function create()
{
if (!FORDEV) {
return $this->showAccessDenied();
}
$aData = $this->input->postm(array('title' => TYPE_STR, 'type' => TYPE_UINT, 'keyword' => TYPE_STR));
if (bff::$isPost) {
if (empty($aData['title'])) {
$this->errors->set(_t('services', 'Название услуги указано некорректно'));
}
if (empty($aData['keyword'])) {
$this->errors->set(_t('services', 'Keyword услуги указан некорректно'));
} else {
$aKeywordExists = $this->db->one_array('SELECT id, title FROM ' . TABLE_SERVICES . ' WHERE keyword = ' . $this->db->str2sql($aData['keyword']));
if (!empty($aKeywordExists)) {
$this->errors->set(_t('services', 'Указанный keyword уже используется услугой "[title]"', array('title' => $aKeywordExists['title'])));
}
}
if ($this->errors->no()) {
$aSettings = array();
$aSettings = serialize($aSettings);
$res = $this->db->execute('INSERT INTO ' . TABLE_SERVICES . ' (type, keyword, title, settings, enabled)
VALUES(' . $aData['type'] . ', :keyword, :title, :settings, 1)', array(':keyword' => $aData['keyword'], ':title' => $aData['title'], ':settings' => $aSettings));
$this->adminRedirect(!empty($res) ? Errors::SUCCESS : Errors::IMPOSSIBLE, 'settings');
}
$aData = func::array_2_htmlspecialchars($aData, array('title', 'keyword'));
}
return $this->tplFetchPHP($aData, 'admin.create.php');
}
function cities_edit()
{
if (!$this->haveAccessTo('cities')) {
return $this->showAccessDenied();
}
if (!($nRecordID = $this->input->id())) {
$this->adminRedirect(Errors::UNKNOWNRECORD, 'cities_listing_main');
}
$aData = $this->db->one_array('SELECT C.*, C.city_id as id, COUNT(U.user_id) as users
FROM ' . TABLE_CITY . ' C
LEFT JOIN ' . TABLE_USERS . ' U ON U.city_id = C.city_id
WHERE C.city_id=' . $nRecordID . '
GROUP BY C.city_id
LIMIT 1');
if (empty($aData)) {
$this->adminRedirect(Errors::IMPOSSIBLE, 'cities_listing_main');
}
if (func::isPostMethod()) {
$this->input->postm(array('region_id' => TYPE_UINT, 'ycoords' => TYPE_STR, 'enabled' => TYPE_BOOL, 'main' => TYPE_BOOL, 'title' => TYPE_STR, 'keyword' => TYPE_STR), $aData, array('title', 'keyword', 'region_id'));
if ($this->errors->no()) {
$this->db->execute('UPDATE ' . TABLE_CITY . ' SET
region_id = ' . $aData['region_id'] . ',
ycoords = ' . $this->db->str2sql($aData['ycoords']) . ',
title = ' . $this->db->str2sql($aData['title']) . ',
keyword = ' . $this->db->str2sql($aData['keyword']) . ',
main = ' . $aData['main'] . ',
enabled = ' . $aData['enabled'] . '
WHERE city_id = ' . $nRecordID . ' LIMIT 1');
$this->adminRedirect(Errors::SUCCESS, 'cities_listing_main');
}
func::array_2_htmlspecialchars($aData);
}
$aData['regions_options'] = $this->geoOblastOptions($aData['region_id']);
$aData['cregions'] = $this->db->select('SELECT R.*, COUNT(U.user_id) as users
FROM ' . TABLE_REGION . ' R
LEFT JOIN ' . TABLE_USERS . ' U ON R.region_id=U.region_id
WHERE R.city_id = ' . $nRecordID . '
GROUP BY R.region_id ORDER BY R.title');
$aData['edit'] = true;
$this->tplAssign('aData', $aData);
$this->adminCustomCenterArea();
$this->includeJS(array(GEO_YMAPS_JS . '&loadByRequire=1'), false, false);
return $this->tplFetch('admin.cities.form.tpl');
}
function edit()
{
if (!$this->haveAccessTo('edit')) {
return $this->showAccessDenied();
}
if (($nRecordID = Func::POSTGET('rec', false, true)) <= 0) {
$this->adminRedirect(Errors::IMPOSSIBLE);
}
$aData = array('pid_options' => '');
if (Func::isPostMethod()) {
$sMenuTitle = Func::POST('menu_title', true);
$sKeyword = Func::POST('keyword', true);
$sMetaKeywords = Func::POST('mkeywords', true);
$sMetaDescription = Func::POST('mdescription', true);
$sMenuTarget = Func::POST('menu_target');
if (!in_array($sMenuTarget, array('_self', '_blank'))) {
$sMenuTarget = '_self';
