$user_info['username'] = $row['username'];
$user_info['email'] = $row['email'];
$user_info['full_name'] = $row['full_name'];
$user_info['gender'] = $row['gender'];
$user_info['photo'] = $row['photo'];
$user_info['birthday'] = intval($row['birthday']);
$user_info['regdate'] = intval($row['regdate']);
$user_info['website'] = $row['website'];
$user_info['location'] = $row['location'];
$user_info['yim'] = $row['yim'];
$user_info['telephone'] = $row['telephone'];
$user_info['fax'] = $row['fax'];
$user_info['mobile'] = $row['mobile'];
$user_info['view_mail'] = intval($row['view_mail']);
$user_info['remember'] = intval($row['remember']);
$user_info['in_groups'] = nv_user_groups($row['in_groups']);
$user_info['current_login'] = intval($row['last_login']);
$user_info['last_login'] = intval($user['last_login']);
$user_info['current_agent'] = $row['last_agent'];
$user_info['last_agent'] = $user['last_agent'];
$user_info['current_ip'] = $row['last_ip'];
$user_info['last_ip'] = $user['last_ip'];
$user_info['current_openid'] = $row['last_openid'];
$user_info['last_openid'] = $user['last_openid'];
$user_info['st_login'] = !empty($row['password']) ? true : false;
$user_info['valid_question'] = (!empty($row['question']) and !empty($row['answer'])) ? true : false;
$user_info['current_mode'] = !empty($row['last_openid']) ? 2 : 1;
if (!empty($row['last_openid'])) {
$query2 = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "_openid` WHERE `opid`=" . $db->dbescape($row['last_openid']);
$result2 = $db->sql_query($query2);
$numrows2 = $db->sql_numrows($result2);
/**
* nv_admin_checkdata()
*
* @param mixed $adm_session_value
* @return
*/
function nv_admin_checkdata($adm_session_value)
{
global $db;
$admin_info = array();
$strlen = NV_CRYPT_SHA1 == 1 ? 40 : 32;
$array_admin = unserialize($adm_session_value);
if (isset($array_admin['admin_id']) and is_numeric($array_admin['admin_id']) and $array_admin['admin_id'] > 0 and isset($array_admin['checknum']) and preg_match("/^[a-z0-9]{" . $strlen . "}\$/", $array_admin['checknum'])) {
$query = "SELECT * FROM `" . NV_AUTHORS_GLOBALTABLE . "` WHERE `admin_id` = " . $array_admin['admin_id'] . " AND `lev`!=0 AND `is_suspend`=0";
$result = $db->sql_query($query);
$numrows = $db->sql_numrows($result);
if ($numrows != 1) {
return array();
}
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (strcasecmp($array_admin['checknum'], $row['check_num']) == 0 and isset($array_admin['current_agent']) and !empty($array_admin['current_agent']) and strcasecmp($array_admin['current_agent'], $row['last_agent']) == 0 and isset($array_admin['current_ip']) and !empty($array_admin['current_ip']) and strcasecmp($array_admin['current_ip'], $row['last_ip']) == 0 and isset($array_admin['current_login']) and !empty($array_admin['current_login']) and strcasecmp($array_admin['current_login'], intval($row['last_login'])) == 0) {
if (empty($row['files_level'])) {
$allow_files_type = array();
$allow_modify_files = $allow_create_subdirectories = $allow_modify_subdirectories = 0;
} else {
list($allow_files_type, $allow_modify_files, $allow_create_subdirectories, $allow_modify_subdirectories) = explode("|", $row['files_level']);
$allow_files_type = !empty($allow_files_type) ? explode(",", $allow_files_type) : array();
}
$admin_info['admin_id'] = intval($row['admin_id']);
$admin_info['level'] = intval($row['lev']);
$admin_info['position'] = $row['position'];
