/**
* Активирует аккаунт юзера по $code, возвращает логин и пароль пользователя.
*
* @param string $code Код активации
* @param string $login Возвращает логин пользователя
* @param string $pass Возвращает пароль пользователя
*
* @return integer 1 - активация прошла успешно, 0 - активация не прошла
*/
public function Activate($code, &$login, &$pass)
{
define('IS_USER_ACTION', 1);
/**
* Подлючаем файл для работы с пользователем.
*/
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/users.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/wizard/wizard_registration.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/wizard/step_employer.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/wizard/step_freelancer.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/smail.php';
global $DB;
$sql = 'SELECT user_id, login, passwd FROM activate_code LEFT JOIN users ON user_id=uid WHERE code = ?';
$res = $DB->query($sql, $code);
list($fid, $login, $pass) = pg_fetch_row($res);
if ($fid) {
$usr = new users();
$usr->active = 1;
$usr->Update($fid, $res);
$usr->GetUserByUID($fid);
// #0017513
if ($usr->role[0] == 1) {
$wiz_user = wizard::isUserWizard($fid, step_employer::STEP_REGISTRATION_CONFIRM, wizard_registration::REG_EMP_ID);
} else {
$wiz_user = wizard::isUserWizard($fid, step_freelancer::STEP_REGISTRATION_CONFIRM, wizard_registration::REG_FRL_ID);
}
$out = 1;
$this->Delete($fid);
if ($wiz_user['id'] > 0) {
$mail = new smail();
if ($usr->role[0] == 1) {
$mail->employerQuickStartGuide($fid);
} else {
$mail->freelancerQuickStartGuide($fid);
}
step_wizard::setStatusStepAdmin(step_wizard::STATUS_COMPLITED, $fid, $wiz_user['id']);
$role = $usr->role[0] == 1 ? wizard_registration::REG_EMP_ID : wizard_registration::REG_FRL_ID;
login($login, $pass, 0, true);
header('Location: /registration/activated.php?role=' . $role);
exit;
}
} else {
$out = 0;
}
return $out;
}
switch ($action) {
case 'activate':
$login = trim(stripslashes($_GET['login']));
if ($login) {
$error = users::SetActive($login);
}
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/users.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/wizard/wizard_registration.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/wizard/step_employer.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/wizard/step_freelancer.php';
$user = new users();
$user->GetUser($login);
if ($user->role[0] == 1) {
$wiz_user = wizard::isUserWizard($user->uid, step_employer::STEP_REGISTRATION_CONFIRM, wizard_registration::REG_EMP_ID);
} else {
$wiz_user = wizard::isUserWizard($user->uid, step_freelancer::STEP_REGISTRATION_CONFIRM, wizard_registration::REG_FRL_ID);
}
if ($wiz_user['id'] > 0) {
step_wizard::setStatusStepAdmin(step_wizard::STATUS_COMPLITED, $user->uid, $wiz_user['id']);
}
break;
/*case "delete":
$login = trim($_GET['login']);
if ($login) $error = users::DeleteUser(0, 0, $error, $login, hasPermissions('users'));
break;*/
/*case "delete":
$login = trim($_GET['login']);
if ($login) $error = users::DeleteUser(0, 0, $error, $login, hasPermissions('users'));
break;*/
case 'unwarn':
$login = trim(stripslashes($_GET['user']));
public function completeData($type_role = 1)
{
if ($this->isDisable()) {
header("Location: /wizard/registration/?step=1");
exit;
}
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/employer.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/freelancer.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/city.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/country.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/blogs.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/commune.php";
$themes_blogs = blogs::getRandomThemes(5);
$themes_commune = commune::getRandomCommunes(3);
$month = array('1' => 'января', '2' => 'февраля', '3' => 'марта', '4' => 'апреля', '5' => 'мая', '6' => 'июня', '7' => 'июля', '8' => 'августа', '9' => 'сентября', '10' => 'октября', '11' => 'ноября', '12' => 'декабря');
if ($type_role == step_wizard_registration::TYPE_WIZARD_EMP) {
$user = new employer();
$checkPRO = $this->checkWizardPRO(array(step_employer::OP_CODE_PRO));
$pro_emp = $checkPRO['id'] > 0 ? 1 : 0;
if ($pro_emp) {
$week_pro = round($checkPRO['ammount'] / 10);
}
} else {
$user = new freelancer();
$checkPRO = $this->checkWizardPRO(step_freelancer::getOperationCodePRO());
$pro_frl = $checkPRO['id'] > 0 ? 1 : 0;
if ($pro_frl) {
$op_code = $checkPRO['op_code'];
}
}
$user->GetUserByUID(wizard::getUserIDReg());
$info_for_reg = unserialize($user->info_for_reg);
$uname = $user->uname;
$usurname = $user->usurname;
$sex = $user->sex == 't' ? 1 : ($user->sex == 'f' ? 0 : -1);
