function saveImage($base64img, $id)
{
define('UPLOAD_DIR', '../../uploads/');
$base64img = str_replace('data:image/jpeg;base64,', '', $base64img);
$data = base64_decode($base64img);
$file = UPLOAD_DIR . 'thuphat.jpg';
if (file_put_contents($file, $data)) {
$user_obj = new user();
if ($user_obj->updateUser('', '', '', '', '', '', '', 'thuphat1231ssssss111â.jpg', $id)) {
echo "true";
} else {
echo "false";
}
} else {
echo "false";
}
}
<?php
require_once "../apps/User.php";
$u = new user();
if (!empty($_POST['email']) && !empty($_POST['password']) && !empty($_POST['cn']) && !empty($_POST['c']) && !empty($_POST['st']) && !empty($_POST['l']) && !empty($_POST['o']) && !empty($_POST['ou']) && !empty($_POST['tel'])) {
if ($u->register($_POST['email'], $_POST['password'], $_POST['c'], $_POST['st'], $_POST['l'], $_POST['o'], $_POST['ou'], $_POST['cn'], $_POST['tel'])) {
header("refresh:2;url=login.php");
echo "Register With success";
} else {
header("Location: register.html?error=yes");
}
} elseif (isset($_POST['email']) && isset($_POST['password'])) {
if ($u->login($_POST['email'], $_POST['password'])) {
header("Location: index.php");
} else {
header("Location: login.php?error=yes");
}
} elseif (!empty($_POST['cn']) && !empty($_POST['c']) && !empty($_POST['st']) && !empty($_POST['l']) && !empty($_POST['o']) && !empty($_POST['ou']) && !empty($_POST['tel'])) {
if ($u->updateUser($_POST['c'], $_POST['st'], $_POST['l'], $_POST['o'], $_POST['ou'], $_POST['cn'], $_POST['tel'])) {
header("Location: profile.php?update=ok");
} else {
header("Location: profile.php?error=yes");
}
} elseif (!empty($_POST['subj']) && !empty($_POST['type']) && !empty($_POST['len']) && !empty($_POST['d']) && !empty($_POST['hash'])) {
if ($u->demande($_POST['hash'], $_POST['len'], $_POST['subj'], $_POST['type'], $_POST['d'])) {
header("Location: demande.php?add=ok");
} else {
header("Location: demande.php?error=yes");
}
}
} elseif ('detail' === $_GET['action']) {
if ($user->issetUser("id IN (" . secure::escQuoteData($_GET['id']) . ") AND token IN ('active','archived','moderate','new')")) {
// удаление пользователя
if (isset($_POST['delete'])) {
$delNews = isset($_POST['news']) ? true : false;
$delArticles = isset($_POST['articles']) ? true : false;
$user->deleteUsers(array($_GET['id']), true, true, true, $delArticles, $delNews);
messages::messageChangeSaved(MESSAGE_CHANGE_SAVED, false, CONF_ADMIN_FILE . '?m=users&s=manager');
} elseif (isset($_POST['saveUserData'])) {
if (!empty($_POST['conf']['user_type']) && !empty($_POST['conf']['user_group']) && !empty($_POST['user']['first_name']) && !empty($_POST['user']['last_name']) && !empty($_POST['user']['phone'])) {
$strWhere = "id IN (" . secure::escQuoteData($_GET['id']) . ")";
// Основные данные пользователя
$uData = $_POST['user'];
// Доп. данные пользователя
$ucData = $_POST['conf'];
$user->updateUser($uData, $strWhere);
$user->updateConfUser($ucData, $strWhere);
