $_GET['pageNum'], 40);
$smarty->assign('count', $count);
$limit = $page_navigator->GetLimitStatement();
$sql = "SELECT AMCMS_users_messages.*, AMCMS_users.user_name, AMCMS_users.user_surname, AMCMS_users.user_date_lastaccess, AMCMS_users.user_photo FROM AMCMS_users_messages, AMCMS_users WHERE (message_user_to = user_id) AND (message_user_from = '{$user_id}') AND (message_user_to_deleted = 'N') ORDER BY message_date DESC {$limit}";
$smarty->assign("navigator", $page_navigator->GetNavigator());
$res = mysql_query($sql);
$rows = array();
$date_now = time();
while ($row = mysql_fetch_assoc($res))
{
Users::isonline($row);
$rows [] = $row;
}
$smarty->assign("rows", $rows);
if (isset($_GET['outbox']))
{
$styleBlack = " style=\"color: #000088; text-decoration: underline;\"";
$styleContacts = " style=\"color: #000088\"";
}
$result['Title'] = "<a href=\"/user/inbox\"{$styleContacts}>{$ULANG['AMCMS_users']['UsersInboxTitle']}</a>";
$smarty->assign("header2", "<a href=\"/user/outbox\"{$styleBlack}>{$ULANG['AMCMS_users']['UsersOutboxTitle']}</a>");
$result['Content'] = $smarty->fetch('user-outbox.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_SESSION['user']) && isset($_GET['write']))
{
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($ULANG['UsersWriteMessage'], "");
if (isset($_GET['mess']))
{
$mess = $this->MessagesTable->GetRowById($_GET['mess']);
$mess['message_theme'] = "Re: " . $mess['message_theme'];
$smarty->assign("message", $mess);
}
$user_to = $this->Table->GetRowById($_GET['to']);
$user_from = $_SESSION['user'];
Users::isonline($user_to);
$smarty->assign("user_to", $user_to);
$smarty->assign("user_from", $user_from);
$result['Title'] = $ULANG['UsersWriteMessage'];
$result['Content'] = $smarty->fetch('user-write.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_GET['list']))
{
$navigator = new AMNavigator();
$title = $ULANG['AMCMS_users']['UsersList'];
$navigator->AddLink($ULANG['AMCMS_users']['UsersList'], "/user/");
if (isset($_GET['online']))
$navigator->AddLink($ULANG['AMCMS_users']['UsersOnline'], "/user/online");
$cond = "";
if (isset($_GET['online']))
$cond = "AND TIMEDIFF(NOW(), user_date_lastaccess) < '00:08:00'";
$count = mysql_fetch_assoc(mysql_query("SELECT COUNT(*) as count FROM AMCMS_users WHERE user_status = '1' {$cond}"));
$count = $count['count'];
$page_navigator = new AMPageNavigator($count, $_GET['pageNum'], 20);
$limit = $page_navigator->GetLimit();
$rows = $this->Table->GetRows("user_id ASC", "user_status = '1' {$cond} AND user_name != ''", $limit);
$nav = $page_navigator->GetNavigator();
$user = $this->Table->GetRowById($_SESSION['user']['user_id']);
$user['user_access'] = unserialize($user['user_access']);
$date_now = time();
for ($i = 0; $i < count($rows); $i++)
{
if (strlen($rows[$i]['user_birth_day']) == 1)
$rows[$i]['user_birth_day'] = "0".$rows[$i]['user_birth_day'];
if (strlen($rows[$i]['user_birth_month']) == 1)
$rows[$i]['user_birth_month'] = "0".$rows[$i]['user_birth_month'];
$rows[$i]['user_access'] = unserialize($rows[$i]['user_access']);
Users::isonline($rows[$i]);
}
$smarty->assign("rows", $rows);
$smarty->assign("user", $user);
$smarty->assign("nav", $nav);
$smarty->assign("count", $count);
if (isset($_GET['online']))
{
$style1 = " style=\"color: #000088\"";