$admin_info['current_login'] = intval($row['last_login']);
$admin_info['last_login'] = intval($array_admin['last_login']);
$admin_info['current_agent'] = $row['last_agent'];
$admin_info['last_agent'] = $array_admin['last_agent'];
$admin_info['current_ip'] = $row['last_ip'];
$admin_info['last_ip'] = $array_admin['last_ip'];
$admin_info['editor'] = $row['editor'];
$admin_info['allow_files_type'] = $allow_files_type;
$admin_info['allow_modify_files'] = intval($allow_modify_files);
$admin_info['allow_create_subdirectories'] = intval($allow_create_subdirectories);
$admin_info['allow_modify_subdirectories'] = intval($allow_modify_subdirectories);
$query = "SELECT * FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `userid` = " . $admin_info['admin_id'] . " AND `active`='1'";
$result = $db->sql_query($query);
$numrows = $db->sql_numrows($result);
if ($numrows != 1) {
return array();
}
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
$admin_info['userid'] = $row['userid'];
$admin_info['username'] = $row['username'];
$admin_info['email'] = $row['email'];
$admin_info['full_name'] = $row['full_name'];
$admin_info['view_mail'] = intval($row['view_mail']);
$admin_info['regdate'] = intval($row['regdate']);
$admin_info['sig'] = $row['sig'];
$admin_info['gender'] = $row['gender'];
$admin_info['photo'] = $row['photo'];
$admin_info['birthday'] = intval($row['birthday']);
$admin_info['website'] = $row['website'];
$admin_info['location'] = $row['location'];
$admin_info['yim'] = $row['yim'];
$admin_info['telephone'] = $row['telephone'];
$admin_info['fax'] = $row['fax'];
$admin_info['mobile'] = $row['mobile'];
$admin_info['in_groups'] = nv_user_groups($row['in_groups']);
$admin_info['current_openid'] = '';
$admin_info['last_openid'] = $row['last_openid'];
$admin_info['st_login'] = !empty($row['password']) ? true : false;
$admin_info['valid_question'] = (!empty($row['question']) and !empty($row['answer'])) ? true : false;
$admin_info['current_mode'] = 3;
}
}
return $admin_info;
}
/**
* nv_admin_checkdata()
*
* @param mixed $adm_session_value
* @return
*/
function nv_admin_checkdata($adm_session_value)
{
global $db, $global_config, $db_config;
$array_admin = unserialize($adm_session_value);
if (!isset($array_admin['admin_id']) or !is_numeric($array_admin['admin_id']) or $array_admin['admin_id'] <= 0 or !isset($array_admin['checknum']) or !preg_match('/^[a-z0-9]{32}$/', $array_admin['checknum'])) {
return array();
}
$query = 'SELECT a.admin_id AS admin_id, a.lev AS lev, a.position AS position, a.check_num AS check_num, a.last_agent AS current_agent,
a.last_ip AS current_ip, a.last_login AS current_login, a.files_level AS files_level, a.editor AS editor, b.userid AS userid, b.group_id AS group_id,
b.username AS username, b.email AS email, b.first_name AS first_name, b.last_name AS last_name, b.view_mail AS view_mail, b.regdate AS regdate,
b.sig AS sig, b.gender AS gender, b.photo AS photo, b.birthday AS birthday, b.in_groups AS in_groups, b.last_openid AS last_openid,
b.password AS password, b.question AS question, b.answer AS answer, b.safemode AS safemode
FROM ' . NV_AUTHORS_GLOBALTABLE . ' a, ' . NV_USERS_GLOBALTABLE . ' b
WHERE a.admin_id = ' . $array_admin['admin_id'] . '
AND a.lev!=0
AND a.is_suspend=0
AND b.userid=a.admin_id
AND b.active=1';
$admin_info = $db->query($query)->fetch();
if (empty($admin_info)) {
return array();
}
