function mod_edit()
{
if (!$this->haveAccessTo('users-edit')) {
return $this->showAccessDenied();
}
if (!($nRecordID = $this->input->id())) {
$this->adminRedirect(Errors::IMPOSSIBLE, 'listing');
}
$sTUID = func::GET('tuid');
if (!$this->checkTUID($sTUID, $nRecordID)) {
return $this->showAccessDenied();
}
$aData = array('admin' => 0);
#анализируем группы, в которые входит пользователь
$bUserSuperadmin = 0;
$aUserGroups = $this->getUserGroups($nRecordID);
foreach ($aUserGroups as $v) {
if ($v['group_id'] == self::GROUPID_SUPERADMIN) {
$bUserSuperadmin = 1;
}
if ($v['adminpanel'] == 1) {
$aData['admin'] = 1;
}
}
if (bff::$isPost) {
$this->input->postm(array('name' => TYPE_STR, 'email' => TYPE_STR, 'changepass' => TYPE_BOOL, 'password' => TYPE_STR, 'balance' => TYPE_NUM, 'skype' => TYPE_STR, 'email2' => TYPE_STR, 'phone' => TYPE_STR, 'group_id' => TYPE_ARRAY_INT, 'cat' => TYPE_ARRAY_UINT), $aData);
if (!$aData['admin']) {
//удаляем настройки предназначенные для админов
unset($aData['im_noreply']);
}
if (empty($aData['email'])) {
$this->errors->set('empty:email');
} elseif (!func::IsEmailAddress($aData['email'])) {
$this->errors->set('wrong:email');
}
if ($aData['changepass']) {
if (empty($aData['password'])) {
$this->errors->set('empty:password');
} else {
$aData['password'] = $this->security->getUserPasswordMD5($aData['password']);
}
} else {
unset($aData['password']);
}
// if($aData['city_id']<=0)
// $this->errors->set('wrong:city');
$aGroupID = $aData['group_id'];
$aData['email_hash'] = func::getEmailHash($aData['email']);
if ($this->isEmailExists($aData['email_hash'], $nRecordID)) {
$this->errors->set('email_exist');
}
if ($this->errors->no()) {
#update user data
unset($aData['changepass'], $aData['group_id']);
$aData['member'] = in_array(self::GROUPID_MEMBER, $aGroupID) ? 1 : 0;
$aData['cat'] = join(',', $aData['cat']);
$this->userUpdate($nRecordID, $aData);
$avatar = new CAvatar(TABLE_USERS, USERS_AVATAR_PATH, 'avatar', 'user_id');
$avatar->update($nRecordID, true, true);
#set user groups
if ($bUserSuperadmin && !in_array(self::GROUPID_SUPERADMIN, $aGroupID)) {
$aGroupID = array_merge($aGroupID, array(self::GROUPID_SUPERADMIN));
}
$this->assignUser2Groups($nRecordID, $aGroupID);
#обновляем, является ли юзер администратором
$bIsAdmin = 0;
if ($this->errors->no()) {
if ($bUserSuperadmin || in_array(self::GROUPID_MODERATOR, $aGroupID)) {
$bIsAdmin = 1;
} elseif (count($aGroupID) == 1 && current($aGroupID) == self::GROUPID_MEMBER) {
$bIsAdmin = 0;
} else {
$aUserGroups = $this->getUserGroups($nRecordID);
foreach ($aUserGroups as $v) {
if ($v['adminpanel'] == 1) {
$bIsAdmin = 1;
break;
}
}
}
if ($aData['admin'] != $bIsAdmin) {
$sQuery = ', im_noreply = 0';
$this->db->execute('UPDATE ' . TABLE_USERS . ' SET admin=' . $bIsAdmin . (!$bIsAdmin ? $sQuery : '') . ' WHERE user_id=' . $nRecordID);
}
}
#если пользователь редактирует собственные настройки
if ($this->security->isCurrentUser($nRecordID)) {
$this->security->expire();
}
$this->adminRedirect(Errors::SUCCESSFULL, (!func::GET('members') ? 'admin_' : '') . 'listing');
}
$aActiveGroupsID = $aGroupID;
} else {
$aActiveGroupsID = array();
for ($j = 0; $j < count($aUserGroups); $j++) {
$aActiveGroupsID[] = $aUserGroups[$j]['group_id'];
}
}
$aUserInfo = $this->db->one_array('SELECT U.*, C.title as city, R.region_id, R.title as region
FROM ' . TABLE_USERS . ' U
LEFT JOIN ' . TABLE_CITY . ' C ON U.city_id=C.city_id
LEFT JOIN ' . TABLE_REGION . ' R ON C.region_id=R.region_id
WHERE U.user_id=' . $nRecordID . ' LIMIT 1');
$aData = func::array_2_htmlspecialchars(array_merge($aUserInfo, $aData), null, true);
$aData['social_link'] = '';
if ($aData['social']) {
switch ($aData['social']) {
case 'vk':
$aData['social_link'] = 'http://vkontakte.ru/id' . $aData['vk_id'];
}
}
//assign groups
$exists_options = $active_options = '';
$aGroupsExlude = array(USERS_GROUPS_MEMBER);
if (!$bUserSuperadmin) {
$aGroupsExlude[] = USERS_GROUPS_SUPERADMIN;
}
$aGroups = $this->getGroups($aGroupsExlude);
for ($i = 0; $i < count($aGroups); $i++) {
if (in_array($aGroups[$i]['group_id'], $aActiveGroupsID)) {
$active_options .= '<option value="' . $aGroups[$i]['group_id'] . '" style="color:' . $aGroups[$i]['color'] . ';">' . $aGroups[$i]['title'] . '</option>';
} else {