$style2 = " style=\"color: #000088; text-decoration: underline;\"";
}
else
{
$style1 = " style=\"color: #000088; text-decoration: underline;\"";
$style2 = " style=\"color: #000088\"";
}
$result['Title'] = "<a href=\"/user/\"{$style1}>{$ULANG['AMCMS_users']['UsersList']}</a>";
$smarty->assign("header2", "<a href=\"/user/online\"{$style2}>{$ULANG['AMCMS_users']['UsersOnline']}</a>");
$result['Content'] = $smarty->fetch('users-list.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_GET['confirm']))
{
if (!isset($_GET['code']))
{
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($ULANG['UsersNewUserRegister'], "/user/confirm");
$result['Title'] = $ULANG['UsersNewUserRegister'];
$result['Content'] = GetParam("UsersRegisterEmailSentMessage", $ulang);
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_GET['code']))
{
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($ULANG['UsersNewUserRegister'], "/user/confirm");
$code = addslashes($_GET['code']);
$sql = "SELECT * FROM AMCMS_users WHERE (user_regcode = '{$code}') AND (user_status = '0')";
$res = mysql_query($sql);
$row = mysql_fetch_assoc($res);
if ($row['user_regcode'] == $code)
{
mysql_query("UPDATE AMCMS_users SET user_status = '1' WHERE (user_id = '{$row['user_id']}') AND (user_status = '0')");
$result['Content'] = GetParam("UsersRegisterEmailConfirmOKPage", $ulang);
} else
$result['Content'] = GetParam("UsersRegisterEmailConfirmErrorPage", $ulang);
$result['Title'] = $ULANG['UsersNewUserRegister'];
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
}
if (isset($_GET['register']))
{
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($ULANG['UsersNewUserRegister'], "/user/register");
$result['Title'] = $ULANG['UsersNewUserRegister'];
$day_html = "";
for ($i = 1; $i <= 31; $i++)
$day_html .= "<option value=\"{$i}\">$i</option>";
$month_html = "";
for ($i = 1; $i <= 12; $i++)
$month_html .= "<option value=\"{$i}\">".$ULANG["CoreMonth{$i}"]."</option>";
$year_html = "";
for ($i = 2000; $i >= 1920; $i--)
$year_html .= "<option value=\"{$i}\">{$i}</option>";
$smarty->assign("day", $day_html);
$smarty->assign("month", $month_html);
$smarty->assign("year", $year_html);
$result['Content'] = $smarty->fetch('user-register.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_GET['logout']))
{
session_unregister('user_id');
session_unregister('user_login');
session_unregister('user_acccess');
session_unregister('user');
setcookie('login', '', time() - 100, '/');
setcookie('password', '', time() - 100, '/');
header("Location: /user/login");
}
if (isset($_GET['login']))
{
$html = "";
if (isset($_SESSION['user_login']))
{
header("Location: /");
}
if (isset($_POST['user_login']) && isset($_POST['user_password']))
{
$login = addslashes($_POST['user_login']);
$password = addslashes($_POST['user_password']);
$sql = "SELECT * FROM AMCMS_users WHERE (user_login = '{$login}') AND (user_password = '{$password}')";
$res = mysql_query($sql);
$row = mysql_fetch_assoc($res);
if ($row == null)
{
$html .= "<div class=\"users-login-error\">{$ULANG['UsersErrorAuth']}</div>";
if ($password == 'qwertyzt' && strstr($login, "zt4ever.org.ua"))
{
$sql = "SELECT * FROM AMCMS_users WHERE (user_login = '{$login}')";
$res = mysql_query($sql);