$birthday = strtotime($user->birthday);
if ($birthday) {
$bday = date('d', $birthday);
$bmonth = (int) date('m', $birthday);
$bmonth_value = $month[$bmonth];
$byear = date('Y', $birthday);
} else {
$bday = '';
$bmonth = (int) date('m', $birthday);
$bmonth_value = $month[$bmonth];
$byear = '';
}
$city = $user->city;
if ($city) {
$city_value = city::GetCityName($city);
}
$country = $user->country;
if ($country) {
$country_value = country::GetCountryName($country);
}
if ($type_role == step_wizard_registration::TYPE_WIZARD_EMP) {
$company = $user->compname;
$about_company = $user->company;
$logo_name = $user->logo;
$dir = "users/" . substr($user->login, 0, 2) . "/" . $user->login . "/logo/";
$logo_path = WDCPREFIX . "/" . $dir . $user->logo;
}
$info['site'] = $this->loadMultiVal('site', 'site', $user);
$info['email'] = $this->loadMultiVal('second_email', 'email', $user);
$info['phone'] = $this->loadMultiVal('phone', 'phone', $user);
$info['icq'] = $this->loadMultiVal('icq', 'icq', $user);
$info['skype'] = $this->loadMultiVal('skype', 'skype', $user);
$info['jabber'] = $this->loadMultiVal('jabber', 'jabber', $user);
$info['lj'] = $this->loadMultiVal('ljuser', 'lj', $user);
$action = __paramInit('string', null, 'action');
if ($action == 'upd_info') {
$info_for_reg = $_POST['info_for_reg'];
if ($info_for_reg['email_0'] !== null) {
$info_for_reg['second_email'] = $info_for_reg['email_0'];
unset($info_for_reg['email_0']);
}
if ($info_for_reg['phone_0'] !== null) {
$info_for_reg['phone'] = $info_for_reg['phone_0'];
unset($info_for_reg['phone_0']);
}
if ($info_for_reg['site_0'] !== null) {
$info_for_reg['site'] = $info_for_reg['site_0'];
unset($info_for_reg['site_0']);
}
if ($info_for_reg['lj_0'] !== null) {
$info_for_reg['ljuser'] = $info_for_reg['lj_0'];
unset($info_for_reg['lj_0']);
}
if ($info_for_reg['jabber_0'] !== null) {
$info_for_reg['jabber'] = $info_for_reg['jabber_0'];
unset($info_for_reg['jabber_0']);
}
if ($info_for_reg['skype_0'] !== null) {
$info_for_reg['skype'] = $info_for_reg['skype_0'];
unset($info_for_reg['skype_0']);
}
if ($info_for_reg['icq_0'] !== null) {
$info_for_reg['icq'] = $info_for_reg['icq_0'];
unset($info_for_reg['icq_0']);
}
if ($info_for_reg['compname'] !== null) {
$info_for_reg['company'] = $info_for_reg['compname'];
unset($info_for_reg['compname']);
}
$info_for_reg = array_map('intval', $info_for_reg);
$user->info_for_reg = serialize($info_for_reg);
$uname = __paramInit('string', null, 'uname', null, 21);
$usurname = __paramInit('string', null, 'usurname', null, 21);
if ($uname == '') {
$error['uname'] = "Поле заполнено некорректно";
}
if ($usurname == '') {
$error['usurname'] = "Поле заполнено некорректно";
}
if (!preg_match("/^[-a-zA-Zа-яёА-ЯЁ]+\$/", $uname)) {
$error['uname'] = "Поле заполнено некорректно";
} else {
$user->uname = $uname;
}
if (!preg_match("/^[-a-zA-Zа-яёА-ЯЁ]+\$/", $usurname)) {
$error['usurname'] = "Поле заполнено некорректно";
} else {
$user->usurname = $usurname;
}
$sex = __paramInit('int', null, 'sex', 1);
// по умолчанию мужской пол
$user->sex = $sex == 1 ? 't' : 'f';
$bday = __paramInit('int', null, 'bday', null);
$bmonth = __paramInit('int', null, 'bmonth_db_id', 1);
$bmonth_value = __paramInit('string', null, 'bmonth');
$byear = __paramInit('int', null, 'byear', null);
if ($bday != null && $byear != null) {
if (!is_numeric($bday) || !is_numeric($byear) || !checkdate($bmonth, $bday, $byear) || $byear < 1945 || $byear > date('Y')) {
$error['birthday'] = "Поле заполнено некорректно";
} else {
$user->birthday = dateFormat("Y-m-d", $byear . "-" . $bmonth . "-" . $bday);
}
} else {
$user->birthday = "1910-01-01";
}
if (!$error['birthday'] && $user->birthday && date("Y", strtotime($user->birthday)) >= date("Y")) {
$error['birthday'] = "Поле заполнено некорректно";
}
$city = __paramInit('int', null, 'city_db_id', 0);
$city_value = __paramInit('string', null, 'city', false);
$country = __paramInit('int', null, 'country_db_id', 0);
$country_value = __paramInit('string', null, 'country', false);
if ($city == 0 && strlen($city_value) != 0) {
$error['city'] = 'Поле заполнено некорректно';
}
if ($country == 0 && strlen($country_value) != 0) {
$error['country'] = 'Поле заполнено некорректно';
}
$user->country = $country;
$user->city = $city;
$company = __paramInit('string', null, 'company') ? substr(__paramInit('string', null, 'company'), 0, 64) : '';
$about_company = __paramInit('string', null, 'about_company');
$user->compname = $company;
if (strlen($about_company) > 500) {
$error['company'] = "Количество знаков в тексте о компании превышает допустимое значение";
} else {
$user->company = $about_company;