$exists_options .= '<option value="' . $aGroups[$i]['group_id'] . '" style="color:' . $aGroups[$i]['color'] . ';">' . $aGroups[$i]['title'] . '</option>';
}
}
$this->tplAssignByRef('exists_options', $exists_options);
$this->tplAssignByRef('active_options', $active_options);
//$aData['city_options'] = bff::i()->Sites_geoCityOptions($aData['city_id'], 'edit');
$aData['cat'] = explode(',', $aData['cat']);
$this->tplAssign('aCategories', $this->getBBSCategories($aData['cat']));
$aData['superadmin'] = $bUserSuperadmin;
$aData['tuid'] = $sTUID;
$aData['edit'] = true;
$this->tplAssignByRef('aData', $aData);
return $this->tplFetch('admin.mod.form.tpl');
}
function ajax()
{
if (bff::$isAjax) {
switch (func::GETPOST('act')) {
case 'subscribe':
/*
* При подписке:
* - email выступает в дальнейшем в качестве логина
* - пароль генерируется автоматически
*/
$sName = $this->input->post('name', TYPE_NOHTML);
$sEmail = mb_strtolower($this->input->post('email', TYPE_NOHTML));
$response = '';
do {
if (empty($sEmail) || !func::IsEmailAddress($sEmail)) {
$response = 0;
break;
// некорректно указан email
}
$isSubscribed = $this->db->one_data('SELECT user_id FROM ' . TABLE_USERS . ' WHERE login='******'email' - для рассылки, 'login' - для авторизации
$nUserID = $this->userCreate(array('login' => $sEmail, 'email' => $sEmail, 'password' => $sPassword, 'name' => $sName, 'subscribed' => 1, 'ip_reg' => func::getRemoteAddress(true)), self::GROUPID_MEMBER);
if ($nUserID) {
$response = 1;
// успешно подписались
# высылаем письмо (ставим в очередь на рассылку)
CMail::SendQueue('subscribe', array('user_id' => $nUserID));
} else {
$response = 4;
// системная ошибка
}
} while (false);
$this->ajaxResponse(array('result' => $response));
break;
case 'enter':
if ($this->security->isLogined()) {
$this->ajaxResponse(array('result' => 'login-ok'));
}
$aData = $this->input->postm(array('email' => TYPE_STR, 'pass' => TYPE_STR, 'reg' => TYPE_BOOL));
if (!func::IsEmailAddress($aData['email'])) {
$this->errors->set('wrong:email');
break;
//email не корректный
}
if ($this->security->checkBan(false, func::getRemoteAddress(), $aData['email'], true)) {
$this->errors->set(Errors::ACCESSDENIED);
break;
//не прошли бан-фильтр
}
if ($aData['reg']) {
//регистрация
if (empty($aData['pass']) || strlen($aData['pass']) < 3) {
$this->errors->set('password_short');
break;
//пароль слишком короткий
}
$aData['email_hash'] = func::getEmailHash($aData['email']);
if ($this->isEmailExists($aData['email_hash'])) {
$this->errors->set('email_exist');
break;
//email уже занят
}
$this->getActivationInfo($sCode, $sLink);
$nUserID = $this->userCreate(array('login' => $aData['email'], 'email' => $aData['email'], 'email_hash' => $aData['email_hash'], 'password' => $aData['pass'], 'ip_reg' => Func::getRemoteAddress(true), 'activatekey' => $sCode, 'activated' => 0), self::GROUPID_MEMBER);
if ($nUserID) {
//$this->userAUTH($aData['email'], $aData['pass'], null, true);
$res = bff::sendMailTemplate(array('password' => $aData['pass'], 'email' => $aData['email'], 'activate_link' => "<a href=\"{$sLink}\">{$sLink}</a>"), 'member_registration', $aData['email']);
$this->ajaxResponse(array('result' => 'reg-ok'));
} else {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
} else {
//авторизация
$nResult = $this->userAUTH($aData['email'], $aData['pass'], null, true);
if ($nResult == 1) {
//$this->security->setRememberMe('u', $aData['email'], $aData['pass']);
bff::i()->Bbs_getFavorites(true);
$bReload = false;
if (!empty($_SERVER['HTTP_REFERER'])) {
if (stripos($_SERVER['HTTP_REFERER'], '/item/') !== FALSE || stripos($_SERVER['HTTP_REFERER'], '/items/fav') !== FALSE) {
$bReload = true;
}
}
$userMenu = $this->tplFetch('user.menu.tpl');
$this->ajaxResponse(array('result' => 'login-ok', 'usermenu' => $userMenu, 'reload' => $bReload));
} else {
$mResponse = null;
switch ($nResult) {
case 0:
$this->errors->set('email_or_pass_incorrect');
break;
case -3:
$this->errors->set('activate_first');
break;
//активируйте ваш аккаунт
//активируйте ваш аккаунт
case -2:
$this->errors->set(Errors::ACCESSDENIED);
break;
//удален
}
if (is_array($nResult)) {
if ($nResult['res'] == -1) {
$this->errors->set('Аккаунт заблокирован.' . (!empty($nResult['reason']) ? ' <br/><b>Причина:</b>' . nl2br($nResult['reason']) : ''));
}
}
}
}
break;
}
}
$this->ajaxResponse(null);
}