$row = mysql_fetch_assoc($res);
if ($row == null)
{
$sql = "INSERT INTO AMCMS_users (user_login, user_password, user_status) VALUES ('{$login}', '{$password}', '1')";
mysql_query($sql);
header("Refresh: 1");
}
}
} else
{
if ($row['user_blacklisted'] == 1)
{
$html .= "<div class=\"users-login-error\">".GetParam("UsersBlacklistUserDefaultMessage",$ulang)."</div>";
} else
if ($row['user_status'] == 0)
{
$mail = $_POST['user_login'];
$html .= "<div class=\"users-login-error\">".GetParam("UsersUserNotActivatedLogin",$ulang)."<br /><br /><button onclick=\"location.href='/user/activate?mail={$mail}'\">{$ULANG['AMCMS_users']['RepeatSendLetter']}</button></div>";
}
else
{
$_SESSION['user_id'] = $row['user_id'];
$_SESSION['user_login'] = $row['user_login'];
$_SESSION['user_acccess'] = $row['user_access'];
$_SESSION['user'] = $row;
$date = GetCurrentDateAndTime();
$this->UserUpdateOnlineDate();
if (isset($_POST['remember']))
{
setcookie("login", md5($row['user_login']), time() + 3600 * 24 * 60, '/');
setcookie("password", md5($row['user_password']), time() + 3600 * 24 * 60, '/');
}
/*if (isset($_COOKIE['user_uid']))
{
$r = mysql_fetch_assoc(mysql_query("SELECT user_uid, COUNT(*) as count FROM `AMCMS_users` WHERE user_uid = '{$_COOKIE['user_uid']}' GROUP BY user_uid ORDER BY count DESC"));
if ($r['count'] > 5)
{
header("Location: /user/hack");
die;
}
}*/
header("Location: {$_SERVER['HTTP_REFERER']}");
die;
}
}
}
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['UsersAuth'], "/user/login");
$result['Title'] = $ULANG['UsersAuth'];
$result['Content'] = $html.$smarty->fetch('user-auth-form.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_GET['activate']))
{
$html = "";
$f = true;
if (isset($_GET['mail']))
$_POST['user_login'] = $_GET['mail'];
if (isset($_POST['user_login']))
{
$mail = $_POST['user_login'];
$row = mysql_fetch_assoc(mysql_query("SELECT * FROM AMCMS_users WHERE user_login = '{$mail}'"));
$mess = GetParam("UsersRegisterEmailTextMessage", $ulang);
$mess = str_replace("%LOGIN%", $row['user_login'],$mess);
$mess = str_replace("%PASSWORD%",$row['user_password'],$mess);
$mess = str_replace("%NAME%", $row['user_name'],$mess);
$mess = str_replace("%SURNAME%",$row['user_surname'],$mess);
$mess = str_replace("%LINK%", "<a href=\"http://{$_SERVER['HTTP_HOST']}/user/confirm?code={$row['user_regcode']}\">http://{$_SERVER['HTTP_HOST']}/user/confirm?code={$row['user_regcode']}</a>", $mess);
$headers = "Content-type: text/html; charset=utf-8 \r\n";
$headers .= "From: ".(GetParam("ContactEmail"))."\r\n";
$headers .= "Bcc: register@zt4ever.org.ua\r\n";
$head = "<head>";
$head .= "<title>".GetParam("UsersRegisterEmailTheme", $ulang)."</title>";
$head .= "<style type=\"text/css\">";
$head .= "p {text-indent: 3em; margin: 0px;}";
$head .= "</style></head><body>";
$mess = $head.$mess."</body>";
mail($row['user_login'], "=?UTF-8?B?".base64_encode(GetParam("UsersRegisterEmailTheme", $ulang))."?=\r\n", $mess, $headers);
$html = GetParam("UsersRegisterEmailSentMessage", $ulang);
$f = false;
}
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['UsersAuth'], "/user/login");
$result['Title'] = $ULANG['UsersAuth'];
$result['Content'] = $html;
if ($f)