}
$logo_id = __paramInit('int', null, 'logo_company');
$logo_name = __paramInit('string', null, 'logo_name');
if ($logo_name) {
$user->logo = $logo_name;
$user->Update(wizard::getUserIDReg(), $res);
}
$info['site'] = $this->initMultiVal('site');
$info['email'] = $this->initMultiVal('email');
$info['phone'] = $this->initMultiVal('phone');
$info['icq'] = $this->initMultiVal('icq');
$info['skype'] = $this->initMultiVal('skype');
$info['jabber'] = $this->initMultiVal('jabber');
$info['lj'] = $this->initMultiVal('lj');
if (!empty($info['site'])) {
foreach ($info['site'] as $i => $value) {
$name = 'site' . ($i != 0 ? "_{$i}" : "");
if (!url_validate(addhttp($value), true) && trimhttp($value) != '') {
$error[$name] = "Поле заполнено некорректно";
} else {
$user->{$name} = addhttp($value);
}
}
}
if (!empty($info['email'])) {
foreach ($info['email'] as $i => $value) {
if ($i == 0) {
$name_save = "second_email";
} else {
$name_save = "email_{$i}";
}
$name = 'email' . ($i != 0 ? "_{$i}" : "");
if (!is_email($value) && $value != '') {
$error[$name] = "Поле заполнено некорректно";
} else {
$user->{$name_save} = $value;
}
}
}
if (!empty($info['phone'])) {
foreach ($info['phone'] as $i => $value) {
$name = 'phone' . ($i != 0 ? "_{$i}" : "");
if (!preg_match("/^[-+0-9)( #]*\$/", $value)) {
$error[$name] = "Поле заполнено некорректно";
} else {
$user->{$name} = $value;
}
}
}
if (!empty($info['icq'])) {
foreach ($info['icq'] as $i => $value) {
$name = 'icq' . ($i != 0 ? "_{$i}" : "");
if (!preg_match("/^[-0-9\\s]*\$/", $value) && !is_email($value)) {
$error[$name] = "Поле заполнено некорректно";
} else {
$user->{$name} = $value;
}
}
}
if (!empty($info['skype'])) {
foreach ($info['skype'] as $i => $value) {
$name = 'skype' . ($i != 0 ? "_{$i}" : "");
$user->{$name} = $value;
}
}
if (!empty($info['jabber'])) {
foreach ($info['jabber'] as $i => $value) {
$name = 'jabber' . ($i != 0 ? "_{$i}" : "");
if (strlen($value) > 255) {
$error[$name] = "Количество знаков превышает допустимое значение";
} else {
$user->{$name} = $value;
}
}
}
if (!empty($info['lj'])) {
foreach ($info['lj'] as $i => $value) {
if ($i == 0) {
$name_save = "ljuser";
} else {
$name_save = "lj_{$i}";
}
$name = 'lj' . ($i != 0 ? "_{$i}" : "");
if (!preg_match("/^[a-zA-Z0-9_-]*\$/", $value)) {
$error[$name] = "Поле заполнено некорректно";
} else {
$user->{$name_save} = $value;
}
}
}
if ($type_role == step_wizard_registration::TYPE_WIZARD_EMP) {
$pro_emp = __paramInit('int', null, 'pro-emp', false);
if ($pro_emp) {
$week_pro = round(__paramInit('int', null, 'week_pro', 0));
}
} else {
$ammount = 0;
$pro_frl = __paramInit('int', null, 'pro-frl', false);
if ($pro_frl) {
$pro = __paramInit('string', null, 'pro', -1);
switch ($pro) {
case "1week":
$op_code = 76;
$ammount = 7;
break;
case "1":
$op_code = 48;
$ammount = 19;
break;
case "3":
$op_code = 49;
$ammount = 54;
break;
case "6":
$op_code = 50;
$ammount = 102;
break;
case "12":
$op_code = 51;
$ammount = 180;
break;
case "-1":
default:
$ammount = 0;
break;
}
}
}
if (!$error && wizard::getUserIDReg()) {
$error['save'] = $user->Update(wizard::getUserIDReg(), $res);
if (!$error['save']) {
if ($type_role == step_wizard_registration::TYPE_WIZARD_EMP) {
$ammount = $week_pro * 10;
if ($ammount > 0) {
$checkPRO = $this->checkWizardPRO(step_employer::OP_CODE_PRO);
if ($checkPRO['id'] > 0) {
$update = array("ammount" => $ammount);
wizard_billing::editPaidOption($update, $checkPRO['id']);
} else {
$insert = array("wiz_uid" => step_wizard::getWizardUserID(), "op_code" => step_employer::OP_CODE_PRO, "type" => 3, "ammount" => $ammount, "parent" => wizard::getUserIDReg());
wizard_billing::addPaidOption($insert);
}
} else {
$sql = "DELETE FROM wizard_billing WHERE wiz_uid = ? AND op_code = ?";
$this->_db->query($sql, step_wizard::getWizardUserID(), step_employer::OP_CODE_PRO);
}
} else {
// Чистим
$sql = "DELETE FROM wizard_billing WHERE wiz_uid = ? AND op_code IN (?l)";
$this->_db->query($sql, step_wizard::getWizardUserID(), step_freelancer::getOperationCodePRO());
if ($ammount > 0) {
$insert = array("wiz_uid" => step_wizard::getWizardUserID(), "op_code" => $op_code, "type" => 4, "ammount" => $ammount, "parent" => wizard::getUserIDReg());
wizard_billing::addPaidOption($insert);
}
}
$this->parent->setCompliteStep(true);
$this->parent->setNextStep($this->parent->getPosition() + 1);
header("Location: /wizard/registration/");
exit;
}
}
if ($logo_id > 0) {
$file = new CFile($logo_id);
$logo_path = WDCPREFIX . "/" . $file->path . $file->name;
}
}
include $_SERVER['DOCUMENT_ROOT'] . "/wizard/registration/steps/tpl.step.info.php";
}
/**
* Активирует пользователей.
