protected function module_main()
{
//get menus from all plugins
$menu = (array) null;
$plugins = cls_orm::find('plugins', 'enable=1');
foreach ($plugins as $plugin) {
//now get all menus from plugins
if (method_exists($plugin->name, 'core_menu')) {
$plugin_menu = call_user_func(array($plugin->name, 'core_menu'));
foreach ($plugin_menu as $mnu) {
array_push($menu, $mnu);
}
}
}
//now $menu is 2d array with plugins menu
//show action
//check for that plugin is set
if (!isset($_GET['p'])) {
$_GET['p'] = 'core';
}
//check for that action is set
if (!isset($_GET['a'])) {
$_GET['a'] = 'default';
}
//now going to do action
$router = new cls_router($_GET['p'], $_GET['a']);
$plugin_content = $router->show_content(false);
$obj_users = new users();
$user_info = $obj_users->get_info();
$content = $this->module_load(array(_('Administrator:') . $plugin_content[0], $this->view_main($menu, $plugin_content[1], $user_info)));
return $content;
}
/**
* @param string $api_key API ключ UserEcho
* @param string $project_key Ключ UserEcho
* @param array $user_info
*
* @return SSO KEY
*/
public static function get_sso_token($api_key, $project_key, $user_info)
{
$sso_key = '';
if ($uid = get_uid(false)) {
$user = new users();
$user->GetUserByUID($uid);
$iv = str_shuffle('memoKomo1234QWER');
$message = array('guid' => $uid, 'expires_date' => gmdate('Y-m-d H:i:s', time() + 86400), 'display_name' => $user->login, 'email' => $user->email, 'locale' => 'ru', 'verified_email' => true);
// key hash, length = 16
$key_hash = substr(hash('sha1', $api_key . $project_key, true), 0, 16);
$message_json = json_encode(encodeCharset('CP1251', 'UTF-8', $message));
// double XOR first block message_json
for ($i = 0; $i < 16; ++$i) {
$message_json[$i] = $message_json[$i] ^ $iv[$i];
}
// fill tail of message_json by bytes equaled count empty bytes (to 16)
$pad = 16 - strlen($message_json) % 16;
$message_json = $message_json . str_repeat(chr($pad), $pad);
// encode json
$cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', 'cbc', '');
mcrypt_generic_init($cipher, $key_hash, $iv);
$encrypted_bytes = mcrypt_generic($cipher, $message_json);
mcrypt_generic_deinit($cipher);
// encode bytes to url safe string
$sso_key = urlencode(base64_encode($encrypted_bytes));
}
return $sso_key;
}
public function check()
{
$this->setView('reclaim/index');
if (Session::isLoggedIn()) {
return Error::set('You\'re logged in!');
}
$this->view['valid'] = true;
$this->view['publicKey'] = Config::get('recaptcha:publicKey');
if (empty($_POST['recaptcha_challenge_field']) || empty($_POST['recaptcha_response_field'])) {
return Error::set('We could not find the captcha validation fields!');
}
$recaptcha = Recaptcha::check($_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
if (is_string($recaptcha)) {
return Error::set(Recaptcha::$errors[$recaptcha]);
}
if (empty($_POST['username']) || empty($_POST['password'])) {
return Error::set('All forms are required.');
}
$reclaims = new reclaims(ConnectionFactory::get('mongo'));
$good = $reclaims->authenticate($_POST['username'], $_POST['password']);
if (!$good) {
return Error::set('Invalid username/password.');
}
$reclaims->import($_POST['username'], $_POST['password']);