messages::messageChangeSaved(MESSAGE_CHANGE_SAVED, false, CONF_ADMIN_FILE . '?m=users&s=manager&action=detail&id=' . $_GET['id']);
} else {
$arrErrors[] = ERROR_USER_REQUIRED_FIELDS_IS_EMPTY;
}
} elseif (isset($_POST['saveCompanyData'])) {
//var_dump($_FILES);
//exit;
// получаем данные пользователя (нужны для проверки)
$userData = $user->getCombinedUserData($_GET['id']);
// если передан логотип для загрузки, пытаемся его загрузить
if (!empty($_FILES['cLogo']['name'])) {
// проверяем существование файла с таким же именем, и принадлежит ли он текущему пользователю
if (!file_exists('uploads/images/logo/' . $_FILES['cLogo']['name']) || $_FILES['cLogo']['name'] == $userData['logo']) {
if (!$user->loadLogo('cLogo', 'uploads/images/logo/')) {
$responce = array('status' => 'failed', 'error' => $error_message, 'data' => array());
}
} else {
$responce = array('status' => 'failed', 'error' => 'Data missing', 'data' => array());
}
} else {
if ($form_id == 39) {
///admin/owner change password
if (isset($_POST['password']) and !empty($_POST['password'])) {
$password = $_POST['password'];
//mysql_real_escape_string($_POST['password']);
$user = new user();
$user->id = $_SESSION['user_id'];
$user->getUser();
$user->password_hashed = md5($password);
if ($user->updateUser()) {
$mail = new mail();
$mail->send_password_changed_notification_mail($user->user_name);
$message = "Password Updated Successfuly";
$responce = array('status' => 'success', 'error' => '', 'data' => array("message" => $message, "id" => $user->id));
} else {
$description = "Password update failed, Stock : " . $user->to_string();
Log::e($tag, $description);
$mysql_error = mysql_error();
if (empty($mysql_error)) {
$error_message = 'Some server error occured';
} else {
$error_message = $mysql_error;
}
$responce = array('status' => 'failed', 'error' => $error_message, 'data' => array());
}
$city = $_POST['city'];
$state = $_POST['state'];
$zip = $_POST['zip'];
/*
echo '<br/><br/><br/><br/><br/><br/><br/>';
echo '--->' . $fname . '<br/>';
echo '--->' . $lname . '<br/>';
echo '--->' . $phone . '<br/>';
echo '--->' . $job_title . '<br/>';
echo '--->' . $speciality . '<br/>';
echo '--->' . $speciality2 . '<br/>';
echo '--->' . $city . '<br/>';
echo '--->' . $state . '<br/>';
echo '--->' . $zip . '<br/>';
*/
$result = $objUser->updateUser($userid, $fname, $lname, $phone, $job_title, $speciality, $speciality2, $city, $state, $zip);
if ($result == true) {
$outputMessage = '
<div style="text-align:center">
<div class="alert alert-success alert-dismissible" role="alert" style="width:100%;">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button>
<strong>Success!</strong> Profile is updated successfully.
</div></div>';
} else {
$outputMessage = '
<div style="text-align:center">
<div class="alert alert-danger alert-dismissible" role="alert" style="width:100%;">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button>
<strong>Oh snap!</strong> Something went wrong!