}
$sMenuLink = Func::POST('menu_link', true);
if (!$sMenuTitle || !trim($sMenuTitle)) {
$this->errors->set('empty:title');
}
if ($this->errors->no()) {
$sQuery = 'UPDATE ' . TABLE_SITEMAP . '
SET menu_title = ' . $this->db->str2sql($sMenuTitle) . ',
' . (FORDEV ? 'keyword = ' . $this->db->str2sql($sKeyword) . ', ' : '') . '
menu_link = ' . $this->db->str2sql($sMenuLink) . ',
menu_target=' . $this->db->str2sql($sMenuTarget) . ',
mkeywords = ' . $this->db->str2sql($sMetaKeywords) . ',
mdescription = ' . $this->db->str2sql($sMetaDescription) . '
WHERE node_id=' . $nRecordID;
$this->db->execute($sQuery);
$this->adminRedirect(Errors::SUCCESSFULL);
}
$aData = $_POST;
$aData['id'] = $nRecordID;
} else {
$sQuery = 'SELECT *
FROM ' . TABLE_SITEMAP_TREE . ' T,
' . TABLE_SITEMAP . ' I
WHERE T.id=' . $nRecordID . ' AND I.node_id = T.id';
$aData = $this->db->one_array($sQuery);
$aData = func::array_2_htmlspecialchars($aData);
}
$aParentsID = $this->tree_getNodeParentsID($aData['id']);
if (!empty($aParentsID)) {
$sQuery = 'SELECT menu_title
FROM ' . TABLE_SITEMAP_TREE . ' T,
' . TABLE_SITEMAP . ' I
WHERE id IN (' . implode(',', $aParentsID) . ') AND I.node_id = T.id
ORDER BY T.id';
$aData['pid_options'] = '' . ucwords(implode(' > ', $this->db->select_one_column($sQuery))) . '';
}
$this->tplAssign('aData', $aData);
$this->tplAssign('target_options', $this->getTargetsOptions($this->aTargets, $aData['menu_target']));
$this->tplAssign('rec', $nRecordID);
return $this->tplFetch('admin.edit.tpl');
}
function mod_edit()
{
if (!$this->haveAccessTo('users-edit')) {
return $this->showAccessDenied();
}
if (!($nRecordID = $this->input->id())) {
$this->adminRedirect(Errors::IMPOSSIBLE, 'listing');
}
$sTUID = func::GET('tuid');
if (!$this->checkTUID($sTUID, $nRecordID)) {
return $this->showAccessDenied();
}
$aData = array('admin' => 0);
#анализируем группы, в которые входит пользователь
$bUserSuperadmin = 0;
$aUserGroups = $this->getUserGroups($nRecordID);
foreach ($aUserGroups as $v) {
if ($v['group_id'] == self::GROUPID_SUPERADMIN) {
$bUserSuperadmin = 1;
}
if ($v['adminpanel'] == 1) {
$aData['admin'] = 1;
}
}
if (bff::$isPost) {
$this->input->postm(array('name' => TYPE_STR, 'email' => TYPE_STR, 'changepass' => TYPE_BOOL, 'password' => TYPE_STR, 'balance' => TYPE_NUM, 'skype' => TYPE_STR, 'email2' => TYPE_STR, 'phone' => TYPE_STR, 'group_id' => TYPE_ARRAY_INT, 'cat' => TYPE_ARRAY_UINT), $aData);
if (!$aData['admin']) {
//удаляем настройки предназначенные для админов
unset($aData['im_noreply']);
}
if (empty($aData['email'])) {
$this->errors->set('empty:email');
} elseif (!func::IsEmailAddress($aData['email'])) {
$this->errors->set('wrong:email');
}
if ($aData['changepass']) {
if (empty($aData['password'])) {
$this->errors->set('empty:password');
} else {
$aData['password'] = $this->security->getUserPasswordMD5($aData['password']);
}
} else {
unset($aData['password']);
}
// if($aData['city_id']<=0)
// $this->errors->set('wrong:city');
$aGroupID = $aData['group_id'];
$aData['email_hash'] = func::getEmailHash($aData['email']);
if ($this->isEmailExists($aData['email_hash'], $nRecordID)) {
$this->errors->set('email_exist');
}
if ($this->errors->no()) {
#update user data
unset($aData['changepass'], $aData['group_id']);
$aData['member'] = in_array(self::GROUPID_MEMBER, $aGroupID) ? 1 : 0;
$aData['cat'] = join(',', $aData['cat']);
$this->userUpdate($nRecordID, $aData);
$avatar = new CAvatar(TABLE_USERS, USERS_AVATAR_PATH, 'avatar', 'user_id');
$avatar->update($nRecordID, true, true);
#set user groups
if ($bUserSuperadmin && !in_array(self::GROUPID_SUPERADMIN, $aGroupID)) {
$aGroupID = array_merge($aGroupID, array(self::GROUPID_SUPERADMIN));
}