$users = new users(ConnectionFactory::get('mongo'));
$users->authenticate($_POST['username'], $_POST['password']);
header('Location: ' . Url::format('/'));
}
function authenticate(\Slim\Route $route)
{
// Getting request headers
$headers = apache_request_headers();
$response = array();
$app = \Slim\Slim::getInstance();
// Verifying Authorization Header
if (isset($headers['Authorization'])) {
$db = new users();
// get the api key
$api_key = $headers['Authorization'];
// validating api key
if (!$db->isValidApiKey($api_key)) {
// api key is not present in users table
echo json_encode(array('error' => true, 'message' => 'Acceso Denegado. Api key Invalida'));
$app->stop();
} else {
global $user_id;
// get user primary key id
$user = $db->getUserId($api_key);
if ($user != NULL) {
$user_id = $user;
}
}
} else {
// api key is missing in header
echo json_encode(array('error' => true, 'message' => 'Falta Api key'));
$app->stop();
}
}
/**
* run - display template and edit data
*
* @access public
*/
public function run()
{
$tpl = new template();
$user = new users();
//Only admins
if ($user->isAdmin($_SESSION['userdata']['id'])) {
$msgKey = '';
if (isset($_POST['save']) === true) {
$values = array('name' => $_POST['name'], 'street' => $_POST['street'], 'zip' => $_POST['zip'], 'city' => $_POST['city'], 'state' => $_POST['state'], 'country' => $_POST['country'], 'phone' => $_POST['phone'], 'internet' => $_POST['internet'], 'email' => $_POST['email']);
if ($values['name'] !== '') {
if ($this->isClient($values) !== true) {
$this->addClient($values);
$tpl->setNotification('ADD_CLIENT_SUCCESS', 'success');
} else {
$tpl->setNotification('CLIENT_EXISTS', 'error');
}
} else {
$tpl->setNotification('NO_NAME', 'error');
}
$tpl->assign('values', $values);
}
$tpl->display('clients.newClient');
} else {
$tpl->display('general.error');
}
}
public function confirm($arguments)
{
if (Session::isLoggedIn()) {
return Error::set(self::ERR_LOGGED_IN);
}
if (empty($arguments[0])) {
return Error::set(self::ERR_NO_LOST_ID);
}
if (empty($arguments[1]) || $arguments[1] != 'auth' && $arguments[1] != 'password') {
return Error::set(self::ERR_INIVALID_MODE);
}
$passReset = new passwordReset(ConnectionFactory::get('redis'));
$info = $passReset->get($arguments[0], $arguments[1] == 'auth' ? true : false);
if (is_string($info)) {
return Error::set($info);
}
$users = new users(ConnectionFactory::get('mongo'));
if ($arguments[1] == 'auth') {
$users->changeAuth($info[1], true, false, false, false);
$this->view['password'] = false;
} else {
$password = $users->resetPassword($info[1]);
$this->view['password'] = $password;
}
}
/**
* Конструктор класса.
*
* @param string $sender Логин автора рассылки
*/
public function __construct($sender = 'admin')
{
$this->_sender = new users();
$this->_sender->GetUser($sender);
$this->_dbMaster = new DB('master');
$this->_dbProxy = new DB('plproxy');
}
function searchUser()
{
if (!isset($_REQUEST['st'])) {
//return error
echo '{"result":0,"message": "search did not work."}';
}
$txt = $_REQUEST['st'];
include "users.php";
$obj = new users();
if (!$obj->searchUsers($txt)) {
//return error
echo '{"result":0,"message": "search did not work."}';
return;
}
//at this point the search has been successful.