if (strcasecmp($array_admin['checknum'], $admin_info['check_num']) != 0 or !isset($array_admin['current_agent']) or empty($array_admin['current_agent']) or strcasecmp($array_admin['current_agent'], $admin_info['current_agent']) != 0 or !isset($array_admin['current_ip']) or empty($array_admin['current_ip']) or strcasecmp($array_admin['current_ip'], $admin_info['current_ip']) != 0 or !isset($array_admin['current_login']) or empty($array_admin['current_login']) or strcasecmp($array_admin['current_login'], intval($admin_info['current_login'])) != 0) {
//current_login
return array();
}
if (empty($admin_info['files_level'])) {
$allow_files_type = array();
$allow_modify_files = $allow_create_subdirectories = $allow_modify_subdirectories = 0;
} else {
list($allow_files_type, $allow_modify_files, $allow_create_subdirectories, $allow_modify_subdirectories) = explode('|', $admin_info['files_level']);
$allow_files_type = !empty($allow_files_type) ? explode(',', $allow_files_type) : array();
$allow_files_type2 = array_values(array_intersect($allow_files_type, $global_config['file_allowed_ext']));
if ($allow_files_type != $allow_files_type2) {
$update = implode(',', $allow_files_type2);
$update .= '|' . $allow_modify_files . '|' . $allow_create_subdirectories . '|' . $allow_modify_subdirectories;
$sth = $db->prepare('UPDATE ' . NV_AUTHORS_GLOBALTABLE . ' SET files_level = :files_level WHERE admin_id=' . $array_admin['admin_id']);
$sth->bindParam(':files_level', $update, PDO::PARAM_STR);
$sth->execute();
}
$allow_files_type = $allow_files_type2;
}
$admin_info['level'] = $admin_info['lev'];
$admin_info['last_login'] = (int) $array_admin['last_login'];
$admin_info['last_agent'] = $array_admin['last_agent'];
$admin_info['last_ip'] = $array_admin['last_ip'];
$admin_info['allow_files_type'] = $allow_files_type;
$admin_info['allow_modify_files'] = intval($allow_modify_files);
$admin_info['allow_create_subdirectories'] = intval($allow_create_subdirectories);
$admin_info['allow_modify_subdirectories'] = intval($allow_modify_subdirectories);
if (empty($admin_info['first_name'])) {
$admin_info['first_name'] = $admin_info['username'];
}
$admin_info['in_groups'] = nv_user_groups($admin_info['in_groups']);
$admin_info['current_openid'] = '';
$admin_info['st_login'] = !empty($admin_info['password']) ? true : false;
$admin_info['valid_question'] = (!empty($admin_info['question']) and !empty($admin_info['answer'])) ? true : false;
$admin_info['current_mode'] = 5;
unset($admin_info['lev'], $admin_info['files_level'], $admin_info['password'], $admin_info['question'], $admin_info['answer'], $admin_info['check_num']);
return $admin_info;
}
/**
* nv_admin_checkdata()
*
* @param mixed $adm_session_value
* @return
*/
function nv_admin_checkdata($adm_session_value)
{
global $db, $global_config;
$strlen = NV_CRYPT_SHA1 == 1 ? 40 : 32;
$array_admin = unserialize($adm_session_value);
if (!isset($array_admin['admin_id']) or !is_numeric($array_admin['admin_id']) or $array_admin['admin_id'] <= 0 or !isset($array_admin['checknum']) or !preg_match("/^[a-z0-9]{" . $strlen . "}\$/", $array_admin['checknum'])) {
return array();
}