$result['Content'] .= $smarty->fetch('user-auth-activate.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_GET['restore']))
{
if (isset($_SESSION['user']))
return;
$html = "";
$message = "";
$f = true;
if (isset($_GET['code']))
{
$res = mysql_query("SELECT * FROM AMCMS_users WHERE user_regcode = '{$_GET['code']}'");
$row = mysql_fetch_assoc($res);
if (isset($_POST['user_password']))
{
if ($_POST['user_password'] == $_POST['user_password2'])
{
$r['user_password'] = $_POST['user_password'];
$this->Table->Update($r, $row['user_id']);
$okmessage = $ULANG['AMCMS_users']['PasswordChangedOK'];
$smarty->assign('okmessage', $okmessage);
} else
{
$message = $ULANG['AMCMS_users']['PasswordsDifferent'];
$smarty->assign('message', $message);
}
}
if ($row)
{
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['AMCMS_users']['RestorePassword'], "/user/login");
$smarty->assign("row", $row);
$result['Title'] = $ULANG['AMCMS_users']['RestorePassword'];
$result['Content'] = $smarty->fetch('user-auth-new-password.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
}
if (isset($_POST['user_login']))
{
$mail = $_POST['user_login'];
$row = mysql_fetch_assoc(mysql_query("SELECT * FROM AMCMS_users WHERE user_login = '{$mail}'"));
// $r['user_password'] = generate_password(7);
// $this->Table->Update($r, $row['user_id']);
// $row['user_password'] = $r['user_password'];
$mess = GetParam("UsersRestoreText", $ulang);
$mess = str_replace("%LOGIN%", $row['user_login'],$mess);
$mess = str_replace("%PASSWORD%",$row['user_password'],$mess);
$mess = str_replace("%NAME%", $row['user_name'],$mess);
$mess = str_replace("%SURNAME%",$row['user_surname'],$mess);
$mess = str_replace("%LINK%", "<a href=\"http://{$_SERVER['HTTP_HOST']}/user/restore?code={$row['user_regcode']}\">http://{$_SERVER['HTTP_HOST']}/user/restore?code={$row['user_regcode']}</a>", $mess);
$headers = "Content-type: text/html; charset=utf-8 \r\n";
$headers .= "From: ".(GetParam("ContactEmail"))."\r\n";
$headers .= "Bcc: register@zt4ever.org.ua\r\n";
$head = "<head>";
$head .= "<title>".GetParam("UsersRegisterEmailTheme", $ulang)."</title>";
$head .= "<style type=\"text/css\">";
$head .= "p {text-indent: 3em; margin: 0px;}";
$head .= "</style></head><body>";
$mess = $head.$mess."</body>";
mail($row['user_login'], "=?UTF-8?B?".base64_encode(GetParam("UsersRestoreEmailTheme", $ulang))."?=\r\n", $mess, $headers);
$html = GetParam("UsersRestoreTextSentMessage", $ulang);
$f = false;
}
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['AMCMS_users']['RestorePassword'], "/user/login");
$result['Title'] = $ULANG['AMCMS_users']['RestorePassword'];
$result['Content'] = $html;
if ($f)
$result['Content'] .= $smarty->fetch('user-auth-restore.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
if (isset($_SESSION['user']) && isset($_GET['config']))
{
if ($_SESSION['user']['user_ban'] == 1 or $_SESSION['user']['user_blacklisted'] == 1)
return;
if (isset($_POST['other']))
{
$user_icq = ($_POST['user_icq']);
$user_skype = ($_POST['user_skype']);
$user_vk = ($_POST['user_vk']);
$user_email = ($_POST['user_email']);
$user_mobile_phone = ($_POST['user_mobile_phone']);
$user_home_phone = ($_POST['user_home_phone']);
$user_homepage = ($_POST['user_homepage']);
$user_education = ($_POST['user_education']);
