/**
* @return bffBase object
*/
function init($isFrontend = true)
{
global $oDb, $oSm, $oSecurity;
self::$isFrontend = $isFrontend;
self::$isAjax = func::isAjaxRequest();
self::$isPost = func::isPostMethod();
if ($isFrontend) {
define('TPL_PATH', PATH_BASE . 'tpl/main/');
$oSm->template_dir = TPL_PATH;
} else {
define('TPL_PATH', PATH_BASE . 'tpl/main/admin/');
define('THEME_URL', SITEURL . '/styles/default');
//default admin theme!
$oSm->template_dir = TPL_PATH;
}
spl_autoload_register(array('bffBase', 'autoload'));
$oSecurity->checkExpired();
if (!defined('THEME_URL')) {
define('THEME_URL', SITEURL . '/styles/' . THEMES_DEFAULTTHEME_KEY);
}
$oSm->assign('theme_url', THEME_URL);
$oSm->assign('class', self::$class = substr(strtolower(func::GETPOST('s')), 0, 30));
$oSm->assign('event', self::$event = substr(strtolower(func::GETPOST('ev')), 0, 30));
$oSm->assign_by_ref('tplJSIncludes', self::$includesJS);
$oSm->assign_by_ref('tplCSSIncludes', self::$includesCSS);
bff::initApp($isFrontend);
return $this;
}
function user_ajax()
{
if (!($nRecordID = $this->input->id('rec', 'gp'))) {
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
if (func::isAjaxRequest(null)) {
switch (Func::GETPOST('action')) {
case 'avatar-delete':
if (!$this->haveAccessTo('users-edit')) {
$this->ajaxResponse(Errors::ACCESSDENIED);
}
$avatar = new CAvatar(TABLE_USERS, USERS_AVATAR_PATH, 'avatar', 'user_id');
$avatar->delete($nRecordID, true);
$this->ajaxResponse(Errors::SUCCESSFULL);
break;
case 'user-info':
$aData = $this->db->one_array('SELECT U.*, C.title as city, R.region_id, R.title as region
FROM ' . TABLE_USERS . ' U
LEFT JOIN ' . TABLE_CITY . ' C ON U.city_id=C.city_id
LEFT JOIN ' . TABLE_REGION . ' R ON C.region_id=R.region_id
WHERE U.user_id=' . $nRecordID . ' LIMIT 1');
$aData['tuid'] = $this->makeTUID($nRecordID);
$aData['sendmsg'] = 0;
//($this->security->isAdmin() || $aData['im_noreply'] == 0);
$this->tplAssignByRef('aData', $aData);
$this->adminCustomCenterArea();
$this->tplDisplay('admin.user.info.tpl');
exit;
break;
case 'user-block':
if (!$this->haveAccessTo('users-edit') || $this->security->isCurrentUser($nRecordID)) {
$this->ajaxResponse(Errors::ACCESSDENIED);
}
$sReason = mb_strcut(Func::POSTGET('blocked_reason', true), 0, 300);
$nBlocked = Func::POSTGET('blocked') ? 1 : 0;
$this->db->execute('UPDATE ' . TABLE_USERS . '
SET blocked_reason = ' . $this->db->str2sql($sReason) . ',
blocked = ' . $nBlocked . '
WHERE user_id = ' . $nRecordID);
$this->ajaxResponse(Errors::SUCCESSFULL);
break;
}
}
$this->ajaxResponse(Errors::IMPOSSIBLE);
}