</div></div>';
}
<?php
require_once '../classes/connection.class.php';
require_once '../classes/user.class.php';
require_once '../classes/locate.class.php';
if (isset($_POST['submit'])) {
$user_id = $_POST['user_id'];
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
}
$updateUserObject = new user();
$updateUserObject->setUserID($user_id);
$updateUserObject->setUsername($username);
$updateUserObject->setPassword($password);
$updateUserObject->setEmail($email);
$flag = $updateUserObject->updateUser();
/*echo '<pre>';
print_r($updateUserObject);
echo '</pre>';
exit;*/
if ($flag) {
$_SESSION['user_updated'] = $err = "The user has been updated successfully";
new Locate('../index.php?page=user&action=view');
} else {
$_SESSION['user_not_updated'] = $err = "The user couldn't be updated";
new Locate('../index.php?page=user&action=view');
}
if (token::check(input::get('token'))) {
$validate = new validate();
$validation = $validate->check($_POST, array('Password' => array('required' => true, 'min' => 6), 'password_again' => array('required' => true, 'matches' => 'Password')));
if ($validation->passed()) {
//session::flash('success','You registered successfully!');
//header('Location: index.php');
$user = new user(null, $_log);
$salt = hash::salt(32);
if ($data = $_db->get('Users', array('Username', '=', $username))) {
//var_dump($data);
if ($data->counts() > 0) {
if ($data->first()->User_Verified == 0) {
if ($data->first()->Confirm_Hash == $confirmCode) {
$oldUser = $data->first()->Old_User;
try {
$user->updateUser(array('Password' => hash::make(input::get('Password'), $salt), 'Salt' => $salt, 'User_Verified' => 1, 'Confirm_Hash' => null, 'Old_User' => null), $_GET['Username']);
session::flash('home', 'Your password has been created');
$_log->info('Username verified: ' . $username);
// Will be logged
if ($oldUser !== null) {
try {
if ($user->delete($oldUser)) {
$_log->info('Old user deleted: ' . (string) $oldUser);
} else {
$_log->warning('Old user NOT deleted: ' . (string) $oldUser);
}
} catch (Exception $e) {
var_dump($e->getMessage());
$_log->info($e->getMessage());
die($e->getMessage());
}
}
} else {
echo ajax::sdgJSONencode(array('error' => ERROR_UPDATES_REQUEST_UNDEFINED_ACTION));
}
} elseif (!empty($_POST['maintenance'])) {
$maintenance = $_POST['maintenance'] == 'on' ? 'true' : 'false';
$data = "<?php\n\n" . "(!defined('SDG')) ? die ('Triple protection!') : null;\n\n" . 'define("CONF_SERVICE_ADMINISTRATION_MAINTENANCE", ' . $maintenance . ');' . "\n";
echo !tools::saveConfig('core/conf/const.config.service.php', $data, false) ? 'false' : 'true';
} elseif (!empty($_POST['mailFile']) && !empty($_POST['mailText']) && !empty($_POST['pathMailTemplates'])) {
$_POST['mailFile'] = $_POST['pathMailTemplates'] . str_replace('_', '.', $_POST['mailFile']) . '.txt';
// формируем имя файла
echo tools::saveMailTemplateFile($_POST['mailFile'], $_POST['mailText']);
} elseif (!empty($_POST['uID']) && !empty($_POST['userType']) && !empty($_POST['userGroup'])) {
$user = new user();
$user->changeTable('conf_users');
$response = !$user->updateUser(array('user_type' => $_POST['userType'], 'user_group' => $_POST['userGroup']), "id IN (" . secure::escQuoteData($_POST['uID']) . ")") ? db::$message_error : 'true';
$user->changeTable('users', USR_PREFIX);
echo $response;
} elseif (!empty($_POST['getArticleDetail']) && !empty($_POST['strQuery'])) {
$articles = new articles();
$arrArticle = $articles->getArticle("id IN (" . secure::escQuoteData($_POST['getArticleDetail']) . ")");
$aComments = new articlesComments();
$arrOrder = array('datetime' => 'DESC');
$arrComments = $aComments->getRecords("id_article=" . secure::escQuoteData($_POST['getArticleDetail']) . " AND token='active'", $arrOrder, false, false);
// адресная строка
$smarty->assignByRef('qString', $_POST['strQuery']);
$smarty->assignByRef('arrArticle', $arrArticle);
$smarty->assignByRef('arrComments', $arrComments);
$smarty->display('adm.manager.articles.detail.tpl');