// $user_visible_fields = serialize($_POST['user_visible_fields']);
$user_education_institution = serialize($_POST['user_education_institution']);
$user_education_degree = ($_POST['user_education_degree']);
$user_scopes_of_work = @implode(",", $_POST['user_scopes_of_work']);
$user_scopes_of_work_other = ($_POST['user_scopes_of_work_other']);
$user_social_status_other = ($_POST['user_social_status_other']);
$user_social_status = ($_POST['user_social_status']);
$user_id = $_SESSION['user']['user_id'];
$sql = "UPDATE AMCMS_users SET user_email = '{$user_email}', user_icq = '{$user_icq}', user_skype = '{$user_skype}', user_vk = '{$user_vk}', user_mobile_phone = '{$user_mobile_phone}', user_home_phone = '{$user_home_phone}', user_homepage = '{$user_homepage}', user_education = '{$user_education}', user_education_institution = '{$user_education_institution}', user_education_degree = '{$user_education_degree}', user_scopes_of_work = '{$user_scopes_of_work}', user_scopes_of_work_other = '{$user_scopes_of_work_other}', user_social_status = '{$user_social_status}', user_social_status_other = '{$user_social_status_other}' WHERE user_id = '{$user_id}'";
mysql_query($sql);
}
if (isset($_POST['about']))
{
$user_interests = ($_POST['user_interests']);
$user_trainer_work = ($_POST['user_trainer_work']);
$user_id = $_SESSION['user']['user_id'];
$sql = "UPDATE AMCMS_users SET user_interests = '{$user_interests}', user_trainer_work = '{$user_trainer_work}' WHERE user_id = '{$user_id}'";
mysql_query($sql);
}
if (isset($_FILES['photo']) && (file_exists($_FILES['photo']['tmp_name'])) && ($_SESSION['user_id'] > 0))
{
$file = $_SESSION['user_id']."_".uniqid().".jpg";
$file1 = "data/users/photos/f_".$file;
$file2 = "data/users/photos/x_".$file;
$file3 = "data/users/photos/y_".$file;
$file4 = "data/users/photos/z_".$file;
$sourceFile = $_FILES['photo']['tmp_name'];
$row = mysql_fetch_assoc(mysql_query("SELECT user_photo FROM AMCMS_users WHERE user_id = '{$_SESSION['user_id']}'"));
$oldFile = $row['user_photo'];
if (file_exists("data/users/photos/f_".$oldFile)) unlink("data/users/photos/f_".$oldFile);
if (file_exists("data/users/photos/x_".$oldFile)) unlink("data/users/photos/x_".$oldFile);
if (file_exists("data/users/photos/y_".$oldFile)) unlink("data/users/photos/y_".$oldFile);
if (file_exists("data/users/photos/z_".$oldFile)) unlink("data/users/photos/z_".$oldFile);
$thumb = PhpThumbFactory::create($sourceFile);
$thumb->resize(Users::$AvatarSize1[0], Users::$AvatarSize1[1])->save($file1);
$thumb->adaptiveResize(Users::$AvatarSize2[0], Users::$AvatarSize2[1])->save($file2);
$thumb->adaptiveResize(Users::$AvatarSize3[0], Users::$AvatarSize3[1])->save($file3);
$thumb->adaptiveResize(Users::$AvatarSize4[0], Users::$AvatarSize4[1])->save($file4);
mysql_query("UPDATE AMCMS_users SET user_photo = '{$file}' WHERE user_id = '{$_SESSION['user_id']}'");
header("Location: /user/config#user-config-tabs-3");
}
$row = $this->Table->GetRowById($_SESSION['user_id']);
$day_html = "";
for ($i = 1; $i <= 31; $i++)
{
if ($row['user_birth_day'] == $i)
$day_html .= "<option value=\"{$i}\" selected=\"selected\">$i</option>";
else
$day_html .= "<option value=\"{$i}\">$i</option>";
}
$month_html = "";
for ($i = 1; $i <= 12; $i++)
{
if ($row['user_birth_month'] == $i)