//generate the JSON message to echo to the browser
$row = $obj->fetch();
echo '{"result":1,"users":[';
//start of json object
while ($row) {
echo json_encode($row);
//convert the result array to json object
$row = $obj->fetch();
if ($row) {
echo ",";
//if there are more rows, add comma
}
}
echo "]}";
//end of json array and object
}
public function run()
{
$tpl = new template();
$id = (int) $_GET['id'];
$users = new users();
$clients = new clients();
if ($id && $id > 0) {
$lead = $this->getLead($id);
$contact = $this->getLeadContact($id);
$values = array('user' => $contact['email'], 'password' => '', 'firstname' => '', 'lastname' => '', 'phone' => $contact['phone'], 'role' => 3, 'clientId' => $lead['clientId']);
if (isset($_POST['save'])) {
if (isset($_POST['user']) && isset($_POST['firstname']) && isset($_POST['lastname'])) {
$hasher = new PasswordHash(8, TRUE);
$values = array('user' => $_POST['user'], 'password' => $hasher->HashPassword($_POST['password']), 'firstname' => $_POST['firstname'], 'lastname' => $_POST['lastname'], 'phone' => $_POST['phone'], 'role' => $_POST['role'], 'clientId' => $_POST['clientId']);
if ($users->usernameExist($values['user']) !== true) {
$users->addUser($values);
$tpl->setNotification('USER_CREATED', 'success');
} else {
$tpl->setNotification('USERNAME_EXISTS', 'error');
}
} else {
$tpl->setNotification('MISSING_FIELDS', 'error');
}
}
$tpl->assign('values', $values);
$tpl->assign('clients', $clients->getAll());
$tpl->assign('roles', $users->getRoles());
$tpl->display('leads.convertToUser');
} else {
$tpl->display('general.error');
}
}
public static function handler($data = null)
{
if (isset($_SESSION['done_autoauth'])) {
return;
}
if (empty($_SERVER['SSL_CLIENT_RAW_CERT'])) {
return self::done();
}
if (Session::isLoggedIn()) {
return self::done();
}
$certs = new certs(ConnectionFactory::get('mongo'), ConnectionFactory::get('redis'));
$userId = $certs->check($_SERVER['SSL_CLIENT_RAW_CERT']);
if ($userId == NULL) {
return self::done();
}
$users = new users(ConnectionFactory::get('mongo'));
$user = $users->get($userId, false);
if (empty($user)) {
return;
}
if (!in_array('autoauth', $user['auths'])) {
return self::done();
}
if ($user['status'] == users::ACCT_LOCKED) {
return self::done();
}
Session::setBatchVars($user);
return self::done();
}
function pay_place_top($catalog = 0, $caruselTop)
{
global $DB, $session;
if ($catalog == 0) {
$yaM = "yaCounter6051055.reachGoal('main_carousel_ref');";
} else {
$yaM = "yaCounter6051055.reachGoal('cat_carousel_ref');";
}
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/pay_place.php';
$payPlace = new pay_place($catalog);
$ppAds = $payPlace->getUserPlaceNew();
if (is_array($ppAds)) {
foreach ($ppAds as $ppAd) {
$pp_uids[] = $ppAd['uid'];
}
$pp_uids = array_unique($pp_uids);
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/users.php';
$usrs = new users();
$pp_result = $usrs->getUsers('uid IN (' . implode(',', array_values($pp_uids)) . ')');
foreach ($pp_result as $k => $v) {
$toppay_usr[$v['uid']] = $v;
}
$pp_h = $payPlace->getAllInfo($pp_uids);
}
$not_load_info = true;
ob_start();
include $_SERVER['DOCUMENT_ROOT'] . '/templates/pay_place.php';
$html = antispam(str_replace(array("\r", "\n"), '', ob_get_clean()));
$aRes['success'] = true;
$aRes['html'] = iconv('windows-1251', 'UTF-8', $html);
echo json_encode($aRes);
}
public function get_profile()
{
$id = $_GET['id'];
$user = new users();
$res = $user->find($id);
echo json_encode($res);
}
function getClassList($classID)
{
//print "classID: $classID";
$users = new users();
$classList = $users->getClassList($classID, false);
$users->close();
//print_r($classList);
return $classList;
}
public function getModules($id)
{
$users = new users();
$modules = $this->userModules;
if ($users->isAdmin($id)) {
$modules = $this->adminModules;
}
return $modules;
}
/**
* Больше не показывать это сообщение.