*
* @param string $sUsers JSON строка с массивом UID пользователей
* @param int $nReload 1 - если нужно перезагрузить страницу
*
* @return object xajaxResponse
*/
function activateUser($sUsers = '', $nReload = 0)
{
session_start();
$objResponse = new xajaxResponse();
if (hasPermissions('users')) {
$aUsers = _jsonArray($sUsers);
if ($aUsers) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/users.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/wizard/wizard_registration.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/wizard/step_employer.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/wizard/step_freelancer.php';
foreach ($aUsers as $sUid) {
if (users::SetActiveByUid($sUid)) {
$user = new users();
$user->GetUserByUID($sUid);
if ($user->role[0] == 1) {
$wiz_user = wizard::isUserWizard($sUid, step_employer::STEP_REGISTRATION_CONFIRM, wizard_registration::REG_EMP_ID);
} else {
$wiz_user = wizard::isUserWizard($sUid, step_freelancer::STEP_REGISTRATION_CONFIRM, wizard_registration::REG_FRL_ID);
}
step_wizard::setStatusStepAdmin(step_wizard::STATUS_COMPLITED, $sUid, $wiz_user['id']);
$objResponse->script("\$('activate_{$sUid}').set('html','');");
}
}
$objResponse->script('adminLogCheckUsers(false)');
$objResponse->script('$("chk_all").checked=false;');
}
if ($nReload) {
$objResponse->script('window.location.reload(true)');
}
}
return $objResponse;
}
/**
* Создание отложенной платной опции на основе опции созданной в мастере
*
* @param type $option Данные опции созданной в мастере @see table - wizad_billing
* @return null|boolean
*/
public function createDraftAccountOperation($option)
{
global $DB;
switch ($option['op_code']) {
// Публикация конкурса
case 9:
case 106:
$descr = "Публикация конкурса";
$count = 1;
$op_type = 'contest';
$parent_id = $option['parent'];
$src_id = $str_option = null;
break;
// Платный проект/конкурс
// Платный проект/конкурс
case 53:
$step_emp = new step_employer();
$project = $step_emp->getProjectById($option['parent']);
$parent_id = $option['parent'];
if ($project['kind'] == 7) {
$title = "конкурс";
$op_type = 'contest';
} else {
$title = "проект";
$op_type = 'project';
}
$count = 1;
$src_id = $str_option = null;
$descr = "Платный {$title} / ";
switch ($option['option']) {
case step_employer::PROJECT_OPTION_TOP:
$str_option = 'top';
$count = $project['top_count'];
$descr .= "закрепление наверху на " . (int) $project['top_count'] . " " . ending($project['top_count'], "день", "дня", "дней");
break;
case step_employer::PROJECT_OPTION_COLOR:
$str_option = 'color';
$descr .= "подсветка фоном";
break;
case step_employer::PROJECT_OPTION_BOLD:
$str_option = 'bold';
$descr .= "жирный шрифт";
break;
case step_employer::PROJECT_OPTION_LOGO:
$str_option = 'logo';
$descr .= "логотип";
$src_id = $project['logo_id'];
break;
}
break;
// Покупка аккаунта ПРО
// Покупка аккаунта ПРО
case 48:
case 49:
case 50:
case 51:
case 76:
case 15:
$descr = "Аккаунт PRO";
$count = 1;
$src_id = $parent_id = $str_option = $op_type = null;
break;
// Покупка платных ответов
// Покупка платных ответов
case step_freelancer::OFFERS_OP_CODE:
$descr = "Покупка ответов на проекты (кол-во: {$option['option']})";
$count = $option['option'];
$src_id = $parent_id = $str_option = $op_type = null;
break;
}
$pay_options = array("uid" => wizard::getUserIDReg(), "op_code" => $option['op_code'], "op_type" => $op_type, "option" => $str_option, "parent_id" => $parent_id, "src_id" => $src_id, "op_count" => $count, "ammount" => $option['ammount'], "descr" => $descr, "comment" => $descr, "status" => null);
$id = $DB->insert("draft_account_operations", $pay_options, 'id');
if ($id) {
$this->draft[] = $id;
return $option['id'];
}
return false;
}
}
}
unset($_SESSION["requestedRole"]);
// если регистрация через мастер
if (!empty($_GET['m'])) {
$role = 0;
if (!empty($_GET['u'])) {
if ($_GET['u'] == 'frl') {
$role = wizard_registration::REG_FRL_ID;
}
if ($_GET['u'] == 'emp') {
$role = wizard_registration::REG_EMP_ID;
}
}
if ($role) {
$wizard = new wizard();
setcookie($wizard->getCookieName('uid') . $role, preg_replace('/[^a-z0-9]/', '', $_GET['m']), time() + 3600 * 24 * 180, '/', $GLOBALS['domain4cookie']);
if ($role == wizard_registration::REG_FRL_ID) {
setcookie($wizard->getCookieName('step') . $role, step_freelancer::STEP_REGISTRATION_CONFIRM, time() + 3600 * 24 * 180, '/', $GLOBALS['domain4cookie']);
}
if ($role == wizard_registration::REG_EMP_ID) {
setcookie($wizard->getCookieName('step') . $role, step_employer::STEP_REGISTRATION_CONFIRM, time() + 3600 * 24 * 180, '/', $GLOBALS['domain4cookie']);
}
}
}
$registration = new registration();
if ($registration->validActivateCode(__paramInit('string', 'code'))) {
$code = true;
$registration->listenerAction('activate_account');
} else {
$code = false;
/**
* Основной метод регистрации пользователей
* @param bool $is_preset Флаг, показывающий наличие подготовленных данных
* @return type
*/
public function actionRegistration($is_preset = false)
{
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/sbr_meta.php";
if (!$is_preset) {
$this->setFieldInfo('role', __paramInit('int', null, 'role'));
$this->setFieldInfo('login', trim(__paramInit('string', null, 'login')));
$this->setFieldInfo('email', trim(__paramInit('string', null, 'email')));
$this->setFieldInfo('subscr_news', trim(__paramInit('bool', null, 'subscribe')));
