Ejemplo n.º 1
1
 /**
  * @return bffBase object
  */
 function init($isFrontend = true)
 {
     global $oDb, $oSm, $oSecurity;
     self::$isFrontend = $isFrontend;
     self::$isAjax = func::isAjaxRequest();
     self::$isPost = func::isPostMethod();
     if ($isFrontend) {
         define('TPL_PATH', PATH_BASE . 'tpl/main/');
         $oSm->template_dir = TPL_PATH;
     } else {
         define('TPL_PATH', PATH_BASE . 'tpl/main/admin/');
         define('THEME_URL', SITEURL . '/styles/default');
         //default admin theme!
         $oSm->template_dir = TPL_PATH;
     }
     spl_autoload_register(array('bffBase', 'autoload'));
     $oSecurity->checkExpired();
     if (!defined('THEME_URL')) {
         define('THEME_URL', SITEURL . '/styles/' . THEMES_DEFAULTTHEME_KEY);
     }
     $oSm->assign('theme_url', THEME_URL);
     $oSm->assign('class', self::$class = substr(strtolower(func::GETPOST('s')), 0, 30));
     $oSm->assign('event', self::$event = substr(strtolower(func::GETPOST('ev')), 0, 30));
     $oSm->assign_by_ref('tplJSIncludes', self::$includesJS);
     $oSm->assign_by_ref('tplCSSIncludes', self::$includesCSS);
     bff::initApp($isFrontend);
     return $this;
 }
Ejemplo n.º 2
0
 function user_ajax()
 {
     if (!($nRecordID = $this->input->id('rec', 'gp'))) {
         $this->ajaxResponse(Errors::IMPOSSIBLE);
     }
     if (func::isAjaxRequest(null)) {
         switch (Func::GETPOST('action')) {
             case 'avatar-delete':
                 if (!$this->haveAccessTo('users-edit')) {
                     $this->ajaxResponse(Errors::ACCESSDENIED);
                 }
                 $avatar = new CAvatar(TABLE_USERS, USERS_AVATAR_PATH, 'avatar', 'user_id');
                 $avatar->delete($nRecordID, true);
                 $this->ajaxResponse(Errors::SUCCESSFULL);
                 break;
             case 'user-info':
                 $aData = $this->db->one_array('SELECT U.*, C.title as city, R.region_id, R.title as region 
                                                 FROM ' . TABLE_USERS . ' U
                                                 LEFT JOIN ' . TABLE_CITY . ' C   ON U.city_id=C.city_id
                                                 LEFT JOIN ' . TABLE_REGION . ' R ON C.region_id=R.region_id
                                                WHERE U.user_id=' . $nRecordID . ' LIMIT 1');
                 $aData['tuid'] = $this->makeTUID($nRecordID);
                 $aData['sendmsg'] = 0;
                 //($this->security->isAdmin() || $aData['im_noreply'] == 0);
                 $this->tplAssignByRef('aData', $aData);
                 $this->adminCustomCenterArea();
                 $this->tplDisplay('admin.user.info.tpl');
                 exit;
                 break;
             case 'user-block':
                 if (!$this->haveAccessTo('users-edit') || $this->security->isCurrentUser($nRecordID)) {
                     $this->ajaxResponse(Errors::ACCESSDENIED);
                 }
                 $sReason = mb_strcut(Func::POSTGET('blocked_reason', true), 0, 300);
                 $nBlocked = Func::POSTGET('blocked') ? 1 : 0;
                 $this->db->execute('UPDATE ' . TABLE_USERS . ' 
                                SET blocked_reason = ' . $this->db->str2sql($sReason) . ',
                                    blocked = ' . $nBlocked . '
                                WHERE user_id = ' . $nRecordID);
                 $this->ajaxResponse(Errors::SUCCESSFULL);
                 break;
         }
     }
     $this->ajaxResponse(Errors::IMPOSSIBLE);
 }