*/
function SafetyPhoneNever()
{
session_start();
$aRes = array('success' => false);
if (isset($_SESSION['uid'])) {
$users = new users();
$aRes['success'] = $users->setSafetyPhoneHide($_SESSION['uid']);
}
echo json_encode($aRes);
}
public function run()
{
$uid = get_uid(false);
if ($uid = get_uid(false)) {
$user = new users();
$user->GetUser($_SESSION['login']);
} else {
$user = null;
}
$this->render('t-service-catalog-promo', array('user' => $user));
}
public function login_now()
{
$this->use->use_lib('site/sessions');
$session = new sessions();
if ($session->get_login_admin()) {
$this->index();
} else {
$this->use->use_lib('admin/users');
$students = new users();
echo $students->find_users_login();
}
}
/**
* Import an account.
*
* @param string $username The username to use.
* @param string $password The password to use.
*/
public function import($username, $password)
{
$data = $this->get($username);
$this->db->remove(array('username' => $this->clean($username)));
$users = new users(ConnectionFactory::get('mongo'));
$id = $users->create($username, $password, $data['email'], $data['hideEmail'], $this->groups[$data['mgroup']], true);
$newRef = MongoDBRef::create('users', $id);
$oldRef = MongoDBRef::create('unimportedUsers', $data['_id']);
$this->mongo->news->update(array('user' => $oldRef), array('$set' => array('user' => $newRef)));
$this->mongo->articles->update(array('user' => $oldRef), array('$set' => array('user' => $newRef)));
self::ApcPurge('get', $data['_id']);
}
/**
* Добавляет сообщение в обратную связь и отсылает письмо в необходимый отдел.
*
* @param int $uid uid пользователя, если он авторизован
* @param string $login имя пользователя, если он не авторизован
* @param string $email email пользователя, если он не авторизован
* @param int $kind id отдела (1-общие вопросы, 2-ошибки на сайте, 3-финансовый вопрос, 4-лич.менеджер, 5-сбр)
* @param string $msg сообщение
* @param CFile $files прикрепленный файл
*
* @return string возможная ошибка
*/
public function Add($uid, $login, $email, $kind, $msg, $files, $additional = false)
{
global $DB;
mt_srand();
$uc = md5(microtime(1) . mt_rand());
$uc = substr($uc, 0, 6) . substr($uc, 12, 6);
$login = substr($login, 0, 64);
$uid = intval($uid);
$kind = intval($kind);
if (intval($uid)) {
$user = new users();
$user->GetUserByUID($uid);
$login = $user->login;
$email = $user->email;
}
$sql = 'INSERT INTO feedback
( uc, dept_id, user_id, user_login, email, question, request_time )
VALUES
( ?, ?, ?, ?, ?, ?, NOW() ) RETURNING id';
if (strtolower(mb_detect_encoding($login, array('utf-8'))) == 'utf-8') {
$login = iconv('UTF-8', 'WINDOWS-1251//IGNORE', $login);
}
$sId = $DB->val($sql, $uc, $kind, $uid, $login, $email, $msg);
if ($DB->error) {
return 'Ошибка при отправке сообщения (db)';
}
$mail = new smail();
if (count($files)) {
foreach ($files as $attach) {
$msg .= "\n\n=============================================\n";
$msg .= 'К этому письму прикреплен файл ' . WDCPREFIX . "/upload/about/feedback/{$attach->name}";
$msg .= "\n=============================================\n";
}
}
if ($kind == 2) {
$msg .= "\n\n=============================================\n";
$msg .= 'Дополнительная информация: браузер: ' . (!empty($additional['browser']) ? $additional['browser'] : 'N/A') . ' ОС: ' . (!empty($additional['os']) ? $additional['os'] : 'N/A');
$msg .= "\n=============================================\n";
}
$mail->FeedbackPost($login, $email, $kind, $msg, $uc, $sId);
// Пишем статистику ображений в feedback
$date = date('Y-m-d H:01:00');
$sql = 'SELECT date FROM stat_feedback WHERE date=? AND type=?';
$exist = $DB->val($sql, $date, $kind);
if ($exist) {
$sql = 'UPDATE stat_feedback SET count=count+1 WHERE date = ? AND type = ?';
} else {
$sql = 'INSERT INTO stat_feedback(date,type,count) VALUES( ?, ?, 1 )';
}
$DB->query($sql, $date, $kind);
return '';
}
function getUser()
{
include_once "users.php";
$user = new users();
$userid = $_REQUEST['userid'];
$row = $user->getUser($userid);
if ($row) {
echo '{"result":1,';
echo json_encode($row);
echo '}';
}
echo '{"result":0,"message":"User Not Found"}';
}
public function run()
{
$login = new login(session::getSID());
if ($login->logged_in() === true) {
$user = new users();
$profilePicture = $user->getProfilePicture($_SESSION['userdata']['id']);
$tpl = new template();
$tpl->assign("profilePicture", $profilePicture);
$tpl->assign("userName", $_SESSION['userdata']['name']);
$tpl->assign("userEmail", $_SESSION['userdata']['mail']);
$tpl->display("general.loginInfo");
}
}
/**
* Добавляет пользователя в список игнорирования.
