Example #1
0
 function user()
 {
     $inputSource = bff::$isAjax ? 'postm' : 'getm';
     $filter = $this->input->{$inputSource}(array('id' => TYPE_UINT, 'c' => TYPE_UINT, 'pp' => TYPE_UINT, 'page' => TYPE_UINT));
     if (!$filter['pp'] || !in_array($filter['pp'], array(10, 20, 30))) {
         $filter['pp'] = 10;
     }
     if (!$filter['page']) {
         $filter['page'] = 1;
     }
     if (!$filter['id']) {
         func::JSRedirect('/');
     }
     $aUserData = $this->db->one_array('SELECT blocked, blocked_reason FROM ' . TABLE_USERS . ' WHERE user_id = ' . $filter['id']);
     if (empty($aUserData)) {
         func::JSRedirect('/');
     }
     if ($aUserData['blocked']) {
         return $this->showForbidden('Аккаунт пользователя заблокирован.' . (!empty($aUserData['blocked_reason']) ? ' <br/><b>Причина:</b><i>' . nl2br($aUserData['blocked_reason']) . '</i>' : ''), 'Аккаунт пользователя заблокирован');
     }
     $sql = array();
     $sql[] = 'I.user_id = ' . $filter['id'];
     $sql[] = 'I.status = ' . BBS_STATUS_PUBLICATED;
     $aData = array();
     $aData['f'] =& $filter;
     extract($filter);
     if ($c > 0) {
         $sql[] = 'I.cat1_id = ' . $c;
     }
     $aData['total_items'] = $this->db->one_data('SELECT COUNT(I.id) FROM ' . TABLE_BBS_ITEMS . ' I 
             ' . (!empty($sql) ? 'WHERE ' . join(' AND ', $sql) : ''));
     $aData['pagenation'] = $this->generatePagenation_Paginator3000($page, $aData['total_items'], 15, '?' . http_build_query($filter) . '&page=%number%', 'bbsUserList.onPage', $sqlLimit);
     $aData['items'] = $this->db->select('SELECT
       I.id, I.status, I.svc, (I.svc = ' . Services::typePremium . ') as premium, I.press, I.user_id,
       I.cat1_id,   CAT1.title as cat1_title,
       I.cat2_id,   CAT2.title as cat2_title,
       I.cat_id,    C.regions as cat_regions, C.prices as cat_prices, C.prices_sett as cat_prices_sett,
       I.cat_type,  CT.title as cat_type_title,
       I.cat_subtype,  CST.title as cat_subtype_title,
       I.imgfav, I.imgcnt, I.price, I.descr, I.descr_regions, I.price, I.price_torg, I.price_bart,
       I.publicated
       FROM ' . TABLE_BBS_ITEMS . ' I
         LEFT JOIN ' . TABLE_BBS_CATEGORIES . ' CAT2 ON I.cat2_id = CAT2.id
         LEFT JOIN ' . TABLE_BBS_CATEGORIES_TYPES . ' CT ON I.cat_type = CT.id
         LEFT JOIN ' . TABLE_BBS_CATEGORIES_SUBTYPES . ' CST ON I.cat_subtype = CST.id
         LEFT JOIN ' . TABLE_BBS_ITEMS_VIEWS . ' IV ON I.id = IV.item_id AND IV.views_date,
         ' . TABLE_BBS_CATEGORIES . ' CAT1,
         ' . TABLE_BBS_CATEGORIES . ' C
       WHERE ' . (!empty($sql) ? join(' AND ', $sql) . ' AND ' : '') . '
             C.id = I.cat_id
         AND CAT1.id = I.cat1_id
       GROUP BY I.id
       ORDER BY premium DESC, I.premium_order DESC, I.publicated_order DESC
     ' . $sqlLimit);
     if (bff::$isAjax) {
         $list = $this->tplFetchPHP($aData, 'search.results.list.php');
         $this->ajaxResponse(array('list' => $list, 'res' => $this->errors->no()));
     }
     $aData['cats'] = $this->db->select('SELECT
       CAT1.id, CAT1.title, COUNT(I.cat1_id) as items
       FROM ' . TABLE_BBS_ITEMS . ' I
         LEFT JOIN ' . TABLE_BBS_CATEGORIES . ' CAT2 ON I.cat2_id = CAT2.id
         LEFT JOIN ' . TABLE_BBS_CATEGORIES_TYPES . ' CT ON I.cat_type = CT.id,
         ' . TABLE_BBS_CATEGORIES . ' CAT1,
         ' . TABLE_BBS_CATEGORIES . ' C
       WHERE ' . (!empty($sql) ? join(' AND ', $sql) . ' AND ' : '') . '
             C.id = I.cat_id
         AND CAT1.id = I.cat1_id
       GROUP BY CAT1.id
       ORDER BY CAT1.title    
     ');
     $this->includeJS(array('jquery.paginator'));
     return $this->tplFetchPHP($aData, 'items.user.php');
 }
Example #2
0
 function forgot()
 {
     $nUserID = $this->security->getUserID();
     if ($nUserID) {
         func::JSRedirect('/user/profile');
     }
     if (bff::$isAjax) {
         switch (func::POST('act')) {
             case 'reg':
                 $aData = $this->input->postm(array('email' => TYPE_STR, 'pass' => TYPE_STR));
                 if (empty($aData['pass']) || strlen($aData['pass']) < 3) {
                     $this->errors->set('password_short');
                     break;
                     //пароль слишком короткий
                 }
                 if ($this->security->checkBan(false, func::getRemoteAddress(), $aData['email'], true)) {
                     $this->errors->set(Errors::ACCESSDENIED);
                     break;
