}
} else {
$RegistrationCode = md5(uniqid(rand()));
$IsChecked = $nc_core->get_settings('premoderation', 'auth') || $nc_core->get_settings('confirm', 'auth') ? 0 : 1;
$groups = explode(",", $nc_core->get_settings('group', 'auth'));
$mainGroup = intval(min((array) $groups));
// execute core action
$nc_core->event->execute("addUserPrep", 0);
$resMsg = $db->query("INSERT INTO `User`\n \t\t\t(" . $fieldString . "`Password`, `PermissionGroup_ID`, `Checked`, `Created`, `RegistrationCode`" . ($nc_core->get_settings('confirm', 'auth') ? ", `Confirmed`" : "") . ", Catalogue_ID)\n \t\t\tVALUES\n \t\t\t(" . $valueString . " " . $nc_core->MYSQL_ENCRYPT . "('" . $Password . "'), '" . $mainGroup . "', '" . $IsChecked . "', \"" . date("Y-m-d H:i:s") . "\", '" . $RegistrationCode . "'" . ($nc_core->get_settings('confirm', 'auth') ? ",'0'" : "") . ", " . $catalogue . ")");
$msgID = $db->insert_id;
// execute core action
$nc_core->event->execute("addUser", $msgID);
//add user to group
if ($msgID) {
foreach ((array) $groups as $group_id) {
nc_usergroup_add_to_group($msgID, $group_id);
}
}
$ConfirmationLink = "http://" . $HTTP_HOST . $SUB_FOLDER . $HTTP_ROOT_PATH . "modules/auth/confirm.php?id=" . $msgID . "&code=" . $RegistrationCode;
}
if (!$message) {
$message = $msgID;
}
if ($filetable_lastid) {
$resMsgArr = array();
foreach ($filetable_lastid as $id) {
$resMsgArr[] = $id;
}
if (!empty($resMsgArr)) {
$resMsg = $db->query("UPDATE `Filetable` SET `Message_ID` = '" . $message . "' WHERE ID IN (" . join(", ", $resMsgArr) . ")");
}
function ActionUserCompleted($action_file, $type)
{
global $nc_core, $db, $ROOT_FOLDER, $admin_mode, $perm;
global $systemTableID, $systemTableName, $systemMessageID;
global $FILES_FOLDER, $INCLUDE_FOLDER;
global $DIRCHMOD, $FILECHMOD, $AUTHORIZE_BY;
$params = array('Checked', 'InsideAdminAccess', 'PermissionGroupID', 'Catalogue_ID', 'Password1', 'Password2', 'UserID', 'posting');
foreach ($params as $v) {
global ${$v};
}
$st = new nc_Component(0, 3);
foreach ($st->get_fields() as $v) {
$name = 'f_' . $v['name'];
global ${$name};
if ($v['type'] == 6) {
global ${$name . "_old"};
global ${"f_KILL" . $v['id']};
}
if ($v['type'] == 8) {
global ${$name . "_day"};
global ${$name . "_month"};
global ${$name . "_year"};
global ${$name . "_hours"};
global ${$name . "_minutes"};
global ${$name . "_seconds"};
}
}
$UserID = intval($UserID);
$Checked = intval($Checked);
$ret = 0;
// возврщаемое значение (текст ошибки или 0)
require_once $INCLUDE_FOLDER . "s_files.inc.php";
$is_there_any_files = getFileCount(0, $systemTableID);
$user_table_mode = true;
if ($type == 1) {
$action = "add";
} else {
$action = "change";
$message = $UserID;
}
$Priority += 0;
nc_check_availability_candidates_for_delete_in_multifile_and_delete();
nc_rename_multifile();
require $ROOT_FOLDER . "message_fields.php";
if ($posting == 0) {
return $warnText;
}
require $ROOT_FOLDER . "message_put.php";
if (empty($PermissionGroupID)) {
return CONTROL_USER_FUNC_GROUP_ERROR;
}
// значение, которое пойдет в таблицу User
// для совместимости со старыми версиями
$mainPermissionGroupID = intval(min($PermissionGroupID));
$groups_with_more_rights = $perm->GetGroupWithMoreRights();
//нельзя добавить в группу с большими правами
$add_groups_with_more_rights = array_intersect($PermissionGroupID, $groups_with_more_rights);
if (!empty($add_groups_with_more_rights)) {
return $warnText = NETCAT_MODERATION_ERROR_NORIGHT;
}
eval("\$Login = \$f_{$AUTHORIZE_BY};");
if ($type == 1) {
$Password = $Password1;
for ($i = 0; $i < $fldCount; $i++) {
if (isset(${$fld[$i] . 'Defined'}) && ${$fld[$i] . 'Defined'} == true) {
$fieldString .= "`" . $fld[$i] . "`,";