*
* @param integer $user_id id пользователя, добавляющего другого в игнор-лист
* @param string $target_login логин пользователя, добаляемого в игнор-лист
*
* @return string пустая строка или сообщение об ошибке в случае неуспеха
*/
public function Add($user_id, $target_login)
{
global $usersNotBeIgnored;
if (empty($user_id) || empty($target_login) || in_array($target_login, $usersNotBeIgnored)) {
return false;
}
$user = new users();
$user->login = $target_login;
$target_id = $user->GetUid($error);
$DB = new DB();
$r = $DB->val('SELECT ignor_add(?i, ?i)', $user_id, $target_id);
return '';
}
public function login()
{
$username = $_POST['username'];
$password = $_POST['password'];
$auth = new users();
$user = $auth->verify($username, $password);
if ($user) {
$_SESSION['uid'] = $user->id;
$_SESSION['uname'] = $user->username;
echo $user->id;
return;
}
echo 0;
}
/**
* Выводит дерево комментариев. Используется здесь и в xajax/contest.server.php
* @param integer $pid id проекта
* @param string $name название проекта
* @param array $comments массив с деревом комментариев (подробнее в classes/contest.php)
* @param boolean $comm_blocked автор отключил возможность оставлять комментарии?
* @param boolean $project_end проект закрыт?
* @param integer $s_level уровень вложенности комментария
* @return string HTML с кнопками управления
*/
function comments($pid, $name, &$comments, $comm_blocked, $project_end, $s_level = 0)
{
global $stop_words, $contest, $project, $session;
static $level = 0;
$level = ($s_level ? $s_level : $level) + 1;
$html = '';
$set_branch_as_read = false;
for ($i = 0, $c = count($comments); $i < $c; $i++) {
if (($comments[$i]['is_banned'] || $comments[$i]['usr_banned'] || $comments[$i]['user_blocked'] === 't') && !hasPermissions('projects') && !$contest->is_owner) {
$msg = $msg2 = 'Ответ от заблокированного пользователя';
} else {
if (!trim($comments[$i]['deleted'])) {
$sMsg = $comments[$i]['moderator_status'] === '0' ? $stop_words->replace($comments[$i]['msg']) : $comments[$i]['msg'];
$msg = reformat($sMsg, 30, 0, 0, 1);
$msg2 = reformat($comments[$i]['msg'], 30, 0, 0, 1);
} else {
$msg2 = $msg = "Комментарий удален модератором";
if (hasPermissions("comments")) {
$moderator = '';
$moderatorData = new users();
$moderatorData->GetUserByUID($comments[$i]['deluser_id']);
if ($moderatorData->login) {
$moderator = ' ' . $moderatorData->login . ' (' . $moderatorData->uname . ' ' . $moderatorData->usurname . ') ';
}
$msg2 = $msg = $msg . " {$moderator}";
}
if ($comments[$i]['deluser_id'] == $comments[$i]['user_id']) {
$msg2 = $msg = "Комментарий удален автором";
} else {
if (trim($comments[$i]['deleted_reason']) && (hasPermissions("comments") || $comments[$i]['user_id'] == get_uid(false))) {
$msg2 = $msg = $msg . "<div style='color:#ff0000'>Причина: " . $comments[$i]['deleted_reason'] . "</div>";
}
}
}
}
$a_is_banned = ($comments[$i]['is_banned'] || $comments[$i]['usr_banned']) && hasPermissions('projects');