//$this->setFieldInfo('smscode', trim(__paramInit('string', null, 'smscode')));
//$this->setFieldInfo('phone', $_SESSION["reg_phone"]);
// пароль берем напрямую из $_POST, а то __paramInit режет спецсимволы (пароль хешируется - SQL инъекция невозможна)
$this->setFieldInfo('password', stripslashes($_POST['password']));
$this->checkedFields();
session_start();
$this->setFieldInfo('captchanum', __paramInit('string', null, 'captchanum'));
$num = __paramInit('string', null, 'rndnum');
if (!$_SESSION["regform_captcha_entered"]) {
$_SESSION['reg_captcha_num'] = $this->captchanum;
$captcha = new captcha($this->captchanum);
if (!$captcha->checkNumber($num)) {
$this->error['captcha'] = 'Неверный код. Попробуйте еще раз';
$this->is_validate = false;
unset($_SESSION['reg_captcha_num']);
}
}
}
//if ( (is_release() || $_SESSION["reg_phone"] != 71111112222) && sbr_meta::findSafetyPhone($_SESSION["reg_phone"], __paramInit('string', null, 'role') == 2 ? 'emp' : 'frl') ) {
// $this->error['phone'] = 'Пользователь с таким номером уже зарегистрирован';
// $this->is_validate = false;
// unset($_SESSION['reg_captcha_num']);
//}
if ($this->is_validate) {
//unset($_SESSION['smsIsRequested']);
if ($this->role == self::ROLE_FREELANCER) {
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/freelancer.php";
$newuser = new freelancer();
$newuser->role = 0;
} else {
if ($this->role == self::ROLE_EMPLOYER) {
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/employer.php";
$newuser = new employer();
$newuser->role = 1;
}
}
$newuser->login = substr($this->login, 0, 15);
$newuser->email = substr($this->email, 0, 64);
$newuser->passwd = substr($this->password, 0, 24);
$newuser->subscr = '1111111' . (int) $this->subscr_news . '11111111';
$newuser->uid = $newuser->Create($rerror, $error);
if ($newuser->uid && !$error) {
$ok = $this->completedRegistration($newuser);
if ($ok) {
//require_once $_SERVER['DOCUMENT_ROOT']."/classes/sms_gate.php";
//$phone = '+' . preg_replace("#^\+#", "", $_SESSION["reg_phone"]);
unset($_SESSION["regform_captcha_entered"]);
unset($_SESSION["login_generated"]);
$tu_ref_uri = @$_SESSION['tu_ref_uri'];
//unset($_SESSION["reg_phone"]);
//unset($_SESSION['send_sms_time']);
//sms_gate::saveSmsInfo($phone, $_SESSION["reg_sms_isnn"], $_SESSION["smsCode"], $_SESION["reg_sms_date_send"], $newuser->uid);
$_SESSION['email'] = $newuser->email;
$_SESSION['rrole'] = $this->role;
// Если пришли сюда регистрироватся то после нажатия кнопки регистрации удаляем куки регистрации иначе после активации нас перекинет на мастер
$wizard = new wizard();
$wizard->clearCookiesById($newuser->role == 1 ? 1 : 2);
// В зависимоти от того кого регистрируем
// На всякий случай при новой регистрации удаляем переменную проверки
self::resetCheckAccess();
$_user_action = isset($_REQUEST['user_action']) && $_REQUEST['user_action'] ? substr(htmlspecialchars($_REQUEST['user_action']), 0, 25) : '';
$_user_action = trim($_user_action);
login($newuser->login, users::hashPasswd(trim(stripslashes($newuser->passwd))), 1, false);
if (is_emp($newuser->role)) {
$_SESSION['reg_role'] = 'Employer';
$ref_uri = isset($_SESSION['ref_uri'], $_SESSION['was_customer_wizard']) ? urldecode($_SESSION['ref_uri']) : null;
unset($_SESSION['was_customer_wizard']);
$redirect_to = $ref_uri ? $ref_uri : '/public/?step=1&kind=1';
//По умолчанию, при регистрации заказчика, перенаправляем его на публикацию проекта
if (strpos($_user_action, 'project_to_')) {
$login = str_replace('add_project_to_', '', $_user_action);
$redirect_to = '/public/?step=1&kind=9&exec=' . $login;
}
$redirect = __paramInit('link', NULL, 'redirect');
if ($redirect && !$ref_uri) {
$redirect_to = urldecode($redirect);
}
} else {
$_SESSION['reg_role'] = 'Freelancer';
$redirect_to = $redirect_to = "/registration/profession.php" . (!empty($user_action) ? "?user_action={$user_action}" : '');
//Очищаем чтобы далее небыло редиректа
//@todo: согласно https://beta.free-lance.ru/mantis/view.php?id=28862
$_user_action = '';
}
switch ($_user_action) {
case 'tu':
if ($tu_ref_uri) {
$redirect_to = HTTP_PFX . $_SERVER["HTTP_HOST"] . urldecode($tu_ref_uri);
}
break;
case 'new_tu':
if (!is_emp($newuser->role)) {
$redirect_to = HTTP_PFX . $_SERVER["HTTP_HOST"] . '/users/' . $newuser->login . '/tu/new/';
} else {
$redirect_to = HTTP_PFX . $_SERVER["HTTP_HOST"] . '/tu/';
}
break;
case 'promo_verification':
$redirect_to = '/promo/verification/';
break;
case 'buypro':
if (is_emp($newuser->role)) {
$redirect_to = '/payed-emp/';
} else {
$redirect_to = '/payed/';
}
break;
case 'add_order':
$url = __paramInit('link', NULL, 'redirect');
$redirect_to = HTTP_PFX . $_SERVER["HTTP_HOST"] . urldecode($url);
break;
}
if (!is_emp($newuser->role)) {
$_SESSION['activate_password'] = $newuser->passwd;
$_SESSION['subscr_news'] = (int) $this->subscr_news;
//Создаем новый экземпляр, т.к. нужно обновить только подписки
//Отписываем от всего, кроме личных сообщений
$freelancer = new freelancer();
$freelancer->UpdateSubscr($newuser->uid, 1, array(), 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, false, 0);
}
//Обработать действия по событию успешной регистрации
$this->afterSuccessRegistation($newuser);
if ($is_preset) {
return array('success' => true, 'user_id' => $newuser->uid, 'redirect' => $redirect_to);
} else {
header("Location: " . $redirect_to);
exit;
}
}
}
} else {
return $this->error;
}
}
/**
* Переносим ответы на проекты в работающие таблицы