} elseif (!empty($_POST['getNewsDetail']) && !empty($_POST['strQuery'])) {
$news = new news();
// SET - e.g. UPDATE USER
////////////////////////////////////////////////////
if ($_POST['action'] == 'set') {
if (isset($_POST['user-id']) && isset($_POST['user-forename']) && isset($_POST['user-lastname']) && isset($_POST['user-email'])) {
// Validate and sanitise
$userID = (int) $_POST['user-id'];
$foreName = $_POST['user-forename'];
$lastName = $_POST['user-lastname'];
$email = $_POST['user-email'];
// validate email
if (!$user->isValidEmailAddress($email)) {
echo json_encode(array('result' => false, 'msg' => 'Invalid email address'));
exit;
}
// OK update the user
$result = $user->updateUser($userID, $foreName, $lastName, $email);
echo json_encode(array('result' => true));
exit;
} else {
echo json_encode(array('result' => false));
exit;
}
}
////////////////////////////////////////////////////
// UPDATE PASSWORD
////////////////////////////////////////////////////
if ($_POST['action'] == 'setPassword' && isset($_POST['user-id']) && isset($_POST['user-password1']) && isset($_POST['user-password2'])) {
// Validate and sanitise
$userID = (int) $_POST['user-id'];
$password1 = trim(htmlentities($_POST['user-password1']));
$password2 = trim(htmlentities($_POST['user-password2']));
<?php
require_once '../../models/config.php';
require_once '../../models/class.php';
require_once '../../models/class-user.php';
if (isset($_POST['act'])) {
switch ($_POST['act']) {
case "update":
if (isset($_POST['user']) && isset($_POST['pass']) && isset($_POST['fullname'])) {
$user_obj = new user();
$user = $_POST['user'];
$pass = md5($_POST['pass']);
$fullname = $_POST['fullname'];
$id = $_POST['id'];
if ($user_obj->updateUser($user, $pass, $fullname, $id)) {
header("Location: ../index.php?view=list-user&stt=success");
} else {
header("Location: ../index.php?view=list-user&stt=fail");
}
}
break;
case "xoa":
$id = $_POST['id'];
$user_obj = new user();
if ($user_obj->delUser($id)) {
header("Location: ../index.php?view=list-user&stt=success");
} else {
header("Location: ../index.php?view=list-user&stt=fail");
}
break;
default:
$user->addUser();
$returnData = array('Success' => true, 'msg' => "Successfully added new user!");
echo json_encode($returnData);
} catch (Exception $e) {
//return error msg to view.
$returnData = array('Success' => false, 'msg' => "An error occured unable to add new user!");
http_response_code(500);
echo json_encode($returnData);
}
} elseif (isset($_REQUEST['update'])) {
try {
$putdata = file_get_contents("php://input");
$data = json_decode($putdata, true);
$user = new user($dbc);
$user->setProperties($data);
$user->updateUser();
$returnData = array('Success' => true, 'msg' => "Successfully updated user!");
echo json_encode($returnData);
} catch (Exception $e) {
$returnData = array('Success' => false, 'msg' => "An error occured unable to update user!");
http_response_code(500);
echo json_encode($returnData);
}
} elseif (isset($_REQUEST['setInactive'])) {
try {
$putdata = file_get_contents("php://input");
$data = json_decode($putdata, true);
$user_id = $data;
$user = new user($dbc, $user_id);
$user->setInactive();
$returnData = array('Success' => true, 'msg' => "Successfully de-activated user!");
<?php
require_once '../../models/config.php';
require_once '../../models/class.php';
require_once '../../models/class-user.php';
if ($_GET['id'] and $_GET['data']) {
$id = $_GET['id'];
$data = $_GET['data'];
$key = $_GET['key'];
$user = new user();
if ($key == "user") {
if ($user->updateUser($data, '', '', '', '', '', '', '', $id)) {
echo "true";
} else {
echo "false";
}
} elseif ($key == "email") {
if ($user->updateUser('', '', '', $data, '', '', '', '', $id)) {
echo "true";
} else {
echo "false";
}
} elseif ($key == "fullname") {
if ($user->updateUser('', '', $data, '', '', '', '', '', $id)) {
echo "true";
} else {
echo "false";
}
} elseif ($key == "status") {
if ($user->updateUser('', '', '', '', '', '', $data, '', $id)) {
echo "select-true";