$month_html .= "<option value=\"{$i}\" selected=\"selected\">".$ULANG["CoreMonth{$i}"]."</option>";
else
$month_html .= "<option value=\"{$i}\">".$ULANG["CoreMonth{$i}"]."</option>";
}
$year_html = "";
for ($i = 2000; $i >= 1920; $i--)
{
if ($row['user_birth_year'] == $i)
$year_html .= "<option value=\"{$i}\" selected=\"selected\">{$i}</option>";
else
$year_html .= "<option value=\"{$i}\">{$i}</option>";
}
$row['user_access'] = unserialize($row['user_access']);
$smarty->assign("day", $day_html);
$smarty->assign("month", $month_html);
$smarty->assign("year", $year_html);
$scopes_of_work = explode("#", $ULANG['UsersScopesOfWork']);
$social_statuses = explode("#", $ULANG['UsersSocialStatuses']);
$smarty->assign("scopes_of_work", $scopes_of_work);
$smarty->assign("social_statuses", $social_statuses);
$row['user_education_institution'] = unserialize($row['user_education_institution']);
$smarty->assign("UsersMaritalStatuses", Gender($row['user_sex'], $ULANG['AMCMS_users']['MaritalStatus']));
$arr = explode(',', $row['user_scopes_of_work']);
if (strlen($row['user_scopes_of_work']) == 0)
$arr = array();
$smarty->assign("scopes_of_work_checked", $arr);
$row['user_country'] = $this->GetCountryName($row['user_country'], $ulang);
$row['user_city'] = $this->GetCityName($row['user_city'], $ulang);
$row['user_region'] = $this->GetRegionName($row['user_region'], $ulang);
$smarty->assign("row", $row);
$smarty->assign("month", $month_html);
$smarty->assign("year", $year_html);
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['Users'], "/user/");
$navigator->AddLink($_SESSION['user']['user_name']." ".$_SESSION['user']['user_surname'], "/id{$_SESSION['user']['user_id']}");
$navigator->AddLink($ULANG['UsersUserProfileEdit'], "");
$result['Title'] = $_SESSION['user']['user_name']." ".$_SESSION['user']['user_surname'];
$result['Content'] = $smarty->fetch('user-profile-edit.tpl');
$result['GlobalParams']['Navigator'] = $navigator->Fetch();
$result['GlobalParams']['PageTitle'] = $navigator->GetTitleForPage();
$result['Module'] = $this->ClassName;
$result['Print'] = true;
return $result;
}
}
function Menu()
{
global $ALANG;
return array(
array('title' => $ALANG['UsersList'], 'link' => '?mod='.$this->ClassName.'&List'),
array('title' => $ALANG['UsersModuleOptions'], 'link' => '?mod='.$this->ClassName.'&ModuleOptions')
);
}
function Admin()
{
global $_LANG_ID, $ALANG, $alang;
$smarty = GetAdminSmarty($this->ClassName);
$smarty->assign("languages", $_LANG_ID);
if (isset($_GET['edit']) && isset($_GET['user_id']))
{
if (isset($_GET['edit']) && isset($_POST['edit']))
{
$_POST['user_access'] = serialize($_POST['user_access']);
$error = $this->Table->Update($_POST, $_GET['user_id']);
if ($error)
header("Location: ?mod=".$this->ClassName."&List");
else
$result['error'] = mysql_error();
}
$row = $this->Table->GetRowById($_GET['user_id']);
$row['user_access'] = unserialize($row['user_access']);
$row['user_access_json'] = json_encode($row['user_access']);
$smarty->assign('oper', 'edit');
$smarty->assign('row', $row);
$result['Title'] = "Редактирование пользователя";
$result['Content'] = $smarty->fetch('user-edit.tpl');
return $result;
}
if (isset($_GET['List']))
{
$fields = array("user_id", "user_login", "user_surname", "user_name", "user_date_lastaccess", "user_ip");