                     //не прошли бан-фильтр
                 }
                 $aData['email_hash'] = func::getEmailHash($aData['email']);
                 if ($this->isEmailExists($aData['email_hash'])) {
                     $this->errors->set('email_exist');
                     break;
                     //email уже занят
                 }
                 $this->getActivationInfo($sCode, $sLink);
                 $nUserID = $this->userCreate(array('login' => $aData['email'], 'email' => $aData['email'], 'email_hash' => $aData['email_hash'], 'password' => $aData['pass'], 'ip_reg' => Func::getRemoteAddress(true), 'activatekey' => $sCode, 'activated' => 0), self::GROUPID_MEMBER);
                 if ($nUserID) {
                     $res = bff::sendMailTemplate(array('password' => $aData['pass'], 'email' => $aData['email'], 'activate_link' => "<a href=\"{$sLink}\">{$sLink}</a>"), 'member_registration', $aData['email']);
                     $this->ajaxResponse(Errors::SUCCESS);
                 }
                 break;
             case 'forgot':
                 $sEmail = $this->input->post('email', TYPE_STR);
                 if (!func::IsEmailAddress($aData['email'])) {
                     $this->errors->set('wrong:email');
                     break;
                     //email не корректный
                 }
                 $nEmailHash = func::getEmailHash($sEmail);
                 if (!$this->isEmailExists($nEmailHash)) {
                     $this->errors->set('email_not_found');
                     break;
                     //email не корректный (не нашли)
                 }
                 $aData = $this->db->one_array('SELECT user_id, email, name FROM ' . TABLE_USERS . ' WHERE email_hash=' . $nEmailHash . ' AND member=1 AND activated = 1 AND blocked = 0');
                 if (empty($aData)) {
                     $this->errors->set('email_not_found');
                     break;
                     //email не корректный (не нашли)
                 }
                 $this->getPassRecoverInfo($sCode, $sLink);
                 $this->db->execute('UPDATE ' . TABLE_USERS . ' SET activatekey = ' . $this->db->str2sql($sCode) . '  WHERE user_id = ' . $aData['user_id']);
                 $aData['password_link'] = "<a href=\"{$sLink}\">{$sLink}</a>";
                 $res = bff::sendMailTemplate($aData, 'member_passforgot', $sEmail);
                 $this->ajaxResponse(Errors::SUCCESS);
                 break;
         }
         $this->ajaxResponse(null);
     }
     return $this->tplFetch('forgot.tpl');
 }
Example #3
0
 function logout($sRedirectURL = SITEURL, $bResetSessionID = true, $sessionKey = '', $sessionPath = '/', $sessionDomain = false)
 {
     $nUserID = $this->getUserID();
     if ($nUserID) {
         $this->clearRememberMe($sessionKey);
         if ($bResetSessionID) {
             global $oDb;
             $oDb->execute('UPDATE ' . TABLE_USERS . ' SET session_id=' . $oDb->str2sql('') . ' WHERE user_id=' . $nUserID);
         }
     }
     //clear session data
     $this->sessionData = array();
     $this->saveSession();
     setcookie(session_name(), FALSE, -1, $sessionPath, '.' . str_replace('http://', '', !empty($sessionDomain) ? $sessionDomain : SITEURL));
     session_destroy();
     if ($sRedirectURL != -1) {
         if (empty($sRedirectURL)) {
             $sRedirectURL = SITEURL;
         }
         func::JSRedirect($sRedirectURL);
     }
 }
Example #4
0
<?php

require '../general.config.php';
bff::sessionStart('a');
if (FORDEV) {
    func::tt_start($tt, $tt_mem);
}
require PATH_CORE . 'init.php';
$oBff = bff::i()->init(false);
if (bff::$class) {
    $htmlCenterArea = $oBff->callModule(bff::$class . '_' . bff::$event, array());
    Errors::i()->assign();
}
if (!$oSecurity->haveAccessToAdminPanel()) {
    func::JSRedirect('index.php?s=users&ev=login');
}
# Формируем меню
require PATH_CORE . 'menu.php';
$oMenu = new CMenu(array('Объявления', 'Пользователи', 'Счета', 'Баннеры', 'Страницы', 'FAQ', 'Работа с почтой', 'Регионы', 'Связь с редактором', 'Меню сайта', 'Настройка сайта'));
$firstUrl = $oMenu->build('declareadminmenu', true);
if (!bff::$class) {
    func::JSRedirect($firstUrl);
}
$oSm->assign('user_login', $oSecurity->getUserLogin());
$oSm->assign_by_ref('center_area', $htmlCenterArea);
$oSm->display('template.tpl', __FILE__, __FILE__);
if (FORDEV) {
    func::tt_finish($tt, $tt_mem);
    echo $oDb->getStatistic();
}
exit;