$html .= "\n\t\t\t<li class='thread' id='thread-{$comments[$i]['id']}'" . ($level >= 9 ? " style='margin-left: 0'" : "") . ">\n\t\t\t\t<a name='c-comment-{$comments[$i]['id']}'></a>\n\t\t\t\t<div class='comment-one" . ($comments[$i]['deleted'] || $comments[$i]['hidden'] ? " comment-deleted" : "") . "' id='comment-{$comments[$i]['id']}'>\n\t\t\t\t\t<div class='contest-ea'>" . view_avatar($comments[$i]['login'], $comments[$i]['photo'], 1) . "</div>\n\t\t\t\t\t<div class='comment-body'>\n\t\t\t\t\t\t<h3 class='username'>" . $session->view_online_status($comments[$i]['login']) . "\n\t\t\t\t\t\t\t<a href='/users/{$comments[$i]['login']}' class='" . (is_emp($comments[$i]['role']) ? 'employer-name' : 'freelancer-name') . "'>{$comments[$i]['uname']} {$comments[$i]['usurname']} [{$comments[$i]['login']}]</a> " . view_mark_user($comments[$i]) . " " . ($comments[$i]['completed_cnt'] > 0 ? '<a href="/promo/bezopasnaya-sdelka/" title="Пользователь работал через Безопасную Сделку" target="_blank"><span class="b-icon b-icon__shield b-icon_top_1"></span></a>' : '') . "\n\t\t\t\t\t\t\t<span>[" . dateFormat('d.m.Y | H:i', $comments[$i]['post_date']) . "]</span>\n\t\t\t\t\t\t\t<span id='comment-modified-{$comments[$i]['id']}'>" . ($comments[$i]['modified'] ? "[изменен " . dateFormat('d.m.Y | H:i', $comments[$i]['modified']) . "]" : ' ') . "</span>\n\t\t\t\t\t\t\t" . ($a_is_banned ? "<b style=\"color:#ff0000\">Пользователь забанен</b>" : "") . "\n\t\t\t\t\t\t</h3>\n\t\t\t\t\t\t" . ($_SESSION['uid'] && $comments[$i]['is_new'] ? "<p><img src='/images/mark-new.png' width='53' height='12' alt='новое' class='mark-new' /></p>" : "") . "\n\t\t\t\t\t\t<div id='comment-change-{$comments[$i]['id']}'>\n\t\t\t\t\t\t<p id='comment-msg-{$comments[$i]['id']}' " . ($a_is_banned ? "style='color:silver'" : "") . ".>" . $msg . "</p>\n\t\t\t\t\t\t<div id='comment-msg-original-{$comments[$i]['id']}' style='display:none'>" . $msg2 . "</div>\n\t\t\t\t\t\t<script type=\"text/javascript\">\n banned.addContext( 'p{$pid}c{$comments[$i]['id']}', 3, '" . HTTP_PREFIX . "{$_SERVER['HTTP_HOST']}" . getFriendlyURL("project", $pid) . "?comm={$comments[$i]['id']}#comment-{$comments[$i]['id']}', \"" . htmlspecialchars($name) . "\" );\n </script>\n\t\t\t\t\t\t<ul class='thread-options' id='comment-options-{$comments[$i]['id']}'>\n\t\t\t\t\t\t\t" . comment_options($pid, $comments[$i], $comm_blocked, $project_end, $level, $name) . "\n\t\t\t\t\t\t</ul>\n <div id='warnreason-" . $comments[$i]['id'] . "-" . $comments[$i]['user_id'] . "' style='display:none; padding: 0 0 5px 0px;'> </div>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t</div>\n\t\t\t\t</div>\n\t\t\t\t" . (empty($comments[$i]['comments']) ? '' : '<ul>' . comments($pid, $name, $comments[$i]['comments'], $comm_blocked, $project_end) . '</ul>') . "\n\t\t\t</li>\n\t\t";
if ($comments[$i]['is_new']) {
$set_branch_as_read = true;
}
}
if ($set_branch_as_read) {
$p = new projects();
$data = array("id" => $pid, "kind" => 7, "user_id" => $project["user_id"]);