$query = "SELECT a.admin_id AS `admin_id`, a.lev AS `lev`, a.position AS `position`, a.check_num AS `check_num`, a.last_agent AS `current_agent`, \n a.last_ip AS `current_ip`, a.last_login AS `current_login`, a.files_level AS `files_level`, a.editor AS `editor`, b.userid AS `userid`, \n b.username AS `username`, b.email AS `email`, b.full_name AS `full_name`, b.view_mail AS `view_mail`, b.regdate AS `regdate`, \n b.sig AS `sig`, b.gender AS `gender`, b.photo AS `photo`, b.birthday AS `birthday`, b.website AS `website`, b.location AS `location`, \n b.yim AS `yim`, b.telephone AS `telephone`, b.fax AS `fax`, b.mobile AS `mobile`, b.in_groups AS `in_groups`, b.last_openid AS `last_openid`, \n b.password AS `password`, b.question AS `question`, b.answer AS `answer` \n FROM `" . NV_AUTHORS_GLOBALTABLE . "` a, `" . NV_USERS_GLOBALTABLE . "` b \n WHERE a.admin_id = " . $array_admin['admin_id'] . " \n AND a.lev!=0 \n AND a.is_suspend=0 \n AND b.userid=a.admin_id \n AND b.active=1 \n LIMIT 1";
$result = $db->sql_query($query);
if ($db->sql_numrows($result) != 1) {
return array();
}
$admin_info = $db->sql_fetch_assoc($result);
$db->sql_freeresult($result);
if (strcasecmp($array_admin['checknum'], $admin_info['check_num']) != 0 or !isset($array_admin['current_agent']) or empty($array_admin['current_agent']) or strcasecmp($array_admin['current_agent'], $admin_info['current_agent']) != 0 or !isset($array_admin['current_ip']) or empty($array_admin['current_ip']) or strcasecmp($array_admin['current_ip'], $admin_info['current_ip']) != 0 or !isset($array_admin['current_login']) or empty($array_admin['current_login']) or strcasecmp($array_admin['current_login'], intval($admin_info['current_login'])) != 0) {
//current_login
return array();
}
if (empty($admin_info['files_level'])) {
$allow_files_type = array();
$allow_modify_files = $allow_create_subdirectories = $allow_modify_subdirectories = 0;
} else {
list($allow_files_type, $allow_modify_files, $allow_create_subdirectories, $allow_modify_subdirectories) = explode("|", $admin_info['files_level']);
$allow_files_type = !empty($allow_files_type) ? explode(",", $allow_files_type) : array();
$allow_files_type2 = array_values(array_intersect($allow_files_type, $global_config['file_allowed_ext']));
if ($allow_files_type != $allow_files_type2) {
$update = implode(",", $allow_files_type2);
$update .= "|" . $allow_modify_files . "|" . $allow_create_subdirectories . "|" . $allow_modify_subdirectories;
$sql = "UPDATE `" . NV_AUTHORS_GLOBALTABLE . "` SET `files_level` = " . $db->dbescape($update) . " WHERE `admin_id`=" . $array_admin['admin_id'] . " LIMIT 1";
$db->sql_query($sql);
}
$allow_files_type = $allow_files_type2;
}
$admin_info['level'] = $admin_info['lev'];
$admin_info['last_login'] = (int) $array_admin['last_login'];
$admin_info['last_agent'] = $array_admin['last_agent'];
$admin_info['last_ip'] = $array_admin['last_ip'];
$admin_info['allow_files_type'] = $allow_files_type;
$admin_info['allow_modify_files'] = intval($allow_modify_files);
$admin_info['allow_create_subdirectories'] = intval($allow_create_subdirectories);
$admin_info['allow_modify_subdirectories'] = intval($allow_modify_subdirectories);
if (empty($admin_info['full_name'])) {
$admin_info['full_name'] = $admin_info['username'];
}
$admin_info['in_groups'] = nv_user_groups($admin_info['in_groups']);
$admin_info['current_openid'] = '';
$admin_info['st_login'] = !empty($admin_info['password']) ? true : false;
$admin_info['valid_question'] = (!empty($admin_info['question']) and !empty($admin_info['answer'])) ? true : false;
$admin_info['current_mode'] = 3;
unset($admin_info['lev'], $admin_info['files_level'], $admin_info['password'], $admin_info['question'], $admin_info['answer'], $admin_info['check_num']);
return $admin_info;
}