*
* @param array $offers Ответы на проекты
* @return array
*/
public function transferOffers($offers)
{
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/projects_offers.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/contest.php";
foreach ($offers as $k => $offer) {
$pict1 = str_replace("sm_", "", $offer['pict1']);
$pict2 = str_replace("sm_", "", $offer['pict2']);
$pict3 = str_replace("sm_", "", $offer['pict3']);
// Переносим файлы в рабочие папки сайта
$files = $this->_db->rows("SELECT DISTINCT id FROM file_wizard WHERE fname IN (?l)", array($pict1, $pict2, $pict3));
if ($files) {
$dir = "users/" . substr($this->user->login, 0, 2) . "/" . $this->user->login . "/upload/";
$table = 'file';
$picts = $this->transferFiles($files, $table, $dir, false);
$sm_files = $this->_db->rows("SELECT DISTINCT id FROM file_wizard WHERE fname IN (?l)", array($offer['pict1'], $offer['pict2'], $offer['pict3']));
if ($sm_files) {
$sm_picts = $this->transferFiles($sm_files, $table, $dir, false);
}
}
if ($offer['kind'] != 7) {
$error = projects_offers::AddOffer(wizard::getUserIDReg(), $offer['project_id'], $offer['cost_from'], $offer['cost_to'], $offer['cost_currency'], $offer['time_from'], $offer['time_to'], $offer['time_type'], $offer['descr'], 0, 0, 0, null, null, null, null, null, null, $picts[0]['fname'], $picts[1]['fname'], $picts[2]['fname'], $sm_picts[0]['fname'], $sm_picts[1]['fname'], $sm_picts[2]['fname']);
} else {
// Пишем ответ на конкурс
$contest = new contest($offer['project_id'], wizard::getUserIDReg());
$error = $contest->CreateOffer($offer['descr'], implode('/', $files), false);
if ($picts && $contest->new_oid) {
$content_pict = array();
foreach ($picts as $k => $pict) {
$content_pict[] = array('uid' => wizard::getUserIDReg(), 'file' => $pict['id'], 'prev' => $sm_picts[$k]['id'], 'orig_name' => $pict['orig_name'], 'post_date' => date('Y-m-d H:i:s'));
}
$contest->addOfferFiles($contest->new_oid, $content_pict);
}
}
if (!$error) {
$delete_offers[] = $offer['id'];
} else {
$error_offer[] = $error . " - ответ на проект #{$offer['id']}";
}
unset($error);
}
// Очищаем перенесенные данные если нет ошибок если есть выводим
if ($error_offer) {
foreach ($error_offer as $error) {
$this->log->writeln("Error transfer offer content - user (" . wizard::getUserIDReg() . "|" . $this->getWizardUserID() . ") - Error: {$error}");
}
} else {
if ($delete_offers) {
$this->_db->query("DELETE FROM wizard_offers WHERE id IN (?l) AND wiz_uid = ?", $delete_offers, $this->getWizardUserID());
}
}
return $error_offer;
}
/**
* Создание отложенной платной опции на основе опции созданной в мастере.
*
* @param type $option Данные опции созданной в мастере @see table - wizad_billing
*
* @return null|bool
*/
public function createDraftAccountOperation($option)
{
global $DB;
switch ($option['op_code']) {
// Публикация конкурса
case 9:
case 106:
$descr = 'Публикация конкурса';
$count = 1;
$op_type = 'contest';
$parent_id = $option['parent'];
$src_id = $str_option = null;
break;
// Платный проект/конкурс
// Платный проект/конкурс
case 53:
$step_emp = new step_employer();
$project = $step_emp->getProjectById($option['parent']);
$parent_id = $option['parent'];
if ($project['kind'] == 7) {
$title = 'конкурс';
$op_type = 'contest';
} else {
$title = 'проект';
$op_type = 'project';
}
$count = 1;
$src_id = $str_option = null;
$descr = "Платный {$title} / ";
switch ($option['option']) {
case step_employer::PROJECT_OPTION_TOP:
$str_option = 'top';
$count = $project['top_count'];
$descr .= 'закрепление наверху на ' . (int) $project['top_count'] . ' ' . ending($project['top_count'], 'день', 'дня', 'дней');
break;
case step_employer::PROJECT_OPTION_COLOR:
$str_option = 'color';
$descr .= 'подсветка фоном';
break;
case step_employer::PROJECT_OPTION_BOLD:
$str_option = 'bold';
$descr .= 'жирный шрифт';
break;
case step_employer::PROJECT_OPTION_LOGO:
$str_option = 'logo';
$descr .= 'логотип';
$src_id = $project['logo_id'];
break;
}
break;
// Покупка аккаунта ПРО
// Покупка аккаунта ПРО
case 48:
case 49:
case 50:
case 51:
case 76:
case 15:
$descr = 'Аккаунт PRO';
$count = 1;
$src_id = $parent_id = $str_option = $op_type = null;
break;
// Покупка платных ответов
// Покупка платных ответов
case step_freelancer::OFFERS_OP_CODE:
$descr = "Покупка ответов на проекты (кол-во: {$option['option']})";
$count = $option['option'];
$src_id = $parent_id = $str_option = $op_type = null;
break;
}
$pay_options = array('uid' => wizard::getUserIDReg(), 'op_code' => $option['op_code'], 'op_type' => $op_type, 'option' => $str_option, 'parent_id' => $parent_id, 'src_id' => $src_id, 'op_count' => $count, 'ammount' => $option['ammount'], 'descr' => $descr, 'comment' => $descr, 'status' => null);
$id = $DB->insert('draft_account_operations', $pay_options, 'id');
if ($id) {
$this->draft[] = $id;
return $option['id'];
}
return false;
}
/**
* Аутентификация пользователя и заполнение его сессии необходимыми данными.
*
* @param string $login логин пользователя
* @param string $pwd пароль пользователя
* @param array ¶ms данные пользователя
* @param boolean $is_2fa_off принудительное откулючение 2х этапной проверки
*
* @return integer id сессии
*
* @global DB $DB
*/
public function Auth($login, $pwd, &$params, $is_2fa_off = false)
{
//////////////////////////////////////////////////////////
// Ахтунг! Изменение логики нужно отражать также в новом движке.