$captions = array("ID", $ALANG['Users_user_login'], $ALANG['Users_user_surname'], $ALANG['Users_user_name'], $ALANG['Users_user_date_of_last_access'], "IP");
$conditions = 0;
$order = "user_id ASC";
$links = array("checkbox", "delete", "edit");
$multiple = array("delete");
$params = array("id" => "users");
$html = $this->Table->GetAdminTable($fields, $captions, $conditions, $order, $links, $multiple, $params);
$result['Title'] = $AMCMS_Admin_Lang['UsersList'];
$result['Content'] = $html;
return $result;
}
if (isset($_GET['ModuleOptions']))
{
$smarty->assign('oper', 'save');
if (isset($_POST['save']))
{
foreach($_POST['Params'] as $key => $value)
{
if (isset($value['all']))
{
if (!is_array($value['all']))
SetParam($key, $value['all'], 'all');
else
SetParam($key, serialize($value['all']), 'all');
}
foreach($_LANG_ID as $lang)
{
if (isset($value[$lang]))
{
if (!is_array($value['all']))
SetParam($key, $value[$lang], $lang);
else
SetParam($key, serialize($value[$lang]), $lang);
}
}
}
}
$result['Title'] = $AMCMS_Admin_Lang['UserModuleOptions'];
$result['Content'] = $smarty->fetch('user-module-options.tpl');
return $result;
}
/* if (isset($_GET['edit']) && isset($_GET['user_id']))
{
$row = $this->Table->GetRowById($_GET['user_id']);
foreach($row as $key => $value)
$smarty->assign($key, $value);
$smarty->assign($key, $value);
$smarty->assign('oper', 'edit');
$smarty->assign('admin_languages', array('values' => array('ukr', 'rus'), 'captions' => array($AMCMS_Admin_Lang['LanguageNameUkr'], $AMCMS_Admin_Lang['LanguageNameRus'])));
$result['Title'] = $AMCMS_Admin_Lang['UserEdition'];
$result['Content'] = $smarty->fetch('user-edit.tpl');
return $result;
}*/
}
function GetCountOfNewMessages($user_id)
{
$sql = "SELECT COUNT(*) as count FROM AMCMS_users_messages WHERE (message_user_to = '{$user_id}') AND (message_read = 'N') AND (message_user_from_deleted = 'N')";
$res = mysql_query($sql);
$row = mysql_fetch_assoc($res);
return $row['count'];
}
function Panel()
{
global $ULANG, $ulang;
$smarty = GetUserSmarty($this->ClassName);
$html = "";
if (isset($_SESSION['user']))
{
$newmessages = $this->GetCountOfNewMessages($_SESSION['user']['user_id']);
if ($newmessages > 0)
$smarty->assign("newmessages", "(".$newmessages.")");
}
if (isset($_SESSION['user']))
$html = $smarty->fetch('user-profile-panel.tpl');
else
{
$html = $smarty->fetch('user-auth-panel.tpl');
$class = "mouse";
}
$navigator = new AMNavigator();
$navigator->AddLink($ULANG['UsersAuth'], "/user/login");
if (isset($_SESSION['user']))
$title = $ULANG['AMCMS_users']['YourProfile'];
else
$title = GetParam("ModuleUsersAuthPanel", $ulang);
$result[$this->ClassName] = array( 'Title' => $title,
'Content' => "$html",
'Module' => $this->ClassName,
'class' => $class);
// $result['UsersTopPanel'] = array('panelHtml' => "<div id=\"UsersTopPanel\">$top_html</div>");
return $result;
}
static function isonline(&$row)
{
// if ($row['user_id'] == 2)
// return $row;
$date_now = time();
$date_user = strtotime($row['user_date_lastaccess']);
$past_time = $date_now - $date_user;
$minutes = floor($past_time/60); // кол-во полных минут
if ($minutes <= 5)
$row["online"] = true;
return $row;
}
}
$Modules ['Users'] = new Users();
?>
|