$p->SetRead($data, get_uid(false), true);
}
--$level;
return $html;
}
function tservices_order_auth($email, $name, $surname, $options)
{
$objResponse =& new xajaxResponse();
$name = substr(strip_tags(trim(stripslashes($name))), 0, 21);
//Для регистрации
$surname = substr(strip_tags(trim(stripslashes($surname))), 0, 21);
//Для регистрации
$email = substr(strip_tags(trim(stripslashes($email))), 0, 64);
//Для регистрации и авторизации
$tu_id = intval(@$options['tu_id']);
$tservices = new tservices();
$tService = $tservices->getCard($tu_id);
if (!$tService) {
return $objResponse;
}
if (is_email($email)) {
//Забираем только нужные нам ключи
$options = array_intersect_key($options, array('extra' => '', 'is_express' => '', 'paytype' => ''));
//Проверка входных параметров
$is_valid_extra = !isset($options['extra']) || isset($options['extra']) && count(array_intersect(array_keys($tService['extra']), $options['extra'])) == count($options['extra']);
$is_valid_express = !isset($options['is_express']) || isset($options['is_express']) && $options['is_express'] == '1' && $tService['is_express'] == 't';
$is_valid_paytype = isset($options['paytype']) && in_array($options['paytype'], array('0', '1'));
if (!($is_valid_extra && $is_valid_express && $is_valid_paytype)) {
return $objResponse;
}
$tservices_auth_smail = new tservices_auth_smail();
$user = new users();
$user->GetUser($email, true, true);
//Проверяем на всякий случай там точно мыло совпало а то может логин
$is_email = $user->email == $email;
//Создаем хеш для ссылки активации
$code = TServiceOrderModel::model()->newOrderActivation(array('user_id' => $user->uid > 0 ? $user->uid : null, 'tu_id' => $tService['id'], 'uname' => !empty($name) ? $name : null, 'usurname' => !empty($surname) ? $surname : null, 'email' => $email, 'options' => $options));
// Пользователь найден, ведь у него есть email. А как еще проверить?
if ($user->uid > 0 && $is_email) {
if (is_emp($user->role)) {
$tservices_auth_smail->orderByOldUser($email, $tService, $code);
$objResponse->call('TServices_Order_Auth.showSuccess', 'На указанную вами почту отправлено письмо со ссылкой-подтверждением. Пожалуйста, перейдите по ней для завершения процесса заказа услуги.');
} else {
$objResponse->call('TServices_Order_Auth.showError', 'email', 'Данный e-mail принадлежит фрилансеру');
}
} else {
$tservices_auth_smail->orderByNewUser($email, $tService, $code);
$objResponse->call('TServices_Order_Auth.showSuccess', 'На указанную вами почту отправлено письмо со ссылкой-подтверждением. Пожалуйста, перейдите по ней для завершения процесса заказа услуги.');
}
} else {
$objResponse->call('TServices_Order_Auth.showError', 'email', 'Неверно указана почта');
}
return $objResponse;
}
function get_users()
{
$obj = new users();
$result = $obj->get_all_users();
if ($result) {
while ($row = $obj->fetch()) {
echo $row['username'];
echo "<br>";
echo $row['user_type'];
echo "<br>";
echo $row['permission'];
echo "<br>";
}
}
}
/**
* Файлы переписки в ЛС доступны участникам и админу.