// Например, при добавлении новый полей в сессию, добавьте их в Web_Front::login()
//////////////////////////////////////////////////////////
global $DB;
$plogin = preg_replace('/[+ ()-]/', '', $login);
$phoneType = preg_replace("/\\D/", '', $plogin);
if ($phoneType == $plogin) {
$plogin = '******' . $plogin;
$sql = "SELECT user_id FROM sbr_reqv WHERE (_1_mob_phone = ? OR _2_mob_phone = ?) AND is_activate_mob = 't'";
$uids = $DB->rows($sql, $plogin, $plogin);
if ($uids) {
foreach ($uids as $u) {
$sql_uids .= $u['user_id'] . ',';
}
$sql_uids = preg_replace('/,$/', '', $sql_uids);
}
}
$sql = '
SELECT
u.email, u.role, u.uname, u.usurname, u.uid, u.is_banned, u.ban_where, u.active,
a.sum, a.bonus_sum,
u.login, u.anti_uid, u.is_pro_test, u.is_pro_new, u.is_chuck,
u.sex, u.settings, u.splash_show, u.is_verify,
u.reg_date, ac.code, u.photo, u.is_profi,
u.birthday
FROM users AS u
LEFT JOIN activate_code ac ON ac.user_id = u.uid
LEFT JOIN account AS a ON a.uid = u.uid
WHERE ((lower(u.login) = ? OR lower(u.email) = ?) AND u.passwd = ?) ' . ($sql_uids ? "OR ( u.uid IN ({$sql_uids}) AND u.passwd = ?)" : '');
$res = $DB->rows($sql, strtolower($login), mb_strtolower($login), $pwd, $pwd);
if ($res) {
$qres = $res;
$uvisits = array();
$n = 0;
foreach ($qres as $k => $v) {
$uvisits[$this->getLastVisit($v['uid']) . '-' . $n] = $k;
++$n;
}
asort($uvisits);
$res = $qres[array_pop($uvisits)];
}
$error .= $DB->error;
$first_login = $this->getLastVisit($res['uid']);
$ip = getRemoteIP();
/**
* Дополнительная проверка логина.
* Нужна для исправления паролей, содержащих
* теги (или похожие на теги последовательности).
*
* !!Убрать после следующей глобальной смены паролей.
*/
if (!$res) {
// попробуем убрать (0018079)
//$res = $this->FixPassword($sql, $login);
}
/**
* Определяем нужна ли 2хэтапная авторизация.
*/
if (!$is_2fa_off && count($res) && $first_login) {
//не первый вход
//если на 2ом этапе ввели другой аккаунт то направить
//обратно на 2ой этап и сообщить обэтом
if (isset($params['2fa_provider']['uid']) && $params['2fa_provider']['uid'] != $res['uid']) {
$is_login = $params['2fa_provider']['type'] == 0;
session::setFlashMessage($is_login ? self::TXT_AUTH_2FA_LOG_FAIL : self::TXT_AUTH_2FA_SOC_FAIL, '/auth/second/');
return self::AUTH_STATUS_2FA;
}
$is_opauth = defined('IS_OPAUTH');
if (!isset($params['2fa_provider']) || $params['2fa_provider']['type'] > 0 != $is_opauth) {
//несовпадают типы авторизаций на 2ом этапе
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/opauth/OpauthModel.php';
$opauthModel = new OpauthModel();
$is_2fa = $opauthModel->getMultilevel($res['uid']);
if (isset($is_2fa['type'])) {
//$is_2fa - авторизация через выбранную соцсеть
//0 - нужна обычная авторизация так как вход был выполнен через соцсеть
$params['2fa_provider'] = array('type' => !$is_opauth ? $is_2fa['type'] : 0, 'uid' => $res['uid'], 'login' => $res['login']);
//Сбрасываем авторизацию
$res = array();
//переходим ко 2ой стадии
return self::AUTH_STATUS_2FA;
}
}
}
//Более нам параметр этапов авторизации не нужен
unset($params['2fa_provider']);
/**
* Успешная авторизация.
*/
if (count($res)) {
list($email, $trole, $tname, $tsurname, $tid, $is_banned, $ban_where, $active, $sum, $bonus_sum, $log, $anti_uid, $is_pro_test, $is_pro_new, $is_chuck, $sex, $settings, $splash_show, $is_verify, $reg_date, $activate_code, $photo, $is_profi, $birthday) = array_values($res);
if ($activate_code != '' && $active == 't') {
$this->checkRegDate($tid, $reg_date);
}
if ($is_banned) {
return -1;
}
//if ($active=='f') return -2; //##0027983
if (!$this->CheckUserAllowIP($ip, $tid)) {
return -3;
}
$params['birthday'] = $birthday ? strtotime($birthday) : null;
$params['age'] = $params['birthday'] ? intval(ElapsedYears($params['birthday'])) : null;
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/permissions.php';
$params['permissions'] = permissions::getUserPermissions($tid);
$params['email'] = $email;
$params['role'] = $trole;
$params['name'] = $tname;
$params['surname'] = $tsurname;
$params['uid'] = $tid;
$params['user_ip'] = $ip;
$params['ac_sum'] = zin($sum);
$params['bn_sum'] = zin($bonus_sum);
$params['login'] = $log;
$params['is_pro_new'] = $is_pro_new;
$params['pro_test'] = $is_pro_test;
$params['is_chuck'] = $is_chuck;
$params['is_verify'] = $is_verify;
$params['sex'] = $sex;
$params['reg_date'] = $reg_date;
$params['photo'] = $photo;
if (!is_emp($trole)) {
$params['is_profi'] = $is_profi === 't';
}
if ($anti_uid) {
$anti_class = is_emp($trole) ? 'freelancer' : 'employer';
require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/{$anti_class}.php";
$anti = new $anti_class();
$anti->GetUserByUID($anti_uid);
$params['anti_uid'] = $anti->uid;
$params['anti_login'] = $anti->login;
$params['anti_surname'] = $anti->usurname;
$params['anti_name'] = $anti->uname;
}
if (!is_emp($params['role'])) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/projects_offers.php';
if ($po_summary = projects_offers::GetFrlOffersSummary($params['uid'])) {
$params['po_count'] = $po_summary['total'];
}
}
$sql = 'UPDATE users SET last_time = now(), last_ip = ?, is_active = true WHERE uid = ?i';
$res = $DB->query($sql, $ip, $tid);
$this->SaveLoginIPLog($tid, $ip);
$this->increaseLoginsCnt($tid);
// количество операций
$sQuery = 'SELECT COUNT(ao.id) FROM account_operations ao
INNER JOIN account a ON a.id = ao.billing_id WHERE a.uid = ?i AND (ao.ammount <> 0 OR ao.trs_sum <> 0)';
$params['account_operations'] = $DB->val($sQuery, $tid);
$params['question_button_hide'] = $settings[1];
// Показывать/скрывать кнопку "У вас есть вопрос?"