$valueString .= ${$fld[$i] . 'NewValue'} . ",";
}
}
$insert = "INSERT INTO User ( " . $fieldString;
$insert .= "PermissionGroup_ID, Catalogue_ID, Password, Checked, Created,InsideAdminAccess) values ( " . $valueString;
$insert .= "'" . $mainPermissionGroupID . "', ";
if (isset($_POST['Catalogue_ID'])) {
$insert .= +$_POST['Catalogue_ID'] . ", ";
} else {
$insert .= "0, ";
}
$insert .= $nc_core->MYSQL_ENCRYPT . "('" . $Password . "'),'{$Checked}','" . date("Y-m-d H:i:s") . "', '" . (int) $InsideAdminAccess . "')";
// execute core action
$nc_core->event->execute("addUserPrep", 0);
$Result = $db->query($insert);
$UserID = $db->insert_id;
$message = $UserID;
if ($Result) {
// execute core action
$nc_core->event->execute("addUser", $message);
nc_print_status(CONTROL_USER_NEW_ADDED, 'ok');
foreach ($PermissionGroupID as $v) {
nc_usergroup_add_to_group($UserID, $v);
}
} else {
return CONTROL_USER_NEW_NOTADDED . "<br/>" . sprintf(NETCAT_ERROR_SQL, $db->last_query, $db->last_error);
}
}
if ($type == 2) {
$cur_checked = $db->get_var("SELECT `Checked` FROM `User` WHERE `User_ID` = '" . $UserID . "'");
$update = "update User set ";
for ($i = 0; $i < $fldCount; $i++) {
if ($fldTypeOfEdit[$i] == 3 || $fldTypeOfEdit[$i] == 2 && !nc_field_check_admin_perm()) {
continue;
}
// поле недоступно никому или доступно администратору но нет прав администратора
if (isset(${$fld[$i] . 'Defined'}) && ${$fld[$i] . 'Defined'} == true) {
$update .= $fld[$i] . "=" . ${$fld[$i] . 'NewValue'} . ",";
} else {
$update .= $fld[$i] . "=" . ($fldValue[$i] ? $fldValue[$i] : "NULL") . ",";
}
}
$update .= "Checked=\"" . $Checked . "\",";
$update .= "PermissionGroup_ID=\"" . $mainPermissionGroupID . "\",";
$update .= "InsideAdminAccess=" . (int) $InsideAdminAccess;
if (isset($_POST['Catalogue_ID'])) {
$update .= ", Catalogue_ID=" . (int) $_POST['Catalogue_ID'];
}
$update .= " where User_ID=" . $UserID;
// execute core action
$nc_core->event->execute("updateUserPrep", $UserID);
if ($cur_checked != $Checked) {
$nc_core->event->execute($Checked ? "checkUserPrep" : "uncheckUserPrep", $UserID);
}
$Result = $db->query($update);
// execute core action
$nc_core->event->execute("updateUser", $UserID);
$db->query("DELETE FROM `User_Group` WHERE `User_ID`='" . intval($UserID) . "'");
foreach ($PermissionGroupID as $v) {
nc_usergroup_add_to_group($UserID, $v, 0);
}
// произошла смена состояния пользователя
if ($cur_checked != $Checked) {
$nc_core->event->execute($Checked ? "checkUser" : "uncheckUser", $UserID);
}
}
if (is_array($SQL_multifield)) {
nc_multifield_sql_exec($message, $SQL_multifield);
}
// Обновление в таблице с файлами
if (!empty($filetable_lastid)) {
$db->query("UPDATE `Filetable` SET `Message_ID`='" . $message . "' WHERE ID IN (" . join(',', $filetable_lastid) . ")");
}
// create dir
@mkdir($FILES_FOLDER . "u/", $DIRCHMOD);
/* * */
for ($i = 0; $i < count($tmpFile); $i++) {
eval("\$tmpNewFile[\$i] = \"" . $tmpNewFile[$i] . "\";");
@rename($FILES_FOLDER . $tmpFile[$i], $FILES_FOLDER . $File_Path[$i] . $tmpNewFile[$i]);
@chmod($FILES_FOLDER . $File_Path[$i] . $tmpNewFile[$i], $FILECHMOD);
}
// привязка токена
$nc_token_login = $nc_core->input->fetch_get_post('nc_token_login');
$nc_token_key = $nc_core->input->fetch_get_post('nc_token_key');
if ($nc_token_login && $nc_token_key && $UserID) {
$db->query("INSERT INTO `Auth_Token`\n SET `Login` = '" . $db->escape($nc_token_login) . "',\n `PublicKey` = '" . $db->escape($nc_token_key) . "',\n `User_ID` = '" . $UserID . "' ");
}
$nc_token_destroy = $nc_core->input->fetch_get_post('nc_token_destroy');
if ($nc_token_destroy) {
$nc_auth_token = new nc_auth_token();
$nc_auth_token->delete_by_id($nc_token_destroy);
}
return 0;
}