$this->assignUser2Groups($nRecordID, $aGroupID);
#обновляем, является ли юзер администратором
$bIsAdmin = 0;
if ($this->errors->no()) {
if ($bUserSuperadmin || in_array(self::GROUPID_MODERATOR, $aGroupID)) {
$bIsAdmin = 1;
} elseif (count($aGroupID) == 1 && current($aGroupID) == self::GROUPID_MEMBER) {
$bIsAdmin = 0;
} else {
$aUserGroups = $this->getUserGroups($nRecordID);
foreach ($aUserGroups as $v) {
if ($v['adminpanel'] == 1) {
$bIsAdmin = 1;
break;
}
}
}
if ($aData['admin'] != $bIsAdmin) {
$sQuery = ', im_noreply = 0';
$this->db->execute('UPDATE ' . TABLE_USERS . ' SET admin=' . $bIsAdmin . (!$bIsAdmin ? $sQuery : '') . ' WHERE user_id=' . $nRecordID);
}
}
#если пользователь редактирует собственные настройки
if ($this->security->isCurrentUser($nRecordID)) {
$this->security->expire();
}
$this->adminRedirect(Errors::SUCCESSFULL, (!func::GET('members') ? 'admin_' : '') . 'listing');
}
$aActiveGroupsID = $aGroupID;
} else {
$aActiveGroupsID = array();
for ($j = 0; $j < count($aUserGroups); $j++) {
$aActiveGroupsID[] = $aUserGroups[$j]['group_id'];
}
}
$aUserInfo = $this->db->one_array('SELECT U.*, C.title as city, R.region_id, R.title as region
FROM ' . TABLE_USERS . ' U
LEFT JOIN ' . TABLE_CITY . ' C ON U.city_id=C.city_id
LEFT JOIN ' . TABLE_REGION . ' R ON C.region_id=R.region_id
WHERE U.user_id=' . $nRecordID . ' LIMIT 1');
$aData = func::array_2_htmlspecialchars(array_merge($aUserInfo, $aData), null, true);
$aData['social_link'] = '';
if ($aData['social']) {
switch ($aData['social']) {
case 'vk':
$aData['social_link'] = 'http://vkontakte.ru/id' . $aData['vk_id'];
}
}
//assign groups
$exists_options = $active_options = '';
$aGroupsExlude = array(USERS_GROUPS_MEMBER);
if (!$bUserSuperadmin) {
$aGroupsExlude[] = USERS_GROUPS_SUPERADMIN;
}
$aGroups = $this->getGroups($aGroupsExlude);
for ($i = 0; $i < count($aGroups); $i++) {
if (in_array($aGroups[$i]['group_id'], $aActiveGroupsID)) {
$active_options .= '<option value="' . $aGroups[$i]['group_id'] . '" style="color:' . $aGroups[$i]['color'] . ';">' . $aGroups[$i]['title'] . '</option>';
} else {
$exists_options .= '<option value="' . $aGroups[$i]['group_id'] . '" style="color:' . $aGroups[$i]['color'] . ';">' . $aGroups[$i]['title'] . '</option>';
}
}
$this->tplAssignByRef('exists_options', $exists_options);
$this->tplAssignByRef('active_options', $active_options);
//$aData['city_options'] = bff::i()->Sites_geoCityOptions($aData['city_id'], 'edit');
$aData['cat'] = explode(',', $aData['cat']);
$this->tplAssign('aCategories', $this->getBBSCategories($aData['cat']));
$aData['superadmin'] = $bUserSuperadmin;
$aData['tuid'] = $sTUID;
$aData['edit'] = true;
$this->tplAssignByRef('aData', $aData);
return $this->tplFetch('admin.mod.form.tpl');
}
function categories_edit()
{
if (!$this->haveAccessTo('categories-edit')) {
return $this->showAccessDenied();
}
if (($nRecordID = func::GETPOST('rec', false, true)) <= 0) {
$this->adminRedirect(Errors::IMPOSSIBLE, 'categories_listing');
}
$aData = $this->db->one_array('SELECT id, title
FROM ' . TABLE_FAQ_CATEGORIES . '
WHERE id=' . $nRecordID . ' LIMIT 1');
if (!$aData) {
$this->adminRedirect(Errors::IMPOSSIBLE, 'categories_listing');
}
if (func::isPostMethod()) {
$aData['title'] = func::POST('title', true);
if (empty($aData['title'])) {
$this->errors->set('empty:title');
}
if ($this->errors->no()) {
$this->db->execute('UPDATE ' . TABLE_FAQ_CATEGORIES . '
SET title=' . $this->db->str2sql($aData['title']) . '
WHERE id=' . $nRecordID);
$this->adminRedirect(Errors::SUCCESSFULL, 'categories_listing');
}
}
$this->tplAssign('aData', func::array_2_htmlspecialchars($aData, array('title')));
return $this->tplFetch('admin.categories.form.tpl');
}