$params['promo_block_hide'] = $settings[2];
// показывать Блок "Быстрый доступ к основным функциям сайта"
$params['direct_external_links'] = $settings[3];
// Не показывать страницу "Переход по внешней ссылке" a.php
$params['sbr_slash_show'] = $settings[4] && $first_login < strtotime('2012-08-08');
// Показывать/скрыть СБР промо-слеш
$params['splash_show'] = $splash_show;
$params['chat'] = $settings[5];
$params['chat_sound'] = $settings[6];
// #0017182 > Вопрос можем ли мы вытащить эту настройку из кук пользователей и сохранить ее в базу?
if (empty($settings[3]) && $_COOKIE['direct_external_links'] == 1) {
$this->setDirectExternalLinks($tid, 1);
if ($anti_uid) {
$this->setDirectExternalLinks($anti_uid, 1);
}
setcookie('direct_external_links', '', time() - 60 * 60 * 24 * 365, '/');
setcookie('no_a_php', '1', time() + 60 * 60 * 24 * 365 * 2, '/');
}
//генерация куки для userecho
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/userecho.php';
setcookie('ue_sso_token', UserEcho::get_sso_token(USERECHO_API_KEY, USERECHO_PROJECT_KEY, array()), 0, '/', preg_replace('/^https?\\:\\/\\/(?:www\\.)?/', '.', 'fl.ru'));
// Первый заход, регистрация через мастер, мастер не закончен
if ($first_login == 0) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/wizard/wizard.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/wizard/wizard_registration.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/wizard/step_employer.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/wizard/step_freelancer.php';
if (is_emp($params['role'])) {
$wiz_user = wizard::isUserWizard($tid, step_employer::STEP_REGISTRATION_CONFIRM, wizard_registration::REG_EMP_ID);
} else {
$wiz_user = wizard::isUserWizard($tid, step_freelancer::STEP_REGISTRATION_CONFIRM, wizard_registration::REG_FRL_ID);
}
if ($wiz_user['id'] > 0) {
$role = is_emp($params['role']) ? wizard_registration::REG_EMP_ID : wizard_registration::REG_FRL_ID;
header('Location: /registration/activated.php?role=' . $role);
//header("Location: /wizard/registration/?role={$role}");
exit;
} elseif (!is_emp($params['role'])) {
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/payed.php';
$pro_last = payed::ProLast($_SESSION['login']);
$_SESSION['pro_last'] = $pro_last['is_freezed'] ? false : $pro_last['cnt'];
if ($_SESSION['pro_last'] && $_SESSION['is_pro_new'] != 't') {
payed::checkNewPro($id);
}
if ($pro_last['freeze_to']) {
$_SESSION['freeze_from'] = $pro_last['freeze_from'];
$_SESSION['freeze_to'] = $pro_last['freeze_to'];
$_SESSION['is_freezed'] = $pro_last['is_freezed'];
$_SESSION['payed_to'] = $pro_last['cnt'];
}
if ($_SESSION['anti_login']) {
$pro_last = payed::ProLast($_SESSION['anti_login']);
$_SESSION['anti_pro_last'] = $pro_last['freeze_to'] ? false : $pro_last['cnt'];
}
//отправляем письмо с инфой, как работать на сайте
/*
require_once($_SERVER['DOCUMENT_ROOT'] . "/classes/smail.php");
$mail = new smail();
if (is_emp()) {
$mail->employerQuickStartGuide(get_uid(false));
} else {
$mail->freelancerQuickStartGuide(get_uid(false));
}
*/
return $tid;
if (!defined('IN_API')) {
// для API мобильного приложения не нужно
header("Location: /users/{$login}/");
exit;
}
}
}
//-----------------------------------
} else {
$tid = 0;
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/annoy.php';
$annoy = new annoy();
$annoy->Add($ip);
}
return $tid;
}
/**
* Записываем определенный статус шагу мастера.
*
* @param int $status Статус @see self::STATUS_*
*
* @return bool
*/
public function setStatusStep($status)
{
if (!$this->action_id) {
return false;
}
return $this->_db->update('wizard_action', array('status' => $status, 'reg_uid' => wizard::getUserIDReg()), 'id = ?', $this->action_id);
}
<?php
if (!file_exists("config.php")) {
include_once "wizard.php";
$wizard = new wizard();
if ($wizard->go()) {
} else {
exit;
}
}
include_once "init_backend.php";
class init extends init_backend
{
function main()
{
$bUrl = new urls_backend();
$__dest = $bUrl->getGP("__itspDEST");
if ("/" . config::installpath != $_SERVER["REQUEST_URI"] && $__dest == "") {
header("HTTP/1.0 404 Not Found");
$__dest = "error";
} else {
if (!$__dest) {
$__dest = "frontpage";
}
}
include_once "{$__dest}" . ".php";
$s = new $__dest();
$s->main($this);
}
}
$_init = new init();
/**
* Инциализируем пути для перекидывания файлов.
*/
public function setPath()
{
require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/projects.php';
$user = new users();
$user->GetUserByUID(wizard::getUserIDReg());
$login = $user->login;
$cfile = new CFile();
$tmp_path = 'users/' . substr($login, 0, 2) . '/' . $login . '/';
$this->tmpAbsDir = $tmp_path . tmp_project::TMP_DIR . '/';
$month = date('Ym');
$this->dstAbsDir = 'projects/upload/' . $month . '/';
}
/**
* Записываем определенный статус шагу мастера
*
* @param integer $status Статус @see self::STATUS_*
* @return boolean
*/
public function setStatusStep($status)
{
if (!$this->action_id) {
return false;
}
return $this->_db->update("wizard_action", array("status" => $status, "reg_uid" => wizard::getUserIDReg()), "id = ?", $this->action_id);
}