*
* @param type $params
* @param CFile $file
*
* @return type
*/
protected function _contacts($params, CFile $file)
{
//нет необходимости так как в общей таблице
//$tableName = $file->getTableName();
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/users.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/messages.php';
$allow_download = false;
$users = new users();
$from_uid = $users->GetUid($error, $params['login']);
if ($from_uid > 0) {
$msgObj = new messages();
$allow_download = $msgObj->isFileExist($from_uid, $this->uid, $file->id);
}
return $allow_download;
}
function AddUser($login)
{
$objResponse = new xajaxResponse();
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/freelancer.php";
$user = new users();
$user->GetUser($login);
if ($user->login && !is_emp($user->role) && !$user->is_banned && $user->active == 't') {
$inner = "<table cellspacing=\"0\" cellpadding=\"0\" border=\"0\">\n<tr>\n\t<td width=\"60\">" . view_avatar($user->login, $user->photo) . "</td>\n\t<td valign=\"top\"><a href=\"/users/" . $user->login . "\" class=\"frlname11\" title=\"" . $user->uname . " " . $user->usurname . "\">" . $user->uname . " " . $user->usurname . " [" . $user->login . "]" . "</a> \n\t<a href=\"javascript:reload_form();\" class=\"blue\">изменить</a></td>\n</tr>\n</table>";
$objResponse->assign("usersel", "innerHTML", $inner);
$objResponse->script("document.getElementById('next').disabled = false;document.getElementById('login').value = '" . $login . "';");
} else {
$objResponse->script("reload_form();\n\t\t document.getElementById('usersel').innerHTML = document.getElementById('usersel').innerHTML + '" . ref_scr(view_error("Такого фрилансера не существует")) . "';\n\t\t document.getElementById('elogin').value = '" . $login . "';");
}
return $objResponse;
}
public function postlogin($data)
{
$user = new users('mvc', 'user');
$result = $user->where('roll', '=', $data["roll"]);
$row = $result->fetch_assoc();
if ($row !== null) {
if (strcmp($data["password"], $row["password"]) == 0) {
echo "welcome ", $row['name'];
} else {
echo "incorrect password";
}
} else {
echo 'user not registered';
}
}
/**
* Изменение логина юзера. Перед вызовом необходимо проинициализировать члены класса
* old_login, new_login, save_old.
*
* @param string $error возвращает сообщение об ошибке
*
* @return 0
*
* @see classes/db_access#Add($error, $return_id)
*/
public function Add(&$error)
{
global $DB;
require_once ABS_PATH . '/classes/users.php';
$user = new users();
$this->user_id = $user->GetUid($error, $this->old_login);
if (!$this->user_id) {
$error = 'Пользователь не найден!';
return 0;
}
$new_user = $user->GetUid($error, $this->new_login);
if ($new_user) {
$error = 'Логин занят!';
return 0;
}
if ($this->save_old) {
require_once ABS_PATH . '/classes/users_old.php';
require_once ABS_PATH . '/classes/account.php';
$account = new account();
$tr_id = $account->start_transaction($this->user_id);
$id = 0;
$error = $account->Buy($id, $tr_id, self::OP_CODE, $this->user_id, 'Изменеие логина', 'Изменение логина');
if ($error) {
return 0;
}
$this->operation_id = $id;
$users_old = new users_old();
$users_old->Add($this->old_login);
}
if (!$error) {
$aData = array('user_id' => '', 'old_login' => '', 'new_login' => '', 'save_old' => '', 'operation_id' => '');
foreach ($aData as $key => $val) {
$aData[$key] = $this->{$key};
}
$CFile = new CFile();
if (!$CFile->MoveDir($this->new_login, $this->old_login)) {
$error = "Директория не создана! {$this->new_login}, {$this->old_login}";
if ($this->operation_id) {
$account->Del($this->user_id, $this->operation_id);
}
} else {
$DB->insert('login_change', $aData);
$user->login = $this->new_login;
$user->Update($this->user_id, $res);
}
}
return 0;
}
